Domain: imrworldwide.com
Stories and comments across the archive that link to imrworldwide.com.
Comments · 5
-
Rejected Slashdot story submission
Subject: What are the limits of web site visitor tracking?
There is a very interesting story in this, but the Slashdot editors didn't think so.
RedSheriff tracks visits to web sites, and claims to be "the world's largest interactive media business intelligence specialist". RedSheriff claims "incomparable accuracy" using "superior patented technology" that "records user activity at the source, giving clients unprecedented access to data that accurately describes user behaviors". This raises a question: How much can they know about you?
To investigate RedSheriff claims, I visited the web sites of two of RedSheriff's clients, Telstra and Virgin Direct's Virgin Money.
(I prepared by turning off JavaScript and Java in Opera's File/Preferences/Multimedia menu, and selecting "Throw away new cookies on exit" in Opera's Privacy Preferences.)
I went to the Telstra home page and downloaded the HTML source. (Wow, the Telstra home page is ugly.) In the source I found mention of a RedSheriff JavaScript file, http://telstra.imrworldwide.com/a1.js. I downloaded that. (Save the effort of re-configuring your browser by just right-clicking on the link and selecting "Save target as".) Virgin Money's site has a different RedSheriff Javascript file, http://server-uk.imrworldwide.com/a3.js. Do a search for "Red Sheriff", with a space.
Then I downloaded a RedSheriff Java program that I found mentioned in the Telstra and Virgin Money home page sources, http://server-au.imrworldwide.com/Measure.class. Embedded within this binary is RedSheriff's privacy policy web page address: http://www.redsheriff.com/privacy.htm. ("RedSheriff Cares about Your Privacy", it says, humorously trying to have it both ways in the same web site.)
Basically it seems that RedSheriff is carrying visitor tracking to the limits, including tracking unsuspecting novices who may foolishly but voluntarily give them personal information. Looking at the code, I don't see any attempt to go beyond the narrow boundaries of what the JavaScript and Java languages allow. However, I'm not sure I see everything the code is doing. Can someone help with this? What are the limits?
Slashdot had a story about RedSheriff, Sun Java Runtime Uploads Usage Data to RedSheriff? Judging from the comments, there is some doubt about who is RedSheriff's client in that situation. The story submitter defended his information, and no one seems to have done a verifying test. (It would be easy to hide encrypted references to RedSheriff sites within binary. It would be easy include something in the binary that was not in the freely distributed source.) Note that the first part of one of the RedSheriff Javascript URLs above contains the name of the client, Telstra. -
Rejected Slashdot story submission
Subject: What are the limits of web site visitor tracking?
There is a very interesting story in this, but the Slashdot editors didn't think so.
RedSheriff tracks visits to web sites, and claims to be "the world's largest interactive media business intelligence specialist". RedSheriff claims "incomparable accuracy" using "superior patented technology" that "records user activity at the source, giving clients unprecedented access to data that accurately describes user behaviors". This raises a question: How much can they know about you?
To investigate RedSheriff claims, I visited the web sites of two of RedSheriff's clients, Telstra and Virgin Direct's Virgin Money.
(I prepared by turning off JavaScript and Java in Opera's File/Preferences/Multimedia menu, and selecting "Throw away new cookies on exit" in Opera's Privacy Preferences.)
I went to the Telstra home page and downloaded the HTML source. (Wow, the Telstra home page is ugly.) In the source I found mention of a RedSheriff JavaScript file, http://telstra.imrworldwide.com/a1.js. I downloaded that. (Save the effort of re-configuring your browser by just right-clicking on the link and selecting "Save target as".) Virgin Money's site has a different RedSheriff Javascript file, http://server-uk.imrworldwide.com/a3.js. Do a search for "Red Sheriff", with a space.
Then I downloaded a RedSheriff Java program that I found mentioned in the Telstra and Virgin Money home page sources, http://server-au.imrworldwide.com/Measure.class. Embedded within this binary is RedSheriff's privacy policy web page address: http://www.redsheriff.com/privacy.htm. ("RedSheriff Cares about Your Privacy", it says, humorously trying to have it both ways in the same web site.)
Basically it seems that RedSheriff is carrying visitor tracking to the limits, including tracking unsuspecting novices who may foolishly but voluntarily give them personal information. Looking at the code, I don't see any attempt to go beyond the narrow boundaries of what the JavaScript and Java languages allow. However, I'm not sure I see everything the code is doing. Can someone help with this? What are the limits?
Slashdot had a story about RedSheriff, Sun Java Runtime Uploads Usage Data to RedSheriff? Judging from the comments, there is some doubt about who is RedSheriff's client in that situation. The story submitter defended his information, and no one seems to have done a verifying test. (It would be easy to hide encrypted references to RedSheriff sites within binary. It would be easy include something in the binary that was not in the freely distributed source.) Note that the first part of one of the RedSheriff Javascript URLs above contains the name of the client, Telstra. -
Rejected Slashdot story submission
Subject: What are the limits of web site visitor tracking?
There is a very interesting story in this, but the Slashdot editors didn't think so.
RedSheriff tracks visits to web sites, and claims to be "the world's largest interactive media business intelligence specialist". RedSheriff claims "incomparable accuracy" using "superior patented technology" that "records user activity at the source, giving clients unprecedented access to data that accurately describes user behaviors". This raises a question: How much can they know about you?
To investigate RedSheriff claims, I visited the web sites of two of RedSheriff's clients, Telstra and Virgin Direct's Virgin Money.
(I prepared by turning off JavaScript and Java in Opera's File/Preferences/Multimedia menu, and selecting "Throw away new cookies on exit" in Opera's Privacy Preferences.)
I went to the Telstra home page and downloaded the HTML source. (Wow, the Telstra home page is ugly.) In the source I found mention of a RedSheriff JavaScript file, http://telstra.imrworldwide.com/a1.js. I downloaded that. (Save the effort of re-configuring your browser by just right-clicking on the link and selecting "Save target as".) Virgin Money's site has a different RedSheriff Javascript file, http://server-uk.imrworldwide.com/a3.js. Do a search for "Red Sheriff", with a space.
Then I downloaded a RedSheriff Java program that I found mentioned in the Telstra and Virgin Money home page sources, http://server-au.imrworldwide.com/Measure.class. Embedded within this binary is RedSheriff's privacy policy web page address: http://www.redsheriff.com/privacy.htm. ("RedSheriff Cares about Your Privacy", it says, humorously trying to have it both ways in the same web site.)
Basically it seems that RedSheriff is carrying visitor tracking to the limits, including tracking unsuspecting novices who may foolishly but voluntarily give them personal information. Looking at the code, I don't see any attempt to go beyond the narrow boundaries of what the JavaScript and Java languages allow. However, I'm not sure I see everything the code is doing. Can someone help with this? What are the limits?
Slashdot had a story about RedSheriff, Sun Java Runtime Uploads Usage Data to RedSheriff? Judging from the comments, there is some doubt about who is RedSheriff's client in that situation. The story submitter defended his information, and no one seems to have done a verifying test. (It would be easy to hide encrypted references to RedSheriff sites within binary. It would be easy include something in the binary that was not in the freely distributed source.) Note that the first part of one of the RedSheriff Javascript URLs above contains the name of the client, Telstra. -
What are the limits of web site visitor tracking?
I did as you said.
I turned off JavaScript and Java in Opera's File/Preferences/Multimedia menu. I selected "Throw away new cookies on exit" in Opera's Privacy Preferences.
Then I went to the Telstra home page and downloaded the source. (Wow, The Telstra home page is ugly.)
In the source I found mention of a RedSheriff JavaScript file, http://telstra.imrworldwide.com/a1.js. I downloaded that. (You can download the file by just right-clicking on the link and selecting "Save target as".)
Then I downloaded another RedSheriff Java program that I found mentioned in the Telstra home page source, http://server-au.imrworldwide.com/Measure.class.
Embedded within this binary is RedSheriff's Privacy policy web page address: http://www.redsheriff.com/privacy.htm.
Basically it seems that RedSheriff is carrying visitor tracking to the limits, including tracking unsuspecting novices who may give them personal information.
Looking at the code, I don't see any attempt to go beyond the boundaries of what the JavaScript and Java languages allow. However, I'm not knowledgeable enough to see everything the code is doing. Can someone help with this? -
What are the limits of web site visitor tracking?
I did as you said.
I turned off JavaScript and Java in Opera's File/Preferences/Multimedia menu. I selected "Throw away new cookies on exit" in Opera's Privacy Preferences.
Then I went to the Telstra home page and downloaded the source. (Wow, The Telstra home page is ugly.)
In the source I found mention of a RedSheriff JavaScript file, http://telstra.imrworldwide.com/a1.js. I downloaded that. (You can download the file by just right-clicking on the link and selecting "Save target as".)
Then I downloaded another RedSheriff Java program that I found mentioned in the Telstra home page source, http://server-au.imrworldwide.com/Measure.class.
Embedded within this binary is RedSheriff's Privacy policy web page address: http://www.redsheriff.com/privacy.htm.
Basically it seems that RedSheriff is carrying visitor tracking to the limits, including tracking unsuspecting novices who may give them personal information.
Looking at the code, I don't see any attempt to go beyond the boundaries of what the JavaScript and Java languages allow. However, I'm not knowledgeable enough to see everything the code is doing. Can someone help with this?