How to Stop Websites from Offering to Send Notifications

Perhaps someone out there woke up one day and thought to themselves:

You know what I want? I want nearly every website I visit today to throw a pop-up in my face offering to notify me about whatever they find exciting! That way, when I’m minding my own business trying to get stuff done, I’ll have brand new distractions to prevent me from being able to concentrate!

…but that isn’t something I’ve dreamed of, personally. And you may have detected a mild tone of sarcasm here (if not, I apologize that it wasn’t more obvious), but the bottom line is that I really don’t want to be bothered.

I don’t want to be bothered with the question about whether I’d like to get notifications, not to mention notifications themselves!

Good News: You Can Block These in Your Browser

And I mean you can block the questions as well as the actual notifications.

Thanks to Steve Gibson from Gibson Research Corporation, who mentioned this on a recent episode of the Security Now! podcast, here’s a handy set of instructions for you.

Time needed: 2 minutes

How to Block Websites from Offering Notifications in Google Chrome

  1. Open Chrome’s 3-dot menu and click “Settings”

    Using any desktop version of Google Chrome*, locate the 3-dot menu (from Windows and Linux, this is typically at the top right), click it, and then choose “Settings” from the menu that drops down.

    *or Chromium, if you’re rocking the open source version like I am.Security Now!

  2. Click “Advanced” (at the bottom), then find “Content Settings” (or “Site Settings”) in the “Privacy and Security” section

    The setting we’re looking for is hidden under the “Advanced” section, which you can find by scrolling all the way to the bottom of the “Settings” page that opens up. Once you click “Advanced,” the page expands and you’ll see a new section called “Privacy and Security” which contains a number of rows of options.

    Look for the option labeled “Content Settings” (that’s what it was called in my version) or “Site Settings” (this is what Steve Gibson’s instructions said, so his version—and maybe yours too!—might be different).

  3. Click on the “Notifications” option, then move the “Ask before sending” slider to the left

    When you click “Notifications,” a new screen opens up, and if your version of Google Chrome still has the default setting, you’ll see a line near the top that reads, “Ask before sending (recommended).”

    When you move that slider to the left, it turns the notifications requests off, and you should see the text change to “Blocked”.

    Voila! No more requests from websites!

    (While you’re here, you should see a list of any specific sites you’ve either “blocked” or “allowed” notifications from, and you can review/edit your settings.)

How to Block Notification Requests in Firefox

If you use Mozilla Firefox, which is my “daily driver” browser these days, you can block these notifications requests there as well. Here’s how:

  1. Open a new tab in Firefox and type the following in the address bar:

    about:config
  2. You will most likely see a warning that says, “This might void your warranty!” If so, click “I accept the risk!” to continue.
  3. You’ll see a search box at the top of a long list of configuration items. Type in:

    webnotifications

    …and press “Enter”
  4. Locate the setting named, “dom.notifications.enabled” and toggle it to “false.” (I did this by double-clicking it.) It should turn “bold” in appearance, and the “status” column should change to “modified.”
  5. Close the tab. You’re done!

How to Test Your Browser to Confirm the New Settings

As Steve Gibson pointed out, Mozilla (makers of Firefox) were kind enough to build a page just so we can test our browsers to see if the notifications settings change was successful or not.

Well actually, the page was built to serve as part of Mozilla’s excellent developer documentation, but if you visit it from a browser that has the notifications enabled (which they are in most browsers by default), it will pop up a request every time!

The page is called Using the Notifications API. Click it now to see if your settings change worked!

Did You Find This Useful?

I hope so! Feel free to share it, of course. But maybe head on over to Twitter and give Steve Gibson a quick “thank you” for sharing!

And if you’re interested in security and privacy online, be sure to subscribe to Security Now! on your favorite podcast app. It’s worth the listen!

Privacy Implications of Listening Devices

A post (warning: offensive language) made it to the top of the /r/technology subreddit on reddit.com today that highlighted a disturbing statement from the Samsung Smart TV Privacy Policy:

Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.

For the record, I don’t own a Samsung Smart TV. And this sentence doesn’t say anything that any of us wouldn’t have guessed… had we thought about it.

But… how many devices do we own today that are listening all the time? And exactly how much of what we say is being recorded and sent to 3rd parties for “voice recognition?”1

I can think of a handful of other devices which are actively listening all the time and are often found in our homes (like the Xbox One / Kinect) or even on our persons (e.g. Google Now on Android — “OK Google” anyone?) and in newer automobiles.

Samsung’s privacy policy is the first instance I can think of wherein I’ve actually read a warning that your “personal” or “sensitive” information may actually be leaking to 3rd parties.

Unnecessary Cause for Alarm?

I would imagine that the bulk of information being transmitted out of our living rooms via Samsung TVs is largely uninteresting to anyone.

But what are the policies that govern the storage (long term or short term) of this data? How sophisticated are the tools that interpret speech? Are transcripts of this speech stored separately or together with audio recordings?

What government agencies have or will gain access to either audio recordings or speech transcripts?

Perhaps the data doesn’t get stored by anyone for any longer than it takes to decide if you’ve issued a command to your device. And maybe there is no reason to even question what happens to all of the information scooped up by these listening devices.

I don’t want to sound like a conspiratorial alarmist. But on the other hand, maybe keeping some tinfoil close by isn’t such a bad idea…

Photo Credit: frank peters via BigStock

1Geek moment: “voice recognition” is likely a misnomer. It is quite commonly and quite incorrectly used to refer to technologies that recognize speech. True “voice” recognition is a much different technology than “speech” recognition, and involves identifying who the speaker is rather than what he or she is saying. If Samsung or its 3rd-party vendor does have “voice” recognition, that’s a completely different cause for alarm.