Slashdot Mirror

← Back to Stories (view on slashdot.org)

CNET, IDC Find Rapid Increase In Behavioral Data Tracking

Posted by Soulskill on from the surprising-nobody-who-cares dept.

retroworks writes "According to columnist Elinor Mills at CNET, efforts to track consumer browsing behavior are 'rising dramatically.' In an interview with Gordon McLeod, CEO of data mining company Krux.com, advertising targeted at browsing habits has increased fourfold since 2010. IDC, according to McLeod, projects the browser-search-term-targeted advertising industry to grow from 'zero to $5 billion in less than 5 years.' Will health insurance companies see us crawling for information on family illnesses? After reading the article, I went hunting for a download of 2008 program antiphormlite, and found nothing remaining at any download site (including CNET). Is there another 'cookie camouflage' alternative to polluting the cookie stream with false positives? Or are we left to 'do not track' pledges and trusting Tor redirectors?"

32 of 88 comments (clear)

  1. Ghostery? by vlm · · Score: 3, Informative

    Ghostery?

    I have not read the article but the summary sounds like a lot of effort to avoid directly naming the FF/Chrome extension called ghostery.

    --
    "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
    1. Re:Ghostery? by vlm · · Score: 1

      Oh very well. I read it and its for utter noobs. Not exactly /. worthy material. Not bad for ladies home journal, or maybe cosmo or rolling stone, or something non-technical like wired, but not quite up to the level of /.. "What should consumers do if they don't want to be tracked this way?" is answered with something like its really nice to be tracked and you should lean back and enjoy it and you can't do anything about it but we like having meetings to discuss it, probably because of the catered food. Gee thanks, can I have 60 seconds of my life back since I didn't get much outta this?.

      Well, I think I can do a little better than the article. Install adblock plus, make sure the optional ads are block in ABP. Install Ghostery, and in the wizard setup thingy make sure everything is getting blocked, especially "bug blocking". I have found bug blocking is all or nothing, if you block "all" then all new ones are also blocked, but if you unblock just one, then new ones will not be blocked. This is based on (years of?) experience not just theory. Tada, mostly done. I also use flashblock extension, because flash is used for nothing important, just overly polished completely content free marketing sites, cat videos on youtube (and you can whitelist yt if you want) but mostly flash is primarily used for spammy ads that I don't need or want to see. With the growth of ajax sites I no longer use noscript, although its not all that bad of an idea. In a riff off the original article I'd also love to attend endless privacy meetings, if no reason other than to eat the catered food.

      --
      "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
    2. Re:Ghostery? by Anonymous Coward · · Score: 1

      You fail again in your understanding of the issue. The issue is that ISPs are hiring a company to do deep packet inspection to spy on a user's browsing habits. Adblock plus cannot help with this issue.

      Maybe if you spent less time being snarky and actually tried to understand what you were reading you would actually appreciate the significance of the issue.

      Just to be sure, I will provide you with a references:

      The company's proposed advertising system, called Webwise, is a behavioral targeting service (similar to NebuAd) that uses deep packet inspection to examine traffic... and the ISP BT Group has been criticised for running secret trials of the service.

      Also the fact that this service is not opt-in, is concerning. Seems to me like this is an issue that Slashdot people care about (except for you?).

      References:
      http://news.cnet.com/8301-1009_3-57456273-83/behavioral-data-tracking-rising-dramatically-q-a/
      http://en.wikipedia.org/wiki/Phorm

    3. Re:Ghostery? by arbulus · · Score: 2

      "You fail again in your understanding of the issue. The issue is that ISPs are hiring a company to do deep packet inspection to spy on a user's browsing habits. Adblock plus cannot help with this issue."

      This is the part that scares the hell out of me. I use a number of addons to stop websites from tracking me (Ghostery, AdBock, NoScript, RequestPolicy, etc.). But DPI is horrfying, and I don't understand why it's legal. The postal service isn't allowed to open our mail and read our letters. It's a felony for anyone to tamper with your mail at all. So why should ISPs be allowed to inspect our packets? It's no different.

      This is why you need to use non-logging VPNs and TOR. Don't giver your ISP an opportunity to inspect your packets. Plus, for the love of FSM, DO NOT use your ISPs DNS servers, or your ISPs email.

    4. Re:Ghostery? by certain+death · · Score: 1

      I wish I had mod points...you would get them all!!

      --
      "My immediate reaction is "WTF? What kind of moron doesn't make things 64-bit safe to begin with?" Linus
  2. Don't accept cookies. by couchslug · · Score: 2

    Incognito/private browsing FTW. Use (for example) one browser for browsing where you don't mind cookies, and a second for items you don't want tracked.

    You can have many browsers, any decent PC can run many browsers, so have at it.

    --
    "This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
    1. Re:Don't accept cookies. by hey_popey · · Score: 1

      1- If you don't accept cookies, some websites simply don't work
      2- Incognito/private browsing is not enough to avoid other trackers like pixels, scripts...

    2. Re:Don't accept cookies. by mwvdlee · · Score: 1

      Does incognito browsing, such as chrome's incognito tabs, help against fingerprinting methods?

      --
      Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
    3. Re:Don't accept cookies. by PopeRatzo · · Score: 4, Interesting

      2- Incognito/private browsing is not enough to avoid other trackers like pixels, scripts...

      Can "other trackers like pixels, scripts" track actual identifying data? I don't know enough about this stuff to know.

      And if I can remain anonymous enough, should I still care if data is collected?

      I run ghostery but I really need to pay more attention to this stuff and educate myself about incognito/private browsing. Not so much that I browse somewhere illegal or that my crazy leftwing politics are going to get me in trouble, but I really can't stand the idea of data tracking.

      I would gladly give up all the "benefits" that come with data tracking. But then, I thought the internet was just great in 1993, before the commercialization of the Internet. I would love to have seen how the Internet would have developed if it hadn't become a sleazy shopping mall/TV combo.

      I really like this idea of "cookie camouflage". I never heard of this "antiphormlite" program before today. Too bad it seems to have been disappeared. I would enjoy showing these trackers the back of my hand.

      --
      You are welcome on my lawn.
    4. Re:Don't accept cookies. by Charliemopps · · Score: 1

      Even the cheapest tracking software includes methods for tracking people with cookies turned off. Buisnesses have wised up and are tracking you based on info you can't change, like your IP, windows version, etc... Then they share this info with each other. Private browsing is NOT private. Your only hope is to use a proxy service.

    5. Re:Don't accept cookies. by Hatta · · Score: 1

      What does multiple browsers help when you're browsing from the same IP address? I think Google's smart enough to figure that out.

      --
      Give me Classic Slashdot or give me death!
    6. Re:Don't accept cookies. by AliasMarlowe · · Score: 1

      What does multiple browsers help when you're browsing from the same IP address? I think Google's smart enough to figure that out.

      Actually, our entire household browses from a single IP address. In that case, if we each used one unique browser (or mostly just that one) per user, the multiple browser approach would assist in differentiating people for advertising purposes. As it is, we each use any of 3 PCs which all run Xubuntu, but identifiably unique due to display resolutions, installed fonts, etc. Similarly, even the kids use two or more browsers each while my wife and I use three or four regularly, and everyone knows to clear their cookies after visiting any dodgy sites (cookies are generally cleaned on exit anyway). We probably present a difficult case for analysis, and don't get any particularly well-aimed "targeted" advertising.

      BTW, it's interesting to see what your browser might reveal when your visit a site, even neglecting cookies. Quite often, your browser reveals enough to identify it uniquely.

      --
      Those who can make you believe absurdities can make you commit atrocities. - Voltaire
    7. Re:Don't accept cookies. by couchslug · · Score: 1

      "Multiple browsers is not an acceptable solution for the vast majority of the public."

      This forum is not directed at the "vast majority of the public".

      --
      "This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
    8. Re:Don't accept cookies. by PopeRatzo · · Score: 1

      The only way to browse the Internet with privacy is to disable javascript, or use a mobile browser.

      I'll have to look up what you mean by "mobile browser". I don't think you're referring to a browser on my smartphone.

      --
      You are welcome on my lawn.
  3. This beats the HELL out of any browser addon by Anonymous Coward · · Score: 3, Informative

    Mainly in efficiency - it runs in Ring 0/RPL 0/PnP Kernelmode (on Windows), as merely a filter for the IP stack (no overheads of more driver layers OR browser level slower less efficient addons):

    21++ ADVANTAGES OF CUSTOM HOSTS FILES (how/what/when/where/why):

    Over AdBlock & DNS Servers ALONE 4 Security, Speed, Reliability, & Anonymity (to an extent vs. DNSBL's + DNS request logs).

    1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program). A truly "multi-platform" UNIVERSAL solution for added speed, security, reliability, & even anonymity to an extent (vs. DNS request logs + DNSBL's you feel are unjust hosts get you past/around).

    2.) Adblock blocks ads? Well, not anymore & certainly not as well by default, apparently, lol - see below:

    Adblock Plus To Offer 'Acceptable Ads' Option

    http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option )

    AND, in only browsers & their subprogram families (ala email like Thunderbird for FireFox/Mozilla products (use same gecko & xulrunner engines)), but not all, or, all independent email clients, like Outlook, Outlook Express, OR Window "LIVE" mail (for example(s)) - there's many more like EUDORA & others I've used over time that AdBlock just DOES NOT COVER... period.

    Disclaimer: Opera now also has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc..

    3.) Adblock doesn't protect email programs external to FF (non-mozilla/gecko engine based) family based wares, So AdBlock doesn't protect email programs like Outlook, Outlook Express, Windows "LIVE" mail & others like them (EUDORA etc./et al), Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

    4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 5-7 next below).

    5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, OR make you reach them faster since you resolve host-domain names LOCALLY w/ hosts out of cached memory, hosts do ALL of those things (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions (in-addr.arpa) via NSLOOKUP, PINGS (ping -a in Windows), &/or WHOIS though, regularly, so you have the correct IP & it's current)).

    * NOW - Some folks MAY think that putting an IP address alone into your browser's address bar will be enough, so why bother with HOSTS, right? WRONG - Putting IP address in your browser won't always work IS WHY. Some IP adresses host several domains & need the site name to give you the right page you're after is why. So for some sites only the HOSTS file option will work!

    6.) Hosts files don't eat up CPU cycles (or ELECTRICITY) like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs. HOSTS file are merely a FILTER for the kernel mode/PnP TCP/IP subsystem, which runs FAR FASTER & MORE EFFICIENTLY than any ring 3/rpl3/usermode app can since hosts files run in MORE EFFICIENT & FASTER Ring 0/RPL 0/Kernelmode operations acting

    1. Re:This beats the HELL out of any browser addon by Inda · · Score: 1

      I think you forgot the CleanMyPC.com links at the end.

      --
      This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
    2. Re:This beats the HELL out of any browser addon by nigelo · · Score: 1

      He has a hobby: Constantly updating his hosts file.

      --
      *Still* negative function...
    3. Re:This beats the HELL out of any browser addon by tlhIngan · · Score: 1

      What I'd want to know is how he managed to get such a long post through before /. truncates it - usually you get maybe a short essay's worth of text before the "Read more of this comment" link shows up. This guy managed maybe five times that length.

      Of course, most modern tracking system, like Google Analytics, rely on webmasters to pass links THROUGH them via javascript, so you can't block GA anymore or the site breaks (good and bad).

      Naturally, stuff like NoScript evolved workarounds by faking out the GA scripts to avoid tracking.

    4. Re:This beats the HELL out of any browser addon by arbulus · · Score: 1

      Another problem with the Windows hosts file: if you're running Microsoft Security Essentials, it will view modificaitons to the hosts file as a virus and remove them.

    5. Re:This beats the HELL out of any browser addon by certain+death · · Score: 1

      Maybe it _IS_ his hobby!

      --
      "My immediate reaction is "WTF? What kind of moron doesn't make things 64-bit safe to begin with?" Linus
  4. Cookie camouflage - firephorm by mauriceh · · Score: 1

    Well, there is firephorm:
    http://www.ghacks.net/2008/10/14/firephorm-the-anti-phorm-firefox-extension/

    --
    Maurice W. Hilarius Voice: (778) 347-9907
  5. Collusion plugin for Chrome/Safari by charnov · · Score: 1

    Collusion plugin for Chrome/Safari from Disconnect.me blocks all known trackers. Since using it for a while, I have noticed a disappearance of eerily targeted ads in Google searches, etc.

    --
    [RIAA] says its concern is artists. That's true, in just the sense that a cattle rancher is concerned about its cattle.
  6. aren't you missing something? by slashmydots · · Score: 1

    Tor? Why? How about in Firefox or IE8 or 9 hit ctrl-shift-P. Tada, temporarily no more non-session cookies are preserved (among other privacy perks).

    1. Re:aren't you missing something? by Z00L00K · · Score: 1

      And then you still need to clear out caches for all your browser plugins like Java, Flash etc.

      Otherwise you will still sit there with tracking cookies.

      --
      If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
  7. noscript?? by apcullen · · Score: 3, Interesting

    Doesn't using noscript block most of the sites that track one's browsing?

    1. Re:noscript?? by oldredlion · · Score: 2

      It certainly blocks some.

      I went to that cnet page and ghostery reported 5 trackers.

      I then did noscript "temporarily allow all this page" and ghostery reported 11 trackers, so noscript seems to be blocking 6 out of 11.

  8. Just One Question by Ukab+the+Great · · Score: 1

    How many users did they have to track to obtain that finding?

  9. My "Solution" by Droog57 · · Score: 1

    I use Opera and the Ghostery extension along with WOT. Then I run CCleaner a few times a day. I ALWAYS log out of any site once I'm done with what I logged in to do, and that goes double for Google. Then run CCleaner. I take a small hit with some occasional unpredictable behavior on some sites with Ghostery running, but screw 'em. If they want my junk, I can find (95% of the time) what i want elsewhere. Strategy seems to work pretty well, low spam incidence in gmail and my "real" email addresses are rarely spammed as well. Recently checked Google's data on me through the privacy page and all clear.

    --
    "If the only tool that you have is a hammer, every problem looks like a nail." Donny Rumsfeld
  10. Re:I don't just *think* this: I KNOW IT... apk by Inda · · Score: 2

    I think you're confused. My post, with my complete lack of interest, is not there to prove or disprove your rantings about AdBlock.

    I get no joy from provoking emotional responses on the internet. Your response actually made me shed a tear. All that typing on Slashdot for fuck all.

    #No one cares

    Stick that in your newly invented hosts file.

    --
    This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
  11. Re:I got creeped out the other day ... by vlm · · Score: 1

    especially because I haven't logged into any web services on that machine

    Let me guess, except for google because you're using chrome on both browsers.

    --
    "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
  12. Re:I don't see that & I use MS Sec. Essentials by arbulus · · Score: 1

    Not sure why it was happening, either. It was on both XP and 7. Everything with MSE was the default settings. I've seen malware fiddle with hosts files before, but it seemed odd that it would assume that all modifications are malicious.

    I was using hosts for web filtering for a small business client of mine. They wanted some computers to have limited access to the web, while allowing others full access. Hosts files were the easiest solution. But not long after I implemented it, MSE flagged them all as viruses and removed my modifications.

    This was several months back, though. Maybe MSE has had an update that resolved the issue since then.

  13. Re:Nope: I don't lift a finger (done "automagicall by nullchar · · Score: 1

    Having a custom hosts file is all fine and good, but that does not mitigate Deep Packet Inspection:

    FTA:

    The company's proposed advertising system, called Webwise, is a behavioral targeting service (similar to NebuAd) that uses deep packet inspection to examine traffic... and the ISP BT Group has been criticised for running secret trials of the service.