Slashdot Mirror
EFF Coalition Announces New 'Do Not Track' Standard For Web Browsing
An anonymous reader writes: The Electronic Frontier Foundation, privacy company Disconnect, and several other organizations are publishing a new DNT standard. Partners in the coalition include: publishing site Medium, analytics service Mixpanel, AdBlock, and private search engine DuckDuckGo. Thought it's still a voluntary policy, the EFF hopes the new proposed standard will provide users better privacy online. "We are greatly pleased that so many important Web services are committed to this powerful new implementation of Do Not Track, giving their users a clear opt-out from stealthy online tracking and the exploitation of their reading history," said EFF Chief Computer Scientist Peter Eckersley. "These companies understand that clear and fair practices around analytics and advertising are essential not only for privacy but for the future of online commerce."
Oblig xkcd https://xkcd.com/927/
Minimum threshold fixed. Thanks!
i would rather have IP ranges/domains of advertisers, perhaps they should persuade IP owners to DROP (don't route or peer) advertisers, like spamhaus but for advertisers, or fund some sort of blocking application (like peerguardian)
Ad companies have already proved themselves untrustworthy and should be treated as hostile entities and removed from the net for the overall good of the network
Without the cooperation of the advertising industry this will be as successful as the last "Do Not Track" initiative.
It's not going to work, neighter will the advertisers care, nor will i disable adblock/ghostery.
Many ad networks ignore the DNT flag as microsoft made it the default on new installations. So they don't consider it a valid user opt out
Minimum threshold fixed. Thanks!
Websites: "Hey, that looks like a neat standard you made there." *chooses not to follow it anyway and resumes tracking* D:
Have you read the privacy policies of any modern web site? Almost all say "we do not pay any attention at all to any 'do not track' flags, cookies, etc."
Asking nicely hasn't helped either side in this debate to any great degree in the past. How is it going to help this time?
No advertiser asked nicely if the users would prefer to see ads.
No user asked nicely if the sites would prefer to not get any revenue.
Few sites asked nicely if the user would allow their preferences to be overridden just for them. (I only know of Ars Technica, but I'm sure there were a few others.)
No sites asked nicely if browser makers would leave DNT headers turned off.
No advertiser asked nicely if they could please, pretty please make advertising even more annoying.
No user asked nicely if they could wholesale nuke all scripting, plugins, and request passing without a whitelist entry.
And now, no site is going to pledge to discard perfectly marketable data with a steadily increasing street value just because the EFF is asking nicely.
This proposal is right next to the dictionary entry for "non-starter".
My DNT: Noscript, and Ghostery.
If I really, really want to avoid being tracked, I'd switch to TOR. But that's for medical and other very private stuff.
"If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
That your can't afford to use the net because someone broke in and stole the cookie jar. You surrender your rights to privacy when you use the net period. The crooks and advertising scam garbage will start to have no where to hide though because their use of cookies is easily traced and exposed so in a way the loss of complete privacy on the net is a trade off. Unless of course you trust Microsoft and Bing to not track you or take money from advertisers. LOL
This message was not sent from an iPhone because Peter Sellers really was a deviated prevert without a dime for the call
The fox does not care if the sheep pass a law in favor of vegetarianism.
I can just check a box, dust off my hands and feel safe in the knowledge that all the sites I visit are not tracking me... phew.
My eyes reflect the stars and a smile lights up my face.
How come so many geeks understand why DNT fails, but turn around and argue for gun control?
What's the EFF trying to pull here? The only way to enforce DNT is through aggressive blocking at our end. The damn advertisers can put up static ads, with links if they want, on the main page if they want us to see them. Anything more intrusive than that should simply be blocked and forgotten.
Any voluntary wont work in tracking protection. It would be like passing speed limits that were voluntarily obeyed.
You are all cows. Cows say moo. MOOOOOOOO! MOOOOOOOOO! Moo cows MOOOOOOO! Moo say the cows. YOU COWS!!
We already has a privacy initiative, something called P3P which fizzled. DNT went nowhere, and this project is probably going to go nowhere as well.
The reason is that there are many, many companies whose basis of existence is to intrude as much as they can on the user browsing a site. If they can inject adware/malware, they would.
Real DNT consists of AdBlock, click-to-play or FlashBlock, then keeping the Web browser separated from anything vital, be it in a VM, sandboxed, or both. That way, LSOs or other "super-cookies" left behind are dealt with.
All you have to do is be on Internet Explorer, and trust that a website does what it says it will do in its cryptic http header that was generated by a discontinued, closed source IBM tool, what's the problem?
according to microsoft, only a few inconsequential websites like those losers at Facebook and Google use "technological trickery" to get around this very important abandoned web standard from 2002 that only Internet Explorer implements.
seriously the MSDN article I linked is hilarious, here is a gem:
Unfortunately, a small number of websites (like YouTube and Facebook) circumvent P3P settings by sending a P3P statement that consists of only undefined tokens, like this one:
//support.google.com/accounts/bin/answer.py?answer=151657&hl=en-US for more info."
P3P: CP="This is not a P3P policy! See
Perhaps too much to expect people to RTFA, so at least read the spec and FAQ itself:
https://www.eff.org/dnt-policy
It does NOT magically force privacy-hating advertisers to play nice. What it DOES do is give an incentive to websites that IF they host the dnt-policy.txt file, THEN that indicates they are claiming they will follow the behavior specified in that file. The pay-off to them is that PARTICIPATING AD-BLOCKERS will be more lenient to sites that host the file, so doing so means more ad revenue than being blocked. If a site simultaneously hosts the file and breaks its promises to adhere to what the file says, then the clear intent specified in the file (in a legal friendly way) allows this to be grounds for false advertisement or similar legal issues. Unlike most other such cases where such a violation is hard to prove, in this case, it is pretty clear cut.
Do we mind the reputable advertisers? Hardly. And before any snide comments, yes, they do exist. Advertisers that understand that the only effect those in-your-face ads with blaring music have is that more people are getting pissed to the point where they start looking for a way to block that shit. Normal ads, banners and maybe even flashing banners, don't provoke that reaction. People load them and may even click them when the topic is interesting.
These are also the kind of advertisers that will honor such do-not-track standards.
And then there's the assholes that just want to abuse you for their gains. The kind of junk that comes piggy-backing with some "free" software that messes with your browser settings and invades your privacy. The kind you absolutely do NOT want.
And these are also the same assholes that don't give a shit about such DNT systems.
And as long as this is the case, people will use ad-blockers and of course they in turn won't give a shit about blocking the "good"... or let's say "less annoying" advertisers along with the real reason they install such content sanitizing tools.
"Honest" advertisers, if you really want us to believe in your DNT tech and not block you whenever we have a chance: Weed out the bad apples in your industry. Lobby for laws that outlaw such practices. For as long as these assholes are allowed to exist, we will block you, too.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Major advertisers starting following the DNT standard.
Then browser vendors broke the protocol, in such a way that it became useless.
The protocol was a way to say "this user chosen has opted out of any customizations, saved favorites, or other features that rely on cookies or similar technologies. This user wants more than the default level of privacy, and is willing to give up features which depend on cookie or other tracking."
When browsers started lying and sending a DNT headers for people who had NOT made that choice, the protocol became useless.
EFF has an ad/tracking blocker https://www.eff.org/privacybad... /. so I block them, but my HOSTS file is what's really blocking what needs to be.
it's a brain dead little thing that sits unobtrusively in the menu bar of Firefox. It detects 3 trackers from
I installed it yet never really used it, noticed it one day (that's how unobtrusive it is) and now use it to block EA.COM while I play my games.
Actually I don't think it's blocking anything just telling me what it can as my HOSTS file is doing all the work, but for a real simple ad/tracking blocker it's ok.
No browser vendors DIDN'T break the protocol. Those designing it broke it, they were basically trying to sacrifice the general public to the advertisers on the condition that a few technically competent could opt out. MS and others saw this as ridiculous so they decided to set this as the default, once those creating the standard saw this happen they then modified the standard to say that you are not allowed to make the sane choice for a user, the user has to discover it themselves. At that point DNT was DEAD and those creating it showed themselves for what they really were, a bunch of self serving arseholes trying to create a standard to benefit only a few while letting the advertising industry off the hook.
If you DON'T send any header specifying your preference regarding convenience versus privacy, you get the default behavior. That's the DEFINITION of default, what happens when it's unspecified. Think about that for second and you'll realize that's true (assuming you're not stupid, of course).
Since sending no extra header at all gets you the default behavior (by definition) , any extra header is useful only if it indicates something other than the default.
Therefore, for a browser to send extra headers specifying by default is useless, no matter what the context, by the very definition of the word "default".
You claimed a user has to be technically advanced in order to choose. The browser could have just as easily given the user a dialog with these two checkboxes:
Do you prefer web sites to provide you more convenience, or more privacy?
O More convenience and features
O More privacy
Had they done that, the header would have had meaning - it would have indicated something about the user's preference.
On the other hand, since the browser sent DNT by default, that means only that the user might prefer the default balance between convenience and privacy- exactly the same thing as not sending any header at all.
Advertising Coalition Announces New 'Do Not Give A Fuck' Standard For Web Browsing
Hey moron. Giving the users a dialog box is what they did first. That is what prompted them to change the standard as too many would choose privacy. The standard changed that a user had to go find the setting themselves.
Microsoft killed DNT.
They changed it from a user preference to a vendor preference, but the whole point of DNT was to transmit a user preference, because no advertiser gives a fuck what Microsoft wants. By obscuring the user's choice, they effectively removed DNT as being a piece of information.
Look at it from the server side: say there's a DNT:1 header and MSIE user-agent. Do you have any way of knowing the user's preference? All you know is Microsoft's preference but you never cared about that in the first place.
People who never think about user interfaces (e.g. you) think that a preference can have a default value. No; it can't. A behavior can have a default. We often conflate preferences with behaviors, because there are so many (it really is an overwhelming majority) where the difference really doesn't matter. But for DNT, it does matter. If the header specifies a default behavior instead of a preference, then it means nothing.
To put it another way, giving-a-fuck is extremely important. We like to pretend it's not important and that most people should never give a fuck about anything. It's almost socially unacceptable to ever admit you care about anything. But the very idea behind DNT flew in the face of that. Society (and especially Microsoft-customer society; the entire reason that company exists is due to people not giving a fuck) wasn't ready for that.
Major advertisers starting following the DNT standard.
Then browser vendors broke the protocol, in such a way that it became useless.
We need ALL advertisers to be beholden to follow a DNT standard, not just a few key players.
Otherwise you'll just end up with all the other advertisers suddenly getting bigger when companies flock to the ad agencies that have better access to consumers since they are not honoring DNT. This will likely be followed by the ones that did agree to honor DNT ducking out of the agreement, because there are so many companies not following the rules so the initiative is worthless they'll say. The whole thing will just collapse on itself.
APK Hosts File Engine 9.0++ SR-2 32/64-bit http://start64.com/index.php?o...
FREE & adds speed, security, + reliability, doing more with less, more efficiently vs. browser addons & locally installed DNS servers @ home + fixes DNS' redirect security issues - obtaining its data vs. online threats & adbanner blocking from 10 reputable sites in the security community!
* :)
MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus per this VERY recent testing of them all http://www.av-test.org/en/news...
&
It's GUARANTEED safe & clean per it being checked by 57 antivirus programs recently in BOTH its 64-bit model https://www.virustotal.com/en/...
+
In its 32-bit model also https://www.virustotal.com/en/...
---
"The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"...
APK
P.S.=> By "yours truly" - "The Lord of Hosts" so-to-speak:
PERTINENT QUOTE/EXCERPT:
"The image this title brings to mind is of a mighty military commander, one who can at a mere word summon rank upon rank of protective power" from https://answers.yahoo.com/ques... & THAT WORD = hosts!
(Accept NO substitutes!)
...apk
Has anyone looked into mangling the cookies that get left on our machines such that they fail to provide the useful info?
Also, has anyone started a browser that lies about all the new ways of identifying us (keystroke speed, battery levels, etc)?
APK Hosts File Engine 9.0++ SR-2 32/64-bit http://start64.com/index.php?o...
FREE & adds speed, security, + reliability, doing more with less, more efficiently vs. browser addons & locally installed DNS servers @ home + fixes DNS' redirect security issues - obtaining its data vs. online threats & adbanner blocking from 10 reputable sites in the security community!
* :)
MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus per this VERY recent testing of them all http://www.av-test.org/en/news...
&
It's GUARANTEED safe & clean per it being checked by 57 antivirus programs recently in BOTH its 64-bit model https://www.virustotal.com/en/...
+
In its 32-bit model also https://www.virustotal.com/en/...
---
"The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"...
APK
P.S.=> By "yours truly" - "The Lord of Hosts" so-to-speak:
PERTINENT QUOTE/EXCERPT:
"The image this title brings to mind is of a mighty military commander, one who can at a mere word summon rank upon rank of protective power" from https://answers.yahoo.com/ques... & THAT WORD = hosts!
(Accept NO substitutes!)
...apk
Can PrivacyBadger do 16 things hosts do for speed, security, & reliability:
1.) Protect vs. malicious sites/servers (past ads)
2.) Protect vs. fastflux botnets + stop C&C communique
3.) Protect vs. dynamic dns botnets + stop C&C communique
4.) Protect vs. DGA botnets + stop C&C communique
5.) Protect vs. downed DNS (adds reliability)
6.) Protect vs. DNS redirect poisoned dns
7.) Protect vs. trackers
8.) Protect vs. spam
9.) Protect vs. phish
10.) Protect vs. caps
11.) Get you past a dnsbl
12.) Keep you off dns request logs
13.) Speed up surfing by adblocks & hardcoded fav. sites
14.) Work on anything webbound (ie email programs) multiplatform.
15.) Give you easily controlled data
16.) Do all that & block ads better than addons more efficiently in cpu cycles + memory usage
* ANSWER ="NO" to each above on PrivacyBadger doing it + hosts = already on every device natively.
APK
P.S.=> PrivacyBadger does less than hosts & less efficiently - hosts do MORE w/ less + Hosts start w/ the IP stack before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried):
PrivacyBadger's Adblock+ codebase 128mb memory inefficiency http://cdn.ghacks.net/wp-conte... (hosts consume 3-11mb using my program initially).
+
ClarityRay defeats it by dumping addons in use in a browser via native browser methods!
+
PrivacyBadger adds complexity from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).
What's best?
APK Hosts File Engine 9.0++ SR-2 32/64-bit http://start64.com/index.php?o...
MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus http://www.av-test.org/en/news...
&
It's GUARANTEED safe & clean per it being checked by 57 antivirus programs recently in BOTH its 64-bit model https://www.virustotal.com/en/...
+
In its 32-bit model too https://www.virustotal.com/en/...
... apk
Can PrivacyBadger do 16 things hosts do for speed, security, & reliability:
5.) Protect vs. downed DNS (adds reliability)
6.) Protect vs. DNS redirect poisoned dns
8.) Protect vs. spam
12.) Keep you off dns request logs
From a HOSTS advocate:
Only if one has that address in their HOSTS file to begin with.
Can't post what I want: Filter error: Lameness filter encountered
but 6 days of phone calls up to 6 a day, then hijacked to a PS3 to face this
http://i60.tinypic.com/2iiip3r...
Still don't know if I should report it to the FCC as at face value it's a violation of the Net Neutrally act. - an ISP can't redirect for profit, thing is I use OpenDNS.
Yes system was check very thoroughly (autoruns) nothing on my end.