How to prevent yourself from being tracked online

Subscription Management

Slimjet 1.2.9 Release

We are happy to announce the release of Slimjet 1.2.9 which patches a critical security hole and adds a series of privacy-enhancement features. For the full list of new features, options and bug fixes, please visit the "What's New" page. With the quick advance of advertising (or tracking) technology in recent years, protecting your privacy is harder than ever but also more important than ever. Slimjet is fully committed to the goal of being the browser that offers the best protection for your security and personal privacy.

Critical Security Update

The security hole we patched was caused an exploit on SSL 3.0 protocol called POODLE recently discovered by a couple of Google employees. The solution to this problem is to disable the support of SSL 3.0 completely in the browser. In response to the POODLE exploit discovery, we have chosen to disable SSL 3.0 by default in Slimjet 1.2.9. If you have trouble connecting to some legacy web sites, you can manually enable the support of SSL 3.0 by changing the option "Minimum SSL Version" to "SSL 3.0" in the "Security" section of the settings page. You are advised to update to Slimjet 1.2.9 promptly to avoid being exploited by hackers.

Are you Being Tracked?

The answer is YES for the vast majority of us. How many of us have experienced something similar to this: you checked on some new features of a Ford 150 truck on www.ford.com. Several days later, you open Yahoo.com to read some news and you see an image advertising Ford 150 right in front of your eyes. Feeling rather creepy, right? That's only achieved by the most basic form of tracking.

The "Private Browsing" or "Incognito" mode offered by modern browsers are giving users a false sense of security and protection. In most cases, it does no more than protecting you from being spied on by someone under the same roof, such as your spouse or colleagues. The truth is, even if you leave no browsing trace on your local computer, you are constantly being spied on and tracked by the advertising companies. Your identity is associated with your IP address, the websites you visited, the user agent string of your browser and even the fingerprint of your GPU. Every single piece of information is not that worrisome by itself. But when put together, these information can be easily and uniquely tied back to a single identity like yourself. A big advertising company like Google offers so many popular web services and they can know so much about you without your being aware of it. If you don't have a Google account, all they know is that a certain somebody likes to do this and that. If you have a Google account with your real name, Google knows exactly it is you that do so many things online. They even know your whereabouts if you are using one of the android phones. Yes, Google does no more than send you highly-targeted ads in most cases. But government agencies request data from Internet companies all the time. Companies such as Google, Microsoft and Apple have all admitted to submitting data based on government requests.

New Anti-tracking Options

As is well know, Chrome, IE and firefox all offer an option to send a "Do Not Track" request to the servers being visited. Unfortunately, the "Do Not Track" request is not honored by most advertising companies, including the omnipresent Google. Therefore, we have added more anti-tracking options in Slimjet to better protect your privacy. These options can be found under the section "Privacy->Tracking Prevention Options" in the settings page. We will go through these options briefly one by one.

1. Block cross-domain HTTP referrer

When you navigate from a web page to another, the web server of the destination web page receives the URL of the original web page as the "referrer". This will tell the destination web server which web site you visited before coming to the destination page. When this option is turned on, no referrer information will be sent when the source web page and the destination web page comes from different domains.

Navigation activities between web pages within the same domain are not affected since many web pages check for same-site referring url to avoid being spammed. The web server knows all your browsing trace on this particular server anyway from the server log.

This option might affect the proper operation of some web sites which checks for referrer between different domains. If it causes problem for you, you should disable this option.

2. Block social network javascript on third-party websites

When this option is turned on, most social network javascript (from Facebook, Twitter, Google+) used on third-party websites will be blocked. The social networking sharing widgets/buttons ("Share", "Recommend", "Like", "Follow", "+1", etc) will not be visible on third-party website as a result. If these scripts are not blocked, companies like Facebook will know what websites you have visited. When you are back on Facebook website, Facebook will send you targeted ads based on the websites you have visited.

3. Block Google ads on third-party websites

Many third-party web sites show Google ads using Google's adsense technology. When you visit such web sites and view the ads served by Google, Google automatically knows you have visited these web sites by associating your browsing activity with your IP address. Google will use these information to send you highly-targeted ads when you browse other web sites. That's how you get tracked even if you are not using Google as a search engine. Turning on this option will block all the Google's ads on third-party websites and prevent Google from knowing your browsing activities.

4. Replace indirect link in search engine results with direct link to original site

Some search engines (most notably Google) use indirect links in their search results instead of direct links to the original web sites. Whenever you click on any of the search result, your clicking activity associated with your IP address and other browsing identifications will be recorded by their server. When this option is turned on, the indirect link will be replaced with the direct link to the original web site when you click on a search result. It prevents you from being tracked by the search engine companies and speeds up the navigation by eliminating unnecessary indirection.

A simple recommendation for the above options: You can turn on option 2-4 without any negative effects. However, use option 1 with a little bit caution since it might affect the proper operation of some web sites.

The Good Old Ad Blocker

In addition to the privacy enhancement options mentioned above, it's always a good idea to install an Ad blocker extension which blocks the ads and improve your privacy protection. In Slimjet, you can install the Adblock Plus extension with a single click via the menu "Tools->Install Ad Blocker Extension". In the occasional case that it messes up your page rendering, you can click on its extension button and choose to disable it on a per-site basis.

---------------------------
You have received this email based on your voluntary subscription to Slimjet newsletter. If you don't wish to receive this newsletter any longer, click here to unsubscribe from it.

Please DO NOT reply to this email directly. If you have any feedback regarding this issue of newsletter, or if you want to make suggestions regarding what we should cover next time, please let us know.