Focus & Blur: Behavioral Inference & the Tattletale Browser

This web thing’s been bugging me for too long. Have you ever tried to background a tab that is playing insufferable & unskippable content, only to find out that the annoyance has paused itself until your eyeballs are known be aimed back at it? Why do browsers honor requests to let websites know if you’re paying attention or not?

This is achieved by relying on the focus and blur events. But there are many UI Elements that rely on them to trigger useful UI responses. Think of a suggestion box that shows up when you click in a search bar for example. The window element though, is one for which I cannot think of a single instance where the focus and blur events at are used to benefit the user. I think a well intended couple of events were generally implemented to every possible elements, but one of them reveals more than was intended and is abused to that effect. Why would ad-blocker not nuke them either? I’ve gone through this rabbit hole several times over the years trying to find an extension or adblocker customization to dismiss these events. Alas, they never seem to have made it into the crosshair as the true annoyance that they are. How do you like to have your browser report how good you are at consuming content as intended?

These events are responsible for more ills than making sure you’re watching, they are a key metric for inferring behavior. As with much of data mining, what’s scary isn’t really the information you’re giving away, it’s what can be inferred from it. In a way these attention events are perfectly suited for the attention age. Particularly though, they matter when they are attached to the window element. As far as I know, that is the only method I’ve seen in the wild that is abused into this purpose.

In any case, since I never could find anything, here’s what I came up with. The best way I found to run user JS on all websites is using Tampermonkey. Then here’s the script I’m running:

// ==UserScript==
// @name         Attention Event Nuker
// @namespace
// @version      2024-05-01
// @description  nukes focus and blur events when attached to the window element
// ==/UserScript==

(function() {
    var old_add_event_listener = EventTarget.prototype.addEventListener ;

    EventTarget.prototype.addEventListener = function(event_name, event_handler) {
        if( this.toString()==window.toString() &&
           (event_name=="blur" || event_name=="focus") ) {
            console.log( "attention event caught: " + event_name + " on: " + ) ;
        } else {
   this, event_name, event_handler ) ;

Unfortunately I did run into a couple of sites that somehow rely on the events to even work properly. I don’t think I want to reverse engineer them 1 by 1 so I’m adopting a blacklist of sites which is a bit obnoxious. For a while I did have the script report which sites were asking for the events, the results weren’t surprising and showed that pretty much any big site with a baseline of behavioral data mining wants to know what your eyeballs are in front of.

Leave a Reply

Your email address will not be published. Required fields are marked *