Quoting Craig Sanders (cas@taz.net.au):
there's also the abine do-not-track plugin for firefox and chromium which blocks tracking spyware.
https://www.abine.com/dntdetail.php
i use it in addition to Noscript and Adblock Plus.
I respect Abine's offerings very much. For a proprietary software company, they seem extremely benign and very nice people. Abine is the company that took the indispensible Targeted Advertising Cookie Opt-Out (TACO) project proprietary, _but_ they then cooperated and shared information with the subsequent open-source fork from the last open-source version of TACO, a very nice project called BeefTaco. Such cooperation is very commendable and speaks well of them. They're so benign and such nice people that I feel like a bit of a heel in pointing out -- yes, sorry -- the fact you didn't mention (no criticism implied): Abine's do-not-track-me (DNTMe) plugin is proprietary software. And so is Abine Do Not Track Plus. I personally am reluctant to run proprieary extensions, but others will no doubt find great value in that.
*.googleapis.com is also a worry...e.g. the number of sites that use jquery hosted from ajax.googleapis.com rather than their own local copy is astounding. don't they realise that that's yet another web bug that potentially allows their users' identities to be linked across multiple sites by google? or do they just not care? developer convenience trumps security.
Very good point. FWIW, I notice that when I use my trick of resolving advertising / tracking / data-mining domains locally by declaring my nameserver authoritative for them, and even more so when I do that _and_ use the totally indispensible NoScript extension, I and all other users of my infrastructure enjoy _not only_ better privacy and security, but also better Web browser stability and performance. The difference is remarkable.
there's also a trend to make sites impossible to use without javascript.
Yes, I've noticed this. Evil. ;->
we're pretty much at the point where if you want to read something online, you have to allow it to read you too.
I'm still fighting the good fight.
most users don't know, and don't care. worse, they don't even know that they should care, least of all WHY they should care.
Quite so.
nice, but i would suggest a script to generate those zone definitions from a simple list of domains. it's easier and less error-prone to edit and manipulate (sed, perl, etc) an unformatted (one domain per line) list than it is to manually copy-paste-edit zone definitions.
e.g. add 'include "/etc/bind/named.conf.ad-zones";' to named.conf and adding/updating the blocked zone list becomes: 1. edit ad-zones.list, 2. run "make".
[snip] Oooh, shiny! Thank you, I will have a look at that, after I've sobered up (from the aforementioned Amarone Classico), caught up on a sadly large number of other neglected tasks, etc. I really appreciate your taking the effort. Thanks again.