Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Privacy The Internet Your Rights Online

Tynt Insight Is Watching You Cut and Paste 495

Posted by timothy
from the peeking-at-your-poke dept.
jerryasher writes "In recent weeks I've noticed that when I copy and paste text from Wired and other websites, the pasted text has had the URL of the original website appended to it. Cool, and utterly annoying, and how do I make that stop? Tynt Insight is a piece of Javascript that sends what you copy to Tynt's webservers and adds the backlinks. Tynt calls that a service for the site owner, many people call that a privacy invasion. Worse, there are some reports that it sends not just what you copy, but everything you select. And Tynt provides no opt outs. Not cookie-based, not IP-based, but stop-it-you-creeps-angry-phone-call-based. It ain't a pure useful service, and it ain't a pure privacy invasion. But I sure wish they'd go away or have had the decency never to start up in the first place. I block it on Firefox with Ghostery."
This discussion has been archived. No new comments can be posted.

Tynt Insight Is Watching You Cut and Paste

Comments Filter:
  • by DarkOx (621550) on Thursday January 14, 2010 @01:35PM (#30768160) Journal

    If its just J/S it must be useing the browser to get or post the information back to their web server. Figure out what there net block is and black configure your firewall to send you a nice reset packet anytime your box tries to hit it.

  • Scripting? (Score:3, Interesting)

    by Nexzus (673421) on Thursday January 14, 2010 @01:35PM (#30768180)

    Probably uses the script onmousedown or onselect events for the page. So don't allow scripting for that site, and you should be fine.

  • This can be done by overloading the Ctrl+c keypress event, etc.

    Then from there, you can get the selection...

    I got you.

  • Snopes (Score:2, Interesting)

    by Itninja (937614) on Thursday January 14, 2010 @01:39PM (#30768258) Homepage
    Snopes was (is?) using java to prevent site viewers from right-clicking and selecting text at all (not to mention using java to present copious pop-up and pop-under ads). I had no idea until I was watching a friend go to Snopes in a browser without NoScript running. Showed him how to user get NoScript and now he is free to copy/paste text with impunity!
  • Habits (Score:5, Interesting)

    by Hatta (162192) on Thursday January 14, 2010 @01:40PM (#30768272) Journal

    I have a habit of repeatedly selecting and deselecting text as I read it. I probably selected the story blurb here 10 times while reading it. It would be hard for them to mine that data for anything useful. Not that I run strange javascript anyway.

  • by rhsanborn (773855) on Thursday January 14, 2010 @01:40PM (#30768280)
    Is anyone else half-tempted to write a script to post back random text from Pride and Prejudice, or something to that effect?
  • Re:use noscript! (Score:2, Interesting)

    by Montezumaa (1674080) on Thursday January 14, 2010 @01:41PM (#30768290)

    I read their website, and it looks like they offer a program for users to install. Is this what the article is referring to, or are webmaster running a script to allow Tynt Insight to track what I copy and paste, irrespective of whether or not I install Tynt's program? If it is the former, then do not install the damned program. This is just like the whole social-networking sites and people bitching about privacy.

    If it is the latter, then install No-Script(which everyone should have) and block the shit out of Tyrant....err, Tynt. I have No-Script running because I was tired of Google tracking my every move, along with the other tracking site.

  • by gmueckl (950314) on Thursday January 14, 2010 @01:44PM (#30768360)

    The URL appending when cutting and pasting is easily defeated by pasting using the middle mouse button. That script still sends selection information, though. Can anybody tell me what this data is collected for? I don't see any value in it.

  • Re:Habits (Score:5, Interesting)

    by LMacG (118321) on Thursday January 14, 2010 @01:45PM (#30768370) Journal

    I'm a "highlight while reading" guy too. That's what first made me notice Tynt, and that's what made me swich back to Firefox (w/ NoScript) from Chrome.

  • by eldavojohn (898314) * <eldavojohnNO@SPAMgmail.com> on Thursday January 14, 2010 @01:50PM (#30768448) Journal
    I can't get it to work when I copy paste from Wired (must be something with my setup and javascript) but I will make the unpopular statement of saying that 1) you are copying and pasting Wired's content and 2) as early as high school I was taught that if I was copying information verbatim, I had better have some sort of reference (MLA preferred [cornell.edu]).

    Now, on Slashdot I drop in a link on some text like just did up there. But if I'm quoting it, I'll throw in a quote block and lead up to who said it and call it a day. Now, let's imagine a world where all that was automated when you copied something and the text you copied came with XML metadata saying all the things like where you got it, when you got it, who wrote it, etc. That could potentially be pretty useful. If you think of the web as actual works belonging to people then you can start to see how legitimately referencing other works could be made a lot easier with stuff like this. And maybe text editors could have plugins to digest it?

    Unfortunately the submitter and editor of this site seem to cry privacy violation at any attempt to move past the wild wild west anything goes attitude of the world wide web. That's fine as this has an element of privacy concerns what with the phoning home. But please consider the issue from Wired's side, from the side of the author and content creators. They might just trying to help us with what we were taught in school.

    Lastly, I would like to point out that another solution aside from Ghostery or Noscript is just to not use Wired's site at all. Vote with your feet and bring your eyeballs elsewhere for pageviews and adclicks. I'm sure Wired's not losing a whole lot of adclicks if you do.
  • Trolls? (Score:5, Interesting)

    by jgtg32a (1173373) on Thursday January 14, 2010 @01:53PM (#30768510)

    Does Tynt have multiple /. accounts or something? I've never seen so many posts marked Troll

  • by Nerdfest (867930) on Thursday January 14, 2010 @01:55PM (#30768552)
    Many password storage utilities use the paste buffer to keep you from needing to type the password, although the good ones will blank it out after a short period of time. This has the potential for some fairly serious abuse.
  • Re:Habits (Score:4, Interesting)

    by Mikkeles (698461) on Thursday January 14, 2010 @02:02PM (#30768690)

    Probably Derek Ball [tynt.com]

  • Re:Trolls? (Score:5, Interesting)

    by TyntGuy (1721234) on Thursday January 14, 2010 @02:14PM (#30768844)
    We're not a big company, and I can tell you I'm the only Tynt guy commenting here. Derek
  • Re:use noscript! (Score:4, Interesting)

    by c0d3g33k (102699) on Thursday January 14, 2010 @02:14PM (#30768854)

    I actually have both installed, and haven't noticed any adverse effects or conflicts. NoScript handles the "selectively allow this", while Ghostery tells me about web bugs and such, and lets me identify the JS and urls, as you point out. Ghostery seems to stay out of the way quite nicely, while NoScript does the heavy lifting.

  • by vnaughtdeltat (1167485) on Thursday January 14, 2010 @02:23PM (#30769032)
    I have this terrible habit of double-clicking on text when I'm reading it, which selects it every couple of seconds. If more people did this maybe we could overload their servers.
  • Re:use noscript! (Score:5, Interesting)

    by izomiac (815208) on Thursday January 14, 2010 @02:24PM (#30769054) Homepage
    As a poster above mentioned, allowing 2nd level domains is a good trade off between security and convenience. Before I used NoScript I blocked external scripts using a proxy filter for years, and it's only been in the past couple that I've bothered whitelisting anything. Basically, a few APIs (e.g. Google's) and some oddly configured sites that use multiple 1st level domains are about it. Other than those, it is quite rare for a script from an external host to be something that is beneficial for the user. Usually they're ads, stat counters, or something flashy and annoying. This will get you into trouble with some shopping sites though, like Pizza Hut's where I wasn't sure if my order was placed or not, and didn't want to refresh and possible order another pizza. So I whitelisted "https://*", and that seems to work well.
  • The simple fix I use is to Ctrl-U/View source and copy from that window.

    I've seen one lyric site that thwarts this by encoding every character of each song's lyrics as a numeric character reference (for example, &#104;&#101;&#108;&#108;&#111; for hello). It expands the size of the markup, but for one thing, that's what mod_gzip is for, and for another thing, obfuscation of View Source makes it that much easier for sites to keep their licenses from the music publishers.

  • Re:NoScript (Score:4, Interesting)

    by apoc.famine (621563) <.apoc.famine. .at. .gmail.com.> on Thursday January 14, 2010 @02:49PM (#30769524) Homepage Journal

    It's interesting how transparent NoScript is on the pages I visit often, and how much it complains about sites I don't visit often. It's an extra irritation, definitely. But when you watch someone browsing without it, you get a damn good refresher on why you use it.
     
    I'm blown away by the amount of abuse that most people put up with from scripts. It's mind-boggling to me. I put up with exactly one bit of abuse - sometimes I have to reload a page a time or two as I selectively enable scripts to get to the content I want. I'd rather not do that, but it sure beats the alternative.

  • Re:NoScript (Score:3, Interesting)

    by Jah-Wren Ryel (80510) on Thursday January 14, 2010 @03:00PM (#30769690)

    until i find a subscribable whitelist (ala AdblockPlus's blacklist) I won't use it.

    I don't want to go through the trouble of adding every known benign site to my white list.

    I find that the web is remarkably useful without javascript. There are a handful of sites that absolutely require it, but 99% of the time, I don't need javascript to get by. For example, my white list is limited to:

    my high school's alumni site
    my banks' websites
    bing.com - for the maps only
    google.com - for maps and voice only, not search
    youtube
    addons.mozilla.org

    Occasionally I'll make use of the "enable javascript on this site temporarily" but for the most part that's rare (like if I'm shopping at newegg)

    I will admit, that on occasion I will give up on a website because it doesn't work without javascript. But there are almost always alternatives that fit the bill and do work just fine.

  • by Jah-Wren Ryel (80510) on Thursday January 14, 2010 @03:05PM (#30769752)

    I'm totally the opposite. If I think their entire reason for existence is privacy invasion, I block the entire site e.g. "tynt.com" - because you never know when they are going to add more stuff to their arsenal, so I prefer to take them out completely by just specifying their top level domain. It has never been a problem in the ~7 years or so that I've been doing it.

  • Re:in Opera... (Score:4, Interesting)

    by Sparr0 (451780) <sparr0@gmail.com> on Thursday January 14, 2010 @04:03PM (#30770676) Homepage Journal

    I maintain public and private maps for a number of businesses, organizations, and events. I submit map data corrections both directly to google and previously to their map data providers on a weekly basis. I regularly use their walking directions and topographic maps to plan bicycle treks. I have implemented multiple business and gaming oriented applications including or built around the maps API. I am a Google Maps power-user...

    And I never knew that there was right click functionality on the main maps interface. When I right click, I get the normal right-click-on-an-image context menu (View Image, Copy Image, Copy Image Location, Save Image, etc). What does that menu do for you? In what way is the site broken without it?

  • by icebike (68054) on Thursday January 14, 2010 @04:05PM (#30770732)

    That is a losing battle. You can't keep up.

    I use OpenDNS as my upstream DNS server. Even on a free account you can set up block lists which can kill off a LOT of those nasty word tag thingies that underline specific words and pop up things as your mouse crosses the word.

    I can't be sure that it will block tynt.com (yet) but I've already added it to my block list which includes (and works perfectly for) many of the other annoyances:

    chitika.net
    contextweb.com
    intellitxt.com
    kontera.com
    optmd.com
    tribalfusion.com
    vibrantmedia.com
    tynt.com

  • by Ant P. (974313) on Thursday January 14, 2010 @06:41PM (#30772864) Homepage

    if you don't want to view wired's website under wired's conditions, then don't visit their website.

    Where in Wired's conditions [wired.com] or privacy policy [wired.com] do I agree to let them track which text I copy and paste off their site? Come on, you should have this answer since you're the one bringing it up.

When you don't know what you are doing, do it neatly.

Working...