Slashdot Mirror
Microsoft Reaffirms Default Do-Not-Track For IE10, Windows 8 Express Setup
Billly Gates writes "Microsoft has confirmed that Internet Explorer 10 will have Do-Not-Track settings enabled by default. IE 10 comes with Windows 8, and will go release candidate for Windows 7 very soon, according to Anne Kohn in a comment in IE's blog. During Windows 8 setup, users who choose the 'Express' option will have DNT on by default, while using the 'Custom' option will give them the chance to change the setting, if they want. IE 10 already has a score of 319 in html5test.com, while MS is trying to position IE as a great browser again. Will this pressure other browsers such as Firefox and Opera to do the same?"
When Microsoft began talking about this in May, it touched off quite a debate at W3C about whether browsers should have DNT turned on by default or not.
And you don't know Google search either. What kind of web sites do you build?
Slashdot, fix the reply notifications... You won't get away with it...
DNT only works if websites honor it. Some have already said that if browsers turned it on by default, they would not honor it. So... could MS, a company with a long history of embrace and strange while raping it up the ass, be enabling it by default to give websites an excuse to ignore it and thereby kill it from within while appearing to the gullible as a nice company?
Well, Soulskill sure is gullible enough. a great browser again. Indeed.
It ain't Paranoia if you think MS is out to screw everyone else. In fact, that is hopelessly naive. MS happily screws itself too.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
HTTP header to request "opt out" of any tracking on websites you visit.
i.e. will be ignored by just about everyone by default anyway, and even when you "opt out" you can still be tracked by most websites in the world, and turning it on or off will have virtually zero visible effect to the user so you'll never know even if the website "accidentally" tracked you anyway.
Worthless, ill-designed, junk.
But in this case, it's horribly wrong.
This will effectively KILL the do-not-track project.
Wow! A score of 319 is really impressive!
Wait hang on.
* Chrome 22: 442
* Chrome 21: 437
* Opera 12.50: 409
* Firefox 14: 345
Sure its better than IE 9, but a modern browser it is not.
Doesn't even come close to stable Firefox.
Yeah, I don't know what people are smoking these days, but you've got to be seriously delusional if you think that Do Not Track is going to be respected in any way. They'll track anyway, and if they get busted, they'll call out the lawyer brigades and nothing will fucking happen. Hell, maybe they'll even end up with some sweet legal precedent saying they have every right to track us if we deign to navigate to one of their websites.
I trust NoScript and Adblock, I sure as shit do not trust "we won't track you, we promise!"
IE 10 already has a score of 319 in html5test.com, while MS is trying to position IE as a great browser again.
Again!? Implying it was great once? What have I missed? I've been in web development for around 12 years now, and I most certainly do not remember ever having many nice things to say about IE. Or do you mean great, as in having the majority monopoly-based userbase?
10 years ago how well did Netscape 4.7 do CSS compared to IE 6? ... thats what I thought.
Soulskill edited my entry as I put a whim of sarcasm stating slashdotters and webmasters favorite browser (sarcasm intended). Needless to say I remember IE 6 frustratingly and angrily beating Netscape quite well as it was the first browser to support the proper box model as long as it didn't go into quirks mode. I wanted Netscape to win but 10 years ago went to IE 6 and it was a better browser. IE 5 was not bad either and invented AJAX. IE 6 is just well very old and not meant for anything but simple 50k websites with 2 or 3 tiny 25k pics with a css that is about half dozen lines or less usually specifying fonts or something silly. Not the bloated sites we have today. The things it does wrong are were very cutting edge and not standardized in 2001. It is similiar to alot of css 3 stuff I see with different arguments for color picking a gradient for example. W3c will pick one syntax in 10 years times and one of the browsers today wont be standards complaint with it in the future. IE 6 shouldn't have been used for so long.
MS let it rot and did not fix the rendering bugs nor the huge security risks as MS thought we would all be using Vista and IE 7 by 2005 (2004 was Longhorns original date if I remember correctly) and the delaying made things worse.
Anyway give MS credit for at least trying to make a somewhat decent browser and making your life as a web developer easier. IE 10 is supposed to be truly competitive to Firefox and Chrome which is good for METRO developers. Remember people like your Mom, grandparents, Chinese, and corporate employers wont ever switch no matter how much we beg. At least let them enjoy a somewhat similar browsing experience you have at home. I saw a benchmark testing emca javascript and IE 10 was the most compliant browser out there. It will make everyone's life easier if people use 1 standard for the internet and IE is catching up finally.
http://saveie6.com/
Don't you think it was DOA anyways? The system depended upon honest advertisers, which is an oxymoron if I ever heard one.
I'm a professional web developer of 16 years+, and I don't know what "Do Not Track" is.
No need to embarrass yourself in front of the class dude.
10 years ago how well did Netscape 4.7 do CSS compared to IE 6?
10 years ago Netscape 4.7 had been abandoned several years: Netscape 6, on the other hand wiped the floor with IE 6 on CSS, although admittedly, it sucked in numerous other ways.
Worthless, ill-designed, junk.
Nooooo!?! Next thing you are going to tell me is that the hackers disregard RFC3514 during attacks???
Questions raise, answers kill. Raise questions to stay alive.
This will effectively KILL the do-not-track project.
Good. The do-not-track project as designed by Mozilla and Google is worthless, and I'm reasonably sure it's intentionally broken. It's just trusting the web site to agree to your browser's plea to please not track it; there is no enforcement mechanism, and no way to even know your request is honored or not. A proper design would not even connect to a tracker's web site.
Of course, Google has a major conflict of interest in this - tracking people is what makes them the big money; that's why I suspect Mozilla and Google came up with this "design", pretending to care about privacy while aware that many users aren't knowledgeable or caring enough to set the DNT flag, and also on the fact that when push comes to shove they can just ignore the "don't track" request. Microsoft is pretty much calling their bluff there.
Apparently, even Konqueror - which hasn't really been under active development for years and had very little funding before then - manages to score 321.
It won't screw Google over. The most relevant legislation with regard to DNT is the EU directive which says you must not track a user if they express a desire not to be tracked. However, if the header is sent by default, then Google can convincingly argue that the user has not expressed this desire. If, however, it is off by default, then this argument would be nonsense because the user must have explicitly enabled it.
I would love to see it as a setting with no default and a prompt when you install the browser, so that every user must make a conscious decision to either be tracked or not be tracked.
I am TheRaven on Soylent News
You are missing the point of the header. It is something that is sent along with the initial HTTP request that expresses the user's desire. By itself, that's all it does. It can, however, be used in later legal proceedings. In the EU, for example, tracking someone after receiving an explicit opt-out is illegal. If someone can prove that you are tracking people who do not wish to be tracked then you are liable for large fines.
I am TheRaven on Soylent News
The article on Ars Technica states that the EU authorities stand behind DNT by default which if true means that Google can argue nothing (at least in Europe)
And the question of DNT being an explicit opt-out at all, or even getting to the remote server intact, is dubious.
If you pop up a message on the front page of a website that says "can we track you for the next week?" and the user says yes, but their browser is still pushing DNT, do you think the website should not track anything anyway? They have EXPLICIT permission to do so. And on a visible, obvious, user-controlled way, that the user COULD NOT IGNORE or forget, that can be easily seen by any idiot, rather than some obscure browser setting in only some browsers, that makes no visible change to the average user, and that may not ever be able to be tweaked by the user.
It's worthless, in law and in usage. And it doesn't express the user's desire if it is on by default and the user has to specifically turn it off. It just expresses the software manufacturer's desire (and, if as the article states, installs of Windows will have it on by default, it means even less in terms of what the user wants).
I'm not stupid, I doubt there are people who WANT to be tracked or wouldn't turn it on if they understand what it was supposed to do. But it doesn't. And never will. And saying that a hidden HTTP header that could easily be stripped by intervening proxy servers that don't understand it (and be untraceable as to WHERE that header got stripped off, and thus useless in court) overrides the explicit, visible, non-accidental obtained consent of users with an associated privacy policy available to them is just ludicrous.
There will NEVER be a court case about DNT usage on a website. Because it's not binding in *any* country at all and it certainly can't be taken as a revocation of previous consent (thus it is overrode by anything that the websites ALREADY have deployed to comply with EU cookie laws, for example) without a suitable legal precedent, which itself is somewhere incredibly unlikely and impossible.
Is DNT an opt-out for THIS session? This page? This browser? This IP? This logged-in-user? Forever? Does it override previous decisions? Does its absence override its prior presence (i.e. now you surf without DNT, we can take that as consent for all the previous sessions too?). It's so vague as to be absolutely pointless.
It *does not* do what it was designed for, helps no-one (not even advertisers or users), and is a ginormous waste of money to deploy for everyone involved (from browsers to users to websites to policy makers to the government to legal cases, etc.).
So we no more play the ACID test game?
I would love to see it as a setting with no default and a prompt when you install the browser, so that every user must make a conscious decision to either be tracked or not be tracked.
But here's the thing. In spite of all this so-called debate, let's be honest, how many ordinary people are going to answer "Yes" to the question "Would you like other companies to be able to watch and compile databases of everything you do online?" ... I'm guessing approximately NOBODY. Who actually likes being watched?
However, if the header is sent by default, then Google can convincingly argue that the user has not expressed this desire
Actually, I'm willing to guess that a decent lawyer could convince a court that a reasonable person can be presumed by default to prefer not to be watched, given that pretty much nobody likes being watched. Put it another way, should you have to expressly opt out of me installing a camera in your bathroom, or can you by default be presumed to prefer that I not put a camera in your bathroom? The presence of a DNT selection, which people will rightfully not turn on, could clinch it. I suspect this is why the debate around this is so strong.
Exactly. My initial reaction was against this, but self regulation never works. Do Not Track is simply an effort by the data aggregators to stave off real privacy regulation - "Look! We'll make a token gesture to respect the privacy of the tech savvy minority as long as we can run roughshod over the vast majority. See, we're honest folks."
Kudos to Microsoft for calling it like it is on this one.
Pretty much. Short of government regulation we as a community can't actually compel advertisers to do anything (just getting them to acknowledge DNT in the first place was a small miracle), so if we actually make it hard for them to do their thing they'll just ignore DNT entirely.
And in Europe we tend to see privacy as opt-out rather than opt-in.
Are you living in the same Europe as me? Where your cars are regularly tracked by ANPR. Where many states have compulsory ID cards. Where communictaions companies have to install boxes to collect data for the government"
Not much "opt out" there.
And, in the meantime, give trackers that don't support DNT on the backend (like Microsoft) an temporary advantage over those that do (like Google.)
The system depended on the advertising industry thinking that adhering to the voluntary system was at least as good of a deal as what they'd get under a regulatory regime, since the whole purpose of the voluntary system was to stave off threats of regulation.
Its unlikely that the industry would see a an opt-in requirement imposed in a regulatory regime, though an opt-out requirement would be quite likely. It therefore makes no sense for the industry to prefer an opt-in voluntary scheme, though an opt-out voluntary scheme is certainly worthwhile.
This is such bullshit. But you kinda have to argue so I can refute you.
If anything, DNT is killed by it being dependant on what websites say they would or would not honor.
It would also be effectively killed if it was OFF by default, since most people will have it off, so even if websites don't track a bunch of nerds, that doesn't mean shit in the big picture.
Let's recap: The rapist is proposing he won't rape, if 98% of people will "consent" to sex. And then someone says "let's not consent by default", so the rapist says "then I won't cooperate". And you FUCKING blame the person who made the sensible suggestion?
Positive moderation doesn't mean it's not stupid. It just means the moderators are stupid, too, the end.