Advice Request Is Decentraleyes extension for Chrome/FF REALLY needed?

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
Let's start with what benefits it brings to the user

1) Protects you against tracking through "free", centralized, content delivery. It prevents a lot of requests from reaching networks like Google Hosted Libraries, and serves local files to keep sites from breaking. Complements regular content blockers.

2) Speed optimization and bandwidth saving as they are local resources now

The question is 'How does CDNs track a user as they're not websites?'

Frequently asked questions · Wiki · Thomas Rientjes / decentraleyes · GitLab

Can CDNs track me even though they do not place tracking cookies?

Absolutely. Requests to Content Delivery Networks contain the "Referer" HTTP header (originally a misspelling of referrer) that reveals what page you're visiting. Techniques like IP address tracking and browser fingerprinting can then be used to associate the aggregated data with your identity.

In short, if no referer is being sent (or hidden/obfuscated) then the CDNs will not be able to track you.

And other means to track you will be likely handled by your other extensions

Secondly, as to whether there's significant savings in bandwidth and speed optimization I really doubt so. If it does significantly speed up your surfing then by all means use it.

There's setting in Chrome/FF to prevent referer being sent. Otherwise choose extension with referer control to do the job.

Some interesting read up here

Does CDN know which website the client is visiting when fetching jquery.min.js or other resource from CDN?

Decentraleyes for Firefox loads CDN resources locally - gHacks Tech News
 
Last edited:

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Let's start with what benefits it brings to the user

1) Protects you against tracking through "free", centralized, content delivery. It prevents a lot of requests from reaching networks like Google Hosted Libraries, and serves local files to keep sites from breaking. Complements regular content blockers.

2) Speed optimization and bandwidth saving as they are local

The question is 'How does CDNs track a user as they're not websites?'

Frequently asked questions · Wiki · Thomas Rientjes / decentraleyes · GitLab



In short, if no referer is being sent (or hidden/obfuscated) then the CDNs will not be able to track you.

And other means to track you will be likely handled by your other extensions

Secondly, as to whether there's significant savings in bandwidth and speed optimization I really doubt so. If it does significantly speed up your surfing the by all means use it.

There's setting in Chrome/FF to prevent referer being sent. Otherwise choose extension with refeter control to do the job.

Some interesting read up here

Does CDN know which website the client is visiting when fetching jquery.min.js or other resource from CDN?

Decentraleyes for Firefox loads CDN resources locally - gHacks Tech News

So can this completely replace any privacy extension like; ghoster, privace badger, possum etc ?
 

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
So can this completely replace any privacy extension like; ghoster, privace badger, possum etc ?
What I was trying to put it is that if your other extensions has the means of hiding/obfuscate the referer or cause the referer to not being sent then the CDNs cannot track you. You can leave out this extension provided the other extensions can also prevent other tracking methods. That's as far as privacy is concerned.
 
Last edited:
  • Like
Reactions: Moonhorse

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
So can this completely replace any privacy extension like; ghoster, privace badger, possum etc ?
Not quite, see quote placed for reference: "Complements regular content blockers."

Extension such Privacy Possum can be used alongside Decentraleyes within Chrome. I don't use Privacy Possum because a lot of the other extension I use in FF Quantum do this job for me. I still use Decentraleyes however in FF Quantum & Opera. It can block JQuery requests from Google's hosted libraries, which is a plus.

@HarborFront, any extension changes for yourself at all?

~LDogg
 

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
Not quite, see quote placed for reference: "Complements regular content blockers."

Extension such Privacy Possum can be used alongside Decentraleyes within Chrome. I don't use Privacy Possum because a lot of the other extension I use in FF Quantum do this job for me. I still use Decentraleyes however in FF Quantum & Opera. It can block JQuery requests from Google's hosted libraries, which is a plus.

@HarborFront, any extension changes for yourself at all?

~LDogg

I'll be removing this extension if everything's ok. And will set in Chrome/Ungoogled Chromium/FF to prevent the sending of referer. In addition, with Trace and Cydec my FF is pretty well covered.

Decentraleyes has a redirect issue with Cydec in Ungoogled Chromium so having the former removed means no more conflict. I will also remove Privacy Possum and Random User Agent if I have Cydec. Trace cannot be installed in Ungoogled Chromium.....some errors there

Trace and Cydec have redirect issues with Chrome. I need to relook into these 2 extensions

Cydec may break some sites

Test your referer here

What is my Referer?

Edit :- Cydec broke my outlook(hotmail) site so had it removed from Chrome/FF/Ungoogled Chromium

Added setting in Chrome/FF/Ungoogled Chromium to not send referer

For FF - Use with Trace
For Chrome/Ungoogled Chromium - Use with Random User Agent and Privacy Possum
 
Last edited:

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Imo ublock > any privacy addon, and ublock origin have built in option to avoid websites from breaking

Decantraleyes seems effective with ublock origin tho, and doesnt use memory at all so im willing to keep using it from now
 
  • Like
Reactions: xSploit

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
Imo ublock > any privacy addon, and ublock origin have built in option to avoid websites from breaking

Decantraleyes seems effective with ublock origin tho, and doesnt use memory at all so im willing to keep using it from now
The thing about speeding up surfing and bandwidth optimization is you try surfing 100 different sites and see how many of them actually activated Decentraleyes.
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
The thing about speeding up surfing and bandwidth optimization is you try surfing 100 different sites and see how many of them actually activated Decentraleyes.
After installing yesterday the extension says 20 times activated so far :unsure: wont see big different in web browsing bloating my browser with extensions or go without, except ram usage with med-end pc

What decantraleyes have done for me is switching those google host libraries from few newspaper sites i go for

What i have noticed and what @LDogg said im kinda unsure if i should just use ublock alone, or go for any privacy extension along with it.

Ublock alone blocks most of trackers, where privacy possum can detect always few still, same with the ghoster and privacy badger , these extensions just tend to have as high ram usage as ublock alone
 

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
After installing yesterday the extension says 20 times activated so far :unsure: wont see big different in web browsing bloating my browser with extensions or go without, except ram usage with med-end pc

What decantraleyes have done for me is switching those google host libraries from few newspaper sites i go for

What i have noticed and what @LDogg said im kinda unsure if i should just use ublock alone, or go for any privacy extension along with it.

Ublock alone blocks most of trackers, where privacy possum can detect always few still, same with the ghoster and privacy badger , these extensions just tend to have as high ram usage as ublock alone
I suggest you read my post below starting #37 and onwards and decides for yourself

SECURE: Basic - LDoggs Security Setup

and @Evjl's Rain in post #152 for the required/recommended/optional filters to be used in uBO

Q&A - [Updated 7/6/2018] Browser extension comparison: Malwares and Phishings
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
I suggest you read my post below starting #37 and onwards and decides for yourself

SECURE: Basic - LDoggs Security Setup

and @Evjl's Rain in post #152 for the required/recommended/optional filters to be used in uBO

Q&A - [Updated 7/6/2018] Browser extension comparison: Malwares and Phishings
Yeah im pretty much running these:
- nanoblocker ( evil rains setup in #152)
- nano defender as anti adblock killer
- norton safe web
- malwarebytes
- decentraleyes

I have read those posts before, but im always looking for alternatives. Current setup works fine but i dont mind some extra privacy or good extensions

i dont like to add these since high usage and ublock already doing work:
- ghostery
- privacy badger
- privacy possum
- disconnect
these are bit overkill for the privacy they provide alongside ublock

so im thinking evil rains ublock setup with decantraleyes works best for me from now
 

Hi Brothers

Level 2
Verified
Apr 19, 2018
71
Isn't Ghostery redundant with uBlock Origin? :unsure:

I use both, no harm in that. When I did this test Q&A - How good is your ad/tracking protection? 2 months ago, there were some trackers ublock origin didn't block even with my 834,740 network filters + 102,352 cosmetic filters but ghostery did, you can check post #24 and #61 for more info

(Ublock origin blocks before ghostery for me, so if a site is blocked by ghostery, it means ublock origin missed it)
 
Last edited:

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Isn't Ghostery redundant with uBlock Origin? :unsure:
Well ublock against ghostery is pretty even privacy wide, but ghostery just is memory hog so its useless with ublock origin

Anyways privacy possum does some job over ublock, so its good privacy extensions to use with ublock

Also tweaked ublock origin + tunnelbear ( fingerprints) would be better than ublock+ ghostery , and using less ram aswell
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
In short, if no referer is being sent (or hidden/obfuscated) then the CDNs will not be able to track you.
The referer isn't the only piece of information sent that creates a privacy dilemma with CDNs:
The growing usage of CDNs could ultimately thwart all existing tracker-blocking tools since CDN providers could deploy probabilistic stateless tracking based on the IP address and user agent of their users.
https://sba-research.org/wp-content/uploads/publications/block_me_if_you_can.pdf
 

Yellowing

Level 5
Verified
Jun 7, 2018
221
I looked trough this. It appears to be written about August 2016.
At that time Ghostery was leading the charts. It was significantly better than uBlock Origin and even had a lower impact on RAM.

Problem is: They tested with stock-settings. There's much to be enabled in uBlock. For example it blocked almost none of the social stuff, yet there is an optional list for that: Fanboy’s Social Blocking List and Fanboy’s Anti-Thirdparty Social. It also does not have these settings enabled:
Prevent WebRTC from leaking local IP addresses
Block CSP reports

In my opinion you should test the full capability of an extension or program and not that what comes standard. Otherwise the test does not make sense to me.
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
In my opinion you should test the full capability of an extension or program and not that what comes standard. Otherwise the test does not make sense to me.
Two issues with this:
  1. There's no classification on what "full capability" entails. You could add literally hundreds of different filter lists and one could still claim the test is invalid because there's still more filter lists available to add. There'd need to be a standardised testing procedure for this to work. For now default settings are the best way to go.
  2. Those who change the settings and add/remove filter lists are in the minority. Most treat it as install-and-forget and never diverge from its default "Easy" blocking mode.
I don't actually pay attention to the results of the study as, like you said, changing the settings or adding additional filter lists can have a huge impact on the results. I find the commentary on current and future blocking capabilities interesting is all.
 
  • Like
Reactions: oldschool

Yellowing

Level 5
Verified
Jun 7, 2018
221
I mean, and I thought that was obvious, just to max out all the available settings. What you are talking about are unavailable settings. (In a certain sense)
That most just install-and-forget is no argument here, imo: It's not my fault that the developer has to uncheck settings in order to not break the oh-so-important facebook site of some random dweeb. Yet I want to know what the extension is able to achieve in comparison with other. I'm pretty sure everyone who reads that paper does also want to know that.
However I do see the problem with a test run with non-standard settings alone. Imo you have to run the test twice with both scenarios. It just doesn't make sense to me not to run it a second time with all available settings chosen.
:cry:
 
  • Like
Reactions: oldschool
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top