Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tracking the Web Trackers

Posted by timothy on from the let's-track-ann-from-account-services dept.

itwbennett writes "Do you know what data the 1300+ tracking companies have on you? Privacy blogger Dan Tynan didn't until he had had enough of being stalked by grandpa-friendly Jitterbug phone ads. Tracking company BlueKai and its partners had compiled 471 separate pieces of data on him. Some surprisingly accurate, some not (hence the Jitterbug ad). But what's worse is that opting out of tracking is surprisingly hard. On the Network Advertising Initiative Opt Out Page you can ask the 98 member companies listed there to stop tracking you and on Evidon's Global Opt Out page you can give some 200 more the boot — but that's only about 300 companies out of 1300. And even if they all comply with your opt-out request, it doesn't mean that they'll stop collecting data on you, only that they'll stop serving you targeted ads."

22 of 97 comments (clear)

  1. Give Us A List by Anonymous Coward · · Score: 3, Informative

    Give us a list of all companies and their affili-shit domains and I'll block them. I'll even add them to my 'Hosts' file just to make apk happy.

    1. Re:Give Us A List by eksith · · Score: 4, Informative

      It doesn't always work that way. Sometimes, these companies use their own sites, but other times, it's a no-name domain and sometimes a random IP. It's almost a kin to a botnet herder where they all report to a root domain where they get their instructions.

      And other times these are from publicly available records; no direct connection to your web browser. If you buy a car, apply for a credit card or even register a new phone number, expect to get spammed shortly. The only way to not get included in a dossier of some sort is to not exist. But even that's no guarantee.

      --
      If computers were people, I'd be a misanthrope.
    2. Re:Give Us A List by noh8rz10 · · Score: 4, Informative

      THe Ghostery plug in accomplishes the same thing... It automatically blocks trackers against a big black list. Something cool, it does a subtle pop up wheyou visit a page listing all the trackers on that page. Eye opening, for sure! Some pages ,a dozen different trackers! I know Ghostery is available for safari, not sure about other browsers.

    3. Re:Give Us A List by Sporkinum · · Score: 2

      Yeah, if you read the article, you'd see Ghostery is run by and advertising company.
      " About Evidon
      Evidon reveals the invisible web.

      Its technology gives brands, publishers, networks and other businesses around the world unique insight into the digital ecosystem—including unparalleled intelligence on the marketing technologies that underpin the commercial web —and the power to control their impact on business.

      Evidon's technology includes Ghostery®, the industry-leading browser tool that reports on data collection across 26 million websites and informs the company’s business control solutions. Evidon also provides market-leading privacy controls for more than $1 billion of display media annually that empower more than 150 million people a day to control how their information is used online.

      Companies make smarter decisions, protect their businesses and consumer privacy, and grow revenue as a result. www.evidon.com "

      --
      "He's lost in a 'floyd hole"
  2. So why aren't you protecting yourself? by popo · · Score: 2

    You could be using Tor, or surfing through a proxy, denying cookies, etc.

    Why make it easy for them?

    --
    ------ The best brain training is now totally free : )
  3. It's over. Privacy war lost. by Anonymous Coward · · Score: 3, Interesting

    Enough to drive an honest man to fraud.

  4. Use Ghostery! by Anonymous Coward · · Score: 5, Informative

    Ghostery (Firefox plugin) allows you to block these trackers, it works great and you can also see when sites are loading the tracking code.

    1. Re:Use Ghostery! by Nyder · · Score: 4, Informative

      Ghostery (Firefox plugin) allows you to block these trackers, it works great and you can also see when sites are loading the tracking code.

      https://www.ghostery.com/

      --
      Be seeing you...
    2. Re:Use Ghostery! by Anonymous Coward · · Score: 5, Interesting

      I use ghostery and love it and all. But I wonder if passive resistance is the wrong way to go about this. Maybe what we need is to allow all those tracking cookies. But run a program on your computer which replaces the data in those cookies every 5-10 seconds. That is, instead of denying the marketers data (meaning the data they do get is still good), pollute their data so this whole business of tracking is less effective.

    3. Re:Use Ghostery! by martin-boundary · · Score: 2
      That's a great idea, but how can you ensure that the fake data still "looks right"? If it's completely random, it's going to be relatively easy to filter out. It needs to be consistent so that the cookie data is well formed according to the tracking company's system, I guess.

      One possibility might be to set up a server that 1) receives tracking cookies from people, and 2) returns a random tracking cookie from its collection whenever asked by anyone. Think of it like a cookie swap exchange, where your browser gives your cookie to random people, and they give theirs to you automatically.

    4. Re:Use Ghostery! by AmiMoJo · · Score: 2

      I'm gonna name my kid Spartacus.

      I wonder how many of these cookies would be vulnerable to an SQL injection attack? Has anyone tried replacing all strings in all their tracking cookies with "drop tables;"?

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  5. Right... by rmdingler · · Score: 2

    Who watches the Watchmen?

    --
    Happiness in intelligent people is the rarest thing I know.

    Ernest Hemingway

  6. Data by Anonymous Coward · · Score: 5, Interesting

    Does anyone know how he got the data they had on him? I'm looking at the opt out pages he listed and I don't see data recovery functions.

  7. Only Opt out of Being Reminded by Jah-Wren+Ryel · · Score: 5, Informative

    And even if they all comply with your opt-out request, it doesn't mean that they'll stop collecting data on you, only that they'll stop serving you targeted ads."

    That line is the most important part of the story. The phrase "opt out" has been redefined by the marketers. You can not opt out of being tracked, you can only opt out of being reminded that you are being tracked. That is more than useless because it defuses the people most likely to be unhappy about these trackers with a false sense of safety.

    Your only way to avoid being tracked is not to ever talk to the trackers in the first place. For the less technically inclined, the Ghostery plugin for firefox is pretty much set it and forget it. If you can handle looking underneath the hood of the internet, check out Request Policy which gives you extremely fine grained control over what stuff a webpage can pull in from other webservers. I default block all cross-site includes from other domains and white-list them on an individual basis and it really isn't too inconvenient. Besides the privacy benefits, it makes web pages load super fast when they don't have to pull in crap from 15 other servers.

    --
    When information is power, privacy is freedom.
  8. Hosts file on the router... by Holistic+Missile · · Score: 3, Interesting

    I use some domain blocking entries, plus a hosts file from http://pgl.yoyo.org/as/serverlist.php?showintro=0;hostformat=hosts on my router, with local DNS enabled. It redirects about 2500 URLs to 127.0.0.1. DD-WRT for the win! I would imagine other third-party firmware allows this, too. When I have company, they sometimes comment how much better the web pages look and how fast they load on their laptops when they use my AP. They also wonder why Facebook and Twitter don't work... :-)

    --
    When you're dead, you don't know you're dead. It only affects the people around you. Same thing when you're stupid.
  9. Tail your proxy by Nethead · · Score: 4, Informative

    I had a few users at work that were spending too much time on facebook, etc. and management asked me to block it except during breaks. So I fire up an old box and put squid on it and tell AD to force them to proxy through it.

    I then did a tail -f on the /var/log/squid3/access.log file and howdy boy do some sites have a lot of crap called when you load a page. Even our small town local newspaper site would call up about 30 different domains on each page load. Some of them would put a java script in to refresh each minute to see how long one stayed on the page.

    Now I see why I run no-script and ABP on my boxes.

    I started blocking a lot of them but real work called and I'm guessing that I only got about a third of them.

    The unfortunate thing is almost all the stuff on the web these days has a no-cache flag so running a proxy for web-cache/bandwidth reduction is almost useless. I only get about 2% cache hits.

    --
    -- I have a private email server in my basement.
    1. Re:Tail your proxy by 31eq · · Score: 2

      Yes, you can override the no-cache headers in Squid. Use a refresh pattern and ignore or override the headers the server sends to defeat the cache:

      http://www.squid-cache.org/Doc/config/refresh_pattern/

  10. Opting out just confirms your data by Opportunist · · Score: 3, Insightful

    It's not like we didn't notice yet that all sending an "opt-out" EMail accomplishes is to increase the value of your mail address because now it is confirmed to be one you actually use.

    The only way to stop trackers is to mislead them with false information and block as many tracking as you possibly can. Relying on those that benefit from tracking to comply with your requests is naive at best.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  11. Holy Crap by wibblewibble · · Score: 3, Interesting

    If you want to see Ghostery at work, try that link to the first opt-out site http://www.networkadvertising.org/choices/ with Ghostery running - the list of blocks scrolled right off the bottom of my page.

  12. Does it really matter? by lucm · · Score: 2

    I don't see what is actually the problem. Isn't that better to have somehow targeted ads?

    As for breaching my privacy: I'm just a record in billions of records for those companies. I'm pretty sure they don't give a shit about me as an individual, they care about categories and segments and groups. So what if they know which website I look at and how frequently. We are not talking about companies using my facebook pictures or my wishlist on Amazon, it's just ads.

    --
    lucm, indeed.
    1. Re:Does it really matter? by lucm · · Score: 3, Insightful

      Showing ads is fine when I am actually looking for something; no need to stalk me all the time. If I'm not looking for something I am not going to buy anything either. Oh and make it text ads only because I block everything else and I can't click on blocked ads, can I? Thanks!

      Is this a letter for Santa Claus?

      It's wonderful that you agree to see ads when you are looking for something; this is how Google makes money. But who pays for all the other websites that you visit for free? They are hosted somewhere on a server that has been purchased by someone, that has its power and cooling paid by someone, and is online because someone is paying the ISP. If you don't want paywalls everywhere, then so far the ads are the only viable solution to help those people pay for this infrastructure.

      Or maybe you are one of those people who think that because you pay $35 a month for your internet access you should get all content for free. That reminds me of a girl I knew in college who was making and selling pirate copies of movies but according to her it was legal because she was paying for the blank DVDs and for her internet connection.

      There is a serious flaw in the internet business model, everyone knows it. Ads are awful and even targeted ads have a very low conversion rate. Yet for most people there is so far no other way to make money. So why don't you stop whining like an entitled brat and instead start thinking about realistic solutions to this problem? If you find a good one you could make millions.

      --
      lucm, indeed.
  13. Those opt-out pages don't work. by drinkypoo · · Score: 2

    On the Network Advertising Initiative Opt Out Page you can ask the 98 member companies listed there to stop tracking you and on Evidon's Global Opt Out page you can give some 200 more the boot

    No, no you can't. I just tried the Network Advertising Initiative opt out page. It doesn't work. Out of 96 sites, 0 worked. I also tried Evidon. Looks like about only 80% of them can be shut off from that page. And now I have a horrible suspicion that all I've done is confirmed my existence to spammers.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"