Unfortunately, whois.networksolutions.com will not contain information about domains registered through other competing registrars. Slashdot.org is registered with NSI, which is why it shows up there.
One-stop WHOIS. OK, this isn't a real big problem, but it would be nice to go back to a single repository for domain info. All domain info.
Rest assured that this will appear in good time. Obviously it would be a huge boon to administrators to have such a tool, and it's pretty easy to code such a service that queries the central server and then queries the registrar, giving you all of the information available.
which only gives me MORE spam, BAD service, MORE paperwork, MORE lawsuits, and invades my privacy.
Maybe it's time you switched registrars then? The whole idea behind multiple registrars is so they can act competitively. Things like spam, bad service and excessive paperwork are detractors. People aren't going to want to do business with registrars like this, and will take their business to registrars that don't have these issues. It's simple economics. Contrast this with a government-subsidized monopoly over the system, where spam, bad service and excessive paperwork are the norm because they don't *have* to do any better. I wouldn't even have had a problem with them raising rates a bit if it meant fixes to these issues, but they were never under any obligation to do so, so it never happened. Competition in this area isn't necessarily a bad thing and will only lead to better and smarter ways for people to manage their domains.
If you're truly concerned about your privacy, find a registrar that respects it. Do some investigating and find the registrar you want to do business with. If none exist, make it known that this is a major factor. Eventually someone will step up.
ARIN assigns IP address blocks. It works (very well). If the "private" sector was so much better, why aren't we assigning IPs that way?
The number of requests for IP's going through ARIN is a tiny fraction compared to domain names going through registrars. ARIN doesn't really assign IP's out to individual ISP's all over the world. More often than not, they will delegate large swaths of IP's to larger ISP's (or countries), who then sub-delegate to their own customers/ISP's.
It works out to more of a top-level tree system, with ARIN delegating large chunks of IP space and letting those people delegate as necessary. The result is a minimal amount of work and overhead on ARIN's part, which makes their work inexpensive and perfect for a relatively small (even if government-sponsored) organization. Privatizing this wouldn't make much of a difference.
Perhaps the poll should be amended to include a field for this. "If such a mission were authorized and your assistance were requested in funding it, how much money would you be willing to pledge?"
I wonder how many pledges they'd get out of it. They wouldn't necessarily have to show the pledge amount for each person, but a grand total would be nice to see.
Unfortunately it's not that simple. You can't just send a few robotic space probes and then jump to a permanent habitat. These things need to be done in steps. You have to send people over there for short durations, see what problems develop, correct them, and work your way up to a permanent habitat.
Instead of having everything lumped into one database, you have one centralized database (which this has turned into) containing only information about the domain itself and the responsible registrar that introduced it.
If you want details about the domain, you then need to query the appropriate registrar's WHOIS server to retrieve it (this is why querying whois.networksolutions.com gets you the information you're used to getting). This is the most efficient way of handling information like this. Each registrar is responsible for keeping its own database of contact information and the "main" centralized database is responsible only for the domain and the registrar that set it up.
Let's please THINK a bit about a topic and wonder if there might be a perfectly logical explanation for something instead of immediately insisting that someone is being evil and intends to destroy our lives or our Internet.
There are plenty of reasons these cameras could be off that don't require a YRO-type "evil government" explanation. The cameras could have been off for a long time, or the owners might not have wanted a bunch of extra traffic (as the result of this WTO thing) to affect their bandwidth, or maybe they're having technical problems, or maybe the camera just isn't a priority and nobody really gave any time to turning it on today.
Seriously -- why would the police want to spend the time and energy tracking down various webcams and shut them down and yet allow the normal news media full access to the same areas? The number of people viewing anything remotely worth censoring via these webcams is *insignificant*. Think about it.
If you had JavaScript disabled or were using a browser that didn't support it, the above would be equivalent to <a href="#">, which is simply a no-op link (perhaps reloading the same page).
In any event, this is the same link that's been there all day. I read the privacy statement some 10 minutes before you wrote your comment, and I tried it again when I read your comment, and it functioned the same both times.
If your browser is normal and the link didn't work for you one moment, but did the next, then I don't know what to tell you. Either your browser is buggy or you're right in that they were having problems with their site. I can't imagine any reason they would want to hide their privacy statement from people, though. There was nothing about it that put them in a bad light at all.
I do however despise spam with all my heart and soul. This company appears to make money through "direct marketing", or spamming people.
They make their money by putting a little advertising banner on web sites that use their Cursor code. Spam? Hardly. They do send out e-mails, however. Their privacy policy has this to say about it:
Occasionally, we will send you communications via email providing you useful information about product enhancements or new products and services. It is our policy only to send email to customers who give us permission to do so. Instructions for unsubscribing are included in these emails. For further instructions, please see the "Opt-Out Policy" below.
Opt-Out Features
Comet Systems believes its Cometeers should control the communications directed to them. Every time we collect name and address information about you:
You can tell us if you don't want to receive communication from CometZone such as email newsletters announcing contests or new features.
You can tell us if you don't want to receive communication from third-party companies who offer a product or service that we think would be of value to you.
This seems like a fairly standard way for a company to act with respects to your e-mail address. I don't think this qualifies as spam in the least. They make you completely aware of what they're doing and always give you the option to refuse. What is the big deal here?
I'm angry because you've chosen to associate me with the conspiracy theorists.
I was annoyed that you jumped to the conclusion that they were Yet Another Evil Company based on the fact that it *looked* like they were trying to hide their privacy policies from everyone, which simply doesn't make any sense. Just because 'malice' is one possible explanation doesn't mean it's the correct one. In this case, it isn't even the logical explanation.
I'm sorry if my post came out sounding bitter -- I've written a dozen or two messages in this thread trying to combat the conspiracy theories that permeate most every YRO article, and some of these posts just get really moronic and I lose my patience. Sorry if that was the case here.
If you use such a loose definition of 'trojan', the vast majority of software in use today would be classified as such.
Did you know your web browser sends not only its own browser version (complete with a description of your operating system) but the URL of the web page whose link you just followed to get there? Nowhere in the browser's documentation does it say it's going to do this, and I was never asked. Is it a trojan?
No, of course not.
Calling people kiddies is acting like a kiddie yourself. Grow up.
I wasn't calling you a kiddie. I was referring to the class of Slashdot poster that makes knee-jerk posts, responses and tends to bring the average IQ down a few dozen points. Stop taking these things so personally. I wasn't talking about you, unless you fit this profile, but that's out of the scope of this thread.
And, finally, dynamic IP addressing and proxys don't matter because this doesn't use your IP address
You would need the IP address to correlate the visits with the ID numbers. The web site operator doesn't have your ID number.
Proxies would make a huge impact on the amount of data gleamed. Here's a simple access log example with two visitors from example.com:
12:00:00am proxy.example.com GET / 12:00:01am proxy.example.com GET / 12:00:01am proxy.example.com GET/content/
In itself, this is pretty useless data. Now let's examine the logs the Cursor people could potentially gleam:
11:58:11pm proxy.example.com with UID 001 visited gayporn.com 12:04:36am proxy.example.com with UID 002 visited customer.com 12:04:39am proxy.example.com with UID 001 visited customer.com
Now, let's dive into the conspiracy and say that customer.com has a form submission with lots of juicy details that the customer would just love to start spreading around the 'Net:
12:10:00 proxy.example.com POST form.cgi name=Bob SSN=123456789
Now, please explain to me how you plan to link this information with the gayporn.com visit above.
The Your Rights Online articles tend to be the worst example of biased, unresearched stories. Most real journalists make a lot of effort to present the facts and both sides of the issue to let the reader decide what's right and what's wrong. Most Slashdot articles, on the other hand, instead of just presenting us with a link and a summary, they try to offer their interpretation of the event and inevitably include a healthy dose of bias along with it.
For controversial topics, we need article *summaries*, not *editorials*. We're smart enough to make up our own minds without having to read "Big Brother" every other line.
Quite frequently, if a more mainstream media source publishes something, they tend to be very careful with the words they use so as to convey the fact that people believe something happened, but they're careful not to explicitely say something happened for sure. They also rarely make unfounded assumptions. If something isn't explicitely stated by a source, most sources will note this.
The Slashdot "authors", on the other hand, aren't journalists. They're human, and they make assumptions and let their biases stray their take on a situation instead of being objective and letting the readers make their own decisions.
some company was making money by selling my browsing patterns i would want a cut of their profits
Huh?
Where did you make this conclusive leap? Nobody said they were selling browsing habits. In fact, they've gone out and expressly denied this allegation. The only place this has ever come up is in a few of these (rather silly) Slashdot posts.
I don't even think this idea is even really being considered as something they're doing.
The company is in business offering software that changes your cursor when you visit web sites. In order to do what you're suggesting, they would have to 1) decide they want to turn to the dark side and start making money off of users' browsing habits; 2) recruit a significant number of their own customers into the conspiracy, as they would need these customers to illegally break contracts and go against their posted privacy policies by sending users' personal information back to headquarters; and 3) find people to buy this marketing information. They would also have to do this without getting caught, which, judging by the frequency of these "evil corporation spy" YRO articles, will be nearly impossible.
Now, which makes more sense, the company's logical explanation (using these ID's to tally and bill usage), or the explanation above? Hint: it's not the one requiring a bunch of evil, dark-alley conspiracies involving dozens of corporations working to destroy the privacy of the very customers that are giving them their business.
Maybe when it was first implemented, the designer didn't think out the ethical implications first, and just thought it would be a cool idea to track people using a unique ID based on hardware.
Who said this was based on hardware? I was under the impression this was a simple ID number handed out to requesting clients.
The programmer(s) needed a way to generate auditable information in order to bill their customers. They could have done this by IP address, but that would have masqueraded lots of people behind a single proxy IP while duplicating the roamings of a single user getting multiple dynamic IP addresses, so it was determined that a single ID would be needed to get an accurate usage count. The programmer(s) probably just didn't think it would be a big deal (and I still don't). It sounds perfectly logical and doesn't require an evil conspiracy.
The information they are gathering may seem to be benign, but its just another step towards making us all akin to tagged animals in the wild, tracking and analyzing our every move.
It's this attitude among YRO posters that I despise the most. Do you have any idea how many people and organizations out there are exactly 1 step away from your little conclusion there? I run a number of web servers where, if I so desired, I could pump the access logs through a system, collect access logs from my fellow conspirators, ad infinitum and get enough information to destroy the lives of countless thousands of people. Am I suddenly an evil conspirator with the rest of the evil corporations and governments? We'd have to lock up half of the planet if this is how you're defining 'evil'.
The technology is there, but you should NEVER judge a company based on what they are THEORETICALLY capable of doing. Instead, you should be judging them on what they ARE and ARE NOT doing, and their reasons behind it.
You're making the classic YRO assumption here, that all of the companies this Cursor group does business with are in on the conspiracy together. The only way they would be able to make the link you're suggesting is if they had the cooperation of all of their customers.
Large multi-corporate conspiracies to ruin the lives of CUSTOMERS not only sounds silly, but it doesn't sound like it's in the best interests of the companies themselves.
Think about this for a bit. If a company did started handing your personal information over (going against their posted privacy policies and likely breaking laws in the process), this would almost *certainly* be discovered. The resulting PR shitstorm would put both companies out of business, and depending on what they did with this information, the owners/CEO's would likely be in prison.
I'm not saying companies don't break the law occasionally, but you'll find few companies that are willing to risk felony convictions, bankruptcy, a tremendous amount of negative PR, and alienating and destroying the lives of the very customers that are giving them money in the first place. All for a marginal amount of marketing revenue.
I tried the link labeled "Privacy Agreement" on the main page, which links back to the main page. Convienent misshap.
Why does everything have to be a conspiracy theory with you guys? When something doesn't work is it always because the company responsible is being evil and trying to hide something from you?
Did it ever occur to you that they might have been using a form of JavaScript to load the privacy page? It seems that you're either using an obsolete browser or you've disabled JavaScript for some reason (which is pretty typical of YRO posters I bet).
The privacy policy loaded up just fine for me.
Enough with the lame conspiracy theories.
Anyway... I'm a little appalled that they appear to have tried to hide their privacy agreement, and furthermore, that the CEO's explaination seems incompatible with this information.
The information you quoted was relevant to the information they collect as part of their member signup process. When you sign up to use their software on your web page, you have to give them enough information to create an account from which you can do things like specify settings for their application on your web page. It sounds perfectly logical and reasonable to me.
Thus, it has nothing at all to do with the data sent by their software client.
Web site privacy policies deal with the web sites only, not software delivered or advertised on those sites. That's why they call them "Web site privacy policies."
While we're making analogies to video cameras in public places, it would be more apt to compare it with a camera in a hallway, or aimed at the front door of a convenience store, which is quite legal.
The reasons vary (one for security, the other for billing), but the information available is the same. Putting a camera in a changing room is an invasion of privacy, just as it would be an invasion of privacy to monitor all of the sensitive data you put into web forms, but they don't do that. They just record your client's visit to their customer's web site, just like security cameras record your visit to your local convenience store. Nothing more.
If you really want to live in a world where there are no video cameras, where photographs can only be taken in private areas with the consent of each subject, where the doormen are required to wear blindfolds and where fingerprints no longer exist, good luck.
Because it's not a trojan horse, and not illegal. Think about it.
If they were truly breaking any laws, companies like this would be regularly nailed with lawsuits up the ass, but they aren't. The only people making a huge fuss over this kind of thing are the more extremist privacy activists and the people that blindly put faith into the crap they read and just like to jump on the bandwagon without actually doing any verification or investigation on their own (e.g. most Slashdot kiddies).
If they really were, they'd be breaking laws and they would have been prosecuted and convicted. This hasn't happened, nor will it, because they aren't breaking any laws.
If you really find the idea of sending an objective ID back to an application's source morally offensive, don't do business with that company. Vote with your pocketbook.
I personally don't see what the fuss is about. Things like this are rather benign and are FAR more numerous than you folks seem to think. The only impact these companies are ever going to have on my life is the continued presence of these YRO articles, since there will never be a shortage of topic material for them if every one of these instances is worthy of a daily YRO red alert.
When I visited the page I was presented with a dialog asking if I wanted to install the component. I explicitely indicated my desire to do so.
Even if it didn't ask me, it would still not be considered illegal. Nobody forced you to visit that web site, and the component is part of the content rendered on that site. If you don't want your browser automatically loading and displaying images or applets, DISABLE THEM. You can do that, you know. You are implicitely allowing them to run as part of your browser's normal operation. To say that this even remotely violates any law is absurd and unfounded. Consult a lawyer before you go off saying something is a criminal offense.
It's like saying, "I only authorized this web page to deliver one paragraph of text to be rendered in my browser, but instead, it caused my browser to render THREE paragraphs of text. Those two paragraphs are UNAUTHORIZED uses of my browser and computer's resources! I want to sue!"
You do realize your web browser itself is guilty of delivering far more trackable information than this little applet, yes? Why aren't you jumping up and down asking for web browsers to be banned?
What the hell would these guys actually SELL here? A list saying "Cursor UserID 12345 visited sites http://abc.com and http://xyz.org"? How REMOTELY USEFUL is that information going to be to any potential marketer? At MOST, they'll be able to determine web site "genres" ("People visiting abc.com also seem to frequently visit xyz.org"). There is NO WAY to correlate this information with any other bit of information without all of the member web sites being in on the conspiracy and coughing up their access logs in real time, and even then, proxy servers and dynamic IP addressing would render this data virtually unusable (and nearly impossible to effectively mine, given the volume of data, and the low percentage of useful information).
Stop trying to break apart their statements and look for hidden sinister intentions here. It's clear they know what we're objecting to, and his statement was meant to try and remove those fears from our minds. There is NO reason to assume that they have, are or ever intend to use the information they've collected for any purpose other than what they've stated.
And I'd be very interested to know what sort of login ID you can gleam from a URL that allows you to discover private information like a name or address. That sounds like a pretty piss-poor implementation of something and the maintainers need to be e-mailed.
Your identity is totally meaningless to these people. Your name serves no purpose in their efforts to bill their customers for use of their software. It makes no sense at all for them to ever want to record it, and even if they DID, and managed to sell your identity with a long list of rather questionable web sites (and userID's, whatever else you want to add to the conspiracy theory), SOMEONE WILL FIND OUT ABOUT IT. Things like this don't go undiscovered (look at the long line of YRO articles if you don't believe me). They will be caught and the PR shitstorm that results would leave the company penniless, perhaps even with their owners behind bars. Think about it.
Getting caught is just one of the many risks of doing business
It seems like EVERY DAY we hear something about someone discovering a new way company X is recording data and tracking our movements. If one of these companies REALLY overstepped the boundaries of law and knowingly broke such a law in order to do something horribly unethical with this information, WE WOULD DISCOVER IT. It's practically a 100% certainty.
The result would be a horrible PR shitstorm, class action lawsuits, perhaps criminal proceedings. In short: the company would be destroyed and its owners (assuming they aren't in prison) would be penniless.
No company on earth would take such a monumental risk for something as insigificant as this. This company is in business because of their nifty little Cursor software, they're not in business to collect and sell blackmail material.
If someone really wanted to destroy your life, there are LOTS of better ways to do it than this that don't require Yet Another YRO Conspiracy Theory.
The evidence is quite sufficient to attribute these gravitational anomalies to the existance of relatively massive planets.
They aren't doing complete guesswork here. They are working within well-established laws and theories. If a scientist isn't certain of something, he'll say so (hence the ambiguity of things like the Hubble constant). The presence of this gravitational wobble (one example of which has been verified optically as a planet) can't be explained any other way, given the amount of 'wobble' and the period of its rotation around the gravitational axis.
Give the guys with the PhD's and the decades of experience the benefit of the doubt here.
Slashdot Mirror
One-stop WHOIS
On a related note, apparently offers such a service that works irrespective of TLD. If it doesn't already work with the current splitting of generic TLD's, it surely will soon.
whois -h geektools.com domain.tld
Unfortunately, whois.networksolutions.com will not contain information about domains registered through other competing registrars. Slashdot.org is registered with NSI, which is why it shows up there.
One-stop WHOIS. OK, this isn't a real big problem, but it would be nice to go back to a single repository for domain info. All domain info.
Rest assured that this will appear in good time. Obviously it would be a huge boon to administrators to have such a tool, and it's pretty easy to code such a service that queries the central server and then queries the registrar, giving you all of the information available.
which only gives me MORE spam, BAD service, MORE paperwork, MORE lawsuits, and invades my privacy.
Maybe it's time you switched registrars then? The whole idea behind multiple registrars is so they can act competitively. Things like spam, bad service and excessive paperwork are detractors. People aren't going to want to do business with registrars like this, and will take their business to registrars that don't have these issues. It's simple economics. Contrast this with a government-subsidized monopoly over the system, where spam, bad service and excessive paperwork are the norm because they don't *have* to do any better. I wouldn't even have had a problem with them raising rates a bit if it meant fixes to these issues, but they were never under any obligation to do so, so it never happened. Competition in this area isn't necessarily a bad thing and will only lead to better and smarter ways for people to manage their domains.
If you're truly concerned about your privacy, find a registrar that respects it. Do some investigating and find the registrar you want to do business with. If none exist, make it known that this is a major factor. Eventually someone will step up.
ARIN assigns IP address blocks. It works (very well). If the "private" sector was so much better, why aren't we assigning IPs that way?
The number of requests for IP's going through ARIN is a tiny fraction compared to domain names going through registrars. ARIN doesn't really assign IP's out to individual ISP's all over the world. More often than not, they will delegate large swaths of IP's to larger ISP's (or countries), who then sub-delegate to their own customers/ISP's.
It works out to more of a top-level tree system, with ARIN delegating large chunks of IP space and letting those people delegate as necessary. The result is a minimal amount of work and overhead on ARIN's part, which makes their work inexpensive and perfect for a relatively small (even if government-sponsored) organization. Privatizing this wouldn't make much of a difference.
Perhaps the poll should be amended to include a field for this. "If such a mission were authorized and your assistance were requested in funding it, how much money would you be willing to pledge?"
I wonder how many pledges they'd get out of it. They wouldn't necessarily have to show the pledge amount for each person, but a grand total would be nice to see.
If I knew my $100 would further the effort and be used on it.
Unfortunately it's not that simple. You can't just send a few robotic space probes and then jump to a permanent habitat. These things need to be done in steps. You have to send people over there for short durations, see what problems develop, correct them, and work your way up to a permanent habitat.
As part of the NSI's agreement with the ICANN (http://www.icann.org/ns i/nsi-registry-agreement-04nov99.htm), registry information like this is being split up.
Instead of having everything lumped into one database, you have one centralized database (which this has turned into) containing only information about the domain itself and the responsible registrar that introduced it.
If you want details about the domain, you then need to query the appropriate registrar's WHOIS server to retrieve it (this is why querying whois.networksolutions.com gets you the information you're used to getting). This is the most efficient way of handling information like this. Each registrar is responsible for keeping its own database of contact information and the "main" centralized database is responsible only for the domain and the registrar that set it up.
Let's please THINK a bit about a topic and wonder if there might be a perfectly logical explanation for something instead of immediately insisting that someone is being evil and intends to destroy our lives or our Internet.
A little bit of research won't kill you.
There are plenty of reasons these cameras could be off that don't require a YRO-type "evil government" explanation. The cameras could have been off for a long time, or the owners might not have wanted a bunch of extra traffic (as the result of this WTO thing) to affect their bandwidth, or maybe they're having technical problems, or maybe the camera just isn't a priority and nobody really gave any time to turning it on today.
Seriously -- why would the police want to spend the time and energy tracking down various webcams and shut them down and yet allow the normal news media full access to the same areas? The number of people viewing anything remotely worth censoring via these webcams is *insignificant*. Think about it.
They are in the business of selling marketing information. Disguising it as animated cursor was their way of doing this.
Classic YRO material (FUD?).
I'm not even going to begin to try to respond to this one...
What line?
The source code for the privacy link is as follows:
<a href="#" onClick='window.open("privacy.asp","","width=600,
If you had JavaScript disabled or were using a browser that didn't support it, the above would be equivalent to <a href="#">, which is simply a no-op link (perhaps reloading the same page).
In any event, this is the same link that's been there all day. I read the privacy statement some 10 minutes before you wrote your comment, and I tried it again when I read your comment, and it functioned the same both times.
If your browser is normal and the link didn't work for you one moment, but did the next, then I don't know what to tell you. Either your browser is buggy or you're right in that they were having problems with their site. I can't imagine any reason they would want to hide their privacy statement from people, though. There was nothing about it that put them in a bad light at all.
I do however despise spam with all my heart and soul. This company appears to make money through "direct marketing", or spamming people.
They make their money by putting a little advertising banner on web sites that use their Cursor code. Spam? Hardly. They do send out e-mails, however. Their privacy policy has this to say about it:
This seems like a fairly standard way for a company to act with respects to your e-mail address. I don't think this qualifies as spam in the least. They make you completely aware of what they're doing and always give you the option to refuse. What is the big deal here?
I'm angry because you've chosen to associate me with the conspiracy theorists.
I was annoyed that you jumped to the conclusion that they were Yet Another Evil Company based on the fact that it *looked* like they were trying to hide their privacy policies from everyone, which simply doesn't make any sense. Just because 'malice' is one possible explanation doesn't mean it's the correct one. In this case, it isn't even the logical explanation.
I'm sorry if my post came out sounding bitter -- I've written a dozen or two messages in this thread trying to combat the conspiracy theories that permeate most every YRO article, and some of these posts just get really moronic and I lose my patience. Sorry if that was the case here.
Seems like a trojan to me
If you use such a loose definition of 'trojan', the vast majority of software in use today would be classified as such.
Did you know your web browser sends not only its own browser version (complete with a description of your operating system) but the URL of the web page whose link you just followed to get there? Nowhere in the browser's documentation does it say it's going to do this, and I was never asked. Is it a trojan?
No, of course not.
Calling people kiddies is acting like a kiddie yourself. Grow up.
I wasn't calling you a kiddie. I was referring to the class of Slashdot poster that makes knee-jerk posts, responses and tends to bring the average IQ down a few dozen points. Stop taking these things so personally. I wasn't talking about you, unless you fit this profile, but that's out of the scope of this thread.
And, finally, dynamic IP addressing and proxys don't matter because this doesn't use your IP address
/content/
You would need the IP address to correlate the visits with the ID numbers. The web site operator doesn't have your ID number.
Proxies would make a huge impact on the amount of data gleamed. Here's a simple access log example with two visitors from example.com:
12:00:00am proxy.example.com GET /
12:00:01am proxy.example.com GET /
12:00:01am proxy.example.com GET
In itself, this is pretty useless data. Now let's examine the logs the Cursor people could potentially gleam:
11:58:11pm proxy.example.com with UID 001 visited gayporn.com
12:04:36am proxy.example.com with UID 002 visited customer.com
12:04:39am proxy.example.com with UID 001 visited customer.com
Now, let's dive into the conspiracy and say that customer.com has a form submission with lots of juicy details that the customer would just love to start spreading around the 'Net:
12:10:00 proxy.example.com POST form.cgi name=Bob SSN=123456789
Now, please explain to me how you plan to link this information with the gayporn.com visit above.
The Your Rights Online articles tend to be the worst example of biased, unresearched stories. Most real journalists make a lot of effort to present the facts and both sides of the issue to let the reader decide what's right and what's wrong. Most Slashdot articles, on the other hand, instead of just presenting us with a link and a summary, they try to offer their interpretation of the event and inevitably include a healthy dose of bias along with it.
For controversial topics, we need article *summaries*, not *editorials*. We're smart enough to make up our own minds without having to read "Big Brother" every other line.
Quite frequently, if a more mainstream media source publishes something, they tend to be very careful with the words they use so as to convey the fact that people believe something happened, but they're careful not to explicitely say something happened for sure. They also rarely make unfounded assumptions. If something isn't explicitely stated by a source, most sources will note this.
The Slashdot "authors", on the other hand, aren't journalists. They're human, and they make assumptions and let their biases stray their take on a situation instead of being objective and letting the readers make their own decisions.
some company was making money by selling my browsing patterns i would want a cut of their profits
Huh?
Where did you make this conclusive leap? Nobody said they were selling browsing habits. In fact, they've gone out and expressly denied this allegation. The only place this has ever come up is in a few of these (rather silly) Slashdot posts.
I don't even think this idea is even really being considered as something they're doing.
The company is in business offering software that changes your cursor when you visit web sites. In order to do what you're suggesting, they would have to 1) decide they want to turn to the dark side and start making money off of users' browsing habits; 2) recruit a significant number of their own customers into the conspiracy, as they would need these customers to illegally break contracts and go against their posted privacy policies by sending users' personal information back to headquarters; and 3) find people to buy this marketing information. They would also have to do this without getting caught, which, judging by the frequency of these "evil corporation spy" YRO articles, will be nearly impossible.
Now, which makes more sense, the company's logical explanation (using these ID's to tally and bill usage), or the explanation above? Hint: it's not the one requiring a bunch of evil, dark-alley conspiracies involving dozens of corporations working to destroy the privacy of the very customers that are giving them their business.
Maybe when it was first implemented, the designer didn't think out the ethical implications first, and just thought it would be a cool idea to track people using a unique ID based on hardware.
Who said this was based on hardware? I was under the impression this was a simple ID number handed out to requesting clients.
The programmer(s) needed a way to generate auditable information in order to bill their customers. They could have done this by IP address, but that would have masqueraded lots of people behind a single proxy IP while duplicating the roamings of a single user getting multiple dynamic IP addresses, so it was determined that a single ID would be needed to get an accurate usage count. The programmer(s) probably just didn't think it would be a big deal (and I still don't). It sounds perfectly logical and doesn't require an evil conspiracy.
The information they are gathering may seem to be benign, but its just another step towards making us all akin to tagged animals in the wild, tracking and analyzing our every move.
It's this attitude among YRO posters that I despise the most. Do you have any idea how many people and organizations out there are exactly 1 step away from your little conclusion there? I run a number of web servers where, if I so desired, I could pump the access logs through a system, collect access logs from my fellow conspirators, ad infinitum and get enough information to destroy the lives of countless thousands of people. Am I suddenly an evil conspirator with the rest of the evil corporations and governments? We'd have to lock up half of the planet if this is how you're defining 'evil'.
The technology is there, but you should NEVER judge a company based on what they are THEORETICALLY capable of doing. Instead, you should be judging them on what they ARE and ARE NOT doing, and their reasons behind it.
You're making the classic YRO assumption here, that all of the companies this Cursor group does business with are in on the conspiracy together. The only way they would be able to make the link you're suggesting is if they had the cooperation of all of their customers.
Large multi-corporate conspiracies to ruin the lives of CUSTOMERS not only sounds silly, but it doesn't sound like it's in the best interests of the companies themselves.
Think about this for a bit. If a company did started handing your personal information over (going against their posted privacy policies and likely breaking laws in the process), this would almost *certainly* be discovered. The resulting PR shitstorm would put both companies out of business, and depending on what they did with this information, the owners/CEO's would likely be in prison.
I'm not saying companies don't break the law occasionally, but you'll find few companies that are willing to risk felony convictions, bankruptcy, a tremendous amount of negative PR, and alienating and destroying the lives of the very customers that are giving them money in the first place. All for a marginal amount of marketing revenue.
It just doesn't make good business sense.
I tried the link labeled "Privacy Agreement" on the main page, which links back to the main page. Convienent misshap.
Why does everything have to be a conspiracy theory with you guys? When something doesn't work is it always because the company responsible is being evil and trying to hide something from you?
Did it ever occur to you that they might have been using a form of JavaScript to load the privacy page? It seems that you're either using an obsolete browser or you've disabled JavaScript for some reason (which is pretty typical of YRO posters I bet).
The privacy policy loaded up just fine for me.
Enough with the lame conspiracy theories.
Anyway... I'm a little appalled that they appear to have tried to hide their privacy agreement, and furthermore, that the CEO's explaination seems incompatible with this information.
The information you quoted was relevant to the information they collect as part of their member signup process. When you sign up to use their software on your web page, you have to give them enough information to create an account from which you can do things like specify settings for their application on your web page. It sounds perfectly logical and reasonable to me.
Thus, it has nothing at all to do with the data sent by their software client.
Web site privacy policies deal with the web sites only, not software delivered or advertised on those sites. That's why they call them "Web site privacy policies."
While we're making analogies to video cameras in public places, it would be more apt to compare it with a camera in a hallway, or aimed at the front door of a convenience store, which is quite legal.
The reasons vary (one for security, the other for billing), but the information available is the same. Putting a camera in a changing room is an invasion of privacy, just as it would be an invasion of privacy to monitor all of the sensitive data you put into web forms, but they don't do that. They just record your client's visit to their customer's web site, just like security cameras record your visit to your local convenience store. Nothing more.
If you really want to live in a world where there are no video cameras, where photographs can only be taken in private areas with the consent of each subject, where the doormen are required to wear blindfolds and where fingerprints no longer exist, good luck.
Because it's not a trojan horse, and not illegal. Think about it.
If they were truly breaking any laws, companies like this would be regularly nailed with lawsuits up the ass, but they aren't. The only people making a huge fuss over this kind of thing are the more extremist privacy activists and the people that blindly put faith into the crap they read and just like to jump on the bandwagon without actually doing any verification or investigation on their own (e.g. most Slashdot kiddies).
They aren't being trojaned.
If they really were, they'd be breaking laws and they would have been prosecuted and convicted. This hasn't happened, nor will it, because they aren't breaking any laws.
If you really find the idea of sending an objective ID back to an application's source morally offensive, don't do business with that company. Vote with your pocketbook.
I personally don't see what the fuss is about. Things like this are rather benign and are FAR more numerous than you folks seem to think. The only impact these companies are ever going to have on my life is the continued presence of these YRO articles, since there will never be a shortage of topic material for them if every one of these instances is worthy of a daily YRO red alert.
Huh?
When I visited the page I was presented with a dialog asking if I wanted to install the component. I explicitely indicated my desire to do so.
Even if it didn't ask me, it would still not be considered illegal. Nobody forced you to visit that web site, and the component is part of the content rendered on that site. If you don't want your browser automatically loading and displaying images or applets, DISABLE THEM. You can do that, you know. You are implicitely allowing them to run as part of your browser's normal operation. To say that this even remotely violates any law is absurd and unfounded. Consult a lawyer before you go off saying something is a criminal offense.
It's like saying, "I only authorized this web page to deliver one paragraph of text to be rendered in my browser, but instead, it caused my browser to render THREE paragraphs of text. Those two paragraphs are UNAUTHORIZED uses of my browser and computer's resources! I want to sue!"
You do realize your web browser itself is guilty of delivering far more trackable information than this little applet, yes? Why aren't you jumping up and down asking for web browsers to be banned?
What the hell would these guys actually SELL here? A list saying "Cursor UserID 12345 visited sites http://abc.com and http://xyz.org"? How REMOTELY USEFUL is that information going to be to any potential marketer? At MOST, they'll be able to determine web site "genres" ("People visiting abc.com also seem to frequently visit xyz.org"). There is NO WAY to correlate this information with any other bit of information without all of the member web sites being in on the conspiracy and coughing up their access logs in real time, and even then, proxy servers and dynamic IP addressing would render this data virtually unusable (and nearly impossible to effectively mine, given the volume of data, and the low percentage of useful information).
Stop trying to break apart their statements and look for hidden sinister intentions here. It's clear they know what we're objecting to, and his statement was meant to try and remove those fears from our minds. There is NO reason to assume that they have, are or ever intend to use the information they've collected for any purpose other than what they've stated.
And I'd be very interested to know what sort of login ID you can gleam from a URL that allows you to discover private information like a name or address. That sounds like a pretty piss-poor implementation of something and the maintainers need to be e-mailed.
Your identity is totally meaningless to these people. Your name serves no purpose in their efforts to bill their customers for use of their software. It makes no sense at all for them to ever want to record it, and even if they DID, and managed to sell your identity with a long list of rather questionable web sites (and userID's, whatever else you want to add to the conspiracy theory), SOMEONE WILL FIND OUT ABOUT IT. Things like this don't go undiscovered (look at the long line of YRO articles if you don't believe me). They will be caught and the PR shitstorm that results would leave the company penniless, perhaps even with their owners behind bars. Think about it.
Getting caught is just one of the many risks of doing business
It seems like EVERY DAY we hear something about someone discovering a new way company X is recording data and tracking our movements. If one of these companies REALLY overstepped the boundaries of law and knowingly broke such a law in order to do something horribly unethical with this information, WE WOULD DISCOVER IT. It's practically a 100% certainty.
The result would be a horrible PR shitstorm, class action lawsuits, perhaps criminal proceedings. In short: the company would be destroyed and its owners (assuming they aren't in prison) would be penniless.
No company on earth would take such a monumental risk for something as insigificant as this. This company is in business because of their nifty little Cursor software, they're not in business to collect and sell blackmail material.
If someone really wanted to destroy your life, there are LOTS of better ways to do it than this that don't require Yet Another YRO Conspiracy Theory.
The evidence is quite sufficient to attribute these gravitational anomalies to the existance of relatively massive planets.
They aren't doing complete guesswork here. They are working within well-established laws and theories. If a scientist isn't certain of something, he'll say so (hence the ambiguity of things like the Hubble constant). The presence of this gravitational wobble (one example of which has been verified optically as a planet) can't be explained any other way, given the amount of 'wobble' and the period of its rotation around the gravitational axis.
Give the guys with the PhD's and the decades of experience the benefit of the doubt here.