Slashdot Mirror

← Back to Stories (view on slashdot.org)

Verizon Subscribers Can Now Opt Out of "Supercookies"

Posted by samzenpus on from the don't-track-me-bro dept.

itwbennett writes Verizon said in January that it would allow subscribers to opt out of having a unique identifier placed on their phones that critics have labelled a "supercookie" because it's almost impossible to remove, but it didn't say when. On Tuesday, Verizon said the identifier won't be inserted for customers who opt out of its mobile advertising program: "Verizon Wireless has updated its systems so that we will stop inserting the UIDH after a customer opts out of the relevant mobile advertising program or activates a line that is ineligible for the advertising program, such as as a government or business line," Verizon said in a change to its policies.

12 of 82 comments (clear)

  1. I don't get it? by awilden · · Score: 2

    So what's the movie reference? It's obviously a joke story...

  2. testing method? by dltaylor · · Score: 4, Interesting

    I can set up a WiFi port to capture the data over that medium (really nice switches that allow port mirroring), but how can I test that 3/4G data requests not only no longer have the "supercookie", but have no new flavor of tracking tag? I'm concerned that they might have one that gets stripped except for special destinations, such as paying businesses, so I couldn't test it against my own web server.

    1. Re:testing method? by johnmoe · · Score: 3, Informative

      You just go to any of the web pages that will show you your http headers. Opt out. Notice that x-uidh header is now gone.

    2. Re:testing method? by viperidaenz · · Score: 2

      The tracking is not done on the phone.

      They inject HTTP tracking headers as the data goes over their 3G/4G network.

      Even if you had a Stingray you couldn't check. You just have to trust Verizon.

  3. Re:We need COMMUNISM now! by epyT-R · · Score: 2

    Nope. It's 'crony capitalism', where large corps grow the size of the state with lobbies and use it to corner the market and impose the ethics of the principals on the rest of us. It's a revolving door at the top of the pyramid, and they're all friends. A corp can only refuse to employ you or refuse to sell to you, the state can confiscate your property and imprison.. It's both tracks together that create tyranny.

  4. Confirmed! by crow · · Score: 5, Informative

    http://www.amibeingtracked.com...

    I just checked this. My phone is on a corporate account, so it shouldn't be eligible for the advertising program they're talking about in the first place. The cookie is gone.

    I still hope they get sued out of business over this. Of course, they'll probably settle for something in the low millions that won't impact their profits.

    1. Re:Confirmed! by rworne · · Score: 2

      They have an opt-in program. It's called "Verizon Selects".

      Basically, it's a points-based award program that "rewards" you for letting them monitor your location, app usage, and web browsing activity on your phone.

      But why is this opt-in and the super cookie business opt-out?

      Simple. In the selects program, they "pay" you with gift cards or merchandise. With the super cookie, Verizon gets your browsing for free.

      --
      I tried every decent and legal way I could think of to resolve the issue w/the business before I rented the chicken suit
  5. Re:You are a moron! by Runaway1956 · · Score: 2

    *sigh*

    Capitalism isn't a bad thing. Communism isn't a bad thing either. Nor is democracy. However, any form of government can be corrupted by bad men. Especially if the masses of poor clueless chumps sit around just watching. And, that is pretty much what happens with all forms of government.

    I'm not in love with the concept of capitalism, but I do get tired of listening to poor clueless chumps blathering on about how evil it is.

    In effect, you prefer to be manipulated by a communist leader, than by capitalist leaders. Maybe you would prefer not to be used and abused by any corrupt leaders. But - the latter choice really isn't an option, now is it?

    --
    "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
  6. already opted out. by Gravis+Zero · · Score: 5, Insightful

    i opted out by leaving their entire network. fuck them and their unquenchable greed.

    --
    Anons need not reply. Questions end with a question mark.
  7. Re:You are a moron! by 7-Vodka · · Score: 2

    How about we pick freedom and give up being ruled over.

    --

    Liberty.

  8. Re:We need COMMUNISM now! by _merlin · · Score: 2

    Nope. It's 'crony capitalism'

    Call me cynical, but I don't think I've ever seen any other kind of capitalism.

  9. CORRECTION! by ramriot · · Score: 2

    Before we get too far down the rabbit home here, I would like to add a correction to the story above.

    The Verizon 'SuperCookie' is not "placed on their phones" it is an additional header line 'X-UIDH' inserted in outgoing internet requests by their network management system see: http://en.wikipedia.org/wiki/V.... As such it is never present on the users device, but does uniquely identify a user to any server they communicate with if that server either has back end pair access to verizon's customer database or they use services that combine multiple trackers with this one to keep lock on the users sessions relative to the entire history, but not associated with a Verizon customer record.

    One good thing (if anything about this can be called good) is that they cannot add this header to TLS/SSL traffic as the headers are end-to-end encrypted, so provided yo stay HTTPS on your connections or run a mobile VPN it does not matter if you opt out or not as they cannot add this tracker to your traffic.

    One final thought is that even without encryption if there was a proxy server out on the internet that you set your mobile device to sent all traffic through and that server was to strip out this header from your requests before passing it on to its destination then you would also be protected, which I will be setting up should this 'service' emerge from the slime in the future.