There is code in Privacy Badger that checks whether a site has publicly posted a statement of compliance with DNT before blocking it. If they do and then violate that commitment, we have a record of it and can call them out on it.
Do you have other extensions installed that are already blocking trackers? (NoScript, for instance.) If so, Privacy Badger shows only the ones that they've missed.
The reasons for not using a blacklist in Privacy Badger were philosophical, not technical. I agree it would be more convenient to ship with a blacklist but hopefully the learning algorithm works well enough to be almost-equivalent.
> Btw. what is the point of Privacy Badger without the Do Not Track header?
Not sure I understand. Privacy Badger Alpha currently sets the Do Not Track header on all requests.
Perhaps now is a good time to mention that if you want to work on projects like Privacy Badger with EFF, we're hiring for a Staff Technologist: https://www.eff.org/opportunities/jobs/staff-technologist. The role is a mix of software engineering, doing security/privacy research, pressuring large internet companies and standards groups to not be evil, and teaching lawyers/reporters about technology issues.
It's overall a fun job. I wrote most of Privacy Badger Firefox with help from Mozilla folks in the last two months, and it's very satisfying to see people using and reporting bugs in the software that I made almost immediately after launch. :)
Yes, the alpha version (what we just launched) only works on third-party cookies, so the heuristic blocking algorithm doesn't do anything if you block 3rd party cookies entirely. We plan to add detection of other tracking methods (Flash cookies, local storage, fingerprinting, etc.) as time goes on. More info in the Firefox version's README: https://github.com/EFForg/privacybadgerfirefox/blob/eb1055c4...
We do have a preloaded list of third-party sites to not block because they would cause too much breakage. Note that because PBadger is in alpha, this list is very short right now: https://www.eff.org/files/cookieblocklist.txt
It's maintained by EFF, and more things will get added as time goes on.
Add mail.google.com!! I took the time to go to google accounts, re-login, disable the blocking on the various sites (accounts.google, mail.google etc.) to get it working, but I can imagine breaking gmail will be a quick route to "uninstall extension" for many people. :)
UGH, you're right. Ok, let me explain this. We whitelisted google.com but it was not anticipated that, in the general case, we should really whitelist all subdomains in order not to break sites.
Note that Privacy Badger uses a browser history-dependent algorithm for blocking - when you first install it, it doesn't block anything because it assumes that third-party trackers are innocent until proven guilty. When it sees you being tracked on 3+ first-party domains by a third party, it either blocks or cookieblocks the third party. I wrote up a basic description of the algorithm here: https://github.com/EFForg/privacybadgerfirefox/blob/master/R...
So if you're testing Privacy Badger on a profile with no browsing history, it is bound to do worse than other extensions. You have to "prime" it with some browsing data before it's really effective.
I see, so this means results for Privacy Badger reflect a worst-case scenario. I've added links to the proper section in the Privacy Badger's README file.
Unfortunately not, if you use Incognito by default (other than being able to see who's tracking you and toggle the settings manually). We could add a feature to optionally save data in Privacy Badger between incognito sessions (or use data from the non-incognito sessions to determine which sites to block in incognito sessions).
In Firefox, PBadger Alpha doesn't have permission to operate in Incognito mode yet, so it will just be off.
Hi, I'm an EFF staff technologist and wrote most of Privacy Badger Firefox (though I didn't come up with the idea). It's often hard for us to find projects like yours, so we appreciate developers contacting us and telling us about them directly. It's possible we can find a way to work together, if you'd like. Email me: yan at eff dot org.
Disclosure: I didn't work on Privacy Badger Chrome but at least I can fwd you on to the right people. :)
Sorry, that does sound frustrating. I joined EFF partly because it was a good way to make software that people would actually use.
(One constraint that most people may not realize is that EFF has very strict privacy policies for our tech projects. There's lots of projects I'd like to do, but the lawyers probably wouldn't approve. So there's plenty of room for other developers to do projects that step over lines we wouldn't cross.)
Hi, I'm the main author of Privacy Badger's Firefox version. You are 100% right; I'll point this out to the text authors.
On the other hand, EFF's fanbase is generally very technical compared to the average person and I'm sometimes afraid of coming off as imprecise or belittling to them. Striking the balance is hard.
