Do Not Call Site Has AT&T Stats Tracker?

hookedup writes "The Register is carrying an article about suspicious content at the FTC's Do Not Call site. It has been a runaway hit with US consumers, with over fifty million signing up to avoid spam calls from telemarketers. But the web site hides a little secret: a 1x1 pixel image tracking visitors... and where does the trail lead but to the AT&T, one of the most persistent telemarketers." However, the tipster, James 'Kibo' Parry, notes: "There isn't any evidence proving they _are_ up to anything improper, but this relationship between the FTC and AT&T fails to avoid the potential for impropriety."

Oh NO! A tracking pixel!

[DrEldarion]

I don't really see where this is cause for alarm. For all we know it could be a counter.

Anyways, what's the worst that could happen? AT&T knows which web browsers people use and what resolution they're at? Oh no!

-- Dr. Eldarion --

AT&T has the server logs!

The article says, "The FTC confirmed that AT&T Managed Services is its contractor, and hosts the website."

They don't need a 1x1 image to track usage... they have the server logs!

Re:AT&T has the server logs!

[Dave2+Wickham]

Err...what? People visit 1x1 gif => entry in server logs. Using 1x1 gifs is 100% based on server logs.

Over rated

[Dorothy+86]

Ok, so there is a "tracking bug" on the FTC do not call list that links back to AT&T. Well, it could be used for FTC tracking purposes, since AT&T hosts them. It possibly gets info on where they came to the site from, etc. This is all overrated.

AT&T is a huge corporation

[dcocos]

I'd be willing to be that AT&T hosting people don't even know that the AT&T phone people exist.

Ahem...

[inertia187]

Will someone please tell me what would prevent a telemarketing company outside the US from obtaining this very accurate list of phone numbers?

Re:Ahem...

Nothing, considering they will be getting it on cd from the FTC in order to comply with the program if they are conducting buisness within the US, just like every other telemarketing company.....

Re:Ahem...

Will someone please tell me what would prevent a telemarketing company outside the US from obtaining American phone books?

huh?

[scovetta]

How is this a problem? The URL is not dynamic, so unless there is a back-end conspiracy between the dnc list and AT&T, what the hell is AT&T going to do with 50 million IP addresses? They can't look them up to people unless they get info from elsewhere. If AT&T and the dnc list were sleeping together, then the dnc list could give AT&T the IP/name/phone/etc ANYWAY, and that would be a MAJOR betrayal of trust. It's probably just for web-traffic analysis-- pretty standard these days, so the dnc people can say, ooh, 3000 people per second are signing up, and the such.

AT&T does in fact manage it

[Qbans]

I remember seeing one of AT&T's agents concerned about the amount of E-Mail being generated from the site and posted it on NANOG (North American Network Operators Group) which you can see here. I don't really think that there is any "shady" tactics going on here, I think it's more for one of their in house monitoring apps, especially considering the amount of traffic that they received initially.

Its to count the number of people w/o javascript..

[molo]

Here is the snippet from the page http://www.donotcall.gov/ Note that the img tag is embedded in the noscript tag. That is, this img is only loaded in graphical browsers that don't use javascript. Since AT&T has the government contract to implement the DNC list, I don't think there's anything sinister going on here, they just want a count of the number of users that don't use/enable javascript.

-molo

<noscript>
<img BORDER="0" NAME="DCSIMG" WIDTH="1" HEIGHT="1" SRC="http://g6589dcs.nyc2.aens.net/DCS000003_6D4Q/ njs.gif?dcsuri=/nojavascript">
</noscript>

Re:should be called

for the phone company to know in advance of the deadline who is signing up is worth $$$, and if you dial the 800 number, guess who finds out? probably, two phone companies. other permutations too... read the article.

Nothing "weirdo" about Lynx

[bkrrrrr]

There's nothing "weirdo" about using Lynx. It's very effective for many tasks, and far more efficient for using certain websites than Mozilla, et al.

bkr

Re:Off by a power of ten?

[letxa2000]

Yeah, well to me the amazing thing in the story is that the government apparently paid AT&T $3.5 million to build the website. Have you visited the website? I've built more complex websites in a matter of weeks. Even charging $200/hour that would be easily less than $32k.

I would hope that "building" the site for $3.5 million also includes running it, ongoing maintenance, etc. Because if the government really paid AT&T $3.5 million to BUILD it and still has to pay some ongoing fee, they got ripped by an order or two of magnitude.

Government waste isn't surprising, but it's sad when it is made so obvious. A good percentage of the folks here at Slashdot could have done just as good a job for a fraction of the cost and STILL recorded a very good year income-wise.

Re:Not for "tracking"

[jafiwam]

I'd like to point out a reason why someone might put a 1x1 pixel gif in a web page.

Not all versions of IE and Netscape (especially the versions earlier than 4 and 5 of both) render table cells correctly unless there is an object in the cell. Sometimes the cell border is not drawn, or the size specification of the cell is ignored by the browser (which then in turn messes up the layout). So a single-pixel, transparent gif or a non-breaking space character can be put in the cell to make it behave. As a occasional HTML and web page designer, a single pixel gif is a good tool to have around.

In this particular case, it is easy to assume that something illicit is intended, but the presence of the <noscript> tag makes me think that it is an attempt to track what the ratio of JavaScript vs. non-JavaScript enabled browsers visit the page. This web page has had many more visitors and induced many people that may not have the latest and greatest stuff, whomever designed it is probably just trying to figure out what fancy whiz bang tools they can get away with.

Depending on their server set up they may be simply dumping the logs, or have several of the things in the site to generate specific information. (50 million numbers, times 1.2 for revisits, times the number of objects on the page, is one hell of a lot of bits in a log file.) They could have used different hostnames for images to host them on different physical machines, or whatever to break that up.

Note, that it is trivial to set up a virtual folder to point to a separate machine to do the same thing, without using a different hostname. So if it is a tool to link up phone numbers with IP addresses and email addresses (really that's all it would do) then they didn't put much effort into hiding it.

Has anybody thought of ASKING THEM why the thing is there?

I prefer Occam's razor, the simplest explanation is also the most likely one to be true.

This Is FUD by the Telemarketing Industry

[Hiro+San]

I had more respect to the Standard before this. Tracking users is a standard practice for any company managing a website for a third party. After all they have to prove that they are performing for the client. What I am wondering is if someone at the Standard got a kickback from this. I think people need to wake up and smell the marketing Propogranda. The telemarketing industries is in fear of their lives because of the Do Not Call List, and they havea history of dirty tricks to steal money from people. Slaming being on of the more shameles examples. They are certainly not above trying to spread false new stories to increase FUD. Just think about it.

Re:ATT has the contract to impliment the DNC

[studpuppy]

I asked my wife about this, as she worked for AT&T implementing their consumer web site. Her reaction to the questions "wouldn't this give AT&T advance notice that they have 3 months to establish a relationship with these *specific* individuals?" was "Ha! It would take the consumer group 6 months to find out that AT&T even had a Gov't solutions group, and at least 6 more months to figure out how to transfer the information" So it looks like we are safe.. the right hand and left hands of AT&T probably don't realize they share the same body.... (of course, she loved the idea posted elsewhere here that encourages others to include the line of wb bug code into their own websites, and let AT&T track their stats along with DNCs...)

Telemarketers can suck my disk.

[rice_burners_suck]

Hmmm... I know a lot of people who signed up for that stupid do not call thing. They hardly ever got calls before. But now, they're getting tons of telemarketing calls. Know why? Because the law doesn't take effect until next year, and in the meantime, telemarketers have access to the list. Furthermore, to show you how stupid government is: The government is now mandating that companies purchase the list of people they cannot call, and furthermore, the law says that only companies that purchase this list are affected by the law. In other words, if you don't buy the list, you can make the calls. Punishing the companies that did buy the list. Does that make any sense?

That's your tax dollars at work.

It only goes to prove that GOVERNMENT SHOULD NOT GET INVOLVED IN STUPID STUFF LIKE WHO CAN CALL WHO. Don't like telemarketers? Nobody likes them? Then run marketing campaigns all over the damn country that tell everyone to HANG UP when a telemarketer calls! If EVERYBODY hangs up WITHOUT listening to anything that telemarketers say on the phone, then guess what? THE TELEMARKETERS WON'T CALL ANYMORE, BECAUSE IT WOULD NO LONGER BE PROFITABLE ANYMORE!!!

Logical Explanation

[ninji]

Maybe AT&T wants to findout whos on the list as they sign up so they dont call anyone before they see an updated version of the list and have to pay that fine??? Its only logical....