Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Safari Privacy Apple IT Technology

Apple Removes Useless 'Do Not Track' Feature From Latest Beta Versions of Safari (macrumors.com) 137

In the release notes for Safari 12.1, the new version of Apple's browser installed in iOS 12.2, Apple says that it is removing support for the "Do Not Track" feature, which is now outdated. From a news writeup: "Removed support for the expired Do Not Track standard to prevent potential use as a fingerprinting variable," the release note reads. The same feature was also removed from Safari Technology Preview today, Apple's experimental macOS browser, and it is not present in the macOS 10.14.4 betas. According to Apple, Do Not Track is "expired" and support is being eliminated to prevent its use as, ironically, a fingerprinting variable for tracking purposes. It is entirely up to the advertising companies to comply with the "Do Not Track" messaging, and it has no actual function beyond broadcasting a user preference.
This discussion has been archived. No new comments can be posted.

Apple Removes Useless 'Do Not Track' Feature From Latest Beta Versions of Safari

Comments Filter:
  • Naive (Score:4, Insightful)

    by orev ( 71566 ) on Thursday February 07, 2019 @09:46AM (#58083730)
    It was always a naive solution put forth by idealistic technologists. Did we really expect the ad companies who are already abusing data collection to the fullest extent possible to stop doing it (and go out of business) simply because you asked them nicely using an obscure setting in the browser?
    • Re: (Score:2, Informative)

      It was always a naive solution put forth by idealistic technologists.

      No it wasn't. It was a reasonable solution that was intentionally sabotaged by Microsoft.

      "Do Not Track" was supposed to represent an affirmative request by the user to not be tracked. But that is not how Microsoft implemented. They turned the flag on for everyone, so that it meant nothing. They intentionally poisoned the concept.

      • Re: (Score:3, Insightful)

        by Sneftel ( 15416 )

        Only by default. If someone wanted to be tracked, they could easily turn the flag off. And if you had to guess, would you say a given user would want to be tracked or not?

        Advertisers aren't automatically entitled to benefit from a user's apathy.

        • Only by default. If someone wanted to be tracked, they could easily turn the flag off.

          Almost nobody is going to do that. Which makes the feature completely useless. Which was Microsoft's intent. They won.

          • Re:Naive (Score:5, Insightful)

            by Sneftel ( 15416 ) on Thursday February 07, 2019 @10:24AM (#58083900)

            No idea what MS's intent was, but what makes the feature completely useless is that it relies on advertisers' cooperation. Are you seriously suggesting that if it had been an opt-out rather than an opt-in, advertisers would have obeyed it? That they would have foregone tracking those people who really really didn't want to be tracked?

            • Are you seriously suggesting that if it had been an opt-out rather than an opt-in, advertisers would have obeyed it?

              It could have evolved into something workable, possibly with legislative backing. But Microsoft prevented that from happening by ensuring it was a complete and utter failure from the very start.

              • by Sneftel ( 15416 )

                The same law that would give DNT legal force could also have exempted browsers that had it on by default. (Just like advertisers could have ignored DNT specifically from IE, a feature that was considered for web servers.) Whether it could have evolved into something workable is debatable, but it's clear that IE wouldn't have been enough to kill the idea outright.

              • It could have evolved into something workable, possibly with legislative backing.

                No one wants to be tracked, so this setting is asinine. If we were going to address this legislatively, then it'd more than likely be all or none (tracking is legal or illegal).

                Just do what you're supposed to do on the internet (don't use it to do illegal stuff), and use an ad-blocker. If you're being tracked, it won't bother you.

                • No one wants to be tracked

                  False. I want to be tracked.

                  Benefits:
                  Tracking makes the internet more responsive to my desires.
                  I see more relevant search results
                  Inputs autofill more accurately.
                  When I see ads they are more likely to be for something I want.
                  When they see I looked at a product, but didn't buy, I may get a better offer later.

                  Downsides:
                  Nothing that I can see.

                  • Ok, let's look at this.

                    Tracking makes the internet more responsive to my desires.

                    I don't even understand what this means. Even pornhub doesn't do this.

                    I see more relevant search results

                    I'm not sure this is true, but you're not sure it is either.

                    Inputs autofill more accurately

                    I feel like you're just reaching for straws here.

                    When I see ads they are more likely to be for something I want

                    OK, this one actually made me laugh. You don't know what you want already?

                    When they see I looked at a product, but didn't buy, I may get a better offer later.

                    I wonder why you think this way. Is it based on experience?

                    Downsides: Nothing that I can see

                    How about this for a silly dream...
                    I'm building a greenhouse to temporarily cover some tropical trees that I grow at home, and I'm doing it on the cheap, using PVC pipes and

                    • by tepples ( 727027 )

                      You don't know what you want already?

                      Correct. Not everybody is already aware of the existence of all products and services that might interest them.

                    • Not everybody is already aware of the existence of all products and services that might interest them.

                      That kind of information belongs in trade publications and the like, the ultimate targeted advertising. It never made any sense to pop up ads to people on unrelated content. It only alienates potential customers. You want your content to be where they will find it if they go looking for it, not to pop up when they're looking for something else.

                    • That kind of information belongs in trade publications and the like, the ultimate targeted advertising.

                      I appreciate what you're trying to say: if you want to see computer-related ads, you'd open a Computer Shopper or the like. But not everybody is already aware of the existence of relevant trade publications. And seeing as not every publication is a trade publication, how would the writing and distribution of publications that aren't trade publications be funded? Paywalls?

                    • Wow, so you enjoy watching TV shows and the commercials. I'm truly envious. But the more I think over this concept, the more it sounds like the beginnings of a hoarder.
                    • I promise I'm not trying to be a dick here. How do you feel about this

                      You're walking in the mall, passing a shoe store. From inside the shoe store, out comes a man that begins to follow you. You go into a candle store, and when you come out, that guy approaches and says, "I'm from $SHOE_STORE and I see you like things that smell good. I'd like to tell you about our fantastic new shoe-inserts that remove foul odors..." He does this at each store that you enter and exit. Now imagine that it's not jus
                    • And seeing as not every publication is a trade publication, how would the writing and distribution of publications that aren't trade publications be funded? Paywalls?

                      Probably. People are blocking ads, so they're going to have to figure out an alternate funding source regardless. I realize I'm ahead of the curve in this, but if I can't view a site through an ad blocker, I just go somewhere else.

                    • by tepples ( 727027 )

                      if I can't view a site through an ad blocker, I just go somewhere else.

                      Occasionally, I've been applying the same policy to featured articles in Slashdot stories. But when I have posted a comment to the story warning other Slashdot users that the article is behind a paywall or incompatible with tracking protection in Firefox or both, such comments have often ended up modded down as "Troll" or the like.

                    • by tepples ( 727027 )

                      Alternate scenario: You walk in the mall, and each store charges $10 admission whether you buy anything in there or not. The admission is good for unlimited return visits within the next 30 days but not good at other stores.

                      Are you cool with that too? Because, to me, it's exactly the same as the paywall scenario that's likely to happen soon after publishers stop tracking users on the internet.

                    • I think you're confusing "tracking", with "ads". Those two aren't the same thing.
                    • I think you're confusing "tracking", with "ads". Those two aren't the same thing.

                      Advertisers suffer from the same confusion. Publishing consultant Oliver von Wersch put it this way: "the common perception in the market is there's no advertising without tracking. Deactivating tracking in the browser is a de facto ad blocker."[1] This is because the revenue for ads based on tracking is three times that for ads not based on tracking.[2]

                      [1] "Mobile ad blocking is becoming a bigger threat" by Lucinda Southern [digiday.com]
                      [2] "An Empirical Analysis of the Value of Information Sharing in the Market for Onl [politico.com]

                  • Well you are in the minority. The rest of us don't want to be tracked, so an opt-in for you would have been a workable solution. A system that intentionally ignores what most people want is NOT a workable solution
              • No it couldn't have. It was designed specifically to prevent anything workable from being implemented as right from the start it was intended to stop the standards bodies and authorities from imposing something that would be meaningful. Ad companies didn't want something effective and the moment it became effective they would all instantly opt out. The whole thing was a fucking scam.
            • Are you seriously suggesting that if it had been an opt-out rather than an opt-in, advertisers would have obeyed it?

              You can tell if someone really believes in the free market by how they position the apathy signal.

              Apathy and free markets simply don't go together: the underlying principle of a free market is that the invisible hand surveys expressed intent, and allocates resources accordingly. When the expressed intent signal goes mute, the invisible hand becomes a hard of hearing invisible hand, with few of

            • Once again Slashdot is predicting the past. And getting mod +5 for incorrectly predicting what "would happen", after it already happened.

              There are two different arguments being made, which somewhat contradict each other. This particular argument contradicts well-established facts.

              It has been said "almost nobody intentionally turned on DNT, as an opt-out". That's true. That's also probably WHY the major advertisers wrote the spec that way and agreed to follow the spec they wrote, an opt-out spec. Since very

        • by Anonymous Coward

          Do not track would only have been useful if trackers were required by law to abide by it. Because it is voluntary on both sides, if we chose to use it. The other side can just ignore it.
          When the trackers noticed this guess what happened. The fact is to them you are not a user, you are a product. The only way we will get our privacy back is if laws force tracking agency's to abide by what we tell them.

        • Advertisers aren't automatically entitled to benefit from a user's apathy.

          To verify just how widespread that apathy is, you need look no further than at who holds a commanding lead in the web browser market.

        • Advertisers aren't automatically entitled to benefit from a user's apathy.

          Advocates aren't automatically entitled to insist they represent the interests of the apathetic.

          Some of us are very passionate about our apathy.

        • Being tracked should always be opt-in!

        • Comment removed based on user account deletion
      • Re:Naive (Score:4, Insightful)

        by orev ( 71566 ) on Thursday February 07, 2019 @10:08AM (#58083824)
        I see we have found one of the aforementioned idealists. It's extremely naive to think that any ad company whose entire business model is suck up as much data as possible is going to honor the user's preference to "please don't track me". It's like asking a hungry bear "please don't eat me". This approach was doomed to failure from the beginning without some very heavy handed regulation and penalties enforced by governments (like DMCA), which of course was never going to happen. As usual in a tech discussion, the focus here is on some completely irrelevant technical detail of some software setting, instead of the actually real causes of the issue, which are the market forces and business realities. Whatever Microsoft set the default to is completely irrelevant; their browser market share is tiny anyway.
        • Re:Naive (Score:5, Interesting)

          by AmiMoJo ( 196126 ) on Thursday February 07, 2019 @11:04AM (#58084132) Homepage Journal

          It was worth doing because now we can say to advertisers "we gave you the opportunity, you blew it, and now you are blocked." Ad blocking gained a lot of legitimacy when advertisers decided that they were going to ignore polite requests.

          • It was worth doing because now we can say to advertisers "we gave you the opportunity, you blew it, and now you are blocked."

            They already had the opportunity to not be assholes, and they blew it by tracking people in the first place. The DNT flag only ever aided fingerprinting, so it was only ever stupid.

          • by AHuxley ( 892839 )
            Browser brands that are ad brands will just pass on their approved ads.
            The need is for an advanced browser that still lets the user block all ads.
        • It's extremely naive to think that any ad company whose entire business model is suck up as much data as possible is going to honor the user's preference to "please don't track me".

          False. Several companies, including Google, initially honored the flag. They only abandoned it in the face of Microsoft's sabotage.

          • Even if it had stayed opt-in, what makes you think they would not have abandoned to honour it as soon as the number of users enabling it became significant ?
          • Google, initially honored the flag

            That doesn't seem true either. All the documents I saw are unanimous in stating Google never [wired.com] honored [tufts.edu] the flag [gizmodo.com], even when they were petitioned [zdnet.com] to do so. And they only came out [google.com] publicly about it last year.
            So, if you can find any proof that Google used to honor DNT, but stopped doing so after it was enabled by default in IE, please post it.

        • by Anonymous Coward

          Having worked for several online advertising companies where I was specifically tasked with implementing (and testing) do not track and opt out, you are wrong. We, and I myself personally implemented code to ensure do-not-track worked. And it did, as well as we could achieve it. We jumped through serious hoops to make the code work as well as possible - users identified as do-not-track or opted out (before do-not-track) were not tracked at all. We actively deleted any history we had if a user set that

      • Definitely Naive (Score:5, Insightful)

        by sjbe ( 173966 ) on Thursday February 07, 2019 @10:40AM (#58083994)

        No it wasn't. It was a reasonable solution that was intentionally sabotaged by Microsoft.

        I'm certainly no fan of Microsoft but come on... It was an absurd and naive idea that never had a prayer of working. WAY too much money at stake and too little oversight for it to ever have had a prayer of working. It could not possibly have worked without being supported by pretty strict laws in the US and EU.

        "Do Not Track" was supposed to represent an affirmative request by the user to not be tracked.

        Are you seriously arguing that it was supposed to be opt-in and that somehow that would have been a good thing? So people who aren't aware of the option should be screwed by default?

        They turned the flag on for everyone, so that it meant nothing. They intentionally poisoned the concept.

        It SHOULD be on by default. But even if it wasn't, it still would be roundly ignored by pretty much every company interested in tracking you. As requests go it was pretty much the equivalent of asking a shark to not eat you while you are bleeding in the water. It was a request and it was entirely predictable it was going to be ignored right from the start.

        • by Ksevio ( 865461 )
          Well it wasn't a great concept to begin with, but the only chance it had of working was if it was uncommon enough. Once MS enabled it for everyone, we were essentially back to before it existed.
          • If a setting that MOST people want would only work when MOST people don't use it then it was broken during design. This was all a con job by google to not have restrictions with actual teeth implemented.
      • Re:Naive (Score:5, Interesting)

        by ChatHuant ( 801522 ) on Thursday February 07, 2019 @01:01PM (#58084822)

        No it wasn't. It was a reasonable solution that was intentionally sabotaged by Microsoft.

        Bullshit. It was absolutely not a reasonable solution, and it was not "sabotaged" by Microsoft. It was a publicity stunt by Google and Mozilla, and its goal was to block the pro-consumer design proposed to the W3C by Microsoft. Briefly, the MS proposal boiled down to something like uBlock/AdBlock built directly into the browser. Google couldn't abide this, so they forced the current DNT design through the W3C standardization committee instead.
        Here are a few reasons why this is not a reasonable, pro-consumer design:
          - there is no way for a consumer to enforce their choice against a non-cooperating tracking site
          - there isn't even a way to confirm whether your DNT request was honored or not
          - there is no way to find out in advance whether a certain site will honor DNT at all
          - it's designed as opt-out by default, which is a cynical ploy to profit from the fact that the majority of consumers aren't very technically knowledgeable. Any privacy-related settings should be opt-in by design
        By making the option default to on in IE, Microsoft exposed the uselessness of the "standard". The subsequent spat raised awareness about how much of a lie Google's DNT is. This is a good thing - lies need to be challenged.
        I previously posted [slashdot.org] some more details on how the alleged standard came to be, with links. I refer you to that post.

      • by Hillie ( 63573 )

        That's like someone who has the gold of Fort Knoxx leaving his door wide open and gold in plain sight and then have a sign saying "Please don't rob me."

        Your rebuttal pretty much proves that it is exactly what orev said it is. Microsoft didn't ruin anything, well besides their OS.

    • by Anonymous Coward

      It was always a naive solution put forth by idealistic technologists.

      No, it was an intentionally broken solution put forward by corporations who wanted to give lip service to privacy but who knew damned well this would be abused and ignored ... it was always meaningless.

      They did this to stave off someone trying to pass laws instead of the bullshit voluntary compliance it always was.

      Did we really expect the ad companies who are already abusing data collection to the fullest extent possible

      Nobody but the comp

    • I never expected advertisers to honor it anyway. Made me wonder why developers didn't take it into their own hands and the browser circumvent tracking on its own... then it dawned on me: because it's supported by ads.

    • If the flag were backed up by laws that severely fined companies who violated it, I would expect most ad companies would respect it. After all, non-tailored ads are still worth something (Superbowl ads were non-tailored and over $10.5 million a minute)

  • by QuietLagoon ( 813062 ) on Thursday February 07, 2019 @10:04AM (#58083808)
    The proper solution to the problem is for the ad companies to abide by it, either voluntarily or by law. By removing it, Apple is telling the ad companies that Apple no longer cares about its users' privacy, and is inviting the ad companies to abuse Apple Safari users even more.
    • They are stating that this setting can actually be used to track you even more; it’s worse than useless, it is in fact detrimental to privacy. They also said they would step up built-in measures that should make tracking harder, which is definitely better than a useless flag.

      • ... They are stating that this setting can actually be used to track you even more; ...

        Using Safari on an Apple OS can be used to track you even more. So what's Apple's point? To stop using Apple products?

    • It would be even better if it detected those ignoring the do not track request and gave you the option to send an incident report to the email address listed on their domain registry. I imagine that would get their attention.

    • by sjbe ( 173966 ) on Thursday February 07, 2019 @11:00AM (#58084116)

      The proper solution to the problem is for the ad companies to abide by it, either voluntarily or by law.

      Ad companies will NEVER voluntarily respect the Do Not Track flag. WAY too much money at stake for that to happen. Seriously, you cannot be so naive as to think it was anything more than a feel good waste of time.

      By removing it, Apple is telling the ad companies that Apple no longer cares about its users' privacy, and is inviting the ad companies to abuse Apple Safari users even more.

      So you think removing an absurd feature that NEVER worked and never could have worked is somehow a bad idea? The only way DNT could possibly have worked is if it were backed up by laws with teeth which were never going to happen. Since it was a voluntary request those wishing to ignore it (for profit or malice) were free to do so legally.

      This isn't Apple caring or not caring about privacy. It's Apple bowing to reality and not wasting resources on a useless feature that never had a prayer of doing what it's proponents hoped would happen. It was a dumb idea from the start and Apple is simply admitting this publicly.

    • by Shotgun ( 30919 )

      No, the proper solution is to record the issue address when receiving a cookie, and only returning the value to that single IP.

    • by AHuxley ( 892839 )
      Lets see what powerful 3rd party ad blocking software will be allowed in the browser.
      Thats the test of a good brand that supports its users.
      Can the users still block ads on their own computers?
  • Not useless.

    With no "Do Not Track" flag, they can say "well, they didn't object".

    With the DNT flag, yeah they can ignore it, but they can't claim that they thought everyone was okay with being tracked.

    • Apple replaced it with the far more effective prevention of cross-site tracking. No one obeyed Do Not Track from the start. Google didn't even abide by it. No one is going to come back and point to Apple's sole use of it as proof that consumers don't care.
      • No one obeyed Do Not Track from the start. Google didn't even abide by it.

        This is where it needed a minor improvement. The browser should put a big warning banner up saying "Warning: This site does not respect your Do Not Track request. It is tracking you against your will.".

        • Slashdot tracks ya (even with Ghostery and other protections). Has that stopped you from coming here?
        • by green1 ( 322787 )

          I'm not really in favour of permanent large warning banners that are on every webpage you go to at all times. This isn't a case of a couple of shady sites ignoring it. this is a case of NOBODY following it.

          Anyone who has ever thought that the server should have control of the interaction between client and server on the open internet is extremely naive, or more likely, malicious. The internet is full of garbage, and the only solution is to give the client more ability to block it. asking the server to be ni

  • I always thought of it like the Do Not Call list. More like, the Do Not Hesitate to Call list.
    • by green1 ( 322787 )

      The Do Not Call list "works". I have noticed a definite drop in calls since putting my number on it. It's not completely successful by any stretch, but it is something. For those people that say it just provides a list of numbers to call, I call BS, the address space of the public telephone network is far too small for companies to care about a list. They just start at the first number and dial to the last. Plus, if they are intending to call people on the list, they're better off not subscribing to the lis

  • Is it too much to ask for Slashdot to not plagiarize the exact headline from the MacRumors article [macrumors.com] they linked to? It's one thing if it's a concise, objective headline and two people may have independently arrived at similar wording, but the original headline is highly editorialized and Slashdot's plagiarism is glaringly obvious.

    • It's a link to that article, why would it not use the same headline? You'll shit your pants when you find the summaries here are lifted directly from the articles too.
  • I'm not a browser developer or anything so I don't know if its possible but how about a do not send option to not send your data in the first place? OK they're going to need your IP so they can send data to you but do they really need to know your browser type/version, os, uptime and god knows whatever else the browser sends them? Send them nothing or send junk data.
    • by ceoyoyo ( 59147 )

      Yeah, random data seems like a great idea. Nobody will do it though, because then they wouldn't be able to measure their browser market share stats....

      Sounds like a great feature for a boutique browser based on webkit or chromium though.

    • Browser fingerprinting has evolved into an artform, and tracking companies don't need javascript, cookies, browser data, font lists or any of that stuff anymore to uniquely identify and track a browser.

      Technologies like e-tag tracking ('cookieless cookies') [lucb1e.com] mean that, unless you disable both disk and memory caching, a website can identify and track you.
    • I would like to see how your pages render when you do that.
      • by green1 ( 322787 )

        On any sane site? exactly the same as they would render otherwise.

        On most of the internet? a horrible mess.

        The whole point to HTML was that the client could be in charge of choosing how to display it, and the server didn't need to care.... long gone are those days...

    • by AHuxley ( 892839 )
      The ad brands work with the sites to build that into the site been visited.
      The site content is the ad, the ad is the site content.
  • by Anonymous Coward

    I've always said from the beginning that Do Not Track was a stupid idea. It's an honour system that relies on honourless people to behave honourably. Please excuse my redundant Canadian usage of vowels. Sorry and all that.

    Now, if I may redeem myself by being a tad rude.

    I blame the EFF. They promoted the crap out of this. At first I was surprised and thought they'd be wiser and smarter than to make such an obvious, naive move. However, I recently learned that they've been abandoning their principles.

  • Websites tracking you and gathering data is nothing new. When I first heard of DNT I recalled the wonderful nothing burger that was P3P. I'm pretty sure that in a few more years we'll have yet another attempt at trying to tell websites to behave for it to go absolutely nowhere. The problem here is that the Internet is ran "by suggestion and recommendation." Now running the web like that has made it wildly successful and to point, the W3's mission is to simply continue purposing, suggesting, and recommen

  • by ledow ( 319597 )

    Was useless from the beginning.

    No different to a Do Not Call list but with zero enforcement.

    Was always doomed to fail.

    I am literally more surprised that somebody BOTHERED to implement it at all.

    • The do-not-call had the force of law behind it. Technically, it still does. There were exceptions made for political oriented phone calls, which is why for awhile those dominated most of the phone spam. Later on just about everything came back to spamming on the phone because there was zero enforcement. The mobile phone used to be the safe place after the land line was overwhelmed with spam, because only the land line showed up in the phone book (ie, if you want a list of people in Des Moines to market to

  • Advertisers will never act honorably. Certainly Facebook never will. Just don't give them the information to begin with.

    • Don't limit this to advertisers and Facebook. Any web site or application or company that relies on advertising for revenue or for getting a sliver more profit is also relinquishing their responsibility to protect their customers. Advertising is not harmless.

If you have a procedure with 10 parameters, you probably missed some.

Working...