Piwik countermeasures?

Discussion in 'privacy technology' started by Uitlander, Nov 23, 2017.

  1. Uitlander

    Uitlander Registered Member

    Joined:
    May 16, 2010
    Posts:
    108
    Location:
    Albany, CA
  2. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    246
    Hmmm ... so the fellow in that blog just renamed all the files so that there were no reference to "piwik" anymore.
    Only thing that comes to mind (besides adding these "new" trackers to blocklist) is go to the source and cripple the actual
    JavaScript code. Example, here is piwiks API: https://developer.piwik.org/api-reference/tracking-javascript

    When I was still developing my own browser I could do some JavaScript DOM tree manipulation before
    the content was actually rendered and exexcuted on screen. But because no donations and no help....well...********

    Should be possible for other browser/extension makers to make something similar.
    (For example: setting Piwik.getTracker = null or something similar just before javascript execution time)

    Of course, that won't work against non-JavaScript tracking ....

    EDIT: Actually, the php tracking part (for those with JS disabled) of that piwik can also be crippled. All browser/extension maker has to do is remove the <noscript> tags before rendering & executing content on screen.
     
    Last edited: Nov 24, 2017
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,883
    Location:
    The Netherlands
  4. airmailer

    airmailer Registered Member

    Joined:
    Dec 2, 2017
    Posts:
    1
    Location:
    UK
    uMatrix seems to get this, if you block the XHR section.
     
  5. Uitlander

    Uitlander Registered Member

    Joined:
    May 16, 2010
    Posts:
    108
    Location:
    Albany, CA
    I expect Stefan Froberg would be able to answer that better than me. I just barely recognize this as a new (or is it just improved?) threat to those very few of us that care about privacy. So far as I can determine, it seems to carry over, and not be confined to just a single site.