GOOD.
First thing Monday I'm going to make a donation to the EFF. This is good stuff.
Also, +1 to El Reg for actually properly using "looses" as opppose to all these people who can't spell 'lose'.
In the wake of Yahoo!'s decision to stop honoring browsers' Do Not Track signals, the Electronic Frontier Foundation has released a new blacklisting tool that will automatically block tracking cookies from sites that refuse to support DNT. Dubbed Privacy Badger, the tool is available as a browser plugin for Chrome and Firefox …
According to most reputable sources I can find, "sod's law" is actually a newer coinage than "Murphy's law". Murphy's law is definitely referenced by name from the early 1950s, but "sod's law" doesn't appear in print until 1970.
So "always been called"... may not be as accurate as you think.
Lady Chatterly made it into print in the 1960's I believe.
It was good to be young then. Not that I ever read it of course. I am looking forward to a transaltion of Fanny Hill into the vernacular (to be venal.) Especially because I like my porn to end happily ever after. Not just so I can understand it, I assure you.
So sod's law get's trumped by Murphy does it?
Well that just goes to show how sod's law works doesn't it.
>>"it must be an Americanism, because in Britain the same phenomenon has always been called Sod's law."
I have heard Murphy's Law as a child in the UK. But I think it's mainly because back then "sod" was a vaguely bad word and I got the child-friendly version of it. Probably why you get Murphy's Law in the USA - their aversion to "rude" words.
I wanted to write "Sod's Law" actually, but someone had already used "Murphy" and "Sod the Powerful God" just was either too rhyming or too open to verb / noun confusion.
Except that might be grounds for a suit. Perhaps a quick beep to the EFF and for every, say, 100 times they get a red flag, the EFF can send an e-mail to the admins of that website listing the violations. Of course, they'd also need to find a way to make sure it's not summarily filtered, but enough of them should start getting their attention. And the sites can't accuse the EFF of spam since each message is different and all the e-mails will be valid claims of misconduct.
I like the way you think, malle-herbert. Upvoted.
I use FF because it allows me to armor up and not fall victim to the whims of websites.
Adblock, Flash block, script block, privdog, clear history on close, Ghostery. Plus my hardware and software firewalls. Plus my AVs, both active and passive. It takes ALL of those running at once to safely surf these days. And even then things get through. (very very little in my case)
So no matter what the website/trackers decides, they can kiss my shiny metal ass. Because thanks to them, they have made surfing the web akin to slogging through the sewers in a knife fight.
Install the above and you will be shocked at the amount of malware it blocks for Yahoo alone.
Especially since many sites ... are now employing ad-blocker-blockers of a very broad sort.
My universal response to being told to turn off my adblocker or allow third-party tracking is simply to add that site to my blacklist and move on to the next site. I've lived perfectly well so far without whatever the site is offering and I'll live perfectly well without it for many years yet.
Same thing goes for sites that display nothing but a "You must enable Javascript to view this site" banner. If you don't give me any reason why I should allow Javascript for your site, you don't give me any reason to be a potential customer (or product!) A good site should fall back gracefully to at least let people see what you're offering so they can decide whether they want to enable Javascript or not. By all means have a banner advising me that some features need Javascript, but at least give me something to be able to base that decision on.
That may well be possible if you have an alternative, but I note you left out the key word exclusive. In this case, it's down to a take it or leave it. If you turn them down, you have to go without the offer since you can't get it anywhere else.
And it gets dicier when you're not talking about something cosmetic but important stuff like exclusive drivers, security patches, and so on. What if the only way to keep your system safe is to submit to the cookie minefield? (And yes, I've personally experienced such a dilemma for an old driver)
"Running multiple AVs at the same time...
FFS people, this is supposed to be a website with a technically inclined readership..."
Spybot plays nice with every AV I've ever used, but it is only used in passive/immunized mode. My firewalls are firewalls only. I've chosen Avast as my main "live/active" AV.
Yes, thank you. I've resolved many a user's performance problem because they were running 2 AVs. If I hadn't known this for the last 10 years, your advice would have been timely.
If you want to get rid of some of the stuff you're using to get rid of tracking cookies, malware and so on, switch to Linux and get rid of all of your AV software. And, if it matters, you can stop paying for your OS, your applications and your upgrades because Linux is free. Or, you can keep on throwing money into Microsoft's money pit if you prefer.
> Free software and lack of malware (even if only an illusion) does not have anything to do with website activity tracking.
Perhaps not directly, but it removes the commercial incentive to allow it, which is a good start.
Using a browser's porn mode helps. Most sites work if you allow JS for the site, but block off-domain content, so noscript is still useful. Also, something like "better privacy" for ditching flash cookies.
DNT is great in theory, except it was doomed the minute Microsoft decided to make it on by default. A cynic mind might even suggest it was done deliberately to compromise the idea. Don't forget - this is not the first time something major has chosen to explicitly ignore DNT being set, on the basis that you couldn't actually rely on the user having made the choice.
> Your logic is backwards. Consumers should have to opt-in to being tracked.
Yes they should, but that's ireelevant: prior to DNT there was not any opt-in *or* opt-out. DNT gave you at least the opt-out. MS then deliberately broke it by turning it on by default thereby almost forcing sites to ignore it, which not long after brings us to where we are now. Exactly as I predicted.
Amazing how many people actually thought MS were doing us all a favour. So bloody naive.
Well here's how I see your argument: all these ad companies were basically fucking us up the ass whenever they wanted, but they agreed to only do it if we'd had a good night's sleep first. Then Microsoft came along and taped our assholes up, so the ad companies pulled the tape off and fucked us. You think that was what Microsoft wanted and you're angry at them because you thought it was damned civil of the ad companies to say they'd let us have a few z's first. Am I on the right track here?
While I like your expression, MS didn't 'tape our assholes up', if anything they weakened the tape. They sabotaged DNT. DNT was weak (as it was not backed by law) and if it became common to opt out it would have been murdered later. Instead, MS ensured it was murdered sooner.
> you thought it was damned civil of the ad companies
don't assume too much just because I didn't spell it out. TBH if I could release a virus that castrated every ad company employee in the world forever I'd do it. They are a disease.
Now, given that they are a disease I use a comprehensive blocklist so I kill >99% of ads anyway. Do you? Do you make any effort to systemically deal with ads? And do you see a longer term issue here that has to be solved if ads are to be abolished forever (in other words, can you see the disease is perhaps self-inflicted)?
(am pissed, please excuse any laxity or errors)
Do you make any effort to systemically deal with ads?
Whether you do or now, the ad companies make every effort to systematically deal with people who systematically deal with ads. They employ broad ad-blocker-blockers and start having host sites and other legitimate domains host the ads, meaning if you block the ads you block the content, too. And with more and more exclusive (and perhaps even important) content being hidden behind these cookie minefields, it increasingly reaches the point of "Do You Dare?"
What I particularly "enjoyed" was how these charitable advertising organizations developed a system to "opt out" of their industry's tracking.... but only by setting cookies in your browser, requiring cookies to be enabled, of course.... :D
Right now technology is running a couple of decades ahead of brain-dead politicians, who are either clueless about how they are allowing technology to invade traditionally-sacred personal/political liberties, or in such service to the monied interests that the result is the same.
That may well be, but a PROPER government would put people before business and demand that businesses NOT track a person unless EXPRESSLY and EXPLICITLY permitted. Much like that recording scandal in California (it's an all-party explicit consent state). And if they don't like the way that works, well they can just find another line of work. (Rude Salute)
"DNT is great in theory, except it was doomed the minute Microsoft decided to make it on by default."
This is either hopelessly naive or hopelessly MS-bashing, more likely both. DNT was doomed the moment it was invented, even before the proposals were first published. The very first time I heard about the idea, I concluded that it was fatuously naive optimism on a scale that is rarely seen anywhere, and nothing in any of the subsequent discussions has inclined me to change that opinion.
I guess its the same kind of people that need supervision when using a butter knife, lest they gouge out their own eyes.
If the browser with DNT connects to a site with ads, only request enough data to display the ad (Screen resolution, browser version, etc) and only record that someone saw that ad. How is this so difficult?
Just displaying the ad isn't enough anymore. Those that relied simply on that data have since disappeared. The ad companies that remain won't really pay you unless that ad brings something along with it, like some kind of identification. And no, they will accept no less since it's the only way they can stay in business. And if the web providers can't get ad revenues, everything will start falling behind paywalls.
Everything you DO want to read sea or hear on the internet will start falling behind paywalls.
There. FTFTFY. It was right the first time, as I can speak from experience. More and more important and exclusive content is starting to get locked down.
I never understood the deal with cookies. Why do browsers accept them by default? Normally, there would be an "allow cookies from this site" button in the bottom right (and that only for the purpose of allowing the site to remember log-ins).
I blame netscape, which presented an ugly popup window (that interrupted your browsing), everytime a site wanted to set a cookie, so most users just set their browser to "allow all", so this became the "standard behaviour".
Exactly, and I block them to by default. So if you don't accept third party cookies will this version of Badger do anything for you?
Normally use FF with NoScript as my general browser and have set annoying repeat offender cookies to be automatically scrubbed when it closes (also cache, logins, etc...). One usability problem with this is that drag&drop or cut&paste doesn't work from the show cookie sub-window to the scrub sub-window; have to type them in manually (take note Mozilla).
... thanks for the tip - Privacy Badger has greatly improved my browsing experience of The Register as it has the effect of blocking ads. Flashblock did a good job of not distracting my eyeballs but page loading is much faster now that I don't even see the space a blocked Flash ad used to take up. But ultimately I guess my selfish actions are contributing to the death of "free" content made possible by advertising. Oh dear...
I see that most people on here advocate not allowing cookies
a compromise is to allow cookies and then either use an addon to delete them each time you close FF / or other browser of choice, or use something like CCleaner to delete them all on a regular basis
Neither option is really all that labour intensive
It's really only 3rd party cookies that are the problem. You usually DO want the one(s) belonging to the sites you log in to.
Almost all privacy issues are 3rd party ones (they let a 3rd party track you as move from site to site!).
Firefox lets you disable all 3rd party ones. But some actual sites then are confused unless you delete the cookies for that site and let them be re-created. I don't know if it's a bug. But at the FIRST time you disable ALL 3rd party cookies you might have to log out of a site, delete (not same as disable) all cookies, close browser, open browser then log in again and the "desired" site cookie then works.
I recommend the 'Cookie Controller' FF (i.e. Pale Moon) add-on.
Set default for the 'off state' (cookies blocked) to 'force at start'; and default for the 'on' state (click the 'Toggle' button to allow cookies for all sites or the 'Permissions' button to allow just the current site) to 'session only'.
The vanishingly-small no. of sites you want to keep the cookies from you can set to, e.g for Ixquick or somewhere else you genuinely trust: 'Cookies allowed'. For sites like El Reg: 1st party only, which keeps your log-in details
If in a hurry and clicking the 'Cookies Toggle' button to, say, enable global 'session only' cookies, next start it will have reverted back to 'blocked' by default.
There's a Firefox addon I advise less technically inclined relatives to use called Self-Destructing Cookies. It automatically blocks all third-party cookies. For first-party cookies you click on the addon icon when visiting a page and get 3 simple options: the cookie self destructs after you close the tab (default), after you close the browser or never (useful to stay logged in to sites you trust).
It works out better than a simple system of blocking everything apart from the stuff on your whitelist since some sites kick up a fuss / refuse to work without first-party cookies. Having the cookie self-destruct after you close the tab is a good compromise.
Someone has to pay for your content because you sure as hell don't. You want if for free (as in, no money direct from your wallet).
So companies have come up with innovative and groundbreaking ways to sell advertising space to cover cost. And now you block that.
Luckily the impact will be slight as this is just neckbeard extremists from the EFF, not a group many have heard of and even less take seriously.
What these sites should do is detect content thieves like you (which is what you ate, reading without paying) and block you. That way you get what you paid for; nothing.
If you don't like tracking, don't use the WWW or pay for your content.
I'm quite happy to pay reasonable prices for content - though news sites are unwilling to provide it (e.g. I might want to look at Le Monde for an hour a month, but that will cost me 20 euros - there is no PAYG)
I am also prepared to put up with adverts for free content.
What I am not happy about is all the tracking of me as an individual by organisations which may, for all I know, be as criminal as you can get. How do I know who information is being sold to? Google at least tell me their policies, but what about these trackers that most people have never heard of?
So your dichotomy is a false one; it's a trichotomy at least. The third option is, if you don't like tracking, only accept ads from companies with which you have an explicit relationship.
No, it's a true dichotomy because the ONLY ads that matter anymore are tracking ads. All the dumb ad networks have since disappeared. And as for an explicit relationship, that's a loophole one could drive a lorry through. They'll FIND a way to make the relationship explicit, and then all bets are off.