Comments on: ShareMeNot: Firefox plugins takes the tracking out of social media buttons

By: unklstuart

unklstuart — Fri, 29 Jul 2011 20:06:00 +0000

What is the effective result? Less data collected about me, I assume. And when I frequent those sites, the ads will be less relevant to my interests?

By: SamSam

SamSam — Fri, 29 Jul 2011 19:36:00 +0000

BoingBoing, stop allowing Facebook to spy on us! Defang these buttons server-side!

By: t3kna2007

t3kna2007 — Fri, 29 Jul 2011 19:00:00 +0000

> … and ANY site which includes a *.facebook.com script permits
> the script instead of blocking it.

According to the author of NoScript, you can get around this using NoScript’s ABE feature (“Application Boundaries Enforcer”), under NoScript Options > Advanced > ABE. The general approach is to write ABE rules to allow loading of Facebook files only when on a Facebook page and to block Facebook files otherwise; then allow Javascript for *facebook.com in NoScript’s Javascript permission list, permanently. This works because NoScript checks ABE rules first, to decide whether to even load those files, before it checks your JS permission list to decide whether to execute them.

It’s complicated and takes a while to get it set up right, for all the related domains used to deliver Facebook content, but there’s help available on the NoScript forum.

This also works with Disqus. I’ve heard. ;)

By: menton

menton — Fri, 29 Jul 2011 16:36:00 +0000

Nice, but only a second or third best solution. Sites should not help others spy on their users in the first place. Third party hosted and updated buttons are handy of course. You paste the code and they do the rest. Sites manually blocking that is only second best (but easy so BoingBoing should still do that today!). But even better would be to construct a privacy standard for such buttons. I suggest two features:
1. no third party hosted button images. The preformatted code copied and pasted from the third parties should instead include textencoded images.
2. third party button code should have a related rss link where updated button code is distributed. Sites that deem it safe to do so could have scripts autoimport and update the button code from that RSS.

By: chad

chad — Fri, 29 Jul 2011 14:20:00 +0000

Incognito for Safari 5 is something that I’ve been using for a while.

As I understand it, it does a very similar, if not the same, job.

[http://www.orbicule.com/incognito/]

By: ComradeQuestions

ComradeQuestions — Fri, 29 Jul 2011 11:31:00 +0000

“One drawback is that it doesn’t carry settings over *by site*…”

That’s my biggest complaint about NoScript, which I otherwise love. If I visit facebook.com, suddenly it’s in my “temporarily approved list”, and ANY site which includes a *.facebook.com script permits the script instead of blocking it.

By: verde

verde — Fri, 29 Jul 2011 10:25:00 +0000

It interferes with my online banking system.

By: querent

querent — Fri, 29 Jul 2011 00:57:00 +0000

https everywhere.

https://www.eff.org/https-everywhere

By: steve white

steve white — Fri, 29 Jul 2011 00:17:00 +0000

i found disconnect.me makes twitter buttons stop working altogether, which is not what i want

By: Sam

Sam — Thu, 28 Jul 2011 23:56:00 +0000

I suspect ‘traditional’ means these:

1) Adblock is probably the easiest, as you can block the string.

2) You can block particular servers with your hosts file (FB connect has its own domain name, so you can block just that)

3) There’s a facebook blocker plugin – You can do stuff on facebook.com – but no FB interaction on any other site.

By: Samat Jain

Samat Jain — Thu, 28 Jul 2011 22:49:00 +0000

Traditional solutions include the Antisocial list for Adblock Plus. Facebook Like buttons, etc are blocked completely.

By: rrh

rrh — Thu, 28 Jul 2011 21:43:00 +0000

“Unlike traditional solutions, ShareMeNot does this without completely removing the buttons from the web experience”

Tell me more about these traditional solutions.

By: xenphilos

xenphilos — Thu, 28 Jul 2011 21:31:00 +0000

If you use Chrome, I use Better Popup Blocker and Ghostery. Links:
https://chrome.google.com/webstore/detail/nmpeeekfhbmikbdhlpjbfmnpgcbeggic
https://chrome.google.com/webstore/detail/mlomiejdfkolichcflejclcbmpeaniij

By: xenphilos

xenphilos — Thu, 28 Jul 2011 21:27:00 +0000

I use Ghostery on Chrome. The blocking is beta, but it seems to work well.

By: Sam Data

Sam Data — Thu, 28 Jul 2011 20:56:00 +0000

If this can be done through an extension, then it can certainly be done by the creator of the website with these buttons. The websites can be serving up these “defanged” buttons.

So BoingBoing… are you going to defang all these social networking buttons you have on your site, or are you going to continue to let Facebook et al spy on all your readers?

By: oldmanraps

oldmanraps — Thu, 28 Jul 2011 20:50:00 +0000

Any other suggested add-ons that increase browsing security?

By: Blaze Curry

Blaze Curry — Thu, 28 Jul 2011 20:35:00 +0000

Awesomesauce, as the kids say. I keep telling people that I’m not paranoid, I just place greater value on my personal data than free.

By: nosehat

nosehat — Thu, 28 Jul 2011 20:30:00 +0000

It’s nice to see solutions like this available as add-ons. Of course the major ad networks compile the same kinds of profiles from all the pages they serve ads to, which is possibly a more insidious problem.

Maybe I’m naive, but I always wonder why add-ons are required for these kinds of basic privacy things in the first place. Why isn’t this built-in, the default behavior of the browser? I can understand it if Internet Explorer was built with the goals of corporations more in mind than the goals of the end users. But Firefox is open source, and supposedly driven by its user community.

By: Jax C

Jax C — Thu, 28 Jul 2011 20:27:00 +0000

I wish I’d installed this before visiting this page which is totally laden with social networking clicky things…

By: Aloisius

Aloisius — Thu, 28 Jul 2011 20:24:00 +0000

Awesome. *installs*

By: Sequoia M.

Sequoia M. — Thu, 28 Jul 2011 20:20:00 +0000

check out http://disconnect.me as well (see it in action: http://bit.ly/pJPfJq ). It blocks the tracking/sharing scripts also. Is sharemenot different, similar…? Can anyone speak to that?

One drawback is that it doesn’t carry settings over *by site*, so if I turn facebook blocking off to log in to turntable.fm and forget to turn it back on, facebook is now unblocked universally.