But it is informative to see what is going on behind the scenes and how widely we are tracked. It and NoScript overlap, but play subtly different rolesīoth NoScript and RequestPolicy are a bit of a pain for a week or so until you whitelist the common sites. So Facebook can request Facebook assets, but I won't let other sites request them. RequestPolicy: Nail any asset request per-site. NoScript: Whitelist / Blacklist scripts globally But make sure you subscribe to a list that both blocks ads, and blocks user trackers Adblock Plus: easy list management and good control for adding any that the auto-updating lists miss. ![]() Since you asked a pretty blanket question. Surprisingly, NetNewsWire on the desktop is connecting to Google over http instead of https. Oddly, though, it seems to keep connecting/caching long after its "busy" throbber has stopped, and mostly what it's loading is all of those stupid "apple-touch-icon-precomposed.png" URLs, so maybe this is some lower-level webkit nonsense instead of Reeder itself. It then connects to the sites directly to load images over http, as you'd expect. Update: I think that Reeder on iOS is using SSL to connect to Google Reader and download the RSS contents of all of the feeds. Incidentally, I was wondering whether Reeder on iOS is using SSL when it syncs my subscriptions with Google Reader, and I realized that I don't actually know how to snoop my wifi network in order to answer this question. I suppose there's no way to get ad blocking on iOS without jailbreaking it or running a non-standard web browser app? I had been using Incognito before this, but as far as I can tell, Ghostery does a superset of what Incognito does, but with better feedback over what's happening. ![]() Ghostery This seems to do a good job of blocking all manner of web-page spyware, and like Little Snitch, shows you what it's blocking. If there was a way to tell MacOS that Safari and NetNewsWire should use the HTTP proxy but all other apps should connect directly, this would work better, but as far as I know there is not. It can't tell the difference between some-random-app and you clicking links in a web browser. If some random application phones home by loading a URL via webkit, then by the time Little Snitch sees that connection, all it knows is that the "Privoxy" process connected to port 80, not that the connection is really coming from some app that ought not be making such connections at all. ![]() Unfortunately the combination of Privoxy and Little Snitch means that "port 80" is the root password that bypasses this. It lets you monitor and block network connections initiated by applications on a per-application, per-host and/or per-port basis, so you can tell what's trying to "phone home" on you, and stop it. Little Snitch Little Snitch is kind of amazing and I grudgingly admit that it is worth the $30 for its entertainment value alone. On the minus side, it makes Little Snitch less useful (see below). ![]() On the plus side, since it's a system-wide proxy, it blocks ads not only in Safari but also in NetNewsWire and anything else that loads web pages. (I almost wrote, "I like being able to type my own regexps" but no I don't, that's just the Stockholm Syndrome talking.) Privoxy I know everyone else in the world is probably using AdBlock or something, but I've been using Privoxy for ages and I'm used to it.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |