Slashdot Mirror
Microsoft: The Biggest Web Bugger
An unnamed reader writes: "A recently released web bug report shows
that Microsoft (via Link
Exchange) is bugging more web sites than any other organization.
Less surprisingly, however, the same report shows that by making some rough traffic estimates, DoubleClick
is probably bugging more web traffic than anyone else. (Except of
course those big ISPs running proxy servers...wonder how long
it will be before the ad agencies get into bed with the ISPs?)"
Start off with akamai.net... now there's a WHOLE BUNCH of web bugs there! Man, I can't even go to cnn.com without those damned Akamai people knowing exactly what I'm doing!
;-)
And that wunderground.com place... what kind of shady organization is the Weather Underground? Are they the people who always make sure that it rains right after I go through a car wash because I carry a cellphone with me? The feds should shut them down!!
Seriously... all they did was search through a bunch of web sites and counted the number of resources (images, frames, etc) pulled down from other sites. This means nothing, because the original web site already has access to everything the other sites do, if not more! If your goal is hiding from marketing people, I suggest the following acl:
access-list 100 deny tcp any any 80
access-list 100 permit ip any any
This will block most traffic that could cause your Web privacy to be breached, protecting you, yourself, from the distant chance that someone, somewhere, might want to know what your computer, in specific, is doing. And note that I said "your computer" -- the web site has no idea who you are, where you are, how to contact you personally, or how to distinguish you (as in, yourself) out of all of this.
'sides, the worst that'll happen is your computer will start getting USEFUL banner ads that you'll WANT to click on, because it's for something you'd like. And what's the problem with THAT?
Whew. First slashdot post in awhile. I think I'll leave this one anonymous
As my hostname contains the following information; Where i study, and therefore which town and country and more importantly it also contains my whereabouts down to my roomnumber, so I'm not that hard to track based on it, I find it rather relevant.
From there it's not too long until someone realizes that someone "responsible" can find out who is visiting a site that posts unpopular informaiton so they can get better data on how to fight that thought crime. It's just a another step until unpopular becomes "unamerican," and suddenly your curious browsing of, say, the World Socialism pages lead to you answering the question, "Are you now, or have you ever been a communist?" You need real privacy to listen to free speech. Without privacy, free speech is worthless.
Search 2010 Gen Con events
...that the US DoJ's hotshot young lawyer is going to use the Little Doctor on them?
Bundle, package and commoditize your own personal information into a privacy object that can be sliced into smaller sub objects and sell or lease that package to whomever wants to pay you for it.
You are making your living in an unethical manner. The sooner that you "get out of dodge", the better.
You are aware that "I'm just following orders" is known as the Nuremburg defense? It is not an excuse for actions that are deeply harmful to society. As for "mak[ing] enough to feed myself", being on welfare is more honorable than being a spammer, and the unemployment rate is still so low that most warm-blooded life forms should be able to find a better job than that.
In my view you do not have "something decent on your resume". You have a black mark. Your resume identifies you as a professional spammer.
That should be "Microsoft: The Biggest Web Buggerer"
If tits were wings it'd be flying around.
There are other causes as well. For example, people who have set up a web site on GeoCities, Xoom, or wherever frequently make copies of their site by saving pages with their browser. This includes any code that was inserted by that service, whether for advertising or for site features such as counters and statistics, or even clip art. When they decide to move their site to another service they upload these copies -- including all the stuff the old service inserted into the pages. As long as nothing overtly breaks, this sort of stuff just accumulates as pages get moved or updated.
If you're asking youself why anyone would be so stupid, recall that all these page hosting services provide tools for building web pages; the average person with a web page knows little or nothing about HTML, and so doesn't have the slightest idea that some JavaScript appended to their page isn't necessary, and in fact wasn't actually part of the stored page in the first place.
For example, GeoCities inserts a web bug to give each user statistics concerning their web pages and to provide an optional counter. The bug is useless outside of GeoCities, yet I see it fairly frequently on other services. The same with Xoom's counter code, and so on. I suspect in most cases the "foreign" appearances of these bugs just represent noise to the site of origin.
is equal to when I go buy ZeroKnowledge or full anonymizer services, less five minutes. Frankly, I'd be surprised if there isn't some of that already going on (naturally, NetZero and the like, but I mean normal, paid ISPs)
Returned Peace Corps IT Volunteer
This was probably on the same level as using 555 as a telephone exchange on TV.
Hey Lenny! Great anti-spam page. Spammers are up to $4.50 on goto.com! Slashdotters, start clicking the link below to make spammers pay. Click this link to make spammers spend money!
Obligatory on-topic message:
Visit Junkbusters and view information on Web Bugs.
The industry uses the euphemism "clear GIFs" to describe web bugs. Search for "clear gifs" in a search engine as well as "web bugs" if you're after more information. I use TopClick because it is a privacy-respecting search engine that doesn't use cookies and I have found it to be very good.
*** NEWS FLASH ***
Congress to investigate Web Bugs. More details here at intenetnews.com.
--
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
Oh, kinda like how phone numbers in most movies start with 555 (an invalid prefix, or at least it used to be, not sure if it still is)
Instead of using numbers above 255 for fake IP addresses, they should use numbers like 192.168.X.X, 10.X.X.X or other similar numbers assigned to local networks. The clueless won't know the difference. The clueful will appreciate the 555-like nature of the address and won't embarrass themselves for apparently laughing incongruously in a serious scene.
--
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
actually, for a second when i saw the title of the story, i thought it was talking about buggering web pages.
#define F(x) int main(){printf(#x,10,#x);}
F(#define F(x) int main(){printf(#x,10,#x);}%cF(%s))
They can't be mapped to your physical address, phone number, etc. without a call to your ISP
Umm... and what do you think happens when you oder something online from one of these sites that has the web bug?
The above post is a Micro$oft troll. Typical M$ - turn the facts on their heads and assert the opposite of the truth: enough folks will believe you, if you _sound_ sincere.
In fact, Linux based (i.e. Apache) Internet servers gained market share _faster_ than M$ last year, according to IDC. It has been well reported here and elsewhere.
What's worse, this same approach seems successful in pulling the wool over the eyes of a whole US Appeals Court on the DoJ vs M$ antitrust case!
Anyone got the email addresses of the US Appeals Court judges hearing the DoJ vs M$ Antitrust case?
Is there any process available for impeaching Federal judges for rampant cluelessness in office?
FYI: the correct English verb for loss of money, market-share, whatever, is "lose" not "loose" despite Slashdot's spelling dysfunctionalities. Cmdr Taco is guilty of this.
If all you children want to hack software, fine. If you want to talk about it amongst the rest of us well educated adults, then learn to hack English appropriately!
And don't you think your wife wouldn't pay for that info, too (if you give me a twenty, I'll tell you what she paid for it).
Boss of nothin. Big deal.
Son, go get daddy's hard plastic eyes.
Expanding a vast wasteland since 1996.
AC said: "I have done some things before I didn't agree with, but it bites being myself what I just about hate the most. A spammer. I'm sorry folks."
If you e-mail me your snail mail address and agree to sell out your company - that is, take as much proprietary information from them as you can and put it on the web, publish their name, basically be a real whistle-blower, I'll mail you a check for $50. It's not much, but it's what I can do right now.
Just following orders is not an excuse and never has been. You're making a moral choice, and by your own admission, you're making the wrong one. You're not only hurting your company's targets, but your own sanity by doing something you know is wrong. Ghandi said: "Almost everything you do is meaningless, but it is still important that you do it." These are words to live by.
Become a FSF associate member before the low #s are used
It is like those darn marketing people. Always wanting numbers and statistics from people like me. I work in a good sized (250000+ users) ISP and this is always a hot topic. Maybe if we follow people around on the web, we can market things at the more effectively. It makes me sick. What do you do with these marketing people anyways?
I also heard someone tell me that some linkexchange ads were at some point in order to allow linkexchange to update the entire banner code whenever they needed to
Actually, the main reason for the script src seems to be the same as for iframes: allow the ad to set cookies, where a simple image couldn't. Just try it in netscape: In Edit->Preferences->Advanced, check the box labeled "Only accept cookies originating from the same server as the page being viewed", and watch how it still lets pass cookies attached to all kinds of includes, such as scriptsrc, iframe etc. Seems only cookies from offsite images are blocked.
...as in, I say there old chap, bloody Microsoft seems to have gone and buggered my web page again.
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
Oh great.. Now microsoft is gonna invent a cure for the common cold, and prohibit anyone from making their own boogers..
//rdj
No one can understand the truth until he drinks of coffee's frothy goodness.
--Sheikh Abd-Al-Kadir, 1587
Web Standards are for content creators to adhere to, not for browsers to enforce. Browsers should show standard compliant HTML according to the standard, and everything else, they should make their best guess on. Because when it comes right down to it, Joe User (such as, oh, for instance, me) just wants to read the page. They don't want to hear "We could render this page, but won't because there's no tag." Not that many people complain "I hate this product. It doesn't break when it's supposed to."
I agree that web tools should output standards copliant HTML, for precisely the same reason - people don't want to fuck around with this shit, they just want it to work. The best way to do this is to only output well-formed files, but load and display any mess of angle brackets that you can figure out.
Trees can't go dancing
So do them a big favor
Pretend dancing stinks!
I parsed it as `Microsoft biggest web - bugger'.
`Bugger', asides from referring to someone who sodomizes others, is also colloqially used in Australia as a curse.
On http://truc.hypermart.net/, a "random" link exchange site, I see an iframe, not just image. Iframe ads are annoying for several reasons, although I doubt advertisers use them just to be annoying.
- IE4 (but not later versions) will replace an entire page with a placeholder page if you go to a site with a missing iframe.
- If you try to block the hoster of an iframe using a "hosts" file and you use Mozilla as your browser, you get an alert each time you visit a site with a missing iframe. Hopefully this will be fixed in bug 28586 by implementing placeholder pages for all missing pages.
- Iframes will probably allow cookies for a short amount of time after browsers fix a similar problem for images, simply because it takes more coding to fix the problem for iframes. (Have any major browsers fixed the cookies-on-images bug?)
- Iframes allow Java ads, such as the infamous punch-the-monkey ad. (Jason Kersey removed all ads from mozillazine.org, and I think he did that because people complained about that ad so much.) LE doesn't seem to use Java ads at this point, although I have seen several "fake dialog" ads there.
I also heard someone tell me that some linkexchange ads were <script src="something.linkexchange.com"> at some point in order to allow linkexchange to update the entire banner code whenever they needed to. I think this might have just been a rumor -- can you imaging what a cracking target that would turn linkexchange into? Can anyone confirm or deny this rumor?
Btw, why is it that when I click a linkexchange banner, the site linked to almost never has a linkexchange banner itself?
The shareholder is always right.
However, Microsofts Booger would undeniably be placed behind a glass case, where we may only look at it, and marvel at the massive size. However, the booger of your average open source company would be completely moldable and customizable.. You could choose your own color, wetness, and basic shape, plus, it would come with free instructions on how to make your own boogers! Yay!
-Dan Posting without reading what I just typed, or checking for any coherent message, or spelling, or anything since... 3 minutes ago.
So, how do you "customize content" without "tracking where people go"?
By doing exactly what they say they are doing... "accurately identifying the geographic location from which users access your Web site".
Akamai has servers distributed around the world; whenever there is an incoming request, it gets passed to the server closest to the user. Simply looking at which server is handling the request allows akamai to customize content based on the geographic location of users.
Tarsnap: Online backups for the truly paranoid
The trend is moving away from individual rights. This stuff has been going on for some time, and the marketing droids are just getting better at it. I'm sure MS uses this to "make their sites and products better" but it's a bad sign that users just don't seem to care.
Get ready for hooks in the os that work with web site tracking tools. Not far away.
Hope this helps.
Last night I shot an elephant in my pajamas. How he got in my pajamas I'll never know.
Basically people you need to realize that marketing knows what you are doing and they use this to make more money off of you. Furthermore you need to realize that they make more money off of you by providing you advertising of something you actually want. Is this awful?
Another thing to realize is that none of these companies does a very good job at using the stats they collect. Few if any companies provide an automated targeted ad system. Few if any have solved the problem of sorting these large lists of numbers.
I mean how scared can you get when you get 3 calls a week from the phone company asking you to order phone service that you already get. They don't know what you are doing because there is just to much info.
"You can now flame me, I am full of love,"
Proof positive I need to drink at least one cup of coffee before reading /. after waking up. The thought of M$ being invovled in some sort of webcam-of-giant-booger, and what nefarous reasons they would have, dude, that's just wrong. :-)
--
News for geeks in Austin: www.geekaustin.org
News for Geeks in Austin, TX
You are kidding, right? It is trivially easy to associate web bugs with your email address at the very least. Of course, it requires that your email client supports HTML, but most do these days.
--
Oceania has always been at war with Eastasia.
You should. see this missive from Phil Greenspun. Scan down to the section that says "I want to know the age, sex and zip code..."
A well-crafted lie appears unquestionable - Dama Mahaleo
---
I use this feature with the Proxomitron, a proxy that greps incoming HTML for bad stuff and replaces it with good stuff. I now have my copy looking for web bugs, and modifying the HTML to eliminate them. Specifically, I have it searching for IMG tags that include height and width components that are both five pixels or less. Instead of removing the image (which would cause severe image alignment problems) I simply replaced the SRC= with SRC=.\black.gif, which is just a small black image that gets stretched to fit the requested space. Extra benefit: no waiting for the HTTP connection to the web bug server! The local .GIF loads instantly.
John
John
I remember Microsoft used to offer certain levels of access to MSDN (The Microsoft Developers Network) as long as you put a IE Logo on your web page in the form of a link to theirs. I used to think it was an exchange of information that should already be available for free and free advertisement. Now I finally see their real reason for doing this - maybe.
P.S. TANSTAFL == There aint no such thing as a free lunch
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Notwithstanding all the previous posts that pointed out the foolishness in assuming 'anonymous' tracking will stay 'anonymous', I think you're missing the real point...
/. and visitors to the pages of the SPCJK (society for the promulgation of cruelty to jonkatz).
'Anonymous' tracking isn't harmless by any stretch of the imagination.
60% of people who visit the SMAP fanclub homepage visit pages on ecstasy parties within 2 hours afterwards.
Omigod. Call your congressman. SMAP causes drug abuse!
28% of visitors to the XYZ health center visit pages on abortion access.
Where do you get your funding, XYZ?
And, of course, there is a 93% correlation between readers of
*They* don't care about *You* anyways. *You* are insignificant.
But if they could learn how to manipulate/control/smear the whole lot of you, now that would be worth something.
From what I understand, it's more of the same cookie=bug nonsense, although they have a good reason to think so.
To elaborate on that, they are talking about those lovely cookies that places such as amazon.com and banner ad hosts such as doubleclick put place on your drive in order to indentify you for whatver reason (to track buying patterns in order to serve up custom-talored ads is the first thing that comes to mind).
As for an actual "bug" that tracks every site you visit and then processes or sends it somehow in order to do something such as physically locate you and find out who could be "trouble", well, that's just hype.
--
--
#nohup cat
Sup guys... my ISP, @home, has a proxy installed as my default proxy for web traffic and I am wondering if this could cause a problem--eg: they watching everything I do, etc. Also, would anything "necessarily" bad happen if I choose to disable this? I would worry that they log all my traffic for use in some huge conspiracy, but its much more likely they use it for advertisements... any aid with problems with the @home proxy and if there is a problem with disabling it?
feeding the trolls again, I am.
Since you've convinced yourself that the real value you and your employer seek can only be found in paid for systems, excluding BSDI, may I recommend you look further at AIX?
At least IBM is contributing to the community that does find value in open-source/free-software, while continuing to improve the AIX offering. Technologies like LVM and JFS, for instance, and others, make AIX a great system. Granted, it still uses CDE, but I expect that'll change, and you can always load your own, or go with that free one, GNOME, like Solaris is choosing to use.
Thanks for voicing your opinion, now go and spend your employer's money. Spread your deathknells for BSD elsewhere, we don't need 'em.
See, you can't kill a free-software (or alternatively, BSD licensed) operating system as long as people continue to use it or work on it. A proprietary operating system can be killed by the company that sells it, but as long as one person uses the system, and one person develops for it, it's a live system.
Now excuse me, I'll be installing Darwin for Intel and OpenStep 4.2 as dual-boot on the same machine. Not exactly free software, but definately open-source, and certainly not dead.
A host is a host from coast to coast, but no one uses a host that's close
After all, they give me plenty else to worry about. (My thoughts here)
Don't worry, just a bad case of caffiene deficiency syndrome.
"It is a greater offense to steal men's labor, than their clothes"
How alarmist can you get without actually providing any facts?
Even if they are able to track everything perfectly, no one has time to sift that information for anything other than the blandest types of information. Given that all the marketing efforts in the world don't seem to be able to consistently deliver well-targeted ads to either my real mailbox (most of these don't even have my name spelled correctly) or my emailbox assures me that it will be some time before there is really an issue here.
I'm far more worried about the very real news that the FBI engages in constant stings (and in the process may be one of the major providers) for child pornography. I'm a lot more concerned that European police are actually arresting people for "crimes" like using Napster or writing software like DeCSS. In the end, we have much bigger privacy worries with police forces using extremely sensitive infrared, microwave, and other devices to scan our houses (so much for curtains) and maintaining computerized, nationalized databases on citizens (just wait until some hacker manages to get a few good FBI or IRS files).
You say you're glad to not live in the US, so which country can I join you in where freedom is eternal, easy, and government mandated?
I do not have a signature
Is that what the girl at the bar told you when you asked for her number?
A recently released web bug report shows that Microsoft (via Link Exchange) is bugging more web sites than any other organization.
From the data presented, it seems LinkExchange is the most common "web bugging" service. But that's what it is, a service. The companies paying for LinkExchange ads are the ones driving the "bugging". Without companies wanting to advertise and do business cheaply on the web there would be no LinkExchange/bCentral. Just because LinkExchange seems to be the most popular of web ad services doesn't mean it's some evil MS plot to bug the world. It just seems to be doing good business. If you ran an ad service, wouldn't you dream of the same?
YES, it slows my surfing. I have to DNS lookup the server, contact it, make a GET and retrieve the image.
It sums up to a lot of packets.
All I know is that Andrew Wiggin has the best shot at taking out the damn things once and for all.
--
--hongpong.com
Those aren't equivalent. An octet greater than 255 is just outright impossible. Someone keying in a non-routable IP address (e.g. 10.x.x.x or 192.168.x.x) during a flick would be more equivalent to a phone number starting with 555, and less likely to be laughed out loud at :).
CEE5210S The signal SIGHUP was received.
- Then don't watch cable/satellite TV. Those companies all know EXACTLY what you're watching at every second of the day.
- Then don't use a credit card. Those companies know exactly what you buy, where, and when you buy it.
- Then don't use a bank. They know exactly how much money you make and where it comes from.
- Then don't use a telephone. The telephone companies knows exactly who you call, when, and for how long.
Get the idea? Lots more more personal, and more in-depth information is gathered about you EVERY DAY from MANY sources. Ad banners are NEGLIGIBLE when compared with any one of these other sources of information gathering.The interesting thing was that while Apache still has the lion's share of web servers in the survey, it has been losing ground to IIS. Given all the hacks on IIS-based servers recently, this is an unsettling trend.
If you can't beat them, embrace and extend them.
Where does "free" as in open information end, and private information begin?
The ISP is doing this service: connects me to the internet, hosts a lot of the sites I am reading, protects me from spam.
Knowing traffic on certain sites helps my ISP do that.
This information, if properly anonymized, is a useful commodity to other net firms as well, and helps them to provide us with better service.
If someone responsible can find out who is visiting a site that posts illegal information, then they can get better data on how to fight that particular crime.
It is up to users to determine where this technology is applicable. But I wouldn't dismiss web-bugging as a tactic out of hand.
Goat sex free since 2001
But that leads to the worst outcome of all: unpredictable results.
The one way you can be sure that a web page will work properly everywhere, is if all browsers follow the standard (any standard; I don't particularly care whose). Otherwise there are going to be pages that break some places and not others, and that means higher development costs, testing costs, and lost visitors. An awful thing for the industry (though perhaps a great thing for amateur-hour FrontPage mavens).
"Patriotism is your conviction that this country is superior to all other countries because you were born in it." -- GBS
And now for a highlight from akaikai.com -- In today's fierce competition for Internet eyeballs, customized Web site content is big news. Customizing your content to individual end-users makes your site more relevant, enticing visitors to stick around longer-and come back more frequently. Akamai's EdgeScape service enables you to make customization a reality by accurately identifying the geographic location from which users access your Web site and the network origin of the user's request. So, how do you "customize content" without "tracking where people go"?
True, but even without a webbug, anyone with access to the server logs could do this....so why the fuss about webbugs?
Wouldn't it be possible to patent or copyright your surfing habits? You could say that your surfing habits are an artwork made by you, and therefore belongs to you. If the web ad companies use the information of your surfing habits, you would be able to sue them for copyright infringement or make them pay you licencing money for using you patent. Stranger things have been patented lately, so it doesn't seem *too* impossible.
This would not only make it possible for us normal web users to make a few bucks, but should also shut down this act of privacy violation rather quickly!
Advertisers are very interested in connecting those anonymous statistics to real people. DoubleClick actually did so, but stopped after a public backlash. But they will try again, it's just a matter of time. In the meantime, whenever you enter contact information for a web site, that site may decide to sell that information to someone like DoubleClick. Advertisers really want this information, and they'll keep trying until they get it.
Search 2010 Gen Con events
Perhaps because they have an effective wall between the editorial staff and the advertising staff, thus ensuring that editorial policy (as much as Slashdot has such a thing) is not tainted by advertisers?
Search 2010 Gen Con events
Microsoft: The Biggest Web Bugger, eh?
Yeah, I think we can all agree that Microsoft has buggered the web...
High-speed Road Trip (18.000KPH)
You are correct.
Another way would be to put a web bug in the e-mail that the site uses to confirm the order.
--
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
You may be right. After all It's not like Microsoft is some giant corporation with hundreds of subsidiaries, thousands of programmers, or terrabytes of storage at their disposal.
How could they ever muster enough money, processing power, database space, and brain power to try and corrolate the information they get from web bugs, sales at one of their subsidiaries, registrations at popular web sites like MSN or hotmail or msnbc, and product registrations of office and IE.
Why that would take millions of dollars and I really don't think MS can afford such a large outlay even if it means making tens of millions selling that information to others.
War is necrophilia.
Actually, it doesn't even take a form with a GET request. Rather than use a cookie, many sites now encode a unique user id in the URL, often after a '$', like http://company.com/page.htm$USERID. (Sites do this so that they can track session data on you even if you deny their cookie and even if you move across servers or domains.) Since WebBugsAreEvil.com gets this full URL, they now have your USERID at the site you visited and can connect their data with the data collected by the site.
A 1x1 pixel image slows your surfing? You still on a 9600 baud modem there?
Particularly problamatic
from the web bugs FAQ
11. Why are Web bugs used in "junk" Email messages?
To measure how many people have viewed the same Email
message in a marketing campaign.
To detect if someone has viewed a junk Email
message or not. People who do not view a
message are removed from the list for future mailings.
To synchronize a Web browser cookie to a
particular Email address. This trick allows a Web
site to know the identity of people who come to
the site at a later date.
Spam sucks
http://Lenny.com
They made a movie about it with Sandra Bollock. Industry just got smart after that and made it to where you couldn't see the pi, even if you held down control shift. ;)
God, that was a bad movie. Thankfully, I don't remember the title.
Linux - Because Mommy taught me to Share.
Yeah, I noticed Google was on the list, too. A lot of people put the canned HTML code that Google provides on their pages to provide search capability. That includes an image, but it doesn't mean Google is tracking users. I think this survey needs more meat. I shouldn't be whether a page includes images from another domain, but only if cookies from other domains are going to the user from a page.
I could probably whip up a Perl script to do this with libwww pretty easily. I can't believe whoever did this survey didn't!
So, I was thinking about this and that today while I was sending my stupid spam off and something came to me. I know there was a proposal or something not too long ago that had to do with a unique identifier tagging unsolicited email. Now, if ISP's and telco's are supposed to be equivalent (right?), why is it that I hear you can block unknown callers/telemarketers and stuff on your telephone, but I can't block unsolicited email without trying to filter them individually with a spam filter which seems the equivalent of using your call blocking (which by the way has a limit of a few numbers at least in my area). Even if these aren't the same things I still believe it would be best if there was a unique ID on junk email because it is just as much of a problem to me when a phone rings and its junk or when my mail notify goes off and it's junk. How in the hell these two are different is beyond me but looks like that idea just didn't float anyway.
As far as web bugging goes, I could care less whatever doesn't steal from me or interfere with my time. Wading through junk does and it's just not fair. I may sound like a hypocrite for saying all this because of what I do at work, but I'm just following orders so I can make enough to feed myself and have something descent on my resume. I may have a fancy job with email, but i don't make much money and I'm a veteran employee. I'm not a moron, just stuck growing up in kind of a redneck area (with scarce IT jobs) and being taken advantage of by the hi tech that came to town. Cheap labor we are for them. I fully intend to get the fsck out out of dodge.
- A.P.
--
* CmdrTaco is an idiot.
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
It's worth noting that Bugger has a few other meanings than "One who plants bugs."
Suppose I have my own advertising web site, "WebBugsAreEvil.com", and your e-mail address is YOUR_EMAIL_ADDRESS@yourhost.com.
? email_ID=YOUR_EMAIL_ADDRESS@yourhost.com & sequence=1928d4ae1228">
I place my bugs all over the internet. You visit a site with one of my bugs on it. This sends a new cookie to you. You now have a cookie from "WebBugsAreEvil.com" on your hard drive. Every time you visit another site with one of my web bugs in it, your cookie is sent to my host "WebBugsAreEvil.com" including the URL of the page that you are viewing. Thus, I build up a detailed profile of your web surfing habits.
Now suppose you place an order on one of these sites and leave your e-mail address and other personal information. The site sells your e-mail address and other personal info to "WebBugsAreEvil.com". I now have your personal information and your cookie, but the cookie ID is not yet associated with your personal information because these were collected by two different servers. I need to do one more thing to put them together.
I do a mass mail out with all the new e-mail addresses. The e-mails are HTML-enabled e-mails. Embedded at the bottom of the e-mail is this web bug:
<IMG WIDTH=1 HEIGHT=1 border=0 SRC="http://track.WebBugsAreEvil.com/cgi.bin/ping
It's a 1x1-pixel GIF that has a single clear pixel in it; this is where the euphemism "clear GIFs" comes from. You cannot see this GIF.
When you open the mail, this new web bug is sent to WebBugsAreEvil.com. Because the URL has your e-mail address in it, and it also sends your "WebBugsAreEvil.com" cookie with the HTTP GET request, I can now associate your personal details with your surfing habits.
In short, it is very easy to remove anonymity.
I don't know about you, but I find the idea of anyone having this amount of knowledge about me and my browsing habits to be uncomfortably close to Big Brother's surveillance from George Orwell's novel "1984". Is your telescreen on, Winston?
--
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
Web bugs are usually used in conjunction with cookies to profile your surfing habits. I find this to be a gross invasion of privacy, so I have chosen to fight back.
It's not hard to stop a site from using cookies as a tracking tool. If they cannot store a cookie on your hard drive, that cookie cannot be used to profile you.
The way to defeat this is to prohibit the web sites that use web bugs from storing cookies on your computer. A good browser will have security settings that can be customised. I place all web sites that I trust in my collection of trusted sites. These sites can store cookies on my machine. Sites that are not in my collection of trusted sites must go through the default setting where I must approve each cookie with a click before it can be stored on my hard drive. Persistently annoying sites get placed in my collection of restricted sites, which are prohibited from storing cookies. Sometimes, a trusted site that I have omitted gets added to the trusted list.
If you want to start a database of restricted domains, a good place to start is your cookie collection. You will find a lot of sites that you never visited in that list. Add anything suspicious to the restricted list before deleting the cookie.
I have only been doing this for a few weeks, so I haven't got any good results to report so far. I'm sure I'll get good results doing this, and I invite others to try it. It does involve a little work, but eventually I hope to have reasonable web-bug-free privacy online.
--
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
http://www.privacyfoundation.org/education/webbug. html
Like forcing you to use cookies in Internet Explorer, or rather, transmitting cookies to *.msn.com sites no matter what you configured, containing personal information about your windows installation.
See also here (http://slashdot.org/yro/00/11/02/1639247.shtml):
For the sake of the privacy of those who must use Internet Explorer: Firewall msid.msn.com. Forever.
Home Page
Looks to me like they are classifying any inline link to a different server as a "web bug".
This is quite bogus, as evidenced by the #2 ranking of akamai; the fact that many high-traffic sites have their images served from akamai's network does not mean that akamai is tracking where people go.
Tarsnap: Online backups for the truly paranoid
So, they collect some *anonymous* usage statistics. So what? They can track your web surfing. Who cares? These stats are *anonymous*, people. They can't be mapped to your physical address, phone number, etc. without a call to your ISP and a good reason. These stats help advertisers market products to you more efficently. It saves them money, and you get the see ads that might encourage you to buy something that is really useful to you. So my question is, why do you care?