I've just switched my main browser to #firefox, better late than never!

Does anyone have any #extension recommendations?

I'm thinking of trying out #Ghostery 👻

The Ghostery Browser is now available as a Flatpak package:

https://flathub.org/apps/com.ghostery.browser

If you run into problems, feel free to open an issue here: https://github.com/ghostery/ghostery-browser-linux-support

(Note: on Arch, you can still use the existing "ghostery-browser-bin" AUR package. But on all other distributions, Flatpak is now the recommended way to install.)

#ghostery #linux #flatpak

@Ilias I got a similar result using #Firefox, #uBlockOrigin, #Ghostery and #Decentraleyes. But I wonder what it means to have strong protection against tracking and simultaneously have a unique fingerprint. That seems like a contradiction.

Perhaps most people's browsers are so wide-open to tracking that anyone taking defensive measures immediately stands out. We should encourage others to do as we do, so that defending against trackers is the norm, not the exception.

The #ghostery #extension for browsers including #Android has an option to opt out automatically the eternal annoying permission to allow #cookies.
It even leaves a message on the page that you don't agree with the use of them.
#Firefox
https://www.ghostery.com/

TechRadar just featured Ghostery for opening up TrackerDB:

https://www.techradar.com/computing/cyber-security/track-the-trackers-together-ghostery-opens-up-its-adblocker-library

We open-sourced it recently, and now use it already within the Ghostery browser extension and for WhoTracks.me. If you want to contribute, feel free to create an issue or send us a pull request. For instance, if you spot a wrong company description or if you are aware of trackers that we have not covered.

The project can be found here: https://github.com/ghostery/trackerdb

#ghostery #trackerdb #opendata #privacy

I find it funny that my #pihole is blocking requests to a #ghostery domain (Ghostery being a tracker blocker extension itself).

I've just disabled it, I have #ublock and #privacybadger (and pihole) so I'm probably OK.

@TheDeckie

Ja, du hast leider Recht. Hatte noch Adguard aktiviert und deshalb war es noch clean.

Aber wie schon gesagt: Wer auf Werbelinks klickt, ist selbst Schuld.

Ein bisschen Mitdenken muss man halt, wenn einem Datenschutz wichtig ist.

Sonst kann man auch gleich Google nehmen.

Und ein paar Addons installieren ist auch kein Hexenwerk.

#AdGuard
#ClearURLs
#Ghostery
#NoScript
#PrivacyBatcher
#uBlockOrigin

to be continued.

@jfml @MJung @SheDrivesMobility

#Ghostery su #Firefox rallenta il caricamento delle pagine, per il momento l'ho disattivato che tanto basta anche solo #UblockOrigin

Over two months ago, we open-sourced the Ghostery Tracker Database:

https://github.com/ghostery/trackerdb

It is free to use for non-commercial purposes (published under Creative Commons license). We also want to encourage contributions from the community.

If you have any feedback, feel free to open a Github issue. It helps us to understand how we can make it easier to use and easier to change (via PRs).

#ghostery #whotracksme #trackerdb #opendata

@suetanvil Thats nice! Did'nt know #Ghostery does that too. A while ago there was some controversy regarding Ghostery. May be it was acquired by an ad-company or something. So I did not look at it from then but I could be wrong.

@rwwh what site is it? I have really enjoyed using #ghostery's new "decline by default" feature that ✨automagically✨ rejects cookies on most any of these #GDPR popups (most of which seem to be #darkpatterns to frustrate and confuse users). Soon we'll each employ an army of robots to defend us from other peoples' attack robots in a neverending virtual micro-war. And here I thought the future would be all jetpacks and daytrips to Venus. 🤷

#AI #darkpattern #UX #cookies

TITLE: When Your HIPAA BAA Subcontractor Most Likely Means Well

Therapists are going to have to make an effort to educate our own BAA subcontractors about privacy.

Amongst therapists, privacy has always been paramount.

On the Internet, tracking has gone through several understandings. First, early webmasters were excited to get free website use statistics from Google Analytics. Then followed several years of tactics to effectively market ads following client computers around the Internet. Now, there is an awareness of that data as valuable in-and-of-itself.

Recently there is a new awareness that data other than name, SSI, address, & diagnosis CAN be considered PHI (Protected Health Information) when it is specific enough to ID the patient. Also when a data aggregator (tracking the same client across the Net) can obtain & combine data from multiple websites to build a composite file on the client. Browser cookies, pixels, beacons, mobile application identifiers, Adobe Flash technology, and IP address geolocation data can all be used -- in conjunction with websites visited -- to figure out specific individuals. ( See "Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates" from HHS at https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/hipaa-online-tracking/index.html )

Also growing is an awareness that this data can be used for something other than just targeted advertising -- like in the recent Washington Post story in which the Planned Parenthood website was inadvertently sending data to Facebook and others -- which in theory could be used by hostile state governments to prosecute women for their medical choices. (See "You scheduled an abortion. Planned Parenthood’s website could tell Facebook." https://wapo.st/3Nyf6sr ) (Brick & mortar stores can also contribute. See "What Walmart’s tech investments mean for workers and shoppers" https://wapo.st/3J86PeE )

Therapists are going to have to make an effort to educate our own BAA subcontractors about privacy -- especially in cases where its not clear if HIPAA laws are being broken. Especially in cases where the subcontractors -- coming from the Internet world -- might not know better.

There are the more egregious cases (like BetterHelp sharing clear PHI data) -- situations in which therapists should walk or run away from the company. (See "FTC fines BetterHelp $7.8M, alleges it shared consumers' health info with advertisers" https://www.modernhealthcare.com/digital-health/ftc-betterhelp-consumer-health-info-facebook-snapchat-advertisers )

Then there are less clear cases where we need to change the mindset of our BAA subcontractors if possible.

Many of them may not understand the evolving definition of PHI. Their marketing/webdev teams may not talk with legal. They may just put together a required data consent policy with everything in it including the kitchen sink whether or not they actually collect it to "cover themselves". This needs tuning for their HIPAA clients. They may communicate with sites for legit use known to track (like fonts.google.com which provides fonts and is used by about every webmaster on earth).

If you want to see some of the URLs that your BAA subcontractors communicate with, You can double-check them by installing Ghostery and Privacy Badger in the Firefox browser (and maybe others) and checking which connections they warn you about or block when you go to those sites. This won't tell you WHAT data is communicated, only that SOME data is communicated (and if these services think they are a security risk). Knowing what data is actually sent would require someone with expertise in a packet sniffing software such as Wire Shark.

-- Michael

--
Michael Reeder, LCPC
michael(at)hygeiacounseling.com

#psychology #counseling #socialwork #psychotherapy
@psychotherapist @psychology @socialpsych @socialwork #HIPAA #BAA #hack #datasecurity #legal #psychiatry @psychiatry #webdev #cookies #dataprivacy #security #beacons #Ghostery #PrivacyBadger #privacy #medical

Giving thanks for the "Never Consent" feature of #ghostery that automatically dismisses those annoying #GDPR #darkpattern pop-ups on every website. Having it on @firefox for #Android is...

On my #iohone my #safari app is bragging that it blocked 4 whole trackers in the last 7 days. They sorta neglect to mention that it didn’t stop Apple from profiling me. In fact, it assisted. #Ghostery says “you are like little baby. I show you #pricacy protection.”

@vga256 story is great but opening kotaku on a mobile device just reminded me how fucked up web is today, infested with ads of absolutely no quality. So thank you for the link, it reminded me to install #ghostery on my new iphone.

@Lautaro_Ferrero ¿No probaste #GhosteryDawn, de #Ghostery? Está basado en Mozilla Firefox, no se actualiza todos los meses y hace énfasis en la privacidad.

Es mi navegador web principal, desde donde te estoy escribiendo. 😉

https://www.ghostery.com/private-browser

Firefox found a way to keep ad-blockers working with Manifest V3 - Google’s version of Manifest V3 limited features used by content blockers; Mozilla’s promising it’s not doing the same.

https://www.theverge.com/2023/1/17/23559234/firefox-manifest-v3-content-ad-blocker

#google #chrome #firefox #brave #manifestv3 #adblockers #security #infosec #ghostery #privacy #security #internet #internetsecurity

A pity that the Leaky Forms project didn't get traction:
https://homes.esat.kuleuven.be/~asenol/leaky-forms/

It's a research project that spots privacy leaks, e.g.
https://www.wired.com/story/leaky-forms-keyloggers-meta-tiktok-pixel-study/

When it came out in May, I wondered if we could integrate it in Ghostery, but besides lack of time, it unfortunately won't work with Manifest V3 (uses webRequest API). You can still try it out in Firefox, but you need to build from source.

LeakyForms reminds me also of https://github.com/ghostery/local-sheriff

#LeakyForms #privacy #manifestv3 #ghostery

I just deleted #fennec and went back to the basics : #firefox on #android 11. Also I 'm actually trying out the #ghostery extension and their browser based on #mozilla. Let's see how they behave and perform.

#Ghostery Plugin for #chrome or #firefox often breaks #cookiepoup. You have to pause ghostery in order for the site to work.