Flash LSO cookies?
Without some way to deal with them (like the BetterPrivacy Firefox addon) fancy cookie control is not going to do the job.
Microsoft says it will offer a privacy setting in the next version of Internet Explorer that will make it easy for users to keep their browsing habits from being tracked by advertising networks and other third-party websites. The feature, known as Tracking Protection, was unveiled on Tuesday, five days after the Federal Trade …
They are not really up on Mozilla as Firefox has an add on called Ghostery which blocks tracking. Ok, it is not built in to Firefox but it is still available, and it does block everything (well, that is known). I bet you can guarantee that if Microsoft has something like Google Analytics (have no idea if they do) then IE9's Do Not Track will not disable that!
Though admittedly the interface to it is fscking awful ("what interface"???)
Tools - Options
Choose Use Custom Settings for History
Accept cookies from sites (unitck)
Then use the Exceptions to whitelist sites.
It would be nice if they actually made this easier to use (to say the least!), but the functionality has been there for as long as I can remember (but that may be not much longer than 7 seconds with my memory).
"given that most home users browse from a single PC"
My parents own two, most of my friends parents own two, I know families with 3 or 4 pc's. Don't forget the wii's, PS3's and Xbox's.What about iPhones, pad, tablets, et al?
Or do you mean by Home Users, you mean single people?
I DON'T have a static IP address - but it hasn't changed in probably 8 months (I have some stuff online that can only be accessed via whitelisted IP addresses).
Although my PS3, Desktop, partner's laptop and the like all connect through the same router - ergo all have the same IP address as far as the Internet is concerned, it wouldn't take a great deal of effort to uniquely track any machine on the network based on information the browser "leaks" through the HTTP headers - hell, you can almost uniquely identify machines based on the UserAgent alone.
If my IP address doesn't change very often and there are only a handful of devices on my home network, uniquely tracking any machine on that network wouldn't be challenging irrespective as to whether I'm running the browser in porn mode or not.
Let's be honest - this improvement in IE9 is basically just selective porn mode - it _is_ an improvement... just not an enormous one (compared to almost any other browser going).
Better Privacy. CS-Lite. NoScript. RefControl.
Default setting of no cookies accepted. If the site fails to work without cookies then allow for session only. Third party cookies? NEVER. No script allowed except from trusted sites. If an untrusted site requires script to function I go elsewhere. The most prominent tracking and ad servers are blocked at router. Inconvenient? Yes a little.
Use of IE, WMP, Netmeeting, Chrome, Hotmail, Gmail or anything that connects to Google or MS servers never.
Logging of IP? This cannot be avoided unless one uses a chain of proxies, although I don't bother because I do not trust proxies either.
Do I need IE9 and it's new feature to protect me from tracking? Not at all.
Do I feel safe and secure online? Not entirely.
My paranoia? Rampant.
Do I care that I might be ridiculed for such draconian measures? Not at all.
This is still completely the wrong approach, any form of tracking must be on an explicit opt - in basis only.
Protecting privacy is far more important than advertiser's desire for profit, if they consider this data so desirable, I expect to be paid for it.
Punishment for unauthorised tracking should be swift and unforgettable, appointing the PFY as consultant on sanctions should be the first step.
>>"This is still completely the wrong approach, any form of tracking must be on an explicit opt - in basis only"
Even if that's what you want, wouldn't it actually be an additional 'good' if you could explicitly blacklist some sites to stop them repeatedly asking (or doing things which caused you to be asked) if you wanted to opt in, even if adding someone to such a blacklist is effectively an opt-out option?
By definition, if you aren't letting a site track you, they can't know if you're a new visitor, are someone who declined their tracking previously on a one-off basis, or are someone who really doesn't even want to be asked.
If the site had some way of knowing your attitude to them, it could at least potentially avoid doing things that might annoy you.
". . . that we are far better off developing solutions and choices as an industry than if we allow the government to do it for us.”
If only more corporations would adopt this attitude. For instance, in the US, if the health insurance industry had this attitude in the 90s there would have been no real need for the Affordable Health Care Act. If the finance industry would target obscenely high pay in public companies. If natural gas drilling companies would take ground water contamination seriously. Etc,etc., ad naseum. . .
But no. Thank goodness for government of the people, by the people, and for the people to regulate corporate bastards when they won't do it themselves.
I'm sure that M$ is refering to persistant "Flash" cookies. I wrote a Linux script a year ago, which removes flash-cookies while browsing. However, there is a new type of cookie making its way across the web. The EverCookie. The following address links provides more info and definition of what an evercookie actually is: "http://samy.pl/evercookie/" . Here's one more: "http://www.boingboing.net/2010/09/22/evercookie-a-trackin.html" . The first link is the actual developer's site. I've been to the site.. (No, it doesn't leave an evercookie on your browser).
But how does that compare to a 'do not spam' option for mail inboxes?
A 'do not track' browser setting could be designed to prevent a blacklisted (or non-whitelisted) site leaving any trace (not merely requesting that a site doesn't engage in tracking), and have its operation updated to keep up with attempts to get round it.
In reference to 'do not spam' for email inboxes.. Most email clients already have filtering with blacklists. the reference was a silly comparison to something like a statewide 'do not call' list.
In reference to: "A 'do not track' browser setting could be designed to prevent a blacklisted (or non-whitelisted) site leaving any trace (not merely requesting that a site doesn't engage in tracking), and have its operation updated to keep up with attempts to get round it."
I invite you to read a comment left by "Paul 98" title: "Cookies aren't the real problem #". It's further down the comment list. Cheers ;)
The fingerprint thing is technically surmountable though - it woudn't be hard to limit what information a browser provides regarding fonts, plugins, etc, especially to untrusted sites.
Would it be hard to define a set of 'lowest common denominator' responses that would allow most sites to get the information they might need, without giving away significant information or having a browser over-claiming its capabilities?
If the information-limiting was actually tied to a browser privacy control, it could be that untrusted sites were given very limited information
... Microsoft introduce a feature that some browsers have had for yonks. Well done MS, I would so love to be in the meetings where some one comes up with these bright ideas.....
Lets call it a Zune! - "Your fired"
Lets call it bing! - "Your fired"
Lets introduce porn mode properly! - "Your fired"
Esc, because just like the Mafia, when I thought I was out, the IT geeks pulled me back in!
Righty here we go again, MS does something that is a step in the right direction and still people slag them off.
Yes yes im sure someone else would have done it before but look, in 1959 Volvo was the first production car to slap a 3 point seatbelt in their cars.
Shock horror! others followed them because its a pretty good idea! so obviously we should all only buy Volvos now yes? because they did it first right?
You buy your gas and elecky from some provider because its the cheapest its ever been by anyone! Course no one going to do better are they? you'll just stick with your "brand" and imagin that its always the best
seriously guys, grow up, if you stick religiously to a brand or in this case product you are the ones to lose out, ill swap around browers and software every few years because different versions of different software are always different. From what ive seen ill give IE9 a go, if something better comes along ill swap to that.
Will IE 9.0 run on Windows 2000 or XPee? No
Will it run on Vista? only if you install SP2.0
& will it run on Windows 8 ? well, I suspect if theres 'leverage' to convince/force users to migrate to a new platform, but then there will probably be IE10.0
So changing the operating system is no convincing reason to 'give IE 9.0 a go' thank you
Really, come on, Will your ford focus run on 2 stroke? how about an old 8 track tape playing in your DVD player? Look, life moves on, software changes, one of the reasons Windows is (was) in such as mess was because it DID keep backward compatability, look around and do some research Dispite its flaws windows Xp was one of the most backward compatible OSs ever made.
Linux has (had) major issues with old hardware and still does to some degree, lets not even start with Macs and their closed hardware designs, I am glad that MS has finally removed some of the old crap from the OS, that they are forcing hardware and software vendors to adopt better standards, its called progress and i for one would give MS a big thumbs up if they went further to try and remove some of the system stability issues when you install third party apps/drivers.
If you wish to stay with your old OS then good for you, I and no one else is going to stop you, but if you want to play with the new toys then you will have to change because we do not want an OS or its software to be bugged down with your old software compatibility flaws
Better late than never.
For years, it's seemed to me that browser manufacturers have been in league with the trackers. Otherwise, why would anti-tracking/privacy features be relegated to deep down in the options menu where they're a pain to use operationally?
As a Web Designer going back to the days of Netscape 2.1 and Mosaic I have developed a really big mistrust of Microsoft's IE, the "sod the rest of you do it our way" thought processes which went into the creation of IE5 and IE6 still make me shudder.
However, I must say that Microsoft do seem to really be doing some good things with IE. I'm still not at the point where I would dump Firefox (and all its wonderful plug-ins) for IE9 but that point may well arrive. Regardless, it is refreshing that they are finally looking at web browsing and innovating.
If Microsoft is at all concerned about consumers they would stop forcing the sale of IE upon everyone.
Funny that Microsoft thinks about stopping the tracking but not stopping the forced sale. IE costs real money. Cash money. Yet, the idiots at Microsoft claim to think that all consumers want to spend more money for their crap.
Give individual consumers the choice or go home.
forced sale huh? tell you what, lets make Microsoft make an OS without any browser at all, and whilst they are at it they may as well not offer a download link to other browsers, it is their software they can do what they like (as Apple does), so that leaves every day joe sh** out of luck if they wanted to jump on the net or download a broswer of their choice. you have the choice to use it or not to use it, if you wish to remain ignorant and insist that browser X (insert any browser in there including IE) is the best ever and never use anything else thats your choice.
Now your going to go on about the intigrated browser bit, well yes, even if you uninstall it, bits are still there, but remember, ITS THEIR OS!! use something else if you dont like it.
Just use Firefox and go to Tools>Options>Privacy and check the "Accept third party cookies" with "Keep until" set to "I close Firefox", and check "Clear history when Firefox closes". Also go to Tools>Options>Advanced>Network and set the cache to 0MB. Keeps the functionality at websites but gets rid of everything upon close.
Good on MS for doing this. Personally I've set FF to delete all cookies on exit and use other plugins etc. But anyway, the issue is not cookies. They're fairly easy to deal with by just deleting them, manually if you have to, or automatically, whatever.
Even if you have no cookies or any other identifying file on your PC (flash files etc) you can still be tracked using the information your browser sends to the sever alone: User Agent, plugin details, installed fonts, time zone, screen resolution and colour depth etc all combine to provide a fingerprint that is unique enough to identify you, especially when combined with an IP.
See how unique you are: https://panopticlick.eff.org/
Even if you disable java script you can still be tracked with a fairly high degree of accuracy.
And even if you manage to disable all of that data being sent by customizing your browser and changing non standard settings or compiling your own, well you can still be tracked because 99.999% of other users don't have blank data for these things - you're unique in sending no information.
I heartily agree!
I was an avid Firefox user for years, and for a very long time used to stick with software packages faithfully, rarely finding the time or inclination to 'play the field', as it were.
And in all fairness, who of us finds the time to constantly look for a newer, better CD writing program or media player.
It was no different with my Windows install. For five years I refused to reinstall, as my software suite spanned literally several hundred apps. Add to that 3 different graphics cards from 3 different manufacturers, requiring specific driver versions to work together, you may start to appreciate my reluctance, but I digress.
Obviously, when you install 300+ apps (not all well written) on one poor OS, things start to become a little unstable. I persevered with it's increasingly quicky behaviour, until Firefox, AND Opera became too unstable to use.
It really took this much preassure for me to finally try IE, and obviously I wasn't going to use IE6. What suprised me, was that despite the entire system being about as stable as a one-legged man in an arse kicking competition, IE8 ran quite smoothly on the ancient hardware.
Then I discovered the power of the Internet Accelerators. MS have made it sooo much quicker and simpler to add your own, for pretty much any website. In IE8, open the search drop-down, choose 'Find more providers' and at the bottom of the page click "create your own search provider".
Now, I can highlight a bit of text on a webpage, click the accelerator button, and choose from any of my custom serch providers. This will open a new tab instantly with search results from that website.
At work, I have PCI vendor database, technet, driver download sites, google maps.
At home, I have torrent sites, IMDB, Disc label sites, certain astalavista sites, and even google images with 'safe search' turned off - highlight celebrity name in news and auto-perv.... (posting anon. for obvious reasons!)
I have long since remastered, and upgraded my hardware, but I now use IE primarily at home, because of the speed at which I can process one key word or phrase through a dozen different sites to glean the content I want in a fraction of the clicks required in Firefox.
And I think you could do it in 7
You choose the prompt option and after a few weeks browsing with a few additional clicks hey presto - you have a black and white list where you can change the setting for any site if you find you blocked/allowed it accidentally.
The real problem is crap sites which rely on cookies wanting blanket cookie enablement coz they cant be arsed to tell you the name of the site that needs to be allowed. Still - they couldn't be arsed to write a proper web site in the first place so no real surprise there.
This post has been deleted by a moderator
Biting the hand that feeds IT © 1998–2020