Archive for the Anonymity Category

NoScript is (again) finalist for Best Security/Privacy Add-On at, show it your love here (you'll need to temporarily allow

Thank you!

Also Firefox's native implementation of the Do Not Track proposal will end using the eponymous header, after all. It will be shrunk to DNT for bandwidth sake, though, without the "X-" and on its way to be submitted as an IETF internet draft.

Waiting for Firefox 4, NoScript has already adopted the new header name, after Jonathan Mayer politely asked me some hours ago.

Firefox embracing "Do Not Track" directly, shortly after Adblock Plus and NoScript started experimenting with it, is great news of course.

Just, why exactly inventing yet another header ("X-Tracking-Choice") rather than reusing the "X-Do-Not-Track" proposal, which had even been endorsed by Sid Stamm himself?

Latest NoScript (2.0.9) supports the Do Not Track tracking opt-out proposal, joining AdBlock Plus in this experiment.

From now on, a web browser with NoScript installed warns every HTTP server it contacts that its user does not want to be tracked, i.e. that his data must not be collected for profiling and persistent identification purposes. I believe this is a safe assumption about the feelings of most if not all NoScript users.

As stupid as it may sound (why parties who are interested in tracking you would comply?), a mean to clearly express your will of not being tracked is going to be useful, especially when backed by law or industry self-regulation, as explained here. Therefore it seems in the interest of NoScript users and privacy-concerned netizens in general to participate in this effort.

In its current release, NoScript allows the "Do Not Track" feature to be disabled or tweaked by opening about:config and editing the noscript.doNotTrack.* preferences:

  • noscript.doNotTrack.enabled (self explanatory)
  • noscript.doNotTrack.exceptions, space-separated URL patterns of destinations which are not sent the "Do Not Track" message
  • noscript.doNotTrack.forced, space-separated URL patterns of destinations which are sent the "Do Not Track" message even if they match exceptions

A GUI for these options, and possibly finer grained controls (e.g. to allow some or all the 3rd party trackers on certain websites only) will be added in future releases.


The header name has been changed in DNT, but the preferences to control it remain the same.

Congratulations to David Baron and the others involved for this well thought out fix :)

Bad Behavior has blocked 1571 access attempts in the last 7 days.