James O'Neill's Blog

October 27, 2009

How to cut the crap in IE8 (IE and Privacy Part 2)

Filed under: Uncategorized — jamesone111 @ 12:56 am


Click for a bigger view.

I mentioned IE87 pro in the last post, but recently I was doing some work on a server 2008 R2 which didn’t have it installed, and I wanted to look up some data on how much less current solid state drives use than traditional hard disks. I fetched up at Tom’s hardware which was an example of horrible use of flash.

I know some people are able to tune out the look-at-me, look-at-me flash, if you’re one I’ve doctored this page to give you some sense of what it is like when I try to read it.  If you scroll the page down the Windows Server Ad on the left doesn’t remain pinned but bounces back into place. Just horrible. 

image I could have installed IE7 pro but I was trying not to add any software to this machine. So I decided I would turn my attention to using In-Private filtering. The first thing to do was to look at what this page is pulling in. IE8’s privacy report (either from the status bar or the “Web page privacy policy” option on the “Safety” menu) gives a view of what a page is loading from outside its own domain and which of those pages send cookies. You can decide which sites’ cookies you will accept and which you will reject, and this is useful if your goal is to limit the degree to which your movement around many sites gets tracked.  But it lists all pages, (cookies or not) from other domains which show up on a site. So on this particular site what I saw something like the one below:


This showed I was accepting cookies from an admonger  (On internet options my cookies setting was on Medium – this is settable by group policy – only Medium-High level and above blocks these cookies).
The report gives me a list of sites which use the page I am looking at to send me sending me stuff I actively want NOT to see. Not all of these will automatically show up if I look at the the in-private filtering settings, because that shows everything which has been found more than a threshold number of times. If set to automatic, In-private Filtering will try to figure out which of these should be blocked, sadly it can’t tell the difference between GoogleAPIs (required to make some sites work) and GoogleAnalytics (habit harvesting). So I’ve set mine manually; This is the first place where (as far as I can tell) IE8 comes up a bit short – it forgets the state of in private filtering, and you need to add a registry entry (sadly this one is not in the group policy templates, but you can save the following to a .REG file and import it into the registry, or even create your own group policy template to set it.

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Safety\PrivacIE]

A value of 0 is “disabled” , 1 is “Automatic” and 2 is manual. Once filtering is turned on you can select which of the sites detected to block or allow. There is another option though, if you go to In-Private filtering settings via the Saftey menu or via the status bar there is an advanced settings link which takes you to the in private filtering part of Manage add-ons: here you can export or import your settings: again we seem to be missing an easy way to propagate settings: the file is in RSS format there doesn’t seem to be an obvious way to subscribe one. The file itself looks like the one below

 <?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:wf="http://www.microsoft.com/schemas/webfilter/2008"&gt;
         <description>Export of InPrivate Filtering</description>

As you can see the file is an RSS XML file which defies an extra WebFilter schema. We can have Web filter  blockRegEx or AllowRegEx items – the reg ex is a regular expression, and this is no time to dive into explaining them. Suffice to say that . in a regular expression means “any character” and .* means any character, any number of times (what would be * in most wild card syntaxes). Since . has a special meaning the escape character \ appears before a . when we mean that character – the descriptions show the normal way of writing the expression, a couple of minutes with notepad and I was seeing something like this.  Not only is this something I can read, but might notice the ads which I might follow because they are both static and relevant have got greater prominence. I’d say that was a good result all round.



This post originally appeared on my technet blog.


Blog at WordPress.com.

%d bloggers like this: