DonationCoder.com Forum
Main Area and Open Discussion => Living Room => Topic started by: Tinman57 on October 11, 2012, 08:32 PM
-
The Do Not Track standard has crossed into crazy territory
The advertising industry wants to change the definition of Do Not Track into something Orwell would be proud of. One influential member of the W3C working group says he's lost the energy to go on. Is it time to kill Do Not Track?
http://www.zdnet.com/the-do-not-track-standard-has-crossed-into-crazy-territory-7000005502
-
Legislators slam advertising group for advising members to avoid Do Not Track technology (http://feedproxy.google.com/~r/ActivistPost/~3/_sNtAiyz8hs/legislators-slam-advertising-group-for.html)
Yes, but will legislators actually do anything about it?
(Sound of crickets chirping.)
-IainB
When I first read about DNT in IE and saw what had been done and what was expected, I have to admit to skeptically thinking that it would be best to avoid the whole idea, and I switched it OFF in IE. I could smell a rat.
This was because I could not see that M$oft were a likely candidate as consumer champion for leading the revolt on this one, mainly because M$oft have historically shown themselves to be the ones who are always first in line to assault the consumer (or anyone else, for that matter) if it's for their own gain. They are an excellent corporate psychopath.
I reckoned that it was more likely that M$oft would be doing this for their own gain, and that it could probably be a deliberate effort to to effect a reduction in Google's advertising click revenues.
In any event, the DNT approach needed to get the buy-in of the advertisers, and again historically they have been able to demonstrate that, as a group, they are unlikely to be able to change their ways and not force their self-serving advertising strategies on the consumer.
IE suggesting that it was possible to "think philanthropy and empathy" with and on the consumers' behalf?
Yeah, right.
-
I think I have a slightly different idea about MS and IE here.
For decades (!!) techies have wailed about the perils of Opt-Out. Remember the Toolbar craze of a while ago, and spending an hour de-toxing a user's/friend's copy of IE because they didn't see how to click "custom special advanced obscure install and make sure you toggle this weird little check box off"?
So while of course it's just a gamey-move, it sounds good for MS from the "security" perspective where a user will just be left alone to get on with their work. Then now cue the attack dogs. So it's not so much killing "this" standard as these are the first thrashings of the topic until something else emerges, hopefully better than abject consumer submission!
-
I have nothing polite, constructive, or non-violent to say. Trying to argue with fools only proves that there are 2.
-
I like the reasoning there. If you don't support economy with advertising, you're not american. Well I am not american to begin with and I don't like ad slapped on my face to suck my already limited bandwidth, be it from america or any other country or even my own country.
-
I have nothing polite, constructive, or non-violent to say. Trying to argue with fools only proves that there are 2.
-Renegade
In other news, Mouser receives an offer to rebrand NANY as "New Ads for the New Year!" ;D
But actually that would make an awesome NANY app if it were technically possible: determine how much bandwidth is coming from ads and report it as percentages of bandwidth caps etc!
-
I have nothing polite, constructive, or non-violent to say. Trying to argue with fools only proves that there are 2.
-Renegade
+1 - However (from the comments on the article) I do thing this guy is on to something:
Kool - Ade
It's time to stop swallowing the politically correct B.S. and DROP KICK worthless parasites like the DMA right out of our lives !
The DMA obviously doesn't give a rat's patute about consumer privacy OR browser standards other than the methods used to butcher them.
Let product quality and service once again be the corporate by-words which lead to strong showings and healthy profits rather than a competition for browser display space and computer resources engineered by the scummiest of bottom feeders.
I say let's move directly to browsers capable of switching off advertisements (some form of java & flash filtering maybe) and subsequently Blacklist servers that allow engineered work-around software.
.
materva
11 October, 2012 02:03
-
[ You are not allowed to view attachments ]
-----------------------------
Note: I couldn't help but notice something very interesting...
Uncle Sam can be seen as either leaning to the left- or the right - depending on which side you're standing on...
How American! ;D :Thmbsup:
-
Well, let's all collectively say F*CK YOU! to the advertisement companies by using a mix of AdBlockPlus and Ghostery... see how they like that. And set a custom X-DONT-TRACK-SCREW-YOU HTTP header :)
-
It gets worse although we shouldn't be surprised. Here's one of today's lead articles from OSNews (http://www.osnews.com/story/26463/Apple_tracks_iOS_browsing_behaviour_by_default):
Apple tracks iOS browsing behaviour by default
posted by Thom Holwerda on Fri 12th Oct 2012 11:35 UTC
Surprise, surprise - Apple, by default, tracks web browsing behaviour and location to better serve you ads. You have to specifically opt out of this tracking per individual iOS device that you own. Now we know why Apple has no problem with turning on 'Do Not Track' and not accepting tracking cookies by default: it has no effect on them whatsoever, because iOS 6 has its own independent user tracking mechanisms. Unlike what the Apple pundits claim, it's got nothing to do with respect for user privacy at all. Well paint me red and call me a girl scout: company selling ads tracks user behaviour. Shocker, huh?
:-\
-
And set a custom X-DONT-TRACK-SCREW-YOU HTTP header-f0dder
Hm... :D ...Can we tweak the header hard enough to make the ad server spit burnt cookies for a few cycles after we say hi?
-
Hmmm, this reminds me. I need to get one of those badge shaped signs to stick on my front lawn. It says "I don't really have an alarm system. Don't rob me! It will make me mad!!"
:)
-
And set a custom X-DONT-TRACK-SCREW-YOU HTTP header-f0dder
Hm... :D ...Can we tweak the header hard enough to make the ad server spit burnt cookies for a few cycles after we say hi?
-Stoic Joker
The Internet Junkbuster (http://en.wikipedia.org/wiki/Internet_Junkbuster) used to do this and more. From memory, the features I used included:
- 1. act as a local proxy server for your browser.
- 2. had a blocklist file that used regular expressions to set up sophisticated filters, to filter out content you didn't want (was real easy to add stuff on the fly as you browsed); you could could add to or swap blocklists with other Junkbuster users to save having to duplicate effort.
- 3. sent "do not fetch" commands to webservers, so unwanted/filtered junk was not sent to your PC (thus reducing bandwidth utilisation - important for me as I was using slowspeed dialup connections in Asia at the time);
- 4. spoofed whatever you wanted into your HTTP header - e.g., mine said I was using an obsolete model of a Mac computer, an obsolete Mosaic browser, and email address [email protected], plus it said DO NOT TRACK);
- 5. collected all incoming cookies in a secure INBOUND cookie jar, and wouldn't send them out (unless you wanted to).
- 6. could send OUTBOUND cookies at random from a standard jarfile of previously stored cookies, which you could add to or swap with other Junkbuster users, thus frustrating the demographic objective of using cookies.
Refer also:
- Privoxy (http://en.wikipedia.org/wiki/Privoxy)
- Proxomitron (http://en.wikipedia.org/wiki/Proxomitron)
-
When they first started this DNT BS I knew it wasn't going to work. How did I know you ask? Well let me tell you, you can't have the fox guard the henhouse, and that's exactly what was going on. They "expected" the marketers/trackers to see your DNT request and abide by it. Yeah, like that's going to happen......
-
When they first started this DNT BS I knew it wasn't going to work. How did I know you ask? Well let me tell you, you can't have the fox guard the henhouse, and that's exactly what was going on. They "expected" the marketers/trackers to see your DNT request and abide by it. Yeah, like that's going to happen......
-Tinman57
Just like the Do Not Call phone list. Ah, here's my phone number. But whatever you do, don't call it! There's some logical fallacy there. :)
-
And set a custom X-DONT-TRACK-SCREW-YOU HTTP header-f0dder
Hm... :D ...Can we tweak the header hard enough to make the ad server spit burnt cookies for a few cycles after we say hi?
-Stoic Joker
Good idea, but I doubt we'd be able to come up with something that could actually DoS their servers - the best we could do is probably to generate bogus tracking events.
Which could actually be interesting enough... Omniture, for instance, has a pay-per-event model. We could make tracking an expensive affair for a select handful of companies :-)
-
generate bogus tracking events.-f0dder
A loaf of bread
A jug of wine
And you by my side
My little Raspberry Pi
Generating fake tracking data 24x7
Yup. That's what the cloud and homebrew clusters are made for... :D
Besides, DoS attacks are illegal. But pushing a ton of bogus tuples into cyberspace is no crime. 8)
-
generate bogus tracking events.
-f0dder
A loaf of bread
A jug of wine
And you by my side
My little Raspberry Pi
Generating fake tracking data 24x7
Yup. That's what the cloud and homebrew clusters are made for... :D
Besides, DoS attacks are illegal. But pushing a ton of bogus tuples into cyberspace is no crime. 8)
-40hz
What a superb idea! I like it. :Thmbsup:
Takes the JunkBuster random cookie jarfile approach to the next level - and then some!
-
Besides, DoS attacks are illegal. But pushing a ton of bogus tuples into cyberspace is no crime. 8)
-40hz
Hmmm... I kind of wonder if sending along referrers (in the headers) that go to kiddie porn sites would get the bots to download anything to check on the oddity there, and then if they could be ratted out for having kiddie porn on their servers... If you're going to send bogus data, might as well poison it!
-
If you're going to send bogus data, might as well poison it!
-Renegade
;D Highly cathartic! But much too obvious - to say nothing of abandoning the moral high road in this battle.
No...maybe just a little something to boost per click fees up to the point where trackers become too expensive? Or introducing enough noise into the signal to make trackers far too unreliable for businesses to benefit from using them anymore?
Besides, attacking supply is usually a suboptimal strategy. Far more effective is to discourage demand. IMHO, the most effective way to stop this nonsense is to help reduce demand for it by introducing some nonsense of our own into the mix.
8)
-
Here are some comments from the Abine.com - the DoNotTrackPlus extension developers (http://www.abine.com/blog/2012/the-free-internet-will-be-just-fine-with-do-not-track-heres-why/) :
- Most advertisers don’t interpret the “Do Not Track” signal from your browser to mean “stop collecting your data.” Unless you’re using a privacy tool like our free DoNotTrackPlus, most advertisers are collecting and selling your data even if you’re using your browser’s built-in Do Not Track or private browsing mode. Even if advertisers get your Do Not Track signal from your browser and agree not to target you with ads, most of them will still collect and sell your data, allowing them to profit in other ways.
- Not all Internet users will enable Do Not Track. Some people will choose not to, while most won’t know they have a choice if browser makers continue to make Do Not Track settings hard to find. (To find and turn on Do Not Track in your browser, check out our explanatory guide.)
- It’s completely voluntary for websites to follow your request not to be tracked, and the vast majority of them do nothing when they receive it. As it stands, a website has no obligation to respond to a Do Not Track signal, and the few that do respond don’t have uniform standards. However, Twitter is one of the notable standouts that supports Do Not Track to limit data collection.
- Most of the money from targeted ads doesn’t go to content providers, like news websites. The ACLU testified that 80% of the money advertisers make from targeted advertising doesn’t go to the content providers and publishers. Instead, it goes towards developing better targeted advertising. It’s similar to London’s controversial congestion charge, where roughly half the highway tolls collected pay for the administration costs of running the tolls. Maybe this is why many of the biggest publishers, like the Wall Street Journal and the New York Times, support Do Not Track: it won’t cut into their revenue (and it supports their readers’ privacy).
- Considering the facts above, it’s generous to say that targeted advertising is even 15% of the ad industry’s revenues. In fact, business is booming for the online ad industry: their revenues have increased by 530% since 2002 ...
Anyone here using DNT Plus instead of Ghostery, anyone trust it in the light of the posts in this thread ?
I have/am trying/using both and they generally both give the same results (although sometimes DNTPlus finds more than Ghostery) - but there remains the question about op-out cookies (I did read somewhere on the Abine site that they will be phasing these out in the near future).
So, comments please ?
-
Besides, DoS attacks are illegal. But pushing a ton of bogus tuples into cyberspace is no crime.
-40hz
You have no idea how happy that statement just made me.
f0dder, how's your schedule look..?
-
Anyone here using DNT Plus instead of Ghostery, anyone trust it in the light of the posts in this thread ?
I have/am trying/using both and they generally both give the same results (although sometimes DNTPlus finds more than Ghostery) - but there remains the question about op-out cookies (I did read somewhere on the Abine site that they will be phasing these out in the near future).
So, comments please ?
I gave up Ghostery for DNT Plus when DNT+ came out. It does a lot more than Ghostery and is configurable. Only caveat is if you want to configure it, you have to "Read The Docs". lol
Depending on how you have your cookie handling set up in your browser, you really don't need cookie handling in DNT+. I have mine set up to block all 3rd party cookies and not to allow persistant cookies. DNT+ takes care of the tracking cookies for me.....
-
Re Ghostery & Trackerblock (from another thread):
I ... switched out Ghostery for TrackerBlock, on the theory that even if "less evil", Ghostery is run by an ad company, and hopefully PrivacyChoice.org ... isnt?-TaoPhoenix
-
Re Ghostery & Trackerblock (from another thread):
I ... switched out Ghostery for TrackerBlock, on the theory that even if "less evil", Ghostery is run by an ad company, and hopefully PrivacyChoice.org ... isnt?-TaoPhoenix
-tomos
PrivacyChoice is also a commercial entity - I dunno if I'd choose one of the two over the other... and something about PrivacyChoice seems fishy (not the least running a commercial site on a .org address), but opt-out cookies? I am to trust that anybody respects those? LOL! In general the addon seems to be focused more on cookies, than to keep from executing javascript or loading tracking beacon images, which is what Ghostery does.
-
Re Ghostery & Trackerblock (from another thread):
I ... switched out Ghostery for TrackerBlock, on the theory that even if "less evil", Ghostery is run by an ad company, and hopefully PrivacyChoice.org ... isnt?-TaoPhoenix
-tomos
PrivacyChoice is also a commercial entity - I dunno if I'd choose one of the two over the other... and something about PrivacyChoice seems fishy (not the least running a commercial site on a .org address), but opt-out cookies? I am to trust that anybody respects those? LOL! In general the addon seems to be focused more on cookies, than to keep from executing javascript or loading tracking beacon images, which is what Ghostery does.-f0dder
From what I understand, PrivacyChoice is geared for the publishing companies, where Abine, the makers of Do Not Track Plus is a security company. Kind of makes you wonder where PrivacyChoice's loyalties lie...
DNT+ don't use "Opt-Out" cookies, they actually "Block" tracking of all kinds. I think opt-out cookies are worthless. It's the fox guarding the henhouse. I want to block all the tracking crap, not flag them with a useless cookie...
But, to each their own I suppose. lol
-
DNT+ don't use "Opt-Out" cookies, they actually "Block" tracking of all kinds. I think opt-out cookies are worthless. It's the fox guarding the henhouse. I want to block all the tracking crap, not flag them with a useless cookie...-Tinman57
http://www.abine.com/dntp/faq.php#q17 - "There are good cookies and bad cookies, and we add the good kind to your browser. They’re called “opt-out cookies,” and they signal to advertisers that you want to opt out of receiving target advertising (it's like the "Do Not Call" list for targeted advertising)."
One thing that does seem good about Abine/DNT+ is their team page (http://www.abine.com/team.php), with names & faces. Assuming those people are real, that's a good sign - Ghostery/Evidon has that too (http://www.evidon.com/about/team). Couldn't find that for PrivacyChoice/TrackerBlock, which for some reason seems slightly fishy to me.
As for the fox guarding the henhouse, it's worth noting that Evidon used to be named Better Advertising - and I definitely wouldn't turn on the GhostRank stuff. But so far, Ghostery seems to do it's job well. I haven't been spying on it to check if it's sending back spying data (but even if I'm not that paranoid, I'm pretty sure other people are - and it'd hurt Evidons business if they were outright lying bastards?) - and I've seen it break sites that depend on tracking, which is good thing IMHO :)
-
yes, I have tried PrivacyChoice/TrackerBlock and I don't like it : it creates a lot of traffic, slows down browsing and I have big doubts about it.
So I'm staying with DNT+ for much the same reasons as f0dder.
-
yes, I have tried PrivacyChoice/TrackerBlock and I don't like it : it creates a lot of traffic, slows down browsing and I have big doubts about it.
So I'm staying with DNT+ for much the same reasons as f0dder.
-joiwind
Does DNT+ cover all the flash cookies and stuff? That's the main reason I ever used Ghostery past the first year, after I knew who was on what page - I didn't think reg. AdBlock dealt with flash cookies.
-
yes, I have tried PrivacyChoice/TrackerBlock and I don't like it : it creates a lot of traffic, slows down browsing and I have big doubts about it.
So I'm staying with DNT+ for much the same reasons as f0dder.
-joiwind
Does DNT+ cover all the flash cookies and stuff? That's the main reason I ever used Ghostery past the first year, after I knew who was on what page - I didn't think reg. AdBlock dealt with flash cookies.
-TaoPhoenix
Not sure about DNT+ and flash cookies - I'll check.
-
http://www.abine.com/dntp/faq.php#q17 - "There are good cookies and bad cookies, and we add the good kind to your browser. They’re called “opt-out cookies,” and they signal to advertisers that you want to opt out of receiving target advertising (it's like the "Do Not Call" list for targeted advertising)."-f0dder
Ah yes, weedhopper, but read further and see "You do have the option to turn off these opt-out cookies entirely when using DNT+, which would leave you with the functionality that blocks tracking and targeted ads."
Also note that "DNT+ has the best available blocking, stops more than 600 trackers."
-
Does DNT+ cover all the flash cookies and stuff? That's the main reason I ever used Ghostery past the first year, after I knew who was on what page - I didn't think reg. AdBlock dealt with flash cookies. -TaoPhoenix
How can users prevent Flash cookie tracking?
Like normal cookies, Flash cookies are represented as small files on users' computers. To prevent Flash cookies from being placed, users can adjust preferences on a per site basis in the Macromedia Website Privacy Settings Panel http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager06.html. Using this tool, Flash cookies can be completely disabled or allowed on a per domain basis.
To get to the settings panel, right click on any Flash movie, click settings and then advanced. Macromedia has published a walk through guide http://www.macromedia.com/cfusion/knowledgebase/index.cfm?id=52697ee8 to help users disable Flash cookies.
Users can get rid of the current Flash cookies and their tracking information simply going to the correct folder (see below) and deleting them. The Flash cookies are organized in folders according to the site that placed them, so users can choose which objects to keep.
Firefox users can use Objection http://www.yardley.ca/objection/ , a recently developed extension that adds a LSO deletion tool to Firefox preferences.
Where are Flash cookies stored?
Flash cookies are stored in a special directory depending on the operating system on the client machine. They are arranged in directories according to the site that placed them on the computer (look for a file with a .SOL extension):
Windows C:\Documents and Settings\[username]\Application Data\Macromedia\Flash Player
Macintosh OSX /Users/[username]/Library/Preferences/Macromedia/Flash Player
GNU-Linux ~/.macromedia
-
Just saw this:
http://endthelie.com/2012/10/10/legislators-slam-advertising-group-for-advising-members-to-avoid-do-not-track-technology/#axzz29edun5j0
A bit late, but perhaps of interest for this thread.
-
Basically the trouble with DNT is "Hmm. This user says he doesn't want to be on any lists. So does this one. Ooh, I know this one! Let's make a list of all the users who don't want to be on a list!"
-
How can users prevent Flash cookie tracking?
-Tinman57
For some time now, I've been using the Firefox add-on Better Privacy (https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/) to deal with Flash cookies, and it seems to work well. It allows you to select which Flash cookies you'd like NOT to block, or just to have it block them all. It can inform you about the Flash cookies it blocks each time you close Firefox, or just do its business and not bother you. Your choice.
-
^ +1 for what @cyberdiva wrote.
-
How can users prevent Flash cookie tracking?
-Tinman57
For some time now, I've been using the Firefox add-on Better Privacy (https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/) to deal with Flash cookies, and it seems to work well. It allows you to select which Flash cookies you'd like NOT to block, or just to have it block them all. It can inform you about the Flash cookies it blocks each time you close Firefox, or just do its business and not bother you. Your choice.
-cyberdiva
BetterPrivacy only deals with flash-cookies, right? They might be persistent nasties, but they're only a (small) part of the whole problem - IMHO it's much better to block any of the tracking scripts from executing (Ghostery or whatever, preferably combined with at least AdBlockPlus and NoScript if you can handle the whitelisting nuisance).
-
Thought I'd mention this as it seems like it is relevant and could be useful:
I had made a comment recommending HostsMan in a discussion here: Re: Host Editor 7 - Hassle free host editing for Win7-XP (https://www.donationcoder.com/forum/index.php?topic=27355.msg255576#msg255576)
In the Malwarebytes blog, they have two very interesting and related posts about malware avoidance, where there is a risk of getting malware loaded/activated by download links built into (concealed in) deceptive and honest-looking adverts, and how the use of HostsMan (http://www.abelhadigital.com/) could help to mitigate that risk:
- Pick a Download, Any Download! (http://blog.malwarebytes.org/intelligence/2012/10/pick-a-download-any-download/?utm_source=rss&utm_medium=rss&utm_campaign=pick-a-download-any-download#)
- Pick A Download… Part 2 (http://blog.malwarebytes.org/intelligence/2012/10/pick-a-download-part-2/#)
The benefits of using HostsMan over AdBlock or AdBlock Plus is that the blacklisted domains which HostsMan prevents you from visiting, also prevents you from accidentally being infected with malware from known exploit sites, the other applications only block ads.
I had switched HostsMan off as it had seemed a tad too paranoid, and was becoming annoying, and I saw a comment on the blog which shows that to be an issue:
davidperriman on October 26, 2012 at 2:36 pm said:
I have HostsMan installed and my criticism is that their database seems to contain an awful lot of sites which appear to be benign. Many’s the time I have tried to download or look at something on the strength of a review or recommendation from a trusted source, magazine, etc. and an error (cannot find server at……) is returned, Sure enough, when I do a search in HostMan’s list, it’s in there (why?) and I have to edit it out manually before I can get to it successfully. Just what is their criterion for inclusion in the list?
Still, the Malwarebytes blog posts are worth a read IMHO.
My reservations about HostMan are that, to use the host files which are available for download, you probably need to have a fair degree of trust in the providers - about whom I frankly know nothing. They could be **AA stooge files for all I know.