Slashdot Mirror
Researchers Expose Tracking Service That Can't Be Dodged
Worf Maugg writes with this excerpt from Wired:
"Researchers at U.C. Berkeley have discovered that some of the net's most popular sites are using a tracking service that can't be evaded — even when users block cookies, turn off storage in Flash, or use browsers' 'incognito' functions. The service, called KISSmetrics, is used by sites to track the number of visitors, what the visitors do on the site, and where they come to the site from — and the company says it does a more comprehensive job than its competitors such as Google Analytics."
The data collected can be used to track the user over several sites, as the "cram cookies" are persistent through browsing sessions. The only way to remove them is to clear all browser cache data on close and restart the browser. Sounds like privacy invasion to me - although ISPs forced to log user activity is far more damning than these transgressions.
When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
Ghostery claims to block KISSmetrics fully...
I checked my privoxy config and I have apparently been blocking this for a long time.
Where can I get software to defeat it? Or a clear enough description that would allow me to write that software?
Please do not read this sig. Thank you.
It seems their tracking is using some javascript code. Noscript. No problem.
It tracks your presence and where you go on THEIR site. If you don't like it then don't go there.
You can use Ghostery to block this and many other tracking scripts. http://www.ghostery.com/download
This can be dodged by disabling javascript, like everyone already does, who cares about privacy.
I also appear to have dodged it by having their servers blocked in /etc/hosts. Not sure at which point I did that.
Comment removed based on user account deletion
So when are the antivirus companies going to block it?, its clearly malware, and are the FBI going to investigate them for "hacking" ?
Taking a quick look at the JavaScript they use there doesn't appear to be anything particularly unusual going on such as browser fingerprinting, or even as encompassing as evercookie which can be easily defeated using built in browser options. The only thing that seems different about it is that it attempts to use more storage techniques than other tracking services, browser local storage , e-tag tracking, and ie userdata storage in addition to the common browser and flash cookies. To say that it "can't be dodged", while possibly true for the average user, doesn't hold for anyone who knows how to configure their browser for greater privacy.
... Or you could just start using paper to get your information again.
Holy crap! There's midget porn on paper?!
According to the KISSmetrics site:
Now, I'm no fan of tracking or advertising, but TFS/A sounds like scaremongering to me, I fail to see how this service is any more "unblockable" than other analytics providers such as Google. Moreover, since many people are signed into Google all the time for things like Gmail, I'd say Google has the capability to tie a lot more personal information to a site visitor in Google Analytics.
That's not to say that Google share said information with GA account holders, but then KISSmetrics claim not to share personally identifiable information either:
https://alephnull.uk/
Evercookie
Isn't it wonderful?
Posting this in hopes that those who create the browsers read it (again).
All of those things should be capable of being cleared by a user from the options menu.
It might not be a large size, but multiplied a 1000+ times, it starts to gain size.
As more and more storage methods get added to web browsers, there NEEDS to be a decent file manager for them.
It is simply shocking that there are no decent methods of accessing this data without having to go through a hell of a time with extensions and various external readers to even get to them.
I know the File API is being worked on just now, but it can't be stressed enough that there needs to be better access to stored files from websites.
Every browser should have a Files page in there options, with access to all content saved by sites, just in exactly the same way that cookies have been since as long as I can remember.
If you guys seriously expect the web-as-an-app age to take off, THIS IS A MUST.
yes, most porn on internet originally originated from paper publications. midget, animal, everything.
in such, it's the internet that proved to everyone that yeah, sexual stuff does happen. you no longer needed to go to a city with a sleaze district to know.
anyways, if sites are dynamically created, it's easy enough to make every link ride POST information or a trailing argument in the url which can used for tracking a particular users link journey through the site. how it would be news I don't know though.
world was created 5 seconds before this post as it is.
The wired article says that it won't name the other prominent websites. One that is named in the report: foxnews.com. By searching my own cookies I found that moveon.org was using it as well. Just open your cookies file and search for "km_ai" to see who else has used it.
Looking at my cookies, I see a bunch from different sites which are all called ACOOKIE and all start "C8ctAD" and have other long string matches in the content.
I wonder if this is doing the same thing.
Can't track me if I don't bother visiting their site and just view their content through a cache and use noscript
If they used this data and released to the World for FREE, we could find out which websites are the most popular and maybe the best - like porn!
Hey! What's a Slashdot thread without a web technology article being related to porn? Hmmmmmm?
"How KISSmetrics Tracking Works
KISSmetrics uses a variety of technologies to track people across the various browsers and computers they use. In doing so, we provide our customers a full view into how their customers interact with their websites.
Sites who use KISSmetrics may choose to provide us with personally identifiable information for their customers, or they may choose to use anonymized identities.
Sites have always had the option of using one of our server-side APIs, which do not set cookies or use any other means of identification. As of July 2011, sites may also choose to use only traditional cookie-based KISSmetrics tracking, which means that user information would be cleared whenever the consumer cleared their browser cookies.
For consumers who do not wish to be tracked by KISSmetrics, the freely available AdBlock Plus extension will prevent their information from being tracked by KISSmetrics. Learn more about AdBlock Plus.
The Technical Details
When a person visits a site that is using the KISSmetrics Javascript API, two javascripts are loaded:
t.js
i.js
t.js is the same for all people who visit a specific site (t.js is unique to each KISSmetrics customer).
i.js returns a unique âoeidentityâ for each person. This identity is just a random set of characters â" it does not contain an email address, name, IP address, or anything else that would be useful for identifying a person outside of KISSmetrics.
When i.js loads, we set ETags and HTTP headers to tell the browser to cache the value of i.js for as long as possible. We also set the personâ(TM)s random identity in a first-party cookie and as a third-party cookie on our domain (i.kissmetrics.com).
This means that if a person clears their browser cache or cookies, the random identity is likely to persist and that person will keep being âoeknownâ as a consistent random identity. If the random identity persists in one of these methods, we will reset the others so they all share that same random identity.
We do not use CSS or other versions of the technique known as history knocking.
The cached value for i.js is unique to a person, regardless of which site they are visiting. This means that to KISSmetrics, we know a single person by the same randomly-generated identity whether theyâ(TM)re visiting customer site A or customer site B. However, there is no way for our customers to access each others' data or know anything about a person's activities on other sites.
This is similar to credit card purchases â" Store A knows what you bought at Store A with your Visa. Store B knows what you bought at Store B with your Visa. Visa knows what you bought on Store A and Store B, but does not share that information between vendors. Just like Visa, KISSmetrics does not share any information about your interactions with Site A with Site B or with any third parties.
The Privacy Details
KISSmetrics has never, and will never, share personally-identifiable customer information with any third party sites.
KISSmetrics has never, and will never, share anonymous customer activity of what people did on customer Aâ(TM)s site with customer B.
Person data is available to the KISSmetrics customer for the lifetime of their relationship with KISSmetrics. When a customer ends their relationship with KISSmetrics, they may request that their data be deleted within 30 days.
If you have questions, weâ(TM)re happy to answer them at privacy@kissmetrics.com."
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
It's bad enough when the government invades our privacy wantonly, but they'll also let corporations do it at will. And not even over security concerns, but for revenue. Meanwhile we're all treated like suspects to a crime by one bill after another from Congress, and the collusion of the ISPs.
There are always ways. It only depends on how much effort you want to put into it. You could use proxy servers to mask IP and change them frequently or even jump from one free wifi hotspot to another. You could repeatedly purge all your cache, cookies, history etc after every site you visit.
If you RTFA, you'll see that this service is using persistent storage on your computer that is NOT contained in your cache, cookies, or browser history. Even using a DIFFERENT BROWSER on the same computer (i.e. Firefox, then Chrome) this site can track you and link your sessions. I regard this a as a browser bug, and it needs to be fixed in the browser. We can't rely on legislation or promises of good behavior from website operators to fix this problem. It really needs to be fixed in the browser, or, if it is a Flash issue, it needs to be fixed in Flash. I hope a patch comes out for Firefox soon!
If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
This can be dodged by disabling javascript, like everyone already does, who cares about privacy.
I also appear to have dodged it by having their servers blocked in /etc/hosts. Not sure at which point I did that.
Blocking access to the KISSmetric site is only a temporary solution as it will do nothing to solve the underlying security problem which this site is exploiting. There's nothing to prevent other services from springing up which do much the same thing. This is a problem which must be solved in the browser.
If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
1. AdBlockPlus
2. NoScript
3. Flash is set to NOT store any data at all
4. Firefox set to dump cache, cookies, everything... at browser close
It's a real pity that Ghostery isn't free software.
It has a look-but-don't-touch licence for the source code. Being able to look is better than nothing, but if no one can modify or fork it, then it's unlikely that anyone's reading the source code at all. I wouldn't trust my privacy to something with no community or third-party oversight.
Here's gnu.org's list of free, mozilla-compatible add-ons:
http://www.gnu.org/software/gnuzilla/addons.html
For privacy, there's only really Noscript and Requestpolicy.
Expert in software patents or patent law? Contribute to the ESP wiki!
goto http://www.kissmetrics.com/how-it-works and get tracked:
{!-- KISSmetrics for kissmetrics.com -->
{script type="text/javascript">
var _kmq = _kmq || [];
function _kms(u){
setTimeout(function(){
var s = document.createElement('script'); var f = document.getElementsByTagName('script')[0]; s.type = 'text/javascript'; s.async = true;
s.src = u; f.parentNode.insertBefore(s, f);
}, 1);
}
_kms('//i.kissmetrics.com/i.js');_kms('//doug1izaerwt3.cloudfront.net/bd3a8adc30561f08e0ccb9ad3120aa1d14b25d05.1.js');
{/script>
with my htttp://i.kissmetrics.com/i.js :
var KMCID='IEkB3hUXZTz9zHRV1r51WjJJlB8';if(typeof(_kmil) == 'function')_kmil();
Quote from the KISSmetrics how it works section: "When a person visits a site that is using the KISSmetrics Javascript API, two javascripts are loaded".
Guess what? My SeaMonkey browser is using the NoScript plugin. This prevents the initial execution of java applets, javascript, flash and so on.
So if I want to opt out from this completely (just like I did with Google analytics) I simply tell NoScript to distrust anything from kissmetrics.com. Just like I did for google-analytics.com. Happy tracking!
How these researchers managed to come up with "it cannot be evaded" while immediately mentioning the AdBlock plugin in the same section is way beyond me.
So there you go. NoScript->no KISSmetrics. "Can't be dodged"? Nonsense. For those who canot live without JS it should be trivial for a plugin to detect and delete their scripts. As usual the evil "tracking" requires the active cooperation of your browser.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Question:
Would modifying my MacAddress stop this kind of tracking?
#echo "120.0.0.1 i.kissmetrics.com" >> /etc/hosts
This sort of thing is why the EU's half-witted privacy rules on cookies miss the point.
The thing to control is the tracking of users (particularly without their consent), and the storage and onward transmission/sale of user-information - not some particular technology that is being used to do that at any given stage in the evolution of the web.
Of course, if your legislative process is owned by the corporate world, or your voters believe in the rights of corporations, rather than citizens, that is unlikely to happen.
Paul "Say no to feeping creaturism"
On our site we did a comparison between our local stats and Google analytics, we found that so many people are blocking them ithere was a skew that fluctuated between 5 to 15% from day to day....
We now run OWA which does a pretty good job.
Sure, there are ways to dodge it, but honestly browsing the web shouldn't be some sort of cloak and dagger affair. I just want to get information without people invading my privacy. That should be something guaranteed by law. In a public library you don't need to sign your name at the door, unless you want to keep the book for a few days. People should be able to inform themselves without being monitored.
Get everyone to set their key to the same value. >:D
"This guy's been on 2,500 websites every 6 seconds!"
1 - Anonymous redirection, something like TOR
2 - Forbid anything of theirs to run on your computer.
And then, for #3. Find out who is using it and boycott their companies products/services.
---- Booth was a patriot ----
The main trick used was to persistently store data via Flash. The article did say that other persistent storage techniques were used (SQLite, localStorage, etc .. technologies iOS has as well) but one less, and a very commonly used technique, is rendered useless if you're on an iPhone or iPad.
The best thing about a boolean is even if you are wrong, you are only off by a bit.
I don't know anyone who disables javascript. I disable scripts on an individual basis when I can see they're up to no good (ads/tracking/etc) but more often than not now sites require javascript just to load.
It's called a web browser.
EFF has shown that you free transmit all sorts of info, that taken as a whole, can uniquely identify you.
Visit it yourself and see where you're at: it told me my fingerprint was unique out of over 1.6M browsers already checked.
You can block pieces - such as using NoScript, or Tor - but then you only *reduce* your uniqueness
The best thing about a boolean is even if you are wrong, you are only off by a bit.
just how many entries does kissmetrics.com have for Lynx?
Anons need not reply. Questions end with a question mark.
Some of us sheeple like to watch youtube.
You do I (sometimes), but I use only HTML5 video tags to do so... no javascript (or Flash) required.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
the persistent tracking can only be avoided by erasing the browser cache between visits
Problem solved:
http://news.cnet.com/i/tim/2010/12/07/12_04_10_DoNotFollow_Firefox1.jpg
Google and Facebook are more likely to be able to track you despite you trying to avoid it. Their stuff is "everywhere". If you use their services and go somewhere else but somehow still load stuff (images/scripts) from their servers (or servers they can get info from) they know who you are and what IP you are currently using.
That's what RequestPolicy is for. You can control what images/scripts/content from other domains gets loaded on a site-by-site basis in a way similar to Noscript. It's great in addition to Noscript (not as a replacement).
For example, when you load Slashdot with RequestPolicy turned on, you don't get any of the static content like images/css because that all seems to be stored on fsdn.com. You can easily select the RequestPolicy icon and tell it to allow requests from slashdot.org to fsdn.com. In a similar manner, you can let google.com load scripts and content from google.com while preventing other domains from doing so.
It's really the only way to prevent client-side tracking services that haven't yet hit the blacklists. It's more than the average user would be willing to do, but if you really want to stop tracking or you're just interesting in seeing which CDNs and how many off-domain resources sites use, it's worth checking out.
Somebody wanna post a list of sites using this so we know to avoid those sites???
I was kind of hoping this was Google's doing - I was looking forward to the hilarity of watching Slashdotters' verbal and logical contortions while attempting to explain why it's actually a good thing...
#DeleteChrome
> ...it should be trivial for a plugin to detect and delete their scripts.
And in fact Ghostery already does so.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
I went to that site and it said
Your browser fingerprint appears to be unique among the 1,684,880 tested so far.
HAHA! ... Wait, what?
HAND.
APK, is that you?
The guy in charge says they are not doing anything illegal, so I feel a whole lot better. Sort of like when a bank says they're not doing anything illegal when they send you the 12th set of final mortgage papers and then tell you there's a mistake (for the 12th time) and you have to submit everything again and they've already charged you $80000 in fees... Nope, no problem there.
Sorry, but gray text on gray background is making my eyes bleed.
I think that if you read the article you will find clearing the cache will remove the tracking cookies successfully. My guess is that the program uses Flash cookies to work across browsers so I think you would be safe provided you cleared flash cookies, cookies and the cache (to solve the Etag problem).
Anonymous Pussy Koward is just some feeb.
He is nothing.
I disabled jscript by default and only allow a few whitelisted sites to run em. Much easier on me and keeps FF running a bit faster because I don't have tons of shit in the about:config listing for noscript.
Mod me up/Mod me down: I wont frown as I've no crown
I want a feature on a web browser that bypasses images with sizes below a threshold. For example, if all 1x1 pixel images were discarded, a lot of tracking methods would fail.
I'd like to be able to specify the smallest acceptable width or length. That way, a tall, one pixel wide image can be discarded if someone tries to be sneaky.
My superior solution uses both Adblock Plus lists and Hosts lists. Basicly it a script that pulls several Adblock Plus and Hosts lists, mangles them and converts them to a format that SquidGuard can eat. My firewall redirects all HTTP traffic SquidGuard which then redirects all hits to a PHP page that checks for the mimetype of the offensive link and returns a clean tiny of same mimetype to my browser. This way the site thinks I've downloaded the ad, but it is never shown nor do I have to wait any longer than to get the headers of the ad. It also does some magic on known tracking urls and randomized the used IDs etc. I might have to do some tweaking in the future if enough ad services begin using HTTPS though it would only require me to add a cert to my machines and I could again tunnel the traffic throught SquidGuard.
In the past I used the HOSTS file method but there was couple sites it was problematic with and also it is so much easier to managed blocking from one server than from all my dozen or so computers.
- Raynet --> .
http://yro.slashdot.org/comments.pl?sid=2356916&cid=36935730
Good luck... you'll NEED it!
(So, thus - You have a chance to prove yourself, by disproving every point I put down there then, & make me out to be "nothing" then... ok?)
APK
P.S.=> Because right after that? You'll also have to disprove this:
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE
(Which contains the REST of what I do to, above & beyond my last few posts here, to as fully-as-I-know-of-possible, "layered security/defense-in-depth" secure a Windows NT-based Operating System (& I've been doing guides like this since 1997 online, & long before that on IRC also)).
Of course, after that too?
Well - You'll also have to show others here that you've done more in the "art & science" of computing than I have, before I have, & I probably did it while you were STILL IN DIAPERS I strongly wager (& I quit "chasing ink" a decade ago in this field, mind you AND, this is only a small, PARTIAL LIST of my "favs" over time (I can put out a LOT more, easily)):
"My Name is Ozymandias: King of Kings - Look upon my works, ye mighty, & DESPAIR..."
----
Windows NT Magazine (now Windows IT Pro) April 1997 "BACK OFFICE PERFORMANCE" issue, page 61
(&, for work done for EEC Systems/SuperSpeed.com on PAID CONTRACT (writing portions of their SuperCache program increasing its performance by up to 40% via my work) albeit, for their SuperDisk & HOW TO APPLY IT, took them to a finalist position @ MS Tech Ed, two years in a row 2000-2002, in its HARDEST CATEGORY: SQLServer Performance Enhancement).
WINDOWS MAGAZINE, 1997, "Top Freeware & Shareware of the Year" issue page 210, #1/first entry in fact (my work is there)
PC-WELT FEB 1998 - page 84, again, my work is featured there
WINDOWS MAGAZINE, WINTER 1998 - page 92, insert section, MUST HAVE WARES, my work is again, there
PC-WELT FEB 1999 - page 83, again, my work is featured there
CHIP Magazine 7/99 - page 100, my work is there
GERMAN PC BOOK, Data Becker publisher "PC Aufrusten und Repairen" 2000, where my work is contained in it
HOT SHAREWARE Numero 46 issue, pg. 54 (PC ware mag from Spain), 2001 my work is there, first one featured, yet again!
Also, a British PC Mag in 2002 for many utilities I wrote, saw it @ BORDERS BOOKS but didn't buy it... by that point, I had moved onto other areas in this field besides coding only...
Being paid for an article that made me money over @ PCPitstop in 2008 for writing up a guide that has people showing NO VIRUSES/SPYWARES & other screwups, via following its point, such as THRONKA sees here -> http://www.xtremepccentral.com/forums/showthread.php?s=ee926d913b81bf6d63c3c7372fd2a24c&t=28430&page=3
It's also been myself helping out the folks at the UltraDefrag64 project (a 64-bit defragger for Windows), in showing them code for how to do Process Priority Control @ the GUI usermode/ring 3/rpl 3 level in their program (good one too), & being credited for it by their lead dev & his team... see here -> http://ultradefrag.sourceforge.net/handbook/Credits.html or here http://sourceforge.net/tracker/?func=detail&aid=2993462&group_id=199532&atid=969873
AND lastly: http://g-off.net/software/a-pyt
See subject-line above... but, I like how you're combining AdBlock lists AND HOSTS... I may look into that myself possibly!
(I recently also started hauling in reputable DNS block lists (DNSBL's) recently (past 4-5 months now too, to supplement the HOSTS sources I noted in the post you replied to)).
Here's a "tip" for you, since you're doing what you are:
* There's also IE's TPL's you may wish to look into also -> http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/
So, while you're @ it, doing as YOU do, which isn't half bad other than sounding like it needs more "moving parts" & MAY "eat CPU cycles"? Look into IE's "Tracking Protection Lists" as another valid source for blocking data!
(This is another avenue I have intended to pursue, & might as well share it with you also).
APK
P.S.=> I got around "problematic sites" with HOSTS files by using FILTERS of those from sources I noted - this is built into a Python system which does this for me, "automagically" without my raising a finger (either by timers or by scheduler methods now)...
The "automagic" system I use does the following:
---
1.) HOSTS & DNSBL consolidation from online sources
2.) Alphabetical sorting
3.) Deduplication/Normalization
4.) Filtering vs. "Troublesome Sites"
5.) From a TEMP/Scratch file, for final commission back to the original HOSTS file itself, every 15 minutes... via overwrite, to assure CLEAN copy!
---
My nephew & I co-wrote to replace my older Delphi system in fact, which I used circa 2002-2010...
(It was great for its day, but, not as "multi-platform portable", & not as good on larger HOSTS dedups because I wrote it in pure "brute force" dedup methods, by hand, & in the days of 20k lines sized HOSTS files it was fine... until maybe 2008-2009 when the malware makers out there really "stepped up their game" that is, & hosts files got "HUGE")!
I.E.-> SpyBot Search & Destroy, & other HOSTS sources I listed in my init. post?
They OFTEN list sites that one may NOT wish to include because they cause trouble with ZDNet/CNET/AOL/Amazon/HotMail & others... do check their HOSTS files, they list them in # comments, that is, IF you have a filtering system as I do to remove "troublesome sites" (which I am certain you are familiar with from your statements))...
... apk
The "FULL GAMUT" of what I use for BOTH added online security AND SPEED (& have done since 1997 or so, in the form of guides for Windows users (but the principles apply to other OS' too, & so does the CIS multiplatform security test it uses to help "guide a user" & make it "fun-to-do" as well, like a benchmark almost (albeit for security, not speed only))) is below:
To "immunize" a Windows system, I effectively use the principles in "layered security" possibles!
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE
I.E./E.G.-> I have done so since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:
http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text
& from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml which Neowin above picked up on & rated very highly.
That has evolved more currently, into the MOST viewed & highly rated one there is for years now since 2008 online in the first link above...
Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:
---
1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))
---
Across 15-20 or so sites I posted it on back in 2008... & here is the IMPORTANT part, in some sample testimonials to the "layered security" methodology efficacy:
---
SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:
http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2
"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral
AND
"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral
AND
http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3
"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, moved around in a move, and it still NEVER has had the OS reinstalled besides the fact I imaged the drive over in 2008. Grea
JavaScript is not needed at all: an etag header can be used to track you across different sites by including say a .CSS or .GIF file served by using a shared "tracking url" at a known site.
Example:
In the first request, the response header has ETag: "97a-494505e0c46c0"
In the second request, the request header has If-None-Match: "97a-494505e0c46c0" - this acts like a cookie.
If the "tracking" server receives a request with no If-None-Match: header, it replies with the file and sets the ETag to a unique value (exactly equivalent to the "cookie" value). If the server receives a request with the If-None-Match:, the value can be used to track the user... for example the server takes the If-None-Match: value, and returns back the image with the same etag value, and *also* set a cookie with that value in the response header!
Happy moony
In the case of the VISA card two companies could check with each other if any customers were using the same car too. But that is not enabled by the system other than being the source of the single identifier in the same way VISA is...
However the difference really is that the person has no idea said unique identifier is being assigned to them.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Your browser fingerprint appears to be unique among the 1,684,880 tested so far.
Yeah right, that's what they whisper in your ear, telling you you are the only special one in the whole universe... until you find the web site has been seeing lots of other browsers, frequently, and without protection.
Ew!
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Oh, what a surprise, someone mentioned the hosts file and look.. not half a day later and a fat, mindless maggot called APK pops up like an ugly little prairie dog.
I reject your invitation as I prefer to make a counter-offer: *I* invite *YOU* to die slowly in a fire.
P.S. => Please tell me you haven't spawned.
..Mullah or Pope, Preacher or Poet, who was it wrote: "Give any one species too much rope and they'll fuck it up"?
Haven't you figured it out yet? Nobody cares about your fucking hosts file bullshit.
We especially don't care if it works or not, because this is fucking Slashdot and if we thought a hosts-file-based solution was the right choice WE'D HAVE FUCKING DONE IT OURSELVES ALREADY.
You are truly some special kind of stupid.
..Mullah or Pope, Preacher or Poet, who was it wrote: "Give any one species too much rope and they'll fuck it up"?
* OK? I would like to see you disprove the 20++ points I put down there!
TL;DR
Profanity-Laden as it is (& clearly "best you've got", vs. points in favor of HOSTS files I listed, since you obviously cannot disprove or "debunk" them) - to wit:
"Haven't you figured it out yet?" - by Sardaukar86 (850333) on Sunday July 31, @02:52AM (#36937452) Homepage
Yes, I have (long ago): You're a malware-maker, or webmaster of a site that custom HOSTS somehow adversely affect, & all you have is your profanity laden b.s. retorts, vs. the facts I put out in favor of HOSTS files in my posts...
(Pretty simple actually!)
---
"Nobody cares about your fucking hosts file bullshit." - by Sardaukar86 (850333) on Sunday July 31, @02:52AM (#36937452) Homepage
See subject-line, & "au contrare" - your "FoAmiNg @ ThE MouTh" ranting/raving reaction says QUITE otherwise...
(LMAO - Man... talk about "showing your tell"!)
---
"We especially don't care if it works or not" - by Sardaukar86 (850333) on Sunday July 31, @02:52AM (#36937452) Homepage
Somehow, based on my subject-line, & the last couple paragraphs/sentences I wrote?
I don't *think* so (heck, I KNOW not!)... and, you're 100% right & to quote Tony Stark/Iron Man in regards to his "Arc Reactor"? The HOSTS file is QUITE LIKE IT, & - it works!
For better speed, better layered-defense-in-depth security, and even "anonymity" to an extent... from a simple text file filter that is used by a Ring 0/RPL 0/KernelMode PnP subsystem of the OS (thus, more efficient & faster than usermode/ring 3/rpl 3 "solutions" are).
AND, also a solution with LESS MOVING PARTS, & again - ONE Operating at a far more efficient layer of operation than usermode filters in browsers or their addons do via Ring 0/RPL 0/Kernel Mode operations (as a filter for the "Plug-N-Play" driver design in the IP stack in Windows, &/or MacOS X too since it's demand-driven in both))
Along with HOSTS yielding a user PERSONAL ABSOLUTE easy control via text file edits and easy acquisition from NUMEROUS reputable & reliable sources I listed!
(I combine them all with those from my own research, perfectly alphabetized/ordered, normalized/deduplicated & changed to the MOST efficient & compatible blocking IP address there is in 0.0.0.0 (vs. the larger/slower 127.0.0.1 loopback adapter address), done "automagically" for me for nearly a DECADE here now!)
"Beat that with a stick"... & good luck - You'll NEED it, badly!
---
"because this is fucking Slashdot and if we thought a hosts-file-based solution was the right choice WE'D HAVE FUCKING DONE IT OURSELVES ALREADY" - by Sardaukar86 (850333) on Sunday July 31, @02:52AM (#36937452) Homepage
Sure, sure (see contrary evidences below from your peers here)...
That is, unless YOU are who & what I suspect you are - & I am SURE YOU ARE!
AND?
It seems your "peers" here @ /. disagree with you clearly, to the tune of a ratio of 25++:1
Per the concrete, visible, & verifiable evidences I supply below, which would only be a TINY fraction of what I could, were I to say, point you to mvps.org for example!
(All that, vs. your ranting/raving & "FoAMiNg @ ThE MouTh" response to my challenge to disprove the points I listed in favor of HOSTS files that gain users speed, security, even "anonymity" + bandwidth maximization with personal control of it also)...
* On that note? Well... ok - See below, for your reference/new NEWS/NewsFlash, JUST "4U":
* THE HOSTS FILE GROUP 15++ THUSFAR (from +3 -> +1 RATINGS, usually "informative" or "interesting" etc./et al):
HOSTS MOD UP -> http://yro.slashdot.org/comments.pl?sid=1907266&cid=34529608
HOSTS MOD UP
Just "Rinse, Lather, & Repeat", troll... & see my reply to you here:
http://yro.slashdot.org/comments.pl?sid=2356916&cid=36938204
(Please - Quit projecting your OWN faults onto myself, ok?)
* Instead, disprove the 20++ points I put out in favor of HOSTS files for end-users instead... or, is that "too much" for the "trolling likes of you"?
(Apparently, it is... lol!)
---
".denwaps t'nevah uoy em llet esaelP >= .S.P .erif a ni ylwols eid ot *UOY* etivni *I* :reffo-retnuoc a ekam ot referp I sa noitativni ruoy tcejer I .god eiriarp elttil ylgu na ekil pu spop KPA dellac toggam sseldnim ,taf a dna retal yad a flah ton ..kool dna elif stsoh eht denoitnem enoemos ,esirprus a tahw ,hO" - by Sardaukar86 - ANOTHER 'off-topic' total "ne'er-do-well" troll on /. (850333) on Sunday July 31, @02:50AM (#36937434) Homepage
"???"
Uhm... Could we get a translation of that off-topic "troll-speak/trolllanguage" of yours, please?
* And, you're an off-topic troll - no questions asked...SEE MY SUBJECT LINE ABOVE!
APK
P.S.=> Yes, it must have just have been another off-topic done nothing of significance with his life troll spewing his off-topic b.s. again & not contributing to the ongoing conversations. Oh well - No biggie!
("ReVeRsE-PsYcHoLoGy", for trolls - Courtesy of this code by "yours truly" in less than 1 second flat):
---
#TrollTalkComReversePsychologyKiller.py (Ver #2 by APK)
def reverse(s):
try:
trollstring = ""
for apksays in s:
trollstring = apksays + trollstring
except:
print("error/abend in reverse function")
return trollstring
s = ""
print reverse(s)
try:
s = "Insert whatever 'trollspeak/trolllanguage' gibberish occurs here..."
s = reverse(s)
print(s)
except Exception as e:
print(e)
---
... apk
to disprove all points written in about HOSTS files being good instead? If the reply you replied to is 'too long 'you cannot read', get "hooked on phonics" (you need it evidently).
Don't know when you started using email, but when I did webmasters didn't even exist yet!
postmasters are who you send your mail to or mailadmin even.
Is a trait that used to put your head in a basket. Now its something large corporations brag about. Sum 10 wong here..
Since this uses specific js-tech/js-functions, is there a way to block specific js-functions ? e.g block calls to ajax by specific websites, cuz a website could easily mask as something useful but make calls to java functions that could be used for mischief.
As someone who writes "visibility software" let me just say, there is absolutely no way you will ever have privacy on the web. You can use TOR, or TOR like services, if you don't mind TOR servers being the ones that track you. You can use VPN's if you don't mind the people selling VPN connectivity tracking you. If your traffic is not encrypted or terminates at an untrusted site it is visible. Oh. And just so you know. Encrypted packets carry your mac address because there isn't changes to the headers for last hop so TOR and VPN services can tell you what kind of nic your machine is using. Following the trail from manufacturer to retailer to you takes less than 8 hours. If you haven't gone at least 3 hops of encrypted traffic YOU are visible.
Having to work for a living is the root of all evil.
They seem to like adblock.
Makes me not like adblock.
Oh, so you're one of those assholes that believes corporate profits are more important than personal privacy.
And no, your MAC address does not get past the first router. The layer 3 portion (which is IP, since you obviously don't know) gets sent along on whatever link-layers that exist between routers along the way. In the case of every VPN client I've encountered, a randomly generated MAC address with a fixed OUI is used for the layer 2 VPN link, so there is still no way to determine your physical MAC address from the other side. I have not studied the TOR protocol, but I seriously doubt such a glaring omission could have occurred since it is trivial to handle and if it weren't, it would undermine the entire goal of the project.
20++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:
1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
2.) Adblock blocks ads in only 1-2 browser family, but not all (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).
3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 5-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).
8.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
https://spyeyetracker.abuse.ch/monitor.php
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)
And yes: Even SLASHDOT &/or The Register help!
(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).
2 examples thereof in the past I have used, & noted it there, are/were:
http://it.slashdot.org/com
WTF is visibility software?
How do encrypted packets carry MAC addresses, unless you're doing layer 2 bridging? IPSec and SSL VPN packets carry no MAC addresses at all.
How does one "follow the trail from manufacturer to retailer to you at all much less in under 8 hours.
Inquiring minds want to know if they missed something or if you're full of crap.
So, hiding behind seven MAC addresses doesn't work. So much for my bulk purchase of EISA 3Com Ethernet cards.
No. I'm one of those assholes that writes software with the explicit intention of allowing applications like snort to protect people. Unfortunately, it is also usable for other things. The mac address of the machine is encap'd in the header of the packet before decryption. When it is decrypted the mac information is still there. The outer headers of the packet (post encryption) do not have the mac address of the machine. The mac address of the last hop is what you will see in those headers. I suspect the reason you posted anonymous is because you haven't studied l2 or l3 or tor or etc...
Having to work for a living is the root of all evil.
The hardware address is in the packet before encryption. Set up a Linux box with Arpwatch and OpenVPN and see for yourself.
You start following the trail here: http://www.coffer.com/mac_find/
Having to work for a living is the root of all evil.
EISA 3Com Ethernet cards
Nice. I remember them well.
Having to work for a living is the root of all evil.
No, I posted AC because I don't post on here enough to warrant creating an account. I do like to stop the spread of misinformation when I see it.
I write network security software for a living, so I indeed have extensively studied layer 2 and layer 3, which is why I'm questioning you, and no protocol that I'm aware of encapsulates the physical MAC address of the machine over an encrypted link. As I said before, doing that over TOR would bypass anonymity, which is one of the main goals of the protocol, and generating a fake MAC for ethernet compatibility is extremely easy to do.
If you can name a protocol that encapsulates the source MAC in an encrypted packet, I'll stay away from it, but in contrast to your original statement that ALL encrypted links do it, I can easily prove that incorrect.
You overlook local diskcache &/or DNS local client cache in Windows on HOSTS in memory speed possibility/reality once loaded/re-loaded:
"It seems to me that the best solution would be a Firefox plugin where you could add static domain -> IIP mappings, so it would all be done within memory, even if your HOSTS file got compromised." - by Em Adespoton (792954) on Thursday August 04, @01:33PM (#36987948) Homepage
Already covered in my original post here http://slashdot.org/comments.pl?sid=2356916&cid=36935730 in my P.S. in ITEM D!
Requoting myself & it corrects you (or informs you rather, because of diskcaching (HOSTS are just a file filter, & thus, get cached 2 ways)):
"D.) HOSTS files, once read/loaded, once GET CACHED, for speed of access/re-access (@ system startup in older MS OS' like 2000, or, upon a users' 1st request that's "Webbound" via say, a webbrowser) gets read into either the DNS local caching client service (noted above), OR, if that's turned off? Into your local diskcache (like ANY file is), so it reads F A S T upon re-reads/subsequent reads (until it's changed in %WinDir%\system32\drivers\etc on Windows, which marks it "Dirty" & then it gets re-read + reloaded into the local diskcache again). This may cause a SMALL lag upon reload though, depending on the size of your HOSTS file. - by APK/Anonymous Coward on Saturday July 30, @06:46PM (#36935730)
I also KNOW that HOSTS operate faster & more efficiently @ Ring 0/RPL0/Kernel Mode via PnP design usually nowadays in the IP stack as a filter, than Ring 3/RPL 3/Usermode solutions do (such as AdBlock etc.)...
---
http://slashdot.org/comments.pl?sid=2356916&cid=36935730 See point #4 - #7 ON HARDCODING YOUR FAV. SITES (this also beats DNSBL's too, mind you, or unfair filtering (such as various nations perform) & more...), regarding this from you:
"remember, ANY DNS service you use gets complete access to your domain lookup history" - by Em Adespoton (792954) on Thursday August 04, @01:33PM (#36987948) Homepage
Again, see my original posts on HOSTS, points #4-#7...
I covered that already via hardcoding favs... & more "gains" vs. dns poisoned DNS servers, or downed ones too!
---
"Second: use Privoxy (you can actually forego the HOSTS list and just filter at the Privoxy level if you want, but I keep a generic HOSTS list of stuff I know I'll ALWAYS want to block)." - by Em Adespoton (792954) on Thursday August 04, @01:33PM (#36987948) Homepage
Added moving parts & CPU/RAM/OTHER FORMS OF I-O consumption, imo, but a possible way - sounds like Proximitron noted in my p.s. here http://slashdot.org/comments.pl?sid=2356916&cid=36935730 (which CAN work with HOSTS as well if opted to do so).
---
"Run Firefox with NoScript, TACO and AdBlock Plus." - by Em Adespoton (792954) on Thursday August 04, @01:33PM (#36987948) Homepage
Noted in my init. post (except for this TACO thing, what is it?) here http://slashdot.org/comments.pl?sid=2356916&cid=36935730 near the bottom before my "APK" signature.
Personally/AGAIN:
I KNOW that HOSTS operate faster & more efficiently @ Ring 0/RPL0/Kernel Mode via PnP design usually nowadays in the IP stack as a filter, than Ring 3/RPL 3/Usermode solutions do (such as AdBlock etc.)...
(Thus, to be truthful? Well...Adblock's NOT REALLY NEEDED, nor would IE's TPL's even be needed... they're "layered security" though, so... there you are! IF you want that, & YOU DO? Use them all!)
---
The 1st point is what I was most concerned with regarding memory access/speed of HOSTS files, which on ANY OS will take place in the diskcache kernel mode subsystem, most of all - hence, why I posted it "out of order" in my quotes of yourself is all... a LOT of folks overlook that fact!)
APK
P.S.=> In any event, your summarization was fine, but ended up being quite "voluminous" too (mine gets bloated quite a lot by "backing proofs/examples" from others too, so that folks have some substantiation/backing of my words is all... SLASHDOT's "Big On THAT", lol, as I am sure you know!)...
... apk