Priv3, idea & plugin per Firefox, “Practical Third-Party Privacy for the Social Web”
http://priv3.icsi.berkeley.edu/
About Priv3
Did you know that social networking sites like Facebook, Google+, and
Twitter can track your visits to any web page that uses the familiar
“Like”, “Follow”, or “+1” buttons, even if you do not actually click
these buttons?
The Priv3 Firefox extension lets you remain logged in to the social
networking sites you use and still browse the web, knowing that those
third-party sites only learn where you go on the web when you want them
to. All this happens transparently, without the need to maintain any
filters. Priv3 is free to use for anyone.
How Social Networking Sites Can Track You
In order to integrate interactive features—such as buttons, comment
forums, activity feeds, or recommendations—from social networking sites,
authors of web content integrate HTML snippets or JavaScript code
provided by the social networks into their pages.
For example, when you are logged into your Google or Facebook account
and visit a movie review page on rottentomatoes.com, your browser
automatically pulls in the “+1” button from Google’s servers and the
“Like” button from Facebook. These downloads include the session cookies
your browser uses to inform Google and Facebook that you have previously
logged in, and so Google and Facebook automatically learn about your
personal interest in the movie page you’re looking at, even if you never
actually click on either of their buttons.
How Priv3 Works
Blocking simple “web bugs” or “trackers” is fairly straightforward,
because doing so does not harm your web surfing experience. By contrast,
completely blocking social networking features is counterproductive,
because doing prevents you from actually using these features—say to
leave a comment, or to “like” something—when you would like to do so.
Therefore, Priv3 does not block third-party interactions completely.
Instead, it selectively suppresses the inclusion of third-party web
cookies when your browser pulls in content from the social networks, but
does provide them if you decide to interact with the social networking
features. You still see the number of “likes” the page has accumulated
on Facebook or the comments other people left using Facebook’s
discussion mechanism. Facebook however only learns the IP address of the
computer you are using.
Should you decide to interact with the social feature, Priv3 detects any
mouseclick or keystroke directed at the feature. It then reloads it with
your session cookies and passes on the click or keystroke, thus
revealing your identity to the social network and informing it of your
desired action.
Priv3’s Currently Supported Social Networking Sites
Priv3 currently understands the interactive features of the following
social networks:
Facebook
Twitter
Google +1
LinkedIn
We will expand the list in the future, as needed.
Who We Are
We are researchers interested in all aspects of Internet privacy. Our team:
Mohan Dhawan is a graduate student at Rutgers University. His advisors
are Professor Vinod Ganapathy and Professor Liviu Iftode.
Christian Kreibich and Nicholas Weaver are staff research scientists at
the International Computer Science Institute in Berkeley.
Contact Us
We’d love to hear your feedback. Feel free to send email to
priv3@icsi.berkeley.edu.
Other Resources
The Wall Street Journal’s What They Know articles provide an excellent
introduction to the implications of third-party interactions in web surfing.
Ghostery and Adblock Plus are excellent Firefox extensions that provide
complete blocking of third-party trackers and advertising. The privacy
section of Mozilla’s add-on database lists quite a few more.