...and he was a lush (and a lech). Thomas Jefferson owned slaves. Politicians engaged in duels and killed each other. Only land owning white men had suffrage. What's your point?
I believe in the necessity of giving law enforcement the power to do the job of enforcing the laws which protect us all. I realize they have a tough job and its easy to rationalize that the subject was a "bad guy" and deserved what he got.
The problem I have is justifying the means by the ends. In the US, at least, we have a Constitution that strictly limits such unlawful searches and seizures. Whether or not the search is justifiable because it pinches a Mafioso is immaterial. Planting a key stroke monitoring system without the same restrictions or obligations necessary for a phone tap, I think, violates that right. I'm pretty sure Benjamin Franklin would agree with me.
I use Sneakemail to create a unique, disposable and revokable email alias anytime I want to provide or publish an email address that has the potential for being harvested by spambots. I've used dozens for places like NYTimes that require an email address to register, and not once has one of these been compromised by spammers or been abused by the registrar. Those used to post at Slashdot, Deja or at my own site usually take about 2-4 weeks to start showing spam-sign. Obviously, these have been harvested and are being sold to the chickenboners. With Sneakemail, I can keep my regularly inbox insulated while keeping tabs on where the leaks are.
The other one that I like is Despammed. They take a more traditional filtering approach to the game, using email forwarding to keep your inbox clean. Works pretty well. Additionally, I suspect that simply having the "spam" string in my email address gets the address aggregators to self-filter, which is pretty hilarious when you think about it.
Except for cases where bots troll the WHOIS database, my inbox stays pretty clean.
I find this lawsuit to be troublesome. Even though I'm as cautious (paranoid?) over online privacy "threats" as anyone, I don't know if this suit has any merit. It seems simply an attempt to capitalize on the rising sentiments against marketers and dataminers profiling Web users using cookies.
I'll leave my whole spiel on Cooki e angst for another forum (which pays 2 cents per view), but I'm really surprised to read the comments here in Slashdot equating cookies with cracking, or believing that cookies lead to spam, or confusing them for the related but not synonymous "Web bug", or digressing into the topic of "spyware" which is not what the suit is about.
Cookies are a part of the Web. They require compliance on your part. Your browser must cooperate with the server asking to set or read a cookie. The advertising networks take advantage of the fact that the default setting on most browsers is wide open and most naive users never know about it or bother to learn. The best part of this suit is that it will expose more people to the issue, leading more to seek and demand greater control over their Web browsing. Explorer, particularly v5.5 with the Privacy Enhancement, has the best set of options (though Netscape 6.0 has a pretty good built-in cookie manager). Explorer has so many other privacy worries though, not the least of which is the potential for abusing the DHTML Persistence "feature" of 5.0 and later.
Cookies aren't the issue. It's what Engage, 24/7Media, Doubleclick, Matchlogic, AvenueA, et.al. are doing with the data they gather that's the bother. But I don't know if being "bothered" or "annoyed" is worthy of a suit. If it was, I'd like to go after the telemarketers first. I despise that tactic more than Web profiling.
Re:From the admin of WEBVEIL.COM
on
Anonymity
·
· Score: 1
Just in case anyone's curious, of the 37 anonymous service providers listed a WebVeil, this week's unscientific popularity ranking (based on links to the service sites) is:
COTSE Anonymizer (9.29%)
TheWebSurfer (8.89%)
HideIP (7.15%)
Anon.XG.NU (6.98%)
Anonymyth (6.58%)
SilentSurf (6.25%)
AnonyMouse (5.18%)
IDMask (4.45%)
SnoopBlock (4.39%)
SilentBrowser (4.05%)
i-SafetyNet (3.60%)
Surfola (3.49%)
i-Security (3.60%)
the-Cloak (3.26%)
WayHaven (EarthProxy) (3.24%)
SpaceProxy (2.87%)
OperatorPat (2.42%)
Exonet Gateway (2.31% even though it's disabled...go figure)
MagusNet (1.86%)
AceSpySurfer (1.24% also disabled)
Remaining 17 have garnered the last 9.12%.
The position in the chart may have something to do with skewing click-through. Those listed in the Free table are more popular than the others, even if the pay services host a free/demo version (Anonymizer, Siegesoft, Rewebber, IDZAP and Freedom all fall in the last 17). We have no way of knowing if this is representative of marketshare. Probably not. Anonymizer.Com probably ranks number among all usage of anonymizing services.
Point being...well, I guess I have none other than to point out the breadth of easy options (and as an excuse to post a link to WebVeil. You might argue that these anonymizers are just the tools of pornography seekers, message board troublemakers, or the overly paranoid. I couldn't say, but I submit that anonymity is neither good nor bad. It just is. The act or expression itself is what should be characterized, not the mechanism that makes the act or expression non-attributable.
For a defender of consumer privacy, I'm going to risk my neck and suggest that all this cookie paranoia is missing the mark. The Web developers for the WhiteHouse Office on Drug Control made a poor decision to employ Doubleclick, using cookies that did not benefit the Web surfer and did nothing but generate distrust and suspicion. ToysRUs.Com, Lucy.Com, et.al. simply goofed by not declaring that they were out-sourcing what Amazon does so well in house. The fact that Coremetrics is a third-party should have been considered in their privacy statement, but the fact that it wasn't is not because ToyRUs.Com was trying to pull a fast one.
I publish a privacy information site. I installed some affiliate code that include some 1x1 GIFs. I thought I'd checked them for cookies...even highlighted them with a border to illustrate the concept to my audience. I was shocked to discover that they had started serving cookies. So I yanked them. Was I guilty of anything other than carelessness. Did I scar my privacy-conscious audience. I certainly hope not, because cookies aren't virii. They aren't little demons that get inside your circuits. They were simple impression trackers, but I removed them out of principle since they offered no advantage to the visitor.
The point is that we needn't go around fearing crap like this. There are much more important privacy issues pending. Users have, and are gaining, greater control all the time. All it takes is education, not fomenting irrational fears about an innocuous and easily defeated cookie. (Believe it or not, many people who are aware of cookies value them, and actually try to preserve them by including them in their backup routines.)
The whole industry is trying to come to grips with these technologies, as are the consumers themselves. Readers of Slashdot are light years beyond where the bulk of the 'Net population is in terms of knowledge and understanding. I think we shouldn't be contributing to the hysteria.
It looks like the failure is just a function of javascript filtering. If you use a proxy that allows javascript, the page renders fine. The C.O.T.S.E. proxy has a switch for enabling/disabling javascript. Try it on www.neato.com and see what I mean.
We maintain a pretty extensive list of anonymous surfing services at WebVeil. Check it out.
Pretty funny idea...similar to the game of swapping grocery store discount cards. (see this USAToday column)
But beyond amusement, this wouldn't serve much purpose IF you could pull it off. On a large enough scale, it might amount to a form of protest, but why? Okay...Doubleclick has become the poster child of the profiling evil empire. And now Coremetrics has received the brunt of the privacy policy ignorance of its clients, putting the spotlight on third party data-mining. In either case, cookies represent an essential tool to get their jobs done. If you don't like it...your options are simple:
Use a browser "companion". IDcide works well. It's free.
Use a proxy service that manages cookies like Privada or Freedom (yep, sneaking my affiliate ID in that URL). Zapada is a clever Java applet approach to keeping Doubleclick et.al. out.
Periodically clean out your cookie files, either manually or using any number of file tools like Webroot's WindowWasher.
Just install Doubleclick's opt-out cookie. I've assembled the URLs in one convenient location at http://webveil.com/optout.html.
Or physically edit your cookie file/directory to be read only...after installing the cookies you want in order to get personalized service...like here at Slashdot.
Cookie angst is so overwrought, but if they bother you...whip 'em into shape. You certainly have options. An exchange system would be interesting and entertaining, but enough to be worth the effort? I'll participate if someone does the work, but I think there are better uses of your programming time.
WebVeil added Coremetrics to its opt out list soon after the story broke (though incorrectly listing them as an ad network ala' Doubleclick). If you don't block cookies or filter third party cookies, but such tracking worries you...get all the opt out cookies in one fell swoop.
So, according to this attitude, let's not belabor the social impact on privacy in the electronic/databased age here in these hallowed halls because we are the technical elite and we already know how to protect ourselves. That's visionary. Erect your defenses and pay no attention to preventing the corrosion outside your door that's impacting the ignorant "newbies" or causing them to react to FUD.
In fact, here's my charge. It isn't law enforcement or an overly aggressive/repressive government that represents the greatest privacy intrusion into our average daily lives. It isn't so much the thief trying to steal our identity or crack into our personal files. It's the "technically elite", many of whom read and rant in Slashdot, who are coding the tools and services that promise to enhance our lives but forget to ask for permissions or explain in simple terms what exactly is going on under the hood. The tech world, in its rush to bring product to the marketplace or capitalize on the commercialization of the Web, has elevated the art of privacy intrusion to its highest order. And don't tell me its the marketers and business-oriented executives who are at fault because in the Net economy, they are we. I am more incensed by the ignorant or willful disregard for the intelligence or sensitivities of the consumer/end-use by such organizations as Real, Microsoft, AOL, Broderbund, Doubleclick, Mattel...than I am for the supposed threat that Carnivore or Echelon represent.
As the new economy elite, the now chic geeks and nerds who present the rest of the world with solutions, have little perspective of what the newbie has to go through to understand and use the tools being made available to him/her. If you like the insulation from the ignorant, and think that it's awe that the newbies place on your for your grand, exalted position, and that they'll follow whatever crappy User-interface, security bereft, documentation-inadequate, customer support lacking, privacy intrusive, but oh so cool looking innovation you put out there...then your days are numbered. The ground swell of reaction is coming and you better not discount it as just the trials of the newbies.
Gawd...I think we all understand eBay's motivation. The challenge isn't understanding it. It's whether they can use legal means to make such behavior actionable. eBay should erect technical defenses, not try to mold the Web into a legal pretzel to support its own business model (or rather, eBay can waste it's legal budget doing so, but the courts and legislature shouldn't support it.)
Smart business move for eBay...maybe. But that's not the point. If eBay gets its way, the court's decision provides a foundation for a litany of Web-unfriendly decisions that will kill the free exchange of information. I think there are alternatives that eBay can employ rather than going to the courts that will preserve its business model. I worry that trying to prevent deep linking, framing, spidering, metalisting, whatever through the courts or regulators is a dangerous route and one we should be taking very seriously.
How does this address the issue of propriety? EBay may not want it's listings indexed, but that alone doesn't justify it's case. If they want to restrict access, then why not require that you register and log in before browsing their listings. That would stop the automated indexing (unless it's possible to program a bot to be a registered user, heh). I totally understand eBay's gripe...but does that justify a decision in its favor? I don't think so.
I'm utterly and completely outside of the corporate world of the dotcoms. Yet whatever glimpse I get of the motivations, ambitions and strategies of these enterprises indicates to me that concern for the customer comes in dead last. Customers are nothing more than fish to be seined. A customer database, the ability to market to it or leverage it for revenue, is the principle asset that any of these ventures have. So the last thing they want to respect is privacy...
...until it becomes a marketable aspect of their scheme. Privacy concerns being the leading issue of the day, many of these dotcoms which never batted an eyelash at respect for privacy are now installing CPOs, publishing Privacy Statements, getting their TrustE certificates, and joining the Online Privacy Alliance...all to woo the consumer with their promise of privacy leadership. The mere posting of a privacy statement doesn't mean they uphold standards to which you'd subscribe. Reading closely, you'll find it is normally a disclaimer saying they'll do what they've always done, but now their letting you read it -- if you can get through the convoluted writing.
CPOs can be a good thing, acting as a staff watchdog to ensure that the company's direction doesn't cannibalize its customer base by losing trust with it. The simple existence of a CPO doesn't mean anything. It depends on what powers, dedication and attention he/she is given within the strategic direction of the company. On the other hand, a CPO is also the CEO's charge for positioning the company in a favorable PR light. Ray-Everett Church has done a lot to position AllAdvantage as a privacy respecting "Infomediary". Well, I guess you could stretch the definition (which was coined not by privacy advocates but by the authors of "Net Gain: Expanding Markets through Virtual Communities")
<sigh> But then, I'm over 30, which I guess means I have an overly protective concern for my privacy in the age of the Internet. You younger kids apparently don't share the fuss (read this)</sigh>
I just use SneakEmail. Generate a unique address for each public instance and if it is compromised, I know the source and can delete it or "dam" it up. Sort of follows along the line's of Proxymate's 'target revokable' email aliasing system. Surprisingly, even though I have around 30 different aliases in my Sneakemail setup, not one has been spammed (strictly meaning exploitation by any sender other than the site to which is was used to register or post).
And then there's always Despammed.Com, which has a good filtering system, but needs an account management method.
Don't forget the great uncleaned masses
on
Pirate DNS?
·
· Score: 2
The Slashdot audience is among the vanguard of the technical community. You all are like the few, elite runners ahead of the mass stretch of humanity after the first 10 minutes into a marathon. What most of you tend to forget is that there is a vast population that has barely or as yet even to cross the starting line. They don't know an http:// from a.net.
I use my Dad as a benchmark. He doesn't care to understand the underpinnings of the protocols or the technical whys and hows...all he wants to know is how to push the buttons and get at the information he seeks. So, he gets familiar enough to understand the tools and the routines. When I caught him going to Yahoo first and typing www.amazon.com, it opened my eyes. I've since learned that very many people use portals and indexed catalogues as namespace locators, even using them as URL entry forms.
The point being: devising clever new URL structures, alternate domain name schemes, different protocols...you're focusing heavily on "McGyvering" the system, and forgetting to consider the basic social engineering that is required to ensure these work (at least among the naive and untrained who will be expected to follow). AOL is a hit for a lot of reasons, none of which are performance or technically oriented: their KEYWORD system being one of them. All I'm saying is as you apply your creative juices to the problem, try to imagine how it will benefit my Dad.
I don't think AOL's pops are manipulated by your Explorer/Navigator script preference settings. My impression (not being an AOL-ite) is that AOL's client software delivers and manages the pop up windows. I don't even know if they use javascript to perform the pops.
But as most people note, pop up windows are one of the more annoying "features" of the Web. You can disable scripting languages, but then you lose a bunch of functionality that depends on javascript. I've found filtering programs like Proxomitron's very helpful since you can block some scripts (and some HTML and HTTP elements) by function.
Well, I could e-mail you in such a way... Of course you could. And of course there are all sort of nasty things you can do with javascript, and Java applets and ActiveX controls...but it is foolish to automatically assume that cookies are inherently sinister, anymore so than the <img> tag might be even though it can be used as a "Web bug". Your scenario bares no pertinence to the issue of Doubleclick's cookie and the banner delivery of the Whitehouse Office's ad and trying to connect those dots is a disservice to the education process (unless what you want to do is achieve some end victory not on the basis of reason but by manipulating public outrage.)
...But they [Jason Catlett and Marc Rotenberg?]are justified in doing this, because everything Internet has swung too far in the direction of making the rich richer, and screwing the little guy. <sigh> No sense in arguing with that logic.
If anyone can provide me a link to a reference that charges or infers that the White House Office of National Drug Control Policy Web site, itself, was serving a cookie or was hosting a banner that served a cookie...I'd appreciate it. In the meantime, I'll muddle through the comments of Slashdotters who I'm surprised are largely taken up by this FUD.
As I understand it, the Office participated in an ad network to market its site. If you searched Altavista for "grow pot" , a Doubleclick banner would be served for the Drug Control office Web site and, of course, you'd be cookied (unless you filter). The paranoia is that the cookie potentially represents a personally identifiable piece of information that is understandable disconcerting if you believe the government is using the cookie to surreptitiously track you personally and determine what other sites you are visiting.
But "cookie" does not automatically equal "privacy invasion". I consider it to be a disservice to the education of the Web public for Jason Catlett (Junkbusters.Com), Mark Rotenberg (EPIC, and even Richard Smith (his expose' here) to contribute to this hysteria. I think it makes for good sensationalism to further the advocacy for electronic privacy. The Whitehouse's withering before the criticism is disappointing but understandable considering that any defense would have only powered the conspiracy theory. But in terms of the threat to privacy this represents, I think it only extends the broad and irrational fear of an incredibly useful and pervasive Web technology.
If you think I'm wrong, email me or post here so I can exercise the debate. I consider myself a pragmatic privacy advocate and am willing to listen to logic.
This is just a privacy issue in disguise No it's not.
What's happening is that the spammer is behaving like an ass, and so does not want to reveal their idenity -- they want "privacy" for their actions in this case. The forgery is just a symptom of their desire for privacy. No...the spammer is acting in a public and commercial capacity and so has forsaken his expectation of privacy.
What's interesting is that this reverses the usual role of privacy in these discussions. Mostly privacy is regarded like fresh air or something -- the more the better. In reality, like most things privacy has many bad effects as good. "Privacy" is neither good nor bad. But respect for the individual's privacy is desirable, and that respect should not hinge on the characterization of the information being held private.
I look forward to the day I can program my mail system to only accept email from real signed identities -- i.e. no privacy for people sending me email. This sounds scary at first since the privacy==good thing is so conditioned, so you need to think about it a bit. You make it sound as if the right to privacy extends to the right to intrude anonymously. For one thing, you are a private individual and can set your own personal "Terms of Service" that requires identification prior to engaging in communication. This is, by no means, inconsistent with the basic premise of the right to privacy.
Slashdot Mirror
I've been waiting for that too. See the Lumeria Ad Network.
...and he was a lush (and a lech). Thomas Jefferson owned slaves. Politicians engaged in duels and killed each other. Only land owning white men had suffrage. What's your point?
The problem I have is justifying the means by the ends. In the US, at least, we have a Constitution that strictly limits such unlawful searches and seizures. Whether or not the search is justifiable because it pinches a Mafioso is immaterial. Planting a key stroke monitoring system without the same restrictions or obligations necessary for a phone tap, I think, violates that right. I'm pretty sure Benjamin Franklin would agree with me.
By the way...Ben Franklin's Web Site is a great book.
Except for cases where bots troll the WHOIS database, my inbox stays pretty clean.
I'll leave my whole spiel on Cooki e angst for another forum (which pays 2 cents per view), but I'm really surprised to read the comments here in Slashdot equating cookies with cracking, or believing that cookies lead to spam, or confusing them for the related but not synonymous "Web bug", or digressing into the topic of "spyware" which is not what the suit is about.
Cookies are a part of the Web. They require compliance on your part. Your browser must cooperate with the server asking to set or read a cookie. The advertising networks take advantage of the fact that the default setting on most browsers is wide open and most naive users never know about it or bother to learn. The best part of this suit is that it will expose more people to the issue, leading more to seek and demand greater control over their Web browsing. Explorer, particularly v5.5 with the Privacy Enhancement, has the best set of options (though Netscape 6.0 has a pretty good built-in cookie manager). Explorer has so many other privacy worries though, not the least of which is the potential for abusing the DHTML Persistence "feature" of 5.0 and later.
Cookies aren't the issue. It's what Engage, 24/7Media, Doubleclick, Matchlogic, AvenueA, et.al. are doing with the data they gather that's the bother. But I don't know if being "bothered" or "annoyed" is worthy of a suit. If it was, I'd like to go after the telemarketers first. I despise that tactic more than Web profiling.
I do too :-)
- COTSE Anonymizer (9.29%)
- TheWebSurfer (8.89%)
- HideIP (7.15%)
- Anon.XG.NU (6.98%)
- Anonymyth (6.58%)
- SilentSurf (6.25%)
- AnonyMouse (5.18%)
- IDMask (4.45%)
- SnoopBlock (4.39%)
- SilentBrowser (4.05%)
- i-SafetyNet (3.60%)
- Surfola (3.49%)
- i-Security (3.60%)
- the-Cloak (3.26%)
- WayHaven (EarthProxy) (3.24%)
- SpaceProxy (2.87%)
- OperatorPat (2.42%)
- Exonet Gateway (2.31% even though it's disabled...go figure)
- MagusNet (1.86%)
- AceSpySurfer (1.24% also disabled)
Remaining 17 have garnered the last 9.12%.The position in the chart may have something to do with skewing click-through. Those listed in the Free table are more popular than the others, even if the pay services host a free/demo version (Anonymizer, Siegesoft, Rewebber, IDZAP and Freedom all fall in the last 17). We have no way of knowing if this is representative of marketshare. Probably not. Anonymizer.Com probably ranks number among all usage of anonymizing services.
Point being...well, I guess I have none other than to point out the breadth of easy options (and as an excuse to post a link to WebVeil. You might argue that these anonymizers are just the tools of pornography seekers, message board troublemakers, or the overly paranoid. I couldn't say, but I submit that anonymity is neither good nor bad. It just is. The act or expression itself is what should be characterized, not the mechanism that makes the act or expression non-attributable.
Here's A. Michael Froomkin's familiar essay on "Anonymity and It's Enmities".
I publish a privacy information site. I installed some affiliate code that include some 1x1 GIFs. I thought I'd checked them for cookies...even highlighted them with a border to illustrate the concept to my audience. I was shocked to discover that they had started serving cookies. So I yanked them. Was I guilty of anything other than carelessness. Did I scar my privacy-conscious audience. I certainly hope not, because cookies aren't virii. They aren't little demons that get inside your circuits. They were simple impression trackers, but I removed them out of principle since they offered no advantage to the visitor.
The point is that we needn't go around fearing crap like this. There are much more important privacy issues pending. Users have, and are gaining, greater control all the time. All it takes is education, not fomenting irrational fears about an innocuous and easily defeated cookie. (Believe it or not, many people who are aware of cookies value them, and actually try to preserve them by including them in their backup routines.)
The whole industry is trying to come to grips with these technologies, as are the consumers themselves. Readers of Slashdot are light years beyond where the bulk of the 'Net population is in terms of knowledge and understanding. I think we shouldn't be contributing to the hysteria.
More of my views if you care to read
It looks like the failure is just a function of javascript filtering. If you use a proxy that allows javascript, the page renders fine. The C.O.T.S.E. proxy has a switch for enabling/disabling javascript. Try it on www.neato.com and see what I mean. We maintain a pretty extensive list of anonymous surfing services at WebVeil. Check it out.
But beyond amusement, this wouldn't serve much purpose IF you could pull it off. On a large enough scale, it might amount to a form of protest, but why? Okay...Doubleclick has become the poster child of the profiling evil empire. And now Coremetrics has received the brunt of the privacy policy ignorance of its clients, putting the spotlight on third party data-mining. In either case, cookies represent an essential tool to get their jobs done. If you don't like it...your options are simple:
- Configure your browser.
- Use a local proxy or filter. Adsubtract is a good one. I like Proxomitron.
- Use a browser "companion". IDcide works well. It's free.
- Use a proxy service that manages cookies like Privada or Freedom (yep, sneaking my affiliate ID in that URL). Zapada is a clever Java applet approach to keeping Doubleclick et.al. out.
- Periodically clean out your cookie files, either manually or using any number of file tools like Webroot's WindowWasher.
- Just install Doubleclick's opt-out cookie. I've assembled the URLs in one convenient location at http://webveil.com/optout.html.
- Or physically edit your cookie file/directory to be read only...after installing the cookies you want in order to get personalized service...like here at Slashdot.
Cookie angst is so overwrought, but if they bother you...whip 'em into shape. You certainly have options. An exchange system would be interesting and entertaining, but enough to be worth the effort? I'll participate if someone does the work, but I think there are better uses of your programming time.WebVeil added Coremetrics to its opt out list soon after the story broke (though incorrectly listing them as an ad network ala' Doubleclick). If you don't block cookies or filter third party cookies, but such tracking worries you...get all the opt out cookies in one fell swoop.
Mr. McNeely ... is that you?
(go Duke!)
So, according to this attitude, let's not belabor the social impact on privacy in the electronic/databased age here in these hallowed halls because we are the technical elite and we already know how to protect ourselves. That's visionary. Erect your defenses and pay no attention to preventing the corrosion outside your door that's impacting the ignorant "newbies" or causing them to react to FUD.
In fact, here's my charge. It isn't law enforcement or an overly aggressive/repressive government that represents the greatest privacy intrusion into our average daily lives. It isn't so much the thief trying to steal our identity or crack into our personal files. It's the "technically elite", many of whom read and rant in Slashdot, who are coding the tools and services that promise to enhance our lives but forget to ask for permissions or explain in simple terms what exactly is going on under the hood. The tech world, in its rush to bring product to the marketplace or capitalize on the commercialization of the Web, has elevated the art of privacy intrusion to its highest order. And don't tell me its the marketers and business-oriented executives who are at fault because in the Net economy, they are we. I am more incensed by the ignorant or willful disregard for the intelligence or sensitivities of the consumer/end-use by such organizations as Real, Microsoft, AOL, Broderbund, Doubleclick, Mattel...than I am for the supposed threat that Carnivore or Echelon represent.
As the new economy elite, the now chic geeks and nerds who present the rest of the world with solutions, have little perspective of what the newbie has to go through to understand and use the tools being made available to him/her. If you like the insulation from the ignorant, and think that it's awe that the newbies place on your for your grand, exalted position, and that they'll follow whatever crappy User-interface, security bereft, documentation-inadequate, customer support lacking, privacy intrusive, but oh so cool looking innovation you put out there...then your days are numbered. The ground swell of reaction is coming and you better not discount it as just the trials of the newbies.
Gawd...I think we all understand eBay's motivation. The challenge isn't understanding it. It's whether they can use legal means to make such behavior actionable. eBay should erect technical defenses, not try to mold the Web into a legal pretzel to support its own business model (or rather, eBay can waste it's legal budget doing so, but the courts and legislature shouldn't support it.)
Smart business move for eBay...maybe. But that's not the point. If eBay gets its way, the court's decision provides a foundation for a litany of Web-unfriendly decisions that will kill the free exchange of information. I think there are alternatives that eBay can employ rather than going to the courts that will preserve its business model. I worry that trying to prevent deep linking, framing, spidering, metalisting, whatever through the courts or regulators is a dangerous route and one we should be taking very seriously.
How does this address the issue of propriety? EBay may not want it's listings indexed, but that alone doesn't justify it's case. If they want to restrict access, then why not require that you register and log in before browsing their listings. That would stop the automated indexing (unless it's possible to program a bot to be a registered user, heh). I totally understand eBay's gripe...but does that justify a decision in its favor? I don't think so.
CPOs can be a good thing, acting as a staff watchdog to ensure that the company's direction doesn't cannibalize its customer base by losing trust with it. The simple existence of a CPO doesn't mean anything. It depends on what powers, dedication and attention he/she is given within the strategic direction of the company. On the other hand, a CPO is also the CEO's charge for positioning the company in a favorable PR light. Ray-Everett Church has done a lot to position AllAdvantage as a privacy respecting "Infomediary". Well, I guess you could stretch the definition (which was coined not by privacy advocates but by the authors of "Net Gain: Expanding Markets through Virtual Communities")
<sigh> But then, I'm over 30, which I guess means I have an overly protective concern for my privacy in the age of the Internet. You younger kids apparently don't share the fuss (read this)</sigh>
And then there's always Despammed.Com, which has a good filtering system, but needs an account management method.
I use my Dad as a benchmark. He doesn't care to understand the underpinnings of the protocols or the technical whys and hows...all he wants to know is how to push the buttons and get at the information he seeks. So, he gets familiar enough to understand the tools and the routines. When I caught him going to Yahoo first and typing www.amazon.com, it opened my eyes. I've since learned that very many people use portals and indexed catalogues as namespace locators, even using them as URL entry forms.
The point being: devising clever new URL structures, alternate domain name schemes, different protocols...you're focusing heavily on "McGyvering" the system, and forgetting to consider the basic social engineering that is required to ensure these work (at least among the naive and untrained who will be expected to follow). AOL is a hit for a lot of reasons, none of which are performance or technically oriented: their KEYWORD system being one of them. All I'm saying is as you apply your creative juices to the problem, try to imagine how it will benefit my Dad.
But as most people note, pop up windows are one of the more annoying "features" of the Web. You can disable scripting languages, but then you lose a bunch of functionality that depends on javascript. I've found filtering programs like Proxomitron's very helpful since you can block some scripts (and some HTML and HTTP elements) by function.
Of course you could. And of course there are all sort of nasty things you can do with javascript, and Java applets and ActiveX controls...but it is foolish to automatically assume that cookies are inherently sinister, anymore so than the <img> tag might be even though it can be used as a "Web bug". Your scenario bares no pertinence to the issue of Doubleclick's cookie and the banner delivery of the Whitehouse Office's ad and trying to connect those dots is a disservice to the education process (unless what you want to do is achieve some end victory not on the basis of reason but by manipulating public outrage.)
<sigh> No sense in arguing with that logic.
As I understand it, the Office participated in an ad network to market its site. If you searched Altavista for "grow pot" , a Doubleclick banner would be served for the Drug Control office Web site and, of course, you'd be cookied (unless you filter). The paranoia is that the cookie potentially represents a personally identifiable piece of information that is understandable disconcerting if you believe the government is using the cookie to surreptitiously track you personally and determine what other sites you are visiting.
But "cookie" does not automatically equal "privacy invasion". I consider it to be a disservice to the education of the Web public for Jason Catlett (Junkbusters.Com), Mark Rotenberg (EPIC, and even Richard Smith (his expose' here) to contribute to this hysteria. I think it makes for good sensationalism to further the advocacy for electronic privacy. The Whitehouse's withering before the criticism is disappointing but understandable considering that any defense would have only powered the conspiracy theory. But in terms of the threat to privacy this represents, I think it only extends the broad and irrational fear of an incredibly useful and pervasive Web technology.
If you think I'm wrong, email me or post here so I can exercise the debate. I consider myself a pragmatic privacy advocate and am willing to listen to logic.
No it's not.
What's happening is that the spammer is behaving like an ass, and so does not want to reveal their idenity -- they want "privacy" for their actions in this case. The forgery is just a symptom of their desire for privacy.
No...the spammer is acting in a public and commercial capacity and so has forsaken his expectation of privacy.
What's interesting is that this reverses the usual role of privacy in these discussions. Mostly privacy is regarded like fresh air or something -- the more the better. In reality, like most things privacy has many bad effects as good.
"Privacy" is neither good nor bad. But respect for the individual's privacy is desirable, and that respect should not hinge on the characterization of the information being held private.
I look forward to the day I can program my mail system to only accept email from real signed identities -- i.e. no privacy for people sending me email. This sounds scary at first since the privacy==good thing is so conditioned, so you need to think about it a bit.
You make it sound as if the right to privacy extends to the right to intrude anonymously. For one thing, you are a private individual and can set your own personal "Terms of Service" that requires identification prior to engaging in communication. This is, by no means, inconsistent with the basic premise of the right to privacy.
I like it. Similar to Proxymate's "target revokable address" feature. Let's see if my new Slashdot-unique public address collects any flies.