Of course, the fact that Google Tag Manager exists in the first place is also a problem.
… and Palantir which will, shortly, be so tightly intertwined with the US government they will have the full combination of Government + Private Industry spying. They will be the black-ops mercenary for digital tracking in the US.
[Edit: And who names their company after an evil orb connected to the power of the ultimate embodiment of evil (Sauron) ???]
well, switch off javascript and watch this site!
i followed advice to default to javascript disabled.
Yeah, I know. The author did mention that lots of websites wouldn’t work without it. It’s unfortunate.
yes, that’s what i am doing right now!
not much left right?
Reminder that there’s always the nuclear solution (AS number blocking) against digital surveillance companies: A guide on how to completely block Fb and other companies
It’s one of my favorites, along with Pi-hole, NoScript, uBO, Privacy Badger, and Blokada5 on degoogled Android. [EDIT: and my VPN provider’s filter lists.]
Google, unfortunately, has so many different AS numbers, that it would be difficult to find the right one(s) to block and still be able to get through gatekeeping at millions of sites.
I have just sent the case to my local data protection authority.
So currently there is no solution for Google?
against 1st party there no protection. no pi-hole, no pfDNSBlocker.
tell your data protection officer.
Unless you want to run numerous blocking services for the whole list at https://bgp.he.net/search?search%5Bsearch%5D=google&commit=Search
Or try each one to find the ones that are worth blocking.
Personally, I just block Google Tag Manager in browsers, Pi-hole, my VPN’s blocklist, and Blokada5 (on degoogled Android), as well as other Google nastiness I come across, and which doesn’t interfere with various websites’ functioning/access.
NoScript.
the HTML tag or the AddOn?
first, plain HTML, yes (less surveillance).
second, the Addon, no!
I was referring to the Add-on. Start with all scripts disabled, then allow only the ones you want. Is that ineffective?
GTM is injecting
<script src="https://3rdparty-server/3rd_party_myscripts.js"></script>
can be blocked!
or GTM is injecting the content of “3rd_party_myscripts.js”
than its coming from 1st party server.
its impossible to block this!
Depressing!
if you want a working website its pants down.
Reviewing my own OP, that was, in fact, explained in the second link:
…Google is now driving Tag Manager into the first-party domain, switching from third-party to first-party cookie usage…
I guess it didn’t sink into my brain. Lol.
i am currently doubting the accuracy of the articles.
How about this?
General web browser:
- disable javascript universally (uBO)
- disable service-workers (as a fallback measure)
- re-enable javascript per website if and as necessary; service-workers still blocked via
about:config
) - block all cookies, then allow necessary cookies ad hoc
- delete all cookies on exit
Separate web browser (in my case, mainly for financial account logins):
- whatever doesn’t disrupt things so much as to prevent site use
Plus all of one’s usual privacy and anti-fingerprinting tools.
Perhaps the only true remedy is legislative.
Beyond that, because government is often part of the problem rather than part of the solution, gemini ? However I must admit that I myself have not yet dabbled in gemini.
Just for fun I am blocking a number of subnets that are ostensibly part of the Google cloud. It is interesting to see which web sites and functions immediately break - and to measure how much I really want to use those - and how infrequently I will use those when I have the inconvenience of closing applications and lowering shields beforehand in order to use those.
This is of course on top of “PiHole” and PrivacyBadger.