EFF’s Privacy Badger will deteriorate your browser experience

Privacy Badger is a browser extension available for Firefox and Chromium that blocks third‐parties from tracking your behavior on the web. Using an aggressive heuristics approach rather than the usual curated blacklists, Privacy Badger quite often ends up breaking sites.

Months after installing the privacy‐enhancing browser extension, it will still randomly break the sites you visit regularly.

Privacy Badger icon

Privacy Badger icon

Most blocking extensions work by blocking websites matched against distributed blocklists. What sets Privacy Badger apart from all the other blockers is its use of a heuristic blocker that analyzes the third‐party resources on the web pages you visit to determine if any of them are tracking your web activities or fingerprinting your browser. When the same third‐party is observed to be tracking you across multiple websites, Privacy Badger will start blocking the tracker altogether or stop it from setting cookies.

The heuristics used by Privacy Badger to determine if a third‐party site is tracking your activities on a first‐party site are very simple and only cover the most common ways used for tracking. The “super‐cookies” and other alternative forms of persistent identifiers that have filled headlines over the last few years are not being detected. The project has made it clear that it wants to detect more known tracking methods in the future. As things are looking right now, they’ve got enough of a challenge with delivering a good experience dealing with only the traditional tracking methods.

A heuristic blocker is a very interesting approach and I feel it is superior to the use of distributed blocklists. These lists are curated to the needs and incentives of others and doesn’t necessarily represent the best options for the user. With Privacy Badger, the user must do some surfing before resources start to be blocked, yet it’s only the things affecting the user and the site she normally visits that are blocked. The publishing, tracking, and advertising industries are also being pressured to respect their users’ privacy and reduce their use of persistent tracking, to avoid getting blocked and thus forced out of the market.

The big problem with the heuristic approach is that many websites uses Content Distribution Networks (CDNs) or dedicated domains across multiple websites for the purposes of delivering images, style sheets, and scripts. These are also technically third‐parties (a first party is defined as the domain you’re visiting) but their purpose is not to track you but to either distribute load across multiple servers, better leverage caching, or circumvent arcane limitations in web browsers on the number of simultaneous browser connections to the same server. Due to a mixture of false positives in Privacy Badger and bad implementations plus sloppy testing on many such delivery servers, these often end up being blocked by Privacy Badger.

Images not loaded fallback graphic seen in browsers

Images and style sheets not loading is a daily sight even after using Privacy Badger every day for months.

When these become blocked, websites start to look distinctly broken as some or all of their style sheet and images are blocked from loading. On‐page features (“widgets”) delivered from third‐parties stop working and much of the fun of browsing a beautiful and functional web start ebbing away. Users can click on the Privacy Badger extension icon and choose to unblock some blocked servers from a long list of third‐parties that were detected on the site they’re visiting and possibly blocked. Guessing which arcane domain name from a long list prevented the images you wanted to see or feature you wanted to use from loading is hard. Privacy Badger offers no assistance when it comes to unblocking third‐parties. To make matters worse: you will often have to unblock a set of domains in combination to fully restore the broken pieces of the website you’re trying to bring back to life.

Another troublesome area that I’ve seen many user report bugs to Privacy Badger about is the pervasive blocking of third‐party widgets. Widgets provide functionality to websites such as comment sections, social‐media share buttons, CAPTCHAs. These resources are rightfully blocked by Privacy Badger as widgets are well‐known for tracking users across the web and selling that data to yet other companies. That users want these features and don’t understand how they affect their privacy is an area where Privacy Badger really falls short. There should at least be some educational links if not a full in‐context explanation of how a comment widget can track you across the web. From users’ perspective, Privacy Badger just broke a website or feature they love.

To make matters worse still, this affects more websites the more websites you have visited: A page may work normally the first few hours or days after installing Privacy Badger, as the extension only blocks third‐parties once they’ve been detected on at least three different websites. Something that worked yesterday will mysteriously not function anymore or look broken today.

When using Privacy Badger, I find myself constantly thinking “Is this not loading because something is broken, or is it blocked? Or is the network just slow?” The breakdown seems to be roughly split in the middle between the two options, but you spend more time thinking of it; and even more time unblocking and waiting for slow sites to reload again.

My own website ended up being blocked because I visited some third‐party sites (web based feed readers and blogs) that had hotlinked images hosted on my website onto their own pages. As this site sets some cookies for, my own site was suddenly considered a tracker and was blocked from loading.

Three years back I made an extension that blocked all third‐party content from loading on every website. It completely broke the Web and hardly anything worked. I quickly abandoned it without even publishing it when it became clear it would be entirely unusable as anything but a novelty art project; depicting a less distributed‐asset driven web. Without manual intervention to unblock third‐parties whose content the sites you love depend on — Privacy Badger kind of feels like the useless extension I wrote years back.

Privacy Badger is available for Firefox and Chromium from the project website. I’d not recommend using this extension to anyone without a firm grasp of how the web works and how resource loading is knotted together.

5 thoughts on “EFF’s Privacy Badger will deteriorate your browser experience”

  1. I want to like Privacy Badger, I really do, but the problem you describe – opening a page, say The Oniom – and getting no images happens way too often. I think a hybrid that would allow PB to do what it does, but also reference a whitelist of “good guys” that don’t track you and are necessary for a site to function… is probably not in the offing. O well.

  2. Privacy Badger actually improves users web browsing experience.

    While you complain it breaks the web, the reason it is good is that mass adoption of utilities such as Privacy Badger will (hopefully) break enough badly written/setup web pages chock full of widgets, social media buttons, unnecessary javascript, etc. that they have to change the way they construct the pages.

    And this time, in a more user friendly manner, instead of the current editions of high visibility/high contrast schizophrenia inducing rapidly blinking animated gif ads, etc.

    Breaking the web? Bring it on!

    Someone needs to break the web, to help advertisers know how they are doing things wrong.

    Web pages shouldn’t break because of the way ads load, anyway!

    Privacy Badger & other utilities should disrupt the web enough that they can start fixing things.

    While you are upset at them for breaking the web, I am happy!

    More people should use utilities such as these, so they will start fixing things quicker!!!

    1. “Web pages shouldn’t break because of the way ads load, anyway!”

      Content delivery networks (CDN) are efficient and improve performance and even the battery life of our devices. Any extension that breaks websites that use CDNs will be in for a huge surprise when a laaarge percentage of the top websites stops working.

      My main complaint here was that Privacy Badger not only breaks the web’s largest websites by removing images and stylesheet; it does so a little by little. Causing websites to appear to be working when you first install it, and then frustratingly more and more websites will stop working over time. This is a bad design for any product.

      1. I am with James on this one. The current system of tracking an advertising needs to be destroyed.

        Imagine an internet where we didn’t have to deal with that crap? The only problem is everyone wants the benefits without having to make the sacrifice themselves

  3. ” The current system of tracking and advertising needs to be destroyed ” Agreed, Absolutely ! …The answer is not to give way to the mind numbed Status Quo, someone has got to “make a stand ” so to speak,at some level… I came across this article due to the loss of an area in my Ebay account which was no longer visible after I had installed PB just a day or two ago… Suspected my furry pal might be the culptit ! ( : <

    However, now I have discovered where the problem was coming from, I can, always, if needs be, open another browser….
    More important, however, is to ~ Support the likes of Mr Badger, and any other pertinent endeavor that represents ~Making a Stand, for the Freedom , Privacy and Respect, Both on- and off line, that is the ~ Natural Birthright of every living being upon this planet, yesterday, today, always ….

Leave a Reply

Your email address will not be published. Be courteous and on-topic. Comments are moderated prior to publication.