Yahoo Stops Honoring 'Do-Not-Track' Settings

An anonymous reader writes "When web browsers started implementing 'do-not-track' settings, Yahoo got some respect for being the first of the huge tech companies to honor those settings. Unfortunately, that respect has now gone out the door. As of this week, Yahoo will no longer alter their data collection if a user doesn't want to be tracked. They say there are two reasons for this. First, they want to provide a personalized web-browsing experience, which isn't possible using do-not-track. Second, they don't think do-not-track is viable. They say, '[W]e've been at the heart of conversations surrounding how to develop the most user-friendly standard. However, we have yet to see a single standard emerge that is effective, easy to use and has been adopted by the broader tech industry.' It looks like this is another blow to privacy on the web."

Yahoo, kill yourself!

Horrible decision, a standard isn't being honored "EVERYWHERE" so you decide to undermine it entirely without replacement? What's the REAL reason, money?

Sell your assets and gtfo!

Re:Yahoo, kill yourself!

Horrible decision, a standard isn't being honored "EVERYWHERE" so you decide to undermine it entirely without replacement? What's the REAL reason, money?

Sell your assets and gtfo!

As far as I know Google doesn't honor it either on their services, but Microsoft do, which is an interesting situation

Re:Yahoo, kill yourself!

[joe_frisch]

Google and Yahoo make money by selling information that they collect from users. Microsoft makes money by selling software. The typical person is a Microsoft customer, but a Google / Yahoo product.

Re: Yahoo, kill yourself!

[Scowler]

Maybe they see the irony in maintaining a list of people who don't want to be tracked.

Re:Yahoo, kill yourself!

[nmb3000]

Horrible decision, a standard isn't being honored ANYWHERE so you decide to undermine it entirely without replacement?

FTFY.

The simple fact is that Do-Not-Track was a damned bogus idea from the outset. Saying to the massive web of advertising conglamorates and third parties -- all of which make more money the more they can identify you down to an individual -- "Won't you kindly not track me? That would just be great, thanks" is akin to asking the mob nicely not to burn your place down when you refuse to pay protection money, or calling up the NSA and asking them nicely to stop spying on your personal affairs.

If you don't want to be tracked, you need to take steps to make it happen yourself. The tools are there -- use them. If enough people start blocking all forms of advertising, perhaps the intrusiveness and privacy violation will recede. Or maybe the entire advertising industry will collapse (one can always dream).

Re: Yahoo, kill yourself!

That's not how it works, it's not a list unless they make a list. Not to mention they championed the idea and were early adopters.

Re:Yahoo, kill yourself!

[rudy_wayne]

Horrible decision, a standard isn't being honored "EVERYWHERE" so you decide to undermine it entirely without replacement? What's the REAL reason, money?

Sell your assets and gtfo!

As far as I know Google doesn't honor it either on their services, but Microsoft do, which is an interesting situation

That's because Microsoft, despite whatever flaws they may have, makes all their money selling actual products -- Windows, Office, Games for Xbox, etc.......

Companies like Google and Yahoo, on the other hand, have no actual products. Their revenue depends entirely on advertising. YOU are the product and you are being sold to advertisers.

Nothing surprising at all about Google and Yahoo not honoring Do Not Track.

Re:Yahoo, kill yourself!

[ShanghaiBill]

Google and Yahoo make money by selling information that they collect from users. Microsoft makes money by selling software.

Microsoft is losing the battle for online advertising, so they are instead trying to poison the market. In MSIE 10 and 11, the "do not track" is on by default, which means the user never actually made a decision to set it. Microsoft's original plan was to diminish the ability of ad agencies like Google to collect information. But instead, they gave those agencies an excuse to ignore the setting, since no human made a decision to set it. Some more ethical ad agencies check the browser ID and only ignore the setting if it is MSIE. Unfortunately, ethics and advertising seldom go together.

Re: Yahoo, kill yourself!

[rudy_wayne]

That's not how it works, it's not a list unless they make a list. Not to mention they championed the idea and were early adopters.

Yahoo pretended to support Do Not Track only because they figured anyone stupid enough to actually use Yahoo for anything was too stupid to figure out how to turn it on.

Then Microsoft made it on by default in Internet Explorer, still the most widely used browser and probably used by 98% of the people stupid enough to use Yahoo for anything. All of a sudden, Yahoo didn't think Do Not Track was such a good idea any more.

Re:Yahoo, kill yourself!

Of course Google and Yahoo have actual products. Just because they give access to their products in return for personal data, does not mean that that product ceases to exist.

Re: Yahoo, kill yourself!

[TangoMargarine]

Internet Explorer, still the most widely used browser

No.

http://en.wikipedia.org/wiki/I...

Re:Yahoo, kill yourself!

[CreatureComfort]

So you are arguing that privacy/security on by default is a bad thing?

Re:Yahoo, kill yourself!

[Bengie]

I agree, asking a remote server to not record the data you send it means you trust the server. If you do not trust it, then either to not use it or do not send it they data you're sending it.

Re:Yahoo, kill yourself!

Not really. What you're thinking of as a 'product' is more accurately described as 'bait'. Calling it a 'product' is akin to calling a fisher's lure or net the product, rather than calling the *fish* the product.

Re:Yahoo, kill yourself!

[B33rNinj4]

Mayer needs new drapes for her conference room.

Re: Yahoo, kill yourself!

When the privacy/security decision is left up to the advertiser, it isn't a viable solution, and is deeply flawed. The DNT header gives additional information for which your identity can be singled out with..

Re:Yahoo, kill yourself!

[joe_frisch]

Part of the problem is what I believe to be a flawed business model for marketers. They feel that they need to somehow "steal" people's information and use it to "force" adds on them. The phrase "targeted" adds suggests a hostile approach. My impression is that most people want to see informative adds for products that they might buy. If it were easy for customers to craft their on online profiles so that they would see adds of interest to them, advertisers would be able to directly provide relevant information.

Right now I'm not in the market for a car - all the adds in the world won't do any good. In a few years when I am ready to buy, I will want to see information on the types of cars that I might consider buying. The way things are set up now, immediately after I buy a car I will be flooded with car adds - despite the fact that a recent purchases is the least likely to buy again.

Re: Yahoo, kill yourself!

When the privacy/security decision is left up to the advertiser, it is deeply flawed and an unfeasible solution. Additionally the DNT header grants the tracker additional entropy for which your identity can be singled out with.

It was a really silly idea, nobody really expected these guys would honer this, even if it did have legislative backing.

Re:Yahoo, kill yourself!

[Monoman]

Privacy/Security != Anonymity

There are subtle differences depending on the interpretations.

Re:Yahoo, kill yourself!

Or maybe the entire advertising industry will collapse (one can always dream).

I think the best way to realize that dream is to hold people who advertise products to a higher level of responsibility for product liability. That is, if the advertising contains persuasive elements beyond strictly objective content, then the people advertising it are assuming responsibility for convincing customers to choose it.

Re:Yahoo, kill yourself!

[ShanghaiBill]

So you are arguing that privacy/security on by default is a bad thing?

Yes. Because, in practice, having "do not track" on by default, is the same as not having it at all.

Re:Yahoo, kill yourself!

[tokencode]

They're trying too, they're just not really good at anything though so it may take a long time...

Re:Yahoo, kill yourself!

[sjames]

Defaults should represent a best guess as to what most people will want. For once, for whatever reason, I'd say MS got it right.

If the ad agencies don't believe that to be the will of the users, they are deluding themselves. Nobody likes to be stalked.

Re:Yahoo, kill yourself!

[Ash-Fox]

Horrible decision, a standard isn't being honored "EVERYWHERE" so you decide to undermine it entirely without replacement? What's the REAL reason, money?

The standard approach is not to honour it.

Re: Yahoo, kill yourself!

[ShanghaiBill]

It was a really silly idea, nobody really expected these guys would honer this

Except that they were honoring it, before Microsoft poisoned the well.

... even if it did have legislative backing.

The laws/regulations required them to honor "user requests" not "browser settings". Once the browser setting is on by default, it no longer indicates a "user request" and there is no legal requirement to honor it.

Re:Yahoo, kill yourself!

[sjames]

Only given unethical scumbag advertisers (which makes any sort of honor system non-viable). Very few people want to be tracked by strangers. I would guess there are more people who want to be whipped until they bleed.

Re:Yahoo, kill yourself!

The simple fact is that Do-Not-Track was a damned bogus idea from the outset. Saying to the massive web of advertising conglamorates and third parties -- all of which make more money the more they can identify you down to an individual -- "Won't you kindly not track me? That would just be great, thanks" is akin to asking the mob nicely not to burn your place down when you refuse to pay protection money, or calling up the NSA and asking them nicely to stop spying on your personal affairs.

Which, I think, is sort of the point. I mean, for all the people who try to pretend that marketing and advertising is this great example of freedom of speech, and your analogies are fall into the category of nefarious, racketeering-like behavior. I mean, sure, *some* marketing and advertising is an honest effort to inform the public about a good or a good price on an extant good or just to let people know a good is still available. Yet more often than not, it's turned into some sort of scam to try to manipulate people into buying a good they neither want nor need while providing no real useful information.

If you don't want to be tracked, you need to take steps to make it happen yourself. The tools are there -- use them. If enough people start blocking all forms of advertising, perhaps the intrusiveness and privacy violation will recede. Or maybe the entire advertising industry will collapse (one can always dream).

And the mob will collapse if enough people refuse to pay protection money. No, advertisers now go for the low hanging fruit. But they've already implemented a number of tricks to deal with cross-session, long-term tracking that are just as applicable to tracking those who the "tools [that] are there". After all, advertisers are in cahoots with the web sites you visit and as such will gladly comply with requests to insert the necessary noise (specialized named standard headers from the main website host) to measure cache coherency and hence track people. They just don't it as much now because the vast majority of people don't bother.

Now, perhaps there's some tricks to avoid even these sorts of tracking--absolute no caching of anything, for instance. However, there's a very motivated group whose only purpose is to track people and if suddenly they were given a real push back against it, it's hard to believe they wouldn't take whatever steps were necessary to guarantee that tracking. I mean, look at how much effort has went into "super" cookies and other cross-session tracking when it's not at all clear tracking even matters at a fundamental level to successful advertising. Of course, the whole point is to have an "edge" to sell ad space and charge an order of magnitude higher rates. If only a few groups could do really good tracking with wide-scale tracking aversion software, I can imagine a premium of two orders of magnitude.

Simply put, your argument falls into the same trap to believing there's some sort of solution to spam. Like most things on the internet, there's generally no real solution to the problem because there's no automagic way to differentiate noise from signal and a lot of money involved to make noise look like signal.

Re:Yahoo, kill yourself!

all the adds in the world won't do any good.

Are you sure,dude? All those additive adds adds up to a lot of adds man!

Re:Yahoo, kill yourself!

[ShanghaiBill]

Very few people want to be tracked by strangers.

If you ask "Do you want to be tracked by strangers?", then of course nearly everyone will say "no".

If you ask "Do you want web services personalized to your needs and preferences?", most people will say "yes".

Re:Yahoo, kill yourself!

They could disable do not track for logged in users.

Disclaimer: Not a member of C L I T: Cabal of Logged In donottrackTrolls

Re:Yahoo, kill yourself!

[sjames]

Then it's up to the advertisers to come up with a way to personalize ads without being able to track the users. It can be done.

Re: Yahoo, kill yourself!

[DarwinSurvivor]

Next time, try reading the next 10 words.

Re:Yahoo, kill yourself!

I wouldn't mind at least not having to see GEICO commercials every 10 minutes, since I already have GEICO. I wonder how much money companies piss away on advertising to customers they already have?

Re:Yahoo, kill yourself!

Does this mean we can now start to ignore EULA's as well?

Re: Yahoo, kill yourself!

[TangoMargarine]

(still the most widely used browser) and (probably used by 98% of the people stupid enough to use Yahoo for anything)

are two different clauses. If they weren't, he would have said:

still the browser most widely used by 98% of the people stupid enough to use Yahoo for anything

Re: Yahoo, kill yourself!

[Somebody+Is+Using+My]

"On by default" is not an entirely accurate description. When you first run a version of Internet Explorer that supports DNT (IE8), or Windows 7 or 8, you are presented with several configurable options, one of which asks if you want to allow tracking by advertisers. While the "yes" radio-button is pre-selected, users do have to actively accept this choice. It is not as if Microsoft invisibly enabled this feature without alerting the users.

Admittedly, many users will just accept the defaults and press "OK", but they are still making that choice. Given the choice people generally do not like being tracked, and - although most people have been trained to just press OK - were they properly educated about the issue most would likely enable DNT anyway. Moreso, few people complain that Microsoft also includes software to avoid phishing sites (e.g., SmartScreen) which are enabled by "default" similar to DNT; these capabilities are added because the end-users find them useful. Microsoft is just protecting users from skeevy internet marketing, and just because some firms depend on this sort of underhanded tracking in no way excuses them from their deceitful practices. Features like "Do Not Track" were created because advertisers pushed too hard in one direction; now they ignore user's attempts to bring balance to the equation. I have no sympathy for the Googles and Yahoos and Facebooks; they broke the social contract first.

Re:Yahoo, kill yourself!

[interkin3tic]

I think that's wildly missing the point.

Advertisers bend over backwards to find out your interests voulontarily and send you targeted information. Google lets you know what it thinks it knows about you and, at least the last time I saw it, lets you edit it. Or at least gives you the impression that you can edit it. Fill out online surveys, etc. They try to make it VERY easy.

And yet, they're resorting to tracking why? Because the vast majority of people won't voulontarily tell advertisers what they're interested in. The heydey of spam e-mails that cost you money really left their impression on people, we hate online advertisers.

Tracking is bad because it's an invasion of my privacy, not because it leads to annoying things like ads for cars. Even if advertisers were only telling me things that were relevant and valuable, and even if the information they collected had no chance of falling into the wrong hands, it's still not something I allowed, and I never will allow it if I can help it.

Re:Yahoo, kill yourself!

What Microsoft said publicly was that they did a survey of users and 85% said that they wanted do not track on by default. Maybe Microsoft just passed out that survey because they suspected that they would get the result they wanted but I think the result is still valid.

Re:Yahoo, kill yourself!

[joe_frisch]

I don't think the tools are well known. For instance I didn't know I could get at my google info.

A more serious problem is the lack of trust. There is a concern that you will only be able to add information, not remove it, and your spam levels will just increase. (this may not be true, but its a valid concern).

Re: Yahoo, kill yourself!

jesus dude, you look for any specious reason to shit on microsoft don't you?

Re:Yahoo, kill yourself!

[Krojack]

For all we know Microsoft could be tracking us via the OS. if it was true someone would have found packet traces by now but who knows, but in theory it could be done. I'm also going to bet MS tracks everything done via Xbox Live. That's some good info right there to sell to gaming companies and now upcoming video streaming.

Re:Yahoo, kill yourself!

[AC-x]

Microsoft is losing the battle for online advertising, so they are instead trying to poison the market. In MSIE 10 and 11, the "do not track" is on by default, which means the user never actually made a decision to set it

It's on by default, but it is also part of the setup questionnaire when you first start up Windows 8 so it's not like the user isn't presented with the choice...

Re:Yahoo, kill yourself!

[LordLimecat]

Its not being honored because some geniuses decided that it would be a great idea to make DNT a default setting-- which made it UTTERLY PREDICTABLE that websites would eventually stop honoring it.

Good call, though guys. We won the ideological fight by making it the default, even if practically speaking we shot ourselves in the foot. Now we can continue to criticize Firefox and Chrome for defaulting DNT off, and praise IE for singlehandedly tanking the idea!

Re:Yahoo, kill yourself!

[kumanopuusan]

"Do not track" was supposed to represent the user's preference. MS turned it on by default and broke the standard, which is SOP for them.

Re:Yahoo, kill yourself!

[Cragen]

I disagree. I would say "no" to being tracked for any reason, if I have a choice. I do NOT want web services to "personalize" my needs and preferences. I am a big boy and do not need your help, nor your attempts to route my attention, however small that period of attention span is.

Re:Yahoo, kill yourself!

There's a difference between selling ads and selling information. Some information can leak about you because a retailer may see at checkout time that you saw an ad and infer you were probably in the targeted group, so there isn't a foolproof wall between sellling ads and sellling information, but the ad market operated by Google or Yahoo is still completely different from flashlight apps that upload your contacts or farming games that dig through your Facebook data with the same level of access you have yourself, but in these case the information isn't going to a responsible company with a reputation to lose, so you rabble give it a free pass and mewl on about web ads.

Wake up, sheeple! Are you really trying to make the world better, or just get attention for yourselves? Based on what you choose to complain about and choose to ignore, I think you're maximizing for attention, just like the pollies and corporate shills behind this bullshit-dodgeball game.

Re:Yahoo, kill yourself!

[Grishnakh]

You just don't understand the bit about "most people", do you?

Re:Yahoo, kill yourself!

I don't think the tools are well known. For instance I didn't know I could get at my google info.

A more serious problem is the lack of trust. There is a concern that you will only be able to add information, not remove it, and your spam levels will just increase. (this may not be true, but its a valid concern).

Of course not. Because then people would be able to put in fake information. And they would, too.

And then Google would have to come up with all new algorithms to weed out the fake responses to ensure their data was accurate.

You can't lie about what you looked at. If you looked at car dealer's websites, then you looked at them. That information Google can sell to car dealers. If you just told Google you were interested in cars, they'd still have to determine if you are who you say you are, which would require tracking, and that you're telling the truth about being interested in cars, which would require tracking, and that 6 months or 1 year down the line since you forgot to go back and update Google, Yahoo, and every other advertiser about your preferences, that you were still interested in a car... which would require tracking.

And even after all of that work to find out whether or not you're interested in cars, when you next visit a site and Google has to decide which ad to show you, whether that is a car ad or not, they first have to know who you are... which requires tracking.

In short, there is not even the slightest incentive to allow you to control what they know about you.

Re:Yahoo, kill yourself!

Or maybe the entire advertising industry will collapse (one can always dream).

In that case, who would pay for content? Maybe folks could kick in a percentage of what they're saving by torrenting Game of Thrones instead of paying for it.

Re:Yahoo, kill yourself!

The entire point of all of this tracking, at least as far as advertisers are concerned, is to figure out that you might want a car, so as to advertise cars to people that are looking to buy them.

"Targeting" isn't a hostile approach. All it means is trying to figure out what ads are most relevant to you. Advertisers pay to put an ad in front of you. It is much more cost effective to show you an ad you will be interested in.

Re:Yahoo, kill yourself!

Because the POTUS wants to know.

Re: Yahoo, kill yourself!

[quonsar]

jesus dude, you look for any specious reason to shit on microsoft don't you?

No reason is required to shit on Microsoft. Microsoft *is* shit, coated in a frothy shit frosting, with shit sprinkles liberally dusted on top of that shit. Clearly, you don't know shit when you see it.

Re:Yahoo, kill yourself!

[Sloppy]

So you are arguing that privacy/security on by default is a bad thing?

Nobody's arguing that. The mistake is in thinking of DNT with a privacy/security mechanism. If that's what it were, Microsoft's decision would be defensible or even good. But DNT is something totally different. I'd argue two things:

1) DNT is for expressing a user's preference. Not even just a preference, but the user's preference. It is impossible for any application's default setting to express a user's preference for anything. (Your editor can default to a white background, but it can't, out of the box, honestly tell other people that YOU prefer swiss cheese over provolone. The person who wrote your editor might have some strong opinions and could even show some polling information, but in the end, he doesn't really know what kind of cheese you want. He can only take a guess.) MSIE's default DNT:swiss header is a communication between a web server and Microsoft Corporation, rather than a communication between a web server and a user.

Yes, a DNT:swiss default is a bad thing (just as bad as a DNT:provolone default). By doing that, Microsoft undermined DNT and helped the ad industry justify ignoring it. If you're a user, you should be angry at MS about this (at least so far as DNT is important at all).

2) DNT is nearly useless for protecting a user's security. If you want security, then you must deny capability to your adversary, or put costs on things, not merely politely ask him to behave in a certain manner. That means having your browser not initiate certain connections, or not send certain things (or send noise) over those connections, or .. whatever.

I have to say "nearly" useless because at least DNT could signal that some users care, but just don't care enough to stop sending intell. But it looks like this subtlety was lost on .. damn .. nearly everyone, I think.

Up to now I've thought of DNT as a basically good idea (a weak one, but still positive), but maybe it's time to accept that if nobody understands DNT then it can't possibly communicate anything meaningful.

Re:Yahoo, kill yourself!

[x_t0ken_407]

Ditto. Unfortunately, methinks by "most people", ShanghaiBill is referring to the general population and not those of us who are either (a) not technologically-illiterate and/or (b) don't have our heads up our asses.

Re: Yahoo, kill yourself!

It was a really silly idea, nobody really expected these guys would honer this

Except that they were honoring it, before Microsoft poisoned the well.

... even if it did have legislative backing.

The laws/regulations required them to honor "user requests" not "browser settings". Once the browser setting is on by default, it no longer indicates a "user request" and there is no legal requirement to honor it.

Microsoft conducted and published research that showed that more than 80% of users wanted this on. So having it as a default is honoring the wish of an overwhelming majority of users. And not being tracked should be the default state, and users could opt in to personalization if they want to. Microsoft set this default the way defaults should be set.

And btw, there where multiple articles at the time quoting major ad and publishing executives on that they had no intention of honoring DNT anyway. So trying to blame their actions on Microsoft is misguided.

Re: Yahoo, kill yourself!

This.

Re:Yahoo, kill yourself!

[Ol+Olsoc]

weak one, but still positive), but maybe it's time to accept that if nobody understands DNT then it can't possibly communicate anything meaningful.

Tracking has proven to be an excellent way to serve me up advertisements for things I have already bought.

Re: Yahoo, kill yourself!

[Blue+Stone]

>While the "yes" radio-button is pre-selected, users do have to actively accept this choice.

So ... on by default, by your own admission.

And there's the rub. DNT might have been a little lame, but it was something of a truce between scumbag advertisers and browser makers based on that one condition: not on my default - and yes, that means not pre-selected as being on, whether that option is shown to the user or not.

Microsoft broke the treaty and now, what little benefit DNT gave, is going, going, gone...

Re:Yahoo, kill yourself!

[khellendros1984]

Change "web services" to "targeted advertising" (i.e., get rid of the marketing obfuscation), and most people will say "no" again. If you don't clearly tell someone who you're giving their information to and for what purposes, then the "yes" that they give isn't exactly informed consent.

Re:Yahoo, kill yourself!

[Darinbob]

I have Yahoo mail via my ISP. Thus, Yahoo ALREADY is making money by serving me email on the web, they do not need to go further and sell information or serve me inane advertisements (which I never see anyway). This is like cable TV, pay them lots of money and then still have to put up with ads and shitty service.

Re:Yahoo, kill yourself!

[Darinbob]

Bogus or not, do-not-track was an indication of customer desires, and Yahoo is explicitly saying that they don't care about what the customers want and that they will invade our privacy instead.

Re:Yahoo, kill yourself!

It's on by default, but it is also part of the setup questionnaire when you first start up Windows 8 so it's not like the user isn't presented with the choice...

I'm running Windows 7 with IE11 and Do Not Track is enabled for me. I never set it that way, and I'm pretty certain I was never asked about it.

Re:Yahoo, kill yourself!

With Yahoo no longer honoring Do Not Track, I have set the Do Not Use Yahoo flag on my computer. (That is, I have blocked their domain, so they have, in my case, nothing to track.) I don't generally use Yahoo for anything anyway, except when a news story links accidentally to it. The only other way I use Yahoo is that I have edited my Mac's /etc/hosts file so that I can set Yahoo as the default search engine, and have hosts redirect any attempt to search the web using Yahoo to search the web, in fact, using DuckDuckGo. I love it!

I would still just use something besides Safari but Firefox is getting to be such a pain in the ass. Firefox 359.0.1? Firefox 11,000,003? Firefox 2^1238481? All coming soon! Quit fixing what already works! But I digress. Just don't use Yahoo. Solved.

Re:Yahoo, kill yourself!

You just don't understand the bit about "most people", do you?

You mean the 85% that said that they wanted DNT on when Microsoft researched it before setting the default?

Re:Yahoo, kill yourself!

weak one, but still positive), but maybe it's time to accept that if nobody understands DNT then it can't possibly communicate anything meaningful.

Tracking has proven to be an excellent way to serve me up advertisements for things I have already bought.

This is, at least partly, intended and something advertisers are happy with. Research show that people who are most receptive to an ad for a product are people who just bought it and are (often subconsciously) looking for affirmation of their choice. Targeting these customers build repeat customers. A lot of Apple advertising fx is intentionally targeted at existing Apple customers. Even if you just bought the new iPhone 5, Apple continuing to convince you that you made the right choice make you more likely to be happy with it and buy the iPhone 6 too.

Re:Yahoo, kill yourself!

[Ol+Olsoc]

This is, at least partly, intended and something advertisers are happy with. Research show that people who are most receptive to an ad for a product are people who just bought it and are (often subconsciously) looking for affirmation of their choice..

It also prodded me to install adblock and noscript.

Re:Yahoo, kill yourself!

It's on by default, but it is also part of the setup questionnaire when you first start up Windows 8 so it's not like the user isn't presented with the choice...

I'm running Windows 7 with IE11 and Do Not Track is enabled for me. I never set it that way, and I'm pretty certain I was never asked about it.

Then you either didn't notice it when clicking through dialogue boxes at install (it is there), or you choose to skip all choices with "express settings" (which tells you what it sets).

Re:Yahoo, kill yourself!

It didn't "break the standard," you yob, any more than having it off by default would have.

Re: Yahoo, kill yourself!

Entirely wrong. The user chose to install/use that software. The default settings are part of the software, and thus are _entirely_ the user's choice. Please learn to step back and look at what's really true, rather than forcing your preference for a certain outcome onto the facts and changing them into fiction.

Re: Yahoo, kill yourself!

I do want targeted advertising. I don't need herpes medicine, I'm not interested in hearing how many minutes it takes to get a car insurance quote, I'm not interested about talking with my doctor if poopyZed is the right medicine for me, and I'm not buying a pickup truck even if it can tow mount everest. But I do have other interests and needs and if somebody can hook me up with a cool product or supplier that can help me with what I actually want, then that would be awesome.

Re: Yahoo, kill yourself!

[mysidia]

Microsoft conducted and published research that showed that more than 80% of users wanted this on. So having it as a default is honoring the wish of an overwhelming majority of users.

It DOESNT matter what 80% of users wanted.

This was not a negotiation.

Advertisers were not and are NOT willing to accept no tracking as a default.

They will use ANY and all means at their disposal to circumvent any implementation of "no tracking as a default"

Re:Yahoo, kill yourself!

Here's what the author of the spec said. I doubt you have more insight into the true meaning of the standard than he does.

The fact that it was default off is old news. Go be retarded somewhere else.

Re:Yahoo, kill yourself!

[mysidia]

If the ad agencies don't believe that to be the will of the users, they are deluding themselves. Nobody likes to be stalked.

The ad agencies are unwilling to accept the will of the users until explicitly stated.

It's not merely about not tracking users who merely PREFER not to be tracked.

It's about not tracking users who SO STRONGLY reject tracking, that the user is willing to explicitly go through extra work to OPT OUT or state their preference.

Anything that has been relaxed to a default state: advertisers will not be willing to honor.

They are paying for all this, by the way --- without advertisers, much of the internet would implode.

Re:Yahoo, kill yourself!

[sjames]

The ad agencies are unwilling to accept the will of the users until explicitly stated.

In actuality, not even then. How many people sign up for the do not call list and still get called? Before that, how many were hung up on the instant it sounded like they were going to request not to be called again. How many were removed from the call list for a grand total of 2 seconds?

Advertisers were ignoring the do not track flag before IE made it a default. All IE did was give them one more excuse.

And note, this isn't a do not advertise flag, it's a do not track flag. Advertising got along just fine for a long time without stalking people.

Re: Yahoo, kill yourself!

They will use ANY and all means at their disposal to circumvent any implementation of "no tracking as a default"

Many of them said they would circumvent DNT regardless. And some came up with an inane interpretation that complying with DNT meant just to stop serving targeted ads but not stop the actual tracking and data collection! (Advertisers Never Intended To Honor DNT)

It is amazing how much Slashdot has fallen for ad company anti-privacy fud just because Microsoft might be on the other side.

Re:Yahoo, kill yourself!

The ad agencies are unwilling to accept the will of the users until explicitly stated.

Actually, they clearly communicated that they in practice wouldn't accept it regardless of user choice.

The interpretation of a majority of ad networks was that even with DNT explicitly set by the user, they could continue to track, collect, store and monetize data -- but just stop serving the targeted ads to that user (Advertisers Never Intended To Honor DNT), which is so bizarre that it is almost funny.

What is not so funny is seeing Slashdot eat up ad agency fud on this just because Microsoft might be on the other side.

Code words for...

[FlyHelicopters]

That is corporate speak for, "we decided we could make more money this way, so here is a bs reason for us to change, when we really just want more money."

Re:Code words for...

That is corporate speak for, "we decided we could make more money this way, so here is a bs reason for us to change, when we really just want more money."

Ahem. Allow me to clarify what is really being said here.

Hey Morons,

We make a shitload of money off "personalizing" every thing you do and every click you make online.

If you don't like it, tough shit, because we're all doing it to you to make money, and don't want to give you a choice.

Fuck you Very Much,

- Every 'Free' Provider Ever

Enjoy your free services.

Re:Code words for...

[NewWorldDan]

It was a dumb idea anyway. Asking a web server to honor the "do not track" setting is like asking my dog to guard a plate of cookies. If you want this to work, you've got to control privacy from the client, somehow. Alternately, you need a legal remedy of some sort.

Re:Code words for...

doesn't surprise me that yahoo would ignore DNT... they crave user data, just like any other large web site.... hell, they also **REQUIRE** a mobile phone number on sign-up these days.

Re:Code words for...

Yeah, because web servers are autonomous beings that do whatever the hell they want. If only they could be configured.

People still use Yahoo?

[genner]

Anyone savvy enough to care about this issue stop using Yahoo long ago anyway.

Re:People still use Yahoo?

[knotprawn]

I know some people who still use Slashdot

Re:People still use Yahoo?

In other timely news, AOL just called - You've Got Mail! (tm)

Re:People still use Yahoo?

[Taelron]

I wish I had mod points today... I was going to ask the same thing. Yahoo search stopped being relevant 6 or 7 years ago...

Re:People still use Yahoo?

[ShanghaiBill]

Anyone savvy enough to care about this issue stop using Yahoo long ago anyway.

You are equating "care about this issue" with "don't want to be tracked". That is not always true. I care very much about my privacy. But, in most cases, I want to be tracked. I get a more personalized experience, and I see fewer ads that are irrelevant to me. When I want privacy, I open a new private browser window. There is a tradeoff between privacy and personalization, and not every informed user wants, or should want, 100% privacy 100% of the time.

Re:People still use Yahoo?

I know some people who still use Slashdot

Cowards!

Re:People still use Yahoo?

[AvitarX]

Yes, thank you.

I agree 100%, I see ads of things I actually want, from brands I don't know.

The google cards on my phone are great, finding information about products I searched for, and news updates about subjects.

The personalized experience is fantastic.

Re:People still use Yahoo?

[marcello_dl]

Track beta!

Re:People still use Yahoo?

[AmiMoJo]

The ads are not "relevant" to you, they are what advertisers want you to see. If you are a young male expect lots of scantily clad women waving stuff in your face. If you are a mother you will probably be hit with more "one weird trick to shed pregnancy pounds" or Jezebel ads. Six months after you buy a car you will still be getting ads for them.

The advertisers don't have enough information to to give you really relevant ads. Many of the most relevant products might not even be advertised on Yahoo anyway. All they have are some vague and out of date indicators and some stereotypes to work with.

Best thing to do is block ads and just google when you want something. The best possible ad is a large number of positive reviews from reasonably independent sources, like Amazon users or people posting on forums. If your product is good and your company is reasonably social advertising is free. If your product is shit advertising costs money and I don't want it anyway.

Re:People still use Yahoo?

[ScuzzMonkey]

The ads are not "relevant" to you, they are what advertisers want you to see.

Those things aren't mutually exclusive.

The advertisers don't have enough information to to give you really relevant ads.

Then isn't the solution, if you want what the GP professes to want, less privacy?

Best thing to do is block ads and just google when you want something.

Ironic that you're citing one of the biggest data-aggregating advertisers out there today as a relevant source, when you appear to be arguing against exactly what they are doing to present you with those results.

Re:People still use Yahoo?

[DarwinSurvivor]

And yet are still one of the largest email service providers in the world.

Re:People still use Yahoo?

[sinij]

Please, nobody want to see ads. There are people who blocking them, and there are people who don't know how.

Re:People still use Yahoo?

[sinij]

Exactly! Ads are mostly about manipulation, not providing you with information.

For example, you don't drink coke because you like sugary carbonated drinks, you drink it because you now unconsciously associate sugary carbonated drinks with Coke. This way when it is time to pick your beverage, instead of cognitively-intense process of evaluating available choices you default to "the usual". Every time you are blasted with Coke ad this connection gets reinforced... you do you think there anyone left on Earth that still has to be informed about existence of Coke?

Re:People still use Yahoo?

[sinij]

Ads are not about informing you, they are about manipulating you. Otherwise, why would Coke keep advertising? Do you think there anyone left that is not aware it exists?

Re:People still use Yahoo?

and as I don't want to be tracked by every fucking yahoo and dipshit online nor want to have my bandwidth wasted by every god damn tom, dick and harry that wants to infect my computer, I use a hosts file that's as complete as possible since it works across multiple browsers and applications. If the site is in the file, it's blocked at the network layer before even leaving the system. Very nice as I don't always trust the apps on my computer.

Ironic that the captcha = guardian

Re:People still use Yahoo?

[chihowa]

So why not make the tracking opt-in, so that you can choose to be tracked and everybody else can also get what they want?

You could even go and set up accounts with all of the tracking agents so that you can tweak your profile and ensure that you're getting the most targeted ads. Doesn't that sound better to you? A requirement to opt-out of intrusive marketing is bullshit.

Re:People still use Yahoo?

Please, nobody want to see ads. There are people who blocking them, and there are people who don't know how.

I offered to block ads for my dad and refused. He wanted to see the ads. He also gave his checking account number to one of the "ads" which say his computer was infected. But still, it only takes one person to prove your claim that nobody wants to see as wrong.

Re:People still use Yahoo?

Without the ads, how would we remember we are thirsty? How would we remember which beverage will make us happy? We need those ads!

Re:People still use Yahoo?

[Darinbob]

Not much choice here, as my ISP uses Yahoo as their webmail service. So reading the same email at work and home means webmail is a useful service for that, also useful if I want to read email from a remote location. I'd like to dump it but I can't easily do it (and no, I don't want lots of advice on using imap and a local mail client or how to get an android mail reader that doesn't suck).

Re:People still use Yahoo?

[toddestan]

Dude, you should change your password because one of them is posting with your account!

Surprise, anyone?

[Gaygirlie]

Has it ever been a surprise to anyone that a measure that service-providers must voluntarily follow would not be followed? I mean, if by not following the measure you can generate more cash than by following it then why would you choose to do it, especially if no one else does it either? No, do-not-track was doomed all the way from the beginning.

Re:Surprise, anyone?

[Sockatume]

There's no technological barrier to ignoring robots.txt, yet Google, Yahoo and the rest obey the standard meticulously. Does this mean that my own right to privacy is given less regard than a web server's?

Re:Surprise, anyone?

[TheRealMindChild]

Not obeying robots.txt can land you into a never ending spiral of following links to the same content with different URLs

Re:Surprise, anyone?

[An+Ominous+Coward]

Commercial search engies must skate a fine line between fair use and copyright violation. There is at least some potential that ignoring robots.txt could land them in legal trouble.

At the moment, lacking contrary legislation, user-identifiying information that is transmitted to a server is considered property of that server owner. If there was legislation defining that information as property of the user, much like Canada (among others) defines metered electricity usage information as belonging not to the utilites but to the resident, then Do-Not-Track might have some teeth.

Even then, though, it's probably a lot harder to legally demonstrate a violation of that setting than showing a search engine has cached a page it wasn't given permission to cache.

Re:Surprise, anyone?

[Bengie]

Not honoring robots.txt could land them in a DMCA issue, while tracking you is just recording facts.

Re:Surprise, anyone?

[Wikipedia]

I'd like to see a lawsuite concerning crawling information in robots.txt. I don't think it would stand up, it's a voluntary, community-created standard. It's a polite way of saying "this is dynamic information or private". If it's private, then don't make it public! The first things hackers and pentesters do is traverse robots.txt

Re:Surprise, anyone?

> Has it ever been a surprise to anyone that a measure that service-providers must voluntarily follow would not be followed?

Yes, actually. Normally, when an industry adopts a "voluntary" code of behavior, it's to avoid regulation.

Regulators start thinking: "this is a little out of control, maybe there should be restrictions." The industry catches wind of this, and rather than being faced with outside regulation, they "voluntarily" develop their of code of conduct. Then when the regulators show up, the industry says "there are already codes and safeguards in place," and since the regulators dont know how the industry really works, they say "whelp, I guess that's all under control then."

See: Doctors & Lawyers. They are "regulated" by their own internal bodies (conveniently made up of and controlled by themselves so that whatever "regulation" is in place always favors them).

Simple enough to fix

[JudgeFurious]

Yahoo stops using "Do-Not-Track" and in response people who care about it implement "Do-Not-Yahoo". These things tend to work themselves out over time.

Re:Simple enough to fix

Yahoo stops using "Do-Not-Track" and in response people who care about it implement "Do-Not-Yahoo". These things tend to work themselves out over time.

The same people also need to implement "Do-Not-Google" for the same reason.

Re:Simple enough to fix

[ThatsNotPudding]

Yahoo stops using "Do-Not-Track" and in response people who care about it implement "Do-Not-Yahoo". These things tend to work themselves out over time.

You may remember exactly every service you use(d) that had a Yahoo email account as the main or fallback address, but the majority of folk out there don't. Admittedly, some of the fault is their own, but they are locked-in to a service that has now decided to abuse them for cash.

Re:Simple enough to fix

I implemented the "Do-Not-Yahoo" back in 1995.

Re:Simple enough to fix

Yahoo was the replacement for AOL. nuff said.

I am willing to sacrifice.

[Payden+K.+Pringle]

I am fine with sacrificing user friendliness for my privacy. Do not track me or I won't use your services. I have two yahoo emails which incidentally are used as account/spam dumps. I won't even use them for that if this is how Yahoo has chosen to do things.

Re:I am willing to sacrifice.

[jmd]

Funny..my Yahoo account is a spam dump too.

I find it comical that when I empty my spam folder an advertisement pops up in the window. Sad

My Standard

[Banichi]

>'we have yet to see a single standard emerge that is effective, easy to use and has been adopted by the broader tech industry.'

Here is my 'standard'; NoScript and AdBlock Plus.

Re:My Standard

[Luckyo]

Ghostery does it much better with less overkill that noscript tends to be guilty of.

Re:My Standard

[Maxo-Texas]

You also probably want Better privacy too. It gets rid of supercookies.

Hopefully some more ideas will come out of this thread.

Re:My Standard

You can use both and if "overhead" is slowing you down that much as a result, you need a new computer, not a new plugin.

Re:My Standard

[geminidomino]

Just a suggestion: Consider replacing Ghostery with Disconnect. Ghostery embraces the Dark Side

Re:My Standard

[SeaFox]

You could also use Ghostery but not enable the data sharing feature mentioned in that article.

Re:My Standard

RequestPolicy

Re:My Standard

Thank you. I've been using Ghostery for a while, and will be switching immediately.

Re:My Standard

[Luckyo]

I'm talking about the fact that noscript blocks too many page elements.

Not that it's taking too many system resources.

Re:My Standard

[Luckyo]

Or you can just uncheck the box?

Re:My Standard

Nothing to that nature was under the options.

Re:My Standard

[Luckyo]

Tools > ghostery > manage ghostery options > unckeck "enable ghost rank".

It's the first god damn check box on the options page. You have to really not want to see it to miss it.

The WWW is dead.

First, they want to provide a personalized web-browsing experience, which isn't possible using do-not-track.

But the user clearly does not want a personalised web-browsing experience.

Ghostery, Secret Agent, CS Lite and NoScript are essential today, and nobody should EVER go online without those, or some equivalent. Let them personalise that.

The Web has been hijacked and is now fundamentally broken. It is being transformed into a locked-in content delivery platform, something like cable TV with a camera that records your every movement. It needs to be handled with gloves and goggles, like you would when accessing a chemical weapons research facility.

We'll need to develop another Internet, this one has been taken over by marketroids and is beyond saving.

Re:The WWW is dead.

First, they want to provide a personalized web-browsing experience, which isn't possible using do-not-track.

But the user clearly does not want a personalised web-browsing experience.

Ghostery, Secret Agent, CS Lite and NoScript are essential today, and nobody should EVER go online without those, or some equivalent. Let them personalise that.

The Web has been hijacked and is now fundamentally broken. It is being transformed into a locked-in content delivery platform, something like cable TV with a camera that records your every movement. It needs to be handled with gloves and goggles, like you would when accessing a chemical weapons research facility.

We'll need to develop another Internet, this one has been taken over by marketroids and is beyond saving.

Wasn't Ghostery bought by a marketing firm?

Re:The WWW is dead.

The Web has been hijacked and is now fundamentally broken.

We'll need to develop another Internet, this one has been taken over by marketroids and is beyond saving.

And you've just made the same rookie mistake as many, many before you.

Repeat after me: The web is not the internet. The web is not the internet. The web is not the internet.

The web is a marketing-infested public urban shithole scarring the landscape of the internet, but it's not the internet itself. There are 65535 more ports (ok, only 65534 if you count 8080 as a valid alternate for a public-facing site) for services to talk on. There are a near-infinite number of possible protocols, services, and things to do. Just because the vast majority of clueless plebes have decided to colonize one service does not mean the end of the internet.

It would be trivial to set up a "dark web" that would work exactly the same way as the current one but uses an agreed-upon alternate port. All the "cool kids" would be doing it within a few nanoseconds, and you'd probably have a year or two of peace before the marketing twats took over. Then you just move back to good-ol' port 80 and repeat.

When you want to shake the marketer-assholes for a longer period of time, you just change the protocol. It'll take them years to figure out how to fuck up Not-HTTP-But-It-Does-The-Same-Thing-And-Uses-Lua-Scripting-Instead-Of-Javascript. And when that gets taken over, or before then if you're smart, you'll create Not-HTTP-But-It-Does-The-Same-Thing-And-Uses-Brainfuck-Instead-Of-Lua. The "sheep" will follow, and the marketers will have to change their shit up again. This will cost them money and time. And eventually, they'll give up because, hell, what's after BrainfuckScript? Do they really want to find out?

CAPTCHA: quagmire. Because catching marketer-asshats in a quagmire is an art form us techies should be proud of. Also: "giggity".

Re:The WWW is dead.

[rudy_wayne]

First, they want to provide a personalized web-browsing experience, which isn't possible using do-not-track.

But the user clearly does not want a personalised web-browsing experience.

Nobody can give me a "personalized" experience unless they can somehow read my mind.

Do I want to constantly see ads for XYZ just because I once searched for XYZ or once visited the XYZ website? Fuck You Yahoo, Google and anyone else talking about a "personalized web-browsing experience"

Re:The WWW is dead.

With almost all consumer ISPs blocking all ports except the few needed for basic service (web, email, ssh) you're going to have a very difficult time creating another internet on the existing world wide web. Even self hosting a web site is extremely difficult on certain ISPs. Once the ISP notices they block that port (if you found one that wasn't blocked) and then you need to switch to another unblocked one. Many filtering packages automatically filters home IPs so people can't even view your site as it's automatically blocked as spam.

Re:The WWW is dead.

[westlake]

But the user clearly does not want a personalised web-browsing experience.

The geek may not want the personalized browsing experience. But the geek doesn't speak for everyone.

The Web has been hijacked and is now fundamentally broken. It is being transformed into a locked-in content delivery platform, something like cable TV

What did you expect to happen when hundred of millions of people with no preconceptions of what the web and the Internet "should be" began purchasing broadband services? You can't even assume anymore that a user is accessing the web through a general purpose computer and browser ---

and not an HDTV, WiFi Internet radio, e-book Reader, video game console, smartphone, tablet or some other device.

We'll need to develop another Internet, this one has been taken over by marketroids and is beyond saving.

Go for it.

But you are building nothing but an echo chamber, a walled garden for the geek.

Nothing but a bubble --- and bubbles burst,

Re:The WWW is dead.

[AvitarX]

I want a personal experiance.

I like my Google cards on my phone, I like ads for things I am shopping for from smaller companies I've not heard of.

Re:The WWW is dead.

Let's bring back gopher.

Re:The WWW is dead.

Indeed. Remember the cocept of "the long tail." This was supposed to be the idea that the internet can reach so many people that you can profit from selling rare specialty goods. That worked for a while but now things are getting increasingly homogenized. It's amazing how often I search for something that's a little bit unusual and can't find it anywhere on the internet. They are only interested in anticipating what you want to buy based on their surveillance and matching it to someone who is paying for advertisements. The stuff I really want to buy is "optimized out of the search engines.

Re:The WWW is dead.

The geek may not want the personalized browsing experience. But the geek doesn't speak for everyone.

In this case Yahoo is already speaking for everyone, so I would invite the geek to speak up.

Re:The WWW is dead.

[squiggleslash]

But the user clearly does not want a personalised web-browsing experience.

Speak for yourself.

I do want to see ads that aren't offensive to me, and might even be for things I'm interested in. The tracking cookies by the major advertising sellers are designed to do that. And I don't see a privacy issue in having some of my web history stored in a computer that only gives indirect answers to what's in it along the lines of "Would the user with cookie abcdefghij most like to see an ad for chocolate, tampons, or diarrhoea medicine"?

Now, in theory there's a solution that would keep everyone happy. You have webbrowsers provide some sort of flag to servers saying "This person has positively confirmed they do not want their information stored, even harmlessly, even in a way that would benefit them, when it comes to ads." It would be set if the user was asked a fair question, along the lines of "Would you like remote servers to store some information about your browsing history so that any ads you can see are more likely to be relevant to your interests?"

Unfortunately, when someone tried to implement exactly this, some idiots at Microsoft, cheered on by the braying "We don't understand this but it's vaguely related to privacy" mob, decided to send this flag claiming that the user of the webbrowser didn't want the personalized ads, regardless of whether they'd even been asked. The result was that the flag became meaningless, and companies like Yahoo have decided to ignore it.

Why is it a lot of political campaigns seem to be designed to shoot the campaigners in the foot?

Re:The WWW is dead.

But the user clearly does not want a personalised web-browsing experience.

The geek may not want the personalized browsing experience. But the geek doesn't speak for everyone.

The point is that the user who enabled Do Not Track doesn't want it. Yahoo is saying "we want to give it to you anyway, so we'll just ignore that you said no".

Re:The WWW is dead.

But the user clearly does not want a personalised web-browsing experience.

Speak for yourself.

(S)he's speaking for users who enabled Do Not Track. If you didn't, then that's fine, Yahoo can give you whatever "personalised" crap they like.

Privacy only works when it's in your own hands

[gsslay]

The problem with "do not track" is that it was entirely up to the website to honour the browsing session. Most don't. And the ones that you'd reallywant to not have track you are the ones that really ignore it. It's therefore useless.

It's like a system of street privacy that relies on people being trusted to close their eyes when you walk by. Just because you ask them nicely. People will look, and you can't stop them.

If you want privacy you have to be the one in control of what is being revealed. You can't rely on others to keep your privacy for you.

Re:Privacy only works when it's in your own hands

[jones_supa]

Indeed, I always thought "do not track" was a silly feature. I can ask the website to not track me, but how can I ever know what actually happens behind the scenes. If we really want such feature, the browser must somehow make me impossible to track.

Re: Privacy only works when it's in your own hands

[BeNude]

Ghostery FTW.

Re:Privacy only works when it's in your own hands

[wile_e8]

This is why I've never bothered with do-not-track settings. Not only is it wholly unenforceable, but it seems like a giant "Look at me!" sign. Given that the vast majority of people don't even know do-not-track exists and never change the default settings on any program, surfing with the do-not-track flag on seemed like a great way to tell the people I really don't want tracking me that I'm technically literate enough that they should pay closer attention to me.

Re:Privacy only works when it's in your own hands

[Ghostworks]

Exactly. It was always a pretty bad idea. In fact, it reminds me a great deal of the RFC 3514 "evil bit"

Do-Not-Track is basically a "Don't be evil" bit. It makes a plea on behalf of the end user and the end user hopes some distant system honors it. Any time you implement some version of the evil bit, you should expect that it's not going to work.

(Then again, there are a lot of tech features in use now -- such as a PDF owner_pass edit lock, or phone service Caller ID blocking -- which are also based on "please keep private" bit, and those are effective for 98% of the people out there who are just to lazy to get around them. So maybe there's something to be said for an evil bit after all.)

Re:Privacy only works when it's in your own hands

[Sobrique]

Which in turn, is something that's extremely difficult - especially for a non technical user. You can probably approximate it with TOR, but that has it's own price.

Re:Privacy only works when it's in your own hands

Who said anything about _relying_ on it, the idea that yahoo wouldn't even keep with THEIR precedent of good behavior is the news here.

The idea is you can hold the BIG companies accountable for their tracking behavior, that it's advertising their policy priorities of trust.
Not whether it works or doesn't on every website on the internet.

This is like a big neon sign that says from now on, expect our shitty company that used to value privacy to track the crap out of you.

Re:Privacy only works when it's in your own hands

[jones_supa]

True...

Re:Privacy only works when it's in your own hands

If you want privacy you have to be the one in control of what is being revealed. You can't rely on others to keep your privacy for you.

I'm not sure that you can rely on yourself either. I remember reading somewhere that a company that sells tracking software to marketeers claims to be able to recognise people when they are working on different computers. That's marketing too, of course, but if half of it is true it's getting pretty scary.

Privacy can't and shouldn't only depend on what one can do to protect it. The best compact definition of what privacy I know is by a lawyer who specializes in internet related matters who puts a lot of thought in the subject of privacy on the net: it is the right to be left alone. Leaving you alone is something others do or don't. Your privacy depends largely on how others treat you, and there is only so much you can do to influence that.

In terms of street privacy you are making the wrong comparison. This is not about people having to close their eyes, there is nothing wrong with being visible, but on the street you can reasonably expect that others don't do nasty things with what they see, or so it used to be before there were cameras on every corner. If someone actively follows you, takes note of everything they do, then they are stalking you. That is the right comparison to make, I think. Tracking is a form of stalking.

Re:Privacy only works when it's in your own hands

[Darinbob]

It is useful if you visit sites that respect it. Just because it doesn't magically make you untrackable everywhere you go does not mean it is useless. It's just one member of a very large set of small tweaks that can increase privacy. If you learn a site does not honor do-not-track then you can boycott it, block it entirely in noscript, etc.

Really?

Their excuse for not following it is 'no one follows it'?

What if I don't want a personalized experience?

What's the industry-standard code for not wanting a personalized web-browsing experience?

"Visit a service that does honor 'do-not-track', unlike Yahoo"

They still exist?

[Sir+Holo]

I "opted out" about 10 seconds after seeing that message on a Yahoo site.

The thing is, I strenuously avoid Yahoo. After the latest Firefox update, though, typing a search in the address field doesn't go to my preferred (in settings) search engine, but instead to Yahoo.

Yahoo search results are terrible, but most of the screen is filled with jumping icons a million other things I was not searching for.

Re:They still exist?

[Maxo-Texas]

You probably want to use "duckduckgo" instead of google as your default search provider.

Google tracks a lot of information about you- even when you are anonymous. Last I heard it was 57 different things. I also keep googleleadservices and googleanalytics disabled in noscript.

Re:They still exist?

[Jbcarpen]

After the latest Firefox update, though, typing a search in the address field doesn't go to my preferred (in settings) search engine, but instead to Yahoo.

Firefox stores data about which search engine to use in a set of XML files. If something else gains access to those files, it can edit them to keep the name and icon of, e.g. google, but send the actual search to goatse (or wherever). If you delete the files, then the "restore defaults" button on the "manage search engines" panel will enable, and restore the originals.

Re:They still exist?

[the+eric+conspiracy]

Startpage is cool too.

Re:They still exist?

[CanHasDIY]

You probably want to use "duckduckgo" instead of google as your default search provider.

I would love to promote duckduckgo, but in reality the results that site brings up are seldom relevant, and normally suck.

I've recently switched to using Startpage for searches, as it protects my "anonymity" and pulls relevant search results, since it uses Google search on the back end.

Re:They still exist?

[Sir+Holo]

Firefox stores data about which search engine to use in a set of XML files. If something else gains access to those files, it can edit them to keep the name and icon of, e.g. google, but send the actual search to goatse (or wherever). If you delete the files, then the "restore defaults" button on the "manage search engines" panel will enable, and restore the originals.

Wow, thanks!!!

I found only one XML file doing just that redirect, deleted and restored, but no luck. I'll have to search harder for the multiple instances you mentioned.

Re:They still exist?

[Maxo-Texas]

I have started to use Startpage.

Thank you!

Do not honor Yahoo

[briancox2]

Fortunately, there is little or no loss to the modern day internet user experience by ignoring Yahoo completely, either.

It's a trap.

The techie response is to look at "do not track". Remark that, "It's a trap!", and install ghostery and no script.

Adding insult to injury

Way to go, Yahoo! Not only are you screwing people up but, in addition, you are treating them as idiots. So you need to do that to deliver a personalized experience, right? What if I don't want a personalized experience? Or if I want to personalize it myself?

Why don't you just tell the truth, to wit, that you are doing this because you want to make more money? You would still screw up people but, at least, you would not piss them off by treating them like retards.

You guys sure live up to the company name.

Who's internet is it anyway?

[jmd]

Internet connectivity is about ease of accessing information. Google, Yahoo, JStor etc are about monetizing the access to that information.

See: Arron Swartz

Sigh: personalized web-browsing experience

[fahrbot-bot]

First, they want to provide a personalized web-browsing experience, which isn't possible using do-not-track.

This is one of the phrases and behaviors that annoy me the most about various sites, especially search sites. I search for both personal and work related things, don't want searches tailored to anything other than the specific thing for which I'm searching at that time. I generally don't care what I searched for 24h ago (looking at you Google side-bar).

In a related rant, I can't stand the Google side-bar, Instant and Suggestions and make every attempt to disable and or strip them out (using Proxomitron) though now that Google has switched to HTTPS, that makes things more difficult for me - sigh.

Dear Providers, Don't "help" me unless I ask for it.

Re:Sigh: personalized web-browsing experience

run ssl on your proxy with a self signed root cert you use on your PCs. it is pretty easy to bust SSL when you are in the middle and control the end client.

Re:Sigh: personalized web-browsing experience

[Wikipedia]

Just sign in and disable those features. Or I believe that you can disable them when you're logged out.

If this is real...

[HybridST]

IIRC yahoo is worth less than nothing at the moment. Re: www.bloombergview.com/articles/2014-03-17/is-yahoo-s-business-worth-less-than-nothing

Why would I listen to a company with such outstanding performance?

Yahoo?

[Threni]

I can't imagine why I would ever go near a Yahoo site. Yahoo Answers? Seriously? Didn't Stack Exchange demolish that nonsense? Yahoo email? With the `win tickets to the World Cup` spammy sigfiles a good 8 months after the World Cup finished? What do they offer than other companies don't offer, better, and without the lack of respect?

Re:Yahoo?

[Dcnjoe60]

What do they offer than other companies don't offer, better, and without the lack of respect?

Yahoo Groups?

Re:Yahoo?

[CanHasDIY]

I can't imagine why I would ever go near a Yahoo site. Yahoo Answers? Seriously? Didn't Stack Exchange demolish that nonsense?

Hey, now - Yahoo Answers is still a great place to get terrible advice from trolls. Like when I was looking for a humane way to put down my gecko, and the top rated response was to put him in the freezer.

Re:Yahoo?

[Threni]

Thanks, but no. (The quality of Yahoo Answers, with the clunky, shitty website-ness of Google Groups. 2003 wants its online forum back!)

Re:Yahoo?

How exactly is that bad advice? Lizards are cold-blooded and the animal would go to sleep. Can't get much more humane than that! Did you mean humane for your emotional attachments?

Re:Yahoo?

[Dcnjoe60]

YMMV, but the quality of various groups is dependent on the members of the group, not Yahoo and they had groups long before Google did.

Re:Yahoo?

You can do whatever you like with your Gecko, as long as it results in him no longer trying to sell me car insurance.

Re:Yahoo?

Like when I was looking for a humane way to put down my gecko, and the top rated response was to put him in the freezer.

And? Thats a pretty humane way to put down a cold blooded animal like a lizard actually.

I agree with you in principal, Yahoo Answers is for retards 99.999% of the time, but that would be the correct answer.

But wait Soulkill, you WANT the bullies stopped

You want bullies stopped...

http://news.slashdot.org/story/14/04/16/0243257/student-records-kids-who-bully-him-then-gets-threatened-with-wiretapping-charge

But you don't want any of YOUR information about going to Buzzfeed tracks. I see.

How's that hero of the Soviet Union working for you? Snowden. You still mad at him for have the NSA getting a copy the info Verizon, Yahoo, Mastercard, Google and and Samsung have on your pizza order?

You can't have it both ways. Well they want to on Fox News. but here in science land, you can't have it both ways.

You are a hypocrite.

Yahoo going downhill fast.

They took away a long list of popular features from yahoo mail, yahoo answers, flickr, etc, and put a new unuseable interface on top of everything that eats up bandwidth and memory like crazy. They ignored hundreds of thousands of complaints. And now you need a verified cell number to sign up, so they've slammed the door on any new users. And for what? What is the point of ruining websites that people enjoy? If your income is from advertising wouldn't you want more people looking at your website? Not less? The whole thing is wacky.

Re:Yahoo going downhill fast.

[ledow]

I've always said that the time to stop using a company is when they do things that aren't in your interests - or indeed the interests of any logic.

Companies that "rebrand".
Companies that give poor customer service.
Companies that gobble-up and retire old, famous brands.
Companies that force you to move to their "new" interface / app / whatever (take note, Slashdot!)

These things achieve nothing that a customer would want them to achieve and actually hint at lots of poor, cyclical management decisions in order to justify someone's job (Let's outsource! Let's bring in-house! Let's outsource!)

I stopped using Hotmail when they forced a new interface on me that was worse and never got fixed (and I was a paying customer back-in-the-day).

I stopped using Geocities when I had to convert it to a Yahoo Account.

I stopped using a Yahoo account (entirely separate to the above) when they started to hinder me getting to my email.

I've stayed on GMail because I learned my lesson and no longer rely on any web interface to stay static. You piss about, I'll use IMAP into my favourite webmail / browser. Done.

With free services, brand loyalty is lost incredibly quickly. When MySpace *went out of fashion* everyone jumped on alternatives.

Let's get this straight - you want me to view adverts? Make it as painless as possible and put something I WANT TO USE behind the adverts. And, you know what? I will.

Re:beta

[Andrewkov]

Slashdot Stops Honoring 'No Beta' Settings.

There's a headline for ya..

The single standard is:

[drolli]

Noscript, only per session cookies, and surfing trough a proxy.

Who cares?

We stopped tracking Yahoo a long time ago.

Do not track was flawed from the start

[Sobrique]

I can't say I'm surprised. Do not track settings that are optional on the part of the sites you're visiting are simply never going to work - the ones that'd honour it are also the sites you wouldn't be particularly worried about in the first place. Targeted advertising and profiling is big business, and the big revenue stream for the 'free' content providers. It really comes as no surprise - pretty fundamentally you get what you pay for. If you're paying nothing in monetary terms, then you'll be paying in privacy instead.

No effective standard?

[zarmanto]

"However, we have yet to see a single standard emerge that is effective, easy to use and has been adopted by the broader tech industry.' It looks like this is another blow to privacy on the web."

I don't know about you, but I can think of one fairly effective and extremely easy to use "standard"... AdBlock.

I'll ask again

[koan]

Why does anyone use Yahoo? You can't get an email without giving up your cell number, their "answers" section is absurd, they really have nothing to offer IMO.
There are far better choices, it seems like a recently beheaded chicken, still running around on autonomic pilot.

Re:I'll ask again

Why does anyone use Yahoo?

People use Yahoo because they are stupid.

Do you have any more stupid questions ?

Adblock, Ghostery

Our best defence.

I do not care for their "enhanced experience".

Time for the legal system?

[Dcnjoe60]

Maybe it's time for the legal system to get involved. If entities won't honor privacy, maybe we need the equivalent of the "Do Not Call" list for telephones implemented for the internet. Of course companies like Google and Yahoo will then just alter their service agreements to state that you do in fact agree to be tracked.

until IE 10 broke it

[raymorris]

> But the user clearly does not want a personalised web-browsing experience.

Until MSIE started lying about the user's preferences. The standard specifies what should be sent if the user has not expressed a preference. IE 10 lies and says the user requested a uncustomized version when they didn't. That makes the whole thing useless when browsers lie about what preferences the user expressed.

Re:until IE 10 broke it

[ChatHuant]

Your post is just another case of rabid anti-Microsoftism leading to reverse logic. The standard you mention has been written by Google and their pet browser company, Mozilla, so of course it says the default preference should be to allow ads. That's deeply wrong and anti-consumer (but pro-ad companies).

There has been a lot of discussion on Slashdot and everywhere else about opt-in versus opt-out - and the consensus is that opt-in is the correct choice in pretty much all cases. By default, users should always be opted out of things that infringe their privacy. Exactly the same here: only if they specifically opt in should they be tracked. Well, IE does this correctly. Not knowing about do not track (or not being technically savvy enough to disable it) IS NOT AN OPT IN, and people who do want to be a product can disable the do-not-track flag.

Of course, Yahoo and Google profit from the vast number of users who don't know about the intricacies of the do not track standards and options. The fact remains that those users did not specifically opt in, and their privacy is abused. The standard is broken (I believe intentionally), so don't try to make it sound like it's somehow Microsoft's fault.

Re:until IE 10 broke it

That's not lieing anymore than telling the server that you've opted in when you haven't. The problem here isn't the setting it's that there's nobody prosecuting those psychopathic maggots for wiretapping without consent. The advertisers keep adding more and more spyware to deal with the fact that people are opting out and then they wonder why it is that people are blocking their stuff.

Re:until IE 10 broke it

[Ksevio]

There are a few issues that make this different though. The web is mostly funded by ads, tracked or non-tracked, they're still needed. With tracked ads, sites can get away with fewer of them (fewer ads = better user experience = users stay around more). It's not something that most people want (given the option to add ads, they wouldn't choose it), but on the other hand they prefer ads to having to pay directly.

For the tech-savvy and even past that these days, there are options like ad-block available. Some types of ads were deemed too-obnoxious (like pop-ups) so all the browsers block those. People choosing to not support the websites they visit by blocking ads is their choice. There are usually too few of them to significantly cut down revenues. If everyone did it, either a new revenue source would be needed (such a s subscription services), ads would have to be added in sneakier ways, or websites would shut down. No one really wants to go with those options.

The do-no-track option is similar. If few people pick it, then it's going to work fine and people will support it, but making it the default for all people for all websites means you're basically just saying tracking isn't allowed at all. People might not "opt-in" to being tracked for advertising purposes, but it's not illegal, and people certainly seem to opt for free websites with fewer ads.

Re:until IE 10 broke it

The web is mostly funded by ads

So? If the site needs ads, then look for DNT and then post a message up saying that you must accept the ads to visit the site. Or direct them to a paywall. "But I need it" is not sufficient justification to "steal" from me.

Re:until IE 10 broke it

[squiggleslash]

That's deeply wrong and anti-consumer

No, it isn't.

the consensus is that opt-in is the correct choice in pretty much all cases

The "consensus" is anything but. It's true a large group of Slashdotters are demanding it, but ignoring context or what the flag is supposed to do.

Remember: this isn't about computers posting details of you by name on search engines reporting that you posted on the NRA forums site, viewed pictures on HotChicksBrushingTheirTeeth.com, and the last four music CDs you bought on Amazon.

This is about some servers acting as black boxes, receiving information like "Session associated with abcdefghij included visits to websites with key words 'guns', 'rifles', 'toothbrushes', 'lingerie', 'REM', 'Seig Seig Sputnick', 'Tigra and Bunni', and 'Kellis', and then being asked questions of the form "Of the following ads: [Cheezits, Acura, Radio Shack, Colgate], which would session abcdefghij be most interested in?"

Yahoo and Google profit from the vast number of users who don't know about the intricacies of the do not track standards and options

How ironic. It seems that the vast majority of people who donâ(TM)t really understand the do not track systems are those who demand insane defaults like "Servers should make no attempt to deliver relevant ads to a user unless they've specifically said they want them".

Re:until IE 10 broke it

[chihowa]

That whole standard was stupid anyway. It was essentially making tracking the default state and requiring the user to opt-out. Intrusive marketing like this should be opt-in.

Honour?

[XB-70]

Yahoo! has stopped honouring so much of its user experience that they are doomed to failure.

Yahoo! Groups is bloated with spam that can't be blocked by its admins.

Yahoo! Messenger is so fraught with bugs and bloatware that users are fleeing in droves.

The main Yahoo! website is dated and mindless.

Yahoo! Mail is an abomination of unusable kludges and missteps.

Lastly, who uses Yahoo! to search for anything anymore, anyway?

Put a wooden stake in it, this thing is dead.

Honesty is the best policy

At least they're being honest about it.

If we had been honest about it, we would have screamed and shouted about what BS the "do not track" option was in the first place. It was never more than an pretend solution devised by marketers to allow them to go about their business without having to take flack from privacy advocates.

Instead we praised and demonized browser developers for defaulting (or not defaulting) do not track settings. Like it even meant something.

Who's really to blame here?

Yahoo will cease to exist soon.

Yahoo is a mess.

It won't be around as a business much longer because Yahoo is
bleeding cash and that cannot continue.

IE 10 broke by DNT lying

[raymorris]

The DNT standard specifies what should be sent under three conditions:
a) The user expresses that they DO want customization
b) The user expresses that they do NOT want customization
c) The user doesn't express any preference

IE 10 lies and says b when the truth is c. That makes it impossible to know who actually chose DNT. The whole thing is useless now that it doesn't to indicate the user's stated preference.

Re:IE 10 broke by DNT lying

[radarskiy]

From http://tools.ietf.org/id/draft...
"5. Header Syntax

      The Do Not Track HTTP header, "DNT", must take one of two values: "1"
      ("opt out") or "0" ("opt in"). All other values are reserved. ...
6.3. Default

      A user agent MAY adopt NO-EXPRESSED-PREFERENCE or OPT-OUT by default.
      It MUST NOT transmit OPT-IN without explicit user consent."

The standard explicitly allows opt-out as a default

Re:IE 10 broke by DNT lying

Your the lying stupid fucking cunt.

IE asks the user to set some defaults and the bottom of that list it says 'Tell people I do not wish to be tracked'

It explicitly tells people what they are asking IE to do.

Re:IE 10 broke by DNT lying

If I remember correctly when I installed IE I was presented with a screen that had the choices up for DNT while the default was DNT I had to confirm that so I did make a choice. So IE is not lying It is relaying what the user choose

FARK.com

[hduff]

Does Slashdot get all its news stories from FARK.com?

I read most of the current crop there first.

Get a clue!

We don't want your idea of a personalized web experience, and call it what it is, hard-sell advertising...

At the Risk of Summoning APK

[sexconker]

Welcome to my HOSTS file, Yahoo.

Time to stop using yahoo

...oh wait

huh

Question

[kqc7011]

Anyone working or have a easy to use program that writes a false browsing track? Let the trackers try to make sense out of compromised data. The "easy to use" is what I want.

To quote "the mysterious Mr. Seven"

"Why have you intercepted me?" - The Mysterious Mr. 7 FROM Star Trek The Original Series Episode "Assignment Earth"

I'm already here (several times):

http://tech.slashdot.org/comme...

http://tech.slashdot.org/comme...

http://tech.slashdot.org/comme...

http://tech.slashdot.org/comme...

http://tech.slashdot.org/comme...

* :)

APK

P.S.=> To quote Mr. 7 again (as I leave after making this post and 'certain parties' would LOVE to be able to stop me, i.e.-> to the Moderators/Admins here?) "I know Isis - but we'll be gone before they get here...

... apk

Apathy

And this is why I don't feel bad in the least for using ad and script blockers to improve my experience, even though it deprives them of revenue. Don't count on me to respect your revenue stream when you can't be bothered to respect my privacy.

Losers

I am glad that I only sparingly use Yahoosers. Have E-mail address for site logins, but that is about it In my book, Yahoo, Marisa Meyer and Google are basically one large groupie.

Disguised tracking requests

The current web browsers leak info enough for identification without anyone using cookies or other obvious means. Is there a way for me to see when a website attempts to identify me by Javascript requesting the lists of fonts and extensions from my browser? This would be quite interesting as most of the usual trackers are blocked by Adblock Plus and Ghostery.
Do we need to start filtering and spoofing the answers to those the Javascript requests?

EFF release an alpha of Privacy Badger

[Kinwolf]

Good day for the EFF to release the alpha of privacy badger that blocks tracking cookies http://www.pcworld.com/article... https://www.eff.org/privacybad...

They promised me ....

They promised me a better search engine.
They didn't say IT would be better at searching ME.

Imagine if all this power were being used to help people find what they wanted, instead of helping sell crap.

We didn't need Google, to help themselves to us.

We needed librarians, to help us.

Re:beta

Damn straight!

?nobeta=1 isn't supposed to be a randomize flag.

Yahoo learned from the Best

[WillAffleckUW]

"First Be Evil" is the motto of Google.

And now Yahoo is doing it.

Wonder where their CEO worked before?

"Lean In" my foot. More like "Steal Muchly".

The problem is the ad industry

[Todd+Knarr]

Any standard that's effective and easy to use will not be accepted by the advertising industry, so making the "success" of a standard contingent on that last is nonsense. The DNT standard does serve one useful purpose whether or not it's accepted: it provides a single, easy-to-interpret, unambiguous indication to advertisers as to whether or not the user has consented to tracking. It removes their ability to say "Well, they didn't say otherwise so we assumed they're OK with it.". It does that whether or not they honor it, and it gives us a good talking point when it comes to policy and regulatory discussions: "The DNT standard exists. It's in use. It's easy to interpret on their side. They're the only ones sticking their fingers in their ears going "Na Na Na Can't hear you!".". That makes regulation an easier sell.

Advertiser here: we respect DNT.

Hi /.,

I'm a developer for an advertising platform. Our product is basically visitor targeting: the best we are at profiling visitors, the more money we will make.

We do respect Do-Not-Track. I know this because I have seen the code that checks for it, and stops processing if it's set. (Unless your user agent matches IE10.)

I have no idea what policy other advertisers follow, however.

Let me "Add" that for ya

I would like to add that, all those additive adds, adds up to a lot of adds!

Do Not Track

Translation - Do Not Track costs us advertising income.

I've been calling this the "ad hangover"

For certain types of product, it's effective marketing. Some people buy a lot of shoes or books or video games. If you buy food online, chances are you will need to buy food again at some point in the future.

For durable goods like cars and washing machines, not so much.

The interesting thing is that the industry realizes that ad hangover is problem and is trying to solve it in various ways. Your eyeballs are more valuable to advertisers who are selling something you might want to buy, and everybody spending or making money in this space - from the ad buyer to the agency to the ad platform to the target website - everybody understands that.

Re:AdBlock & Ghostery = 'Souled-Out' + Inferio

Strap a bigger engine to it all you want, but hosts is as robust as a go-kart compared to the finely-tuned machines that comprise modern filtering software. The number of CPU ticks you're saving by processing a block list lower on the network stack stopped being non-trivial about fifteen years ago. Get with the times, man.

that proposal voted down years ago. standard says

[raymorris]

The proposal you linked to was voted down several years ago. The last call standard is:

Key to that notion of expression is that the signal sent must reflect the user's preference, not the choice of some vendor, institution, site, or network-imposed mechanism ..
A user agent must have a default tracking preference of unset (not enabled)

See

Neither are allowed under the standard

[raymorris]

> That's not lieing anymore than telling the server that you've opted in when you haven't.

Both of those would be a lie, which is why neither are allowed under the standard.
The standard says that the browser "must not send a tracking preference expression if a tracking preference is not enabled. This means that no expression is sent for each of the following cases: ... the user has not yet made a choice for a specific preference".

See:
http://www.w3.org/TR/2014/WD-t...

Re:Good

[gnupun]

Exactly, we shouldn't be tracked regardless of the do-no-track setting. Who wants to willingly be e-stalked and data mined? They are stealing our info without permission and without compensation.

You're MORE THAN WELCOME... apk

To disprove 17 points of facthosts give users in added speed, security, reliability, & anonymity enumerated @ its download link -> http://start64.com/index.php?o...

* Good luck - you'll NEED it (more like a miracle)...

I work with what you have, natively (& I don't "BOLT ON" more b.s., like you obviously do... & what's in my 'p.s.' below can prove that much, easily!)

APK

P.S.=> Now, CPU ticks? Ok - load a few browser addons in FireFox & see what happens (lmao - talk about CONSUMING excessive CPU cycles in messagepassing overheads - that is a KNOWN issue with browser addons, that also don't do a FRACTION of what custom hosts files can for end users noted above)... apk

Who goes to yahoo anymore ?

I find it odd that people still think of yahoo as a prime web site - they are so full of crap its been years since I did anything yahoo-related.
Ever since I realized they sell your email the second you register I opined that they were going downhill thereon.
Pity the suckers who still think Yahoo is big game.

That's a separate issue. IE breaks that too

[raymorris]

> the consensus is that opt-in is the correct choice in pretty much all cases. By default, users should always be opted out of things that infringe their privacy.

You might be right about that*. That's a different topic than the DNT RFC, though. The DNT header tells which preference the user specifically asked for. DNT does NOT specify anything about what a site should do - what cookies they should set or not set, etc. Let me quote from the DNT RFC for you "this document does not define site behavior for complying with a user's expressed tracking preference".

The DNT header is a way for the user to communicate their preferences to the server. What the server does by default, in the absence of any instructions from the user, is a separate issue entirely. It's not what DNT is about. Perhaps the following discussion will make it more clear.

* About defaults, what a site should do when a user doesn't express a preference (and when they do). It's my opinion that the default behavior, when the user hasn't made any selection, should normally be somewhere in the giant middle area between the two extremes. Here's an example or two.

Case1 - No preference chosen:
      There are a lot of things that a site should NOT do by default. Let's just call one example "long-term advertising tracking". For our purposes today, there's no need to define exactly what that means.

      There are some things the site SHOULD set a cookie for, or otherwise remember. Suppose I load Slashdot and I'm shown Beta. I click on the "Fuck Beta, give me the classic interface" button. Ten minutes later, I load Slashdot again. I'd prefer that Slashdot not give me beta again, by setting a "beta=no" cookie. Maybe that cookie will expire in a day, a week, or a month, but it would be good for Slashdot to recognize that "whoever this is, he doesn't like beta". So they track that preference, and I'm happy.

So by default, Slashdot could reasonably track some things and not others.

Case 2 - User specifically requested DNT:

    If I've specifically requested privacy, the site should act similarly to the way the browser does in "incognito mode" - pretty much don't set any cookies, for example. Slashdot should NOT set a cookie to remember that you hate beta, if you ask them not to remember anything. On sites like Youtube and Craigslist with a "safe search" or "possible adult content" confirmation page SHOULD keep popping up that warning. That user has explicitly requested that the site not remember that they want safe search off.

Case 3 - User specifically requests "a customized experience" (DNT off)

      If the user specifically says they want maximum customization, the site SHOULD remember that I hate beta and not show it to me again.
Safesearch should default to whatever I set it too - I've asked the site to remember my preferences. Ebay.com should, since I requested it, show me good deals on items I've been searching for recently.

The key here is that the best thing for a site to do is different between case 1 and case 2. If explicitly you ask that Slashdot NOT set any cookies, it should not set a "NoBeta" cookie. If you haven't expressed any preference, setting a "NoBeta" cookie is probably a good thing. Lying, saying that the user has explicitly requested no tracking when they haven't done so, means you can't respect the user's wishes. If you honor IE's bogus DNT header, everybody keeps getting sent to beta. If you disregard it, people who have actually set DNT get tracked after they've asked not to be. Nothing that the site can do with IE DNT would be right, because the site don't know whether the user actually wants their expressed preferences forgotten or not.

My HTTP requests contain EULA

[BlazingATrail]

I always attach a hidden EULA to all my HTTP requests, so if the web site tracks me, they have violated my license and I can sue them for breech of contract and millions of dollars.

Ads - okay. "Don't /. Beta me" preference?

[raymorris]

> Do I want to constantly see ads for XYZ just because I once searched for XYZ or once visited the XYZ website?

I understand that point. For me, if I search for X a lot, I'd actually rather see ads for X than for fungal cream, but that's personal preference.
Let me ask you about something else, though. You said:

> anyone else talking about a "personalized web-browsing experience"

Suppose an interactive site like Slashdot or Yahoo Mail is rolling out a new design. By default, they send people to the new version of the site *cough beta cough*, but they have a button labeled "screw this, show me the classic version". You click on the button. Ten minutes later, you load the site again. Which should the site do:

A) Take you back to beta, even though a few minutes ago you clicked the "fuck beta" button.
B) Set a "NoBeta" cookie that lasts 60 days, so you won't see beta again for at least 60 days.

That's a bit tougher. That may be a case where a "personalized web-browsing experience" makes the site a lot better.
What do you think?

Has been garbage since active x

IE has been garbage since active x was introduced.

Privacy? What privacy?

[Tony+Isaac]

Anyone who thinks their Internet activity is private...is deluding themselves. If the NSA couldn't keep their activities private, what makes you think YOU can?

However

[fireylord]

As far as I understand the law here in the UK, the Office of the Data Protection Commissioner will probably be having a word with Yahoo shortly...

Re:Ghostery = INFERIOR + 'Souled-Out'

[Ash-Fox]

Calm down APK, I've already lost count of the amount of spam posts you made on this article (which use points I have already refuted long ago).

perhaps. In, out, or neither

[raymorris]

Many sites probably would have defaulted to lower privacy than some would like, but the DNT standard is NOT about what sites do. DNT allows the user to say "I opt in to customization", "I opt out", or neither. What sites do when the user doesn't choose, or when they do choose, is not part of the standard. The standard only specifies HOW the user can communicate their preference - not what affect that preference has.

Better DNT Implementation

The browsers ~could~ have done a much better job here. See this from the draft specifications:

8.4. Response Header RECOMMENDED
      In responding to a request that includes a Do Not Track header, a
      third-party server that complies with Do Not Track SHOULD echo the
      request header.

If the browsers wanted to do better by the user, they could have done the following:
1. If DNT was set, but not echoed back, notify the user that their DNT preference was being ignored.
2. Allow the user to block future requests to each third-party server.

The CORS protocol supports pre-flight requests. If DNT had supported such pre-flight, the browser could validate that DNT was properly supported before sending the initial request.

Obviously, the server could lie and say it would not track you; but at that point they are not simply ignoring a preference; they are blatantly lying about how they will use your data. Such fraud would certainly qualify as a suitable offense.

I think that we would also see a lot more honest web sites with this implementation. If a site's revenue model requires tracking, they could simply echo that they do NOT support DNT; or take the user to a DNT-specific landing page that explains that DNT must be disabled to use their site. The user would either accept that fact or browse elsewhere. If the content is interesting enough, many users will allow a DNT exception.

Re:Better DNT Implementation

[TCM]

There is no job you can do if the other party is not trustworthy - other than limiting your communication. All this convoluted header bullshit is useless.

Stop crying for a legal solution when there's a perfect technical one: STOP TALKING TO TRACKING SERVERS! Advertisers had their chance. They failed it. So ignore them and let them sulk in their own bullshit.

Opposition to aggressive advertising is not just t

You sound like you're a marketer, advertiser, salesperson or manager.

Please get into a car accident on the way home today. You are a shitbag.

I did take those steps (literally)

"If you don't want to be tracked, you need to take steps to make it happen yourself." - by nmb3000 (741169) on Friday May 02, 2014 @11:51AM (#46899859) Homepage

By programming this application: APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o...

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen...

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts ( A tightly integrated PART of the IP stack itself )

APK

P.S.=> * "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein

** "Less is more" = GOOD engineering!

*** "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

...apk

Ghostery = 'Souled-Out' + inferior

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):

---

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o...

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen...

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

* Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts ( A tightly integrated PART of the IP stack itself )

APK

P.S.=> * "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein

** "Less is more" = GOOD engineering!

*** "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

...apkdo more w/ less

Ghostery = 'Souled-Out' + Inferior

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):

---

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o...

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen...

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

* Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts ( A tightly integrated PART of the IP stack itself )

APK

P.S.=> * "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein

** "Less is more" = GOOD engineering!

*** "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

...apk

Ghostery = 'Souled-Out' + Inferior

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):

---

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o...

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen...

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

* Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts ( A tightly integrated PART of the IP stack itself )

APK

P.S.=> * "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein

** "Less is more" = GOOD engineering!

*** "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

...apk

I literally did what you said gsslay

"If you want privacy you have to be the one in control of what is being revealed. You can't rely on others to keep your privacy for you." - by gsslay (807818) on Friday May 02, 2014 @11:41AM (#46899747)

By programming this (far better than browser addons) - APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o...

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen...

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts ( A tightly integrated PART of the IP stack itself )

APK

P.S.=> "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

...apk

I've knocked you flat out on hosts before

Remember this? Sure you do http://slashdot.org/comments.p...

* :)

(You're MORE THAN WELCOME to disprove 17 points of enumerated FACTS in favor of custom hosts files I list here that give end-users of them more SPEED, SECURITY, RELIABLITY, & even ANONYMITY -> http://start64.com/index.php?o...

APK

P.S.=> Which I know (and you know, as would anyone reading here) you CAN'T DO, since it's impossible to do (& you know it, & you'll "Run, Forrest: RUN!!! from that challenge as per your usual, you zero accomplishment in coding little troll... lmao!

... apk

Re:I've knocked you flat out on hosts before

[Ash-Fox]

Yes, and my statement still applies with regards to using my DNS solution:

You have very selective reading. I've clearly stated numerous times now that in practice, it essentially doesn't matter. There is no notable difference taking any effect here. You choose to ignore it, repeatedly.

You also forgot the other post where I tried your hosts file solution, which in turn generated multi-GB text file to do the equiv of a wildcard block on a domain for your preferred platform (Windows) and it broke windows services preventing DNS resolution from working. Not simply 'just working' as you would have us believe. Additionally, memory consumption was up.

P.S.=> Which I know (and you know, as would anyone reading here) you CAN'T DO, since it's impossible to do (& you know it, & you'll "Run, Forrest: RUN!!! from that challenge as per your usual, you zero accomplishment in coding little troll... lmao!

I don't need to respond when you prove my case.

Re:I've knocked you flat out on hosts before

apk makes another troll do a run forrest run.

Nothing 'dubious' about it (proof inside)

In fact, IF you'd like PROOF of that much? Malwarebytes' Steven Burn (hpHosts) can verify that much!

(He's seen my sourcecode, & checked it + helped me get 4 "false positives" removed by AntiVirus vendors (4 of roughly 80 or so) on the JOTTI & VirusTotal online scans - those being McAfee/Intel, Comodo, ArcaVir, Symantec/Norton).

Mr. Burn can be contacted by email, here (& he answers all mails) -> http://hosts-file.net/?s=Downl...

As to the rest of your post? IF my doing a ware for free that gives you a LOT MORE than browser addons noted is "crazy" etc.?? Then I am clearly SANE in a crazy world...

(One populated by trolls such as yourself!)

APK

P.S.=> IF you don't like more added SPEED, SECURITY, RELIABILITY, & ANONYMITY online? Then, simply don't use it (or don't bother to read my posts) - it's YOUR MONEY, TIME, & PRIVACY + SECURITY is all... apk

Hosts can stop "beta", easily... apk

How? Add these to your hosts file, & don't take a cookie here (ac posting in other words - it's THAT, or burning your cookie as a "registered 'luser'' I would guess (I don't do those so, there you are)):

216.34.181.45 slashdot.org
216.34.181.45 beta.slashdot.org
216.34.181.48 news.slashdot.org
216.34.181.48 developers.slashdot.org
216.34.181.48 hardware.slashdot.org
216.34.181.48 ask.slashdot.org
216.34.181.48 it.slashdot.org
216.34.181.48 linux.slashdot.org
216.34.181.48 tech.slashdot.org
216.34.181.48 yro.slashdot.org
216.34.181.48 science.slashdot.org
216.34.181.48 2idle.slashdot.org
216.34.181.48 apple.slashdot.org
216.34.181.48 books.slashdot.org
216.34.181.48 games.slashdot.org
216.34.181.48 interviews.slashdot.org
216.34.181.48 mobile.slashdot.org

* The BOLDED one above's THE "important one" really...

(THAT, along with any others like say, beta.mobile.slashdot.org which you'd equate to 216.34.181.48 , like mobile.slashdot.org, the std. site for that section of this place, is...)

It works - NO BETA for me, period!

APK

P.S.=> Yes - They *tried* to 'force it' on me too - this is HOW I get around it (overriding DNS via hosts & /. redirection too, easily)... apk

You're MORE than welcome to... apk

Disprove the 17 points of fact hosts give users of them in added speed, security, reliability (especially vs. DNS security redirection flaws & being abused by FastFlux + Dynamic DNS using botnets along with their rogue dns servers), & anonymity (vs. DNS request logs or skirting DNSBL's you don't agree with). You use MORE POWER, cpu cycles, RAM, + other forms of I/O by STUPIDLY "piling on more" when a native part of the OS itself (hosts & the IP stack) can do the job MORE than adequately for all of the benefits noted above (that you can't disprove AND YOU KNOW IT, lol).

"I don't need to respond when you prove my case." - by Ash-Fox (726320) on Saturday May 03, 2014 @02:08PM (#46908877)

Yes idiot - you do: See my subject-line & face that challenge: PROVE my points on hosts wrong... you can't!

---

"I tried your hosts file solution, which in turn generated multi-GB text file to do the equiv of a wildcard block on a domain for your preferred platform (Windows) and it broke windows services preventing DNS resolution from working. Not simply 'just working' ." - by Ash-Fox (726320) on Saturday May 03, 2014 @02:08PM (#46908877)

HEY STUPID: It's widely KNOWN & DOCUMENTED that with LARGE hosts files you MUST turn off the local USERMODE SLOW dns clientside cache service in Windows...

I said THAT to you too, dumbo... funny you "conveniently" omit that... see http://winhelp2002.mvps.org/ho... they even tell you THAT much...

APK

P.S.=> Using more complexity in a CLEARLY FAULTY IN SECURITY "solution" in DNS? Stupid... of course, you're more than welcome per my subject-line above to PROVE ME WRONG (& you can't, bullshitter that you are)...

... apk

Re:You're MORE than welcome to... apk

[Ash-Fox]

You use MORE POWER, cpu cycles, RAM, + other forms of I/O by STUPIDLY "piling on more" when a native part of the OS itself (hosts & the IP stack) can do the job MORE than adequately for all of the benefits noted above (that you can't disprove AND YOU KNOW IT, lol).

Because apparently a zone file that is less than a kilobyte to block an entire domain verses generating a multi-GB hosts file to come up with every single hostname combination to block a domain fully and then using that multi-GB hosts file requires less "cpu cycles, RAM, + other forms of I/O" etc.

HEY STUPID: It's widely KNOWN & DOCUMENTED that with LARGE hosts files you MUST turn off the local USERMODE SLOW dns clientside cache service in Windows...

Exactly, because it breaks it. Thanks for proving my point yet again.

Re:You're MORE than welcome to... apk

You don't always need to block entire domains. Blocking subdomains is safe without adversely impacting entire other sites. Redirect from recursion is a problem in DNS. Hosts can fix that. He's right on that much as well as a hosts being less parts complexity and less room for breakdown (or in DNS' case, exploit).

Re:You're MORE than welcome to... apk

[Ash-Fox]

You don't always need to block entire domains.

But, for the majority of cases, I would. One of the few exceptions is a dyndns service website and those tend to get the issues sorted quickly on their own before I become aware of an issue.

Redirect from recursion is a problem in DNS.

I resolved that problem years ago by setting the preference for resolution over TCP while people were arguing about making dnssec a standard.

He's right on that much as well as a hosts being less parts complexity and less room for breakdown (or in DNS' case, exploit).

I've come across plenty of malware on other people's machines that modified the hosts file on Windows XP, Vista and 7 (I haven't given 'free help' to people since Windows 8 came out). I'm pretty certain the hosts file can be exploited exactly the same as before to direct people to malicious sites. That 'less parts complexity' didn't help there. Hell, making a large hosts file causes a default Windows service to 'breakdown' reliably.

Painting a target on your back

[CmdrTamale]

So, if I search for commercial ad blockers, I should expect targeted ads for better commercial ad blockers?

Yes, please. How do I adjust Ghostery and Ad-Block to allow this?
--
I'd like to set up a wireless ethernet, but I can't find any wireless cable.

Ghostery = Inferior + 'Souled-Out'

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):

---

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o...

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen...

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

* Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts ( A tightly integrated PART of the IP stack itself )

APK

P.S.=> * "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein

** "Less is more" = GOOD engineering!

*** "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

...apk

Ghostery = Inferior to hosts files... apk

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):

---

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o...

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen...

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

* Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts ( A tightly integrated PART of the IP stack itself )

APK

P.S.=> * "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein

** "Less is more" = GOOD engineering!

*** "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

...apkspeed

Re:Nothing "dubious" about it

[Noah+Haders]

I thought anybody could adjust the HOSTS file, why do they need to download something specific?

Re: replacing Ghostery with Disconnect

[peacefool]

What's wrong with using both of them and / or Privacy Badger from EFF?

Re: replacing Ghostery with Disconnect

[geminidomino]

Using both of them has a couple of downsides:

1. The suggestion to replace Ghostery was based on the knowledge that its devs are willing to work *with* scumbag advertisers, which puts them on the wrong side of privacy concerns. Using both doesn't remove the untrusted extension.

2. Both (all 3) apps do the same thing. Ignoring the possibility of Ghostery "whitewashing" their own lists for pay (a legitimate concern given #1), they're likely using the same (or near enough) lists, so you're just adding overhead and slowdowns to every page load.

That said, I wasn't aware of badger, having changed to Disconnect when I learned about Ghostery going bad. I'll have to check it out, to see if it's better than Disconnect.

LMAO - turning off dnscache fixes it

"Exactly, because it breaks it.' - by Ash-Fox (726320) on Sunday May 04, 2014 @04:00PM (#46914717)

I've told you of it before too & you still messed up -> http://slashdot.org/comments.p... and complained of it, forgetting the fix used (that saves CPU cycles, RAM, & other forms of I/O wasted on a service that uses a fix-sized small limited datastructure that can't HANDLE large hosts files: Funny that LINUX HAS NO SUCH ISSUES WITH LARGE HOSTS FILES & funnier still I had to point this ALL OUT TO YOU...

APK

P.S.=> You're trying to tell us that adding "more" to a system rather than using its native parts by "bolting on" an ENTIRE DNS SERVER PROGRAM locally & adding complexity + moving parts for breakdown) is good?

It's stupid...

Especially in adding a tool KNOWN for massive security issues in redirection (Kaminsky) as well as being exploited DAILY ALMOST by "fastflux" &/or dynDNS using botnets as well as being subject to helping DDoS in DNS Amplificaiton Attacks?? That's smart to add?? No, it's stupid... like you!

... apk

You can, but they get BIG... apk

There are a dozen++ sources of custom hosts data. Not all catch the exact SAME known "bad" sites-servers/hosts-domains that serve up exploits of various kinds. It's WHY I created my tool to 'stream in' that data from 12 reputable & reliable sources for said custom hosts file data, from the security community itself.

Trust me on this: YOU do NOT want to even *try* to remove duplicates "by hand alone" from a hosts file spanning 1,000's to MILLIONS of lines - let alone removing the "bloat" in comments & such that many sources of hosts file data leave in (slowing program load).

APK

P.S.=> And, "there ya go": & IF you try my program? Enjoy - it's a 100% freebie, no strings attached (or tracking etc. either) that does the job in creating a custom hosts file that is ABSOLUTELY "lean mean" as possible & that contains data to protect you from threats online, giving you more added SPEED, SECURITY, RELIABILITY, & even ANONYMITY online...

... apk

Adblock & Ghostery = Inferior + 'Souled-Out'

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o...

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen...

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts ( A tightly integrated PART of the IP stack itself )

APK

P.S.=> Currently adding 2 features to it:

1.) 'Shearing away' trackers you CAN'T see, via code techniques that emulate a netstat -ano albeit on an automated timer to do so, as I did here on slashdot (much like how "PEERBLOCK" operates, but, not using ADDED COMPLEXITY laying in a filtering driver, but instead, using the native Windows firewall, creating rulesets for that much too)

AND

2.) Making it FASTER on its slowest part (Convert & Filter) by breaking the file into 100 parts (which process FASTER already than doing the single large intake I do currently) by August!

... apk

Ghostery = Inferior + 'Souled-Out'

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o...

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen...

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts ( A tightly integrated PART of the IP stack itself )

APK

P.S.=> Currently adding 2 features to it:

1.) 'Shearing away' trackers you CAN'T see, via code techniques that emulate a netstat -ano albeit on an automated timer to do so, as I did here on slashdot (much like how "PEERBLOCK" operates, but, not using ADDED COMPLEXITY laying in a filtering driver, but instead, using the native Windows firewall, creating rulesets for that much too)

AND

2.) Making it FASTER on its slowest part (Convert & Filter) by breaking the file into 100 parts (which process FASTER already than doing the single large intake I do currently) by August!

... apk

Won't happen w/ my app running... apk

"I've come across plenty of malware on other people's machines that modified the hosts file on Windows XP, Vista and 7 " - by Ash-Fox (726320) on Tuesday May 06, 2014 @03:22PM (#46932375)

See subject & WRONG: My app LOCKS hosts against that (& when it makes the hosts file, it does so from a PRISTINE backup).

* :)

(You're going to have to accept 1 thing: I have you OUTTHOUGHT, outsmarted, outskilled, & clearly OUTGUNNED on ALL fronts... way ahead of time!)

APK

P.S.=> That "default service" was one I confronted Microsoft on YEARS ago - it's not MY fault they don't fix it!

E.G.-> Linux has no such issues, for example, with LARGE hosts files!

HOWEVER:

I DID COME UP WITH A WAY TO FIX IT THAT WORKS!

Simply by tuning off the local FAULTY & USERMODE SLOW dnscache service (saving the CPU cycles, RAM, & other forms of I/O wasted on it, since it's faulty with large hosts)... apk

Re:Won't happen w/ my app running... apk

[Ash-Fox]

See subject & WRONG: My app LOCKS hosts against that

Cool story. However, I have seen enough apps mark the hosts file as read only and modify by SYSTEM only through malware protection software like spybot. Doesn't help against the more vicious malware.

(& when it makes the hosts file, it does so from a PRISTINE backup).

I don't see what moving/copying files has to do with this discussion.

P.S.=> That "default service" was one I confronted Microsoft on YEARS ago - it's not MY fault they don't fix it!

I never said it was, I just don't think a good solution is one that involves breaking services on Windows and the only way to get around it is to give up things like DNS caching.

E.G.-> Linux has no such issues, for example, with LARGE hosts files!

Actually if your hosts file exceeds 3.4GiB on a 32bit Linux system, you can end up prevented from logging in at the console because PAM can't handle the hostname look up for the local system. I don't even know if it's possible to load a hosts file if you don't have a RAM to hold it on Linux either. The file size I generated trying to block a single domain was far larger than that.

USERMODE SLOW dnscache service

Resolution of cached stuff seems faster than querying 8.8.8.8 here?

That FACT shut you down easily... apk

These facts in turn will do the rest & seal your coffin - here we go:

"I have seen enough apps mark the hosts file as read only and modify by SYSTEM only through malware protection software like spybot. Doesn't help against the more vicious malware." - by Ash-Fox (726320) on Wednesday May 07, 2014 @05:47PM (#46943783)

I don't just mark it once - it's kept up by a hi-res timer (thus not locking the OS out of reads of hosts): FACT! NOTHING CAN WRITE THE FILE WHEN I DO THAT LEVEL & TYPE OF PROTECTION: Nothing...

---

"I don't see what moving/copying files has to do with this discussion." - by Ash-Fox (726320) on Wednesday May 07, 2014 @05:47PM (#46943783)

IF my original hosts were SOMEHOW to get 'poisoned' is what (not that it can, see above)!

I.E.-> I keep a backup of its data in a pristine state to MAKE the latest/greatest/newest hosts on updates is what, dimwit.

---

"I just don't think a good solution is one that involves breaking services on Windows" - by Ash-Fox (726320) on Wednesday May 07, 2014 @05:47PM (#46943783)

It's a GREAT SOLUTION (better than toying with the faulty local USERMODE SLOW dnscache service TTL) since that service IS BROKEN WITH LARGER HOSTS FILES!

So, turning it off since it won't WORK with large hosts files saves its CPU cycles, RAM, & other forms of I/O for other processes running - AND, it gets rid of the "lag" that faulty with larger hosts files usermode SLOW dnscache has too - bonus!

---

"and the only way to get around it is to give up things like DNS caching." - by Ash-Fox (726320) on Wednesday May 07, 2014 @05:47PM (#46943783)

Ahem: What I "gave up" was a HUGE LAG (i.e. - I FIXED IT)

I also saved RAM, CPU cycles, & other forms of I/O wasted on a BROKEN service! Bonus...

(& I make up indexing by placing my fav. sites @ the TOP of hosts which equates to 2-3 million indexed entries, cached into RAM now by a FASTER SUBSYSTEM IN KERNELMODE - diskcache!)

APK

P.S.=> You FAIL... apk

Re:That FACT shut you down easily... apk

[Ash-Fox]

I don't just mark it once - it's kept up by a hi-res timer (thus not locking the OS out of reads of hosts)

What... If you're going to have an application running in the background, why not just use a write lock? Your method sounds like it's wasting a lot of CPU cycles.

IF my original hosts were SOMEHOW to get 'poisoned' is what (not that it can, see above)!

Considering some of the ones I encountered involved rootkits that intercepted native reads (NtReadFile) and for most usermode applications would return the original file, that doesn't help.

It's a GREAT SOLUTION (better than toying with the faulty local USERMODE SLOW dnscache service TTL) since that service IS BROKEN WITH LARGER HOSTS FILES!

Or a bad solution because it breaks a service that works normally just fine until your hosts thing is involved.

I also saved RAM, CPU cycles, & other forms of I/O wasted

And waste it on a hi-res timer that messes with the hosts file instead...

(& I make up indexing by placing my fav. sites @ the TOP of hosts which equates to 2-3 million indexed entries, cached into RAM now by a FASTER SUBSYSTEM IN KERNELMODE - diskcache!)

Except the hosts file I generated was larger than the amount of RAM I had, for one domain. So, I don't see how that would work.

These facts in turn will do the rest & seal your coffin

I wanna run away and never come back!

Additionally: You introduced overheads

"I resolved that problem years ago by setting the preference for resolution over TCP." - by Ash-Fox (726320) on Tuesday May 06, 2014 @03:22PM (#46932375)

THAT usage of TCP (vs. UDP) introduced callback overheads udp doesn't have!

The REST of "sealing your coffin" is here -> http://tech.slashdot.org/comme... (I save CPU cycles, RAM, & other forms of I/O wasted on a broken service that MY TECHNIQUE FIXES)

and here too before it -> http://tech.slashdot.org/comme... (my app locks hosts vs. write corruption hijack).

APK

P.S.=> Every SINGLE ONE of your "objections" = overcome & DESTROYED easily, by "yours truly"... but YOURS are still @ issue in using DNS (full of security holes in Kaminsky flaw redirection, & being ABUSED DAILY BY "fastflux" &/or "dynDNS" using botnets & also recursion dangers AND OVERHEADS as well + more...) - you FAIL, yet again, vs. myself...

... apk

Re:Additionally: You introduced overheads

[Ash-Fox]

THAT usage of TCP (vs. UDP) introduced callback overheads udp doesn't have!

But pretty much resolves the security issue, instead of risking that your hosts file might not have the address in question.

The REST of "sealing your coffin" is here -> http://tech.slashdot.org/comme... [slashdot.org] (I save CPU cycles, RAM, & other forms of I/O wasted on a broken service that MY TECHNIQUE FIXES)

I already countered this non-sense.

and here too before it -> http://tech.slashdot.org/comme... [slashdot.org] (my app locks hosts vs. write corruption hijack).

And that too.

P.S.=> Every SINGLE ONE of your "objections" = overcome & DESTROYED easily, by "yours truly"... but YOURS are still @ issue in using DNS (full of security holes in Kaminsky flaw redirection, & being ABUSED DAILY BY "fastflux" &/or "dynDNS" using botnets & also recursion dangers AND OVERHEADS as well + more...) - you FAIL, yet again, vs. myself...

Woha, you're scaring me!

WTF? How did you "counter' it??

"I already countered this non-sense." - by Ash-Fox (726320) on Thursday May 08, 2014 @03:10PM (#46952303)

Per my subject: HOW did you "counter" for the FACT my app locks hosts against hijack? YOU ARE SO FULL OF SHIT YOU LITTLE MOTHERFUCKING WORM, it's not funny!

THIS I have to hear, lol (since you can't & didn't).

---

"But pretty much resolves the security issue, instead of risking that your hosts file might not have the address in question." - by Ash-Fox (726320) on Thursday May 08, 2014 @03:10PM (#46952303)

You still introduced overheads - Thus, your "fix" != efficient. Mine for dnscache is saving CPU cycles, RAM, & other forms of i/O wasted on a FAULTY service (with large hosts files).

APK

P.S.=> You are SO FULL OF SHIT, you're pifitul... apk

Re:WTF? How did you "counter' it??

[Ash-Fox]

Per my subject: HOW did you "counter" for the FACT my app locks hosts against hijack?

I mentioned exactly which API call was being intercepted by a rootkit.

You still introduced overheads - Thus, your "fix" != efficient. Mine for dnscache is saving CPU cycles, RAM, & other forms of i/O wasted on a FAULTY service (with large hosts files).

My 'overheads' resolve the security issue complete. Yours does not and breaks things.

You FAIL again.... apk

"What... If you're going to have an application running in the background, why not just use a write lock? Your method sounds like it's wasting a lot of CPU cycles." - by Ash-Fox (726320) on Thursday May 08, 2014 @02:43PM (#46951975)

That can be undone IF I don't keep it up, & yes, my method works. FAR BETTER THAN YOUR USE OF TCP TO *try* TO SECURE AGAINST RECURSION WEAKNESSES IN DNS YOU USE STUPIDLY LOCALLY "BOLTING ON MORE" PARTS WASTING CPU cycles, RAM, & other forms of i/O using a local DNS server.

FACT:

---

DNS = FULL OF SECURITY ISSUES in:

1.) Kaminsky flaw redirects

2.) Abuse by "FastFlux" botnets

3.) Abuse by Dynamic DNS using botnets

4.) Abuse in DNS amplificaiton attacks.

---

* YOU have to be STUPID to use something so full of holes in security!

(AS WELL AS "bolting on more moving parts" to waste electricity, cpu cycles, RAM, & other forms of I/O locally, when hosts can do the job in combination with a remote SECURE dns (actually secure, OpenDNS = DNSSEC + updated vs. Kaminsky too, unlike you)).

APK

P.S.=> For ANYONE to have a hosts as large as mine would take 15++ yrs. (that's how long it took me) - most folks won't even have a 2-3mb sized one, since I supply them with CURRENT ATTACK DATA only (last 6++ months or so) - however: IF you want to build one up (reason I do is because of "fastflux" botnets recycling/reusing domain names they paid for over & over again), you can with my program though (I do, for example, for the reasons noted above) - perfectly protected vs. those threats (the worst ARE fastflux &/or dynDNS botnets)... apk

Re:You FAIL again.... apk

[Ash-Fox]

DNS = FULL OF SECURITY ISSUES in:

1.) Kaminsky flaw redirects

Not an issue with my setup.

2.) Abuse by "FastFlux" botnets

Not an issue with my setup.

3.) Abuse by Dynamic DNS using botnets

Not an issue with my setup.

4.) Abuse in DNS amplificaiton attacks.

Not an issue with my setup.

* YOU have to be STUPID to use something so full of holes in security!

As opposed to stuff like hosts file hijacking?

(AS WELL AS "bolting on more moving parts" to waste electricity, cpu cycles, RAM, & other forms of I/O locally, when hosts can do the job in combination with a remote SECURE dns (actually secure, OpenDNS = DNSSEC + updated vs. Kaminsky too, unlike you)).

Because my tiny zone file that blocks an entire domain is going to use less CPU cycles, RAM and other forms of I/O over the multi-GB hosts file? I don't think so. Also, it's less likely to randomly break other stuff too (see: Dnscache, PAM) etc.

perfectly protected vs. those threats (the worst ARE fastflux &/or dynDNS botnets)...

As is my setup.

P.S.=> For ANYONE to have a hosts as large as mine would take 15++ yrs. (that's how long it took me)

I think it took 15 minutes to get to 35GB here, when trying to block an entire domain through generating every single combination because I can't do something like wildcards.

I save faulty slow usermode dnscache

CPU cycles it wastes, RAM, & other I/O too - You introduce overheads (DOUBLE in fact, as TCP is double the calls of UDP, & 2 way, UDP = 1 way outbound broadcast only). I break NOTHING & fix a problem... you "fix it" alright (lol, by introducing FAR MORE overheads, double in fact!).

I fix it more EFFICIENTLY, you do not (AND I WROTE MY OWN, unlike a puny ,b>mere "user" of the work of others like you...)

APK

P.S.=> Lastly - You miss a lookup? YOU GO INTO RECURSION too, & THAT introduces problems as well as slowness overheads (are your upstream updaters DNSSEC secured? If not, there you go...)

... apk

Re:I save faulty slow usermode dnscache

[Ash-Fox]

You introduce overheads (DOUBLE in fact, as TCP is double the calls of UDP, & 2 way, UDP = 1 way outbound broadcast only).

Indeed and it's not vulnerable. Unlike the hosts file workaround that will only work for certain for any site part of the hosts file.

I break NOTHING & fix a problem... you "fix it" alright (lol, by introducing FAR MORE overheads, double in fact!).

Your methods break DNS caching and apparently generate overhead by running a hi-res timer and it still doesn't assure the situation is completely resolved.

I fix it more EFFICIENTLY, you do not (AND I WROTE MY OWN, unlike a puny ,b>mere "user" of the work of others like you...)

Not very efficient if you have to manually maintain that stuff honestly.

P.S.=> Lastly - You miss a lookup? YOU GO INTO RECURSION too, & THAT introduces problems as well as slowness overheads (are your upstream updaters DNSSEC secured? If not, there you go...)

No, my DNS server uses TCP for performing queries. It is not vulnerable to DNS spoofing.

You have TCP vs. UDP overheads (lol)... apk

You can't hijack my hosts file (it's CONSTANTLY protected & I save slow usermode FAULTY dnscache problems too - bonus - saving the CPU cycles, RAM, & other forms of I/O it was wasting).

YOU ON THE OTHER HAND LITERALLY DOUBLED YOUR OVERHEADS using TCP vs. UDP... period!

&

You also "bolt on more" complexity AND ROOM FOR BREAKDOWN!

( & there's NO QUESTION dns has security issues galore in Kaminsky flaw redirect, DNS Amplification attacks, & abuse by "fastflux" + "dynDNS" using botnets. )

Lastly: ANYTHING ANY ROOTKIT CAN DO TO HOSTS CAN BE DONE TO A DNS SERVER PROGRAM PAL - so your SINGLE "point"?

Works against YOU TOO, stupid.

APK

P.S.=> You "bolt on more" stupidly, & stuff that's KNOWN to have security issues - &, I don't...

(In fact, I got RID of a known issue as efficiently as possible - you didn't & MADE IT WORSE, lol (so any overheads I *may* introduce? Moot & made up for by my disabling usermode SLOW faulty dnscache)... apk

Re:You have TCP vs. UDP overheads (lol)... apk

[Ash-Fox]

YOU ON THE OTHER HAND LITERALLY DOUBLED YOUR OVERHEADS using TCP vs. UDP... period!

Maybe, but I don't even notice the difference and it's definitely secured against issues. Your method is not.

Lastly: ANYTHING ANY ROOTKIT CAN DO TO HOSTS CAN BE DONE TO A DNS SERVER PROGRAM PAL - so your SINGLE "point"?

Except DNS servers don't have a fixed configuration like hosts files, so the complexity is greater and I have not seen anything like that in the wild compared to hosts files.

You also "bolt on more" complexity AND ROOM FOR BREAKDOWN!

You mean like the windows DNS cache or PAM on Linux? No, I don't really see it being that bad.

(In fact, I got RID of a known issue as efficiently as possible - you didn't & MADE IT WORSE, lol (so any overheads I *may* introduce? Moot & made up for by my disabling usermode SLOW faulty dnscache)... apk

You don't even block malicious domains as a whole, just a few select subdomains from what is a known malicious domain which is why you have sub-GB hosts files. You are really making a bad case for security with host files and your 'lower' overhead doesn't excuse it.

DNS = "rootkit proof", Ash-Fox? Riiight (not)

Are you trying to tell us rootkits can't affect DNS too?

I don't "break" anything: I literally FIX A PROBLEM AS EFFICIENTLY AS POSSIBLE by saving CPU cycles, RAM, & other forms of I/O wasted on a FAULTY SLOW USERMODE service (dnscache).

I even make up for indexing lost... bonus!

By way of comparison - what did YOU do? YOU DOUBLE OVERHEADS ON DNS faulty & security issue riddled as it is in recursion + vs. botnets that abuse it as well as DNS Amplifiaiton attacks... by going from UDP to TCP, you literally doubled your overhead, literallly!

"Real efficient that" (not).

APK

P.S.=> Answer that - it's going to be YOUR undoing (since I can direct it RIGHT BACK AT YA easily) & you KNOW it... lol!

... apk

Re:DNS = "rootkit proof", Ash-Fox? Riiight (not)

[Ash-Fox]

Are you trying to tell us rootkits can't affect DNS too?

It's going to be fairly more complex to target a DNS server with a rootkit than it is to intercept an API call for reading the hosts file. I'm also unaware of anything in the wild that does that with DNS servers.

By way of comparison - what did YOU do? YOU DOUBLE OVERHEADS ON DNS faulty & security issue riddled as it is in recursion + vs. botnets that abuse it as well as DNS Amplifiaiton attacks... by going from UDP to TCP, you literally doubled your overhead, literallly!

You can't do DNS amplification attacks over TCP... For one, spoofing the IP address means you won't be able to even establish a connection to do the request in the first place. The size of a SYN-ACK packet is tiny, so there wouldn't even be any advantage to even try to exploit TCP based service in this way.

I don't "break" anything: I literally FIX A PROBLEM AS EFFICIENTLY AS POSSIBLE by saving CPU cycles, RAM, & other forms of I/O wasted on a FAULTY SLOW USERMODE service (dnscache).

But by having a large hosts file to block for example, an entire domain, you then require massive amounts of disk space, RAM and even CPU to process such a thing plus hammering the hosts file with a hi-res timer...

P.S.=> Answer that - it's going to be YOUR undoing (since I can direct it RIGHT BACK AT YA easily) & you KNOW it... lol!

You really shouldn't be saying this stuff in every post, when I keep showing you up.

Your own medicine used against you

You're *trying* to tell us DNS = "rootkit proof"?

That's YOUR puny SINGLE line of attack on me... answer it. It's now being used against you & there IS NO DEFENSE (according to of ALL people, you... lol!).

APK

P.S.=> You fail - you doubled overheads on DNS using TCP vs. UDP where by comparison using hosts I save CPU cycles, RAM, & other forms of I/O on a SLOW usermode faulty + limited Windows' dnscache service ( & you're "bolting on more moving parts + complexity" to do it - I don't & lessen THAT too) - LESS IS MORE = GOOD ENGINEERING...

... apk

Re:Your own medicine used against you

[Ash-Fox]

You're *trying* to tell us DNS = "rootkit proof"?

I'm saying the likelyhood of that being an avenue to be exploited seems really unlikely and the fact that I have never seen this done against a DNS server, but I have with hosts files.

That's YOUR puny SINGLE line of attack on me... answer it. It's now being used against you & there IS NO DEFENSE (according to of ALL people, you... lol!).

I countered other points just fine.

P.S.=> You fail - you doubled overheads on DNS using TCP vs. UDP where by comparison using hosts I save CPU cycles, RAM, & other forms of I/O on a SLOW usermode faulty + limited Windows' dnscache service ( & you're "bolting on more moving parts + complexity" to do it - I don't & lessen THAT too) - LESS IS MORE = GOOD ENGINEERING...

Sure, there is more overhead with TCP due to the need to exchange a few more packets, however the majority of packets... SYN, SYN-ACK, ACK etc. are certainly more. However, they are not doubling the bandwidth requirements, I'm not convinced the CPU load is notably changing etc. Calling this 'doubling the overhead' seems a bit of a stretch.

LESS IS MORE = GOOD ENGINEERING...

Less also just means 'less'. In this case, less security.

I don't maintain it (you fail again)

"Not very efficient if you have to manually maintain that stuff honestly." - by Ash-Fox (726320) on Friday May 09, 2014 @10:37AM (#46959171)

My app http://start64.com/index.php?o... does automatically on a timed basis (if users wish).

I don't 'break' a thing: I fix it! (faulty slow usermode dnscache in Windows - Linux has NO SUCH ISSUE though), using hosts AND IT ALSO FIXES REDIRECT PROBLEMS IN DNS, it's biggest problem.

---

"Indeed and it's not vulnerable"" - by Ash-Fox (726320) on Friday May 09, 2014 @10:37AM (#46959171)

No? You keep avoiding this (& YOU USED IT 1st on me or tried to, but I lock hosts vs. hijack): YOU TRYING TO TELL US DNS = "rootkit proof"?

Answer that.

APK

P.S.=> "Real smart" of you (not) - DOUBLING OVERHEADS ON DNS (vs. me fixing my problems efficiently saving CPU cycles, RAM, & other forms of I/O wasted on a slow usermode faulty service, dnscache)

"Real smart" of you (not) using "more moving parts" conplexity + ROOM FOR BREAKDOWN too!

(Especially with all of DNS' known security issues in redirect, & vs. DNS Amplification attacks, + "fastflux" & "dynDNS" using botnets)

"Real smart" of you (not) wasting MORE POWER too, as well as RAM, CPU cycles, & other forms of I/O as well (where I don't DO that stupid wasting - you do)...

... apk

Ash-Fox: Answer the question (yes or no)

Bwah - I can't GET a rootkit or any threat as I block them BEFORE they can get me!

I do that, by using hosts (2.4++ MILLION worth since 1996 here in fact... why? The VERY THINGS that adversely affect & abuse DNS - "fastflux" &/or "dynDNS" botnets!).

There you go!

You also AVOID answering your "single line of attack" on rootkits!

* QUESTION - CAN A DNS SERVER BY ATTACKED BY A ROOTKIT?

(YES or NO will do...)

---

People using my app would literally take as many years as it took me to collect the SIZE of hosts data I use... most of the time, they will only have 1-3mb sized hosts, tops. Current data (the most important really) vs. bad sites/servers... BUT, you can do what I did for the reasons I did (vs. fastflux & dynDNS botnets, the BANE of DNS).

APK

P.S.=> It has been a REAL PLEASURE annihilating you... apk

There's no "maybe": You're doubling it

"Maybe, but I don't even notice the difference' - by Ash-Fox (726320) on Friday May 09, 2014 @10:59AM (#46959381)

TCP has literally TWICE the amount overhead UDP has - period, fact.

LOL, my roommate just said:

"Was your mother just a 'LITTLE BIT PREGNANT' maybe?"

Hell... even HE sees I am using less to do MORE vs. YOU doing MORE to do the same as myself inefficiently!

(You're doing it FAR less efficiently with MORE MOVING PARTS complexity & room for breakdown + consumption of RAM, CPU, & other types of I/O than I use - especially with a KNOWN FAULTY SYSTEM in DNS vs. botnets, dns amplication attacks, etc.).

You fail!

APK

P.S.=> There is NO "maybe' about you doubling overheads and no "maybe" about you FAILED... oh, & I notice you won't say if DNS CAN BE ATTACKED BY ROOTKITS? Why's that?? Maybe since I used what YOU TRIED TO USE ON ME, against you??? Absolutely... apk

DNS = a program (or system running it)

"I'm saying the likelyhood of that being an avenue to be exploited seems really unlikely and the fact that I have never seen this done against a DNS server, but I have with hosts files." -

No? WTF do "fastflux" &/or "dynDNS" botnet doing to DNS? They can EASILY deliver anything they want (especially with faults in it, just like any program).

WTF is a DNS amplification attack doing to DNS??

"NO ABUSE THERE" (yea, right...)

So, HOW's DNS more "proof" to rootkit attack than PC's are? Answer = THEY'RE NOT, period. See subject-line...

---

"I countered other points just fine." - by Ash-Fox (726320) on Friday May 09, 2014 @11:13AM (#46959525)

BWAHAHAHA: "Riiiggghhhtt" - BY DOUBLING YOUR OVERHEADS ON DNS USING TCP vs. UDP?

Real EFFICIENT that, lol... not.

Less security with hosts? Ok - I have every known possible threat added to hosts daily - I can't even GET A ROOTKIT BECAUSE OF THAT FACT, stupid!

(I update by the hour if I want even vs. such threats)

QUESTION: How's that less secure than DNS (with all of its security faults vs. Kaminsky flaw, dynDNS & fastflux botnets, DNS amplification attacks)?

APK

P.S.=> No, as usual, I've "floored you" as I have before, ,b>using YOUR OWN MEDICINE against you in rootkits too, easily... better luck next time!

... apk