Domain: google-analytics.com
Stories and comments across the archive that link to google-analytics.com.
Comments · 25
-
Slashdot advert trackers ..
"To me it's creepy when I look at something and all of a sudden it's chasing me all the way across the web" Cook said. "I don't like that."
https://snap.licdn.com/
https://analytics.slashdotmedi...
https://ssl.google-analytics.c...
https://ml314.com/
https://consent.trustarc.com/
https://a.fsdn.com/
https://ads.pro-market.net/
https://cdn.taboola.com/
https://rpxnow.com/
https://tag.crsspxl.com/
https://www.stack-sonar.com/
https://a.fsdn.com/
https://cdn-social.janrain.com...
https://d3tglifpd8whs6.cloudfr... -
Not much shown,..
All I get is a white page with a link:
https://www.google-analytics.c...
I mean who really runs javascript from unknown sites?
-
Re:And this is impressive why?
Google [...] doesn't know what sites you visit
Between Double-click, apis.google.com, Google-Analytics, and ads.google.com I'm pretty sure Google knows exactly what sites you visit.
-
Re:MS DID get caught, sniffing peoples google sear
With Google you have to choose to be tracked.
With google you have to knowingly choose not to be tracked. You are tracked by default.
-
Google are full of shit
Just like how TFA talks about illusory opt-out system, Google are up to it again:
Those that are concerned about their privacy can install an add-on and permanently disable the script. After installing the add-on, you'll notice that the browser still sends a request for this file: http://www.google-analytics.com/ga.js when visiting a page that uses Google Analytics, but it no longer sends information to Google Analytics.
So Google don't get all the info they want, but they still get a log entry from users of this extension every time their browser requests http://www.google-analytics.com/ga.js (with date/time, and of course the referrer). And if they have a cookie set for google-analytics.com (or accept 3rd party cookies), that'll be logged too. So the users still can potentially be tracked, even when they have taken steps to avoid it.
There isn't a search as effective as Google, so I'm not about to stop using it. It's just they are totally untrustworthy in my opinion, so I use protection when connecting to Google's ports. I use Scroogle SSL via TOR. Yeah, it's a little slow (about dial up speed, 15 years ago), but it is worth it: 100 results by default (without a cookie), no cruft, no corporations getting info that they will only use to try and convince me to give them time/money.
-
Google are full of shit
Just like how TFA talks about illusory opt-out system, Google are up to it again:
Those that are concerned about their privacy can install an add-on and permanently disable the script. After installing the add-on, you'll notice that the browser still sends a request for this file: http://www.google-analytics.com/ga.js when visiting a page that uses Google Analytics, but it no longer sends information to Google Analytics.
So Google don't get all the info they want, but they still get a log entry from users of this extension every time their browser requests http://www.google-analytics.com/ga.js (with date/time, and of course the referrer). And if they have a cookie set for google-analytics.com (or accept 3rd party cookies), that'll be logged too. So the users still can potentially be tracked, even when they have taken steps to avoid it.
There isn't a search as effective as Google, so I'm not about to stop using it. It's just they are totally untrustworthy in my opinion, so I use protection when connecting to Google's ports. I use Scroogle SSL via TOR. Yeah, it's a little slow (about dial up speed, 15 years ago), but it is worth it: 100 results by default (without a cookie), no cruft, no corporations getting info that they will only use to try and convince me to give them time/money.
-
Re:They just don't get it do they
-
Re:Why is this news?
I noticed that the download of slashdot webpages would be delayed by some strange link to
http://www.google-analytics.com/ga.js
http://www.ad.doubleclick.net/adj/ostg.slashdot/yro_p1_leader;logged_in=1;dcopt=....
You can check this by clicking on Adblock in Firefox.
I do wonder if this allows doubleclick.net to see past "anonymous coward" postings.
-
Re:solution in search of a problemThe file is indeed Javascript and it's called "urchin.js" (nice name eh?). "urchin.js" is the old name for the script. Google encourages webmasters to upgrade to the new ga.js, which has pretty much the same functionality, but some other enhancements. Both those scripts feed data into the same reports. If you're interested, you can see what the scripts is doing by looking at http://www.google-analytics.com/ga.js. It's pretty compact JavaScript, and I haven't gone through it to work out what it's doing. Personally, I use it on the website for my wife's children's shoe shop. From my point of view, the reports I get out of Google Analytics are excellent, and really help me optimise the website for keywords and navigation. I will admit though, that it is a little creepy about Google capturing the surfing habits of people in that way.
-
Thank you Adblock
http://.google-analytics.com/*
I heard of Google Analytics in the first few seconds after I installed Adblock, and then never worried about it again. -
Google-Analytics tracks you EVERYWHERE.
Quote: "I personally think Google is on thin ice here and would personally not like to see this deal go through."
I agree.
Anyone doubting how much Google has started to become a factor in our lives should run Firefox with the NoScript add-on. NoScript will show you that most web sites deliver all of your browsing history to Google-Analytics.com.
The U.S. government's idea that it can get any information from any U.S. company at any time by threatening to put the executives of the company in jail, and can keep that secret, means that, using Google's information, your entire history online can be tracked by the U.S. government.
Only Firefox with NoScript can prevent this. Since Google has been paying $50,000,000 each year to the Mozilla Foundation, the developers of Firefox, and since Google makes money through advertising, it seems likely that Firefox will eventually not allow add-ons like NoScript and Ad-Block.
When I learned that the founders of Google bought themselves a Boeing 747, I began to worry that they are not people like us any more, but have rich man's sickness. Someone with that sickness will do anything to make more money.
NoScript makes your browsing much more secure, in addition to giving you the option to stop spying. It's amazing how many web sites run Javascript scripts linking the web sites we visit to other servers at other companies.
Deciding what needs to be unblocked is extra work, however. -
Re:Tell Google now
Well well I guess I should have previewed first. Google analytics code at the bottom of the page contains this https://ssl.google-analytics.com/urchin.js which they claim copyright to.
-
Re:Security issue with Urchin!!
Excellent! To anyone else still browsing, the urchin.js is available over https after all. Thanks AC!
A better idea would be to simply copy the js file to your local server; that way, clients would load the file over the https connection they already established to your server, and your page won't break if Google Analytics upgrade the contents of the file. -
Urchin still lives on... in Google Analytics
Doesn't anyone use Google Analytics?
Urchin is featured prominently there, as well as in every website that uses Google Analytics.
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
<script type="text/javascript">_uacct = "UA-296615-15"; urchinTracker();</script> -
Urchin still lives on... in Google Analytics
Doesn't anyone use Google Analytics?
Urchin is featured prominently there, as well as in every website that uses Google Analytics.
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
<script type="text/javascript">_uacct = "UA-296615-15"; urchinTracker();</script> -
Re:Security issue with Urchin!!
Isn't it available via https://ssl.google-analytics.com/urchin.js
-
Security issue with Urchin!!
For those companies that use Urchin, note that there is a potential security vulnerability that I came across on a copmany's ordering page just a few days ago. The company, who shall remain nameless, has since taken my suggestion and closed the security hole, but I don't know how many more ordering screens use Urchin in the same way.
The problem is thus:
1. The ordering screen where you enter your VISA card number is loaded over https
2. The ordering screen includes the urchin.js script file, but this file is loaded over unsecured http
3. This means that urchin.js could be replaced in transit with another script which could steal your personal info by, for instance, changing the form you are submitting to point to another server.
In this case, the Firefox "lock" icon displays an error: "Warning: Contains unauthenticated content". Unfortunately, this is very easy to miss. I only spotted it because I use the Petname Toolbar, which prevents phishing and spoofing. The toolbar would not let me set a petname for this site, because the unsecured content could literally change anything on the page, so it wasn't safe. If you don't already have the Petname Toolbar installed, I highly recommend that you install it.
Urchin could close this hole if they allowed urchin.js to be loaded over https, but the file isn't available over a secured link. To anyone using urchin.js, make sure you don't include that file on your secured pages.
What's even more disheartening, is that this site was verified as "hacker safe" by ScanAlert; missing such an obvious hole really decreases my confidence in their testing methods. -
Re:quick summary
That print version viewed in Firefox with the Adblock plugin actually looks very clean, no extra crap.
Active filter strings I see are:
doubleclick
2o7.net
http://js.adsonar.com/
http://www.google-analytics.com/urchin.js
I wish doubleclick was on the list of departed companies -
Re:Of course you can
Do you think people are still using logfiles to analyze their web traffic? Modern e-metrics tools are Javascript based. It's easy to track users behind NAT, calculate the time a user spends on a site, and much more. And don't tell me that this is skewed by people that have Javascript disabled. That's maybe 1 or 2 percent of the visitors.
Here is the (compressed) Javascript that is executed each time you view a page on a site using Google Analytics, for example.
-
Re:Ensuring Google can't track/profile your browsi
You also (or rather: especially) want to block www.google-analytics.com or more specific the script http://www.google-analytics.com/urchin.js that is used to track you by more and more sites these days.
And yes, /. uses it too. Just have a look the end of the source. -
mmm, a new wave?
I can see how google could use its network to sort of create a global log in for a large network of social sites. Now we just have to watch who google gets in bed with...
Hmmm, lol, some interesting links!
- google + orkut
- google js
- is that what that means?
- LOL -
Re:Small Step...
Unfortunately this can not be done system independently with an absolute path
;-) So this is more to give the idea... Btw. the "spy-script" from there gives them only little more information than you could read from the server-log files (of the server that hosts the page that references the script).
Do a
wget http://www.google-analytics.com/urchin.js
for details... -
Re:Adblock is your friend...
Add
That's what TinyURL is for.
http://www.google-analytics.com/*
to your blocking rules, and all is well. :-) ;) -
Re:Big Brother-esque (again)
perhaps someone who can read Javashit scripting code can decipher it for us
-
Here is the tracking code
and yes its urchin
http://google-analytics.com/urchin.js