experchange > mac.apps

Arlen Holder (01-16-20, 04:39 AM)
Chrome's director of engineering, Justin Schuh, said the company intends to
phase out support for third-party cookies 'within two years.'
o Building a more private web: A path towards making third party cookies obsolete
<https://blog.chromium.org/2020/01/building-more-private-web-path-towards.html>

o Google wants to kill cookies. Here's what that means
<https://www.cnn.com/2020/01/15/tech/google-chrome-cookies/index.html>
Most other popular browsers, including Apple's Safari and Mozilla's
Firefox, already impose stricter restrictions on internet tracking, and
Google's announcement came a day before Microsoft debuted its new Edge
browser, which is built on Chrome's code but with greater restrictions on
cookies.
Mark Lloyd (01-16-20, 07:34 PM)
On 1/15/20 8:39 PM, Arlen Holder wrote:
> Chrome's director of engineering, Justin Schuh, said the company intends to
> phase out support for third-party cookies 'within two years.'
> o Building a more private web: A path towards making third party cookies obsolete
> <https://blog.chromium.org/2020/01/building-more-private-web-path-towards.html>


IIRC, it's been a decade since I had to enable third-party for any site.

[snip]
Arlen Holder (01-16-20, 10:20 PM)
On Thu, 16 Jan 2020 11:34:59 -0600, Mark Lloyd wrote:

> IIRC, it's been a decade since I had to enable third-party for any site.


You bring up a good point in that NOBODY enables 3rd-party cookies anyway.
So why do they even exist then?

I guess the answer is people don't know what to set or unset.
I'm confused myself, as, for example, I don't know how to set trackers.

My "philosophy" is to not set anything that phones to a central server.
So, for example, I'm unsure of what a "do not track" should be set to.

On the one hand, of course I don't want to be tracked.
But I don't want to have a tell-tale setting that tracks my request not to
track - which - just by me saying that - indicates I'm confused (and I am).

Likewise, for blocking ads "on sites that show intrusive or misleading
ads", where I'm confused if that also has to phone to a central server.

Same confusion with the setting for "Allow recently closed sites to finish
sending and receiving data"; what is the most private setting for that?

Same question with Automatic Downloads (e.g., "Ask when a site tries to
download files automatically after the first file"). What's the right
(privacy-based) setting for that? And also for "continue running background
apps when the browser is closed".

How do we know what's the safest "privacy-based" setting anyway?

More confusion with "Allow sites to ask to become default handlers for
protocols", where I don't even know what they're asking of me.

More confusion with "Allow identifiers for protected content" in that I
don't even know what they're asking of me.

And they often ask if they should check for "certificates", where I never
know if I'm supposed to say to check them all the time or only once.

How is someone supposed to know what the best settings are for privacy?
Mayayana (01-17-20, 01:08 AM)
"Mark Lloyd" <not> wrote

| >
<https://blog.chromium.org/2020/01/building-more-private-web-path-towards.html>
|
| IIRC, it's been a decade since I had to enable third-party for any site.
|

It's a classic scam, anyway. Google doesn't need 3rd-party
cookies. Unless people put over a dozen domains in their
HOSTS file, Google can track nearly every website visited.
They do it by offering free services to webmasters, who then
put Google code on their site. Maps, recaptcha, fonts,
analytics, jquery... and that's not even counting their ad
tracking. So the plan to block 3rd-party cookies is just a
clever way to make all other ad/spyware companies dependent
on them for tracking data.

The real question is why doesn't Mozilla block 3rd part cookies
by defgault and set 1st-party to delete when the browser is
closed by default.

This is what I have blocked for Google:

127.0.0.1 *.googlesyndication.com
127.0.0.1 *.googleadservices.com
127.0.0.1 *.googlecommerce.com
127.0.0.1 *.scorecardresearch.com
127.0.0.1 *.1e100.com
127.0.0.1 *.1e100.net
127.0.0.1 *.doubleclick.net
127.0.0.1 *.doubleclick.com
127.0.0.1 *.googletagservices.com
127.0.0.1 *.googletagmanager.com
127.0.0.1 *.google-analytics.com
127.0.0.1 google-analytics.com
127.0.0.1 fonts.googleapis.com
127.0.0.1 *.2mdn.net
127.0.0.1 googleadapis.l.google.com
127.0.0.1 *.gstatic.com
127.0.0.1 plusone.google.com
127.0.0.1 cse.google.com
127.0.0.1
127.0.0.1
127.0.0.1 *.appspot.com
Shadow (01-17-20, 02:30 AM)
On Thu, 16 Jan 2020 18:08:45 -0500, "Mayayana"
<mayayana> wrote:

[..]
>127.0.0.1
>127.0.0.1
>127.0.0.1 *.appspot.com


Are you sure you can use "*" IOW wildcards in a hosts file?
Also, I didn't think it blocked sub-domains.

My Google-is-Evil list is MUCH bigger than yours, but each
domain is specified.

I also block FaceKook trackers and M$.
And a few other criminal organizations...
[]'s
Paul (01-17-20, 03:56 AM)
Mayayana wrote:
> "Mark Lloyd" <not> wrote
> | >
> <https://blog.chromium.org/2020/01/building-more-private-web-path-towards.html>
> |
> | IIRC, it's been a decade since I had to enable third-party for any site.
> |
> It's a classic scam, anyway. Google doesn't need 3rd-party cookies.


Exactly.

I have had browser experiences here, where I'm told
"you have to turn on cookies" when the cookie setting
has been set to ON forever.

Web sites won't use cookies, even if you leave a plate of
them out on the table with a glass of milk.

What they're complaining about is DOM storage or some other
thing that doesn't work for them. In other words, the
resources that they are really abusing.

I wouldn't be surprised to see:

We at Google are deprecating cookies.

And adding new features we call mookies and wookies,
which will be stored inside obscure database formats
for our own pleasure.

And we're not telling you what's in there either.

Paul
Mayayana (01-17-20, 04:23 AM)
"Shadow" <Sh> wrote

| Are you sure you can use "*" IOW wildcards in a hosts file?
| Also, I didn't think it blocked sub-domains.
|
| My Google-is-Evil list is MUCH bigger than yours, but each
| domain is specified.
|

Yes. It doesn't work in HOSTS. That's from my Acrylic
HOSTS file. Acrylic is a DNS proxy program. I've mentioned
it several times so I figured people knew.

But actually, last week I switched to Unbound, which I
would highly recommend.

Long story short: Unbound is a popular DNS resolver. It's
used in corporate, often on Linux systems, and is very
highly regarded. You can use it to call the DNS server of your
choice or let it call the top-level servers to find the server
that will resolve the particular URL you want to get to.

It's very tricky to set up, but once I figured out a working
config it's worked perfectly. (I posted about it recently in
the XP/7 groups but no one seemed to be interested.)
Instead of setting DNS servers in network settings you set
DNS to 127.0.0.1. Then a proxy or resolver gets the DNS
request and makes the call.

Another interesting aspect is that encryption is becoming
popular for DNS. Acrylic can do that but only in recent
Windows versions. It depends on Windows Internet functions.
Unbound has it's own libraries, written from scratch. It also
has functionality similar to HOSTS. In the past, DNS has been
in the open. Loading a page via https is encrypted, but the
request to the DNS server is in the open, which allows your
ISP to see the request and possibly serve from their cache.
Anyone else along the line could also see the URL you're
going to. With Unbound the DNS request can be encrypted. It
works on XP, too. And I set up a filter. Unbound's version
of HOSTS is a bit clunky in terms of syntax, but it will
handle either top-level or subdomains:

gstatic.com
fonts.google.com

So I only need 300-400 entries to block virtually all trackers
and ads, rather than thousands in a typical HOSTS file.

doubleclick.net
doubleclick.com
googletagservices

That's a big chunk right there. I also wrote a little VBScript
to convert my HOSTS to Unbound version. I didn't quite
get that polished up, but the conversion is not difficult.
Spamblk (01-17-20, 06:17 PM)
"Mayayana" <mayayana> wrote in
<news:2031>:

> So I only need 300-400 entries to block virtually all trackers
> and ads, rather than thousands in a typical HOSTS file.
> doubleclick.net
> doubleclick.com
> googletagservices
> That's a big chunk right there. I also wrote a little VBScript
> to convert my HOSTS to Unbound version. I didn't quite
> get that polished up, but the conversion is not difficult.


I am also blocking (but in my adblocker):

ggpht.com
blogspot.com
sb-ssl.l.google.

I do some DNS blocking mainly for URL shortners such as goo.gl but
DNS blocking I find is less easy to start/stop and sometimes, unfortunately,
the hated Google has to be enabled for some sites to work.
Spamblk (01-17-20, 06:20 PM)
Paul <nospam> wrote in <news:6b81>:

> What they're complaining about is DOM storage or some other
> thing that doesn't work for them. In other words, the
> resources that they are really abusing.
> I wouldn't be surprised to see:
> We at Google are deprecating cookies.
> And adding new features we call mookies and wookies,
> which will be stored inside obscure database formats
> for our own pleasure.
> And we're not telling you what's in there either.
> Paul


Or 1 pixel GIFs, unique IDs in http headers. Google might give up what they
call cookies, but aint gonna give up tracking anytime soon.
Arlen Holder (01-17-20, 06:28 PM)
On Thu, 16 Jan 2020 20:56:20 -0500, Paul wrote:

> What they're complaining about is DOM storage or some other
> thing that doesn't work for them. In other words, the
> resources that they are really abusing.


Slate has a decent description, which contains this quote:
"Google's motives are perhaps not as benevolent as Schuh claims."

o What Google's Latest Data Privacy Announcement Actually Means
<https://slate.com/technology/2020/01/google-chrome-cookies-phase-out.html>
"It's the company with vast pre-existing stores of personal data¡Xand
other means of acquiring more that doesn't seem to have much to lose."
Paul (01-17-20, 06:32 PM)
Arlen Holder wrote:
> On Thu, 16 Jan 2020 20:56:20 -0500, Paul wrote:
> Slate has a decent description, which contains this quote:
> "Google's motives are perhaps not as benevolent as Schuh claims."
> o What Google's Latest Data Privacy Announcement Actually Means
> <https://slate.com/technology/2020/01/google-chrome-cookies-phase-out.html>
> "It's the company with vast pre-existing stores of personal data¡Xand
> other means of acquiring more that doesn't seem to have much to lose."


If nobody seems to be using cookies, it's pretty
safe to defuse them.

It would be different, if cookies seemed to still be
functional. If I can leave cookies enabled, and some
stupid web page says "Please turn on cookies", you just
know there is some disconnect going on here.

The stuff that really does the tracking, will remain.

Paul
Mayayana (01-18-20, 03:24 AM)
"Spamblk" <ZapSpam> wrote

| I do some DNS blocking mainly for URL shortners such as goo.gl but
| DNS blocking I find is less easy to start/stop and sometimes,
unfortunately,
| the hated Google has to be enabled for some sites to work.
|

I don't generally have problems, but I have found
that their recaptcha is completely invisible if you
don't allow gstatic.com and maybe some others.
On the other hand, I don't really use sites where I
need to "prove I'm a human".
Arlen Holder (01-18-20, 08:35 PM)
On Fri, 17 Jan 2020 20:24:10 -0500, Mayayana wrote:

>| I do some DNS blocking mainly for URL shortners such as goo.gl but
>| DNS blocking I find is less easy to start/stop and sometimes,
> unfortunately,
>| the hated Google has to be enabled for some sites to work.
>|
> I don't generally have problems, but I have found
> that their recaptcha is completely invisible if you
> don't allow gstatic.com and maybe some others.
> On the other hand, I don't really use sites where I
> need to "prove I'm a human".


I use the MVP Hosts file which seems to work reasonably well.
<http://winhelp2002.mvps.org/hosts.txt>

I create an App Paths key to enable "Start Run" commands:
<HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ap p Paths\hosts.exe>
default = C:\windows\system32\drivers\etc\hosts

And then I enter "hosts" into "Start > Run".

I forget offhand what "magic" I used to enable extensionless files to open
in VIM as administrator, but that will otherwise ask the normal user what
editor they prefer; but they might need to edit the file as administrator:
Start > Run > cmd[Ctl+Shift+Enter]
[Note the magic of the "control+shift+enter" versus plain old "enter".]
vim C:\windows\system32\drivers\etc\hosts

As for captcha, it's needed a lot when you're always on VPN, particularly
when you have over 5,000 public VPN servers set up on your machine.
Similar Threads