Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft To Stop Enabling 'Do Not Track' By Default

Posted by Soulskill on from the do-not-do-not-track dept.

An anonymous reader writes: The history of the do-not-track setting for web browsers has been rife with debate. It took a long time for web experts to come to anything resembling a consensus on how it should be implemented, and the process isn't over yet. Microsoft took criticism for enabling the do-not-track setting by default in Internet Explorer. While it sounds good in theory, many worried it would just spur websites to completely disregard the setting (and some, like Yahoo, did just that). Now, Microsoft has reversed their stance. The do-not-track setting will not be enabled by default in the company's future browsers. They say, "Put simply, we are updating our approach to DNT to eliminate any misunderstanding about whether our chosen implementation will comply with the W3C standard. ... As a result, DNT will not be the default state in Windows Express Settings moving forward, but we will provide customers with clear information on how to turn this feature on in the browser settings should they wish to do so."

8 of 64 comments (clear)

  1. Re:How many sites actually honor DNT? by Nartie · · Score: 2

    The whole thing is silly. Some sites might say they honor it, but there's no way to know if they actually honor it or just pretend to honor it. It's a lot easier to ignore DNT and just delete the cookie.

  2. Re:How many sites actually honor DNT? by Anonymous Coward · · Score: 5, Informative

    I work in the internet advertising industry and the big exchanges do respect it. In fact, if companies that work with them don't follow DNT they can get booted.

    Mind you this is just the more legit companies though.

  3. Re:How many sites actually honor DNT? by ShanghaiBill · · Score: 3, Informative

    My understanding was that DNT has mostly been a failure

    It failed because Microsoft deliberately sabotaged it. DNT was supposed to be an affirmative indication of customer preference. But instead, Microsoft set it automatically in their browsers, prompting most websites to ignore it, since it no longer meant anything.

  4. Re:How many sites actually honor DNT? by QuasiSteve · · Score: 2

    DNT was DOA.

    What site in their right mind would actually honor - and I mean fully, including through any third party content (and yes by that I mean ads) or 'accidental' methods via supercookies / sharing of information at the backend of several sites within one's control - something that's merely a 'request' by a user (regardless of whether they were semi-automatically opting into making that request) and has no legal stick behind it?

    If anything, Microsoft making it the default in Windows' installation express settings just exposed exactly this issue when sites started saying they would ignore the setting "because Internet Explorer". That was always a completely transparent bullcrap excuse.

    Just have a look at what countries with strong 'cookie' laws have going on. Are there some sites that do disable the tracking cookies while leaving cookies for functionality up? Sure, of course they exist. And for every single one of them, there's dozens that will throw a banner in your face suggesting that you have a choice: allow the tracking cookies, or piss off.

    Some might say "so piss off and go to another site" - except there often is no such other site, and most people given the choice between being able to consume and not being able to consume at the expense of intangible tracking will happily be tracked so the sites never feel it in their bottom line either.

    This is the sort of thing that I would expect to happen with DNT as well: A banner with something like "You currently have DNT enabled - to access the rest of this article, please disable DNT or click here to allow our servers to store information about your visit this once.", which eventually gets old and users disable DNT.

    And yes, that sort of thing is facilitated in the DNT spec: http://www.w3.org/TR/tracking-...

    DNT was never going to get anywhere particularly useful for end-users while adding a layer of headache on the server side. Browsers' default behavior and browser extensions have done far more to inform users of the issues of ads and tracking and how to mitigate those issues.

  5. Re:How many sites actually honor DNT? by Anonymous Coward · · Score: 2, Informative

    Seconding that. I've certainly spent enough sprints working on good opt-out handling.

    It's mostly big advertisers that respect DNT because 1) they have something to lose and 2) they have the resources to bother. Probably the main websites you actually visit don't care, but the ads that show up on them do. With DNT on you might see more repeats of ads, because they can't limit how many times they show you one, etc.

  6. Re:How many sites actually honor DNT? by PsychoSlashDot · · Score: 2

    My understanding was that DNT has mostly been a failure, though I don't know how much of that has to do with IE's default behavior. Am I wrong about that? Are there lots of sites out there honoring the DNT setting?

    Agreed. Besides, it turns out that the default for web servers for their DNGAF option (Do Not Give A Fuck) is also enabled.

    --
    "Oh no... he found the .sig setting."
  7. Re:What is this IE you speak of? by LordLimecat · · Score: 3, Informative

    Firefox doesnt look so hot when you look at the number of CVEs, particularly remote code execution:

    http://www.cvedetails.com/prod...
    http://www.cvedetails.com/vers...

    It beats IE 11 by a small margin in RCEs, but loses in total vulns. Its really not that great of a browser, lacking common security mechanisms like plugin isolation.

  8. Re:Just Disable Cookies by LordLimecat · · Score: 2

    It's far more effective to simply disable the means of tracking you.

    And far more impossible. How do you propose to stop a webserver from logging your visit or knowing your IP?