Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stanford, Mozilla, Opera Launch Web Privacy Initiative

Posted by samzenpus on from the going-private dept.

An anonymous reader writes "Stanford Law School has kicked off a 'Cookie Clearinghouse' web privacy initiative that brings together researchers and browsers. The project aims to provide a centralized and trusted repository for whitelist and blacklist data on web tracking, much like StopBadware does for malware. Mozilla and Opera are collaborating on the initiative, and Mozilla plans to integrate it into Firefox's new default third-party cookie blocking. The leader of an advertising trade group has, of course, denounced the participating browsers as 'oligopolies.'"

20 of 65 comments (clear)

  1. It's about the right to choose by Jawnn · · Score: 5, Insightful

    “There are billions and billions of dollars and tens of thousands of jobs at stake in this supply chain,” said Rothenberg, who called the browser makers “oligopolies” with excessive power to make decisions affecting the workings of the Internet. “It should be done with stakeholders’ input.”

    Mr. Rothenberg, you keep using that word. I do not think that it means what you think it means. The "stakeholders" in this are the users of the browsers, not the web site operators. Get that part right, at least. It is my browser, not the web site operators. If I don't want it to allow me to be tracked through the use of third-party cookies, I should have that choice, just like it's the web site operator's choice to deny me access if I don't allow such tracking. It's all about choice and when it comes to what my browser should or should not do, that choice is mine.

    1. Re:It's about the right to choose by MysteriousPreacher · · Score: 5, Insightful

      And of course there's nothing stopping Rothenberg's bunch of self-entitled wastes of skin from producing their own browser! The AdBrowser could be designed with no blocking of cookies, tracking enabled by default and no blocking of Flash or pop-up windows.

      I'm sure it'd be popular.

      --
      -- Using the preview button since 2005
    2. Re:It's about the right to choose by auric_dude · · Score: 3, Informative

      EFF illustrate the scope of third party data sharing. How Dozens of Companies Know You're Reading About Those NSA Leaks https://www.eff.org/deeplinks/2013/06/third-party-resources-nsa-leaks. Noscript helps but is a bit like shutting the stable after the horse has bolted, this 3rd party stuff should not be in your browser in the first place.

    3. Re:It's about the right to choose by SJHillman · · Score: 3, Interesting

      He also seems to have trouble telling the difference between the Web and the Internet. Browsers are half the game of the Web, but just more car in a traffic jam of the Internet.

      They do have a lot of power when it comes to defining the user experience of the web, but the cool thing about browsers is that it's relatively easy for a programmer (or group thereof) to split off and make their own how they want it, so browser makers have a fair amount of incentive to give users what they want. It won't necessarily be easy, but with all of the major players pushing to follow the standards better, it's probably a lot easier now than it was for Firefox to break on the scene a decade or so ago.

    4. Re:It's about the right to choose by __aaltlg1547 · · Score: 3, Funny

      That's called Internet Explorer isn't it?

    5. Re:It's about the right to choose by denis-The-menace · · Score: 2

      It is quite popular. It's called Chrome.

      Ad-friendly features include:
      -inability to create ad-blocking add-on as good as FF's
      -Permanent built-in serial number (http://search.yahoo.com/search?p=google+chrome+serial+number)
      so that killing cookies or super-cookies is pointless.

      No word yet on Prism compatibility.

      --
      Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
    6. Re:It's about the right to choose by denis-The-menace · · Score: 2

      Let's try that Again!
      After being called out on not reading the links I posted, I did some research and it seems Chrome might be safe after all:

      http://news.softpedia.com/news/Google-Chrome-to-Remove-Unique-ID-137535.shtmlrel=url2html-8704/

      --
      Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
  2. That advertising group? by MysteriousPreacher · · Score: 4, Insightful

    The group in question is the Interactive Advertising Bureau, which is paid to rail against pretty much anything that makes it harder for advertisers to track people online.

    I don't want these shitbags tracking my browsing history, which is why I block or otherwise restrict most cookies, and block web bugs. I'm fine though with adverts - just not Randall Rothenberg's view of spying being an acceptable price for free content. Bloody hell, even his name makes him sound like some 19th century mad industrialist, busy earning a fortune from grinding childrens' bones in to cosmetics.

    --
    -- Using the preview button since 2005
    1. Re:That advertising group? by SJHillman · · Score: 4, Insightful

      I'm okay with most ads, as long as there's no music/video/flashing/excessive animation/pop-ups/pop-unders/scrolling/etc. I don't mind them tracking me within a site (IE: NewEgg displaying ads for stuff someone from my IP has previously looked at). However, when I see ads for something I looked at on NewEgg popping up on every site I visit, that just feels like stalking. I don't want the Walmart Greeter following me into Target, Sears and Big Lots just so he can keep trying to hand me the Flyer of the Week.

    2. Re:That advertising group? by MysteriousPreacher · · Score: 2

      Good analogy, and these guys seem unwilling to acknowledge how creepy this is! Even though it's anonymised, it's still stalking and building up a little profile of my online activities.

      How far does one have to go before Rothenberg considers this to be stalking? Tying to real names? Rothenberg posting his semen soaked toenail clippings through the letterbox of that girl he one day follow on the bus until she reached her home?

      --
      -- Using the preview button since 2005
  3. TIL: Adblocking in IE is actually BUILT-IN by mha · · Score: 3, Informative

    See http://superuser.com/questions/257792/how-can-i-block-ads-in-internet-explorer

    Not that I use IE, but I tried that immediately and it works great. No need to install any add-ons, it works right out of the box, you just have to subscribe to one of those lists (like in Adblock+). And the page with those lists is provided by Microsoft!

  4. Tough ... by gstoddart · · Score: 4, Informative

    âoeThere are billions and billions of dollars and tens of thousands of jobs at stake in this supply chain,â

    You know what Mr Rothenberg, we don't give a shit.

    Because also at stake is our privacy, and our right to not have some douchebag advertising company know every detail of our lives.

    I don't want doubleclick, quantserve, google analytics, scorecard research, and all of these other assholes to get a phone-home beacon on every page I visit -- which is why between my firewall and various things like NoScript/ScriptSafe, these sites are blocked.

    I don't owe you marketing data, and I'm not interested in your product. Don't act like it's your right for me to provide you this data, because it isn't.

    The advertising companies who do this are the oligopolies, Mozilla is just putting some more freedom in the hands of their consumers ... or maybe you don't like it when consumers exercise their right to be not interested in what you're selling and your just a corporate mouthpiece who is only interested in corporate freedom?

    I don't have any more sympathy for advertisers than I do for telemarketers. They can both go eat shit and die.

    --
    Lost at C:>. Found at C.
    1. Re:Tough ... by gstoddart · · Score: 2

      Well, since it involves transmission from MY computer, or pulling down from their servers (again, from MY computer)... until someone tells me I'm legally obliged to allow this to happen, I'm perfectly free to block it. So, I am well within my rights to not participate. It's also my right to tell a telemarketer to fuck off, and to set my phone to block calls with unknown caller id (because if I was supposed to care who you are, you should identify yourself to me).

      I'm not interested in their marketing crap, and I will tune it out as much as possible -- which includes not cooperating with their data gathering, and actively blocking it on my side as much as possible. Pretty much same if someone in a store asked me to fill out a survey or give them my email address -- the real world response and the digital response are the same, and that's a firm 'piss off'.

      Can you cite some 'declaration of corporate rights' which says I'm required by law to allow all of these web beacons and cookies? Because unless someone is standing over my shoulder forcing me to accept cookies under threat ... they can suck it.

      But, as I said, having these companies know every web site you visit is a terrible idea. And since I control how my browser and firewall are configured (you know, my right), you can bet your ass it's might right to block this crap.

      So until the lobbyists convince the law makers that it should be illegal for me to block their advertising attempts, I will continue to do so. And any lawmaker which agreed to that should be shot.

      --
      Lost at C:>. Found at C.
    2. Re:Tough ... by gstoddart · · Score: 4, Insightful

      In theory, they could use this in their Terms of Service and deny you service on those grounds.

      In theory, they can shove it up their asses.

      Until I see a legally binding court decision which compels me to allow this, I'm going to assume my right to tune them out and not listen still holds true.

      If a website wants to sue me for blocking their ads, and 3rd party advertiser thinks I'm breaking some kind of law by blocking this, then I will refer them to Arkell v Pressdram.

      Even if we call advertising 'speech', your right to free speech in no way compels me to listen or enable you to speak to me. I consider advertising to be in the same class the Jehova's Witnesses who come to my door -- your desire to tell me something is trumped by the fact that I Don't Give A Fucking Shit. And like I will shoo these people from my front door, I will continue to block the advertisers and other crap in my browser.

      Their desire to be heard doesn't mean I'm required to listen or allow them onto my property.

      --
      Lost at C:>. Found at C.
    3. Re:Tough ... by MysteriousPreacher · · Score: 2

      That's a definition specific to clinical psychology. That's like saying trying to tell me that resistors of political change are measured in ohms.

      --
      -- Using the preview button since 2005
  5. Re:Microsoft and Apple's stance on this by gstoddart · · Score: 3, Interesting

    Google even went to try to circumvent Safari's user privacy settings to be able to track users. Apple quickly followed with a fix.

    I'm not convinced that's true .. because if you set Safari to block 3rd party cookies, and go to a web site, you still get 3rd party cookies.

    So, whatever 'fix' Apple did seems pretty useless to me. Which is why Safari for me is used only to host Facebook -- I don't trust either of them, and if the browser never visits any other sites, there's no other information to be gleaned.

    --
    Lost at C:>. Found at C.
  6. Already exists by Anonymous Coward · · Score: 2, Interesting

    Firefox with ABP (load up the subscriptions, uncheck 'allow some advertising), NoScript (take out all the whitelisted URLs which are there by default) and Ghostery. Add in an extension which forces HTTPS.

    Stop visiting sites that make you add any of their shitware scripts to the whitelists in NoScript or Ghostery.

    There's a reason advertisers hate, hate, HATE those three plugins. It's because they are like holy water being poured on the foreheads of obese, slovenly vampires which want to devour your personal data.

  7. Turning the Tables by SirGarlon · · Score: 2

    So Rothenberg doesn't want the companies he represents to have their activities tracked and to be profiled without their consent? I seem to remember reading a rule about that. Golden something-or-other ...

    --
    [Sir Garlon] is the marvellest knight that is now living, for he destroyeth many good knights, for he goeth invisible.
  8. Flawed premisses by Hypotensive · · Score: 2
    From http://cch.law.stanford.edu/our-projects/

    If Stanford hosted all of their images on www.stanford-images.edu, but users only visit www.stanford.edu, then cookies would set from www.stanford.edu (presumption 1) but not from www.stanford-images.edu (presumption 2.) This does not make any logical sense, since both websites are part of Stanford.

    Not according to the whole way the Internet works. These are two completely unrelated domains. If you wanted the system to work for you, call your images server images.stanford.edu. Now see how simple your decision to allow or deny Stanford cookies is?

  9. Can I have... by Anonymous Coward · · Score: 3, Interesting

    a) A general end to end encryption mechanism, as opposed to the current end to server mechanism. If I send a message to Bob using FaceBook, that is between me and bob, not Bob, Facebook, NSA, CIA, or any other law breaking faction of government that might have the technical means to grab it.
    So it should be encrypted with Bob's certs, not Facebooks certs.

    b) Thunderbird to support public key exchanges like SSH does. So a public key is attached to outgoing mail, a client that supports it, records that key the first time it sees it, and from then on send to my email are encrypted with that key. i.e. removing the public certificate authority, and relying on the first key exchange to encrypt mail end to end.

    c) A HTML extension, declaring an encrypted edit field, with a second extension declaring the recipient. The browser only allows javascript and send to see the encrypted edit text, encrypted with the public key of the recipient (which you obtained on the first key exchange, see a). The edit field needs a visual indicator so we know its encrypted. So webmail can support end to end encryption.

    d) An add on to force sites like Yahoo, Hotmail and Gmail into encrypted mode. So we can webmail encrypted even if the site refuses to cooperate.

    e) Better control of certificates, I'd like to remove all the cert authorities that have a US base as untrusted (untrustable), but I'm reduced to going through them one by one. Also SSH has warned me in the past of attempts to substitute a certificate, does Firefox do the same?

    f) File send data encrypted. People upload zip files with their banking passwords, and other details, thinking they're trusting Google or Yahoo or Dropbox or whatever with a backup copy of their data, not realizing they're handing it to a Dr Strangelove. They should have an easy way to upload it encrypted with their own key.

    g) ISPs, can I have the old Deutsch Telekom trick of renewing an IP address every 2am. Making tracking more difficult.

    h) ISP's if you're putting in Super NATs can we have them using a session id, and not some constant mechanism that reveals the end point after the NAT.