Slashdot Mirror
MS Wants To Identify All Web Surfers
Moochman writes "New Scientist reports on a technology Microsoft is developing to identify users based on their browsing habits. Quote: 'The software could get its raw information from a number of sources, including a new type of 'cookie' program that records the pages visited. Alternatively, it could use your PC's own cache of web pages, or proxy servers could maintain records of sites visited. So far it can only guess gender and age with any accuracy,' but the aim is to be able to identify name, occupation and location as well. On a related note, The Inquirer reports on Microsoft's plans to widen the use of its identity-verification technology CardSpace, which is built into Windows Vista and available as an add-on to XP. It's being envisioned as an identity solution for the entire internet: says Kim Cameron, pioneer of the technology, 'We feel it has to solve all use cases.' (Aha, so the anonymous use cases, too, eh?) One might ask, with all of this user-ID information on hand, how long will it be until the Feds come knocking on Microsoft's door asking for help? They already have."
Now they can find out that I am a dog? Wooof! Woof!
This is probably them fulfilling their obligation for the code they allowed the NSA to incorporate into XP and Vista.
Microsoft can take their ideas and shove them up their asses. What do you think we want Microsoft making these decisions and bringing up these ideas. It is none of their freaking business nor anyone else's if I choose to use the internet.
These people are getting freaking spooky. We really need to shut them down and fast. Stop frigging buying Microsoft products. Protect your security and your privacy by using Linux.
You can lead a man with reason but you can't make him think.
Don't worry, I'm sure this will be an opt-in feature. You won't need to enable it on your Windows machine (yes, there will be desktop component, why not), unless you want to upgrade to Vista SP1, or get IE8, or use Windows Update, Hotmail, or MSN messenger, or Word, or Outlook, or prevent WGA from deactivating your machine after a month.
Frankly, I'm surprised we haven't seen MS-TCP/IP yet (no, wait, marketing name "MS Live Connect"). A proprietary, "safe" networking protocol on top of the Internet as we know it that requires you to log-in and authenticate against their servers to use the Internet, uses their own DNS (by default, but you can change it if you're technically competent enough), and of course makes sure you're not doing anything that could interfere with MS DRM in any way.
Now it's your job, given the content and the topic of this post, to figure out if I'm being serious or sarcastic. Honestly, I am not sure which one it is.
Surely Google is doing this already?
MS is dropping the ball.
Does it go on forever?
That is ridiculous reasoning! Thumb drives hold Gigabytes of data today. Even more tomorrow. A thumb drive with heavy duty encryption to protect the contents is the best way to take your preferences, files, data, etc. with you.
Personal data devices are more secure, private, load faster (oh boy down load my desktop over the Internet...riiight), can be written to faster, don't go down like the Internet, etc., etc. If you want you can have a backup image on a server, but the image would be encrypted and access would be owned by you.
Kids these days and their centralized computing!
Is that instead of using the systems they probably already have, the government is starting to utilize private companies to do their dirty work for them. Another layer of deniability to everything, I suppose. I forget; was North America part of Oceania or did it partially belong to Eastasia?
*ROFL* Who marketed the first beige computer?
Did you ever get the feeling the story is too damn long and in the present tense?
They're the same people who think REAL ID is a good thing, the people who think that the trade of some rights to privacy for a little convenience is a good one.
These people exist, just not on Slashdot.
Not to mention that fact that in order to load your preferences and settings in a random new computer I will need to surf the web for a few hours while MS ID's my web habits. No thanks, I think I'll stick to the few seconds it takes to type in a password.
We hope your rules and wisdom choke you / Now we are one in everlasting peace
Yes, and they aren't the only ones that do or will. The problems, as will be pointed out are many due to the nature of HTTP. All I can think of is DAMN, this sure is another good reason to not buy, pirate, copy, or even borrow Windows Vista.... Perhaps this will help push more people toward a better OS?
Not trying to be a troll. It just struck me as this is another reason to just say no to MS.
Support NYCountryLawyer RIAA vs People
If I wanted to identify myself, I'd do myself, thank you very much!
- Anonymous Coward, and proud of it.
Managing your cookies is a good idea, but it's not nearly sufficient to guarantee privacy or anonymity. For one thing, ad brokers like DoubleClick use web beacons (think of cookies on steroids) as well as cookies. Even ordinary ads are enough to track where you've gone over the course of one browsing session, and I wouldn't be surprised if they can capture your login handle to sites like this one through clever scripting... then they've got you covered over arbitrary numbers of sessions.
That's another reason why I prefer to be AC. Of course, even that isn't good enough for a really determined outfit... but why make it easy for all jerk firms out there (and Google is perhaps atop the list of scary firms because unlike Microsoft, they are filled with employees who believe in their company's mission).
Under corporate feudalism, the corporation has rights by default. Can they do it? Check. Will it make money for them and the shareholders? Check. There are no other questions.
"Only the small secrets need to be protected. The big ones are kept secret by public incredulity." - Marshall McLuhan
That's always my first question when I see an article like this; who could ever think this was a good idea? Obviously not someone who reads Slashdot. I don't know how much Microsoft is paying, but it must be alot if people are thinking that such a ridiculous idea makes sense.
This is precisely the sort of thing that Google is working on as well. It is all about targeted advertising, and Microsoft wants to be a provider of targeted advertising like Google. Q. Why did you think that Google offers you free email service? A. So they can build up their personal profile of you and provided better targeted advertising.
who could ever think this was a good idea?
I know this is probably a tired response, but you can instantly make 98% of Americans think this is a good idea if you claim it (A) helps to fight the terrorists, and/or, (B) protects the innocent children from scary online predators.
The following is a question I posted to another forum after reading this article. It's a genuine dilemma I've been pondering for a while now. I fully expect to get boiled alive for even asking the question, but any input will be appreciated.
-----
You may be aware that the UK leads the world with a billion CCTV cameras on every street corner. Various countries are pondering the adoption of mandatory ID cards. I've just been reading a Slashdot article about Microsoft's proposal to identify users from their browsing history. People have suggested a comprehensive crime-fighting fingerprint database.
I'm opposed to these things. The problem is that I'm having trouble explaining to myself why, precisely, it's a bad thing to have Big Brother watching me. And basing my opinion on a vague premonition of dread is pissing me off.
Whenever a measure such as those above is suggested, newspaper articles will invariably mention objections from civil liberties campaigners. I like civil liberties and am inclined to instinctively agree with those who campaign for them. But comments like "If you're not doing anything wrong, why do you care?" are simultaneously smug, irritating and difficult to torpedo convincingly. Three arguments spring to mind:
1) The government shouldn't know any more about you than it absolutely needs to. I agree with that. The problem is that it seems reasonable to assume that an extreme surveillance society which logs the activity of you, your car, your browsing, your shopping, your library borrowing, your finances and everything else would have an easier time of it in identifying criminals. Does that constitute a reasonable need, and why or why not? This argument is rather abstract and arbitrary for my comfort.
2) Unscrupulous government officials could abuse the information. Hard to argue with that one, and no doubt abuses would occur, but it seems paranoid to reject the whole deal on those grounds given the cost/benefit ratio.
3) It wouldn't work properly, would be insecure, and would be a colossal waste of money. I agree, given the UK's track record in large IT projects, but that's an implementation problem rather than a philosophical objection.
Can anyone give me any other specific, compelling argument against the surveillance society which doesn't rely on an axiom that it's an inherently bad thing? Because this is annoying the hell out of me.
MSFT is just amazing at the depths they will troll to invade a user's privacy. This article only highlights how deep MSFT has their hand up the proverbial *** of the end-user. Data-mining a user's browsing cache? Are you serious? If they can read from the browser cache, what ELSE can they do? And how far will they go? If Joe User has been surfing pr0n sites and accidently comes across something he should see, will MSFT know about it? Will they inform the authorities?
With Microsoft's recent advertising acquisition, will they use this technology to data-mine and serve up targeted advertisements? If they know Joe User is browsing car sites, will they serve up GM ads because GM is an MSFT partner? Will those ads overlay or replace existing ads from other companies? Don't believe it can't happen. We just had a link a day or so ago about spyware doing it.
I cringe everytime I see a computer running an MSFT operating system now. Seriously.
This almost sounds like a dying man gasping for air. Sales from Vista (despite tainted projections) aren't nearly as high as expected. Widespread adoption isn't happening (companies and Federal agencies are shunning Vista for now). MSFT has had to turn up the screws on piracy to recoup lost dollars. Cue the OSS FUD about patent infringement that allows MSFT to squeeze Fortune 100 companies for cash. Now this -- MSFT's attempt to be the identity manager of the Internet.
Not on my computers on my networks. Not now. Not ever.
So how will they identify me? By my work surfing profile, or my home surfing profile?
Yes, I surf at work, both to take a break, and to keep abreast of developments in I.T., specifically, the Java world.
At home, I'll probably surf the BBC, Slashdot, Apple sites, and my blog.
So which "me" does Microsoft hope to profile? Combine that with the fact that I use a Mac at home, and that my surfing habits will change when I change jobs.
Still, methinks this is the quid pro quo for Microsoft's deal with the Bushies to gets itself out of an enforced monopoly breakup....
This space left intentionally blank.
Firefox is all good and well, but you need to
be on a non-Microsoft client. Otherwise, the
Microsoft software under the browser still has
access to all of the data anyway.
Perhaps it is already doing what the article describes.
You are being MICROattacked, from various angles, in a SOFT manner.
Exactly. And because they are dealing with a closed-source solution, there is no direct way of knowing. What's to say an ActiveX component isn't briefing scanning a user's browser cache and reporting that information to an MSFT server. Without a sniffer between the box and the 'net, most people wouldn't be the wiser.
This is why you use Firefox, to disable ActiveX. You also use a better firewall than that provided with XP; one that warns you when a program wants to "call home" and allows you to decide if you're going to let it.
Good, inexpensive web hosting
It's interesting that parent was modded troll, when what he posted was for the most part accurate.
If it is illegal for (spam) companies to glean such information, why would it be legal for Microsoft to gather such info for their own marketing purposes - or those of their affiliates (which broadly covers everyone using Windows Live Search)?
Spam, above is in parenthesis because I am indicating companies, who through similar actions have been considered spam companies.
Though the Linux point may make parent seem like a troll, it too is accurate - and one of the few PC based alternatives... so perhaps to make parent not considered by the over-sensitive on /. a troll, the last paragraph should have read...
These people are getting freaking spooky. We really need to shut them down and fast. Stop frigging buying Microsoft products. Protect your security and your privacy by using Linux, eComStation, MacOSX, or any other OS not from Redmond .Though perhaps that too seems like a troll... but the fact is, if MS has it's way, the only other alternative is to not use the Internet - which isnt going to happen... the truth is not a troll post. The only part of his post that may be inaccurate is the part about the NSA - though the government did request such code be installed in Windows, I dont know if anyone actually ever proved such an occurrence happened, and though MS claimed they would not do such a thing (which we've learned means nothing in the real world), there oddly are enough back doors in Windows to make one wonder.
Mod parent up... just my opinion. You dont have to like what someone posts to realize the validity of it.
StarTrekPhase2 - The Five Year Mission Continues!
There are a plethora of other methods to allow such functionality. Where I used to work, we had a nationwide network, and amazingly, all I had to do was log in to the nationwide network and voila! My home drive, preferences and all available!!! On XP and 2000 based clients!!! Wow!!! Amazing!!!! And that doesnt even cover the semi-thin network clients that did all the same as well...
So, in what way does MS now need to spy on and collect personal information about a user's viewing habits to determine who they are, where they live, and possibly tons of other even more sensitive information to enable a feature that already exists and works?
Explain that to me if you would...
StarTrekPhase2 - The Five Year Mission Continues!
First, theres an article on slashdot yesterday about spyware that has been "approved" by truste and now vista comes with embedded spyware to tell MS (who are trying to break into advertising) where i am, what im looking at and what my name is?
The thing that worries me about all this is the rather lack-lustre response you'd expect from the general slashdot community about breaches of privacy, etc. Have the aliens invaded?
im scared... they only come out at night, mostly...
Seriously though for everything that sucks about vista atm (performance, etc), knowing it had embedded spyware (or what exactly is a "special cookie program"?) would stop me moving to it.
When people are helped along, they tend to become productive much faster than when they're ridiculed and scorned. In this case, the help given to them may help them to become "real Mac users" much more quickly. If you simply explain that there is no such thing as a maximize button, they will probably listen, especially if you provide them with another way to achieve the desired result. If the name "Clarus" means nothing to you... "Clarus" (sic) hasn't done anything under that name since 1998, when they renamed to become FileMaker Inc. ClarisWorks was returned to Apple as AppleWorks, and the last product with Claris branding was discontinued in 2001. (Trust me, I looked.) If you still call it Claris, then buy new software.
It's people like you that contribute to the myth that all Mac users are elitist bastards. I don't know the name of the law that states something along the lines of "the smaller the minority, the more noise it makes", but I'm sure there's one like that, and it's relevant here. (If there isn't, there should be.) I'm a Mac user, and you are (AFAIK) in a very small minority. Unfortunately, since you and the rest of your cohorts prefer to post AC, we'll never know just how many of you there are. A shame, too... I'd like to know just how many people actually post this type of thing.
Clarus != Claris
Claris is the office software. Clarus is the dogcow.
I tend to think this is all overhype, because even if true it isn't something new for tons of companies.
I also find it amazing that the same people that are being so hard on the allegations of what MS is doing are the same ones that for the past year have defended companies like Google for DOING THE EXACT SAME THING, except the Google twist is they have been using FireFox and GMail in addition to searches for tracking people and marketing data. (FireFox users, if you don't already know this, you are stupid.)
Again, tell me why this is a big deal when they accuse MS of doing it, but something to shrug off when Google is doing it, has admitted to doing it, has ties with Firefox to specifically gather data on ALL platforms, and even goes through people's GMail and anyone that sends something to someone using GMail?
This is not to even mention the 1000s of advertising companies that ALREADY do this for every freaking AD on the internet, even here on SlashDot, you are being monitored based on the ADs you click on.
For the GP post, the NSA and Windows Myths are crazy, part of the reason Uncle Sam was pissed at Vista is MS wouldn't make a backdoor for BitLocker, so if you think MS is cooperating with the NSA beyond the standard obligations that OSX and even Linux has complied, you are high.
Besides if the NSA wants information, having a hook inside an OS would be the LEAST effective way of getting it. They could gleam 10 of 1000s of times the data from just monitoring network traffic, which they already do and have done since the 1980s.
And thanks to ignore the Law Bush and Gonzo, the NSA has been doing this with all domestic traffic and voice communications now too without any warrants. If people want to bitch about Big Brother, they should look to Washinton DC, not Washington State.
>pfft no they don't. i paid for a license to use windows,
Great for you, personally I actually bought a copy. Even though it doesn't mean I hold any copyrights to it, the laws of my country allows me to use the copy without the need of any license, contract or permission at all (regardless of if I would actually own it or not, so borrowing it would be quite OK too for example). Of course, just like with you, I have similary not given any permissions to MS.
I neither abandon Microsoft software, nor do I leave myself open to tricks like Microsoft's latest dream of world conquest. I choose a middle ground.
I run the Windows software I cannot or will not replace in a virtual VMWare sandbox with no internet connection (just a local intranet connection). That way, I don't feel the urge to update Windows (I generally use Win2k sp4) or play the old "whack-a-mole" game with viruses and trojans. It's not perfect, and I still use Wine for the occasional Windows game (I don't stay up-to-date there, either, preferring older games), but I avoid a whole lot of pain and most of the risk in using Windows software.
There's an old saying in computer software (and yes, it's US centric. sorry about that): You can tell who the pioneers are, they're the ones with arrows in their backs. Avoid being a pioneer, and all sorts of viable solutions to Microsoft's schemes and dreams present themselves.
"My country, right or wrong; if right, to be kept right; and if wrong, to be set right." --Senator Carl Schurz (1872)
Anybody who wanted to sell your information to others, for another.
Yes, the ability to learn more about you than you knew you were disclosing can be used for good or evil, and can be intensely profitable, and it's already been done. Gmail was invitation-based, ingeniously, because it not only gives Google a lot of data to mine, it also provides meta-information on how people are related. Who are the connectors in your social network? Who's interested in gore-tex sporting goods or is on the mailing list of the Green party? Google knows.
Google is not even the most evil one in the information warehousing/mining game. You are profiled more than you think already- don't believe for a second that if you're applying for a big loan or are being scrutinized for a big-deal job that every bit of your legal, financial, and public personal history isn't already available for a price.
Microsoft is playing catch-up in the realm of exploiting personal meta-data for profit.
If there's one thing I won't stand for, it's intolerance.
1) legitimate reason: MS is a SW company providing solutions to customers. Big problem online is proving you are who you say you are to a 3rd party. How does a merchant verify I am who I say I am (and that they are not taking on a fraudulent transaction which they will be held responsible for)?
How does bank or stock broker verify it is you doing a money transfer or stock transaction?
How can I prove my age complies with laws regarding age? Are you "thirteen"? Are you "eighteen"? Are you "twenty-one"?
If the good senator from N/S. Carolina is determined to enact age-verification to adult websites, do you have to give a credit card with your age that maybe could be verified against a card-holder database? How can you verify age?
How do Ebay parties verify they aren't entering into a scam?
These are all "legitimate" areas where there is a need for some type of user identification/verification. It is a legitimate problem in doing commerce on the web. A software company has every "legitimate" right to attempt to create a solution. So your first statement and its conclusion regarding motive is flawed.
Regarding your second statement about this being a reason to use a different OS. That's also logically flawed, since we are identifying people from browsing habits -- something that would be OS neutral. People still browse with Linux and Mac-based computers. In fact, using an alternate browser and OS puts you in a minority of sorts -- providing additional identification factors. If you wanted to remain "anonymous", standing out from the crowd isn't a great way to do it.
That people agreed with you and marked you insightful only shows how many others on slashdot have similarly faulty logic.
Do YOU realize that MS claims they are going to be doing this, it is being developed by MS China
from Microsoft's research lab in Beijing, China where I am sure the government there is supporting and/or assisting them, and that with MS' ability to control and monitor the OS and IE, these "theoretical algorithms" are in reality far from theoretical. You act like this is working software already on people's computers without their permission. Geesh.Working software - yes - in test versions from what the article says - it does indicate they've done enough work on it and studied the results sufficiently to glean a bunch of the information they are already after.
already (installed) on people's computers without their permission. - without their permission? You mean like WGA and numerous other components in Windows that the closest thing to permission is "Agree to this EULA or dont use any of our software"? Yeah... I can see it happening. Fits their track record very nicely.
StarTrekPhase2 - The Five Year Mission Continues!