Tracking code that Meta and Russia-based Yandex embed into millions of websites is de-anonymizing visitors by abusing legitimate Internet protocols, causing Chrome and other browsers to surreptitiously send unique identifiers to native apps installed on a device, researchers have discovered. Google says it’s investigating the abuse, which allows Meta and Yandex to convert ephemeral web identifiers into persistent mobile app user identities.
The covert tracking—implemented in the Meta Pixel and Yandex Metrica trackers—allows Meta and Yandex to bypass core security and privacy protections provided by both the Android operating system and browsers that run on it. Android sandboxing, for instance, isolates processes to prevent them from interacting with the OS and any other app installed on the device, cutting off access to sensitive data or privileged system resources. Defenses such as state partitioning and storage partitioning, which are built into all major browsers, store site cookies and other data associated with a website in containers that are unique to every top-level website domain to ensure they’re off-limits for every other site.
Aside from having uBlock Origin and not having any Meta/Yandex apps installed, anyone aware of additional Firefox settings that could help shut this nonsense down?
I know that people here generally like to shit on Brave, but it seems that the claim “Privacy by default” has held up in this context.
Isn’t that Proton’s tagline?
I feel like that’s all you need. You don’t have their apps installed, so the problem is already solved. If you use uBlock Origin to block their trackers, the problem is solved. So you’ve solved it twice.
Yes and no, I’ve treated the symptoms, but not the problem. All it takes is a trillion dollar company buying a new domain every once in a while to foil uBlock, and now that it’s more known, anyone can create an an app that opens ports and listens for trackers.
Would love it if Firefox would let me block all requests to localhost.