privacybadger icon indicating copy to clipboard operation
privacybadger copied to clipboard

Published 20 hours ago verified publisher icon EFForg

Detect and block tracking pixels

Open pritha90 opened this issue 8 years ago • 7 comments

Identify and block the presence of tracking pixels in emails opened using the browser.

pritha90 avatar Mar 31 '16 22:03 pritha90

Can PB just blacklist known email tracker domains? Or should this be a toggle feature with a button and some indicator that it is working in emails? I found a list of trackers and am thinking you can stop 1x1 img from downloading if it comes from that domain?

Anyway, I want to work on this, but don't know which way PB wants to go re: blacklist vs visible toggle button

n-sayenko avatar Oct 17 '17 02:10 n-sayenko

As a matter of principle, Privacy Badger must not maintain blacklists. This makes our job harder.

This feature would probably be a new kind of tracking heuristic where Privacy Badger would decide whether certain image resources were tracking pixels (tiny image dimensions with a non-trivial query string?) and then learn to block the domain (probably) the pixels are served from. This might be the same task as https://github.com/EFForg/privacybadger/issues/367#issuecomment-295314135.

ghostwords avatar Oct 17 '17 03:10 ghostwords

Related: #1635.

ghostwords avatar Oct 17 '17 03:10 ghostwords

I'm going to have a go at implementing this.

@ghostwords

non-trivial query string

What decides if a query string is non-trivial?

Possible conditions:

  • number of parameters >= 3
  • query string length > 120
  • a parameter key containing "id"

troy-lamerton avatar Sep 02 '18 18:09 troy-lamerton

Since there is so much overlap between #2088 and this, should we put a hold on this issue for now? @bcyphers already opened a PR.

What decides if a query string is non-trivial?

I was thinking of reusing either our HTML5 local storage entropy estimation function or the one for cookies.

The main technical obstacle with general-purpose pixel detection seems to be that there doesn't seem to be a way to get image dimensions from inside chrome.webRequest listeners. That might be fine, we could just go by querystring contents. I think #2088 is about taking querystring values and comparing them to known tracking values (retrieved from cookies).

ghostwords avatar Sep 04 '18 21:09 ghostwords

Yeah, this is tough. I think we need to update the entropy function (per #2088), and after that it might be worth applying the same kind of heuristic to email pixels.

@ghostwords I think querystring contents alone are fine; a tracker is a tracker whether it's attached to an invisible pixel or a banner graphic. To be less invasive, we could just try stripping off high-entropy query params from image requests in emails.

bcyphers avatar Sep 04 '18 22:09 bcyphers

Relevant study: "I never signed up for this! Privacy implications of email tracking" (from Proceedings on Privacy Enhancing Technologies 2018)

ghostwords avatar Jul 15 '19 22:07 ghostwords