Slashdot Mirror
Nine Out of Ten of the Internet's Top Websites Are Leaking Your Data
merbs writes: The vast majority of websites you visit are sending your data to third-party sources, usually without your permission or knowledge. That's not exactly breaking news, but the sheer scale and ubiquity of that leakage might be. Tim Libert, a privacy researcher, has published new peer-reviewed research that sought to quantify all the "privacy compromising mechanisms" on the one million most popular websites worldwide. His conclusion? "Findings indicate that nearly 9 in 10 websites leak user data to parties of which the user is likely unaware."
Not leaking it so much as shooting out of a firehouse.
One out of ten of the Internet's top web sites doesn't leak your information!
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
Here is an alternate link that won't feed Vice and here is the linked article. (pdf) The study is very broad but they consider as much as a Google tracking cookie to be "leaking your data", so it doesn't really say much.
If video games influenced behavior the Pac Man generation would be eating pills and running away from their problems.
Especially with your mobile site with three rows of full-page-height (at 1920x1200 even) ads and a script popping an ad at the bottom that's almost comically impossible to retract?
Chas - The one, the only.
THANK GOD!!!
All reported on a site with links to Facebook Pinterest, Twitter, Tumblr, YouTube, and is most definitely using Google Analytics.
Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
And you think Slashdot doesn't share it for some reason?
Ghostery is blocking the following on Slashdot:
Doubleclick (advertising)
Google Adwords Conversion (advertising)
Google Analytics
Janrain
Scorecard Research Beacon
Taboola
It's on Slashdot, and everywhere else.
Here's a quote from TFA:
Most troubling is that if you use your browser setting to say 'Do Not Track' me, the explicitly stated policy of nearly all the companies is to flat-out ignore you
What we need is 9 out of 10 users to start explicitly blocking tracking and advertising, and then flat-out ignore the companies who complain about their bottom line. That article from the advertising industry group talking about how they screwed up rings a little hollow when they are obviously not interested in respecting the requests of consumers to not track them. Enabling Do Not Track is fine, but that only works with the good actors. For everyone else, see below.
https://www.ghostery.com/
https://www.ublock.org/
https://adblockplus.org/
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
What we need is 9 out of 10 users to start explicitly blocking tracking and advertising, and then flat-out ignore the companies who complain about their bottom line.
I'll tell you exactly what sort of response that would evoke from pretty much everyone, because I've already seen it: They start moving actual content and functionality for their sites to the same servers that are serving ads and things to track you, leaving you with two choices: accept their ads and tracking, or don't use their site at all. What's your response going to be when >90% of the Internet is denied to you, because you won't give in to their ads and tracking techniques? That's likely what's coming.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
What's your response going to be when >90% of the Internet is denied to you, because you won't give in to their ads and tracking techniques? That's likely what's coming.
We'll have to find out what will happen when >90% of the internet sees large drops in their traffic. People in general are becoming more aware to ad-blockers, it's no longer relegated to niche Firefox extensions. That day is coming. I expect to see new revenue models, which may be a way to continue the tracking, e.g. you pay a monthly subscription to a single "content network" that provides access to thousands of sites if you're logged in, rather than paying sites individually. Obviously that parent network would be able to track which of its sites you're on because you need to authenticate.
They start moving actual content and functionality for their sites to the same servers that are serving ads
I don't think we'll see that happen all over the internet. The lure of advertisers and trackers for site operators is that they get paid for putting a little bit of Javascript on their site. If they have more significant setup, hosting, and maintenance costs then it's not going to be as attractive. If they are paying for the bandwidth for third-party ads to be shown on their site then that is no longer negligible. Only the largest sites which would already have their entire operation hosted on a CDN would be fine with that. People buying virtual hosting to host their small-business site or blog aren't going to be bothered to set up something like that.
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
The other option is to mass-pollute the data. Create an App that sends off dummy web requests from your device so that no matter who is tracking, their data is useless.
https://soylentnews.org/
Your privacy matters
Your community matters
No trackers. Period.
also note: https
A Good Troll is better than a Bad Human.
We'll have to find out what will happen when >90% of the internet sees large drops in their traffic. People in general are becoming more aware to ad-blockers, it's no longer relegated to niche Firefox extensions. That day is coming.
Pretty much this. I've installed it on a lot of regular folks computers, usually after a demonstration of the difference in loading times enabled and disabled. I'm usually looking at them in the first place because of compliaints of slow loading.
And I'm pretty certain it is having some effect already, as a number of sites that I no longer ever go to pop up screens that tell me to disable my ad blocker software......
Umm no folks, you'll never have even the chance to infect my machine ever again. ESAD baby.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
Are you so sure of that? Are you actually taking steps to stop it? Are you verifying it?
Right now on Slashdot as I type this, there are 12 external domains being referenced, 8 of which want to run scripts. All of them are ad or analytics companies.
A massive amount of sites have references to the big ad sites (usually multiple), as well as references and/or cookies to social media sites ... which means a lot of ad companies trivially track you across sites, know where you visit, how often, and the pages you're reading.
Unless you are actively blocking this crap, and unless you're looking at the sites which are being blocked and adding which you've missed ... and clearing any cookies and shit they've added as you go ... you should really assume that these sites are seeing your data even if you don't subscribe to them or realize you're interacting with them.
You have to be fairly aggressively blocking this shit to believe those companies aren't seeing some of your data.
And, quite frankly, if you are aggressively blocking this shit, your friends and family are probably tired of you ranting about how fucked up the internet is. I know mine are.
The problem is so many people don't know this, and even if you try to tell them they don't care.
Lost at C:>. Found at C.
... requires you reveal information. The laws of physics aren't going to change for anyone.
Not only that, but a good portion of a leakage makes you more secure and is better for the user. How many millions of sites have a facebook login option? So Facebook can see your IP from that... because your browser is loading their javascript.
Would you really rather have a million copies of that javascript file out there that don't get updated when Facebook discovers a vulnerability or improves a security feature? Let's pretend you're not *you*, the tech guy running noscript, but a normal user.
We all make sure to lie a lot online. Click random ads, just for the hell of it. Act like a different person, really roleplay, say on random days, but not too random, surprise yourself. If everybody did this there would be no value in your data. Sour the milk.
...which means it's failing to block ooyala.com, ntv.io, and rxpnow.com. You might want to get a better browser extension (such as RequestPolicy).
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz