Slashdot Mirror
Race On To Fingerprint Phones, PCs
theodp writes "Advertisers no longer want to just buy ads, reports the WSJ. They want to buy access to specific people. In response, the race is on develop digital fingerprint technology to identify how we use our computers, mobile devices and TV set-top boxes. Start-up BlueCava, an anti-piracy company spinoff, is building a 'credit bureau for devices' in which every computer or cellphone will have a 'reputation' based on its user's online behavior, shopping habits and demographics. By the end of next year, BlueCava says it expects to have cataloged one billion of the world's estimated 10 billion devices, and plans to sell this information to advertisers willing to pay top dollar for granular data about people's interests and activities. It's 'the next generation of online advertising,' said Blue Cava's David Norris. As controversy grows over intrusive online tracking, regulators are looking to rein it in — the FTC is expected to release a privacy report Wednesday calling for a 'do-not-track' tool for Web browsers."
Time to grab a copy of BeOS and start doing random stuff.
Cock-sucking mother fucking advertisers. Someone should start "removing" them from the gene pool.
put together a company that rents out devices.
"monthly/weekly/daily device rentals, just pay your cell phone bill on time and we'll ship you a used device every month! just hang onto your SIM/SD card and we'll default the device/let somebody else use the 'fingerprinted hardware'"
Anonymous proxy?
Each user could be assigned a block of IP addresses, like a persons telephone number
Any devices owned by the user would use those IP addresses..
Quite easy to manage I guess
...The Coporate States of America, once this technology is enabled on the new smartphones? This looks like a freedom-lover's worst nightmare. We have enough pop-up ads on the internet, now I have to deal with them on my phone too??
then this start up has left their start a little late. There's already a few people doing similar things, for example:
threatmetrix.com
www.iovation.com
Boffoonery - downloadable Comedy Benefit for Bletchley Park
Of course right now anyone who care enough can block tracking scripts, web bugs, ad servers, and so on.
But if something like this would ever catch on in a big way, the internet could eventually be increasingly closed off to those without a good "score". The very act of acting to avoid being tracked will also put ever increasing amounts of the internet off limits.
Make no mistake, the internet may have started as an open thing, but it is a HUGELY juicy target for people wanting to control it. Anything they can do to this end, they will do. Right now someone motivated enough can avoid this control, but that isn't an acceptable situation for people who want to "monitize" every last damn thing. Users having ultimate control is not going to be something they will tolerate, because users with control can subvert their tracking and monitization intentions.
This has VERY interesting possibilities for digital forensics as well. I get the feeling that the bluecava guys aren't even aware of that possibility yet. This would allow web interactions to be more thoroughly traced to a particular machine. Given the ability of most companies to put a particular person behind that machine (whether surveillance or electronic controls), suddenly your machine AND your interactions are subject to investigation at any time.
libertarianswag.com
Don't MAC addresses do this already (aside from some of them removable)?
I thought that read "anti-privacy". It turns out to have the same meaning.
How about we make it a 64 bit id and call it an ip address? Having a static, routable IP address would make it worth it to me. Then when I really want privacy I can use a proxy.
It looks like in this case they are trying to use the UserAgent and other info available to javascript, like the EFF warned about. Check that link out, you can discover how unique your browser is.
Qxe4
n/t
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Don't use a cellphone. Use Web browsers you can control.
So, lets make fun of their proposed techniques. From the fine article:
1) Delta T between local clock and webserver clock. solution, NTP brings that to zero aside from timezone, and also don't let your browser tell the server what time it thinks it is.
2) Fonts. You gotta be kidding. Surrogate for the combo of OS and locale. I have not installed a font on a microsoft product since winders 3.11 era.
3) Screen size. Again, you gotta be kidding. Also tell your browser not to tell the server, or lie with a small random delta.
4) Browser plugins installed. Again, you gotta be kidding.
5) User agent. People have been spoofing those for the past 15 years, mostly just "recently updated FF, MSIE, or ancient debris".
Adds up to .... Um... So my unique device lives in central time zone, has a 1600x1200 monitor, XP, and the standard plugins. That narrows me down to a couple million devices.
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
My profile will tell advertisers to leave me the f*ck alone. I don't want all their crap. I don't want them tracking me. I won't buy the crap they push on me. They're wasting their time and money by trying to track me and advertise to me.
Damn, I love capitalism!
You have every right to track my activities and I have every right to purchase back my own privacy.
Is everybody happy? I am.
I will create a sig when innovation restarts in the U.S.
They not only have to profile all devices on almost all sites, they also have to get merchants to share who made a purchase. Vendors aren't going to share this for free and without any control. Then they'll have to get the EU to approve it.
tomorrow who's gonna fuss
You know, it's easy to get inflamed about this idea since it's all about advertising, tracking, privacy, and corporate profits ... but if a similar article appeared about a system designed to counteract spam and fraud, I wonder what the reaction would be here on slashdot?
If libertarians are so opposed to effective government, why don't they all move to Somalia?
The way I see it, people need to share their surfing. Make the tracking companies see the aggregate of several (random) people's surfing habits rather than just one. Maybe random swapping of IP addresses from time-to-time? (I'm not trained in internet protocols, so I have no idea how this would be done.)
"the race is on develop digital fingerprint technology to identify how we use our computers,
mobile devices and TV set-top boxes."
should read:
"the race, FUNDED BY THE N.S.A., is on develop digital fingerprint technology to identify
the USERS of computers, mobile devices and TV set-top boxes."
Yours In Minsk,
Kilgore T.
This would be the reaction:
Your post advocates a
( ) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
( ) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
( ) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!
And the men who hold high places must be the ones who start
To mold a new reality... closer to the heart
That is an interesting take. Let the advertisers target the hyper-consumerists (ie, the majority) and leave the rest of us alone.
Of course, then they might object to giving "deadbeats" access to "free" content which is ad-based. Why allow us to watch X if we're not going to pony up for the shiny things being advertised between bits of content?
anything more than a new gee-wiz "service" for Madison Ave. to tout. Where's the demonstrable benefit to businesses ?
Nullius in verba
(As subject line.)
In a few years, we can all dine out at Taco Bell as we watch President Schwarzenegger discuss how our corporate overlords love and cherish us, and how they have our best interests at heart.
This has 1984 written all over it. This technology can and will be abused.
If it was this intrusive, I suspect not so well either.
It's not like we've shown whole-sale support for "enhanced" pat-downs and invasive scans in the name of looking for bad guys. Most of us will be ready to pillory any idiot who says "if you're innocent, what are you worried about" -- because it's bullshit.
This level of invasiveness is just not something most of us are willing to live with. And, for the benefit of advertising, not at all.
Lost at C:>. Found at C.
Psst ... you're supposed to check the appropriate boxes or it's not funny. ;-)
Lost at C:>. Found at C.
Not likely, folks around here also get upset when this sort of thing is done for security reasons because it frequently ends up being used for other things. Sort of like the GPS built into handsets for 911 use which is now all of a sudden available for law enforcement surveillance. And how Onstar can initiate a session where they listen in to whatever you're doing in your car. Sure it doesn't have to happen, but in practice the spineless cowards demanding more safety tend to drown out the individuals who want a bit of balance.
not really.
if you love privacy then you jailbreak/root your phone. and disable this crap or install safeguards. My iPhone for example serves up ZERO ad's in any apps and the browser, easy to do once you have access to the hosts file inside.
Do not look at laser with remaining good eye.
Either a way to completely disable their ability to do this, or to get off the internet permanently. DO. NOT. WANT.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
When one person does it to another, it's called stalking. When a corporation does it to everyone it's called marketing.
Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
...I don't view ads on the internet. Ever. Not on my phone, not on my desktop/laptop, nowhere. The only advertising I see is on live sporting events on TV. Otherwise I watch TV delayed on my DVR and zap through the ads. They can waste all the money they want on me. I'm not looking at ads.
There I fixed their shithole tag-line. (Making a note not to ever do work or business with these annoying assholes.)
This is the NSA, we're gonna geet U h@x0r5! Also, what is a h@x0r5?
Every time a story pops up about another company trying to figure out ways of monetizing personal information people get up in arms about privacy. I have mixed feelings on the subject, since advertising is what pays for a lot of free services. Between hulu, pandora, and gmail I am happy to be in the cross hairs of advertisers. That said, I do wonder precisely who this information would be valuable to. Imagine a potential employer being able to drop a few dollars to pick up data on your browsing history, buying habits, and memberships on different web sites. "Sure, we were going to hire you... but then we noticed you tend to post on slashdot during work hours!"
Of course low numbers are to be expected with a Linux entry in the fingerprint: NEXT year is the year of the linux desktop!
Odd, a business can stalk you and it's "just business", but if I stalk you I'm a felon.
Free Martian Whores!
That may be more difficult than you think, especially if you do not want to break things.
https://panopticlick.eff.org/
Wear disposable gloves...
It also means I dont get germs from the keyboard/pad
So the new status symbol will be constantly complaining that you're being spammed by the Bentley Dealer's Association to come to their annual golf outing to Dubai.
I vow to never buy from the company advertising. If everyone did that, the problem would cease to exist.
---- Booth was a patriot ----
> Your browser fingerprint appears to be unique among the 1,280,368 tested so far.
yeah, it says that every time I try it, over 30 times from this machine!!
fail
I've been looking for a good reason to quit using the internet. Maybe the borgification of today's web will lead to better, more secure things in the future.
The internet is built by geeks... yet geeks hate what this internet is becoming. I think it's high time tech workers built a world wide union and got themselves some professional standards.
Oh, crap! I checked them ALL!.
The village elders are about to break their buckled hats and shoes out of storage. Some think the most precious future resource will be potable water. Nope: it will be true anonymity.
...coming soon a Firefox add-on/applet/daemon/distro that is fingerprinting-proof.
See, now that's funny. :-P
Lost at C:>. Found at C.
Do your shopping on Amazon in text-mode browsers and whine to their customer service department when they require JavaScript.
"Ubuntu" - an African word meaning "Slackware is too hard for me."
How about this for a plug-in:
It will upload addresses you visit to a huge anonymous pool, and retrieve random addresses from this pool as well, loading them (fully) in the background. Say a random page once every 10 seconds (or even better - at random time intervals). It will also visit a minimum of four links from each page it visits.
It will install random plug-ins as well (preferably making them inactive, but without revealing it), just to hide that as a potential signature.
It uploads tracking cookies to a huge anonymous pool, and downloads random replacement ones instead, confusing the hell out of anyone trying to make sense of it.
Instead of passively sifting through the crap they feed us, feed them crap in return.