How much ads and tracking still follow you around?

in privacy •  8 years ago  (edited)

matthew-henry-87142.jpg


Do you ever peek at the "network tab" when you visit a page?

It's mindblowing how many requests your browser makes when you hit an endpoint. For instance: writing youtube.com then hitting Enter.

Have you ever wondered how much of them are ads/tracking, even if you limit to yourself to very trustworthy sites. That's what we'll figure out in this article.

Tools we will be using:

  • tcpdump
  • grep

The setup is literally one command.

sudo tcpdump -n -i any port 53 >> filename


filename can be whatever you want to name it. for example it could be "packetdumps.md"

You can run this command on terminal and iTerm for other command line stuff (using a mac).

The >> dumps whatever from the first command at the end of the file. If the file doesn't exists already, it will be created.

Now, we can cat the filename at anytime and it will print all the packets captured till that moment. (oldest to newest)

Then now, time for a naive grep on the ad domains.

cat filename | grep -E "lead|track|ads"


Come up with your own better regexes, I know the bare minimum.

This is the result from running the command for a few minutes.



Waouh, I still make a lot of requests to some tracking and ads stuff. I mean, I have Https Everywhere on strict mode, Privacy Badger, Adblock and Chrome itself set to "Do not track".

This is probably of a bit of paranoia but I even find myself hopping to Brave with a default setting of blocking scripts, if I really want to check out an http site.

As it turns out Google has the ability to pump you ads regardless of whatever adblocking sets you're using because of an experimental protocol called QUIC (Quick UDP Internet Connections). Brave Blog has an excellent article about this.

I mainly wrote this to learn more about tcpdump but got shocked that still a bunch of ads and tracking are going on.

Credits and Gems:

  1. A must read, seriously: QUIC in the wild, only for Google ad advantage
  2. Julia Evans for her tcpdump tweet
  3. Privacy image thanks to Matthew Henry
privacy ads tracking leads ad-blocking
8 years ago by

Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

  • Disagreement on rewards
  • Fraud or plagiarism
  • Hate speech or trolling
  • Miscategorized content or spam

Submit
$0.03
  • Past Payouts $0.03
  • - Author $0.03
  • - Curators $0.00
8 votes
1
Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  
  • Trending
    • [-]
      ·  8 years ago 

    b0rk Julia Evans tweeted @ 22 Apr 2017 - 15:11 UTC

    working on a few pages explaining all the tcpdump command line arguments I use https://t.co/dUNtI8USpD

    Disclaimer: I am just a bot trying to be helpful.

    Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

    • Disagreement on rewards
    • Fraud or plagiarism
    • Hate speech or trolling
    • Miscategorized content or spam

    Submit
    $0.00