Privacy stuff

Settings

Unlike uMatrix, uBlock Origin (uBO) can't foil cookie headers. For privacy-minded users it is strongly suggested to...

Enable "Block third-party cookies and site data" in "Content settings" / "Cookies".
- It works very well: see "Outbound cookies" in this benchmark results.
- But this may break some sites. For instance, you won't be able to enter comments on YouTube.
- Useful to know: the block also applies to local storage, not just cookies.
Enable "Click to play" in "Content settings" / "Plug-ins".
Disable "Predict network actions to improve page load performance", as this causes DNS queries to be made even for blocked network requests (see issue #232).

Command line switches

These command line switches might be of interest to privacy-minded users:

--disable-component-extensions-with-background-pages
- "Disable default component extensions with background pages" (ref)
- This seems to prevent Hangout Services to be launched by the browser as a background process. Even in Chromium there is such a process launched even if you do not use Google's Hangout.
- With other Chromium-based browsers, maybe more stuff would be disabled, you decide whether this is good or bad.
--disable-background-networking
- "Disable several subsystems which run network requests in the background" (ref)
[add more switch of interests whenever new ones are found]

Another powerful command line switch is:

--host-rules="MAP *.google-analytics.com 0.0.0.0","MAP *.googleadservices.com 0.0.0.0","MAP *.doubleclick.net 0.0.0.0","MAP *.googletagservices.com 0.0.0.0"
- This switch maps those hostnames (or any other ones) to the IP address 0.0.0.0 (ref) and hence blocks them effectively (even on the Chrome Web Store where extensions like uBO are disabled). [via archive.org]
- However, note that blocking those hostnames with that switch might break some websites. That's why blocking them with uMatrix is preferable since you can whitelist them as exceptions for those websites which won't work without them. Alternatively, you could use the important filter option mentioned below.

Regarding EasyPrivacy

In case you were not aware, using EasyPrivacy doesn't protect completely against Google Analytics. So if you were using Adblock Plus (ABP) with EasyPrivacy (as recommended by the EFF), you might have thought you were protected against Google Analytics. This is not necessarily the case.

If you are using uBO, it protects you more against Google Analytics out of the box -- via "Peter Lowe's Ad server" list. Yet, given that an exception filter may exist somewhere in one of the many lists, blocking Google Analytics (or similarly ubiquitous hostnames) is not possible with preset filter lists.

Overriding exception filters

However, in uBO 0.5.5.0 a new filter option important was introduced with the consequence that corresponding exception rules are ignored. Example: Adding

||google-analytics.com^$important

to "Your filters" blocks Google Analytics regardless of existing exception rules. You can restrict this rule to specific domains like

||google-analytics.com^$important,domain=example1.com|example2.com

Or to all third-parties:

||facebook.com^$important,third-party
||linkedin.com^$important,third-party

Twitter widget

It's unclear why this one is not blocked by Fanboy Annoyance, as the list already blocks many other Twitter widget-related stuff. So if you use above list, you may want to add the following to your filters:

||platform.twitter.com/widgets.js$third-party

Gravatar (et al)

Each time you visit a site which pull cute little avatar images aside (typically) a commenter's name, there is a corresponding request to Gravatar's website, and the HTTP referer header contains the site you are visiting. The tracking potential is too much for me, so I block all these requests:

||gravatar.com^$third-party

It's unclear if, and how much this breaks things. But will prevent your browsing habits to be disclosed to gravatar.com. We can live without these cute thumbnails, can't we?

But this applies to any domain which is ubiquitous enough, gravatar.com is just one example among so many.

To deal with this easily, uMatrix is the best tool, as to blocklist a ubiquitous domain with 100% certainty is simply a matter of point and click.

uBlock Origin - An efficient blocker for Chromium and Firefox. Fast and lean.

Wiki home
About the Wiki documentation
Permissions
- Can you trust uBlock Origin?
Privacy policy
- Why don't you accept donations?
Info:
- Source (for developers)
- uBlock Origin Core (Node.js)
- About Safari, Canary, Tor and Kiwi support
- About Google Chrome's "This extension may soon no longer be supported"
The toolbar icon
The popup user interface
- The per-site switches
The context menu
Dashboard
- Settings pane
  - Cloud storage
  - Advanced user features
    - Advanced settings
- Filter lists pane
- My filters pane
  - Static filter syntax
    - Procedural cosmetic filters
    - Resources Library
- My rules pane
  - Dynamic filtering
  - Dynamic URL filtering
- Trusted sites pane
  - How to mark a web site as trusted
- Keyboard shortcuts
The logger
- DOM inspector
Element picker
Element zapper
Blocking mode
- Very easy mode
- Easy mode (default)
  - Easy mode + more privacy
  - Easy mode + enhanced security/privacy
- Medium mode (optimal for advanced users)
- Hard mode
- Nightmare mode
Strict blocking
- Badware risks
Few words about re-design of uBO's user interface
Reference answers to various topics seen in the wild
Overview of uBlock's network filtering engine
- Overview of uBlock's network filtering engine: details
- Does uBlock Origin block ads or just hide them?
- Doesn't uBlock Origin add overhead to page load?
- About "Why uBlock Origin works so much better than Pi‑hole does?"
uBlock's blocking and protection effectiveness:
- uBlock and others: Blocking ads, trackers, malwares
- About "This other extension reports more stuff blocked!"
- About "uBlock is inferior in capabilities as a result of being lighter on the browser"
- Does uBlock protect against fingerprinting?
- Does uBlock have parental control or password protection?
uBlock's resource usage and efficiency:
- Memory footprint: what happens inside uBlock after installation
- uBlock vs. ABP: efficiency compared
- Counterpoint: Who cares about efficiency, I have 8 GB RAM and|or a quad core CPU
- Debunking "uBlock Origin is less efficient than Adguard" claims
- Myth: uBlock consumes over 80MB
- Myth: uBlock is just slightly less resource intensive than Adblock Plus
- Myth: uBlock consumes several or several dozen GB of RAM
- Various videos showing side by side comparison of the load speed of complex sites
- Own memory usage: benchmarks over time
- Contributed memory usage: benchmarks over time
- Can uBO crash a browser?
Tools, tests
Deploying uBlock Origin
Proposal for integration/unit testing
uBlock Origin Core (Node.js):
- Split out uBO core functionality into separate module
Troubleshooting:
- Privileged Pages
- Software known to have uninstalled uBlock Origin
- The removed element reappears when you reload the page
- Read carefully if using uBO/webext on legacy Firefox
Good external guides:
- How to use uBlock Origin advanced user mode tutorial ↗︎
- Firefox: uBlock Origin – Firefox-Kompendium Teil2 ↗︎
- Beginners Cheat Sheet - "Syntax Meanings That Are Actually Human Readable" ↗︎
Scientific papers

Provide feedback

Saved searches

Use saved searches to filter your results more quickly