CYBER NEWS

How to Block Facebook Web Trackers at the Firewall


Facebook is an American social media and social networking service that has become a household name around the world.

With so many people surrendering their personal information to sign up to Facebook, it’s no wonder this social media giant now has an estimated net worth of $260 billion US. If you’re wondering where Facebook gets so much money, the answer is simple: Advertising.

According to its 2018 annual report: “Facebook generates substantially all of its revenue from selling advertising to marketers. Ads are displayed on Facebook’s main social-networking site, as well as Instagram, Messenger, and other third-party affiliated websites or mobile applications. Marketers pay for ads based on the number of impressions delivered or the number of actions, such as clicks, undertaken by users.”




It’s easy to see why marketers flock to Facebook since over a billion users actively use their accounts each day. Facebook’s tracking is on par with Google which means the company not only knows who you are, where you live, and who you know but it also knows what sites you visit and what things you’re looking for.

Why You Should Care about Facebook’s Tracking

There are plenty of reasons why Facebook is so popular around the world. It allows nearly everyone to connect with family and friends, set up and collaborate with social groups, and even catch up on the latest news.

With so many benefits it offers, you’d be hard-pressed to find any reason to stop using it, right?

Well, I’ve got two:

Privacy
Firstly, it’s the issue of privacy. Facebook gets some of your information like your name, mobile number, and email when you sign up and profile information. You voluntarily provide this information IDEALLY after reading and understanding their terms and conditions.

However, it also learns such things as the topics you search for, the websites you visit, and what you do on those websites thanks to its various tracking tools.

It then uses the data it collected to construct a profile for each user including their contacts who haven’t signed up yet. This is called a “shadow profile” and it means Facebook is spying on people who didn’t sign up to their service.

Internet Speed
If you don’t care about your privacy being violated as long as you can still use the Internet, you may find the second reason more compelling.

You see:

Facebook uses various trackers that it embeds into the webpages that you visit. These trackers “call home” and track your movements across the Internet, thereby, using bandwidth and slowing down your Internet connection as a result.

While both of these reasons may become a cause for concern, avoiding Facebook entirely may be hard for some and nearly impossible for others — especially with shadow profiles involved. So, what can you do to at least mitigate the effects of Facebook’s trackers?

Blocking Facebook Trackers at the Firewall (Linux)

If you’re running Linux, you can use this method to block Facebook’s trackers at the firewall. Note that you can use this same method for other sites, though, for the purpose of this guide we’re focusing on Facebook.

Firstly, use /usr/bin/whois -h whois.radb.net ‘!gAS32934’ | tr ‘ ‘ ‘\n’ to locate Facebook’s subnets. Let’s use these four subnets as examples:

31.13.64.0/18
66.220.144.0/20
69.171.224.0/19
69.63.176.0/20

Next, add the above addresses to the firewall. The method will be different depending on the type of packet filter your system uses. For all of these, REJECT the packet rather than DROP it.

While there are plenty of reasons to favor REJECT over DROP, the most important reason for our purposes is that we want to get immediate feedback that the site is blocked rather than waste time waiting for a timeout.

Here are three examples of the major types of filters. All of these examples require root access, either directly or via sudo.

Uncomplicated Firewall
UFW is a text-based interface to iptables. It’s designed to be user-friendly and made up of a few simple commands. It’s available in several distros and, fortunately, accepts a network range as input.

ufw reject out to 31.13.64.0/18
ufw reject out to 66.220.144.0/20
ufw reject out to 69.171.224.0/19
ufw reject out to 69.63.176.0/20

You can use ufw reset to restore UFW’s factory defaults.

Plain Old Iptables
If your distro doesn’t come with UFW or if you aren’t used to it, you can instead work directly with iptables since it can take a network range as input like UFW.

iptables -A OUTPUT -d 31.13.64.0/18 -j REJECT
iptables -A OUTPUT -d 66.220.144.0/20 -j REJECT
iptables -A OUTPUT -d 69.171.224.0/19 -j REJECT
iptables -A OUTPUT -d 69.63.176.0/20 -j REJECT

You can use these three steps to clear out iptables.

iptables -Z; iptables -F; iptables -X

BSD, Including OS X

Packet Filter (PF) is compatible with OS X, FreeBSD, NetBSD, DragonflyBSD, and OpenBSD. Recent versions of OS X have started using OpenBSD’s Packet Filter (PF) since OS X is based on BSD. Regular BSDs have used this filter for a long time.

Tables are an easy way to contain the list of networks you plan to block. The following two lines should be added to the configuration file pf.conf in their appropriate places.

tablepersist { 31.13.64.0/18, 66.220.144.0/20, 69.171.224.0/19, 69.63.176.0/20 }
block quick to

Next, load the ruleset into PF.

pfctl -f pf.conf

NOTE: Remember to keep a backup copy of your filter rules.

How to Block Facebook Trackers for Non-Linux Users

If you aren’t using Linux, here are some ways you can block Facebook’s trackers.

Ad Blocker Extensions
Ad blocker extensions remove or alter ad content on a webpage. An ad blocker looks at a site’s scripts and compares them against a list of sites and scripts that it was built to block, then blocks any that they find. Ad blockers also come in the form of plugins or as part of a VPN service.

Some examples: uBlock Origin, NoScript, Privacy Badger.

Advertising Opt-Outs and Disabling Third-Party Cookies

Users from the USA, Canada, or the EU can opt-out of behavioral advertising using their regional tools. Note that it may take a while for advertisers to actually accept your opt-out request.

You can also disable third-party cookies in your browser but this may make your online sessions too inconvenient at times.

VPNs

A VPN adds a layer of security to your online browsing. It works by encrypting your online data as well as hiding your true IP address. While it’s built more for security rather than privacy, it’s IP hiding feature prevents trackers from knowing your exact location.




Privacy-Focused Browsers

Privacy-focused browsers automatically block trackers while you browse the web. They often use several layers of encryption to keep your online data locked down. You can even use a privacy-focused browser like TOR in tandem with a VPN for an added layer of privacy and security.

Keep your privacy and improve connection times
Facebook collects your information and uses trackers to spy on your online activity which slows down your internet speed. Block Facebook’s trackers at the firewall or use other tools to reclaim your privacy and speed up your internet speed.


About the Author: Robert Mardisalu

Robert Mardisalu is the co-founder & editor of TheBestVPN.com, a computer security professional, privacy specialist and cybersecurity writer. He has authored many insightful blogs that help readers to think beyond the surface.

SensorsTechForum Guest Authors

SensorsTechForum Guest Authors

From time to time, SensorsTechForum features guest articles by cybersecurity leaders and enthusiasts. The opinions expressed in these guest posts, however, are entirely those of the contributing author, and may not reflect those of SensorsTechForum.

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...