Slashdot Mirror
DoubleClick Taken to Court
- Friday, January 28, 2 p.m. US EST
Tuesday USA Today reporter Will Rodger wrote about DoubleClick. We linked to his story here. Wednesday afternoon a DoubleClick Corporate Communications person* called Andover.net Corporate Communications VP Janet Holian and asked her to remove our story and the link to USA Today.
Janet passed the problem to me, since Andover has a very strict policy prohibiting Andover corporate people from interfering in editorial decisions.
I listened politely to the DoubleClick person, who told me USA Today's story was innacurate and we were wrong to link to it, and how she was calling journalists all over the country to tell them that the information in it was false and should not be relied upon. Then she requested that we pull the Slashdot story that linked to the USA Today story. No direct threats were made, but the words "refer this to our legal department" were said.
I said no, we couldn't and wouldn't pull the story.
Next move: I called USA Today. These guys are good fact-checkers. They pointed me at some of DoubleClick's own press releases and privacy policy pages, most of which had already been referenced by Slashdot in this story back in October, 1999.
An Open Offer
I offered DoubleClick's Corporate Communications person a chance to state their side of the story here, on Slashdot. I promised to run whatever they sent verbatim. I have received nothing from them so far. I called DoubleClick and reiterated the offer before writing this. Still nothing, not even an e-mail saying what information they feel is incorrect in any of the stories written about them here, in USA Today or in other media.
At this point, it's DoubleClick's move. Perhaps, eventually, they'll post something on their Press Release page. We'll keep an eye on it in case they do.
* I left out the name of the DoubleClick Corporate Communications person purely as a personal courtesy. She is a very nice woman in a bad position, trying to do a very tough job - which, right now, could probably best be described as "frantic damage control."
I know that I can opt out of Double Click's cookies by either not accepting them or accepting their opt out cookie, but what I really want to do is remove any and all info about me from their database. I'm sure they've used other methods to collect info on me, and I want it removed. What are my options?
-D
I like the fact that you have to explicitly ask them NOT to spy on you.
In return, I will set up a spy camera in the homes of everyone who works for the comapany unless they respond to this post telling me that they want to opt out.
I tried the Opt out thing with Mozilla (M13), and when I checked the cookies, I had two from doubleclick:
One ws called id, with a value of "A"
The other was had like a 16 digit alphaneumeric name, with similar content.
Anyone else see anything similar?
Sad, really.
these regulations will have an unintended consequence -- drive these businesses offshore.
The best thing to do is to keep a public list of companies that do this. I have already blackholed doubleclick in my DNS caching server. I will do the same to any company that wants to violate my privacy. To me, doubleclick ads look remarkably like the broken image icon.
I'm certain that they are not exactly crying over my action, but if enough people do that (especially if ISPs do that as a service to their customers) they will be hurt, and moving offshore won't help them.
Yes, I do believe that it violates certain privacy laws, but I don't think that's the case if whatever forms they use to gather that information have an opt-out or opt-in procedure. The customer must be made aware of this information exchange.
As I understand it, they SORT OF let the customer know, but it's like in the Hitchiker's Guide, it's on file in the planning office (in a locked filing cabinet in a disused lavatory in the basement. The light had gone out and so had the stairs). In other words, the notification is in fine print in the privacy statement which is several pages deep.
For the IE users out there, if you do a search on your computer for 'doubleclick', it will find all the cookie files associated with that domain (IE stores each cookie in a separate file). Just edit the files to say 'OPT_OUT' or delete them altogether.
I say put in 'OPT_OUT', since they can always reestablish the cookies. At least this way, if your information does end up in your stash, you can point to your cookie file and say, "See, it says, 'OPT_OUT'!"
2) if they make a deal with major sites that use banners from doubleclick where the sites relay personal information submited to them back to doubleclick, the name->cookie mapping may be done.
It's number two. They have setup limited partnerships with various companies to have that information relayed back to them. Yes, I do believe that it violates certain privacy laws, but I don't think that's the case if whatever forms they use to gather that information have an opt-out or opt-in procedure. The customer must be made aware of this information exchange.
personally, I support something like this:
I can't go to the "opt out" page because I've told my browser to never load any URL that comes from doubleclick. 8-} It's easy and works on UNIX,
:-)
Windows, and Macs with IE5 or NS2-5. yes, and right now I can't go to your no-ads page because Junkbuster sees "ads" in the url and tosses it
Junkbuster works like a dream, it's a really tight little program, and it even seems to cure Netscapes horrible DNS hangs. It comes as a rpm, exe, whatever, and also compiles from source in a few seconds, with a raw makefile that doesn't need configuring. One obvious improvement: instead of just giving you a link to the reason why it tossed a page, it should give you a "go there anyway" link as well. I'll see what I can do...
Life's a bitch but somebody's gotta do it.
There were no cookies, spam, or ads. The information was accurate, up-to-date and well-moderated. The conversations were ALL on-topic and intelligent. It was called compuserve. The web underbid it.
Recursive: Adj. See Recursive.
72202,142 myself -- been the same since 1979 (pretty good considering I was born in '75!).
Former Sysop/AssistOp -- Adobe; Comics; Artists
Unfortunately folks jumped ship to save a few dollars a month so we could spend hours longer searching for the same information. Now I'm on email lists that have 10 times as much noise, no threading and half the information of the old fora. But I guess that's progress!...
Recursive: Adj. See Recursive.
I've recently made efforts to decrypt the cookie file format for IE, and I can say what most of the fields are.
id
This is the cookie name. Don't trust any cookie with a name of "id", "user" or names containing these words if they are from a site you don't know or don't trust. It's a tracking cookie. Delete all such cookies on sight (unless they are from a site you trust, like slashdot), and if possible block access from the site via your firewall.
OPT_OUT
This is the cookie value.
doubleclick.net/
This is the domain and path for the cookie. This one means the cookie will be sent to all sites with a domain of doubleclick.net.
0
Don't know what this is, any ideas?
1468938752
31583413
This is the expiration time of the cookie. More details on the format later. When you decrypt this time, you'll find that it's about 2030 or so. Most sites that push cookies at you with an expiration time this far in the future are not to be trusted.
776923520
29321255
This is the creation time of the cookie.
*
I don't know what this is either, any ideas?
The times are a 64-bit number. Take the first number, add the second number * 2^32, and divide by (I think) 10 million. You get number of milliseconds since about 1/1/1601. I have been having a little trouble determining the exact epoch (time when number = 0) of this number, because Microsoft seem to be deliberately obfuscating this information. For example, if you export cookies in Netscape format, the exported time is wrong.
If you want to fake this date and time for any reason, such as destroying any usefulness of tracking you by the creation time, then note that the date and time is always exactly divisible by (I think 10 million), with no remainder.
--
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
I say that you DO have to regulate this trash. If you can't keep off-shore folfs from doing it then just keep off-shore sites off our internet. Place a great big firewall up and regualte what goes through it.
You really want the government telling you who you can and cannot connect to? Personally, that idea scares me. For one, it is just about the same thing as censorship. Sorry, but I don't want the government in that business.
You can setup your own proxy server or firewall to prevent such privacy invasions, however. I recommend The Internet Junkbuster; I set it up in like ten minutes the other day and it works great.
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
Depends. If collecting this information for later commercial use is a crime, then using doubleclick for banners would likewise be a crime. (Contracting for a criminal act is itself a crime, outside of conspiracy, etc)
:)
Sure, eventually all the big businesses could go offshore, but users still need homepages, and small sites still need banners, which would mean that there would be a market for a legal banner site.
And, think of the fun, if they were offshore in such a way that our laws didn't apply to them, theirs wouldn't to us. A free site to hack on, and they'd have no legal grounds to stop you unless you broke laws of your host country, and I doubt the government would go out of their way to help them.
I'm with the other poster in this group, I've filtered out banners I don't like. I use junkbuster (www.junkbuster.com) instead of misrouting the IP because the browser stops looking, but otherwise, I do the same.
Yeah, if foobar.com uses doubleclick and doesn't make any money off of me, wah. And if they go under because of it? Boo fucking hoo.
If companies go under because they get boycotted for being sleezy it'll just open up a place for a new company. And if they use a banner company that doesn't suck, maybe people won't blacklist them, and they'll make a buck. If not, there'll be another right behind them willing to try.
By your logic we should all go watch movies now, because the MPAA needs money, and if we don't support them, there will never be any entertainment again.
I simply fill out a different card every time I've got a few minutes, with whatever fake info I want, then when I'm shopping with friends, I give them my extra cards if they don't already have one. Share the wealth.
The companies that do this are sleezy, because they usually jack the non-club price of hot items up, forcing non-participating shoppers to either go to two stores, pay very high prices, or sign over their privacy.
And I like how the poster you (the poster I'm responging to) talked about a free plane trip every $2000... How about a free trip every $20k, and then only to certain destinations, for certain times, etc. That's how airmiles cards work.
Speaking of bum deals, I received some gift certificates to the movies for my birthday and when I went to see James Bond:TWINE, I was told it was a premeire night and my gift certificates weren't any good. So I gave them hell about refusing to honor a contract. They didn't say anywhere that the gift certificates weren't valid for everything, except on the gift certificate itself, which you didn't see till you paid. Gave them hell for a while until they backed down. Freaking good for nothing assholes. As soon as they have your money they make it clear how much they care.
Excellent, thank you. I had heard about junkbuster but never really looked into it much, figuring it would interfere with the proxy server here at work. It chains from my browser to the JB proxy to my company firewall just great. Took me 10 minutes to get it all working and add the cites I want to let cookies in (slashdot) and to block all the sites I don't want ads from (adfu, doubleclick, etc).
Thank you.
First off, you sound like an ambulance chaser trying to justify his decision to leech off the teet of the productive portions of society.
Secondly, you must not be overly educated if you don't know that most of the upper crust, semi-working class (politians, CEOs, etc.) have more vile mouths than your average hardened criminal.
Thirdly, posting as an AC is no more in public than hiding in your closet.
Fourthly, lawsuits are not particularily indicative of freedom, unless you mean the freedom to fuck over anyone who has less money than yourself. Or the freedom to run roughshod over the rights of others because they don't have enough money to stick it to you in a court of law.
hosts file:
127.0.0.1 ad.doubleclick.net
127.0.0.1 ads.doubleclick.net
Bingo! no more problems, no more crappy ads, etc. I've been doing this with every banner provider I can find. However, can anyone come up with a good reason why this is a bad idea? (other than 'hope you don't work for doubleclick?')
If he lives in NY, NY, he might be one of the six people listed here. Keeping with the spirit of Doubleclick, you could just randomly choose one of them and have that person's privacy royally invaded.
"If one is really a superior person, the fact is likely to leak out without too much assistance" -- John Andrew Holmes
echo:>cookies.txt
attrib +r cookies.txt
---
"We don't think it's an issue," said Kevin Ryan, DoubleClick's president.
DoubleClick says there is no demand for prior consent. For instance, of the 75 million people per month who view DoubleClick network ads, only ten per day elect to remove the company's cookie, which tracks surfing habits, from their computers.
"I've been very active on the online privacy issues with the FTC since 1997," he added. "We spent a lot of time on this in discussing the merger--if consumers are not happy, neither one of us has a business."
You might be right. Now tell these same people that if they wear this tracking bug around every time they shop at the mall and they'd get a free round-trip plane ticket to the destination of their choice for every $2000 they spent, you'd have about 90 people lining up to get their shoes bugged.
Far fetched? Not at all. Our local mall does this already. Of course they call it "Mallperks" and you have to show a card to get your reward (the free plane ticket was just an example), but people seem to be willing to trade their privacy for a few extra gewgaws. And they do it even though anyone with a room-temperature IQ should know that all that information is going into a big database somewhere that They are going to use to know everything about you, including what games you play, what kind of makeup you buy, what toys your kids play with and probably how often you have sex.
Needless to say I don't have one of these cards.
--
Someone you trust is one of us.
BTW, I tried DoubleDlick's opt-out script using Netscape 4.7 under Linux (Gnome, Redhat 6.1) and it didn't work. Maybe something just glitched, but I ended up editing cookies manually.
Got a beef? Plug a name into the Bizarre Rumour Generator!
The problem is that there is very little acting to remove bad law, and thus they just pile up, clogging the system.
Force every federal law to stand for review every 10 years, and watch the volume of law shrink.
I also say that all laws ought to be required to stand for 1 year public scrutiny, then be voted on as a straight yes/no vote. Any modifications restart the clock.
Basically, let's bring the OSS methodology of "publish early, publish often" to law.
www.eFax.com are spammers
This is the STUPIDEST way to handle this I can think of! "Hmm, I've set my shirt on fire. Perhaps I can run outside and dowse myself in something cold, like liquid oxygen..."
You don't get this stupid by accident. It takes bad genetics, years of practice, and chemical assistance. I've blocked DC for years on my firewall, now I know I made the right decision.
www.eFax.com are spammers
"if that user has agreed to receive personally-tailored ads"
What that means is you would have to read every privacy statement of every website you visit, and if even one mentions something in the fine print about viewing "personally tailored ads", DoubleClick can identify you and your web browsing habits.
The odds are pretty good that you have "agreed" to that somewhere, since DoubleClick has such a large percentage of the banner ad business.
Don't forget that Friday is Hawaiian shirt day.
Here is where I read about it.
And you are correct about second level domains sharing cookies. It depends on how you set the cookie. If you were to set it to "somerandomsite.com" it can be shared. If you were to set it to "www.somerandomsite.com" only www.somerandomsite.com can read it.
Here is the reference I use anytime I need to use cookies: Cookie FAQ
penguinicide... when jumping out a window just won't do.
Now that's a lawsuit I will stand behind, as it protects consumer rights rather than trampling them.
... feel free to flame or add.
I don't know when it started, but I certainly didn't give anyone express permission to buy and sell my life's history as a consumer, just so they could "target" the junk mail and telephone spam that they insist on hurling at me. These giant databases of consumer information are sketchy in and of themselves, but when they are combined with what I consider browsing surveillance, they very well could cross the line into corporate big brother behavior.
If we have the freedom not to be illicitly watched by the government in our private lives (without cause), wouldn't that freedom extend to restrict the behavior of corporations?
Additionally, if someone is indiscriminately watching my habits online, how close does that get to wiretapping?
Just rambling
good. fast. cheap. (pick any two, you can't have all three)
I'll do it for cheesy poofs.
Maybe now, maybe not for long.
I'll do it for cheesy poofs.
(hmmm.. the [preview] button should be be the default in the comment form, not [submit] :)
:-)
have doubleclick explained how they are going to make this thing happen? i mean, yes they have a database with cookie 'movements' and yes, they have a database with names. but unless they have some way to link these two together, there is no way to make the name db usefull.
there are two ways they can do the name->cookie mapping.
1) if you give them your name, they obviously got what they need, so avoid that
2) if they make a deal with major sites that use banners from doubleclick where the sites relay personal information submited to them back to doubleclick, the name->cookie mapping may be done.
but i belive #2 violates some privacy laws.
larva
-- gunzip-howto.tar.gz
This is the doubleclick cookie off my Win98 machine:
id
OPT_OUT
doubleclick.net/
0
1468938752
31583413
776923520
29321255
*
Anyone else who opted out, do you have these EXACT same numbers? Seems weird that my optout gives me random numbers....
This is my host file - posted because everyone is missing a few servers
here are a the major ad corps
127.0.0.1 adforce.imgis.com
127.0.0.1 ads.enliven.com
127.0.0.1 Ogilvy.ngadcenter.net
127.0.0.1 oz.valueclick.com
Double click below...
127.0.0.1 doubleclick.net
127.0.0.1 ads.doubleclick.net
127.0.0.1 ad.doubleclick.net
127.0.0.1 ad2.doubleclick.net
127.0.0.1 ad3.doubleclick.net
127.0.0.1 ad4.doubleclick.net
127.0.0.1 ad5.doubleclick.net
127.0.0.1 ad6.doubleclick.net
127.0.0.1 ad7.doubleclick.net
127.0.0.1 ad8.doubleclick.net
127.0.0.1 ad9.doubleclick.net
you might want to add in these for when they grow...
127.0.0.1 ad10.doubleclick.net
127.0.0.1 ad11.doubleclick.net
127.0.0.1 ad12.doubleclick.net
127.0.0.1 ad13.doubleclick.net
127.0.0.1 ad14.doubleclick.net
127.0.0.1 ad15.doubleclick.net
127.0.0.1 ad16.doubleclick.net
127.0.0.1 ad17.doubleclick.net
127.0.0.1 ad18.doubleclick.net
127.0.0.1 ad19.doubleclick.net
127.0.0.1 ad20.doubleclick.net
Aaron "PooF" Matthews
E-mail: aaron@fish.pathcom.com
To mail me remove "fish."
ICQ: 11391152
Quote: "Success is the greatest revenge"
When I've heard people criticize cookies, this has always been the horror story that they theorized about. My reply has always been that if someone was stupid enough to try it, they would be instantly sued by privacy groups.
Hopefully this lawsuit will have the intended effect, and he we will have a precedent set that it's illegal to do this type of tracking. Then hopefully (although I doubt it will happen) people will stop freaking about cookies.
Cookies are your friend. Cookies make web sites a whole lot simpler and more reliable.
--
Well, first I should say that I don't really care about market tracking that much. I'm just not that paranoid ("Diana, get your gun. The marketing police are trying to break down the door!"). I just opt out when I find out.
Second of all, they probably will just get a slap on the wrist and who cares? As long as they stop, I'm happy. I should point out that the women suffered no real financial damages.
Personally, I don't want them to "go out of business". I like web advertising. You know why? Because without it, a lot of web services that I enjoy using would cease to exist. Having some ads that take up a minuscule part of my screen is a small price to pay for these services.
Like Slashdot? Junkbuster just makes it harder for Slashdots to exist. You might try realizing that ads are what make a lot of these things possible, and show a little more appreciation and respect./P.
--
I don't like doubleclick. They iconify a disturbing trend: a big brother keeping track of your habbits. (For the sake of selling you crap, no less.)
This, however, is a stupid lawsuit. If the woman was genuinly concerned about privacy, she should do what many of us already do and filter out doubleclick before it arives at the browser.
This individual is looking to raid some deep pockets, and she has targeted doubleclick because they are disliked enough that she may not look greedy compared to them.
But this is still about greed. No, we don't like doubleclick, but is my enemy's enemy my friend?
One interesting thing about the lawsuit is that it is brought in California, by a California resident.
California is one of a handful of States which, by State Constitution, gives its residents more privacy rights than afforded to the U.S. at large by the U.S. Constitution. It is unclear from reporting I've seen so far whether this Plaintiff is claiming privacy rights under the California constitution, but I am a California lawyer, and I would think about it seriously.
The beauty of this would be that, if the Plaintiff does have a good case under California privacy law, then even if (hypothetically) she doesn't under federal law, as a practical matter DoubleClick would have to modify its behavior throughout the country, since it would be untenable for them to have one set of rules for California web users, another for everyone else.
you meant to say the cookies file, not the bookmarks.
It seems everyday I see more and more stories about a company doing something naughty, and then people sue them. Why is this? To get rich of course.
If you think about it for a moment, one person suing a company won't do much. True, it does take money out of their pockets, give them some bad PR and perhaps invites other lawsuits, but this accomplishes nothing in the long run.
What needs to be done is there should either be stricter laws against this kind of thing, or someone (dare I say the government?) should intervene. Personally, I perfer to see stronger privacy laws, but don't beleive it will ever happen due to lobbying by companies and senators thinking there are more "important things" that need to be done instead (such as government funded tests to see how fast ketchup flows. It's true.).
So, in the end, the question stands "What can you do to help?". Contact representatives in government and tell them how you feel about abuses such as this. Write, e-mail, fax, call, stop by, whatever it takes to make your voice heard. If you don't help make a difference, then you're just helping DoubleClick by keeping quiet.
A few people getting some money from a company won't help, but laws and speaking out against this sort of thing will.
The other danger with this is that with the all of the attention that this is getting could it be possable for other organizations to track you using double click's cookie?
--Hephaestus_Lee
"[Y]our wise men don't know how it feels to be thick as a brick." -- Ian Anderson
We could all just edit our double click cookie to be the same user id. Imagine the demographic of that user! One hell of a web surfer.
For anyone who is interested, a realplayer replay of the program should be available by tomorrow at http://search.npr.org/cf/cmn/cmnps02fm.cfm?MM=1&YY =2000&PrgID=5).
ln -s /dev/null cookies.txt
and it accomplishes the same thing. writes do go to RAM so that for the duration of the netscape session, cookies are readable, but when you exit and restart netscape, all cookies are gone! ;-)
--
--
"It is now safe to switch off your computer."
then "cable tv" came about. it was a pay-to-access (or decode) service. and while there was some doubt that folks would actually pay for what they used to get for free, it soon took off in a big way. now, there are more than 10x pay stations compared to 'free' stations. (maybe even 100x if you have a BUD dish.)
so why can't the new internet learn from this example? I, for one, would gladly pay for actual factual real content just to avoid spam, ads, Blinkin'Gifs, JavaScript hacks and other such annoying nonsense.
but in return for my money, I'd want to be sure that my privacy is being protected. perhaps a contract that has, in essense, "if my personal information or viewing/browsing habits are ever recorded or exposed/sold, then $X dollars are to be refunded - plus damages - back to me". ie, a check and balance system of sorts. just to keep the sites honest.
end effect: sites would get paid, consumers' rights would not be abused and content would continue to exist. and freedom of competition would keep it all affordable.
--
--
"It is now safe to switch off your computer."
I know and have worked for several companies, who when they set an "opt-out" cookie, actually still track you by IP and the "opt-out". Even on a dial up, you're still pretty vulnerable and with DSL or Cable, you're still tracked with extreme accuracy. Honestly Kids, while Layers are a big problem, Marketing screws are so evil they make Layers look like priests.
I can't go to the "opt out" page because I've told my browser to never load any URL that comes from doubleclick. 8-} It's easy and works on UNIX, Windows, and Macs with IE5 or NS2-5.
http://www.schooner.com/~loverso/no-ads/
(I also blackhole a slew of other "ad banner" servers; mostly those that serve cookies or animated images)
If you're using Netscape, you don't have to worry so much. First, edit the .netscape/bookmarks file. It's a text file. Delete all the lines that include doubleclick, or any other server that you don't know what it does.
Then set the bookmarks file to read-only.
This allows doubleclick and its ilk to set a cookie. But every time you re-start, it starts all over. So they get a little bit of data, but they can only trail you through one session.
Or would you rather trust those bastard's opt-out, we wouldn't do anything nasty, we're good guys farce?
We should setup a network of DNS resolvers (DNS nameservers that just resolve addresses) that have alternate entries for the hosts of ad servers. Thus those individuals who wish to not see banner ads and not have their consumer activities profiled, could simply avoid ever connecting to the offending servers. Anyone willing to help out?
This is one step in the right direction towards good Privacy standards.
Remember, when it comes to these 'marketing companies'....
How is it companies that you do business with are free to give any information you give them to a marketing company, but the marketing company will not give you information about *their* customers?
When I went to click on that opt-out link, I got a message saying the Internet JunkBuster had blocked that URL.
;-)
Aw, darn.
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
... what I really want to do is remove any and all info about me from their database. I'm sure they've used other methods to collect info on me, and I want it removed. What are my options?
Unfortunately, that information was likely collected using perfectly legal means, and is thus their property. You can control how they use it (e.g., stopping them from calling you to sell you things), but not the fact that they have it. You can usually tell them not to rent or sell your name, but I believe the law isn't clear on your rights in such cases.
Check out the Data About You page at JunkBusters.com for more information about this sort of thing.
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
Actually, the fact that a society needs specialists to interpret for its members just about every one of its rules indicates to me, as an engineer, that the system has grown too unwieldy & complex (too many special cases, too many "conflicting" rules, etc). If I were in charge of the design of this system, I would be working to consolidate & simplify the system until it were more maintainable - this would mean that more people would be able to understand "the rules" by themselves, and wouldn't need lawyers except for the most complex cases.
Of course, I know that anybody who is benefiting strongly from the current state of the system (lawyers are a good example :) is going to strongly resist any attempt to change the system, even if changing the system would result in an overall improvement in the "happiness level" of the society. It's only when the forces of change are stronger than the forces of the status quo that a change will occur - and if the forces are severely polarized when a massive change occurs, then the fallout can cause major societal damage.
Well, the OPT-OUT thing is nice, but if you don't trust anyone (like me :P) you can use the following networks as masks in your ip filter (i'm just snipping out my rules from openbsd, but the ip networks are in there).
:P These seem to be all of them though.
block in quick on ne0 from 199.95.208.0/24 to any
block out quick on ne0 from any to 199.95.208.0/24
block in quick on ne0 from 199.95.207.0/24 to any
block out quick on ne0 from any to 199.95.207.0/24
block in quick on ne0 from 209.249.231.0/24 to any
block out quick on ne0 from any to 209.249.231.0/24
block in quick on ne0 from 204.253.104.0/24 to any
block out quick on ne0 from any to 204.253.104.0/24
block in quick on ne0 from 208.184.29.0/24 to any
block out quick on ne0 from any to 208.184.29.0/24
This seemed to be more reliable than using the doublclick.net network. But everytime i blocked on out they got back in through another spot
os.system("perl -e 'print \"My first Python Script.\"'")
Various Peoples, It seems taht everyone seems to take a real lax view of internet tracking because the average user can't even tell its happening. I bet if you ask 100 people in the mall if you could put a traking bug on thier shoe so you could tell where the went and what stores they bought stuff at and then catalog thier names and addresses in a huge database (with nothing in return)you would most likely recieve 100 no's. Now if people found out some place in the mall had secretly placed a tracking device on them and cataloged all of thier daily travels into a database I bet the place would be shutdown simply by the angry mob tearing the place apart.
Its about time those guys got taken down a peg or two. I've been filtering doubleclick out at my proxy server since I first noticed they were dropping cookies on each of their click-through ads. If you're after an easy way of blocking Doubleclick and others like them, check out Junkbusters They have filters for win95/98/nt and unix, as well as a generic faq on blocking cookies and banner ads.
--
"When I grow up, I want to be a weirdo"
Fuck this. I'm a lawyer, and it chafes my ass to see this godman stupid point made over and over again. Let me ask you this question: How many lawsuits do you think you saw in the Soviet Union?
I mean it. Lawsuits are a sign of freedom. They're a sign that the government has decided to leave as much as possible to the free market and the law of contract and tort, and not to come in with a big wet fucking nanny agency. Which of course still generates work for lawyers through a regulatory practice, but less open and less honest work.
Would you rather Big Fucking Brother came in and spent fifty fucking years drawing up a piece of legislation precisely specifiyng what information could and couldn't be collected? All stuffed with pork, and with a big-ass federal agency to enforce it? Or would you rather this was decided in terms of general principles of tort and property, in an open court?
Well, I've got news for you, dickhead, the second method involves lawsuits. And those lawsuits have to be argued by lawyers. And that means that lawyers get rich. Check out the alternative any time you grudge us our big fucken' payoff. We don't get stock options, you know.
If the woman has a case, she will win. If she's whining like a bitch, she won't. End of. It's like a free market, only it's better than a free market because the smartest lawyer with the best argument always wins. How many other industries are there where the best product always wins? Not software.
Lawsuits are freedom. That's why we have so many in America, and they have so many government agencies in Europe.
AC posting allows an educated professional like me to swear like a thug in public. I say fucken keep it.
For me, it's more than not wanting them tracking me. I don't want to support a company that tracks people. That's why I installed the Internet Junkbuster, and I have it set to block anything from doubelick.net.
The Internet Junkbuster is a non-caching proxy that you run on your local computer. You tell it URL's to block and sites that you want to allow cookies from. It's really great. I can deny ads from doubleclick and any other company, as well as anything else I feel like blocking. It supports regexes for those that want them. I can allow cookies from Slashdot and deny them from everyone else.
As with the US crypto export laws,
:) The
as with the EU privacy regulations
(where companies are not allowed to maintain
databases of customers or use such information for
focused marketing) and Texas's on again, off again
status as far as selling DMV information to
outside parties (Public Data)
and E-Banking (ebanking.com (luxembourg)),
and countless internet casinos and porn sites,
these regulations will have an unintended
consequence -- drive these businesses offshore.
No longer does the US and EU have a monopoly
on high-speed internet connectivity; it's possible
for any business selling valuable data illegal
in the US/EU to colocate a machine in a
less-regulated country, such as Anguilla, or
Costa Rica, or many others, employ a few locals
to maintain it, and pay admittedly higher rates
for satellite or undersea cable connectivity.
In exchange, pay lower or no taxes, have no
government interference in your business, etc.
Sure, this only makes sense for certain kinds of
data, data for which people are willing to pay
money, but that's the only interesting data,
anyway. When a T1 costs $100k/month, running
an online gambling site making $3m/month is a
lot better business than letting people
leech mp3s.
In the end, it's futile to try to restrict
businesses like this; all doubleclick would need
to do is contract with an offshore tracking
company, connected to the net over a 128kbps
satellite link, something they could set up
for $20k/month, and put that machine anywhere
in the world -- even on the back of a boat.
If they need help, they should email me -- I've
lived in Anguilla, the erstwhile datahaven, and
know a thing or two about such things
situation is only getting better, as far as
offshore colocation goes, as the major governments
get more and more restrictive and bandwidth
becomes more widely distributed -- in a few years,
every country in Africa will have fiber-optic
connectivity via redundant SONET, and that
gives the prospective colocator a lot of
potentially friendly and cash-starved countries
to negotiate with who wouldn't care about
the difference between online advertising and
online pornography.
The net views regulation as damage and routes
around it -- cypherpunks.
You know where to get the source. Do anything you want when Doubleclick comes sniffing around looking for its cookie. Have fun, play tricks on Doubleclick, whatever you want.
Maybe there should be a contest to come up with the best anti-tracking hack for Mozilla.
Life's a bitch but somebody's gotta do it.
- In the course of delivering an ad to you, DoubleClick does not collect any personally-identifiable information about you, such as your name, address, phone number or email address. DoubleClick does, however, collect non-personally identifiable information about you, such as the server your computer is logged onto, your browser type...
But they go on to say- However, as described in "Abacus Alliance" and "Information Collected by DoubleClick's Web Sites" below, non-personally identifiable information collected by DoubleClick in the course of ad delivery can be associated with a user's personally identifiable information if that user has agreed to receive personally-tailored ads.
Does anyone know which sites are a part of the "Abacus Alliance" and whether those sites explicitely ask your permission first? (eg. big flashing letters that say WE ARE WATCHING YOU! ?)Someone else posted this a while back, but here's what I did.. very simple.
/etc/hosts (or in windows, find the "hosts" file under your windows directory):
Add this to
127.0.0.1 www.doubleclick.net
127.0.0.1 ad.doubleclick.com
127.0.0.1 ad.doubleclick.net
127.0.0.1 ad.preferences.com
127.0.0.1 ad.washingtonpost.com
127.0.0.1 adbot.theonion.com
127.0.0.1 adpick.switchboard.com
127.0.0.1 ads.doubleclick.com
127.0.0.1 ads.doubleclick.net
127.0.0.1 ads.i33.com
127.0.0.1 ads.infospace.com
127.0.0.1 ads.msn.com
127.0.0.1 ads.switchboard.com
127.0.0.1 ads.washingtonpost.com
That removes quite a lot of ads, and all of doubleclick.
---
- Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
This is all well and good, but don't the Pentium IIIs have a "thumbprint" that allows for them to see what we're doing?
You got a network card in your system? That has a "thumbprint" too. The MAC address.
You got any commercial software (e.g., Windows) on your system that you had to enter a software key to use? There's another "thumbprint" for you.
How about a static IP address? Ever time you send a network request, you're identifying yourself.
You think you're safe because you have a dynamic address? Do you at least always call the same ISP at the same phone number? You'll always be getting the same range of IP numbers, then. You and maybe a few dozen or hundred more people. That is almost as good as a unique personal ID, as far as demographics go.
Fact of the matter is, tracking a computer is not that hard to do. If you ever give out any personal information at all (name, email, phone number, ZIP code), that can be combined with any of the above to nail down exactly who you are.
I think Scott McNeally's right on this one. Privacy on the Internet is dead.
The only way to improve things would be for the government to step in and make such unauthorized tracking illegal, with hefty fines for violators. You could even do some good by donating said fines to the EFF.
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.