Slashdot Mirror
Ad Company Using Verizon Tracking Header To Recreate Deleted Cookies
itwbennett writes The story began a few months ago when it was reported that both Verizon and AT&T were injecting unique identifiers in the Web requests of their mobile customers. AT&T has since stopped using the system, but Verizon continues. Now, Stanford computer scientist Jonathan Mayer has found that one advertising company called Turn, which tracks users across the Web when they visit major sites including Facebook, Twitter, Yahoo, BlueKai, AppNexus, Walmart and WebMD, uses the Verizon UIDH to respawn its own tracking cookies.
“If a Verizon customer tethered with their phone, their notebook could get stuck with the zombie value. (The ultimate in cross-device advertising!) And the zombie value could spread between cookie stores on a device, including between the web browser and individual apps. (The ultimate in inter-app advertising!)”
Not a long time ago, I was just a normal internet user that surfed various news sites like Sladshdot, reddit, or wsj.com. I read a story, perhaps clicked onto some links it contained, and I was mostly happy with my life.
Then, one day, I surfed Slashdot. It was one of those days you will remember for the rest of your life. So, as I surfed Sladshdot, the title of a story got my attention. I read the summary. The topic seemed interesting, so I decided to read further. I read:
Read on below for the rest what Bennett has to say.
Usually I don't read first line of a story which contains the user who has submitted it. On that day, I didn't neither. As I've only read that bottom line, I asked myself: who is this misterious Bennett? I decided to click onto the "Read the comments" link to read more of the story that was, as it seems, written by some Bennett. During reading, I was already impressed by the clear and detailed but still concise structure of the text. As I finished reading, I was convinced it was the best story I've ever read on Sladshdot, or any comparable news site. I asked myself: perhaps this misterious Bennett has contributed more frequently than just once?
To find that out, I went to Sladshdot's search bar and searched for "Bennett". I clicked the second entry, and it began with:
Frequent contributor Bennett Haselton writes
I searched for the "Read on" line, and I was happy when I found it. As it seemed, he was a frequent contributor. However the story was on a topic completely unrelated to the topic of my article. Would the other article still be as insightful as the first? And the other stories in the search result? Would they be also by Bennett? Or someone else? I decided first to be happy to have found such an insightful article, and decided to make a photograph of me, before I read the second story.
I still have that photograph of me and I can see the hope and the satisfaction in my eyes, the hope that the other stories are also written by this brilliant author called Bennett, and the satisfaction of having read such an insightful article. As I've read the first couple of stories by Bennett, I couldn't believe what my eyes saw: all the stories were as insightful or even more insightful than the original story I read. I asked myself whether the spectators in the Globe theatre would have felt the same way when they watched a piece by shakespeare: Witnessing history of writing. I realized Bennett is one of histories great writers.
As I've finished reading all contributions by Bennett Haselton on Sladshdot, I went back to the first Bennett story, and read them a second time. I sat three days straight, missing all social events during that span, only reading Bennett's stories, and reading them again and again. During that time my eyes opened to the fact that my whole life, I've known nothing. Bennett's stories explained every aspect of very complicated things in such detail, that I formed something in my mind. First, I couldn't describe it what it was, but years later I know that, for the first time of my life, I formed something called "opinion" on a topic. Previously, I've only adopted opinions from others, but Bennett's stories enable people to make their opinions for themselfes, to form them. With his stories, Bennett gives you the material to form your own opinion on your own. I know you will say that you can form your opinion on your own, and that you don't need Bennett for that. I
disagree with you. What you call opinion, is in reality just ideology you imitate from others. You don't form your opinions, you don't have them.
Every time Bennett writes a new story on Sladshdot, I take a free day and spend it reading the story
I don't know what to think about this, without Bennett telling me His opinion.
So Verizon inject encrypted cookies that identify the user, then sell the decryption key to add companies, so they can track users. I'd be reviewing the terms and conditions of the internet service. Surely they don't allow tampering? People should shame Verizon publicly and leave them, but calls for net neutrality laws are misguided. Verizon makes money from this, so they should end up cheaper than competitors who don't do this. Customers are free to choose to have less privacy for a cheaper service. Regulation isn't needed.
Oh, I'm sorry, that must have been one of my OTHER personalities!!!!
if you haven't ever waded thru pcap traffic of adfraud, you may not be familiar with this steaming shitpile.
http://www.lumapartners.com/wordpress/wp-content/uploads/2012/04/Display-LUMAscape_2012-04-05.jpg
turn, bluekai, and appnexus are all companies in the lumascape group.
Make sure you set your computer to reject all cookies, and only browse in the 'private' browsing mode. It works well for me. Those fuckers don't know where I've been or where I'm going. I prefer to live 'off the grid' when I can. Not everyone is as savvy but I'm happy to share.
All of these greedy assholes who run these companies which exist to violate our privacy?
They've all given up any right to privacy and to be treated like humans.
Start doxxing the fuckers. Release their home addresses, phone numbers, baking information. release every mother fucking piece you can find on them, their families, their friends, their business partners.
If they want to make their living by trading on our personal information without our consent, then they utterly deserve to be driven into the ground using the same thing.
They're parasites with no regard for us. Which means they and those they associate with deserve no regard from us.
But you can change government providers.
There's another government provider to the north of the US and another government provider to the south of the US. Along with more than a hundred other government providers. There's also plenty of other local and regional government providers if your problem is just with your local provider.
the "market" does not correct for corrupt practices like these
Public shaming stopeed AT&T from doing this.
In my corner of the "market", things like these led me to switch from Verizon to T-Mobile.
Your confusion seems to be that the "market" must correct instantly, instead of over time.
The benefit of market correction is it's more natural in reaction, and proportionate to the problem.
The model you'd prefer is a regulatory approach, which at this point is inherently corrupt and alarmist - your approach brought us the Patriot Act (thanks for that BTW).
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I just tried this URL on three Verizon phones:
http://uidh.crud.net/ On all browsers on the Android phones, no ehader was detected. THe iphone we tested, there was a header insertion.
I assume this is due ot a "no track" setting at the browser application level. Interesting that androids browsers have it enabled but iphone browser does not.
VPN to some endpoint outside of VZ's network.
Harrison's Postulate - "For every action there is an equal and opposite criticism"
We have a dualapoly because of a lack of regulation. at&t and Verizon have been buying up competitors for years. There's a funny video of one of the guys from The Daily Show showing how AT&T undid their breakup through mergers
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
"So, what’s a Verizon subscriber to do?,"
Dump Verizon.
From https://www.eff.org/deeplinks/...
Because the header is injected at the network level, Verizon can add it to anyone using their towers, even those who aren't Verizon customers. Notably, Verizon appears to inject the X-UIDH header even for customers of Straight Talk, a mobile network reseller (known as a MVNO) that uses Verizon's network. Customers of Straight Talk don't necessarily have a relationship with Verizon.
Windows 3.1x calc: 3.11 - 3.10 = 0.00
and Android does not so that is the reason why they throw that header to iOS phones by default.
Their execrable behavior is summed up in this lawyer speak from the article...
"Turn admits that it is using Verizon’s UIDH to recreate deleted cookies, but the company’s general counsel and chief privacy officer, Max Ochoa, argued in a blog post that “clearing a cookie cache is not a widely recognized method of reliably expressing an opt-out preference.”"
If the user clears cookies, they want the memory of that crap gone.
Scum!
Man, those guys at Verizon are getting the job done. I gotta step up my game.