You're paying AI companies a monthly subscription fee to be fingerprinted like a parolee.

@CandlesARG @ublockorigin just checked - lumo comes back clean - 0 blocked requests.

in case you want to check it out for yourself, here are the docs: https://github.com/gorhill/uBlock/wiki/The-logger

@joseph11lim @sergiodomeyko anytime, internet friend

@joseph11lim @sergiodomeyko

Did I understand this thread correctly that Mistral also does the same "bouncer" function as UBlock origin, but with the added advantage of EU ethos?

Not quite - it's not that Mistral is doing the same "bouncer" function as uBlock, it's that Mistral is built differently than the other AI websites in that it doesn't discretely spy on you.

In essence, there's very little (or nothing) for the bouncer (i.e. uBock) to do when you're using Mistral.

either way I highly encourage everyone to use uBlock

@dancingtreefrog @ublockorigin so long as you're using the LLM stuff within a browser, it's all the same

@QuercusMacrocarpa @ublockorigin uMatrix is unfortunately abandoned — development ended in 2021, same developer as uBlock Origin, he just stopped. there's also an unpatched vulnerability in it so I'd avoid it at this point.

uBlock Origin in medium mode covers most of what uMatrix used to do for this specific threat — it blocks third party scripts and XHR requests by default which is exactly what catches the telemetry pipelines I documented.

one important caveat though: if you're on Chrome, uBlock Origin was gutted by Google in late 2024 as part of their Manifest V3 changes. the full version no longer works on Chrome. for real protection you need Firefox or Brave with uBlock Origin installed. which, honestly, is probably worth a separate post.

@jakebrake @cloud @OlivierBurnier @ublockorigin i’m fucking terrified to ask why you know that.

@sergiodomeyko every time you open one of these AI chat websites, before you type a single word, the website is secretly making hundreds of connections to other companies’ servers in the background.

those connections are sending those companies information about you — what browser you use, what computer you have, your screen size, your timezone, sometimes a unique digital fingerprint that can identify you specifically.

you’re paying a monthly subscription for these AI tools, and they’re ALSO selling information about how you use them to analytics companies, ad companies, and in Google’s case, adding it to the giant file they already have on you from Gmail, Search, Maps, and everything else.

uBlock Origin is a free browser extension that blocks all of this. it’s like a bouncer for your browser. Lmk if you want some help installing it

hope that helps. welcome to the modern internet - it’s a mess out here.

@siklist pihole can block requests by fqdn, but as you’ll notice, a lot of the third-party tracking infra was being proxied through other non-tracking infra to get around this. If Claude code is somehow loading in JS artifacts (idk if it can or not) it could bypass pihole.

@OlivierBurnier @ublockorigin

Mistral: two blocked requests.

Cloudflare Insights ("is the site up") and a single Intercom beacon POST that didn't even retry.

that's it. no Statsig. no tracking GIFs. no Google Analytics. no distributed tracing. no proof-of-work challenge. no KETCHUP_DISCOVERY_CARD. nothing.

a French AI company nobody talks about is running the cleanest frontend in the entire field by a factor of roughly 150x and we're all sleeping on it

les français ont tout compris

#mistral #privacy #infosec

@Viss ask and you shall receive.

@dancingtreefrog @ublockorigin download the browser extension! it will work with the default config

You're paying AI companies a monthly subscription fee to be fingerprinted like a parolee.

I got bored and ran uBlock across Claude, ChatGPT, and Gemini simultaneously.

Claude:

• Six parallel telemetry pipelines.
• A tracking GIF with 40 browser fingerprint data points baked into the URL, routed through a CDN proxy alias specifically to make it harder to block.
• Intercom running a persistent WebSocket whether you use it or not.
• Honeycomb distributed tracing on a chat UI because apparently your conversation needs the same observability stack as a payments microservice.

ChatGPT:

• proxies telemetry through their own backend to hide the Datadog destination URL from blockers.
• uBlock had to deploy scriptlet injection — actual JS injected into the page to intercept fetch() at the API level — because a network rule wasn't enough.
• Also ships your usage data to Google Analytics. OpenAI. To Google. You cannot make this up.
• Also runs a proof-of-work challenge before you're allowed to type anything.

Gemini:

• play.google.com/log getting hammered with your full session behavior, authenticated with three SAPISIDHASH token variants, piped directly into the Google identity supergraph that correlates everything you've ever done across every Google product since 2004.
• Also creates a Web App Activity record in your Google account timeline. Also has "ads" in one of the telemetry endpoint subdomains.

When uBlock blocks Gemini's requests, the JS exceptions bubble up and Gemini dutifully tries to POST the error details back to Google. uBlock blocks that too. The error messages contain the internal codenames for every upsell popup that failed to load.

KETCHUP_DISCOVERY_CARD.
MUSTARD_DISCOVERY_CARD.
MAYO_DISCOVERY_CARD.

Google named their subscription upsell popups after condiments and I found out because their error handler snitched on them.

All three of these products cost money.
One of them is also running ad infrastructure.

Touch grass. Install @ublockorigin

#infosec #privacy #selfhosted #foss #surveillance