![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
ciphergothThis journal entry describes ways in which people you know may be monitoring the way you use LJ. How often you read their journal, what friends groups you define, and so on.
It's done with what are called "web bugs" - tiny images served from special servers that record this information. You can block the servers that serve the web bugs, but they can always create more servers, so it's a game of "whack-a-mole".
Today I found out about a setting in Firefox that blocks *all* web-bug based tracking, from all websites to all websites, permanently. No longer will people be able to monitor you in this way.
Go to the URL bar and type "about:config". Select the setting "network.http.sendRefererHeader". If it has the value "2", change it to "1". That's it.
Technical details
I'll be setting this on all my browsers ASAP.
It's done with what are called "web bugs" - tiny images served from special servers that record this information. You can block the servers that serve the web bugs, but they can always create more servers, so it's a game of "whack-a-mole".
Today I found out about a setting in Firefox that blocks *all* web-bug based tracking, from all websites to all websites, permanently. No longer will people be able to monitor you in this way.
Go to the URL bar and type "about:config". Select the setting "network.http.sendRefererHeader". If it has the value "2", change it to "1". That's it.
Technical details
I'll be setting this on all my browsers ASAP.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2006-05-10 09:00 pm (UTC)no subject
Date: 2006-05-10 09:13 pm (UTC)no subject
Date: 2006-05-11 09:26 am (UTC)Unless, hrm. Some cunning screen-scraping in Javascript might do it, if your 1 pixel gif was actually a script... I know there are some sort of limitations on scripting across domains, but I'm not sure what they are.
no subject
Date: 2006-05-11 09:54 am (UTC)1) You visit LJ with tracking image
2) Your browser fetches said image. The server logs the IP and cookie. If you don't have a cookie, it gives you one.
3) One of the following:
a) Some time later you click a link, sending a Referer header with it. A username can now be guessed based on the Referer (http://dennyd.livejournal.com/friends).
b) You go do a meme thingy. It asks for a username and you give it one.
Either way, your IP and cookie are given to the server again. The match is stored and can now be attached to all that old, previously sorta-anonymous data.
4) Profit?
I doubt anyone's bothering with this, but it's a thought.
Setting the cookie while viewing a journal can be stopped by only allowing cookies from the "originating site" in Firefox prefs; it makes it so if you're viewing livejournal.com, foobar.com can't set cookies as you fetch images or whatever. IP address tracking can be mitigated by using Tor (http://tor.eff.org/) or something like it.
Clearly all of this tracking can be rendered useless by a sufficiently informed/determined/whatever person.