Apple Adding "Do-Not-Track" To Safari 126
bonch writes "The latest developer preview of OS X Lion includes a 'do not track' privacy feature in Safari, the latest browser to do so following Mozilla Firefox and Microsoft Internet Explorer. The feature complies with a privacy system backed by the FTC that allows users to declare that they do not wish to be tracked by online advertisers. This leaves Google Chrome as the last prominent browser not to support the feature. As an online advertiser themselves, Google states that they 'will continue to be involved closely' with industry discussions about compliance with the do-not-track system."
In other news ... (Score:5, Funny)
Microsoft added a 'Do Not Crack' plea button to Internet Explorer ... hackers were unavailable for comments on whether this new button will convince them of leaving the browser alone
Re:In other news ... (Score:5, Funny)
Anyone still using IE probably needs a "Do Not Use Crack" button more.
Re: (Score:2)
But who's to say IE's developers will pay any attention to it?
Re: (Score:2)
Re: (Score:2)
Slashdot still doesn't work properly in any browser after the recent rewrite.
Use Chrome Block (Score:1)
There is an excellent 3rd party extension for Chrome called "ChromeBlock" that opts you out of ad tracking networks. I use this combined with one called "Disconnect" that dispersonalizes searches and blocks 3rd party sites from tracking you.
Ghostery works great in Sarfari... (Score:1)
Re: (Score:2)
Except that it's a completely different thing that solves a completely unrelated problem.
Re: (Score:2)
Except that it's a completely different thing that solves a completely unrelated problem.
OK but that's all I want to hear about your penis enlarger.
Re: (Score:3)
Fine, but don't come crying when your partner dumps you for someone who did. Well actually do come crying, there's a deluxe model you see...
Re:Chrome has a privacy mode (Score:5, Insightful)
The interpersonal privacy compromise problem is a legitimate one. Potentially embarrassing or worse. Incognito mode does a reasonably effective job of stopping that one(I haven't read up on whether or not the latest forensics packages can do anything against it; but the contents of a closed incognito session are safe enough from your roommate/spouse/kids/nosy sibling/etc.)
Against remote 3rd parties, though, incognito mode is highly limited. It does flush cookies when the session is terminated, which is better than nothing; but with most broadband IPs being close to static, it often isn't rocket surgery to correlate and reconstruct user activity even if you lose some cookies(indeed, being able to run an incognito session and a standard session at the same time and on the same host probably makes that easier, unlike the older, cruder methods where the user manually wiped all their sessions after a period of time).
They are really two entirely different classes of threat.
Re:Chrome has a privacy mode (Score:5, Informative)
To summarise:
"Privacy Mode" means "Do not store information about what I've been doing ON THIS COMPUTER"
"Do not Track" means "Dear Advertisers, Do not store information about what I've been doing ON YOUR SERVERS"
Large difference.
Re: (Score:2)
'Do not track', however, is just a polite request(similar to a robots.txt). There is absolutely no way of technologically forcing compliance(other schemes, like assorted cookie-handling plugi
Re: (Score:2)
'Do not track', however, is just a polite request(similar to a robots.txt). There is absolutely no way of technologically forcing compliance(other schemes, like assorted cookie-handling plugins, tor routing, and such attempt to solve the problem technologically, with varying degrees of success and tradeoffs. DNT is just a psuedo-standard way of asking). If major players actually buy in, it could end up being quite useful(given that outwitting data-mining professionals is a bit of a cat-and-mouse, particularly for Joe User). If major players ignore it, or farm out plausible-deniability subsidiaries to do it for them, DNT will be a dead letter./quote.
I think that the usefulness of DNT as an adopted industry standard is that it could pave the way for future legislation. So far as I know, in some countries, it is already illegal to gather and store private information about someone who has explicitly asked that it not be done. In US this is not the case, but this could be changed - it's a fairly reasonable law, in my opinion, since the burden is on the user to ask. But then, if courts agree that DNT amounts to such an explicit ask, then suddenly it gets some legal teeth.
This does nothing in the most general case (of servers being hosted somewhere in China etc), but it's still a good start.
Re: (Score:2)
One can use tools like sandboxie to help with making sure browsing traces are isolated from each other, and when done with the site, end up being gone, which helps local security, as well as remote security.
For local security, putting the sandbox from sandboxie on a TrueCrypt partition and having sandboxie do a wipe when deleting the sandbox is good. Not just security from someone nosy with an undelete utility, but having file isolation so that possibly damaging stuff never ends up on the same drive as the
Re: (Score:2)
Chrome already has "incognito mode," so I'm not sure what more you could want from a browser if there is any concern about privacy.
They all have a version of this feature. Safari started it all off with their Private Browsing back in 2005. Three and a half years later Chrome 1.0 gave us Incognito mode, IE8 then include the InPrivate Browsing. Firefox 3.5 also has Private Browsing while Opera 10.5 has Private Tab / Private Window.
Why would you want to have both systems? Well, why not. Frankly, I don't think you can have too many features to protect your privacy online. This new header is more of a directive to the server not to track th
Re: (Score:2)
If Web browsers were engineered to value privacy, they would have some way of masking fonts and other identifying info. Even with privacy browsing, one can use EFF's panopticlick to find out that in most cases, one's browser is unique, either due to the fonts used, the OS and browser, or a distinct combination of the above. I have yet to find a browser that obfuscates this info in a good manner.
Until this is done, advertisers still can track on this information.
Re: (Score:2)
Chrome already has "incognito mode," so I'm not sure what more you could want from a browser if there is any concern about privacy.
Plenty! And Safari already had it's Private Browsing feature (where that idea in Chrome came from). In those modes, cookies are not saved past the current session, browser history isn't saved, your downloads history isn't preserved, etc. For me, I like those things, but my need for cookies is limited to things like Slashdot recognizing me so I am logged in all the time. I don't need ad tracking.
Disabling third-party cookies? (Score:5, Insightful)
Do any of these "Do Not Track" buttons in browsers actually do anything useful, like disable third-party cookies, or does it just amount to an altogether useless "pretty please!" plea to the oh-so-ethical tracking/advertising industry? If the latter, then aren't these fancy "Do Not Track" buttons actually WORSE than nothing since they'll give ignorant users a completely phoney sense of security.
Re: (Score:2)
Re:legal way to opt out (Score:2)
I'm pondering ways to designate my unique set of clicks to be a copyrighted work. Then we can let those beautiful new CopyTerror laws in a tasty case of the Law of Unexpected Consequences.
Actually, I'd really like to see a fight between the **aa and the web tracking industries. Anyone know how much $ value the "4th parties" (not Google) together combine into vs Big Media?
Re: (Score:3)
IE 9 and Safari both support disabling third-party cookies. Safari does it by default; I'm not sure about IE 9.
The "Do Not Track" option mentioned in the article is an additional header that depends on advertisers honouring it. However, if supported, this mechanism works as a global "opt out" system, where the user does not have to take any action per site.
Google, on the other hand, is trying to promote a mechanism that collects all "Opt-Out" cookies and persists them in a sort of "super cookie." In esse
Re: (Score:1)
Re: (Score:2)
Your right, why should Google implement such a feature in Chrome when they know they are just going to ignore it ? If only there were some way they could convince themselves.
Re: (Score:2)
They could start by disabling the HTTP Referrer header.
I think most people are completely unaware that they are being tracked by it.
Re: (Score:2)
Do any of these "Do Not Track" buttons in browsers actually do anything useful, like disable third-party cookies
If I understand correctly, the only one that does the feature right [nwsource.com] is IE (see also here [betanews.com]). IE allows blacklisting of tracker sites; the lists can be built and distributed by external groups, like consumer organizations. To access the sites in the list, you have to type its address in the address box explicitly, otherwise IE9 will just not go to any of the tracking sites at all. All other browsers still follow links to tracking sites, but ask them nicely to please please not track them. With IE9 the trackers
Nice idea, but worthless in practice (Score:3)
Namely, the real abusers of our privacy don't give a damn about what we want. And don't think that only includes the likes of Ralsky - Every single company that thinks they can get away with harvesting your data by using a "third party affiliate" or offshore host, will do whatever they can get away with.
We have one, and only one, means of maintaining our privacy online - Lie, lie, lie, lie, lie. Filter your response headers, never use your real name, address, phone number, or even your real dog's name as the answer to a site's security questions.
Re: (Score:2)
And, the governments will happily buy it from those 3rd parties as well since it lets them get around any restrictions on them actually gathering it themselves -- I seem to recall a story a couple of years ago where the CIA did exactly that to get around some legalities around domestic spying. Because, if it's capitalism it can't be violat
Re: (Score:1)
So the answer to all your security questions is "Polly"?
Re: (Score:2)
I'm glad it's optional (Score:1)
You see, I like to go and visit porn sites and then Evangelical Christian sites and then pot legalization sites and then pro-gay marriage sites and then back.
I'm hoping the social conservatives will see and think, "Hey! Our flock likes gay marriage, porn and pot. We better get behind the legalization of pot or we'll lose our worshipers!"
Or they'll think I'm just Republican Congressman.
That's what I tell myself anyway. ..
Re: (Score:2)
You see, I like to go and visit porn sites and then Evangelical Christian sites and then pot legalization sites and then pro-gay marriage sites and then back.
I'm hoping the social conservatives will see and think, "Hey! Our flock likes gay marriage, porn and pot. We better get behind the legalization of pot or we'll lose our worshipers!"
Or they'll think I'm just Republican Congressman.
That's what I tell myself anyway. ..
It's okay, you can tell it as it really is - when I'm stoned, I think that Jesus is kinda cute, too. ~
Chrome already supports "Don't be evil" (Score:1)
Re:Chrome already supports "Don't be evil" (Score:4, Informative)
Actually, Chrome supports "Don't be (too) evil": It uses a "super cookie" to persist opt-out cookies. That allows subtle tracking (since the user has to actively opt out of sites, implying that he visited them) without actually tracking you, as you suggested.
Safari, Mozilla, and IE9 support a blanket "do not track me" header, that gives away no information about your browsing, other than the fact that you do not want to be tracked.
-dZ.
i develop for browsers (Score:5, Interesting)
so i have ie, firefox, chrome, safari, and opera always installed on every one of my machines (work/ mobile/ home)
sometimes i'll randomly launch browsers just to get a feel for the user experience ("___ is not your default browser, would like to make..." ad infinitum). i'm sure if slashdot data mined the HTTP_USER_AGENT server variable attached to user circletimessquare they'd see an odd 5 piece pie chart
but after reading this post, i foresee the chrome pie piece experiencing a significant decrease in size
c'mon google, what the fuck
and this is why competition works. if only ie dominated, as in years past, there's be little or no pressure to introduce this feature. honest fair competition (in a well-regulated marketplace) means the consumer wins
one final aside: i love opera. that's one scrappy browser. they always seem to have the most exotic features that leave your mind excited rather than eye-rolling (like bit torrent support baked in). supporting opera, unfortunately, is an afterthought in most browser development projects i've been attached to, and in the past, it suffered from the same hijinks as ie6/7 which left you angry at it and resentful (not so much anymore). but i've always tried to support opera. and its not just sentimental love for the underdog, opera is a really good browser, you should try it (no i'm not affiliated with them in any way). i believe its hot in nordic countries (which makes sense, since its from there) and eastern europe
Re: (Score:2)
Their core business is online advertising. You really expect them to make a browser that limits online advertising? Before they start losing market share to browsers that do have it?
Re: (Score:2)
Yeah. I love Chrome, but if Google doesn't bite the bullet and respect users' wishes for even a flag request for privacy... they can fuck off. I'll switch to Firefox in a heartbeat.
Re: (Score:1)
Re: (Score:2)
Re: (Score:1)
Re: (Score:1)
so i have ie, firefox, chrome, safari, and opera always installed on every one of my machines (work/ mobile/ home)
sometimes i'll randomly launch browsers just to get a feel for the user experience ("___ is not your default browser, would like to make..." ad infinitum).
Can't you bother to check the don't ask me again checkbox?
but after reading this post, i foresee the chrome pie piece experiencing a significant decrease in size
I think that you are overestimating the knowledge and privacy concerns that the average user has.
Re: (Score:2)
informative comment, thanks. my impression of opera as nordic centric i guess is historical. and i double-checked, your comment is wikipedia-approved:
http://en.wikipedia.org/wiki/Opera_(web_browser) [wikipedia.org]
Re: (Score:2)
Really? You think that the Chrome market share will drop because Google doesn't include a checkbox that makes the browser get on its knees and beg the other end of the line not to track you? In a related note I suppose you also think laws banning spam were the reason the internet is now spam free .... oh wait.
Seriously I'm all supportive of a vote with your wallet approach to companies screwing the users, however the fact that you think that this entirely and completely useless feature in any way will have
Re: (Score:2)
mod parent up: informative/ insightful
Re: (Score:2)
this is some sort of subculture war i'm not familiar with. link? (work safe link please)
Re: (Score:1)
you're an idiot.
Re: (Score:1)
i feel like i'm sitting in starbucks witnessing a fistfight spill over from the s&m club next door
Re: (Score:2)
don't worry, i have no party in this fistfight. happy browsing and happy brawling
Re: (Score:2)
Opera is cool, unfortunately it is currently broken on OSX, I cannot access any sites that have IPV6 AAAA-record cause Opera tries to use IPV6 even though I have disabled IPV6. Hoping that next version fixes this, I can stop launching Safari to access those few sites that won't open now on Opera.
Re: (Score:2)
Yes, I've made bug reports on them all. And after posting that comment Opera wanted to update itself and voila, the bugs are gone. Way to go Opera! Now I can again use just one browser.
Re: (Score:1)
this is the problem with negativity and cynicism. assuming you really think like this, and accept it, you are accepting slavery
i'm a free man. as such, i am positive and optimistic. which is the cause and which is the effect?
it is my assertion that the attitude creates the reality. the proof of your cynicism is the life you lead... which is because of your cynicism. your cynicism is a cause, not an effect. your psychological makeup predisposes you to a fate of slavery or freedom. freedom is the realm of the
Google Analytics (Score:3)
Since Google Analytics seems to be on about every website in the known world these days, it hardly surprises me that Google would be reluctant to support this. Wouldn't this feature essentially cripple it?
Re:Google Analytics (Score:4, Interesting)
You'd be surprised to know that Safari disables third-party cookies by default, with the presumption that they are used mostly by advertisers. This is irrespective of the legitimate uses of third-party cookies, however few they may be.
I can clearly imagine Apple enabling the "Do Not Track" feature by default, seeing that there is no other context for it than to protect the user from tracking by advertisers.
-dZ.
Re: (Score:1)
That is a good point. I never understood why Microsoft didn't release IE9 with massive ad blocking capabilities. They aren't in the ad-based revenue world, and have a genuine advantage and can build something that benefits customers and harms Google's grip on the internet. And really, the same can be applied to Apple as well... I know they released a "Reader" program that eliminates ads... enabling DNT by default would be another good choice for them. Instead it feels like a lot of times they just play
Re: (Score:2)
I never understood why Microsoft didn't release IE9 with massive ad blocking capabilities.
It's there [liveside.net], it's just not advertised as such. But in practice it's the same idea as AdBlock, subscribe to a blacklist maintained by someone out there and see the ads vanish.
They aren't in the ad-based revenue world
Microsoft's online advertising services are, of course, not as big as Google, but they're fairly big. Read this [microsoftadvertising.com] for the official take on how it stacks up vis-a-vis the aforementioned IE9 feature.
Re: (Score:2)
* Blocks web bugs
What?
* Disables loading of tracking ads
How? Magic? How do you work out which ads are tracking?
* Spoofs the referrer to be the root of the domain being visited
Possible yes. Useful? Not really.
* Changes your default search engine off google and onto one that doesn't log your searches
All search engines log searches, its how they get feedback.
Re: (Score:2)
Blocking all advertisments is kinda unethical.
Certain websites offer you free content, don't try anything nasty, and the least you can do is try to let them scrape some money which you're not paying for.
Yes I agree that when you end up with giant half-page "POP IN THE MIDDLE OF THE SCREEN" flash ads its kinda overdoing it...
Web bugs are again hard to find to remove. Blacklisting doesn't really work for long.
Re: (Score:2)
Blocking all advertisments is kinda unethical.
Certain websites offer you free content, don't try anything nasty, and the least you can do is try to let them scrape some money which you're not paying for.
Yes I agree that when you end up with giant half-page "POP IN THE MIDDLE OF THE SCREEN" flash ads its kinda overdoing it...
Web bugs are again hard to find to remove. Blacklisting doesn't really work for long.
It's not unethical. They can't force you to look at ads or pay attention to them and they can't force you to load them at all. Do you consider going to the bathroom during a commercial break to be unethical ?
Re: (Score:2)
You can't use the same metaphor because the tv station gets paid for showing the commerical break, regardless of how many people are watching it or urinating or whatever - and getting ratings for those is difficult, so the advertiser never gets to know.
If of course there was some magical technology available for everyone which would remove all commercials, then I would expect my favourite channel to suffer for it, and would be unethical.
Re: (Score:2)
If you follow that reasoning it would be unethical to not click on every advertisement a website serves up because they are most likely pay-per-click. In fact you are advocating killing the DVR, which also allows you to skip ads. This isn't new of course ABC [adjab.com] tried the same thing a while back.
Re: (Score:1)
Re: (Score:2)
If you can still post to Facebook then you aren't drunk enough.
Malicious bit next? (Score:2)
Re: (Score:2)
They already almost have.
Think about the idea of individual page elements of a webpage needing security certificates. If a page contains elements that are not certified as "original copyright holder" then any use of that page would be malicious. (Pending new law from congress discussing "unauthorized data serving" even when not copied per se (ignoring cache)).
Involved Closely? (Score:1)
"Google states that they 'will continue to be involved closely' with industry discussions about compliance with the do-not-track system."
Of course that's so they know what they need to do to make it not work.
So How's That Do Not Spam List Working For Ya? (Score:2)
And you keep pushing and pushing, and sites like Facebook will start throwing up warnings about how crappy yo
Re: (Score:1)
This isn't to stop identity theft, it is to keep advertisers from tracking you.
Safari "Private Browsing" + Ghostery (Score:1)
Firefox ... (Score:1)
Google states that they 'will continue to be involved closely' with industry discussions about compliance with the do-not-track system.
Who else can smell the methane coming off of this obvious political statement? Talk about side-stepping to avoid making a comment. This is why I use Firefox. No fud, community supported, rock solid.