Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ad Company Using Verizon Tracking Header To Recreate Deleted Cookies

Posted by timothy on from the oh-that-bothers-you? dept.

itwbennett writes The story began a few months ago when it was reported that both Verizon and AT&T were injecting unique identifiers in the Web requests of their mobile customers. AT&T has since stopped using the system, but Verizon continues. Now, Stanford computer scientist Jonathan Mayer has found that one advertising company called Turn, which tracks users across the Web when they visit major sites including Facebook, Twitter, Yahoo, BlueKai, AppNexus, Walmart and WebMD, uses the Verizon UIDH to respawn its own tracking cookies.

8 of 70 comments (clear)

  1. Re:Que calls for net neutrality... by fightinfilipino · · Score: 5, Informative

    So Verizon inject encrypted cookies that identify the user, then sell the decryption key to add companies, so they can track users. I'd be reviewing the terms and conditions of the internet service. Surely they don't allow tampering? People should shame Verizon publicly and leave them, but calls for net neutrality laws are misguided. Verizon makes money from this, so they should end up cheaper than competitors who don't do this. Customers are free to choose to have less privacy for a cheaper service. Regulation isn't needed.

    the "market" does not correct for corrupt practices like these, despite every libertarian fantasy to the contrary.

  2. Re:Even worse... by colordotmatrix · · Score: 3, Funny

    Which leads to World War Z!!!!!

    See, there IS an app for everything!!!!

  3. Re:Easy fix by myforwik · · Score: 5, Informative

    If they are injecting headers, that still won't work. Every http request will be identifying you. You need to browse in https and comfirm that your Verizon phone isn't using some dodgy built in Verizon CA. It is always a good idea to browse in privacy mode, especially because bank sites and other sites could have flaws like cross site scripting.

  4. Re:Que calls for net neutrality... by jfengel · · Score: 5, Insightful

    And even if it were to eventually... it certainly isn't right now. Your privacy has been invaded for weeks or months. That is a fait accompli; no market reaction can undo that.

    That's the thing I find baffling about the libertarian fantasists. Even if in some kind of long-term it were to eliminate some kind of abuse, it can't reverse the effects of that abuse. Pollutants stay in the environment. People injured by dangerous products remain injured. Patients who die from counterfeit medicines stay dead. You can't sue your way whole.

    There are many other reasons why the market isn't nearly as frictionless as libertarian theorists like to imagine. But right here, in this case, we've got an example: you will never regain the privacy that you lost because of this. Even if you switch providers, and that forces them to change the policy, it won't return the privacy you've already lost. Markets simply aren't frictionless, and that friction makes the notion that "the market fixes everything" just plain false.

    That's not to say we need infinite regulations on everything. The right level of regulation is difficult and complex, and has to be worked out as a compromise. I'm just pointing out that "oh, it'll all be OK, we never need to do anything at all" isn't a helpful contribution to that compromise.

  5. Re:Easy fix by in10se · · Score: 3, Informative

    Someone didn't RTFA. Neither of those things will prevent this. The tracking is injected into the HTTP headers by the ISP. Even if you don't accept their cookie, they can still track you.

    --
    Popisms.com - Connecting pop culture
  6. Re:Easy fix by DarkOx · · Score: 4, Interesting

    I wonder if we could fuck with this services though by creating a Mozilla addon that inserts this header and fills it with some random garbage on each request. If enough people used it maybe we could DOS their database by filling it with UUID seen only once?

    --
    Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
  7. Re:Que calls for net neutrality... by PopeRatzo · · Score: 5, Insightful

    Your assertion is based on... what?

    What is the "free market" mechanism for dealing with corporate intrusions that are unknown to the consumer?

    When you have third parties making money off of your data without your permission, and you are not their customer, which free market recourse is available to you?

    The "free market" is just a myth used to make people like you think you have some agency in an economy where you are the consumable. There is no such thing as a free market. It has never existed, and can never exist. It's a fairy tale told to slaves.

    --
    You are welcome on my lawn.
  8. Re:Only iOS? by JohnFen · · Score: 3, Interesting

    There are only three possible explanations for this: the two phones were using different carriers, or they were being tested in different geographical locations, or the cell carrier itself is making the distinction for some weird reason. The header injection itself is totally unrelated to the phone, the operating system, or what the software on the phone does.