We have tested whether AdBlock Plus really is a secure solution if you want to protect your behavioural data and thereby your private life. Erik Krogh Kristensen, PhD student at Computer Science (AU), has taken a closer look at the code – see his conclusions in the video. He has also re-programmed AdBlock Plus to a ‘light’ tracker to show how unreliable the technology actually is. He explains this in more detail in the video. If you want to test his re-programmed version of Adblock Plus, you can follow his guide below to see what you can potentially track. He has created a light tracking version – but while you have it installed, do not visit sites that you do not want others to be able to see, and remember to uninstall it after use. Erik explains the experiment:
Currently, it only logs information that should be safe to display on a big screen. But what is most terrifying is that such an extension can easily retrieve data which you do not want to be displayed on a big screen, such as all your cookies from all the websites you have ever visited (in my case around 2,850 cookies). They can be used to log in as you on all the websites where you have ticked ‘Remember me’ (I tried it myself, and I could easily log on Facebook only by using the cookies provided by the extension).
If you want to try to install my extension, you can find it here: http://adblock.webbies.dk/adblock.crx
It is a Chrome extension, and before you can install it, you have to activate ‘developer mode’ in Chrome (to avoid Chrome Web Store). Just click on the three horizontal lines in the top right-hand corner, find ‘flere værktøjer’ and then ‘udvidelser’. Then it should be possible to tick ‘Udviklertilstand’ on the top of the page. Tick the box.
Once it has been installed, all the following pages that you visit will appear on http://adblock.webbies.dk/
And I just want to repeat that installing the extension does not pose a security risk. It currently only logs information about which websites you visit, and nothing else.