Slashdot Mirror
Firefox Advances Do-Not-Track Technology
CowboyRobot writes "Despite strong advertising industry opposition, Mozilla is advancing plans to have the Firefox browser block, by default, many types of tracking used by numerous websites, and especially advertisers. 'We're trying to change the dynamic so that trackers behave better,' Brendan Eich, CTO of Firefox developer Mozilla, told The Washington Post. According to NetMarketShare, 21% of the world's computers run Firefox. Eich said the blocking technology, which is still being refined, will go live in the next few months. The blocking technology is based on that used by Apple's Safari browser, which blocks all third-party cookies. Advertisers use these types of cookies to track users across multiple websites. Mozilla's cookie-blocking efforts follow a Do Not Track capability being adopted by all major browsers. But the DNT effort stalled in November 2012, after advertisers stopped participating in the program, following Microsoft making DNT active by default in Internet Explorer 10. Advertisers wanted the feature to be not active by default."
I can update my 'do not track' tech even further. It's called Tor, and the more people who use it, the safer it becomes. Bonus: Comes with free tin foil hat, extended digital middle finger to pervasive electronic surveillance.
Captcha: Doesn't work on Slashdot, which hates Tor and has banned all the exit nodes. "Slashdot is a Dice Holdings, Inc. service." *cough*
But seriously; if they can't link you to an IP address (which let's face it: with all the DNT in the world, your IP is logged by your ISP and your ISP is only too happy to whore out your realworld identity for a few scheckles, and it's trivial to link all your activity now to you, whether you login or not, use cookies, or all the browser magic in the world.
The only tech that can help you right now is one that mixes in all your traffic into everyone else's so you can't mine the data.
#fuckbeta #iamslashdot #dicemustdie
I remember the article about MS implementing DNT by default. It was actually one of the few occasions around here where they got praised. Normally they're so anticonsumer rights they don't deserve it.
In Canada at least, Tor is awful. Because others can use your connection as well, if someone looks at child porn from behind your connection, you are guilty of distribution.
I suppose if you're dumb enough to disregard the gratuitous warnings on the download page, the application itself, the configuration file, the manual, and every internet site that offers a 'how to', all of which lay out in explicit detail what an exit node is, and why enabling one on your personal home internet connection is very bad, then you deserve a punch in the face. But you won't go to jail over it. Not even in Canada... no more than running an open wifi will. And yes, that's been to court. And yes, the guy shit bricks. But he was found guilty only of criminal stupidity.
The correct way to configure Tor in a way that helps everyone and avoids this problem is to set it up as a relay, thus any traffic that comes and goes through your system is encrypted, there is no way for you (or anyone else) to tell what its contents are, and stays within the Tor network.
But by all means, we should all just give in to having our privacy violated by corporations, governments, and anyone with slightly more technical finesse than this Anonymous Coward does... all because a very tiny fraction of the population wants to look at child porn/terrorist websites/whatever is politically unpopular this week.
#fuckbeta #iamslashdot #dicemustdie
Don't you mean browser.privatebrowsing.allowNSASpying=false?
"When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
Do Not Track was silly, being opt-in and so on. And, surprise surprise, advertisers backed out when it started getting turned on by default. Now a fire is lit under their hindquarters since Firefox and Safari (and hopefully others) will simply do away with third party cookie support altogether. Taking away an advertiser's tracking tools is the best way to fight.
Every domain name needs to be fully isolated from each other. This includes blocking link referrers (that misspelled Referer header), as well as cookies, that provide any info to one domain about another. So if you click on a link that takes you to another site, it should NOT include the Referer header at all, unless you opt in to that (which should allow opt-ing per domain).
now we need to go OSS in diesel cars
It was MS giving me what I want, and the Apache Software Foundation siding with the advertisers against me. Don't try to spin it into something different.
No. It was Microsoft making your decision for you, making it entirely justifiable for advertisers to ignore the preference entirely since it doesn't represent your preference. And more likely it had squat to do with them championing privacy and more to do with screwing over Google and other advertisers.
I'm sure a browser could pose the question with some information the first time the browser is launched to make the preference an explicit user choice.
Indeed, considering the various sociopathic methods that advertisers are willing to enact to get their message heard, regardless of whether the end user wants to hear it, I say fuck them. The DNT wouldn't be necessary if they were satisfied with an opt in set up or we had any idea as to who the people doing the tracking were. But, that isn't the case.
They've given us malware in ad banners that use code hosted on 3rd party sites, those annoying flash ads that cover content and randomly crash, the intellitext that randomly disrupts our browsing and not to mention those hidden ads that get activated when you click on seemingly blank space on a site.
I'd personally suggest that they made their bed, and now it's time for them to lie in it. But, I think they might take that as permission to lie to me if they're actually in bed.
Which is as it should be.
The website owners and advertises screwed things up for themselves by setting up a system that made it virtually impossible for people browsing the web to opt out. So, measures like this became necessary. At this point, you have to go to extremes if you don't want to be tracked, and there is no informed consent for most people, you have to be constantly following their methods if you wish to opt out. And do things like blocking 3rd party cookies, javascript, flash, constantly clearing your cache etc.
I'd rather that Mozilla not need to do this, but it's abundantly clear that the advertising industry will not stop of its own accord. We people that browse the web didn't start this war, the advertisers did, and until we get a consistent way of opting into all this tracking, this kind of method is going to be necessary.
The website owners and advertises screwed things up for themselves by setting up a system that made it virtually impossible for people browsing the web to opt out
Some clarification is necessary, for folks who dont really get how websites work.
You are going to www.somesite.com and saying "please, server, send me whatever data you have published". That site may be publishing a website with content from a bunch of advertising networks, so thats what your request gets. Theres nothing inherently evil about this, as a lot of the time those ads generate the revenue which pays the server bills. DNT is your browser saying "please send me whatever youre publishing, but try not to send the advertising stuff". Whether the server complies with (or even understands) that request is going to be up to the site operator.
Of course, as the end user, you have ALWAYS had the freedom to strip out or modify whatever content you receive; or even modify the server's response such that third-party data is never pulled in at all. This appears to be what Firefox will now do by default, and there is again nothing wrong with this except that it will change the dynamic of how ad-supported sites serve data to firefox customers; they may decide to respond by blocking browsers which block ad data.
The biggest mistake people make is thinking that site operators HAVE to cater to you, and thus that we can force them to give us their site, sans the ads. They can very well decide that you dont actually make them any money, and that you therefore wont be getting the ads OR the site. Remember that old saying, be careful what you wish for-- you want no ads, you may end up with no content either.
WOW can MS ever be the good guys here on slashdot I mean ever??
They can cure cancer and someone will bash them and find a reason it seems.
No MS never caved in. Apache did as greedy companies like Godaddy and Rackspace threatened they would go with IIS or some other web serving software if they didn't try to stomp on the will of the consumers immediately!! The standards bullshit is just that. The coders who patched it worked for advertising companies that contributed and the ISP market felt threatened customers would not be willing to pay as much to host sites if they can't generate revenue with annoying ads.
MS did nothing wrong here at all!
http://saveie6.com/
"This will simply not work - it's a technical solution to a social problem (the article mentions the oligopoly currently in place). It's also a technical solution implemented unilaterally by Mozilla."
Nonsense on both counts.
It is not a "social problem". It's a corporate and government abuse problem. Those are 2 very different things.
And it's not implemented only by Mozilla. Safari has had the feature for a while, and there have been plug-ins that do this available on various browsers for at least a couple of years.
Further, Firefox has had a setting to turn off 3rd Party Cookies for a long time now. It's just not turned on by default (yet), but most people with half a brain use it. The other problem is that this setting only blocks "regular" cookies. Flash cookies and other kinds of persistent cookies require other measures.
But I have been blocking 3rd-party "regular" cookies and javascript for quite a while. And I didn't realize just how effective it was until I turned off cookie and flash blocking recently (temporarily, for technical reasons), and was inundated by 3rd-party flash ads and cookie requests and javascripts.
They can go suck eggs. I'm a BIG fan of blocking. It makes my quality of internet life significantly better. Really, it is pretty clear by now that any form local storage without an explicit opt-in should just plain be illegal. This doesn't go that far but it's a step in the right direction.