.. title: An Increasingly User-Hostile Web
.. slug: increasingly-user-hostile-web
.. date: 2017-11-19 14:20:16 UTC+01:00
.. updated: 2018-01-14
.. tags: web, link, firefox, privacy, google+
.. link:
.. description:
.. type: text
This post is the first in a series linking to interesting articles or
papers. The bare links will be paired with some background on why I
think they are relevant for someone else also. The installments of
the series will be easily discernible by the "Too Many Books To Read"
`xkcd comic `_.
The idea for such a series materialized after reading `Against an
Increasingly User-Hostile Web
`_ that I
noticed on the `Hacker News `_
newsletter.
.. image:: /images/books_toomany.png
:alt: Too Many Books To Read
:align: center
.. TEASER_END
Although most of the content of the article wasn't really news to me,
I found the focus and historical context of the article to be very
well suited to ponder the state of the web today. Admittedly I never
had a Facebook account as the "walled garden" aspect of such a service
contradicted the decentralized web that I witnessed first hand during
the 1990s and which kept me away from it right from the start. Also
the way how Facebook sells private information of "clients" for a lot
of money to third-parties made signing up a no-go right from the
start. In this case certainly the saying that "if you are not paying
for a service then you are the product" is spot on, but maybe that's a
topic for another post.
I did however use `Google+ `_ for a
while to find out what such a platform is capable of and if I can
benefit from it. Being in possession of an Android mobile phone, the
account was already there and thus the barrier to using it was very
low. During `three years of using Google+
`_ I found the possibility to
publish content limited in size to be very attractive. Compared to
the effort of maintaining a web site typing in something into the
web-browser to be immediately published was much easier and thus used
also for smaller things. Still the feedback that was also readily
available in contrast to a web site of 90s style showed that there was
_some_ interest even for those small pieces.
Google+ became unbearable end of 2016 as I got more and more
"suggestions" of openly xenophobic content. At the beginning I tried
countering this by reporting what I considered to be offensive
postings, but in the end I simply gave up on it altogether. The fact
that I could not control my own content nor easily transfer it to a
different platform added to my dissatisfaction and finally resulted in
starting this blog under my own full control.
Back to the article, I found the analysis of a renowned news site on
the internet astonishing in its detail. With the help of the
`webbkoll web privacy check tool `_
the author shows that visiting a single news page initiated 430
third-party requests that were handled by parties not authorized by
the person reading the content. These connections are not even easily
visible to the user.
I was prepared for a handful of such requests or maybe a couple dozen,
but 430 was beyond my imagination. As the tool is readily usable on
the internet, I quickly ran a check on `Heise `_
which I visit quite regularly. The analysis shows that it also
initiated 369 third-party requests to a whopping 56 third-party
entities. This result made me think a lot and ponder the current
situation somewhat further.
In contrast to the web checker tool, I do visit www.heise.de with the
Firefox Browser and the `Adblock Plus
`_
extension installed to block the advertisements. As I do not want to
read intrusive adverts and as it has a significant influence on the
page load speed, installing this Add-on was usually the first thing
after installing Firefox on my or any other machine. I will be
discussing the advertisement business model some pages are based on
nowadays separately in a later post. For now I now wondered if
Adblock Plus also blocks those third-party requests possibly conveying
much more information than needed for the sake of presenting
advertisements to me. Together with third-party cookies those
connections can indeed communicate all of the browsing meta-data to
entities that I do not know, nor want to collect personal data from
me.
Now if you belong to the large group of persons who believe that
meta-data is not such a big deal, a presentation that I ran across
recently may lead you to reconsider. The blog `SpiegelMining
`_ shows what modern data
analysis can read out of pure meta-data. If you are interested, then
the nice `video of a talk
`_
given by David Kriesel at 33c3 (German only) gives a nice introduction
to the topic and is absolutely worth watching.
In this light I tried to find out in more detail what Adblock Plus is
doing and quickly ran across the `uBlock Origin Firefox Add-On
`_. As
the `homepage `_
explains, uBlock Origin "is a wide-spectrum blocker that happens to be
able to function as a mere ad blocker". Coupled with the better
efficiency this chimed so well with my research that it was a
straightforward process to switch all my Firefox installations over
to uBlock Origin.
Finally checking `this blog with webbkoll
`_
reminded me that I am also not 100% clean with respect to the privacy
of my visitors. Using `Disqus `_ for the
comments indeed has the potential to transmit meta-data. Also only by
the help of webbkoll I realized that the selected theme for Nikola
requests a font every time the page is visited. In conjunction with
the "HTTP referrer" header this can also potentially be used for
tracking purposes.
For now, I will simply acknowledge this, but maybe this can be changed
in the future. Let's see.
Update 2018-01-14: Moving the Piwik (now called Matomo) analytics to a
sibling domain cleared the false positive previously reported by
webbkoll on the blog, so the last paragraph was adapted to that change.