Slashdot Mirror
Browser Spyware: Watching Where You Linger
An Anonymous Coward writes: "Just when you you'd installed Junkbuster and thought it was safe to go back onto the web, the BBC runs this story which tells you that webshites will soon(?) be able to tell whether you are reading the page, what parts of it are of interest to you, etc. Guess we can expect porn sites to be the first to take advantage of this." Or perhaps someone else is already doing this, and hasn't told you.
"I can tell because when you read a webpage, you do one of a couple of things. You either shovel the mouse off to the right ..."
I guess I shall just have to become left handed then.
Get ready for the "marketing geniuses" to take advantage of this...by having new windows pop up right when you move your mouse to the back button...
Anyone else up for using keyboard shortcuts now?
When nuance becomes the only objective we lose the ability to function
the less people will visit their site or click on their ads and their revenues will plummet even further.. watch 'em burn
Must hit post before I think about repercusions.
--- Matthew Hill
"To quote the self is an act of the self riteous and uninitiated sub-moronic" - Matthew Hill
What matters here is who they tell, and who they sell it to.
I can't stop them from tracking (yet.) I do turn off all activeX, ask on cookies, no scripting, etc... but if they can get around my disabled browsing habits, then what matters is who they tell.
Time to go back to safeweb, as well.
Or perhaps someone else is already doing this, and hasn't told you.
Somebody was up late playing Deus Ex last night, right timothy??
Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
....be able to tell whether you are reading the page, what parts of it are of interest to you, etc. Guess we can expect porn sites to be the first to take advantage of this." Or perhaps someone else is already doing this, and hasn't told you.
Does anyone actually *READ* porn sites? Maybe the keyboard needs a 'moisture detector' to see when and if the user is drooling, then send the result back to the spy server.
Ha! ha! ha! ha! ha! HA! ha! ha! hA! ha! ha! HA! ha! ha! hic! ha! ha!
I've been doing exactly this for the last 6 years on my website...
Hmmmm...
Considering the Brits' track record on this sort of thing, I wouldn't be surprised if BBC were already doing this to their own website...
The coolest voice ever.
I wish sites would realize that pissing off their viewers with popups and big honking ads, does not make the viewer more likely to visit the advertisers site or buy their product. It has quite the opposite effect. I've stopped going to some sites that I like for the simple reason that I really F*ing hate popups!
The difference between Canada and the USA is that in Canada healthcare is a right and gun ownership is a privilege.
Unlike other forms of spyware, this would be easy to resist... Wouldn't people who were concerned about their privacy just get in the habit of swirling their mouse around while reading web pages?
I can't give a logical reason why this particular technology disturbs me more than other types of spyware, but for some reason the idea of my mouse movements being tracked just makes my skin crawl... Does anyone else have that sort of gut-level revulsion?
God is real unless declared integer
The next site to slashdot will be ready soon, but subscribers can beat the rush and start slashdotting it early!
For crying out loud, /., lighten up. Remember back in '95 when you couldn't turn on the TV or read a news magazine without some lame story about online stalking or pedophiles in chatrooms? And we all mocked them by saying "that's no different than real-life, what's all the hullabaloo"?
"Brick and mortar" stores do exactly this same thing. Many have cameras, the rest use "secret shoppers" (people who look like they are shopping but are really watching YOU) to discourage shoplifting, check competitor prices AND research in-store "migratory patterns". For instance, haven't you ever noticed that ALL grocery stores have the fresh fruits and vegetables right by the door?
This isn't "Your Rights Online". This is "Translating Nothing Cares About In RealLife Into A Scare Story About 'The Net' In Order To Attract Eyeballs To Slashdot."
324006
By very carefully watching the responses of my peers IM's I can tell who is:
Eating lunch, Talking on the phone, Having coffe, etc.
Of course you can also see who is practicing one-handed typing...
There is no spork.
And luckily they find there way to management. Garbage in Garbage out, data is only as good as the sampling in front of you. Good example of this is that I still use keyboard short cuts. Or how bout those blind people? Or as another reader pointed out lefties throw off the data. So run for your bomb shelters someone has figured out a way to track users movements that will be accurate less than fifty percent of the time. Which means i can still rush out and sell some web company a dart board webtracking system. Hehehe
They'll still have to get the software on my machine... and by then, we'll have our firewalls routing that feedback stuff to send back to /dev/null.
--You will rephrase your request for me to go to hell. Goto statements are not acceptable programming constructs
Personally, if companies can direct moderate amounts of direct advertising to what I am interested in, I am ok with giving up a little bit of my privacy.
Plus, not to mention, the Internet is as public as Grand Central Station, or Central Park. People should have no reasonable expectation of privacy on the internet. If you want privacy, you should run your data through anonymity sites, or encrypt everything. Just like you would put confidential documents in a briefcase when going through a train station.
I mean, this can have some positive usage; if anything, for getting input on how to redesign a site to make it easier/faster to use.
If you're paranoid, this is one more reason to disable javascript when browsing the web. Of course, his has been blown a little out of proportion: this "mouse watching" can only take place at a site that is hosting the page that has this ability. If you don't like it, don't visit the site.
Black holes are where the Matrix raised SIGFPE
The system developed by the team at MIT is called Cheese, since they are following the mouse, like a mouse follows cheese.
Wouldn't a better title have been "Cat"? Or perhaps "Rodent Stalker"?
I can tell because when you read a webpage, you do one of a couple of things. You either shovel the mouse off to the right so that it is out of the way, or you will walk down the page with your mouse," he told the BBC's Go Digital programme.
Hasn't this guy ever seen a scrollwheel? I rarely move my mouse around a page. I sit it somewhere in the midle, and scroll. I also wonder where he gets this idea of "wanting to click a link, but you don't". Who does that? If I want to click it, then I will. Whose stopping me???
Oh, come on. This is pure garbage. How much info could one possibly glean from whatever javascript the researchers were using to capture the mouse movements? For me, whom uses the keyboard excessively and only moves the mouse when I'm sure I want to click on a link, there isn't anything that they can possibly gather. Besides, if they want to monitor my mouse movements, maybe they can see how quickly my reflexes to close pop-up windows before I even know what's in them come into play.
Join the Slashcott! Stay away entirely Feb 10 thru Feb 17! Close all tabs to prevent autorefresh!
Yeah....or I'm one of the 5% of the computer market with a Mac and I'm one of the 90% of Mac users that have discovered that when I type the mouse goes away. So I press down arrow and *poof* I don't need to move the mouse out of the way, and my finger is right where I need it to scroll down to read more of the story.
(Or I could turn off JavaScript, which is a good idea because it gets rid of a lot of irritating popup and popunder ads -- which is a pretty good idea, even 'tho it breaks a few sites)
I, for one, won't run a client that allows a site to profile me in this way.
If I understand this correctly, this technology would require the client to send data to the server about mouse movements, etc, for tracking purposes.
So I could simply elect not to use this type of software, correct?
Making web sites easier to use and catoring the content to what the users expect isn't a bad thing. Microsoft does very similar things in their GUI design. They get a large group of people together and have them do common tasks and watch every mouse movement and click and find ways to speed up the process.
Sure, I don't want someone tracking me, but keeping aggregate data wouldn't be bad. By doing this maybe they can speed up access to information instead of having me hunt around for what I want.
My friend has developed similar tracking packages. He's used this technology everywhere, from his signature on messageboards all the way to the corporate level. Rather interesting tidbits of information you can find out about people based on even just messageboard reading habbits.
---
ps -aux | grep mind
What exactly is the point of your website? PUT AN ENGLISH VERSION OF IT UP YOU COMMUNIST WHORE!
...no click shopping. If this mouse tracking is possible, an online shop could just let you wave your mouse around an item, and automatically dispatch it to you. Beats Amazon's one click!
It's not hard to keep refreshing a hidden iframe with the scrollTop position. I don't know what all the fuss is about now. there's is nothing new here.
This kind of metrics tracking has been going on for a _long_ time. It's not like you need any special skills other then some cookie knowledge to pull this off.
-teknopurge
techienews network help us beta!!!
Website Hosting
Konqueror and Mozilla both allow you to disable popups while allowing JavaScript to run. I believe that at least Konqueror and possibly Mozilla as well will allow you disable or enable features on a site by site basis. The web has become a whole lot less obnoxious since I set Mozilla up to disable popups and animation. I highly recommend running a browser that will let you do this. Mozilla is now fast enough that I can actually tolerate using it and has been since a CVS build about a month and a half ago.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
This is yet another useless JavaScript Web Bug that I for one can do without. When I am surfing the web, I have a "One Popup or other annoying trait and they're out" rule. Specifically, I will immediately set the site as a member of the Restricted group.
As a web developer myself, I strongly believe that one should never build a page that REQUIRES JavaScript or some other plug-in/client-side technology with the exception of pages whose purpose is to show a Flash or QuickTime thingame (a-la joecartoon.com). It's okay to add those things to make your site stand out or have a nice interface, but if I can't navigate around the site with Javascript and ActiveX turned off, I probably don't need to be there... Period
The Digital Sorceress
-bZj
.sig
First spyware and then web bugs. What needs to happen is that the public has to say "Enough is Enough" and not use products or services that violate their privacy or utilize these types of tools.
Unfortunately, the average person takes what is available to them simply because of the convienience of doing so. Apathy sucks, doesn't it.
Anybody up to writing an HTTP proxy or filter that strips out this info as it is being returned to the offending site? I guess it should then redirect the user to a site informing them of what has or was about to happened. Maybe the internet community should develop an RBL-like list for websites that pull this stunt? Anyone up for an RFC?
Here's a thought...remember Dr. Hawking's fear that machines may someday subjugate us? Image a concious website that maniputes us into doing whatever it wants us to do or believe. Damn...my computer is calling me again....
What browser are you using Smartin? Since moving to Opera and disabling the checkbox saying "Allow documents to create windows" my life has been nearly stress-free. What surprises me is the number of people who complain about popups, so maybe I'm missing something. Disabling popups does occassionally affect the usability of a site, when a link uses Javascript to pop up a window, but it's easy to quickly re-enable for as long as it's needed.
A word can paint a thousand pictures
I actually made a tongue-in-cheek protest page one day. All the links were activated by rolling over them -- no clicks required. Other than the fact that it was terribly annoying, it was pretty funny. (I may have to write a declickerizer HTML filter to automatically make all the links zero-click.)
While reading the article, I left the mouse in the main browser window and used the keyboard to scroll. So if their system was used, it would make it appear that I was not reading the article, even though I did in fact read it.
Really, if you stay on a page for more than a few seconds, you're probably reading it. And that would surely be simple enough to determine, although you'd have to figure out a bulletproof way to put up an invisible frame in order to send the information to the mother ship. It would probably be easiest done in Java, which can do that without pulling up a web page, but many people have non-working Java, so even that's not foolproof.
Unfortunately for the people who created this model, once people become aware of how it works, it will no longer function. People who would formerly hover the mouse over a link would simply refrain from doing so and therefore give the system no useful data. I also suspect individual personal styles are going to be different enough to stymie them in the end. I am not convinced that people only visit links directly if they have been to the site before, for example.
For the person who said a scroll mouse would defeat this system, I'm sure signals from the scroll wheel can be read as well.
When I am hesitating between multiple items, I will often put them in my cart, look at the total and then remove the one that makes the total too high, or that I'm unsure about. Anything I put in my cart and took out, and any abandoned shopping cart contents, would be a ripe selling weapon that can already be used without relying on this technique.
I think this one's too flaky for practical use. But as always, we'll see.
D
But scary. The thing I most fear is that people(marketing??) will setup websites that are only visible to people willing to allow their every move to be watched. For security reasons it is very wise to have javascript and active-x switched off, so I don't take kindly to being forced to either switch it on, or not visit the site. Though quite often I can view source and find the page that the javascript was going to send me to next, anyway.
These guys must have had a helluva time implementing something like an AI engine using cross browser javascript :)
No you haven't. The page you link to is simply a list of IPs (and reverse-DNSed names) that have requested certain pages from your webserver. If you'd read the article, this is a clickless method. It sounds like a lot of OnMouseOver:PhoneHome to me.
Yes, the nick is flamebait
I don't know about most of you, but I don't use the scrollbar to read through a webpage. I tend to use the scrollwheel, or most of the time arrow/pgup/pgdown keys. The mouse just sort of sits there until I want to click on a link.
Black holes are where the Matrix raised SIGFPE
Turn clientside scripting (javascript) off.
That cinches it. I am unplugging my mouse and reverting entirely to keymapping.
In reality however, this might not be as big an issue as you might think. Queueing theorists have been modelling consumer/customer behavior for years, with or without our consent. The good news is that they don't really give a damn about what you, the individual, is doing, only the probability that a lot of people might also do it. Your erratic behavior falls well below the sigma-squared deviation on the bell curve of user behavioral patterns. It might well lead to more efficient browsing as the current data models are improved with the introduction of more accurate patterns, probability matrices and the like.
This is yet a little more frightening...
I think that the idea that some AI code can tell what I'm truly interested in and what I'm going to buy is ridiculousness. While it may be true that most people do work in similar ways with the interfaces of web-published documents, what goes on in the individual mind during the process is certainly unknowable.
This technology sounds like it could cause more harm than good. I can see this sort of thing narrowing the scope yet again of what content is available online.
This will lead to the customisation of individual users' content without them even being aware that it is happening. "Can you imagine if I can actually tell that you wanted to press a link but didn't". (What?! Maybe there's a reason why I didn't!?)
It's bad enough that content it already spoon-fed to most people already - does it have to be chewed for us now first too? And when the people are only exposed to the things that the corporations will believe that we're interest in, it will lead further to the atrophy of the collective consumer consciousness.
Fortunately for me, I'm still using the 10th Edition of the Newspeak Dictionary... perhaps I'm a dying breed. *shrug*
"Sic transeunt omnia."
Look, since day one of the commercial web, sites have obsessively tracked how many hits they get, where they're coming from, how a user moves through the pages, where they spend time and how often they return. (As if Andover/OSDN isn't doing all of those things -- or is this like with web bugs where we're just supposed to care about them on other sites?) That's one of the great edges the net was going to have over other media. To the degree that people are bothered by that and to the degree that they're technically sophisticated, they turned off cookies and otherwise interfered. And what does Junkbuster have to do with anything?
What this seems to be is an incremental advance in tracking how pages are read -- there's a little added feedback about mouse movements and maybe scrolling. As always, if this takes off it will be trivial to block for those who know and care about such things. And everyone else has far more important privacy invasion being done to them.
and it's enabled by default on all major commercial browsers. Yes, you can turn it off, but then you'll miss out on the gee-whiz stuff that sites put up in lieu of content.
<rant>
What really pisses me off is sites that have information that I want (in HTML) but won't give it unless I pass through their flash corridor.
</rant>
Yes, the nick is flamebait
Though what they propose probably has some application to the majority of users, I'm just as sure there are others who would not fit their expectations:
Besides, cheese is often placed in a mousetrap. This kind of technology feels like users are the ones being tempted by the cheese; what kind of trap are we getting into?
Drives my wife nuts. I use the arrow keys and pg-up/down keys to navigate while reading a page since I despise the rat. I only move the mouse to:
a) click on a frame backgound so I can use the arrow keys.
b) click on a link I already know I want to go to after reading the page.
-- John
I have not yet grabbed the applet and tried to decompile it (mostly for lack of time), so I do not know exactly what it is doing in addition to sending time information, but it struck me as extremely obnoxious.
I am stuck using Win98 and Netscape 4.7 at work, so I cannot use a more enlightened browser that selectively grants/denies JavaScript and Java access by domain name. So...I am stuck being watched to a certain extent.
Is it just me or is anyone else sick and tired of being treated like some company's asset? I am tired of the companies I deal with trying to suck every possible dime out of the relationship they have with me -- ESPECIALLY when it comes to selling my personal information.
Laws affecting technology will always be bad until enough techies become lawyers.
How difficult is it to configure one's web browser so that it rejects most of the scripting junk out there? If you are using IE, check out the security zones feature that allows you to toggle scripting, cookies, and so forth depending on to which of four security zones a particular site belongs. I'm sure the free browsers have something much more sophisticated. Use it!
I'm proud of my Northern Tibetian Heritage
well, my shit can't tell mouse from a pig that's eatin' it. bet if i put all my crap (literally speaking) on the web it'll acquire some intelligence to tell the difference between not just the type of mammel that's eating it but also the difference between which ones are just sniffing it vs. the ones actually eating it.
check out the Majestic game advert at: http://www.scifi.com/farscape/ . Looks like what you mention is not too far away!
...And the way I constantly jerk my mouse around because the third roller's spring is going out because I'm too cheap to buy a new mouse. Anyway, I use the keyboard whenever possible (which web browsers make as hard as possible.. now we know why!).
I'd probably constantly get ads for new mice. Hey, it could be a whole new branch of ad-ware: check to see if any of the hardware is going out, and pop up an ad for a great deal on a replacement.
Leave it to p0rn sites to do the 'cutting edge' web development. I guess that's where most corporations hire thier web monkies from... Blah.
Wouldn't it be illegal if I tried to insert something into their web server to spy on what information they're collecting about me while I'm viewing their web page? Is my computer not protected by the same laws that theirs are?
I suppose you could argue that I'm leaving myself open to such invasion if I don't disable scripting - so why doesn't that argument hold when a web site doesn't close known security holes? At least there're valid reasons for wanting to leave scripting enabled!
Hmm - if I declare my actions in browsing their website - mouse movements other than intentional feedback like clicking on a link - to be copyrighted material, could I get protection from the DMCA? Then that script to spy on me would be a tool designed to crack my copy protection scheme (which would consist of recording all mouse movements to a file with "(C) 2001" at the top and encrypting it by XORing with a 'secret' key). The fact that they intercept it before I record it just means that they have found a technical means of bypassing my protections).
I guess I'll just avoid browsing webshites and continue to browse websites then.
Outdoor digital photography, mostly in New Engl
I use OmniWeb in Mac OS X. It has options to disable pop-up windows totally (without disabling JavaScript) and to disable pop-ups except in direct response to a user click. Its ad blocking is also pretty effective. It even gets those huge Flash ads that places like CNET are using now.
But I agree that things are getting a bit absurd. Legitimate mainstream commercial web sites are now opening pop-up windows that have gone beyond being mere ads: they're actually loading up other web sites!
This space unintentionally left unblank.
This is the problem ... through research, we are finding out we are little more than mice running through mazes. Our behaviour, given enough observation, becomes predictable enough to exploit.
"Old man yells at systemd"
Of course, there probably would be abuses of privacy by "marketing firms", but in the case of website that actually try to provide really useful information, this sort of feedback could really help direct the very limited time and effort towards improving the parts of the site that really need it. In my own case, it's often the classic example of a long-time expert not being able to identify with the pains of brand new users.
Of course, there is the traditional usability study approach. Maybe someday I'll spend some money and do it.
PJRC: Electronic Projects, 8051 Microcontroller Tools
Yeah what a revelation. I wonder which part of the page they'll discover I'm interested in: the pictures of the hot nude girls, the meaningless string of sexual terms and misspellings, or the popup window telling me where to get anatomy enhancements. I mean, personally, I read the sites for their fact-filled articles, but all the best books say it's a well-designed layout that makes em come and come again. Can't wait to find out!
I don't know about the rest of you, but when I visit any website, even one I've never seen before, I use my eyeballs before I move the mouse--it's naturally much more efficient that way. In fact, most of the time it's my scrollwheel that's moving, and not the mouse itself.
Honestly, I consider my mouse movement patterns almost completely useless, and I have no idea what good a website that "changed according to mouse behaviour" could possibly do me. Well, maybe links that I almost never hover could be tucked away; but I doubt ads would be included in that bunch.
Eye-tracking has much greater potential...
Power to the Peaceful
This suggests that it's probably done with Javascript. People that care about privacy, security, and avoiding annoyances, haven't had Javascript enabled in 5 years. Although that technically makes it "opt-out", turning off Javascript is such a basic an almost automatic thing that web users do, that it's practically "opt-in."
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
At work i'm forced to use MS,...(I'm trying to change that). So I use Opera on my work computer... When I'm actually forced to use Internet Explorer for whatever reason, i do so. One site in particular I went to used the comet cursor... Internet Explorer Beta 6.0 not only downloaded but also installed comet cursor without my knowledge... It never asked or anything... Now to me, this sucks. I'm using Opera 5.0 about 99.9% of the time so I only have that one experience to speak of, but in my opinion things on the internet are getting worse. Now if they only had Lynx for the MS desktop...
Linuxrunner
www.slightlycrewed.com - Because aren't we all?
Unless you have a Java applet that fills the whole screen, establishes a RMI connection to the server, and records everything and sends it back... is the added bandwidth worth the while? Besides, you must have a HTML interpreter embedded in the applet, if you want to use your former web pages... I'd like to have a look at how it's technically done.
Maybe it's done with Javascript, but then you'll have to embed the information in an URL request or in a cookie, and I think that would make for very funny URLs indeed.
The advantage of using an applet is that you can circumvent what was told in the other post; information can be obtained even if cookies are not accepted and Javascript is turned off
It's just a BloJJ
1) WebWasher (www.webwasher.de). It blocks cookies, scripts animations, web bugs, referer URLs, images, and a whole host of other things. It is highly configurable can be used as a proxy server if you have an in-house LAN connected to a shared broadband connection, and is much more powerful than Guidescope (which Junkbuster recommends for use under Windows).
2) Ad-Aware 5.6 (www.lavasoftusa.com). Run this at least once a week. It will find any ad tracking cookies, spy-ware and various other privacy invading data/programs that get left on your machine. The new version scans your memory, your registry, and your entire HD (very quickly). It finds and removes everything privacy invasion related.
to tell when you are done. When you are "preparing" you quickly find as many sources of pron as you can. When you are done, you just as rapidly close all the porn windows. So, just look for the closing of windows, which you could probably measure with pop-on-close windows.
...I think coool. Pretty funny name from the guys at MIT too. They sure get to have all the fun.
Then I remember going to some of my favorite sites that have become my not-so-favorites over the last six months. If they can watch my mouse movement, that means to most people, hey, let's pop up an add there.
That's what makes me hate this.
As a rock-in-roll Physicist once said, No matter where you go, there you are.
"It's quite another for online sites to track our movements in our homes or whereever we use a computer."
If they were doing that, you'd be right. But that's not what they are doing. The software can't tell what MP3 you are listening to or what you are typing in your IRC client. All it is tracking is your movement in their store (i.e. on the pages of their site). All (serious) ecommerce sites already track your movement from page to page. How is tracking your movement within a page any different?
I'm not saying this practice is good or even acceptable. I'm just saying it's identical to Real Life store behavior and that being outraged at the one and not the other is hypocritical, naive and pointless.
324006
Adverisers are pissing of people who watch television too. You get used to it (or have you stopped watching television?). It is the price to pay for getting free content.
Somebody has to pay for the content. And nobody watches banners that you don't have to watch.
Reload you're slashdot page until you get the IBM advert with the scroll bar.
What the hell IS that?
They do: http://www.fdisk.com/doslynx/lynxport.htm
-Legion
I guess that filtering the javascript involved would do the trick, or selectively writing a filter with Proximitron to catch the cookies, etc..
This shouldn't be too hard to defeat, regardless.
What gall for trying though. It reminds me of a Gibson story, (fuzzy on the details) but essentially "sensing" the patterns in someone's data enabled the corporations of the future to do precise targeting of consumers. Scary how we inch towards that every passing year.
Hotblack_Desiato
** By reading this post, you've agreed to my EULA - which includes not modding-down due to difference in opinion. **
This is not Your Rights Online nor is it news. Lets go back to bashing M$oft.
Rant Mode OFF.The Anti-Blog
Just because a store researches something doesn't mean they're going to make the shopping experience better for the consumer.
Case in point: The grocery store you referenced. Haven't YOU ever noticed that the dairy, bread, and fresh vegetables/fruits are scattered at different corners of the store.
And you know why, to make you wander the other aisles to get you to buy crap you didn't originally walk in to get.
"We're sorry, but the website you're trying to reach has been disconnected."
http://www.newsfactor.com/perl/story/13405.html
Just keep your current browser that doesn't report back to a server where your mouse is travelling and then nobody will know where you are on a page.
I don't browse webshites.
Got friends?
Ok folks, before everyone goes ballistic about the latest way to monitor what goes on in a browser (I'm probably too late), consider this. If they really see how we ignore banner ads and slam close popup windows, is this a bad thing? Maybe the Evil Marketing People(tm) will finally realize what doesn't work with ads and quit doing them. Maybe they'll realize that more-intrusive-ad!=more-attention.
Sometimes you have to look at things for what they can do positively, not just negatively.
Electronic Frontier Foundation for online civil rights information
The more people that disable javascript, the more that don't go to their sites, the more revenue they lose, the more reason they have to do their sites without javascript. The companies will lose.
I must have missed the part where it said how Cheese could read your diary, peek in your underwear drawer and see what color your carpet is. I only read up through the part where it follows the mouse on a webpage. Much the same way they ALREADY follow your clicks between pages.
Again, I'm not saying I like it. I'm just saying it's not new to the online world.
324006
2) Run your own Spider - Jam the recording site with "Noise" web traffic associated with your cookie/session. A good spider/robot could simulate mouse coordinates, etc.
Just a couple of quick thoughts. I'm sure there are more...
jeremiah cornelius
"Flyin' in just a sweet place,
Never been known to fail..."
we would appreciate you helping yourself, to acquiring this URL from us, & putting IT to good use.
Or you leave the room, or you hit the "mute" button. Or you tape, and skip over the commericals during playback.
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
Not like this is really an "ingenious" thought.. it's just a jscript timer and a category for each page that's present on the page, and keeping track on when that page is on top or not.
oh, and about another comment concerning keyboard shortcuts.. that can be defeated by either a) the programmer disabling the shortcut for the page or b) keeping track on when the page is entered/left and doing a popup or redirection then..
programming isn't that difficult, it's the brains behind the code that matters
So, if they read my mouse movements, what happens when they try to predict what I want from my mouse gestures in Opera?
I could almost buy the tracking "migratory patterns" argument- but they get that without needing any of the other spyware. Hell, the server tracks that as usage log information. The other reasons are just non-valid (Checking competitor prices? Go hit their site. Shoplifters? Don't make me laugh...).
There is NO good reason for the spyware. If the hit info isn't giving them things they like, maybe there is a reason for it. Could be they're doing something wrong- or maybe they bet on the wrong thing...
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
The research by the team at MIT is part of their efforts to create a world where desires and intentions are enough to get computers to act on our behalf.
Just ask Clippy, your favorite "Assistant".
User:Dear Bob,
Clippy:Looks like you're typing a letter! Do you want some help!
User: No shit Clippy, now piss off!
I can live without this kind of crap. The computer is a tool that is supposed to allow me to do my work more efficently. Crap like this gets in the way. It sounds really good on paper, but in the real world it causes more problems then it helps.
Visit the Arcade Restoration Workshop @ http://www.arcaderestoration.com
BWAHHAHAAA...
Look at the eurotrash scream!!!
BWAAHAHAHAHHAHAHAHHAHAHAHAHHAAAAAAAAA
Actually, I think that most uses have no idea that this kind of privacy invasion is going on (except for the toptext and wannabes debacle). If users were redirected to a site that shows them exactly what infomation is being collected about them, maybe the user community will actually feel violated and do something about this crap.
Join the Slashcott! Stay away entirely Feb 10 thru Feb 17! Close all tabs to prevent autorefresh!
Or perhaps someone else is already doing this, and hasn't told you.
like... Taco?
Why do people need all this fancy mouse tracking.
(grumpy old man)
In MY day, we looked at the logs to see what people are looking at
(/grumpy old man)
Don't Tread on Me
Their stated motivation is:
The technique they used was to "add Javascript externally to an existing web page." They mention using barnesandnobel.com, amazon.com, and ashford.com explicitely, but more had to be used given the nature of the tasks given. This seems to imply that they are able to, as a third party, add the javascript tracking to already existing sites. However, they also may be using the fact that they control the testing environment to do this, such as by inserting the code using an http proxy. Details related to how the code was introduced are not given, and would be necessary to determine how much of a privacy threat this is.
"I'm a man... But I can change... If I have to... I guess..." -- the man's prayer, Red Green Show
Mozilla definitely does allow you to disable popups. See http://www.mozilla.org/projects/security/component s/configPolicy.html
Even more off-topic:
Does anyone know how to make Mozilla lie about what User-Agent it is? My bank software rejects Mozilla, claiming it's not compatible. I'm pretty sure it is, and I want to try to make Mozilla claim to be IE on that domain.
(almost) no privacy anymore:
If I check our companies IDS then I see A-lot of requests for codered; standard attacks to our webservers, portscans,
I wonder where the world is going to, not only privacy is my main concern but also what is happening elsewhere is.
We see more and more negative stuff about:
It was very stressfull that I saw a immigrant entering the same office, asking for support, getting support for free, money and even a personal advisor/help: INSTANTLY.
To make the story even entire complete, that same person went outside, to the parking, opened his mercedes and starting using his cellular phone.
I really wonder what is going on these times?
Is everything getting corporate and corrupted these days?
What about the citizens who try to do a living and having their own jobs and their own lives?
What does the word FREEDOM means these days?
--- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..
Thanks!
Linuxrunner
www.slightlycrewed.com - Because aren't we all?
Thats why I absolutely love the commercial skip option on my tv. I am going to get me a tivo and will enjoy skipping the commercials with that as well.
In Mozilla you can disable any javascript method or property on a site by site basis.
So you can disable window.open, OnClose and other annoying methods.
Deny scripts access to data on your browser, screen dimensions etc.
See here for info on how to do it.
Reality check here...
People are going to collect information on the sites you visit. If you don't like it, there are some easy ways to get around the problem.
Personally, I don't mind most sites looking my stats over. This sort of thing keeps a lot of sites free. There are worse options like interrupted browsing. All they have to do is remove the page from direct access and lots of bad things happen. Let the marketing departments pay for something easy that those of us who want to can get around. The alternatives are harder and costly.
1. Fast connection means nothing because you have to wait along with everyone else for the ad server to show you the ad, then the page....
2. Searching becomes harder.
3. The web becomes less cross-platform as the ads require tools not avaliable everywhere.
So,
Use an anon service and surf that way if it is a problem.
Or here is another option. Enable your usual blocking tools hit the page and copy the page to local storage and read as long as you want.
I will do this anyway from time to time because I want to archive some content for reading later offline or on a PDA.
Big deal.
Blogging because I can...
Lets see... I think its doubleclick.com that places ad banners that track people across server boundaries then sells the results. Web servers moniter traffic and analyze logs to find out which pages are getting hit most frequently. I'd bet with a little bit of creative Java (or maybe even JavaScript) you could tell how far down the page someone is(can anyone verify or disprove this?), from that figure out their reading speed, what sections of the page they weren't interested enough to read, and which they just skimmed, and who knows what else. Combine these technologies and there you have it, you have an exact picture of what interests a specific person. Throw in an IP address, and maybe some demographic information and you have an awesome marketing tool, with no new technology involved. I wouldn't say "perhaps", I think its a sure bet someone is already doing this.
The targets specified in this article were obviously computer illiterate run of the mill folk living the average life. The kind of person that actually reads the help files that come with microsoft products. Also, the kind of person that can't read anything without a physical reference point, i.e. a mouse cursor. For people like myself... who don't hold on to the mouse unless the intention is on clicking what is being looked it... it wouldn't work. And I dont' shove my cursor off to the right, It's not that big, it does fine right where it's at.
I don't know if Mozilla can be configured to lie about the user agent, but I know JunkBuster can be configured to lie about the user agent.
This would take me a week to implement in JavaScript. Set up listeners for nearly and and all mouse events. Log them using a Javascript Object. Serialize it to XML or some tighter data format. Analyze later. The tricky part is the analysis and figuring out exactly what you want to have listeners for. Still.. not that difficult at all.
Jeremy
That article read less like science than marketing hype.
Wouldn't work on me in any case, as I read that article I did my usual: leave the mouse where it is, use the keyboard to move the page up and down.
Damnit, I guess now they'll find out the truth - I'm not really interested in the articles!
Upon reading this I looked at my mouse cursors position. It was dead in the middle of the screen, over some of the text I had read before I scrolled down using my mouse wheel, and had been there since I opened the page. (I take the second case he descibes as 'you use the mouse to hold the vertical position on the page where you're currently reading', as oppose to 'you use your mouse wheel to scroll')
No mouseover events would be a good start.
that webshites will soon(?) be able to tell whether you are reading the page, what parts of it are of interest to you, etc.
Okay, so create a statistics program that drops a cookie (with the time and URL included) when you enter a page and then finds the time you idled on the page before it (from the previous cookie dropped). Have it find what page that was by reading the cookie.
From this you can calculate which parts of the site you read, what parts were "of interest" (if time equals interest to you, at least; not just getting up to grab a Coke), and various other information.
I would bet that you would have to install a program to do the "mouse body language" (unless it uses Java, JavaScript, ActiveX (ew), HTML tricks, or came with the browser; the first three can obviously be filtered out) and that program, depending on how it was designed, could use considerable amounts of bandwidth (at least for 56kers and below) varying on the amount of information it transmits, obviously...
Do you like German cars?
I'm presuming here that what the person means by walking your mouse down the page, is that you are "reading" the text with your mouse pointer (like using your finger in a book). Many people here mention that they get around this by using their scroll wheel. They can probably track scroll wheel movements pretty easy. A simplistic method would be in javascript. You should just need something like:
in your scripting area. I think this will take care of 'tracking' your mouse anywhere on the screen. So if the mouse is anywhere over the document, an event is fired off calling the function. I'm sure you've seen a site that has those anoying 'mouse trails' that can follow your cursor...similar concept. It's not limited to links, so provided your mouse pointer is anywhere over the page, it will track it. If you are using the scroll wheel, the page moves under the mouse...but the pointer ends up over a different section of page. Thus it looks like the mouse has moved. So the function could start a timer every time it is called. This could give you an idea of how long they spend viewing a portion of the screen before moving on (scrolling down, etc.).
Now, you could probably circumvent this by putting the mouse cursor off of the browser window altogether and use the arrow keys to scroll. Put you'll probably need to tab between the links in order to get to the one you want. This selects each link, which again should be viewable through a javascript event (can remember the handler off top of head, onfocus perhaps?) tagged to each link.
Other parts of the article mention being able to provide you with a site that tailors itself to you on the fly. Simple server-side scripting will do this. However, I fear sites becoming over-zealous with a feature like this. Many sites end up only providing you with common content it thinks you want, while hiding the content it thinks you don't want. This is to presumably speed up my experience because I wont have to see the other site information downloaded (quicker access over those modem links). After a while, I might not know what said site has to fully offer, as I get 'stuck in a rut' so to speak. They would need a 'show everything site has' (site map) link on everything single page to help offset this. Unfortunately, many sites don't adhear to this simple requirement. Consequently, many users never use certain sites to their full potential.
- A non-productive mind is with absolutely zero balance.
- AC
I have a mutli-level armored approach to browsing:
All of the above besides Junkbuster are Windows-only. The first one is specific to IE, but I end up using that anyhow, since it's the most stable Windows browser.
I can browse most sites that don't do stupid shit like refuse to serve pages to me if they cannot detect my browser (in which case, they are probably crap, anyhow). For shopping sites, I can just add the site to Junkbuster, or bypass the protection through Proxomitron. I am pop-up ad free, and I give out minimal information about myself. The other better way of browsing I could see would be to use an anonymous proxy, which would protect my IP addess.
Of course, this would bet better implemented via the browser. I was using Konqueror a lot at home under Linux, but it began crashing too much for my tastes. There, I've just stuck to using Mozilla with Junkbuster. Javascripts still sometimes get through, though.
I run a filtering http proxy, and it is rules based - so i can choose to remove all javascript from pages, remove popups, make all frames resizable etc. They ain't gonna track me ;)
Speaking of keyboard shortcuts, how are these easily done in Linux? This is my biggest beef with moving exclusively to Linux away from Windows.
A focused UI is one thing that MS has down pat. I can't stand using the mouse unless I absolutely have to (i.e. browsing the web), but MS makes sure there is a keyboard shortcut for almost every function.
I know this is off-topic, but if anyone has any quick links, do ya mind posting them for all to see? I mean, hell, this comment is at the top of the list!
What parts of porn sites you *read*?:-)
"Just because a store researches something doesn't mean they're going to make the shopping experience better for the consumer."
Who said anything about improved shopping experiences?
My point here is not "Big Brother watches us to Keep Us Safe, so stop complaining". My point is "This happens in real life already, so why is it in a section called Your Rights Online?" My answer: Slashdot needs hype and is doing exactly what it professes to despise. Taking a minor (albeit semi-important to some) real-life problem and blowing it all out of proportion when it comes to The Net.
324006
they can track, record, compile profiles, etc but it all falls on deaf ears when they're still selling the same old LAME shit.
how'bout spending time on product development?
YOUR PRODUCTS SUCK!!!
...pump movement data from some JavaScript into an applet (should work, not sure). The Applet opens a connection to some server, and passes it all on. In real time if need be I suppose.
Excellent sites.
Adverisers are pissing of people who watch television too. You get used to it (or have you stopped watching television?). It is the price to pay for getting free content.
:)
I think you should have the word free in quotes there
Somebody has to pay for the content.
Ever wondered why a box of cornflakes costs as much as it does? How much of that goes towards marketing? Congratulations, you've just paid for your 'free' television programs. (Expand across your shopping budget as required, of course...)
deus does not exist but if he does
Duh. The comic shop I used to work at (Action Comics. Quite an original name, no?) did this with the new comics. They were along the back wall so people would have to walk past all of the games/toys/cards and other assorted whatnot to get their biweekly X-Men fix. This isn't bad for the consumer. Sure you've got to walk an extra 15 feet or so (God forbid) but you also get to be exposed to different crap that you might not have been exposed to before (impulse buy!). Unfortuantely, this did not work for Action and they are now long out of business.
The sole purpose of the Internet is to get porn and bomb making plans into the hands of children.
Since the crucial part is not the javascript getting mouse positions, the crucial part is javascript communicating those positions back to the web server.
Mozilla already has fine-grained control over which sites you allow to send cookies to. Someone could add another fine-grained feature to control what sites you allow javascript to send http GET/POST commands to. It could also set which javascript commands you want to enable. This is already the case with window.open()
I also thought maybe we could make the broswer show you what info it is posting back, and let you approve it. But then, sites would just encode it so its not human-readable.
So this is a complicated issue, but one we can deal with, since we have Open Source Mozilla.
So what?
sulli
RTFJ.
I had it in June :-)
See my motiontrack php/javascript script.
Adding automatic onmouseover generation for tags like img or a should be easy. Combined with the coordinates you have a pretty "good" tracking tool...
On the topic of pop-ups, I've read through the page you cited, but I still have one more question: does Mozilla have the ability to enable pop-ups only from clicking on a link? Disabling pop-ups entirely is irritating as many genuinly useful sites use pop-ups when a link is clicked. It seems that the Mozilla solution is to add each legitimate site by hand; hardly an optimal solution.
FWIW, OmniWeb has this feature.
- j
Why isn't MIT trying to figure out how to make SMTP a secure method of communication. Or adding a better way of removing spam off mailservers.
You know what I'd rather see, is a way of an end user setting up server side spam filters so that one does not have to download spam email to the machine and have the email client do the filtering. This would eliminate 50% of my junk email and probably yours too.
Why cant they create something useful to the users.. guess this means that there needs to be a privacy project started on sourceforge... Whats a good name for that???
Only 'flamers' flame!
I wish sites would realize that pissing off their viewers with popups and big honking ads,...
It's not the web that's annoying, it's the sites that you visit.
I hate commercials on TV, but they have to pay for the content. Therefore, I stopped watching, but I don't complain about it - there's no point. Who likes popups? You could use technology to circumvent them, but this is unethical at best.
There is no longer anything that can be done with computers that is nontrivial and clearly legal. -- Paul Phillips
You get used to it (or have you stopped watching television?)
:). Anyway, my point wasn't that advertising isn't necessary or ok at some level, my point was that the totally in your face advertising can't possibly be selling more product, it is probably selling less due to the fact that the advertisers are pissing off rather than attracting customers.
Actually I don't watch television any more, i watch Tivo
The difference between Canada and the USA is that in Canada healthcare is a right and gun ownership is a privilege.
However, I do not consider it likely that someone who knows nearly everything about me will track where I go in Grand Central Station, what I do there, how long I take to do it, whether I do it alone, and so forth -- and I damn sure don't consider it likely that this mysterious individual about whom I will know almost nothing will have the ability and the desire to sell what he has learned about me to a third party so that that third party may increase what _it_ knows about me.
There already are people tracking your every move in public places. These people already are selling some of your personal information to third parties. Question is, do enough people care about this to do anything about it?
./sig
Nope, no sig
The best solution is to get the enitre page to fit on the screen :)
-
ping -f 255.255.255.255 # if only
They're going to have a tough time with me, considering I usually switch between an average of 10 browser windows at one time...
"Free content" is an odd way to describe $29.95 (or is it up to $39.95 now, it's been a while since I dropped it) a month for the most basic, minimal cable package offered.
Edward Burr
Having a smoking section in a restaurant is like having a peeing section in a swimming pool.
Most pop-up ads come from one of the usual banner-ad sites, not the actual website, so this feature works pretty well.
Here's my user.js file - you may find it useful. I allow pop-ups by default, except for the listed sites.
I'm a leaf on the wind. Watch how I soar.
I hate commercials on TV, but they have to pay for the content. Therefore, I stopped watching, but I don't complain about it - there's no point. Who likes popups? You could use technology to circumvent them, but this is unethical at best.
Unethical? What about the fact that I'm the one paying to download their advertisement? Since I'm the one paying for my connection to the Internet, and all of the traffic on that connection, I have the right to decide what content is appropriate on that connection. If I decide to block useless ads and popups that's entirely my right.
In general, I think that companies which try all of these very annoying advertising strategies are ultimately wasting their time and money. They should go read the Cluetrain Manifesto and get a clue.
To email me,subtract my nick from my email address, starting with the second character. (hint: adto.uiuc.edu is wrong)
I can GUESS what you are doing by your mouse movements...but I can't tell a damn thing because I'm just a bloody idiot wasting grant money...
:)
That SHOULD be what the dude is quoted as saying.
What about those of us who have 'sticky mice'
because we don't clean those darned rollers often enough...this guy's head is so far up his arse it's sad...
--Huck
Please don't confuse Junkbuster/Guidescope www.junkbusters.com with the open source variant of junkbuster which is a cross-platform product and has been rewritten almost completely from scratch (even though some similarities still peek through).
I am a developer for the open source junkbuster, and we need more people to test our alpha product shameless plug.
Corporate Gadfly
Jonathan Archer: the most beaten up Enterprise captain in Star Trek history
Easy way to get rid of pop-ups forever!!!!
Just stop visiting porn sites.
The next big monthly-ish milestone release of Mozilla (0.9.4) is likely to come out in a day or two -- they're working on verification builds today. Also, the recently released Netscape 6.1 is out and also very good (muuuuuuch better than 6.0).
I've been using 0.9.3 for a month now and it's great. Every time I hit a web site that crashed Netscape 4.x or takes forever to layout, I just switch over to Mozilla and it works EVERY TIME. The only reason I still use NS 4.x is that Cookie Pal doesn't support 6.x yet.
One simple rule for its versus it's
Doesn't the latest version of Opera support mouse gestures a la Black & White? Wouldn't this wreak havoc on any data they gather using this mouse position tracking system? I can just see hordes of Opera-using /.ers descending on the first website to employ this methodology for the sole purpose of screwing up the stats...
"The first time I got drunk, I got married. The second time I bought a chimpanzee, after that I stayed sober" Arian Seid
I found the Web page of project "Cheese" at MIT. They don't seem to be using their own mouse tracking technique yet. The publication that the researchers have produced doesn't provide much more information than the BBC article.
Playing with the HOSTS file has become my solution. I don't remember who it was, but some Slashdot user had a link to a pre-made HOSTS file which I downloaded, edited, and used to block all of the ad networks. AdvertWizard.com seemed to be the most annoying ad network, as nearly every ad I got from them spawned a popup.
I like the HOSTS file method because it can be used on Windows, Linux, and it can be modified to work on Mac OS as well, and doesn't care about what browser you're running.
The bad side to this is that if you decide you want to check out doubleclick's privacy policy for some reason, you can no longer go to www.doubleclick.net and you have to go and comment out that line of the HOSTS file. Also, it doesn't discriminate between popups and normal banners, and I sometimes feel bad about shafting the site I'm viewing by not generating them some ad revenue. But I guess this is the only way to demonstrate to them how much I really really hate popup ads.
IE used to have the ability to turn off JavaScript (or was that Netscape 4.7?) and then MS so kindly removed this feature. What a splendid move! Nothing I like better than visiting a website and having a message like "ShOuT OuTz tOo AlL mY pHaTTy PeePz!!!!!1" scrolling along the bottom of the browser where the URL is supposed to go. Thanks MS.
I wonder if it's possible to write an app that uses MS's rendering engine (which is pretty nice IMO) but adds useful features and removes unnecessary junk, such as Mozilla/Galeon. Maybe it's time to try Mozilla again on my win98 computer...
Hmm...
rooooar
what if users dont hit these sites at all..?
Haven't YOU ever noticed that the dairy, bread, and fresh vegetables/fruits are scattered at different corners of the store.
And you know why, to make you wander the other aisles to get you to buy crap you didn't originally walk in to get.
That is simply not true. The reason that the dairy/frozen food is on the other side of the store is so that it's the last thing you pick up as you leave, therefore it will stay cold longer. The reason it is arranged this way is because many customers complained and requested that the stores be setup this way. I worked at a brand new grocery store as a teenager, and for the first 6 months, the food was constantly changing position, because people complained and gave suggestions.
My point is that there is no secret conspiracy going on, and people actually do listen to customers sometimes.
Try Netcaptor (Netcaptor.com).
I used it before fully switching to Opera. IE engine, tabs, easy scripting/cookie on/off settings, right-click popup-filtering...
The free version is ad-driven, not sure anymore, but look out for spyware.
Other than that, a great piece of software.
JohnAsh
Now I'll never get anything done since what I HAVE to do is rarely what I want to do.. (speaking of which, back to work!)
Excellent! That was just the piece of information I needed. I'm using Guidescope (apparently from the same folks who bring you JunkBuster) and it has the same options to lie about the User Agent that JunkBuster does.
Thanks again!
Well, one thing that strikes me about this is:
For all this data collected from all the surfers to a busy site, where on earth are they going to store it all for any length of time??
I work for a company with a sizable web traffic (250 million pageviews/month). The bane of my life is the logs. Processing them, and storing them for the length of time to draw meaningful trends takes a huge amount of space. All of which needs to be on a RAID, just in case..
Then, of course, there's the software to mine this collection of data, the amount of time required to search the disks for the relevant data, and the setting of the resolution of the data capture from the mouse (needs to be pretty fine resolution to achieve any meaningful results)...
Just think, if they adopted this scheme, it'd be great fun to write a device driver for a pseudomouse that sat the cursor over the web browser, and randomly moved it around, generating millions of data events, all of which get logged on the web site archives...
It's fine to do this for a small scale site, with plenty of funding, but I think there'd be huge problems with the sheer logistics of collecting and analysing this data for anyone without almost bottomless pockets as far as funding goes...
Personally, I don't reckon this will be a big brother tech anytime in the near future...
Cheers,
Malk
is that a bit of a freudian slip?
IE used to have the ability to turn off JavaScript
In IE (I'm using 5.5), just go to Internet Options > Security > Custom and disable "Active Scripting", Java and Active X options. This prevents pop-ups, status bar nonsense and just about every other client side annoyance that I have encountered. The only drawback is that an occasional page won't load properly.
Even more off-topic:
Does anyone know how to make Mozilla lie about what User-Agent it is? My bank software rejects Mozilla, claiming it's not compatible. I'm pretty sure it is, and I want to try to make Mozilla claim to be IE on that domain.
The pref is called "general.useragent.override". See http://mozilla.org/unix/customizing.html for an example and instructions on how to set the pref if you're not familiar with prefs.js and user.js. (Note that even though the URL contains "unix", most of the prefs there work equally well on all platforms Mozilla runs on.)
Adding something to the preferences panel to allow changing the useragent without editing a text file is bug 46029.
The shareholder is always right.
As anyone stopped to think that perhaps, just perhaps we should worry about getting current web standards implented in current common and not so common browsers before we "redesign" the web again?
If we don't make light of everything, we are just stumbling in the dark - Blank
I wonder if it's possible to write an app that uses MS's rendering engine
/ spy?movements=" + movements'>
Aol.
Or write one yourself. Seriously. It's well documented. I did one in a half hour. You basically host shdocvw.dll as an ActiveX control within your app, and you can have conplete control over its behaviour.
Or, if you don't feel so inclined, clickity this : Tools/Internet Options/Security/Custom Level/Scripting/Active Scripting/Disable. Micros~1 were never stupid enough to disable disabling JavaScript. They just left it on by default. You can enable/disbale JavaScript/anything else etc on a site by site basis, by putting them into four security zones, which you can choose the level of security on each.
The 'breakthrough' nothing more than
<script>
var movements = new Array();
</script>
<body onMouseMove='movements.push(event.clientX); movements.push(event.clientY);' onUnLoad='window.open"http://some.random.spamhaus
"I think he was truly surprised at how little I cared about how big a market the Mac had" - Linus on Jobs
Two weeks ago, Rob Ginda and Mitch Stoltz added a weaker version of what you're asking for. Instead of only allowing pop-ups for click/enter, it blocks pop-ups for onload, inline scripts (run before onload), onunload, and timer events. This is effective against most existing pop-ups, but will stop being effective when aggressive advertisers realize they can use onfocus or onmouseover instead of onload (if they think enough people are using Mozilla and enable this pref).
To block pop-ups in onload and onunload events, add this line to your prefs.js file (or to a user.js file in the same directory):
user_pref("dom.disable_open_during_load", true);
The shareholder is always right.
I'm not the only one, but I posted an abridged version. I'm also not the orginal author - I just collected the data from various sources and put them into one HOSTS file.
I'll post mine when I get home tonite.
For Win NT4 / NT5 the hosts is found in
%SystemRoot%\system32\drivers\etc\
Hey, wow, finally someone else who uses NetCaptor!
What's also cool is that they have a version that's going to use Gecko in the works, too...
-- Veni, vidi, dormivi
When they have acumulated all the data on the user navigation habits they will analyse it in detail and design a highly sophisticated website. This website will encorperate the latest in DOM javascript navigation, with mouseovers on all the menu items, which lead to multiple screens, each screen will have blurry 3D style bitmaps and the background will be a smiling yuppy in a suit.
...All this despite the fact that the entire sum of information could easily be contained in one simple HTML table.
I can't believe that people are upset over this. Wake up, smell the coffee, and welcome to the real world. Please notice that this reality does not precisely follow your expectations. Part of growing up is learning to deal with it.
If you stand up, walk to the corner, enter a liquor store, and buy a pack of condoms, PEOPLE ARE GOING TO KNOW ABOUT IT! Do you expect the clerk to wear blindfolds so he doesn't know who he is selling to?
It is perfectly reasonable, and expected by most people, that their actions which interact with other people will not be private. You call your mother on the phone and you mother will know about it. Duh! You talk to your mother in a crowded room and lots of people will know about it. You shout to your mother from across Grand Central Station, and hundreds of people will know about it.
That is why the law has a certain thing known as "reasonable expectation of privacy". The information about your website is already collected and available to the website. Go peruse your own apache logs if you don't believe me. They know what files you visited and in what order. Do you really expect them, if they are in the business of marketing a product, not to corrolate that information? They would be stupid if they did not.
You cannot expect that you will live life in a vacumn. You cannot expect that online businesses will behave differently than brick-and-mortor businesses. You cannot expect that one party in a transaction will forget all details about it after it concludes.
A Government Is a Body of People, Usually Notably Ungoverned
You're correct. I'm left-handed, mouse right-handed and use the mousewheel instead of the scrollbar whenever possible. I can be jotting down notes or checking items off a list with a pen in my left hand while I wheel/scroll with the right hand. The only thing that's hard for me to do with the mouse in my right hand is freehand drawing. I think most left-handed people develop some degree of ambidexterity.
The best thing about being left-handed is that you're always in your right mind.
I have tried them all and Webwasher is the best... one thing you have to keep updating software like this as websites continually look for ways to defeat adblockers and Webwasher hasn't had a new version for some time...
From the article (emphasis mine):
Hm...
"I can tell because when you read a webpage, you do one of a couple of things. You either shovel the mouse off to the right so that it is out of the way, or you will walk down the page with your mouse,"
What would a circular motion of the mouse mean? Is my mouse dirty? Maybe they could automaticaly send some mouse cleaning consultant over.
Does anyone know how to make Mozilla lie about what User-Agent it is?
:)
Set "general.useragent.override" in prefs.js. Like this:
user_pref("general.useragent.override", "Mozilla/5.0 (Windows 98; en-US; rv:0.9.2)");
(Don't ask why I make Netscape 6.1 lie like that.
If you're concerned about this, disable javascript and/or vbscript.
I always have two browsers on my computers. One that prompts for cookies and has java and javascript enabled, and the other rejects all cookies, and has java and javascript disabled. I use the secure(r) one for cruising the web, and if I need to go to a useful site that requires javascript and/or cookies, I use the less secure one.
OmniWeb for MacOS X has a start on this. You can disable popups completely or only allow them onClick. I'd like more granularity like the ability to selectively block certain functions.
OmniWeb also has the option to block images if they are standard banner sizes or images from offsite.
The killer part of OmniWeb is the level of control over cookies. By site you can: Accept, keep at end of session; Accept, discard when quitting; Reject; or you can prompt for each cookie. You can also set the default action for cookies to any of the above.
My default is prompt for each new cookie and typically I set sites to Accept, discard when quitting.
Sorry, been using Java lately.
s/onMouseMove/onMouseOver/
"I think he was truly surprised at how little I cared about how big a market the Mac had" - Linus on Jobs
That's part of the reason there is the DMCA and the possibly-soon-to-be SSSCA. To make skipping commercials illegal. (*) Heck, with DVDs it is illegal to make a player that lets you skip unskippable ads - you either have to violate the CSS license or implement CSS yourself, which is a DMCA violation.
(*) It won't strictly be illegal - that would raise an outcry. Just that getting around the technology that stops you would be an illegal "act of circumvention". That way anyone that tries to give you control could be painted as an "evil hacker", likewise for anyone using any circumvention methods.
After all, only "evil people" try to make the computer do anything it isn't designed for, or do anything the computer tries to prohibit. The machine is "always right", since the "nice" corporations made them.
(The above was heavily laced with sarcasm - obviously I am oppossed to DMCA/SSSCA).
Just because it CAN be done, doesn't mean it should!
I saw this once... it may no longer apply.
// Override the default user-agent string:
user_pref("general.useragent.override", "Mozilla/5.0 (X11; U; Linux 2.2.16-22smp i686; en-US; m18) Gecko/20010110 Netscape6/6.5");
A place where you have a list of all the applications that has spyware and ways to go around them (plus doing heavy damage to people putting that in their software without any mention (should I add, CLEAR mention). Winamp ASKS you if you want to contribute, that's fine with me, bearshare?? installed shit that I didn't know about and it's my firewall that told me there was a software trying to access a website that gatters data, now that's just plain immoral. With such a site, you could have a database and groups of people that could protest (you'd know where to send your email/faxes).
Then again, having 1000s of users sending them emails to say how pissed they are would be totally to their advantage because they could build an EMAIL database to spam you back....
This is lame, one guy gets his ass busted helping adobe to make it's encryption more secure, and everyday we can see our freedom being attacked "for better security" but for shit like that, that IS plainly illegal and unethical, nothing protects us, or barely nothing.
Wake up goverments, if you want to get some credits and not only look like a bad corporation and money sucker, how about some socialism and putting that same energy used to arrest innocent people, to do something worthwhile like jailing (or better yet, burning alive) these people or companies that contribute to deteriorating our mail servers, privacy, and the overall internet experience?
--- Metamoderating abusive downgraders since my 300th post.
Most web servers have this information: IP address, pages you visit, files you load.
Most users have dynamically assigned IP addresses, but these can be tracked back to your ISP, but it would be hard to pin it on any specific individual.
Just be careful about what you put in the forms pages they offer.
Have not installed ANY new programs in the last couple of weeks yet SOMETHING installed some new program which I found running in my system. I check for spyware just about EVERY OTHER day and I found this new program running in my msconfig called NADaemon !! Does anybody know anything about this and where it might have come from?!??! AdAware (running THE latest version 5.6) doesnt even recognize it but the file properties told me its somekind of web tracking program !!
...hey everybody...look at MEEEEEeeee !!! eYE did this in 3rd grade when everyone else was fingerpainting...anyway...so what did you contribute to this conversation? Do your part, man, and keep the S/N ratio down a bit in here (I'm guilty too, but at least my post has SOME purpose)
Since I'm the one paying for my connection to the Internet, and all of the traffic on that connection, I have the right to decide what content is appropriate
EXACTLY! You have the RIGHT to decide if their ads are not the type of content you want on your pipe - don't go to their site and you won't see the ads. You're argument is like stating, "I shouldn't have to pay for this book, I have the RIGHT to view this book, so I'm going to steal it".
It's not your right to circumvent their revenue model Do you really believe that you have some God Given Right to have access to a website's content? If you want their content, you have to agree to their revenue model to use it (monthly subscription fee, advertising, etc.) If a site requires a $10 monthly fee, is it okay to hack an account on their system? Filtering ads is no different.
Note to moderators, I just got modded down for a legit post in this thread - please do not mod based on personal opinion or bias.
There is no longer anything that can be done with computers that is nontrivial and clearly legal. -- Paul Phillips
He sees you when you're sleeping.
He knows when you're awake.
He knows if you've surfed for porn.
don't jack-off for goodness sake.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
*sigh* One more reason to run WebWasher (a great freebie for Windows and now for Linux!)...
y ,I know what you're doing you fools and you're not getting any data from me! Best of all, I'm going to tell all my friends!"...
Also, while you *could* block out the site that this insidious garbage is sending it's results to, I think it'd much more fun to simply use a proxy like Squid to rewrite the junk and send out what you want - something along the lines of:
http://secret.tracking.site/gather.cgi?data="He
Then again, a nice cron job to just do this for me about every 2 minutes - bounced off of an anonymizing proxy (say one of those Crowds servers) somewhere on the net would be a wonderful thing too... If a bunch of us did this, they'd get so much crap, it'd be work to filter it out (of course the junk sender would be polymorphic)...
Fight technological BS with Technology!
First, my mouse has a white led instead of a red one (modding ;) and when it's stationery the cursor starts jumping around enough to confuse most systems :D (doesnt bother me though, it only does that when it's stationery). Second, I use opera nad I just love the shortucuts and use them all the time. Also, I don't think the movement outside of the window can be detected with Jscript, so I dont expand windows unless I really trust the site (I have a biiiig monitor) :D
i'm serious. the implications for this are astounding. not only will they be able to create character profiles of your behavior (what sites you like, what appeals to your eye, what interests you), but eventually they'll combine this with psychological profiles and analysis.
local gov'ts will force isp's to utilize the technology trying to seek out criminals (whose mouse behavior has been proven to act differently from others) and give them help or indiscriminantly arrest them.
oh the future looks bright.
... which is, that by tracking HOW people use web pages, they can determine whether their web design is any good or not.
Frex, if an area produces a lot of mouse hovering over a given area, without much clicking, the conclusion is that this part of the page is badly designed or confusing and needs to be changed or fixed. Conversely, if every visitor's mouse shows rapid movement to a link, this would imply that what people wanted to find was visually obvious.
Yeah, it could be used to get an idea what part of a page was most attractive for advertiser use, but mouse patterns will change (to go around the "obstacle") as soon as ads are implemented that use the mouse demographics, so it'll be self-defeating from an advertiser standpoint.
But where I think it'll ultimately be useful, is for website designers who need to know if what they created is actually USABLE or not.
(WTF happened to our sigs? they're gone again.)
~REZ~ #43301. Who'd fake being me anyway?
In keeping with that second point, I'd like to point out the dishonesty of the researcher claiming this will help to be 'more responsive to customers' or whatever cant he used. Commercial web sites have already shown their utter unresponsiveness to customers. Even when a customer took the time to compose a detailed email explaining what was wrong with a site, it was either discarded or read with gales of laughter. I know because I was there. If web sites want to serve customers better, they could start by reading and responding to email. Second, watch the error log and fix bugs. Third, watch the access log and find 'dead ends' where people give up. There is no need to spy on customers.
How is this system supposed to work on my PC, since I primaryly use my keyboard for web browsing ? :)
Gotta track space, enter, tab and arrow keys hits too !
Julien.
Doesn't Article 12 apply here:
No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence
Actually Article 19 is quite interesting, too (though not related to this).
Eh.. if milk would be placed so that it was the last thing you pick up, wouldn't it be near the checkout line instead of the back corner.
Imagine how many superstitious people you can con into giving you money if you can make them believe that your website can read their minds.
Hmmmm... my psychic powers tell me your mouse is clogged with dirt (jerky circular mouse movements) and thus not moving smoothly. I can also tell that you are new to computers (double clicks on links instead of single clicking).
eTrade SUCKS
Oh joy, does this mean the next time I'm browsing Best Buy's web pages, if I linger too long a
window pops up and asks if it can help me?
First they burn books, then they burn people.
So, any site that uses the Prophet applet can capture user details, even if you decide not to submit them. As far as I'm concerned, this is a keystroke log that's equivalent to a wiretap. I'm currently fighting an intense battle with an analyst that I work with who feels this is the best thing since the word demographics was invented.
And to think, people laughed at Scott McNealy...
Change frame: CTRL+TAB in IE
Search through items on a page: TAB in IE
Activate items on a page: ENTER in IE
Right click items on a page: SHIFT+F10 in IE
There you go. No mouse