Privacy: Use of session replay scripts means many websites essentially have built in keyloggers

Discussion in 'privacy general' started by ronjor, Nov 21, 2017.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    61,556
    Location:
    Texas
    By Mark Wycislik-Wilson

     
  2. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,933
  3. rollers

    rollers Registered Member

    Joined:
    Sep 13, 2004
    Posts:
    453
    Any ideas what would counter this? No script? Ad block?
     
  4. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,849
    Location:
    Slovakia
    Indeed, just blocking third party scripts should do. Just, well it is not as easy to do, it is a pain to setup and live with (virtually every webpage broken), but that is the price for the privacy.
     

    Attached Files:

  5. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    105
    Location:
    Some country in the European Union
    They must be Javascript scripts, so any add-on blocking scripts would be effective, but not easy to live with.
    Ad-block probably would block some, but you don't have assurence that it would block every one of them.
     
  6. rollers

    rollers Registered Member

    Joined:
    Sep 13, 2004
    Posts:
    453
    Thanks, l looked up that add on but unfortunately its not on Firefox which is what I use
     
  7. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,873
    Ummm, maybe don't type what you don't want known?

    Or, anyway, if it can be linked to you. Compartmentalize!
     
  8. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,849
    Location:
    Slovakia
    Code:
    https://noscript.net/
     
  9. JoWazzoo

    JoWazzoo Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    18
    Location:
    Ether
    Time to implement my sooper special Rule QQQQ (tm JoWazzoo) I guess.

    But I can see cases where I DO want to enter a form for some purpose. If blocked by one of my Rules (e.g. QQQQ) the form does not get submitted. On the other hand, if I knew ahead of time my form data WILL be scarfed by a third party in the form of key logging .... well ..... what to do? I don't want that to happen. Who would?

    I do not think that Don't type is the answer. The answer is in fact that for privacy reasons FEW, if any, users would knowingly allow this. Nor expect this. I am NOT a lawyer (thank God) but this has to be illegal.
     
  10. rollers

    rollers Registered Member

    Joined:
    Sep 13, 2004
    Posts:
    453
    I did some searching and found the answer for Firefox 57 (quantum users) as there is protection built in already that they developed in the Tor browser. It is explained here https://www.bleepingcomputer.com/ne...-makes-it-into-firefox-first-party-isolation/
    I have now turned this on and not had any problem with logging into any sites. Together with Ghostery, I am hopeful that there is more protection
    Also, in early 2018 they are implementing a block for canvas fingerprinting on version 58, another step in the right direction
     
Loading...