Welcome to WebmasterWorld Guest from 54.145.53.251

Forum Moderators: goodroi

Message Too Old, No Replies

Google Bypassing Privacy Settings

This is going to be intrestring

     
2:54 pm on Feb 17, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member bwnbwn is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Oct 25, 2005
posts:3492
votes: 3


Google and other advertising companies have been bypassing the privacy settings of millions of people using Apple's Web browser on their iPhones and computers—tracking the Web-browsing habits of people who intended for that kind of monitoring to be blocked

Read more: [foxnews.com...]
8:47 pm on Feb 20, 2012 (gmt 0)

Moderator from US 

WebmasterWorld Administrator travelin_cat is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 28, 2004
posts: 3115
votes: 2


Apparently it's happening in IE as well:

When the IE team heard that Google had bypassed user privacy settings on Safari, we asked ourselves a simple question: is Google circumventing the privacy preferences of Internet Explorer users too? We’ve discovered the answer is yes: Google is employing similar methods to get around the default privacy protections in IE and track IE users with cookies.

[blogs.msdn.com...]
1:58 pm on Feb 21, 2012 (gmt 0)

Senior Member from LK 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts:2417
votes: 17


IE is is a bit different. Google sends an unparseable (human readable, effectively blank as far as the the browser in concerned if it treats in in accordance with the standard) P3P policy. IE then allows cookies.

I think P3P does not really work. IE (by defaut) allows cookies if ANY P3P policy is present, but does not provide any way for humans to view these policies when deciding which sites to accept cookies from (and this seems to be how P3P is intended to be used).
9:42 pm on Feb 21, 2012 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member dstiles is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:May 14, 2008
posts:3091
votes: 2


My reading of the MS analysis and others is that G is (deliberately?) sending a malformed P3P that tricks (at least MSIE) browsers into allowing the cookie. MS is considering rejecting any unrecognised code rather than, as I think the spec suggests, ignoring it.

Actually, it's not clear to me that a P3P cannot be entirely faked. Is there some reason it cannot be?
10:18 pm on Feb 21, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member beedeedubbleu is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 3, 2004
posts: 6099
votes: 6


Ever visited a blog where the comment form shows your facebook user name preloaded and 'use facebook profile' is pre-selected?

For that reason I have started logging out of Facebook and only logging in when I visit. These folks are taking an incredible liberty with our personal info. I am starting to get a bit paranoid about it.

I look forward to the brown stuff hitting the fan on March 1 when this new policy kicks in and the mass media start reporting it.
5:53 am on Mar 4, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 11, 2006
posts:1492
votes: 0


(the +1 button, rarely used but always recording data on page load)


And what about the Analytics?
This 35 message thread spans 2 pages: 35