Loading Profile...
Twitter,
Facebook, or email.
Hello,
Ghostery is a great tool for detecting what stuff goes on under the hood of a webpage. Compliments! :-)
There is one thing though that surprised me: Ghostery always alerts for the use of Google Analytics (GA) if the 'ga.js' file is loaded.
However, this way of detecting is too crude: you can disable GA, even if the 'ga.js' has been loaded. Check out this page for more details:
https://developers.google.com/analyti...
On our website we use this feature of GA to disable it for people that have not yet opted-in; in those situations Ghostery gives alerts that GA is being used, which is definitely not the case.
Hopefully you can optimize Ghostery so visitors don't get alerts on websites that use the feature to disable GA.
Cheers,
Mark.
I’m
disappointed
Ghostery shouldn't detect a disabled Google Analytics
-
Hi Mark,
This shouldn't apply to Ghostery for Chrome or Safari, since detection/blocking there is entirely based on intercepting actual HTTP requests.
Which browsers did you test with?Comment -
-
However, if "disabling" the tracker still ends up loading the remote script, then Ghostery is correct in detecting/blocking that tracker.
-
-
Hi Alexei,
Thanks for your quick responses!
Disabling the tracking will not prevent the loading of the "ga.js" file and that is what sets off Ghostery.
I'm willing to question if Ghostery is correct in its judgement that "Google Analytics" has been triggered/fired. The JavaScript file has been loaded, but no tracking cookie is set and also no (tracking) event has been registered at GA.
Regards,
Mark. -
-
CHAMP
1It's the difference between using opt-out cookies and using a blocker.
The ga.js tracking snippet now includes a window property that, when set to true, disables the tracking snippet from sending data to Google Analytics. When Google Analytics attempts to set a cookie or send data back to the Google Analytics servers, it will check for whether this property is set to true. If it is, it will have the same effect as if the visitor had the Google Analytics Opt-out Browser Plugin installed.
Ghostery's job is to detect, and to optionally actively prevent the loading of tracking-capable elements. Opt-out cookies and settings are outside of Ghostery's purview. -
-
Hi Alexei,
I ran into the same issue as Mark Koenen describes.
"Ghostery's job is to detect, and to optionally actively prevent the loading of tracking-capable elements.
Opt-out cookies and settings are outside of Ghostery's purview."
In my opinion the ga.js is not a tracking-capable element because:
- The ga.js is served from browser cache when possible, it cannot track when served from cache
- There is not much difference between downloading the ga.js or the jquery.js from google’s CDN
- The ga.js is the same for all webistes, it doesn’t contain tracking codes
- The ga.js doesn’t place third party cookies on the client regardless if the user did opt-in or not
- The ga.js just contains an API
It would be better to block/warn about the "utm.gif" request, https://ssl.google-analytics.com/__ut......., because this is the request which is used to place tracking cookies and gather statistics.
Benefits:
- No false warnings about Google Analytics which makes Ghostery more reliable
- No javascript errors when the Google Analytics API (ga.js) is blocked (or no hacks required by Ghostery to make the website work when ga.js is blocked) -
-
CHAMP
1This is not a false positive. If blocking is enabled, the script should never be loaded under any circumstances and the associated DNS lookup should never occur. I don't buy the "unloaded gun" argument.
-
-
I agree with Eric. It should be blocked, period. If it has the potential to track, even by a simple DNS query or by just downloading a file (IP address is always recorded) then it should be blocked and the DNS query never made.
-
