Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tynt Insight Is Watching You Cut and Paste

Posted by timothy on from the peeking-at-your-poke dept.

jerryasher writes "In recent weeks I've noticed that when I copy and paste text from Wired and other websites, the pasted text has had the URL of the original website appended to it. Cool, and utterly annoying, and how do I make that stop? Tynt Insight is a piece of Javascript that sends what you copy to Tynt's webservers and adds the backlinks. Tynt calls that a service for the site owner, many people call that a privacy invasion. Worse, there are some reports that it sends not just what you copy, but everything you select. And Tynt provides no opt outs. Not cookie-based, not IP-based, but stop-it-you-creeps-angry-phone-call-based. It ain't a pure useful service, and it ain't a pure privacy invasion. But I sure wish they'd go away or have had the decency never to start up in the first place. I block it on Firefox with Ghostery."

19 of 495 comments (clear)

  1. use noscript! by Anonymous Coward · · Score: 5, Informative

    Only run the javascript you want.

    1. Re:use noscript! by melikamp · · Score: 4, Informative

      I have to second this. NoScript is now my favorite extension, with ABP being a close second.

    2. Re:use noscript! by virtualXTC · · Score: 4, Informative

      Comparing the false positive rate of ABP to noScipt is about as useful as comparing apples and oranges. ABP is a blacklist based service, Noscript is a whitelist. Therfore ABP only has false negatives (including all of the things you need noscript for). No-script therefore has only false positives. Unfortunately, un-like ABP, a user curated list isn't practical; as soon as you do and whitelist a paticular script, someone will change it to do something malicious.

      ....the fact that some users are too dumb to figure out how to use no-script makes me like it that much more.

    3. Re:use noscript! by Anonymous Coward · · Score: 4, Informative

      comparing apples and oranges.

      You said the magic words!

      Gentlemen, I repost Apples and Oranges: A Comparison

  2. Other script blockers will work, as well by srmalloy · · Score: 5, Informative

    NoScript will also block it, and if you configure it to block by default, Tynt's code will never execute unless you specifically permit it.

  3. Re:Thought JavaScript clipboard was opt in? by FlyingBishop · · Score: 4, Informative

    It's plain JS. It doesn't actually access the clipboard. It just tells what you're highlighting through mouse interaction.

    In any case, I blacklist *.tynt.com in hosts.

  4. Re:If its just JS break it. by TheRaven64 · · Score: 5, Informative

    I often randomly click on a page while I'm reading and select bits of text. If I visit any site that uses this, then they'll get a lot of data but no useful information from me.

    --
    I am TheRaven on Soylent News
  5. Re:Snopes by Unbeliever · · Score: 4, Informative

    I don't use noscript, but have been noticing lots of disabled copying on more and more websites.

    The simple fix I use is to Ctrl-U/View source and copy from that window.

    --
    --Carlos V.
  6. Easy Adblock Plus Filter by CritterNYC · · Score: 5, Informative

    Just add a filter to to Adblock Plus in Firefox. Go to Adblock Plus's preferences page, click Add Filter and enter:

    http://tcr.tynt.com/*

    Then just click OK or Apply.

    --
    Portable versions of Firefox, GIMP, LibreOffice, etc
    1. Re:Easy Adblock Plus Filter by bheer · · Score: 5, Informative

      They also use http://wau.tynt.com/javascripts/TyntLite.js for some pages, so I'd recommend adding http://*.tynt.com/* if your blocking system supports multiple wildcards.

      --
      Go somewhere random
  7. Based on Selection by CritterNYC · · Score: 5, Informative

    It's based on selecting text, not copying and pasting it. So when you select the text in your browser, as soon as you finish making the selection, it sends the info on what you selected back to Tynt. It also adds in the attribution link to the selected text (although you won't see it in the web page). Then when you CTRL-C or right-click and copy as usual after making the selection, you get your selected text and the attribution link.

    That's how it avoids needing to use Javascript to do anything to directly touch the clipboard (which is disabled by default in your browser for security reasons).

    --
    Portable versions of Firefox, GIMP, LibreOffice, etc
  8. rename extension.xpi to extension.zip ... profit! by Anonymous Coward · · Score: 5, Informative

    ... closed-source software?

    1. rename extension.xpi to extension.zip
    2. open extension.zip with unzipper of your choice
    3. read all source-code
    4. ???
    5. profit!

  9. How Tynt.com says to avoid being tracked... by landrew · · Score: 5, Informative

    This from their FAQ - Technical Topics (http://www1.tynt.com/faq-technical-topics):

    Q. How can I block Tynt Insight from monitoring my actions?

    A. Tynt understands that some people are uncomfortable having events from their web browsing recorded in a database. We take your privacy concerns seriously and we are therefore investing considerable effort into developing a feature that will allow users to block Tynt software across all the sites that are using it, from within their own browser. Until we have this blocking feature ready, it is possible to achieve a similar effect by using one of the many ad blocking components available on the net. For Firefox users, we have found Adblock plus to work well, and Super Ad Blocker is effective for IE users.

    I can't wait to download and install software they've written to help me block them from tracking me with their software. Good thing I'm using Ad Block Plus and NoScript while I wait, or they'd know I cut-n-pasted that...

  10. hosts file seems to work by jtroutman · · Score: 4, Informative

    I seem to have stopped this by adding the following to my hosts file:
    127.0.0.1 www1.tynt.com
    127.0.0.1 tynt.com
    127.0.0.1 www.tynt.com
    127.0.0.1 w1.tcr112.tynt.com

    --
    I stole this sig from a more creative user.
  11. in Opera... by AliasMarlowe · · Score: 5, Informative

    Just make sure that the option "Allow scripts to detect context menu events" is left unchecked (this is the default). Then you can select text/graphics/whatever, and copy operations via right mouse click are not observable by javascript.

    In fact, javascript can't detect any right click actions in Opera unless you explicitly allow it. So copy, paste, translate, search, dictionary, encyclopedia, etc. actions can't be monitored by javascript in a web page.

    This feature was in earlier versions of Opera as well, but the checkbox was named differently.

    --
    Those who can make you believe absurdities can make you commit atrocities. - Voltaire
    1. Re:in Opera... by sconeu · · Score: 4, Informative

      Then allow it in your site preferences for maps.google.com

      --
      General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
  12. A comment from Tynt by TyntGuy · · Score: 5, Informative

    I work for Tynt. I appreciate the discussion here and want to make sure that everyone knows we want to be respectful of the opinions here. Not sure i I will get flamed just for wading in, but I hope not. To clarify on a few points 1. Tracking and Attribution – the attribution feature is separate from the tracking features. The tracking features work very much like any other analytics tool. We do not store any personally identifiable information, but we do want to help publishers learn what content people are choosing to preserve and promote. In addition, publishers can turn the attribution feature on or off on their sites. If you want to see what is actually collected - sign up for an account and look at the dashboard, you will see that we are tracking the content, not the user. 3. What if I don’t want this behavior? We are currently working on a global opt out for users who would rather not have Tynt monitor them. In the interim you can opt out on a site by site basis (i.e. the opt out for the SF Gate is here: http://www.sfgate.com/chronicle/faq.shtml#faq1.5%23ixzz0bxLIAbL7). More info on how to not have Tynt monitor you is available in our FAQs here: http://www1.tynt.com/faq-technical-topics#ixzz0bxGzIgPZ but as pointed out in the comments here, NoScript is a very effective tool for this. Derek

  13. Re:Kind of One Sided Review of the Service by guido1 · · Score: 5, Informative

    The copy/paste/autolink behavior is not the privacy concern. I didn't read anyone here saying that it was.

    The privacy concern is (from the summary): sends what you copy to Tynt's webservers...

    So I, as a user of a random webpage, copy something for later pasting. That info, and my IP address, is sent to a third-party, theoretically for the purpose of appending a URL to the end of the text. Is that data also used for something else? Most likely. What company wouldn't try to make use of data it receives?

    Since the same append functionality can be done trivially with some JS without contacting a home server, we immediately hop on the privacy horn.

  14. Re:NoScript by inviolet · · Score: 4, Informative

    Personally I have stopped browsing without NoScript enabled. I sincerely hope that the functionality it provides is adapted as a base feature in future browsers. Javascript is simply too dangerous to be trusted by default. Sites need to earn that trust, IMHO.

    It is in Opera. Opera has built-in site prefs that include java, javascript, plugins, 1st and 3rd party cookies, send referer, right-clicks, etc. These can be configured per site, per domain, and both. Then you turn all that crap off browser-wide, so that your site prefs become a whitelist.

    Opera is so far ahead of its time.

    --
    FATMOUSE + YOU = FATMOUSE