NoTrace for Firefox protects users against privacy threats on the Internet

Martin Brinkmann
Jan 2, 2014
Updated • Jan 6, 2014
Firefox, Firefox add-ons
|
24

Chance is, that if you are using the Internet, that you are tracked on it to a certain degree. From basic stats recording on websites over advertising cookies to advanced forms of tracking that use fingerprinting, plug-ins, or header information.

What makes most of those threats hard to grasp is the fact that everything is happening in the background. Websites display just fine, and if you do not run software that informs you about privacy issues, or check cookies or other data forms manually, you do not really know how much tracking is going on.

There are ways to limit the tracking that you are exposed to. You can block third-party cookies for instance in the browser, enable Do Not Track, or install extensions such as NoScript to prevent many script-based tracking techniques such as the one used by Google's Analytics service.

NoTrace

Update: According to some reports, enabling the Delete Flash cookies option on Linux systems deletes more data than this. It is suggested not to enable that option if you are using a Linux distribution.

NoTrace is another add-on for the Firefox web browser that provides you with protection against privacy threats on the Internet. Unlike many other extensions, it also attempts to raise awareness of issues.

Once you have installed the extension in the browser and restarted the program afterwards, it will automatically function on any site you visit.

You notice a new icon in Firefox's address bar, but that is about it in regards to interface modifications. What you may notice however is that some web elements may not load properly anymore.

A left-click on the extension icon displays a context menu with options to load the various configuration menus and informational menus that the program makes available.

Control Panel

All preferences are configured here. You can set a default protection level here for instance, with choices ranging from low to customizes, which differ in what is being allowed to pass through, and what is blocked.

Generally speaking, the level of protection defines how web tracking, potential personal information leaks, and third-party activities and ads are handled by the extension.

Personal Information:

  • Disable http cookies
  • Filter out potentially identifying HTTP headers
  • Filter out cookies and referrer in JavaScript
  • Disable META cookies and redirects
  • Filter out web images
  • Disable JavaScript execution
  • Filter HTML noscript tags

Web Tracking:

  • Disable third-party JavaScript executions
  • Filter out third-party images
  • Filter out web bugs
  • Disable third-party HTTP cookies
  • Filter out objects from top-10 third party domains
  • Disable Flash cookies
  • Disable hidden third-party scripts
  • Disable ad-network cookies
  • Delete HTML5 LocalStorage data

Third-Party Activities and Ads:

  • Block requests for third-party objects
  • Filter out third-party objects with "?", "=" or "&"
  • filter out advertisements
  • No Fingerprinting

What's interesting here is that the number of objects and items that you have encountered since you have installed the extension is displayed here for each item.

You can click on those objects to get a detailed list of each object so that you know from where it originated.

Some of the options provided alone make this is a worthwhile extension to install. Options to filter web images, web bugs, third-party images, or fingerprinting could persuade you to give this a try.

That's however not the only thing that the extension has going for it. It comes with a whitelist that you can use to allow sites to bypass the privacy restrictions that you have set in place. Here you can either add sites manually to the list, or import a text file that contains a list of domain names that you want whitelisted.

Show Blocked Objects

blocked-objects

If you run this command, NoTrace will display all objects that it has blocked on a page. Each element is listed with its URI, and a classification such as web tracking.

There is unfortunately no option to unblock elements right from the list.

Show History

The window displays a history of all blocked objects ever since you have started to use the extension. Locations are sorted by domain, so that you can access all blocked objects of a particular site at once.

Show Privacy Leakage

personal-information

Another interesting window full of information. It provides you with an overview of some of the requests that a website that you are connected to makes.

Objects such as cookies, third-party requests or third-party images are listed here, and you are informed if personal information are leaked by the site.

Closing Words

NoTrace is a useful privacy extension for Firefox that adds a whole array of privacy related blocking options to the browser.

It will take some time to configure the service the way you want it to run, but once that is out of the way, it should run by itself from that moment on.

Even if you are using something like NoScript, you may benefit from the extension thanks to its impressive number of blocking options.

Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. pual said on January 30, 2014 at 6:54 am
    Reply

    Firefox has deleted any and all negative reviews of this add-on.
    Sorry but this add-on truly is not what it’s cracked up to be. Despite being in-bed with Firefox.

  2. cahil said on January 28, 2014 at 2:09 am
    Reply

    am i the only one a bit perturbed by this add-on own whitelist..
    ..of sites they feel are just fine..
    like akamaihd.net | fbcdn.net..also once i installed this
    and later removed..the extension did not entirely remove itself..

  3. Mitch said on January 17, 2014 at 8:53 am
    Reply

    I can recommended Customized Protection with all but Filter out Web images and third party images, and Block requests for third party objects check marked. If sites break, like with New York Times I white-list those and have Ghostery take care of it. Works like a charm.

  4. Mitch said on January 17, 2014 at 6:33 am
    Reply

    The people behind No Trace (Delfina Malandrino) validated its effectiveness in this science paper http://www.research.att.com/~bala/papers/wpes13.pdf.

  5. Transcontinental said on January 6, 2014 at 4:58 pm
    Reply

    I’ve contacted the NoTrace team to know what was becoming of the add-on when latest version is a year old. Answer was (2014-01-05):

    “our project NoTrace is active. We will add an updated version of NoTrace and a new Firefox mobile version soon.”

    So, sounds like the project is on the go with a new version planned.
    Wait & see …

    1. Martin Brinkmann said on January 6, 2014 at 5:11 pm
      Reply

      That’s good news, thanks for the information.

  6. boernie said on January 6, 2014 at 4:40 pm
    Reply

    PLEASE BE CAREFUL WITH THIS ADDON!

    If you are using Linux and check the option “Disable Flash cookies” you may loose your entire data in your home dir!
    It happended to me and a reviewer on Mozilla addons site.

    Martin, could you please add a warning to your Review?

    1. Martin Brinkmann said on January 6, 2014 at 5:10 pm
      Reply

      Done.

      1. boernie said on January 7, 2014 at 11:37 am
        Reply

        I contacted the developers about this.
        They will have a look at this and fix it in the next release.

  7. Transcontinental said on January 3, 2014 at 2:37 pm
    Reply

    There’s a NoTrace version 2.3.1 available at http://www.isislab.it/projects/NoTrace/ under the last link titled ‘NoTrace with personalization functionalities’ which downloads (does not auto-install even on Firefox (my Pale Moon anyway) though it is a XPI file) a notrace@unisa.it.xpi file which has the double size of AOM’s NoTrace 2.3.0 …and which appears once installed to be version 2.3.1. I think the size difference is related to data.
    Problem with this add-on is, as it has been mentioned, the fact it doesn’t seem to be “followed” by the developers. I’ve tried both 2.3.0 and 2.3.1 and they do the job. This add-on can be an extra layer of privacy even with i.e. AdBlock Plus and Ghostery installed. It has a few extras which are worth being taken into consideration. But here I’ll wait & see if the add-on is updated. It was a university program and I’m not sure the students haven’t focused since on other subjects.

    1. imu said on January 3, 2014 at 3:46 pm
      Reply

      Have a look at what that guy proposes for privacy must say I found it very interesting :
      http://security.stackexchange.com/questions/23053/how-to-fight-browser-fingerprinting/23055#23055

  8. imu said on January 3, 2014 at 12:49 am
    Reply

    Martin,what is that opt-out list for? and also could you put some light on this fingerprinting thing you two talking about up there?

    1. imu said on January 3, 2014 at 12:57 am
      Reply

      Ok,found all right here https://panopticlick.eff.org/browser-uniqueness.pdf but opt-out list remains at wonder :)

      1. Boris said on January 3, 2014 at 11:21 am
        Reply

        In this PDF, look at section 3.1 It shows table of all Browser identifiers. Extensions so far are just spoofing “User Agent”. But it is easy to write script or style that can get “Browser plugins, plugin versions and MIME types” and “System fonts”.. if you have more than dosen extensions and some plugins, you can be fingerprinted with 100% accuracy even if you connected though a secure proxy..

      2. Boris said on January 3, 2014 at 11:14 am
        Reply

        Out-out list is the same thing as whitelisting (I think). So if website does not work with your settings, it will be exempt from script blocking and so on. If you seen Adblock filters you will understand that most major websites would not work without some script exemptions.

  9. imu said on January 2, 2014 at 11:18 pm
    Reply

    BTW. You may want to try latest Tails, they have fantastic Windows XP camouflage mode now so you can’t spot any difference :)

  10. Boris said on January 2, 2014 at 11:11 pm
    Reply

    How in the hell are they going to block Fingerprinting? Just changing browser ID does not work. You have to block list of installed extensions and it can be collected in various ways.

    Also using many of those filters will cripple many top websites.

    1. someone said on January 3, 2014 at 8:58 am
      Reply

      “You have to block list of installed extensions and it can be collected in various ways.”
      any tips how to hide or block extensions list ?

      1. Boris said on January 3, 2014 at 11:26 am
        Reply

        True, but how many websites will work without javascript?

      2. Boris said on January 3, 2014 at 11:10 am
        Reply

        Thats the problem. None of existing extensions block access to extensions and fonts list. And with these two lists they can always can fingerprint you. Also unless you use some proxy they can read your IP. Many websites would not function if you block IP detecting scripts.

      3. Martin Brinkmann said on January 3, 2014 at 11:16 am
        Reply

        But that only works if JavaScript or select plugins are enabled.

    2. Martin Brinkmann said on January 2, 2014 at 11:17 pm
      Reply

      Actually, you just have to know what is being used to fingerprint, and make slight modifications to it every now and then.

      1. Boris said on January 3, 2014 at 12:23 am
        Reply

        I am sure you need to do modifications more than ones a year. Updated last a years ago.

  11. imu said on January 2, 2014 at 11:07 pm
    Reply

    Apropos tracking people..

    “Anonymous identifiers on mobile devices
    To serve ads in services where cookie technology may not be available (for example, in mobile applications), we may use anonymous identifiers. These perform similar functions to cookies.

    An anonymous identifier is a random string of characters that is used for the same purposes as a cookie on platforms, including certain mobile devices, where cookie technology is not available.”

    I wonder if I don’t accept any cookies on my laptop’s browser does google feed me with those ?

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.