Welcome to WebmasterWorld Guest from 54.144.77.26

Forum Moderators: goodroi

Message Too Old, No Replies

Google Bypassing Privacy Settings

This is going to be intrestring

     

bwnbwn

2:54 pm on Feb 17, 2012 (gmt 0)

WebmasterWorld Senior Member bwnbwn is a WebmasterWorld Top Contributor of All Time 5+ Year Member



Google and other advertising companies have been bypassing the privacy settings of millions of people using Apple's Web browser on their iPhones and computers—tracking the Web-browsing habits of people who intended for that kind of monitoring to be blocked

Read more: [foxnews.com...]

travelin cat

8:47 pm on Feb 20, 2012 (gmt 0)

WebmasterWorld Administrator travelin_cat is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Apparently it's happening in IE as well:

When the IE team heard that Google had bypassed user privacy settings on Safari, we asked ourselves a simple question: is Google circumventing the privacy preferences of Internet Explorer users too? We’ve discovered the answer is yes: Google is employing similar methods to get around the default privacy protections in IE and track IE users with cookies.

[blogs.msdn.com...]

graeme_p

1:58 pm on Feb 21, 2012 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month



IE is is a bit different. Google sends an unparseable (human readable, effectively blank as far as the the browser in concerned if it treats in in accordance with the standard) P3P policy. IE then allows cookies.

I think P3P does not really work. IE (by defaut) allows cookies if ANY P3P policy is present, but does not provide any way for humans to view these policies when deciding which sites to accept cookies from (and this seems to be how P3P is intended to be used).

dstiles

9:42 pm on Feb 21, 2012 (gmt 0)

WebmasterWorld Senior Member dstiles is a WebmasterWorld Top Contributor of All Time 5+ Year Member



My reading of the MS analysis and others is that G is (deliberately?) sending a malformed P3P that tricks (at least MSIE) browsers into allowing the cookie. MS is considering rejecting any unrecognised code rather than, as I think the spec suggests, ignoring it.

Actually, it's not clear to me that a P3P cannot be entirely faked. Is there some reason it cannot be?

BeeDeeDubbleU

10:18 pm on Feb 21, 2012 (gmt 0)

WebmasterWorld Senior Member beedeedubbleu is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Ever visited a blog where the comment form shows your facebook user name preloaded and 'use facebook profile' is pre-selected?

For that reason I have started logging out of Facebook and only logging in when I visit. These folks are taking an incredible liberty with our personal info. I am starting to get a bit paranoid about it.

I look forward to the brown stuff hitting the fan on March 1 when this new policy kicks in and the mass media start reporting it.

Scurramunga

5:53 am on Mar 4, 2012 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



(the +1 button, rarely used but always recording data on page load)


And what about the Analytics?
This 35 message thread spans 2 pages: 35