amuck-landowner

Removing 3rd Party "Spyware" from vpsBoard

drmike

drmike

100% Tier-1 Gogent
So, I am hyper critical of the sites I visit these days and even more critical of what is within the pages I visit.

vpsBoard is one of my favorites, but in light of the NSA, FBI and their spying and entities like Google, Apple, Microsoft, AT&T, Verizon, etc. all being willing co-conspirators to undermine human rights, I don't want those spooks directly sniffing me while I visit here.

These are the elements within one page I looked at from vpsBoard with elements that are of concern (i.e. leaking my viewing to third parties):

0. www.google-analytics.com/analytics.js

    - used for fancy traffic reporting.  There are alternatives and free hosted ones with less malicious companies.

1. http://ajax.googleapis.com/ajax/libs/prototype/1.7.1.0/prototype.js

    - PITA javascript crap.  Sure, you need it for wizbang features.  Can we just download this from Google and serve it directly from now on?

2. http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8/scriptaculous.js?load=effects,dragdrop,builder'

    - PITA javascript crap.  Sure, you need it for wizbang features.  Can we just download this from Google and serve it directly from now on?

3. https://www.google.com/jsapi?

    - PITA javascript crap.  Sure, you need it for wizbang features.  Can we just download this from Google and serve it directly from now on?

4. http://data-vocabulary.org/Breadcrumb

   - no idea what this is other than a tree builder for nested navigation --- can't we facilitate without outsourcing something so silly to remote site?

For record, I block google-analytics at DNS level.  Unsure if they ever work their way around that.   I suspect they might.

I typically block javascript, but the software here isn't so great/happy when you do such.

Discuss.
 
MannDude

MannDude

Just a dude
vpsBoard Founder
Moderator
Well, I can stop serving some of that from Google, which I have now. Should be requested from vpsboard.com instead of Google.

Analytics may get replaced with Piwik, but data from GA can't be imported into Piwik as far as I know. Means I need to get a separate VPS just for analytics.
 
drmike

drmike

100% Tier-1 Gogent
Anything you can do @Manndude to address those would be marvelous.

Just being consistent with overwhelming sentiment of the silent majority about privacy, leakage, monitoring, etc.

Very appreciated!
 
notFound

notFound

Don't take me seriously!
Verified Provider
I've blocked Google Ads and Analytics from a long time back, actually back when I was pretty new to computers I noticed when I was on dial up in like 2004 or something that google was loading analytics and wasn't too comfertable with it and asking my mum what analytics could have meant. From that point on I learned what the hosts file was.

Bear in mind I was like 7 years old. ;-)
 
drmike

drmike

100% Tier-1 Gogent
Anal Ticks.... Funny.  Analytics has to be one of the WORST names one could come up with for a product or line or study, ever.
 
MannDude

MannDude

Just a dude
vpsBoard Founder
Moderator
But yes, on a serious note, I will look into replacing Google Analytics with a self-hosted solution. A lot of us (including myself) block most things anyway using Ghostery and Ad-Block Plus. The social media buttons will be removed (again). Scripts should be being served from vpsBoard again and not Google anymore (though some day I will get setup with a proper CDN).

Anything else? SSL version of the site?
 
Last edited by a moderator:
drmike

drmike

100% Tier-1 Gogent
"SSL version of the site?"

That would be awesome if easily doable.

I didn't expect such a quick and complete cleanup.  No offense meant in dissecting things earlier like this.  Figured it was sane thing to pursue.
 
MannDude

MannDude

Just a dude
vpsBoard Founder
Moderator
The social media junk has been removed, don't think it was ever really used anyway.

Google stuff should be limited to analytics right now. May setup Piwik later on another VPS. Have 4 VPSes running for vpsBoard right now, haha. May add that to an existing one to not add an additional cost.

Can add SSL logins soon, though a bit more customization will be required to make the entire site accessible via https:/
 
Amitz

Amitz

New Member
buffalooed said:
Anal Ticks.... Funny.  Analytics has to be one of the WORST names one could come up with for a product or line or study, ever.
Click to expand...
Better than telling your mum "Hey, I want to see Uranus one day". Astronauts are perverts... ;)
 
Last edited by a moderator:
drmike

drmike

100% Tier-1 Gogent
GIANT_CRAB said:
Tin foilers detected.
Click to expand...
Really?  No one here in the states makes tin foil (which is actually steel foil).  They haven't made that since 1940's.

See how out of touch you folks who claim tin foil are?  Lost in the 1940's.  Better watch, there could be a Hitler behind every bush.
 
KuJoe

KuJoe

Well-Known Member
Verified Provider
If given the option between an SSL and non-SSL version, I'll pick non-SSL because the site already acts up enough for me without adding extra overhead. :)

I guess what I'm trying to say is DO NOT FORCE SSL.

Additionally, I tried Piwik a while back and ended up switching back to Google Analytics. Google just does it better IMO. It's a sad fact, but Google is just made up of a bunch of geniuses.
 
Last edited by a moderator:
mikho

mikho

Not to be taken seriously, ever!
MannDude said:
Well, I can stop serving some of that from Google, which I have now. Should be requested from vpsboard.com instead of Google.


Analytics may get replaced with Piwik, but data from GA can't be imported into Piwik as far as I know. Means I need to get a separate VPS just for analytics.
Click to expand...
Raymii offers a hosted piwik but then we might have the same story repeat itself.
 
You must log in or register to reply here.
Top
amuck-landowner