KenntWas.de – Technische Tipps

Technische Informationen zu Linux, (Oracle-) Datenbanken und mehr

Spion vs. Spion: Mit Ghostery Spione entdecken (Firefox Addon)

| 0 comments

 

Spion vs. Spion

Spion vs. Spion (Mad)

Viele Webseiten enthalten heutzutage Tracker, die das Surfverhalten analysieren. Angeblich nur zu unserem Besten.

Das Firefox Addon Ghostery zeigt die Tracker beim Surfen an und ermöglicht auch das Blocken von Adsense und Co.

Auch das WordPress-Plugin wp-stats steht im Verdacht, mit Dritten zu telefonieren indem es Code von Quantcast einbindet.

Tracker auf WebseiteIn der rechten oberen Ecke zeigt Ghostery beim Laden von Webseiten an, welche Tracker dort lauern.

In dem Beispiel links sieht man auch den von wp-stats eingebundenen Tracker von Quantcast.

Über ein Pop-Up Menü lassen sich dann weitere Details ermitteln.

Wer mag, kann auch den Script-Code untersuchen.

Für WP-Stats gibt es übrigens ein Plugin, welches das Einbinden von Quantcat unterbindet.

Ghostery Popup

Code von WP-Stats (Quantcast bzw. quantserve wird am Ende eingebunden)

Hier der Code von wp-stats (mit dem JS-Beautifier etwas lesbarer formatiert)

function st_go(a) {
    var i, u = document.location.protocol + '//stats.wordpress.com/g.gif?host=' + escape(document.location.host) + '&rand=' + Math.random();
    for (i in a) {
        u = u + '&' + i + '=' + escape(a[i]);
    }
    u = u + '&ref=' + escape(document.referrer);
    document.open();
    document.write("<img id="\&quot;wpstats\&quot;" src="http://kenntwas.de/2011/tips/tools-allgemein/spion-vs-spion-ghostery-firefoxaddonspione/" alt="\&quot;\&quot;" />");
    document.close();
}
 
function wpcomAddEvent(el, ev, fn) {
    var isIE = window.attachEvent ? true : false;
    if (isIE) el.attachEvent('on' + ev, fn);
    else if (el.addEventListener) el.addEventListener(ev, fn, false);
}
 
function linkmousedown(event) {
    var isIE = window.attachEvent ? true : false;
    event = event ? event : (window.event ? window.event : "");
    var m = isIE ? window.event.srcElement : event.currentTarget;
    m.modo = true;
}
 
function linkmouseout(event) {
    var isIE = window.attachEvent ? true : false;
    event = event ? event : (window.event ? window.event : "");
    var m = isIE ? window.event.srcElement : event.currentTarget;
    m.modo = false;
}
 
function linkmouseup(event) {
    var isIE = window.attachEvent ? true : false;
    event = event ? event : (window.event ? window.event : "");
    var m = isIE ? window.event.srcElement : event.currentTarget;
    if (m.modo) linktracker_record(event);
}
 
function linkclick(event) {
    var isIE = window.attachEvent ? true : false;
    event = event ? event : (window.event ? window.event : "");
    linktracker_record(event);
}
 
function linktracker_init(b, p) {
    _blog = b;
    _post = p;
    if (typeof document.location.host != 'undefined') var localserver = document.location.host;
    else
    var localserver = document.location.toString().replace(/^[^\/]*\/+([^\/]*)(\/.*)?/, '$1');
    var els = document.getElementsByTagName('a');
    for (var i = 0; i &lt; els.length; i++) {
        var href = els[i].href;
        if (href.match(eval('/^(http(s)?:\\/\\/)?' + localserver + '/'))) continue;
        wpcomAddEvent(els[i], 'mousedown', linkmousedown);
        wpcomAddEvent(els[i], 'mouseout', linkmouseout);
        wpcomAddEvent(els[i], 'mouseup', linkmouseup);
    }
}
 
function linktracker_record(event) {
    var isIE = window.attachEvent ? true : false;
    event = event ? event : (window.event ? window.event : "");
    var b = isIE ? window.event.srcElement : event.currentTarget;
    while (b.nodeName != "A") {
        if (typeof b.parentNode == 'undefined') return;
        b = b.parentNode;
    }
    var bh = b.href;
    var pr = document.location.protocol || 'http:';
    var b = (typeof _blog != 'undefined') ? _blog : 0;
    var p = (typeof _post != 'undefined') ? _post : 0;
    var i = new Image(1, 1);
    i.src = pr + '//stats.wordpress.com/c.gif?s=2&amp;b=' + b + '&amp;p=' + p + '&amp;u=' + escape(bh);
    i.onLoad = function () {
        cmcVoid();
    }
}
 
function cmcVoid() {
    return;
}
if (typeof _qoptions != "undefined" &amp;&amp; _qoptions != null) for (var k in _qoptions) old_qoptions[k] = _qoptions.k;
_qoptions = {
    qacct: 'p-18-mFEk4J448M',
    labels: 'type.wporg'
};
document.write(unescape("%3Cscript src='" + document.location.protocol + "//edge.quantserve.com/quant.js' type='text/javascript'%3E%3C/script%3E"));
if (typeof old_qoptions != "undefined" &amp;&amp; old_qoptions != null) _qoptions = old_qoptions;
if (!__qc) {
    var __qc = {
        qcdst: function () {
            if (__qc.qctzoff(0) != __qc.qctzoff(6)) return 1;
            return 0;
        },
        qctzoff: function (m) {
            var d1 = new Date(2000, m, 1, 0, 0, 0, 0);
            var t = d1.toGMTString();
            var d3 = new Date(t.substring(0, t.lastIndexOf(" ") - 1));
            return d1 - d3;
        },
        qceuc: function (s) {
            if (typeof(encodeURIComponent) == 'function') {
                return encodeURIComponent(s);
            } else {
                return escape(s);
            }
        },
        qcrnd: function () {
            return Math.round(Math.random() * 2147483647);
        },
        qcgc: function (n) {
            var v = '';
            var c = document.cookie;
            if (!c) return v;
            var i = c.indexOf(n + "=");
            var len = i + n.length + 1;
            if (i &gt; -1) {
                var end = c.indexOf(";", len);
                if (end &lt; 0) end = c.length;
                v = c.substring(len, end);
            }
            return v;
        },
        qcdomain: function () {
            var d = document.domain;
            if (d.substring(0, 4) == "www.") d = d.substring(4, d.length);
            var a = d.split(".");
            var len = a.length;
            if (len &lt; 3) return d;
            var e = a[len - 1];
            if (e.length &lt; 3) return d;
            d = a[len - 2] + "." + a[len - 1];
            return d;
        },
        qhash2: function (h, s) {
            for (var i = 0; i &lt; s.length; i++) {
                h ^= s.charCodeAt(i);
                h += (h &lt;&lt; 1) + (h &lt;&lt; 4) + (h &lt;&lt; 7) + (h &lt;&lt; 8) + (h &lt;&lt; 24);
            }
            return h;
        },
        qhash: function (s) {
            var h1 = 0x811c9dc5,
                h2 = 0xc9dc5118;
            var hash1 = __qc.qhash2(h1, s);
            var hash2 = __qc.qhash2(h2, s);
            return (Math.round(Math.abs(hash1 * hash2) / 65536)).toString(16);
        },
        sd: ["4dcfa7079941", "127fdf7967f31", "588ab9292a3f", "32f92b0727e5", "22f9aa38dfd3", "a4abfe8f3e04", "18b66bc1325c", "958e70ea2f28", "bdbf0cb4bbb", "65118a0d557", "40a1d9db1864", "18ae3d985046", "3b26460f55d"],
        qcsc: function () {
            var s = "";
            var d = __qc.qcdomain();
            if (__qc.qad == 1) return ";fpan=u;fpa=";
            var qh = __qc.qhash(d);
            for (var i = 0; i &lt; __qc.sd.length; i++) {
                if (__qc.sd[i] == qh) return ";fpan=u;fpa=";
            }
            var u = document;
            var a = __qc.qcgc("__qca");
            if (a.length &gt; 0) {
                s += ";fpan=0;fpa=" + a;
            } else {
                var da = new Date();
                a = 'P0-' + __qc.qcrnd() + '-' + da.getTime();
                u.cookie = "__qca=" + a + "; expires=Sun, 18 Jan 2038 00:00:00 GMT; path=/; domain=" + d;
                a = __qc.qcgc("__qca");
                if (a.length &gt; 0) {
                    s += ";fpan=1;fpa=" + a;
                } else {
                    s += ";fpan=u;fpa=";
                }
            }
            return s;
        },
        qcdc: function (n) {
            document.cookie = n + "=; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=" + __qc.qcdomain();
        },
        qpxload: function (img) {
            if (img &amp;&amp; typeof(img.width) == "number" &amp;&amp; img.width == 3) {
                __qc.qcdc("__qca");
            }
        },
        qcp: function (p, myqo) {
            var s = '',
                a = null;
            var media = 'webpage',
                event = 'load';
            if (myqo != null) {
                for (var k in myqo) {
                    if (typeof(k) != 'string') {
                        continue;
                    }
                    if (typeof(myqo[k]) != 'string') {
                        continue;
                    }
                    if (k == 'qacct') {
                        a = myqo[k];
                        continue;
                    }
                    s += ';' + k + p + '=' + __qc.qceuc(myqo[k]);
                    if (k == 'media') {
                        media = myqo[k];
                    }
                    if (k == 'event') {
                        event = myqo[k];
                    }
                }
            }
            if (typeof a != "string") {
                if ((typeof _qacct == "undefined") || (_qacct.length == 0)) return '';
                a = _qacct;
            }
            if (media == 'webpage' &amp;&amp; event == 'load') {
                for (var i = 0; i &lt; __qc.qpixelsent.length; i++) {
                    if (__qc.qpixelsent[i] == a) return '';
                }
                __qc.qpixelsent.push(a);
            }
            if (media == 'ad') {
                __qc.qad = 1;
            }
            s = ';a' + p + '=' + a + s;
            return s;
        },
        qcesc: function (s) {
            return s.replace(/\./g, '%2E').replace(/,/g, '%2C');
        },
        qcd: function (o) {
            return (typeof(o) != "undefined" &amp;&amp; o != null);
        },
        qcogl: function () {
            var m = document.getElementsByTagName('meta');
            var o = '';
            for (var i = 0; i &lt; m.length; i++) {
                if (o.length &gt;= 1000) return o;
                if (__qc.qcd(m[i]) &amp;&amp; __qc.qcd(m[i].attributes) &amp;&amp; __qc.qcd(m[i].attributes.property) &amp;&amp; __qc.qcd(m[i].attributes.property.value) &amp;&amp; __qc.qcd(m[i].content)) {
                    var p = m[i].attributes.property.value;
                    var c = m[i].content;
                    if (p.length &gt; 3 &amp;&amp; p.substring(0, 3) == 'og:') {
                        if (o.length &gt; 0) o += ',';
                        var l = (c.length &gt; 80) ? 80 : c.length;
                        o += __qc.qcesc(p.substring(3, p.length)) + '.' + __qc.qcesc(c.substring(0, l));
                    }
                }
            }
            return __qc.qceuc(o);
        },
        firepixel: function (qoptions) {
            var e = (typeof(encodeURIComponent) == 'function') ? "n" : "s";
            var r = __qc.qcrnd();
            var sr = '',
                qo = '',
                qm = '',
                url = '',
                ref = '',
                je = 'u',
                ns = '1';
            var qocount = 0;
            __qc.qad = 0;
            if (typeof __qc.qpixelsent == "undefined") {
                __qc.qpixelsent = new Array();
            }
            if (typeof qoptions != "undefined" &amp;&amp; qoptions != null) {
                __qc.qopts = qoptions;
                for (var k in __qc.qopts) {
                    if (typeof(__qc.qopts[k]) == 'string') {
                        qo = __qc.qcp("", __qc.qopts);
                        break;
                    } else if (typeof(__qc.qopts[k]) == 'object' &amp;&amp; __qc.qopts[k] != null) {
                        ++qocount;
                        qo += __qc.qcp("." + qocount, __qc.qopts[k]);
                    }
                }
            } else if (typeof _qacct == "string") {
                qo = __qc.qcp("", null);
            }
            if (qo.length == 0) return;
            var ce = (navigator.cookieEnabled) ? "1" : "0";
            if (typeof navigator.javaEnabled != 'undefined') je = (navigator.javaEnabled()) ? "1" : "0";
            if (typeof _qmeta != "undefined" &amp;&amp; _qmeta != null) {
                qm = ';m=' + __qc.qceuc(_qmeta);
                _qmeta = null;
            }
            if (self.screen) {
                sr = screen.width + "x" + screen.height + "x" + screen.colorDepth;
            }
            var d = new Date();
            var dst = __qc.qcdst();
            var qs = 'http';
            if (window.location.protocol == 'https:') {
                qs += 's';
            }
            qs += "://pixel.quantserve.com";
            var fp = __qc.qcsc();
            if (window.location &amp;&amp; window.location.href) url = __qc.qceuc(window.location.href);
            if (window.document &amp;&amp; window.document.referrer) ref = __qc.qceuc(window.document.referrer);
            if (self == top) ns = '0';
            var ogl = __qc.qcogl();
            var img = new Image();
            img.alt = "";
            img.src = qs + '/pixel' + ';r=' + r + fp + ';ns=' + ns + ';url=' + url + ';ref=' + ref + ';ce=' + ce + ';je=' + je + ';sr=' + sr + ';enc=' + e + ';ogl=' + ogl + ';dst=' + dst + ';et=' + d.getTime() + ';tzo=' + d.getTimezoneOffset() + qo + qm;
            img.onload = function () {
                __qc.qpxload(img);
            }
        },
        quantserve: function () {
            if (typeof _qevents == 'undefined') {
                _qevents = [];
            }
            if (typeof _qoptions != "undefined" &amp;&amp; _qoptions != null) {
                __qc.firepixel(_qoptions);
                _qoptions = null;
            } else if (!_qevents.length &amp;&amp; typeof _qacct != "undefined") {
                __qc.firepixel(null);
            }
            if (!__qc.evts) {
                for (var k in _qevents) {
                    __qc.firepixel(_qevents[k]);
                }
                _qevents = {
                    push: function () {
                        var a = arguments;
                        for (var i = 0; i &lt; a.length; i++) {
                            __qc.firepixel(a[i]);
                        }
                    }
                };
                __qc.evts = 1;
            }
        }
    };
}
 
function quantserve() {
    __qc.quantserve();
}
quantserve();

Leave a Reply

Required fields are marked *.