
No customer dashboard should ever fire off a connection to Facebook, Google, or any 3rd party
And that goes especially for banks which seem not to understand this simple concept.
Backup specialist Backblaze has fixed an issue where a Facebook advertising pixel was "inadvertently" included on signed-in web pages – but users are concerned private filenames and sizes were also sent to the social media giant. The problem was spotted by Blackblaze customer Ben Cox who protested on Twitter: "WTF? @backblaze' …
But, you have to understand... Facebook, Google and any 3rd party need to make money too. The customer is here to provide for Facebook, Google and any 3rd party. How else can we redistribute wealth properly? Facebook, Google and any 3rd party are here to pay taxes for our communities and strengthen the local bonds in our social environment. Please do not forget that.
/s
Patient Access is another culprit that invites the likes of Google somewhere it really shouldn't be. I haven't spent any time seeing how intrusive it is but the frequent appearance of the "select all crosswalks" menace is enough of a worry IMHO.
Well, that and having to add so much of it's annoying spam to uBlock. Patient Access a dreadful, shoddy piece of crap even without all the intrusive annoyances and I wish I had the option to use something else. :|
Gov.uk pages including Sunday's census which used Google Tag Manager. The ONS had an independant security audit done by Bridewell who claim that all our data and privacy are totally secure. Yeah, right!
Can we start up a class action to get our data back?
I have had dealings and meetings with ONS about census data in the past (admittedly a long time ago now) and they always impressed me with their focus on not revealing any individually identifiable information. I'd trust them infinitely more that Facebook!
I convinced my major credit union to drop recaptcha by declaring that I do not have any business relationship with Google and do not want to confide my personal practices with them.
I used an article here about an alternative captcha and they ended up adopting it for a while.
I am sympathetic to the need of blocking bad actors, but too often Google or Fb provide something "easy" as a solution that has ramifications for their customer. I view that choice as an indicator of whether sales or engineering is dominant and act accordingly.
I see this all the time. Useless marketing droids obsessing over the website click rate (we do not sell or get any business from our website) but they get all NSA about their Facebook and Google gender/age/IP stalking website tracking of our customers.
Also added the Cloudflare block from Mr. Dugan's list since I have a particular loathing for them.
.
.
Mr. Black's Extensions are problematical...
The porn one includes my favourite Manga site --- which certainly has a lot of unsavoury stuff; but which I deal with for myself which one of the best blacklists in existence [ like torture or yaoi or tentacles etc. etc. ] but which it is foolish to ban.
The gambling one includes the National Lottery (UK ).
Whilst the fakenews one, as with so many woke directions, merely censors stuff someone else decides they dislike, and stops free information.
..of backblaze is the encryption, you need to input your encryption key to view your files, so not even backblaze knows what you've uploaded (according to their marketing).
This, then, would fly in the face of that assertion and promise to the customer of holding their data securely. So, class action?
The FILES are encrypted, but the file NAMES aren't - you can see them in the web interface.
Personally, I encrypt my more important files BEFORE uploading them to Backblaze. The filenames that are there are total gibberish to me, as they're generated via Duplicity.
I remember Backblaze was the scrappy newcomer, cheap and effective, using consumer grade hard drivers and running all sorts of data collection to see how cost-effective that was.
Then, they stopped doing the consumer grade stuff. Maybe the enterprise gear is more cost effective? Or are they going full corporatey?
That answers the question. I wonder who's the new scrappy guy that has to prove his worth currently, because Backblaze is one of the boys now.
So why exactly would "marketing web pages" need to transfer filenames of the victim (either the inputting/uploading or the hosting victim) ?
File size might be to test how long a page loads but i never saw any ADnoyance ridden web presence doing that kind of granular optimisation, nor caring for such things.
Seems more like sleep with the dog, catch fleas, worms and rabies in a big family friendly all-we-can-steal promotion packet.