Cockup or conspiracy? Popular privacy extension ClearURLs removed from Chrome web store The Chrome browser extension ClearURLs has been removed from the Chrome Web Store, for reasons its developer describes as "ridiculous." Google’s Chrome team emailed ClearURLs developer Kevin Roebert yesterday to tell him (translated from German): “Your item had to be removed from the Chrome Web Store,” citing three violations …
There are some 7 year old bug reports (that duplicate 14 year old, closed, bug reports...) but the problem they're trying to solve is that not all companies have the bandwidth to use the Google Search method of using local URLs for tracking - that perform a redirect to the eventual (i nearly said requested) destination URL.
Of course would google remove all things that could impact the bottom line. They have been watching the fruity teacher for a while and are being more and more aggressive to ensure the bottom line. No surprise here.
Stop using google products and block it all I'd say. Adblocker, noscript and greasemonkey are the best tools to fix most of it locally. Yes, it takes a bit of an effort, but the reward is high when done consistently. And, if a site shows a blank page without scripts, then they are apparently not interested in my visit and will be strictly ignored.
Not that easy. Some companies, either through ignorance or because they have some commercial connection with Google, force you to use them. This is one:
patientaccess.com/
It won't let you log in until you are able to run the Capture tool they have. Once logged in you can then disable Google -- but it's too late. They now know I've gone to that site. And I can't ignore this site as it is used by my GP service.
All I can do is delete all my cookies. But that doesn't help because when I come back to the site at some point in the future I have to tell Google again.
We should have the ability to deny any traffic going to Google, but with the current bunch of Tory greedy cunts in power I can't see any of my concerns being discussed, other than when to throw them into the waste paper bin.
The first thing you need to know about Goldman Sachs is that it's everywhere. The world's most powerful investment bank is a great vampire squid wrapped around the face of humanity, relentlessly jamming its blood funnel into anything that smells like money.
- Matt Taibbi, Rolling Stone 2009.
Has Google become the new Goldman Sachs?
If these stores are such an essential element of these devices the Amazon Apple Google and Microsoft should all submit to some kind of ombudsman model for placing of products goods warez and services online and the terms and conditions should be set by the an impartial umpire. What we have at the moment is utter bullshit. They change the terms and conditions on a few days notice and set an arbitrary price for performing a service that doesn't cost anywhere near 30% of all revenue. I hope that the Epic v Apple battle brings this out.
I grabbed this extension from github, got it installed in chrome but it wouldn't turn it on because it is not in the web store, you need to whitelist it in the registry (talking Windows here) as per TheSysWiz at https://github.com/ClearURLs/Addon/issues/102
I think they mean: We will send a call to our tracking system, and you don't get to say no. It's up to you whether the call is made in parallel to calling your intended target, or whether we call the tracking system first, and that system redirects you serially afterwards.
To be honest, I find the ping idea better indeed: 1) faster 2) intended URL can be copied from the starting point, rather than that of the tracking website, and best of all 3) you can blackhole the ping request
If the calls are made serially, you can't blackhole the tracking system, because that's the one that will redirect you to where you want to go.
If I'm reading the ClearURL documenation correctly, it (optionally, default is to block) blocks ping attributes as well. The setting is called "Block hyperlink auditing", and links to this page for reference, which talks about handling ping attributes - https://html.spec.whatwg.org/multipage/links.html#hyperlink-auditing
So unless I'm just getting confused, it won't matter if Firefox starts enabling ping attributes. If you use ClearURL you'll still be protected, and if you're not using it you weren't protected anyway.
Another tool in the privacy fighting arsenal - excellent.
However, I note there are still two Javascript events (click and onmousedown) that point to obsfucated Javascript in each A tag. Anyone have any idea what they do? There's a rather interesting data-ved parameter which could well be a potential tracking identifier plus the identifier beginning with AOvV in the onmousedown event.
By the way, the click event seems to be attached from elsewhere and not directly in the A tag. Checked it in another browser without any privacy addons installed and the same two events are there.
Here's an example A tag:
<a href="https://www.bbc.co.uk/programmes/b006mywy" data-ved="2ahUKEwjRm5S-yMvvAhVSlFkKHX2uDEYQFjAAegQIBhAD" onmousedown="return rwt(this,'','','','','AOvVaw0Er36RVSF-j7Wxx5kEfmWQ','','2ahUKEwjRm5S-yMvvAhVSlFkKHX2uDEYQFjAAegQIBhAD','','',event)"><br><h3 class="LC20lb DKV0Md">Planet Earth - BBC One</h3><div class="TbwUpd NJjxre"><cite class="iUh30 Zu0yb qLRx3b tjvcx">https://www.bbc.co.uk<span class="dyjrff qzEoUe"> › programmes<span></cite></div></a>
This post has been deleted by its author
So with a quick look, yes that Javascript does send a beacon with a lot of information back to Google. If you have uBlock Origin installed, it blocks it. So if you don't, go grab that.
Seems to send back the dynamic ID of the page (used in the DIV tag at the top of the page) along with lots of other information when you click on a link but I don't have time to reverse engineer.
This extension, not updated since 2011 apparently has now been removed for web store policy violations.
The frustrating part of the removal is that I never saw anything that would cause it to be dinged. Didn't prompt for money, no ads, it was pretty much a plain simple extension that simply worked. Great for using for research, commentary, etc. It served a purpose.
Now it's gone, just like the gentlemans extension has in this thread
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
