October 16, 2008 at 15:58 | Posted in Privacy/Security | Comments Off on Updates….
Tags: , , , , , , , , ,

Just a short entry to let people (RSS) know that I’ve made updates to My “Flash ‘Cookies’, a hidden bane” entry and also put a link in the Side Bar to downloadable Flash LSO (cookie) removal scripts.



All About WebBugs

October 14, 2008 at 12:03 | Posted in Privacy/Security | 1 Comment
Tags: , , , , , , , , , ,

What is a WebBug anyway?

A webbug or web beacon, pixel tags, tracking bugs, etc are tiny 1×1 pixel images (gif, jpg, png, tif, etc) (and increasingly Flash objects) that companies put into websites or e-mails to track where, when, and by whom they are viewed. On most modern computer screens a single pixel is very hard to see. Even if that weren’t the case 99% of the time these images are transparent so even if you have fantastic eyes you wont see them.

Isn’t this just done by evil hackers/Spammers?

There is a growing trend for large online companies to use these bug/tags to track people. This is partly due to the fact that browsers have gotten better at letting people block older ways of tracking you (cookies, ad banners, etc). So it is the next step in an ongoing techie arms race. Good techies trying to protect your privacy/anonymity. Corporate techies trying to track you so people can make money off of you, or off of people that will pay to know what you are interested in.

A prime example of this is Yahoo’s decision to start using webbugs.

Should I be scared?

Web tracking is nothing new, this is just the next step in the dance. So, being scared is probably over reacting a wee bit. You are perfectly justified in feeling concerned, annoyed, pissed off, righteously indignant, or just plain peeved. Privacy is a right and these folks are dancing around that as best they can.

What can I do?

Unfortunately there isn’t one simple, install this program and it will all go away, type thing you can do. However, this does not mean that there isn’t anything you can do. There are some definite steps you can take to protect your privacy and I’ll cover them briefly here.


I’ll start with e-mail as it is probably one of the easier things to protect from webbuggery. First set your e-mail client to never touch remote/online images. This alone will stop many webbugs in their tracks. If there is such an option consider setting your mail client not to render HTML at all. (this might be a bit drastic for most people). Definitely disable Java, JavaScript, VBScript, etc in e-mails. In this day and age having a scripting language active in your e-mail client is tantamount to leaving your keys in your car with the doors open.

Other things you might want to consider:

Digitally signing all e-mails you send (makes them tamper proof).

Sending mail in text only format (yeah, I know, no smilies.. but safer).

Digitally encrypt all e-mails so they can’t be viewed “in transit”

How to make Browsing safer:

Unfortunately since browsing means loading pictures, blocking webbugs while browsing takes a bit more work. Basically you need a system to block the undesirables. There are many options out there but all take at least some work to set up. One of the easiest is the Adblock Plus extension to the Firefox browser. It makes blocking undesirable elements in a webpage quite easy. The problem is that the webbugs are impossible to see so you have to use the “tools -> page info -> media” function of the browser to locate what elements are 1×1 pixel in size and then block them. Not all 1×1 pixel things are bugs. luckily the bugs are often easy to spot as they will come from a source outside the page you are viewing, or will have a fairly obvious hint in the URL like “adserver.”, “adscript.”, “track”, etc. Adblock Plus also offers free filter subscriptions which it will use to get block lists that have been generated specifically for it. The “ABP Tracking Filter (by rick752)” under miscellanious does a good job on blocking many of these webbugs

This is a bit of a pain in the posterior but once it is done you are pretty good to go. You will still want to check from time to time to make sure that there are not any new ones.

The same approach can be used if you have a router that supports a block list. Just keep adding the nasties to the list and soon you’ll be browsing much more safely. The one drawback to this approach is that some webpages try to use Java/Javascript to load up the ads/webbugs. Having them blocked at the router can sometimes make the page stall while Java tries to get the offending material but can’t reach it.

Other options exist such as Privoxy which is a software proxy that will clean a lot of this stuff up for you. My problem with a solution like this is that although Privoxy is very good at what it does I can’t be sure it’s catching everything I want it to.

The best approach, and the one I use, is a combination of the above. Things that don’t block well at the router I block with Adblock Plus and NoScript. I use Privoxy (and Tor) if I am going some place I am unsure about and definitely wouldn’t want tracking/spamming me.

In the end the decision of what to do about this issues is up to you. It’s your privacy, It’s your choice. Sadly many people feel their privacy isn’t worth the effort it takes to set these filters up.  The things I have talked about here is not a complete list of the options to protect ones privacy. Unfortunately going into all the options would make this document far too long and probably make it classify as a good sleep aid for most people.

Included below are some links for further reading on the subject. Enjoy.

Yahoo’s “Web Beacons”




Adblock Plus

Peer Guardian

GnuPG – e-mail signing/encrypting

WebBug Articles:




Phorm (Yuck)

April 8, 2008 at 16:13 | Posted in Blogging, Privacy/Security, Revver Stuff, Tech | 1 Comment
Tags: , , , , , ,

It seems that there is a lot of noise about Phorm in the Blogosphere and that it is just catching my attention recently. (odd really since I spend a lot of time reading on Security and Privacy matters).

There are a couple of anti-Phorm web sites most of which you can get to by starting at BadPhorm. Of particular interest is a counter measure (tho limited) available here

So far it seems to be mainly ISP’s in the UK that have gone ahead with this very bad idea. That in no sense means it is a UK only problem as I am sure that Phorm will try to sign up as many ISP’s as they can globally. I would urge anyone who is interested in preserving their privacy to write to their respective ISP and let them know you don’t want them to implement Phorm webwise technology. It would definitely be worth noting in any letter that you send the history of “Phorm” which was formerly 121media which even just minor googling of, brings up their association with spyware.

If anyone has examples of Phorm mangled cookies, (paired with their un-mangled versions) I’d appreciate getting my hand on them to see if it is possible to write a Firefox add-on or proxy software that can strip the phorm tags back off the cookies thus rendering Phorm moot.

Another idea until there is a better solution to this might be for those of us in un-affected countries to run SSL proxies like Psiphon for people in the UK to tunnel through as that would (by my current understanding) encrypt the cookies (via the ssl tunnel) and thus make them invisible to the Phorm boxen.

addemdum — it seems (from the technical writeup mentioned in the Blue light Touchpaper Blog below) that even a simple proxy would work to bypass Phorm/WebWise as long as the proxy was not on port 80. For example, an open proxy on port 12000 or 443 or anything other then 80 would totally be ignored by Phorm/WebWise. Provided, of course, that the proxy was not on an infected (errrr, pardon me affected) ISP.

Thoughts and comments appreciated

addendum.. people in th UK on effected ISP’s may wish to consider using TOR and configure it to use non-UK exit nodes. not the best option and a little technical to set up (be sure to use torbutton and Privoxy). But possibly better then being tracked every step of the way. There is also I2P (I’ll provide a link when I can be sure I’m looking at the correct site.. their old URL seems defunct) but I that to be a bit bandwidth heavy. YMMV

Addendum 2 – I just downloaded technical documentation from the Blue Light Touchpaper Blog on Phorm. I’ll give it a read over and see if there are any new insights.

Create a free website or blog at WordPress.com.
Entries and comments feeds.

%d bloggers like this: