I work on Disconnect. I don't understand why any hacker would still put Ghostery on their machine:
* Ghostery is run by former ad execs (7/9ths of their executive team): http://www.evidon.com/our-team
* They make their money (I've heard tens of millions of dollars per year) selling user data to ad co's and data brokers: http://www.evidon.com/#block-views-from_our_partners-block
I also like how Ghostery provides URLs for each tracker source (actual payload) that you can easily view on their site.
There's also a database with short description, affiliations and privacy terms for each tracker (e.g. https://www.ghostery.com/apps/google_analytics).
I really appreciate an ethical alternative to tainted Ghostery and hope you guys will catch up soon.
== Disconnect:
* s3.amazonaws.com
* cloudfront.net
* echoenabled.com
* troveread.com
* trove.com
== Ghostery:
* s3.amazonaws.com
* echoenabled.com
* platform.twitter.com
== HTTP Switchboard
* echoenabled.com
For HTTP Switchboard, I could easily identify glancing at the matrix that what was requested was a CSS file, I then proceeded to block with one click anything coming from `echoenabled.com`. The page still displayed properly for all three blockers.
Also of note, with Disconnect and Ghostery, there were some scripts running requesting data from api.echoenabled.com and echoapi.wpdigital.net every few seconds. These requests were blocked by HTTP Switchboard without my intervention to prevent this.
That seems to go against the OS nature of the project.
The unencrypted list is at https://github.com/disconnectme/disconnect/blob/b27abbf033c6....
And formatted as JSON at https://disconnect.me/services-plaintext.json.
The encrypted list is also trivial to decrypt with the SJCL code in https://github.com/disconnectme/disconnect/blob/master/firef....
Aren't you a former doubleclick-turn-righteous? And don't you also employ an ex-NSA dude?
And no, we do not sell user data, just tracker data.
Cheers!
Ghostery seems to be in the business of selling the data that I forget to tell them they may not collect. This is intrinsically a sneaky thing to do.
Yes I know about and use the "default to blocking" setting, but I don't think there is much argument that Ghostery users download your software with the expectation that the default would be anything else. But it is. And that's sneaky.
So you offer a very useful product, for free, and make money off of the people who fail to configure it so that it performs the only service they would ever purposely download it for.
Again, I have sniffed Ghostery looking for violations of my configuration settings, and never found any. I believe that it follows its configuration settings, and I am thankful for its existence. And I recognize that development and maintenance of it is not free. Presumably you are not a volunteer.
I have gotten value out of Ghostery, but apparently that has been on the backs of other users who want the same thing, but are less-careful than me about reading configuration options, and that doesn't sit well.
This is somewhat wrong: Ghostery, ever since version 1, had Ghostrank feature in it. It has always been an opt-in deal, the users who trust us may turn it on so provide us with data. For the first 4 years the data sat without any use until recently where Evidon figured out how to turn it into money. Even so, the data Evidon sells has nothing about any user, merely tracker data. Here are some samples of whats actually delivered to clients: http://www.knowyourelements.com/ and http://www.evidon.com/evidon-trackermap/tagchains-static.htm....
As I said, we do not trick the users into anything, and are as transparent about where the data goes as possible, if you have suggestions how to increase this then please let us know. We currently cover this question in every listing Ghostery has, all options pages, web site, FAQ, and many posts on our blog.
As far as defaults: originally, Ghostery was a detection software designed to "reveal the invisible web", but has added blocking since. Our official stance is that we do not make decisions for the user, but we do run every user through an install wizard that explains whats up. Disconnects stance here is a different, they do offer default blocking, tho they also have their own "whiteliest" built into it without telling the users about it. We are going to add some easy configuration in the near future that will pre-block stuff, but this is still in the works.
Finally, Ghostery source is available for review for "sneakiness" since every extension is pure javascript. We host it here if you're interested: https://www.ghostery.com/ghosteries/chrome/ and you can just unzip any other extension to extract source.
>Online marketing companies need better visibility into real-world applications of their technologies and those owned by their competitors. GhostRank data is sold as reports to businesses to help them market to consumers more transparently, better manage their web properties, and comply with privacy standards.
I've never been able to detect any nefarious network traffic caused by Ghostery (and I've looked), but I don't like the games they play, so I'll be pleased to ditch them without ceremony.
I was interested in your project but your smearing of 'competitors' with FUD is seriously disconcerting.
* I can't seem to see a list of all Google trackers. Some sites have multiple Google trackers, but if I click on the icon to see them it just turns off blocking for them. I'm assuming sites don't have 6 GA trackers, what are the others?
* I can't seem to turn off Content trackers for all sites. Configuring this site-by-site seems clumsy, to say the least.
#2 first: Code to block everything marked as content with one click was either just checked in or is about to be.
For #1: Disconnect groups tracking requests by company. If you want to see all the Google services that Disconnect filters, you could look through the filter list (services are grouped by category and company here, so start at lines 33, 1,882, and 2,326): https://github.com/disconnectme/disconnect/blob/b27abbf033c6....
