As soon as you browse the internet with your browser, you will soon be followed by numerous trackers. Extremely annoying for those who value their privacy, and all those accompanying advertisements are not exactly desirable. We show you how trackers work, but especially how you can (largely) prevent yourself from being closely followed.
When you surf to a website, the web server sees your IP address. Unless it is a fixed IP address that is linked to your domain name, for example, that IP address leads to an address pool with your internet provider and does not just reveal your identity. You can check this by requesting your external IP address, for example via www.whatismyip.org, and then passing it on to a service such as www.db.ripe.net/whois.
If you prefer to keep your IP address secret, you can use an anonymizing browser such as Tor, whether or not virtualized with Whonix. Or you use a reliable VPN service that hides your IP address. But don't think that you're putting trackers completely at a dead end with this. They use even more resources to track you. You can read about which techniques these are and how you can protect yourself against them in this article.
01 Browsers
No browser is like the other, not even with a view to your privacy. If you think Tor is a bridge too far, Firefox may be the most appropriate browser, if only because it's about the only popular open source browser that doesn't use its own components. Admittedly, Chromium (on which Chrome is based) is also open source, but that is linked to Google. If you still like to stick to the Chromium concept, then you should definitely consider Brave. This free open source browser has built in some techniques that specifically take on trackers and ads. And it must be said: the latest Edge Chromium browser also pays extra attention to privacy and trace prevention.
However, in this article we mainly focus on the most popular browsers: Chrome and Firefox.
02 Cookies
We are undoubtedly kicking in an open door: cookies are still a widely used means of tracking you. To prevent cookies from being stored permanently, you can surf in private mode in both Firefox and Chrome. If you also want to limit tracking in normal browser mode, you would do well to at least block third-party cookies. Suppose you visit site X that contains a link to the site of an advertising agency, and then you visit site Y where the advertising agency also has a link, then that agency can read the previously placed cookies and it knows that it is about the same person – at least, it's the same browser.
By default, third-party cookies are allowed, both in Chrome and Firefox. In Chrome you block it like this: tap chrome://settings/content/cookies in the address bar and set the switch to Block indirect cookies on from. You can also reach this function via the menu, then go via the three dots to Settings / Advanced / Privacy & Security / Site Settings / Cookies & Site Data. In Firefox, enter about:preferences#privacy in or navigate via the hamburger menu to Options / Privacy & Security where you at Browser Privacy the option Amended ticks. We recommend that you check all options here. Specifically at Cookies can you then All third-party cookies Selecting. If that causes too many problems when surfing, choose Cross-site and social media trackers.
03 Fpi
Firefox has built in a useful feature against cross-site tracking via third-party cookies: First Party Isolation (fpi). Basically, such cookies, as well as other surfing data such as the browser cache, can only be accessed within the current domain and therefore no cross-site tracking is possible. You activate this function as follows: Tap about:config in, search for first party and then double click privacy.firstparty.isolate so that the value at true is set. If this unexpectedly causes problems, you can soften that setting a bit by selecting the other two options here false configure. If you want to be able to enable or disable this fpi function with one mouse click, you can install the First Party Isolation extension.
Although you will find the concept of 'site isolation' in Chrome, it is more aimed at countering malicious attacks and does not prevent cross-site tracing. If you want to sharpen this function, tap chrome://flags in, search for isolation, sets Disable site isolation on Default and set Strict Origin Isolation in on Enabled.
04 Ad blocker
To prevent web servers from collecting your surfing data, you can activate the dnt (Do Not Track) function. In Firefox you reach this function on the page about:preferences#privacy (or through the hamburger menu / Options / Privacy & Security) where you All the time switches on at Sending websites a 'Do Not Track' signal to let them know you don't want to be tracked. In Chrome you will find the function by chrome://settings/privacy in the address bar or go through the menu to Settings / Advanced / Privacy & Security. Turn on the slider here Send an untrack request with your browsing traffic. However, you should not expect much benefit from this: it is a simple request and most web servers do not respond to it.
So coarser artillery is needed, in the form of an ad and content blocker. One of the better ones is uBlock Origin, available as a plugin for Chrome and Firefox. uBlock Origin works on the basis of filter lists and many domains are already blocked by default. You manage the plugin from the dashboard: click on the corresponding icon to the right of the address bar and then on the button with the sliders. Open the tab Filter lists and preferably leave the check marks on all filter lists.
Sometimes it happens that websites refuse to show content as soon as they notice that you have an adblocker running. Then you basically have two options: you can add that website to the whitelist of uBlock Origin (all you have to do is click on the icon and press the blue start button) or you can install an anti-adblock blocker over it (see box 'Anti-adblock blocker').
Anti-adblock blocker
Do you find it too often that no content is displayed on websites because you have installed an adbocker? Then you can counter that by installing an anti-adblock blocker like Nano Defender in Chrome or in Firefox.
To integrate Nano Defender into uBlock Origin, you still need to perform a few more steps, as described here. Carefully follow all instructions from the browser where you have both uBlock Origin and Nano Defender installed.
So at Step 3 you serve the tab Institutions in the uBlock Origin dashboard and check I am an experienced user. Then click on the gear icon behind this item and replace unset in the bottom line at userResourcesLocation by what is mentioned. Confirm the adjustments by pressing the button Apply changes to press. The other steps speak for themselves.
Then when you click the tab Filter lists opens, you will be at Amended three Nano filters appear.
05 CDs
Many websites use javascript and gratefully make use of frameworks that include commonly used javascript functions. They usually get these frameworks from so-called content delivery networks, or CDNs, with Google being one of the most popular. This retrieval of frameworks from cdns ensures that your ip address and other browser data also go to the cdn, so that you are also traced along that route. The browser plug-in Decentraleyes, available for Chrome and Firefox, among others, ensures that the most commonly used frameworks are made available locally for your browser, after which attempts to access a cdn are automatically redirected to the local framework. That protects your privacy and it also works just a little faster. You can test the situation before and after the installation of Decentraleyes. If you also have uBlock Origin running, it can actually prevent the retrieval and updating of the local JavaScript libraries. www.imgur.com/3YwdpGP tells you which domains you need to add to uBlock Origin's exception list for it to work.
06 Scripting
You can of course go further and block all (java) scripts instance. After all, it is often thanks to such scripts that web servers are able to identify you based on all kinds of browser characteristics (so-called browser fingerprinting). With a simple mouse click you can find out on AmIUnique or Panopticlick to what extent your own browser is unique and therefore identifiable.
However, the popular browser plug-in NoScript (available for Chrome and Firefox) lets you decide which scripts and other content you want to run. Clicking on the NoScript icon will give you additional feedback. This way you can see which domains are involved and you can indicate whether you consider the external parts of the domain in question to be Trusted (which allows you to), Time. Trusted (allows only for the current visit), Not trusted (which blocks them) or Default. In the Options you can indicate yourself which elements you want to block or not for each zone. Open the tab General and click on each of the three zones: by checking the boxes, you decide what you want to allow in each zone. On the tab Permissions per website you can adjust the trust zone for every website visited.
07 Referrals
Just a little experiment: start Firefox, surf to www.google.nl, enter 'computer!totaal' and click on the link that leads to the Computer!Totaal website. Then right-click on an empty spot on that webpage and choose View Page Info. At Referrer URL you can now read //www.google.nl. This is the so-called referer that is forwarded to a visited website by default via the http headers. This practice is dubious for your privacy, because not only the website now knows where you come from, but also any advertising or social media networks that have content on that webpage. Such a URL can also contain extra sensitive information - how about this referer, for example: //www.healthcare.gov/seeplans/85601/results/?county=04019&age=40&smoker=1&pregnant=1&zip=85601&state=AZ&income=35000'?
However, in Firefox you can prevent this referer information from being passed. Tap about:config on the address bar and search for network.http.sendRefererHeader. Double click on this item and change the default value 2 in 0 if you want to block all referrers from now on. Set this to 1, then referers are only stopped when images are loaded on a page.
Chrome has no built-in anti-referrer feature. However, the Referer Control browser plug-in is available for both Chrome and Firefox. This even allows you to determine, down to the site level, how you want the browser to deal with these referring URLs.
08 Parameters
The URLs themselves can also contain information that can be useful to trackers, such as the 'ValueTrack' parameters in Google Ads. For example, if an advertiser includes {lpurl}?network={network}&device={device} in their tracking template, the url will become something like www.thecompany.com/?network=g&device=t, so that the advertiser knows that you clicked on that link via Google and from a tablet. Google Analytics also makes good use of url parameters (recognizable by &utm in the string).
The browser plug-ins ClearURLs and Neat URL, available for both Chrome and Firefox, strip such parameters from the URL before passing it to the web server. We briefly review Neat URL here. After installation, the plug-in is automatically active. To make some adjustments here, right-click on the corresponding icon and choose Preferences. On the tab Options see you at Blocked parameters an overview of the parameters and you can add your own parameters, albeit according to certain rules. You need to confirm your changes with Save preferences. For example, if you add param name to this, it will parameter be banned from every URL. An item like q@*.google.nl causes the parameter q exclusively in google.nl, albeit including subdomains (*), is cleared. However, this is not an example to implement yourself, because this will make your searches in www.google.nl no longer work.