Discussion:
[Link Posting] How Smart TVs in Millions of U.S. Homes Track More Than What's on Tonight
Add Reply
Rich
2018-07-05 15:10:16 UTC
Reply
Permalink
Raw Message
####################################################################
# ATTENTION: This post is a reference to a website. The poster of #
# this Usenet article is not the author of the referenced website. #
####################################################################

<URL:https://mobile.nytimes.com/2018/07/05/business/media/tv-viewer-trac
king.html>
The growing concern over online data and user privacy has been focused
on tech giants like Facebook and devices like smartphones. But people's
data is also increasingly being vacuumed right out of their living rooms
via their televisions, sometimes without their knowledge.
In recent years, data companies have harnessed new technology to
immediately identify what people are watching on internet-connected TVs,
then using that information to send targeted advertisements to other
devices in their homes. Marketers, forever hungry to get their products
in front of the people most likely to buy them, have eagerly embraced
such practices. But the companies watching what people watch have also
faced scrutiny from regulators and privacy advocates over how
transparent they are being with users.
Samba TV is one of the bigger companies that track viewer information to
make personalized show recommendations. The company said it collected
viewing data from 13.5 million smart TVs in the United States, and it
has raised $40 million in venture funding from investors including Time
Warner , the cable operator Liberty Global and the billionaire Mark
Cuban.
Samba TV has struck deals with roughly a dozen TV brands - including
Sony, Sharp, TCL and Philips - to place its software on certain sets.
When people set up their TVs, a screen urges them to enable a service
called Samba Interactive TV, saying it recommends shows and provides
special offers "by cleverly recognizing onscreen content." But the
screen, which contains the enable button, does not detail how much
information Samba TV collects to make those recommendations.
Samba TV declined to provide recent statistics, but one of its
executives said at the end of 2016 that more than 90 percent of people
opted in.
Once enabled, Samba TV can track nearly everything that appears on the
TV on a second-by-second basis, essentially reading pixels to identify
network shows and ads, as well as programs on Netflix and HBO and even
video games played on the TV. Samba TV has even offered advertisers the
ability to base their targeting on whether people watch conservative or
liberal media outlets and which party's presidential debate they
watched.
...
Huge
2018-07-05 19:48:24 UTC
Reply
Permalink
Raw Message
Post by Rich
####################################################################
# ATTENTION: This post is a reference to a website. The poster of #
# this Usenet article is not the author of the referenced website. #
####################################################################
<URL:https://mobile.nytimes.com/2018/07/05/business/media/tv-viewer-trac
king.html>
Fortunately, I don't have Samba TV installed, and my Samdung [sic] TV is heavily firewalled to stop it doing more-or-less everything.
--
I don't have an attitude problem. If you have a problem with my
attitude, that's your problem.
RS Wood
2018-07-06 16:15:57 UTC
Reply
Permalink
Raw Message
On 5 Jul 2018 19:48:24 GMT
Post by Huge
Fortunately, I don't have Samba TV installed, and my Samdung [sic] TV is heavily firewalled to stop it doing more-or-less everything.
Time to start systematically avoiding anything with the word "smart" in
it - the assumption is, "smart enough to fuck the consumer."

How do you firewall your Samdung? Assign it a static IP and then
filter all outgoing requests?

I'm running a Pi-Hole which blocks most tracking sites, but it wouldn't
be smart enough to block a Samsung internal address, unless I
specifically added it to the black list, I'd think. Going to have to
look into it.

Was just reading that Reddit has now instituted session replay tracking
scripts. Time to block that at the router. Fuckers.
Huge
2018-07-06 16:26:27 UTC
Reply
Permalink
Raw Message
Post by RS Wood
On 5 Jul 2018 19:48:24 GMT
Post by Huge
Fortunately, I don't have Samba TV installed, and my Samdung [sic] TV is heavily firewalled to stop it doing more-or-less everything.
Time to start systematically avoiding anything with the word "smart" in
it
Completely agree. The problem with TVs is it's very hard to buy a dumb
one in the larger sizes.
Post by RS Wood
How do you firewall your Samdung? Assign it a static IP and then
filter all outgoing requests?
Yep. It runs over a (wired) VLAN to my Smoothwall Express which has a
white-list. TBH, I'm still working that bit out. CDNs are a problem ...
Post by RS Wood
I'm running a Pi-Hole which blocks most tracking sites, but it wouldn't
be smart enough to block a Samsung internal address, unless I
specifically added it to the black list, I'd think. Going to have to
look into it.
Was just reading that Reddit has now instituted session replay tracking
scripts. Time to block that at the router. Fuckers.
BTW, if you'd like my (brief pause) 17,500 line hosts file which aliases
out most advertising, tracking, porn popups and cryptocurrency miners,
you're most welcome. If you're comfortable with makefiles, you can have all
the gumph that builds and installs /etc/hosts as well.
--
Today is Boomtime, the 41st day of Confusion in the YOLD 3184
~ Stercus accidit ~
Nyssa
2018-07-06 18:01:54 UTC
Reply
Permalink
Raw Message
Post by Huge
Post by RS Wood
On 5 Jul 2018 19:48:24 GMT
Post by Huge
Fortunately, I don't have Samba TV installed, and my
Samdung [sic] TV is heavily firewalled to stop it doing
more-or-less everything.
Time to start systematically avoiding anything with the
word "smart" in it
Completely agree. The problem with TVs is it's very hard
to buy a dumb one in the larger sizes.
Post by RS Wood
How do you firewall your Samdung? Assign it a static IP
and then filter all outgoing requests?
Yep. It runs over a (wired) VLAN to my Smoothwall Express
which has a white-list. TBH, I'm still working that bit
out. CDNs are a problem ...
Post by RS Wood
I'm running a Pi-Hole which blocks most tracking sites,
but it wouldn't be smart enough to block a Samsung
internal address, unless I
specifically added it to the black list, I'd think.
Going to have to look into it.
Was just reading that Reddit has now instituted session
replay tracking
scripts. Time to block that at the router. Fuckers.
BTW, if you'd like my (brief pause) 17,500 line hosts file
which aliases out most advertising, tracking, porn popups
and cryptocurrency miners, you're most welcome. If you're
comfortable with makefiles, you can have all the gumph
that builds and installs /etc/hosts as well.
If that's a generalized offer to the newsgroup, I'd love
a copy of your hosts file.

I've been building one slooowlly as I find sites that
irritate me for one reason or another, but any clever
additions you might have that I could add should speed
things up over my slow dialup connection at the very
least.

TIA, assuming you don't mind the bother of emailing
a text file attachment.

Nyssa, who is always looking for ways to either speed
up page loads or stick it to evil ad-sters
Huge
2018-07-06 19:02:43 UTC
Reply
Permalink
Raw Message
[34 lines snipped]
Post by Nyssa
Post by Huge
BTW, if you'd like my (brief pause) 17,500 line hosts file
which aliases out most advertising, tracking, porn popups
and cryptocurrency miners, you're most welcome. If you're
comfortable with makefiles, you can have all the gumph
that builds and installs /etc/hosts as well.
If that's a generalized offer to the newsgroup, I'd love
a copy of your hosts file.
Well, it wasn't, but it can be!

Assuming your email address works, you should have mail.
--
Today is Boomtime, the 41st day of Confusion in the YOLD 3184
~ Stercus accidit ~
Sn!pe
2018-07-06 19:10:10 UTC
Reply
Permalink
Raw Message
Post by Huge
[34 lines snipped]
Post by Nyssa
Post by Huge
BTW, if you'd like my (brief pause) 17,500 line hosts file
which aliases out most advertising, tracking, porn popups
and cryptocurrency miners, you're most welcome. If you're
comfortable with makefiles, you can have all the gumph
that builds and installs /etc/hosts as well.
If that's a generalized offer to the newsgroup, I'd love
a copy of your hosts file.
Well, it wasn't, but it can be!
Assuming your email address works, you should have mail.
PMFJI.
Is the group aware of this hosts file?
I use it and it works very well for me.

<http://winhelp2002.mvps.org/hosts.htm>

Being a Mac user, I installed it manually.
--
^Ï^. Sn!pe <***@gmail.com>

My pet rock Gordon just is.
Huge
2018-07-06 19:11:54 UTC
Reply
Permalink
Raw Message
Post by Sn!pe
Post by Huge
[34 lines snipped]
Post by Nyssa
Post by Huge
BTW, if you'd like my (brief pause) 17,500 line hosts file
which aliases out most advertising, tracking, porn popups
and cryptocurrency miners, you're most welcome. If you're
comfortable with makefiles, you can have all the gumph
that builds and installs /etc/hosts as well.
If that's a generalized offer to the newsgroup, I'd love
a copy of your hosts file.
Well, it wasn't, but it can be!
Assuming your email address works, you should have mail.
PMFJI.
Is the group aware of this hosts file?
I use it and it works very well for me.
<http://winhelp2002.mvps.org/hosts.htm>
This is a subset of mine.
--
Today is Boomtime, the 41st day of Confusion in the YOLD 3184
~ Stercus accidit ~
Sn!pe
2018-07-06 19:21:01 UTC
Reply
Permalink
Raw Message
Huge <***@nowhere.much.invalid> wrote:

[...]
Post by Huge
Post by Sn!pe
Is the group aware of this hosts file?
I use it and it works very well for me.
<http://winhelp2002.mvps.org/hosts.htm>
This is a subset of mine.
I'd be pleased to have a copy of yours, Huge,
if you don't mind; email as per .sig
--
^Ï^. Sn!pe <***@gmail.com>

My pet rock Gordon just is.
Huge
2018-07-06 21:29:35 UTC
Reply
Permalink
Raw Message
Post by Sn!pe
[...]
Post by Huge
Post by Sn!pe
Is the group aware of this hosts file?
I use it and it works very well for me.
<http://winhelp2002.mvps.org/hosts.htm>
This is a subset of mine.
I'd be pleased to have a copy of yours, Huge,
if you don't mind; email as per .sig
Done.
--
Today is Boomtime, the 41st day of Confusion in the YOLD 3184
~ Stercus accidit ~
Sn!pe
2018-07-06 21:49:33 UTC
Reply
Permalink
Raw Message
Post by Sn!pe
[...]
Post by Huge
Post by Sn!pe
Is the group aware of this hosts file?
I use it and it works very well for me.
<http://winhelp2002.mvps.org/hosts.htm>
This is a subset of mine.
I'd be pleased to have a copy of yours, Huge,
if you don't mind; email as per .sig
Done.
TYVM
--
^Ï^. Sn!pe <***@gmail.com>

My pet rock Gordon just is.
Nyssa
2018-07-06 22:20:20 UTC
Reply
Permalink
Raw Message
Post by Sn!pe
Post by Huge
[34 lines snipped]
Post by Nyssa
Post by Huge
BTW, if you'd like my (brief pause) 17,500 line hosts
file which aliases out most advertising, tracking,
porn popups and cryptocurrency miners, you're most
welcome. If you're comfortable with makefiles, you can
have all the gumph that builds and installs /etc/hosts
as well.
If that's a generalized offer to the newsgroup, I'd
love a copy of your hosts file.
Well, it wasn't, but it can be!
Assuming your email address works, you should have mail.
PMFJI.
Is the group aware of this hosts file?
I use it and it works very well for me.
<http://winhelp2002.mvps.org/hosts.htm>
Being a Mac user, I installed it manually.
Being a Linux user, I usually install everything manually.

Nyssa, who shuns microsoft, google, twitter, and facebook
among others
Dan Espen
2018-07-07 14:01:32 UTC
Reply
Permalink
Raw Message
Post by Nyssa
Post by Sn!pe
Post by Huge
[34 lines snipped]
Post by Nyssa
Post by Huge
BTW, if you'd like my (brief pause) 17,500 line hosts
file which aliases out most advertising, tracking,
porn popups and cryptocurrency miners, you're most
welcome. If you're comfortable with makefiles, you can
have all the gumph that builds and installs /etc/hosts
as well.
If that's a generalized offer to the newsgroup, I'd
love a copy of your hosts file.
Well, it wasn't, but it can be!
Assuming your email address works, you should have mail.
It would make more sense to send your updates to the
original author of the list. The web site contains
directions.
Post by Nyssa
Post by Sn!pe
PMFJI.
Is the group aware of this hosts file?
I use it and it works very well for me.
<http://winhelp2002.mvps.org/hosts.htm>
Being a Mac user, I installed it manually.
Being a Linux user, I usually install everything manually.
Being a Linux user, I usually automate everything.
In this case this page describes how to do that:

https://www.putorius.net/2012/01/block-unwanted-advertisements-on.html
--
Dan Espen
Huge
2018-07-07 14:13:03 UTC
Reply
Permalink
Raw Message
Post by Dan Espen
Post by Huge
[34 lines snipped]
Post by Nyssa
Post by Huge
BTW, if you'd like my (brief pause) 17,500 line hosts
file which aliases out most advertising, tracking,
porn popups and cryptocurrency miners, you're most
welcome. If you're comfortable with makefiles, you can
have all the gumph that builds and installs /etc/hosts
as well.
If that's a generalized offer to the newsgroup, I'd
love a copy of your hosts file.
Well, it wasn't, but it can be!
Assuming your email address works, you should have mail.
It would make more sense to send your updates to the
original author of the list. The web site contains
directions.
I have no interest in such. Sorry. There are many of these lists, should
I update all the relevant authors? Use my list, or don't, but don't whine
about it.
--
Today is Pungenday, the 42nd day of Confusion in the YOLD 3184
~ Stercus accidit ~
Nyssa
2018-07-06 22:17:42 UTC
Reply
Permalink
Raw Message
Post by Huge
[34 lines snipped]
Post by Nyssa
Post by Huge
BTW, if you'd like my (brief pause) 17,500 line hosts
file which aliases out most advertising, tracking, porn
popups and cryptocurrency miners, you're most welcome.
If you're comfortable with makefiles, you can have all
the gumph that builds and installs /etc/hosts as well.
If that's a generalized offer to the newsgroup, I'd love
a copy of your hosts file.
Well, it wasn't, but it can be!
Assuming your email address works, you should have mail.
It does, and I have it safely downloaded and an extra copy
saved. I will be implementing chunks of it this weekend.

Thanks!

Nyssa, who is always willing to strike back at ads, tracking,
and spammers any way she can
Computer Nerd Kev
2018-07-08 01:18:03 UTC
Reply
Permalink
Raw Message
Post by Huge
Post by RS Wood
On 5 Jul 2018 19:48:24 GMT
Post by Huge
Fortunately, I don't have Samba TV installed, and my Samdung [sic] TV is heavily firewalled to stop it doing more-or-less everything.
Time to start systematically avoiding anything with the word "smart" in
it
Completely agree. The problem with TVs is it's very hard to buy a dumb
one in the larger sizes.
Well I'd be happy to just leave the network cable unplugged and use
a separate device running more trustworthy software. Which is sort
of what I do anyway with my "dumb" TV - although I download batches
of things (mainly from Youtube via youtube-dl) on PC then slowly
wade through them over a week or two. Of course it helps that I'm
mainly just interested in obscure old documentaries (and I'll bet
these suggestions systems wouldn't find as many of those as I can).
Post by Huge
Post by RS Wood
How do you firewall your Samdung? Assign it a static IP and then
filter all outgoing requests?
Yep. It runs over a (wired) VLAN to my Smoothwall Express which has a
white-list. TBH, I'm still working that bit out. CDNs are a problem ...
Post by RS Wood
I'm running a Pi-Hole which blocks most tracking sites, but it wouldn't
be smart enough to block a Samsung internal address, unless I
specifically added it to the black list, I'd think. Going to have to
look into it.
Was just reading that Reddit has now instituted session replay tracking
scripts. Time to block that at the router. Fuckers.
BTW, if you'd like my (brief pause) 17,500 line hosts file which aliases
out most advertising, tracking, porn popups and cryptocurrency miners,
you're most welcome. If you're comfortable with makefiles, you can have all
the gumph that builds and installs /etc/hosts as well.
I just use Noscript - where every script is opt-in. I heard once
that Firefox is (well was, this was years ago (maybe back in the
FF V. 3 era)) inefficient in processing the hosts file and having
a huge one would slow down loading pages. For a similar reason I
don't add permanent exceptions to Noscript for rarely visited
sites (OK, a quick look at the list format/code might soon
convince me that it's a needless worry, but it's not a bad
habit in any case).
--
__ __
#_ < |\| |< _#
Huge
2018-07-08 09:17:14 UTC
Reply
Permalink
Raw Message
Post by Computer Nerd Kev
Post by Huge
Post by RS Wood
On 5 Jul 2018 19:48:24 GMT
Post by Huge
Fortunately, I don't have Samba TV installed, and my Samdung [sic] TV is heavily firewalled to stop it doing more-or-less everything.
Time to start systematically avoiding anything with the word "smart" in
it
Completely agree. The problem with TVs is it's very hard to buy a dumb
one in the larger sizes.
Well I'd be happy to just leave the network cable unplugged and use
a separate device running more trustworthy software.
That's your only choice, really. And what I shall be doing soon anyway,
since the "SMART" (spit) bit of the Samdung is a PoS.
--
Today is Prickle-Prickle, the 43rd day of Confusion in the YOLD 3184
~ Stercus accidit ~
Batchman
2018-07-06 23:48:17 UTC
Reply
Permalink
Raw Message
Post by RS Wood
Was just reading that Reddit has now instituted session replay tracking
scripts. Time to block that at the router. Fuckers.
Could you please expand this snippet please? Links?
RS Wood
2018-07-07 01:45:58 UTC
Reply
Permalink
Raw Message
Post by Batchman
Post by RS Wood
Was just reading that Reddit has now instituted session replay tracking
scripts. Time to block that at the router. Fuckers.
Could you please expand this snippet please? Links?
Sure, read it this morning on hackernews. I used to enjoy Reddit, but I'm
done now. Later, fuckers.

This was the link/story:
https://www.cnbc.com/2018/06/29/how-reddit-plans-to-make-money-through-advertising.html

This is the hackernews thread that ensued:
https://news.ycombinator.com/item?id=17468840

The second comment in (by bionoid, responded to by imglorp) leads us to this
Reddit post:
https://old.reddit.com/r/privacy/comments/8mmybp/psa_the_reddit_redesigned_ui_is_worse_for_privacy/

//--quote

Reddit has been trying to redesign their website to feel more "modern", but
I have noticed that the redesigned UI also features more tracking.

For one, the new UI (and the new userpage) features session replay tracking
everywhere (recording of your mouse movements, keystrokes, and how you
interact with the website), as evident by its use of the mousemove
JavaScript event listener for the entire page. I found out using Luminous
(this isn't an endorsement or ad), which is an extension that detects (and
can block) JavaScript events. The old UI also listens for the mousemove
event but not everywhere (I have only noticed it on the "submit post" page,
but there are probably a few other places), though I'm not sure if this is
due to session replay tracking. I cannot say for certain that the old UI
doesn't have session replay or something similar, but to me it doesn't seem
like it for most pages. Perhaps someone who has investigated this further
can confirm or deny.

Session replay is another form of tracking what you click on (possibly
negating attempts to opt out of "regular" tracking of outbound links), can
be used to fingerprint a user (how the mouse moves), and will negate
attempts to delete posts and comments (for example, ones that accidentally
contain personal information or passwords). Even accidentally pasting
something like a password in a text box will result in the password being
sent to Reddit (and/or a third party) and being stored in plain text. I
don't know how Reddit manages user data internally, but with session
recording it's possible that a Reddit employee playing back a session to
assess user reaction to a new UI update may end up seeing your private
messages or posts in private subreddits simply because it was there when you
interacted with the page.

Also, the Reddit redesign completely breaks without JavaScript enabled, to
the point where you can't click on links or even see the page content.

The old UI is still available to users, either through a setting in your
account or (if you're not logged in) through old.reddit.com. You can also
replace the 'www' part of the URL with 'old' on any Reddit page to get back
to the old UI. I really, really hope they don't remove this.

//--quote
Paul Sture
2018-07-07 08:51:01 UTC
Reply
Permalink
Raw Message
Post by RS Wood
//--quote
Reddit has been trying to redesign their website to feel more "modern", but
I have noticed that the redesigned UI also features more tracking.
For one, the new UI (and the new userpage) features session replay tracking
everywhere (recording of your mouse movements, keystrokes, and how you
interact with the website), as evident by its use of the mousemove
JavaScript event listener for the entire page.
//--quote
The DuckDuckGo blog is currently running a series of articles on privacy.

Here's #4 in the series, regarding browser tracking:

<https://spreadprivacy.com/browser-fingerprinting/>

"The main method used to uniquely identify and track people while
using private browsing is called “browser fingerprinting.” Just as
each person has a unique fingerprint, so does every browser.
Websites can look at version numbers of your browser, the plugins it
uses, and dozens of other points of browser information to create a
unique ID, a browser fingerprint, that can then be used to track you.

Want to see some of the more interesting things that can be used in
browser fingerprinting? Check out the interactive site
ClickClickClick that shows you this information as you interact with
it in real time. It’s spooky!

<https://clickclickclick.click/>

All articles in the series, so far:

#1 Privacy Mythbusting #1: Nobody else cares about privacy! (Umm, yes they do.)
<https://spreadprivacy.com/caring-about-privacy/>

#2 Privacy Mythbusting #2: My password keeps me safe. (Not necessarily!)
<https://spreadprivacy.com/password-safety/>

#3 Privacy Mythbusting #3: Anonymized data is safe, right? (Er, no.)
<https://spreadprivacy.com/data-anonymization/>

#4 Privacy Mythbusting #4: I can’t be identified just by browsing a website. (If only!)
<https://spreadprivacy.com/browser-fingerprinting/>

%5 Privacy Mythbusting #5: I own my personal information. (Not as much as you think.)
<https://spreadprivacy.com/data-sharing/>

#6 Privacy Mythbusting #6: Security equals privacy. (Nope!)
<https://spreadprivacy.com/security-is-not-privacy/>
--
"A professor is one who talks in someone else's sleep."
-- Unix Fortune
Huge
2018-07-07 08:59:13 UTC
Reply
Permalink
Raw Message
On 2018-07-07, Paul Sture <***@sture.ch> wrote:

[31 lines snipped]
Post by Paul Sture
<https://clickclickclick.click/>
See also;

https://panopticlick.eff.org/
--
Today is Pungenday, the 42nd day of Confusion in the YOLD 3184
~ Stercus accidit ~
Marko Rauhamaa
2018-07-07 09:39:26 UTC
Reply
Permalink
Raw Message
Post by Huge
Post by Paul Sture
<https://clickclickclick.click/>
See also;
https://panopticlick.eff.org/
I once heard a story about US submarines during the Cold War. Apparently
the silencing technology got so good that the Soviets could spot a US
submarine by its silence as the ambient noise of the ocean was louder
than the sub.

Similarly, some of us privacy nuts will be unmistakably identified by
our antitracking measures. What would be needed is active spoofing that
seeks to blend in with the majority of consumers without giving out any
real information.


Marko
Huge
2018-07-07 09:48:51 UTC
Reply
Permalink
Raw Message
Post by Marko Rauhamaa
Post by Huge
Post by Paul Sture
<https://clickclickclick.click/>
See also;
https://panopticlick.eff.org/
I once heard a story about US submarines during the Cold War. Apparently
the silencing technology got so good that the Soviets could spot a US
submarine by its silence as the ambient noise of the ocean was louder
than the sub.
Similarly, some of us privacy nuts will be unmistakably identified by
our antitracking measures. What would be needed is active spoofing that
seeks to blend in with the majority of consumers without giving out any
real information.
That's an excellent point.

Except for Samdung TVs. Everyone will just assume they're broken.
--
Today is Pungenday, the 42nd day of Confusion in the YOLD 3184
~ Stercus accidit ~
Batchman
2018-07-07 22:58:20 UTC
Reply
Permalink
Raw Message
Post by Marko Rauhamaa
Similarly, some of us privacy nuts will be unmistakably identified by
our antitracking measures. What would be needed is active spoofing that
seeks to blend in with the majority of consumers without giving out any
real information.
Surely it should be possible to alias (rename) the browser addons? I hope!
Computer Nerd Kev
2018-07-08 01:46:22 UTC
Reply
Permalink
Raw Message
Post by Marko Rauhamaa
Post by Huge
Post by Paul Sture
<https://clickclickclick.click/>
See also;
https://panopticlick.eff.org/
I once heard a story about US submarines during the Cold War. Apparently
the silencing technology got so good that the Soviets could spot a US
submarine by its silence as the ambient noise of the ocean was louder
than the sub.
Similarly, some of us privacy nuts will be unmistakably identified by
our antitracking measures. What would be needed is active spoofing that
seeks to blend in with the majority of consumers without giving out any
real information.
You'd need to anyway if you browsed a wide range of websites because
some won't let you in if they don't like your User-Agent header.
Presumably messing with the scripty identifiers would have similar
consequences too.

Similarly I have Firefox's about:config set so that it won't send
the referrer header. However a couple of sites simply break (with
unintelligible error messages) if you log in (or try to) without
a referrer header. I simply hop in there and change the setting
before visiting them - must look to see if there's an add-on to
do that for me one of these days...

I wonder if HTTPS could give you away too? If you're one of the
few who've set things up so that your browser will only connect
on the latest new super wizz-bang scheme that nobody could
possibly crack until the year infinity, even though many sites
don't support it yet, that could give you away too. To say
nothing of VPNs etc.

It's also worth considering the down sides if everyone started
lying about what software they were using to view sites.
How would you decide what browsers to test a website on,
when to support new features? That's why I have Dillo set
to be truthful about its identity in the User-Agent header
even if some websites might discriminate against it, or
track me by the fact that I'm the only weirdo who uses
it. If I don't even say that I'm using it myself, how can
I complain when they change the website to require features
that it doesn't support?

And I need those complaints! They're my main talking point
when it comes to the web. :)
--
__ __
#_ < |\| |< _#
Ant
2018-07-08 06:31:37 UTC
Reply
Permalink
Raw Message
Post by Computer Nerd Kev
You'd need to anyway if you browsed a wide range of websites because
some won't let you in if they don't like your User-Agent header.
Presumably messing with the scripty identifiers would have similar
consequences too.
Similarly I have Firefox's about:config set so that it won't send
the referrer header. However a couple of sites simply break (with
unintelligible error messages) if you log in (or try to) without
a referrer header. I simply hop in there and change the setting
before visiting them - must look to see if there's an add-on to
do that for me one of these days...
Ditto like Twitter, CalJOBs, etc. :(
--
Quote of the Week: "I got worms! That's what we're going to call it.
We're going to specialize in selling worm farms. You know like ant
farms. What's the matter, a little tense about the flight?" --Lloyd
Christmas (Dumb and Dumber movie)
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\Ant(Dude) @ http://antfarm.home.dhs.org / http://antfarm.ma.cx
/ /\ /\ \ Please nuke ANT if replying by e-mail privately. If credit-
| |o o| | ing, then please kindly use Ant nickname and URL/link.
\ _ /
( )
Paul Sture
2018-07-08 14:04:31 UTC
Reply
Permalink
Raw Message
Post by Huge
[31 lines snipped]
Post by Paul Sture
<https://clickclickclick.click/>
See also;
https://panopticlick.eff.org/
Coincidentally, a couple of days ago I got spam from a site relating to
some very specific hardware that I had visited the day before. I
certainly hadn't given that site my email address, so I suspect some
browser fingerprinting or other tracking mechanism was responsible.

Sigh.
--
"A successful [software] tool is one that was used to do something
undreamed of by its author." -- S. C. Johnson
RS Wood
2018-07-09 01:59:52 UTC
Reply
Permalink
Raw Message
Post by Paul Sture
Post by Huge
[31 lines snipped]
Post by Paul Sture
<https://clickclickclick.click/>
See also;
https://panopticlick.eff.org/
Coincidentally, a couple of days ago I got spam from a site relating to
some very specific hardware that I had visited the day before. I
certainly hadn't given that site my email address, so I suspect some
browser fingerprinting or other tracking mechanism was responsible.
Sigh.
I've had the same experience, including some not-so-appropriate sites
showing up on my work browser. The only way I've found around it is to use
several browsers, dedicating one and one alone to the inappropriate stuff.
I think there are cookie-sharing systems out there where, for example, your
site is sold permission to be aware of Amazon's cookie.

Meanwhile, gopher is over here on port 70. -----> X

Not quite as "rich" an experience. But no tracking. And anyway, these days
"rich experiences" seem to consist of total violation of your privacy in
exchange for multi-megs of javascript downloads for little if any purpose.
Mike Spencer
2018-07-09 04:15:52 UTC
Reply
Permalink
Raw Message
Post by RS Wood
Meanwhile, gopher is over here on port 70. -----> X
Not quite as "rich" an experience. But no tracking. And anyway,
these days "rich experiences" seem to consist of total violation of
your privacy in exchange for multi-megs of javascript downloads for
little if any purpose.
Just so. And serially updating stock images (Bird flu in China? Pic
of a bird. VIP killed in a car accident? Pic of trafic jam.
Discovery at CERN? Pic of woman in lab coat.)

There should be a good comedy movie in showing some ADHD managers
playing with Extremely Kewl interactive web sites who then demand that
all software produced under their direction have a similarly Extremely
Kewl interactive UI.

Nuclear missle launch officer trying to make dancing gophers go
away.

Surgeon in media res trying to click through NASCAR videos that AI
has associated with h{is,er} IP address.

Unit commander under fire waiting for multimeg "patriotic" images of
the Bdelygma in Chief to download before tac info can be retrieved.

You get the idea. Any screenwriter here?
--
Mike Spencer Nova Scotia, Canada
Bob Eager
2018-07-09 08:14:16 UTC
Reply
Permalink
Raw Message
Post by RS Wood
Post by Paul Sture
Coincidentally, a couple of days ago I got spam from a site relating to
some very specific hardware that I had visited the day before. I
certainly hadn't given that site my email address, so I suspect some
browser fingerprinting or other tracking mechanism was responsible.
Sigh.
I've had the same experience, including some not-so-appropriate sites
showing up on my work browser. The only way I've found around it is to
use several browsers, dedicating one and one alone to the inappropriate
stuff. I think there are cookie-sharing systems out there where, for
example, your site is sold permission to be aware of Amazon's cookie.
I find that Ghostery gets rid of most (if not all) of these, although
that isn't applicable for mobile devices.
--
Using UNIX since v6 (1975)...

Use the BIG mirror service in the UK:
http://www.mirrorservice.org
Rich
2018-07-09 11:08:13 UTC
Reply
Permalink
Raw Message
Post by RS Wood
Post by Paul Sture
Post by Huge
[31 lines snipped]
Post by Paul Sture
<https://clickclickclick.click/>
See also;
https://panopticlick.eff.org/
Coincidentally, a couple of days ago I got spam from a site relating
to some very specific hardware that I had visited the day before. I
certainly hadn't given that site my email address, so I suspect some
browser fingerprinting or other tracking mechanism was responsible.
Sigh.
I've had the same experience, including some not-so-appropriate sites
showing up on my work browser. The only way I've found around it is
to use several browsers, dedicating one and one alone to the
inappropriate stuff. I think there are cookie-sharing systems out
there where, for example, your site is sold permission to be aware of
Amazon's cookie.
Much of this tracking is handled by storing third-party cookies in your
browser. Either blocking most cookies outright, or deleting most
quickly (Cookie-AutoDelete
https://github.com/Cookie-AutoDelete/Cookie-AutoDelete) stops most of
this very spooky 'this ad tracked me from site a to b to c' stuff.
Batchman
2018-07-07 22:43:02 UTC
Reply
Permalink
Raw Message
Post by RS Wood
Sure, read it this morning on hackernews. I used to enjoy Reddit, but I'm
done now. Later, fuckers.
https://www.cnbc.com/2018/06/29/how-reddit-plans-to-make-money-through-advertising.html
[SNIP]

THANKS once again! Will have to consider my online dealings with them.
Loading...