MS Wants To Identify All Web Surfers

Moochman writes "New Scientist reports on a technology Microsoft is developing to identify users based on their browsing habits. Quote: 'The software could get its raw information from a number of sources, including a new type of 'cookie' program that records the pages visited. Alternatively, it could use your PC's own cache of web pages, or proxy servers could maintain records of sites visited. So far it can only guess gender and age with any accuracy,' but the aim is to be able to identify name, occupation and location as well. On a related note, The Inquirer reports on Microsoft's plans to widen the use of its identity-verification technology CardSpace, which is built into Windows Vista and available as an add-on to XP. It's being envisioned as an identity solution for the entire internet: says Kim Cameron, pioneer of the technology, 'We feel it has to solve all use cases.' (Aha, so the anonymous use cases, too, eh?) One might ask, with all of this user-ID information on hand, how long will it be until the Feds come knocking on Microsoft's door asking for help? They already have."

Umm

[Richard McBeef]

The computing giant is developing software that could accurately guess your name, age, gender and potentially even your location, by analysing telltale patterns in your web browsing history.

Uh, wouldn't location be the easiest thing to figure out? Yes. The answer is yes.

Re:Umm

[Timesprout]

Yes but it appears that 95% of all male web users are located at www.bigtits.com which obviously of limited use.

Re:Umm

[digitig]

Dang, I like small tits so I'm going to be a cinch to identify :-(

Re:Umm

[ThePromenader]

Right, and just why does Microsoft thinks it has a 'right' to glean our page-viewing habits (an act akin to rummaging our underwear and sock drawers) - perhaps because that those using their software gave it to them? They assume much, but no doubt, once again, the ignorant will fall for it. MS owes its fortune to the latter aspect of their user base, so I don't see how this move is anything new.

If I wanted to identify myself

[Anonymous Coward]

If I wanted to identify myself, I'd do myself, thank you very much!

- Anonymous Coward, and proud of it.

Re:If I wanted to identify myself

[BrokenHalo]

If I wanted to identify myself, I'd do myself, thank you very much!

Well, I would have modded this as insightful rather than funny, but never mind. Microsoft has absolutely no legitimate reason to identify users, so we can only assume the motive to be evil. Yet another good reason (as if we needed one) to run Linux or a Mac...

[sigh...]

Your logic is flawed

[lpq]

Microsoft has no legitimate reason to identify users, so assume motive to be evil. another reason to run Linux or a Mac

Your logic is flawed in multiple ways.

1) legitimate reason: MS is a SW company providing solutions to customers. Big problem online is proving you are who you say you are to a 3rd party. How does a merchant verify I am who I say I am (and that they are not taking on a fraudulent transaction which they will be held responsible for)?
How does bank or stock broker verify it is you

Re:If I wanted to identify myself

[MoreDruid]

lookup of Anonymous Coward:
network statistics
IP address: 127.0.0.1
subnet mask: 255.0.0.0
hostname: linuxboxen
MAC address: BE:EF:BA:BE
gender: mostly male
location: parents' basement
surfing profile: looking for free pr0n

Re:

[Anonymous Brave Guy]

Oh, come on. Everyone knows who you are. You must post more comments on Slashdot than anyone else in the world! There's so much data that identifying you will be easy.

It's clled corporate feudalism

[cicho]

Under corporate feudalism, the corporation has rights by default. Can they do it? Check. Will it make money for them and the shareholders? Check. There are no other questions.

Re:Umm

[HermMunster]

This is probably them fulfilling their obligation for the code they allowed the NSA to incorporate into XP and Vista.

Microsoft can take their ideas and shove them up their asses. What do you think we want Microsoft making these decisions and bringing up these ideas. It is none of their freaking business nor anyone else's if I choose to use the internet.

These people are getting freaking spooky. We really need to shut them down and fast. Stop frigging buying Microsoft products. Protect your security and your privacy by using Linux.

Re:Umm

[RobertM1968]

It's interesting that parent was modded troll, when what he posted was for the most part accurate.

If it is illegal for (spam) companies to glean such information, why would it be legal for Microsoft to gather such info for their own marketing purposes - or those of their affiliates (which broadly covers everyone using Windows Live Search)?

Spam, above is in parenthesis because I am indicating companies, who through similar actions have been considered spam companies.

Though the Linux point may make parent seem like a troll, it too is accurate - and one of the few PC based alternatives... so perhaps to make parent not considered by the over-sensitive on /. a troll, the last paragraph should have read...

These people are getting freaking spooky. We really need to shut them down and fast. Stop frigging buying Microsoft products. Protect your security and your privacy by using Linux, eComStation, MacOSX, or any other OS not from Redmond

.

Though perhaps that too seems like a troll... but the fact is, if MS has it's way, the only other alternative is to not use the Internet - which isnt going to happen... the truth is not a troll post. The only part of his post that may be inaccurate is the part about the NSA - though the government did request such code be installed in Windows, I dont know if anyone actually ever proved such an occurrence happened, and though MS claimed they would not do such a thing (which we've learned means nothing in the real world), there oddly are enough back doors in Windows to make one wonder.

Mod parent up... just my opinion. You dont have to like what someone posts to realize the validity of it.

Re:Umm

[ozmanjusri]

The only part of his post that may be inaccurate is the part about the NSA

It's probably accurate.

From a report back in January;

The National Security Agency has provided assistance to Microsoft and Apple in securing their Windows and Mac OS X operating systems, according to a report published Tuesday.
http://www.homelandstupidity.us/2007/01/09/nsa-pro vided-security-help-for-windows-mac-os-x/ [homelandstupidity.us]

For what it's worth, the SELinux extensions came from the NSA, so they've had a hand in improving security for all the major platforms. Linux is the only one where the code's visible for the paranoid though.

Re:Umm

[TheNetAvenger]

I tend to think this is all overhype, because even if true it isn't something new for tons of companies.

I also find it amazing that the same people that are being so hard on the allegations of what MS is doing are the same ones that for the past year have defended companies like Google for DOING THE EXACT SAME THING, except the Google twist is they have been using FireFox and GMail in addition to searches for tracking people and marketing data. (FireFox users, if you don't already know this, you are stupid.)

Again, tell me why this is a big deal when they accuse MS of doing it, but something to shrug off when Google is doing it, has admitted to doing it, has ties with Firefox to specifically gather data on ALL platforms, and even goes through people's GMail and anyone that sends something to someone using GMail?

This is not to even mention the 1000s of advertising companies that ALREADY do this for every freaking AD on the internet, even here on SlashDot, you are being monitored based on the ADs you click on.

For the GP post, the NSA and Windows Myths are crazy, part of the reason Uncle Sam was pissed at Vista is MS wouldn't make a backdoor for BitLocker, so if you think MS is cooperating with the NSA beyond the standard obligations that OSX and even Linux has complied, you are high.

Besides if the NSA wants information, having a hook inside an OS would be the LEAST effective way of getting it. They could gleam 10 of 1000s of times the data from just monitoring network traffic, which they already do and have done since the 1980s.

And thanks to ignore the Law Bush and Gonzo, the NSA has been doing this with all domestic traffic and voice communications now too without any warrants. If people want to bitch about Big Brother, they should look to Washinton DC, not Washington State.

Re:

[RobertM1968]

Because what MS is claiming on planning to do means they are defining "browser history" as browser history, cache, cached form data, form data and more in order to accumulate the data they are going for. That is a far cry from what Google is doing. In addition, MS has proven they are far less trustworthy than Google and many other companies out there (see numerous lawsuits and anti-trust cases in this and other countries). Also, people opt in to allow Google to have access to their data. MS is making no suc

Re:

[RobertM1968]

Do YOU realize that MS claims they are going to be doing this, it is being developed by MS China

from Microsoft's research lab in Beijing, China

where I am sure the government there is supporting and/or assisting them, and that with MS' ability to control and monitor the OS and IE, these "theoretical algorithms" are in reality far from theoretical.

You act like this is working software already on people's computers without their permission. Geesh.

Working software - yes - in test versions from what the article says - it does indicate they've done enough work on it and studied the results sufficiently to glean a bunch of the information they are alr

Another Alternitive, If I may

[Prototerm]

I neither abandon Microsoft software, nor do I leave myself open to tricks like Microsoft's latest dream of world conquest. I choose a middle ground.

I run the Windows software I cannot or will not replace in a virtual VMWare sandbox with no internet connection (just a local intranet connection). That way, I don't feel the urge to update Windows (I generally use Win2k sp4) or play the old "whack-a-mole" game with viruses and trojans. It's not perfect, and I still use Wine for the occasional Windows game (I d

Re:No

[pluther]

So you're saying they can see you when you're sleeping? And they know when you're awake??

Who thinks of these ideas?

[solevita]

That's always my first question when I see an article like this; who could ever think this was a good idea? Obviously not someone who reads Slashdot.

I don't know how much Microsoft is paying, but it must be alot if people are thinking that such a ridiculous idea makes sense.

Re:Who thinks of these ideas?

[VirusEqualsVeryYes]

They're the same people who think REAL ID is a good thing, the people who think that the trade of some rights to privacy for a little convenience is a good one.

These people exist, just not on Slashdot.

Re:

[Sam Ritchie]

I don't know how much Microsoft is paying...

Bill Gates is going to give everyone who participates a trip to Disneyland at his own expense.

Q: Who thinks of these ideas? A: Google and MS

[AHumbleOpinion]

That's always my first question when I see an article like this; who could ever think this was a good idea? Obviously not someone who reads Slashdot. I don't know how much Microsoft is paying, but it must be alot if people are thinking that such a ridiculous idea makes sense.

This is precisely the sort of thing that Google is working on as well. It is all about targeted advertising, and Microsoft wants to be a provider of targeted advertising like Google. Q. Why did you think that Google offers you free

Re:Who thinks of these ideas?

[QCompson]

who could ever think this was a good idea?

I know this is probably a tired response, but you can instantly make 98% of Americans think this is a good idea if you claim it (A) helps to fight the terrorists, and/or, (B) protects the innocent children from scary online predators.

Re:

[h2_plus_O]

who could ever think this was a good idea?

Anybody who wanted to sell targeted advertising, for one.
Anybody who wanted to sell your information to others, for another.

Yes, the ability to learn more about you than you knew you were disclosing can be used for good or evil, and can be intensely profitable, and it's already been done. Gmail was invitation-based, ingeniously, because it not only gives Google a lot of data to mine, it also provides meta-information on how people are related. Who are the con

Re:Who thinks of these ideas?

[Anonymous Coward]

One of there goals is to have any computer, any where, know you and load all your preferences on demand.

That is ridiculous reasoning! Thumb drives hold Gigabytes of data today. Even more tomorrow. A thumb drive with heavy duty encryption to protect the contents is the best way to take your preferences, files, data, etc. with you.

Personal data devices are more secure, private, load faster (oh boy down load my desktop over the Internet...riiight), can be written to faster, don't go down like the Internet, etc., etc. If you want you can have a backup image on a server, but the image would be encrypted and access would be owned by you.

Kids these days and their centralized computing!

Re:

[amRadioHed]

Not to mention that fact that in order to load your preferences and settings in a random new computer I will need to surf the web for a few hours while MS ID's my web habits. No thanks, I think I'll stick to the few seconds it takes to type in a password.

Re:Who thinks of these ideas?

[RobertM1968]

There are a plethora of other methods to allow such functionality. Where I used to work, we had a nationwide network, and amazingly, all I had to do was log in to the nationwide network and voila! My home drive, preferences and all available!!! On XP and 2000 based clients!!! Wow!!! Amazing!!!! And that doesnt even cover the semi-thin network clients that did all the same as well...

So, in what way does MS now need to spy on and collect personal information about a user's viewing habits to determine who they are, where they live, and possibly tons of other even more sensitive information to enable a feature that already exists and works?

Explain that to me if you would...

Re:

[cedricfox]

*ROFL* Who marketed the first beige computer?

Feeding the troll, but oh well...

[Trumpet of Doom]

If you don't know what Cmd-Shift-1 and Cmd-Shift-2 are for...

So, since you obviously know, what are they for? I've been looking around, but all I can find is stuff about floppy disk ejection. If you've been around long enough to do that, you should be dispensing advice, not hatred, and if you still actually eject floppies from a built-in drive on an Apple computer, please do yourself and the rest of us a favor and buy a new Mac. [apple.com] If whatever you're using works for you, great, but recognize that you're in the minority and that the people you seem to be directing your

From a long time Mac user....

[Anonymous Coward]

Clarus != Claris
Claris is the office software. Clarus is the dogcow.

Re:

[fuego451]

Yo, dude! We just sold you on ebay.
~The Cats

Combining client side info with what server sees

[Palmyst]

Combining client side info with what server sees is the only way to do this, and that means the client has to send information to the server without the user being aware of it.
Good reason to stick to Firefox.

Re:Combining client side info with what server see

[SpaceLifeForm]

Firefox is all good and well, but you need to
be on a non-Microsoft client. Otherwise, the
Microsoft software under the browser still has
access to all of the data anyway.

Perhaps it is already doing what the article describes.

Re:

[bignetbuy]

Exactly. And because they are dealing with a closed-source solution, there is no direct way of knowing. What's to say an ActiveX component isn't briefing scanning a user's browser cache and reporting that information to an MSFT server. Without a sniffer between the box and the 'net, most people wouldn't be the wiser.

Re:Combining client side info with what server see

[techno-vampire]

This is why you use Firefox, to disable ActiveX. You also use a better firewall than that provided with XP; one that warns you when a program wants to "call home" and allows you to decide if you're going to let it.

Re:

[couchslug]

"This is why you use Firefox" with the trackmenot extension:

http://mrl.nyu.edu/~dhowe/trackmenot/ [nyu.edu]

Re:Combining client side info with what server see

[xdc]

I like and use Firefox, but it seems awfully chummy with Google for my taste. I don't think it's the default, but Firefox 2.0 allows you to check with Google whether each site you visit is a "suspected forgery." Probably a sizable percentage of Firefox users takes Google up on its offer.

Google already does it...

[dada21]

I have no doubt that Google (do no evil?) already does this. I have some friends who have been banned from the AdSense network because they clicked their own ads (big no-no), but not from their own network. Laptops from other networks in the same region (say, Chicago). Google's ads definitely send back SOMETHING to Google -- maybe screen resolution + browser version + operation system + who knows what. No one really knows what it shared (someone should trace the traffic), but Google knows more than they're sharing. Heck, their Google search tells you how many times you recently visited a searched site (I log in via gmail, though).

It isn't that hard, and it won't be that hard to deflect if you're privacy crazy. I'd say this is mostly un-news, because privacy geeks will work around it, and those who don't work around it will get some benefit from targetted ads, better compensated search opportunities, and who knows what else.

Re:Google already does it...

[zappepcs]

Yes, and they aren't the only ones that do or will. The problems, as will be pointed out are many due to the nature of HTTP. All I can think of is DAMN, this sure is another good reason to not buy, pirate, copy, or even borrow Windows Vista.... Perhaps this will help push more people toward a better OS?

Not trying to be a troll. It just struck me as this is another reason to just say no to MS.

Re:

[Organic Brain Damage]

http://www.google.com/analytics/ [google.com]

Google Analytics has been re-designed to help you learn even more about where your visitors come from and how they interact with your site.

Re:

[tajmorton]

Google Analytics has been re-designed to help you learn

And them too. Whenever you access a site that uses Analytics, Google now "knows" you've been there, how you got there, how often you go there... (and can link it to your google account through your google cookie).

Just saying...

Re:

[garcia]

Especially when you are using Google Analytics on the site! Someone searched *my* site for a strange keyword (misspelling of entertainment as intertainment) and within seconds Googlebot hit my site with the same search URL.

That made me realize just how fucked up Google's abilities are.

Re:

[ScentCone]

Well, if you want to know what Google's up to, just see what its two founders are currently talking about [ft.com]. They want to tell you the sort of job you'd be best suited to, and what they think you should do tomorrow. No sir, can't do THAT without Google. Point is, they're actually saying something far creepier than anything MS is saying, if you ask me.

Re:Google already does it...

[MickDownUnder]

View source.... search for Urchin.... Every page on slashdot has a google analytics script that sends a cookie to Google uniquely people visiting the page (unless you have blocked it as I have done).

I'd say pretty much 90% of the web currently has Google javascript embedded in it. They know who you are, how often you surf the web, what pages you visit, how often you visit them etc etc etc.

The unbelieveable irony of people on Slashdot bitching about an imaginary technology that Microsoft doesn't have, whilst Google is collecting info about every person reading this article is quite incredible.

Libertarianism vs. Fascism

[bill_mcgonigle]

I'm getting really tired of seeing dada21's wannabe-libertarian garbage on Slashdot. Take your bullshit somewhere else, or keep it in one of your sleazy blogs.

I'll take one of dada21's rants about gold any day over your repressive fascist belligerence.

Hint: put him on your foes list and score down your foes in the preferences. That's what it's there for, so you can be happy without advocating oppression to satiate your minority opinions.

Most geeks are random surfers, are we not?

[TheLazySci-FiAuthor]

I wonder how well this would work for someone like myself who frequently uses stumbleupon.com (or del.icio.us) to surf the net, or indeed anyone who tends to explore the net outside their own backyard.

To me this profiling technology seems like going through someone's garbage to find out what kind of person they are. Works great, unless they live in an RV or on a boat....I'm not sure that analogy works perfectly, but I think I'm going to start putting my trash in my neighbor's bin from here on.

Note: Stumbleupon is a firefox toolbar which will take you to a random site when you click the Stumble button.

Advertising?

[SmellsLike]

I wonder if they're trying to get all this information about the users to be able to identify what advertising to show them on those websites. If so google should be interested in stopping MS from doing this too.

It's suprising it hasn't been mentioned in the article. Its taking more of a privacy and anti-government stance. It looks to me like Microsoft are trying to take the lead in the advertising dollar in shifty ways also. As mentioned in the zdnet article too microsoft are already doing some of this through passport. The difference is that is opt-in whereas this is invisible to the vista user. While currently a download for XP, how long before it becomes part of the auto-updates?

What about multiple users?

[MorpheousMarty]

If I share a computer with my family, won't their data get watered down? And when my friend comes over and checks his favorite web sites, the data will just get worse. I know MS could still find me 99%, I'm the guy who goes to /. and nytimes web site a dozen times a day, no chance there's another person with habits like that, but their database will be compromised by every user variable you can imagine. You have no privacy on the internet but you do have anonymity because your computer doesn't care who you are, just what kind of access you have.

Re:

[geekoid]

THe idea is that through patterns it will know which user is on. Even if multiple people use the same machine.

Re:

[geekoid]

MS owns the desktop and OS, so technical they can do what every they want without asking or telling you. Not that they would, but they certianly can.

Well, that's what make sit interestnig, maybe some smart person figured out how to do it?

The more I think of it the more possible it seems. Really all you needs is lots of data points. You generate those whenever you use the computer.
I bet if you looked at the use data point on your system, some real trends begin to show up.

In the case where people use the comp

Re:What about multiple users?

[Pofy]

>pfft no they don't. i paid for a license to use windows,

Great for you, personally I actually bought a copy. Even though it doesn't mean I hold any copyrights to it, the laws of my country allows me to use the copy without the need of any license, contract or permission at all (regardless of if I would actually own it or not, so borrowing it would be quite OK too for example). Of course, just like with you, I have similary not given any permissions to MS.

Re:

[cicho]

"Even Google asks you to login"

You assume they ask because they have to. That is not necessarily the case.

Problem with identifying by browser habits

[Brad1138]

We have found that 5% of Internet user are identifiable by there browsing habits, all the other 95% do is surf for porn making it hard to narrow down.

Re:

[Shados]

Well, they DID say it could semi-accurately identify genders. I think that would make it easy to identify within that 95%

Re:Problem with identifying by browser habits

[Tribbin]

OMG, you might be identified by your fetish!

Hyperventilating overraction

[joe_bruin]

Don't worry, I'm sure this will be an opt-in feature. You won't need to enable it on your Windows machine (yes, there will be desktop component, why not), unless you want to upgrade to Vista SP1, or get IE8, or use Windows Update, Hotmail, or MSN messenger, or Word, or Outlook, or prevent WGA from deactivating your machine after a month.

Frankly, I'm surprised we haven't seen MS-TCP/IP yet (no, wait, marketing name "MS Live Connect"). A proprietary, "safe" networking protocol on top of the Internet as we know it that requires you to log-in and authenticate against their servers to use the Internet, uses their own DNS (by default, but you can change it if you're technically competent enough), and of course makes sure you're not doing anything that could interfere with MS DRM in any way.

Now it's your job, given the content and the topic of this post, to figure out if I'm being serious or sarcastic. Honestly, I am not sure which one it is.

Re:

[Anonymous Coward]

(yes, there will be desktop component, why not)

Yes, there is, and it's pretty astonishing. CardSpace launches what appears to be a separate desktop session (I think it's done through some variant of Remote Desktop) where you select which card you wish to use to identify yourself, or at least confirm the use of the only relevant card (unless you choose to have that card used automatically.) Been testing this stuff. It's amusing when the CardSpace desktop jumps up and Norton AV decides you should have to authorize it to use the network; you're stuck u

Re:

[b0s0z0ku]

Frankly, I'm surprised we haven't seen MS-TCP/IP yet

If IPv6 becomes more popular and people route through Teredo servers owned by MS, this could actually be around 50% of what you're worried about. MS will be able to see a lot of the traffic between the IPv4 and IPv6 parts of the Internet. Scary.

-b.

Re:

[louarnkoz]

Actually, Teredo was specifically designed so that the Microsoft servers DO NOT SEE any of the data exchanged by the hosts. They only see the initial exchange of packets requested to set-up a tunnel through the NAT.

-- Louarnkoz

Google

[scum-e-bag]

Surely Google is doing this already?

MS is dropping the ball.

Re:

[QuantumG]

MS is dropping the ball.

No, they've jumped the shark.

What's hilarious about this...

[Kuroji]

Is that instead of using the systems they probably already have, the government is starting to utilize private companies to do their dirty work for them. Another layer of deniability to everything, I suppose. I forget; was North America part of Oceania or did it partially belong to Eastasia?

They also

[nurb432]

Want to identify all your data, your applications, your media files, the path you take to get to the office...

CardSpace protocol reverse engineered!

[t0qer]

ASL

Oh, please, this is reactionary

[roman_mir]

It looks like MS is now going to copy everything that Google does. [ft.com] You know, just to stay ahead of the herd.

Microsoft now an advertising firm

[sunderland56]

Gee, do you think this has anything to do with Microsoft acquiring Aquantive? http://slashdot.org/article.pl?sid=07/05/18/162221 2 [slashdot.org] Better user tracking = more targeted ads = more ad revenue = more of a monopoly.

Coming lawsuits?

[Hemogoblin]

User-identifying technology... WGA...

This fortells mass-lawsuits of pirates, RIAA style.

all i know is

[circletimessquare]

with this story, that bill gates icon with the borg visor has never been more appropriate

"resistance is futile, you will be assimilated"

Bill Gates and his fortune

[Equuleus42]

Finally! I had been wondering how Bill Gates was going to share his fortune [about.com]! This sounds like the technology that can make it happen!

random browsing bot

[eclectus]

it would take about 20 minutes to write a bot that would browse at random for you and render this useless. Sounds like a great way to look anonymous. Or really, really weird, depending on where your bot runs off to.....

Re:

[mochan_s]

it would take about 20 minutes to write a bot that would browse at random for you and render this useless. Sounds like a great way to look anonymous. Or really, really weird, depending on where your bot runs off to.....

Except that the bot would generate random values while you would still generate values that identifies you. So, you'd have to balance how many visits the bot makes. Too much and your habits will see through as the bot visits turn into noise. Too little and your habits will dominate.

I thin

How this came about

[Tablizer]

Gates: "We need to distract people from the open-source stuff. We need to find a way to trigger the ultimate paranoia among Microsoft detractors; something that brings out their worse fears and draws their energies away from open source."

Executive: "How about using Windows to spy on people and keeping a huge database and not tell anybody what it's for."

Gates: "Brilliant!"
     

Re:

[QuantumG]

Actual conversation:

Executive: "Mr Gates, our plans against the Open Source community are progressing nicely! We're also making great new technology to turn the Microsoft userbase into a police state! Soon we'll be even richer than we already are!"

Gates: "Umm, yeah, you do that." [Goes back to swimming in a vault full of gold coins, Scrooge McDuck style.]

Re:

[jZnat]

No, he didn't say "Brilliant!", he said, "That's the dumbest fucking idea I've heard since I've been at Microsoft."

Why is this a bad thing? Not a troll!

[WombatDeath]

The following is a question I posted to another forum after reading this article. It's a genuine dilemma I've been pondering for a while now. I fully expect to get boiled alive for even asking the question, but any input will be appreciated.

-----

You may be aware that the UK leads the world with a billion CCTV cameras on every street corner. Various countries are pondering the adoption of mandatory ID cards. I've just been reading a Slashdot article about Microsoft's proposal to identify users from their browsing history. People have suggested a comprehensive crime-fighting fingerprint database.

I'm opposed to these things. The problem is that I'm having trouble explaining to myself why, precisely, it's a bad thing to have Big Brother watching me. And basing my opinion on a vague premonition of dread is pissing me off.

Whenever a measure such as those above is suggested, newspaper articles will invariably mention objections from civil liberties campaigners. I like civil liberties and am inclined to instinctively agree with those who campaign for them. But comments like "If you're not doing anything wrong, why do you care?" are simultaneously smug, irritating and difficult to torpedo convincingly. Three arguments spring to mind:

1) The government shouldn't know any more about you than it absolutely needs to. I agree with that. The problem is that it seems reasonable to assume that an extreme surveillance society which logs the activity of you, your car, your browsing, your shopping, your library borrowing, your finances and everything else would have an easier time of it in identifying criminals. Does that constitute a reasonable need, and why or why not? This argument is rather abstract and arbitrary for my comfort.

2) Unscrupulous government officials could abuse the information. Hard to argue with that one, and no doubt abuses would occur, but it seems paranoid to reject the whole deal on those grounds given the cost/benefit ratio.

3) It wouldn't work properly, would be insecure, and would be a colossal waste of money. I agree, given the UK's track record in large IT projects, but that's an implementation problem rather than a philosophical objection.

Can anyone give me any other specific, compelling argument against the surveillance society which doesn't rely on an axiom that it's an inherently bad thing? Because this is annoying the hell out of me.

Re:Why is this a bad thing? Not a troll!

[surrealestate]

Here's an example: The 1930 US Census asked citizens to provide information about their ethnicity, information which of course could be used to better target governement services, but outside the original constitutional scope of the Census to determine how many voters were in each Congressional district for purposes of reapportionment. This seemingly innocuous information, however, was not so harmless once WWII kicked in, as it was used to identify American-born citizens of Japanese (and to a lesser extent, German) descent for internment camps. No matter how harmless the information, a Government agency acting in bad faith and ignoring the Constitution can use it for harmful purposes. Since our Government consists of the same sort of people it's watching, if all people are good, they don't need this personal information; if some segment of people are rotten, the government shouldn't have it, because they too will have a percentage of rotten people who will misuse it. The privacy implicit in the original Constitution is there for a reason, because even the most innocent information can be either misinterpreted or misused.

Re:Why is this a bad thing? Not a troll!

[Jah-Wren Ryel]

how would you respond to the argument that (recently) naturalized Japanese during WWII would not feel some sort of loyalty towards their old home country and plot/execute attacks against the American war industry (factories, infrastructure) or simply gather intelligence and perform covert operations?

Perhaps I would respond that if they are recently naturalized they must be so for a reason. The vast majority because they prefer the US to their home country? We are a nation of immigrants seeking opportunity and freedom, why would the issei be any different from recent german or italian immigrants? Surely there must be a more efficient method to narrow down the group of people who might pose a danger than to lock up each and every one of them and confiscate(steal) their property?

Would it be worth to risk losing soldiers, battles or possibly even the pacific war?

Do these soldiers not fight for American principles - life, liberty and the pursuit of happiness? Is winning a battle worth losing the war?

Re:Why is this a bad thing? Not a troll!

[jrumney]

These people were in America with access to American news sources. Most of the control the Japanese military had over the general population's opinion of the war effort stemmed from their control of the media. Japanese Americans would have heard about the atrocities in Manchuria and the expansion by force of the Japanese empire throughout Asia. They may not have been in complete support of the American side of the war if they saw through the American propaganda and realised that they were getting very biased reports themselves, but they probably wouldn't have violently opposed it either.

Re:

[azenpunk]

if you're not doing anything wrong, why do they need to watch you constantly?

a criminal code of law is there to settle issues when something is wrong. if two grown men get in a fight and are both willing participants, is that battery? it is illegal in many jurisdictions, but they are both consenting adults, know the risks involved and well, probably just wont call the authorities on each other, no ones arrested an illegal act goes unnoticed and everything is A-OK.

now if everyone was monitored 24/7 both me

Re:

[himurabattousai]

Personally, I think it's quite telling that you can't debate this topic without resorting to old, cliched arguments against this kind of behavior--not because you're lacking in the intelligence department, but because it's just that difficult to argue against the whole "National Security/Think of the Children" crowd that constantly asks for more and more, when it can only provide less and less. Every time a story like this comes up, I see countless quotes along the lines of "Those who trade freedom for sec

Re:

[NewsWatcher]

You may be aware that the UK leads the world with a billion CCTV cameras on every street corner.

Wow, that is a lot of cameras on every corner.

On a more serious note, you ask what the problem is, consider this. Imagine a man has just been released from prison after murdering someone. A CCTV camera takes a snap of him walking down the street in the vicinity of another killing, the night he is released from prison. Is this man going to be treated the same as anyone else who walked down the street?

I bet anythi

Re:

[TechnicalFool]

..and the last time I got battered by a bunch of assholes who wouldn't dare take me on one-to-one, the cameras were absolutely useless in spotting it. They didn't exactly stop a bunch of people blowing trains up either. We have 20% of the world's CCTV cameras in the UK, and some of the highest violent crime rates as well. I think the more you treat people like criminals (by trying to turn the country into one gigantic panopticon for one), the more they act like criminals.

Where does it end?

[bignetbuy]

MSFT is just amazing at the depths they will troll to invade a user's privacy. This article only highlights how deep MSFT has their hand up the proverbial *** of the end-user. Data-mining a user's browsing cache? Are you serious? If they can read from the browser cache, what ELSE can they do? And how far will they go? If Joe User has been surfing pr0n sites and accidently comes across something he should see, will MSFT know about it? Will they inform the authorities?

With Microsoft's recent advertisin

My profile?

[javacowboy]

So how will they identify me? By my work surfing profile, or my home surfing profile?

Yes, I surf at work, both to take a break, and to keep abreast of developments in I.T., specifically, the Java world.

At home, I'll probably surf the BBC, Slashdot, Apple sites, and my blog.

So which "me" does Microsoft hope to profile? Combine that with the fact that I use a Mac at home, and that my surfing habits will change when I change jobs.

Still, methinks this is the quid pro quo for Microsoft's deal with the Bushies

Re:

[Anonymous Coward]

Your profile?

You are a British male and a liberal geek whose job is a programmer, most likely in Java language, and you change your jobs often. You use a Mac and obviously have a strong dislike of Microsoft. You are a heavy coffee drinker who happens to like artsy stuff. You are a strong supporter of multiculturalism and you hate George Bush though you are not exactly anti-American. Despite having a blog, you don't pay much attention to your hobby.

How close am I?

All ITers know that any data on a computer cant

[unity100]

be trusted.

the reason is simple - if it is created through usage of bits and bytes, and everything is in any digital environment, it can be modified, changed, and faked.

nothing on the internet can be trusted to identify a person. nothing.

So....

[sharkey]

Have they identified the goatse guy yet?

does this has to do with "clickprints on the web"?

[freaker_TuC]

I wonder if they are using this [upenn.edu] study "Clickprints on the Web: Are there signatures in Web browsing data?" ; which explains in detail how a user can be tracked by user interaction. Nice thing to read, for sure if you know you could also "be" the parameter (invalidating such methods completely) in such ways of tracking.

Google is already doing this.

[FFFish]

heck, didn't we have a patent article about it a week or two ago?

Spyware

[Trogre]

So how is this different from any other spyware? Let SpyBot do its job and kill these cookies before they can do any damage.

Did i miss something?

[pjr.cc]

First, theres an article on slashdot yesterday about spyware that has been "approved" by truste and now vista comes with embedded spyware to tell MS (who are trying to break into advertising) where i am, what im looking at and what my name is?

The thing that worries me about all this is the rather lack-lustre response you'd expect from the general slashdot community about breaches of privacy, etc. Have the aliens invaded?

im scared... they only come out at night, mostly...

Seriously though for everything that sucks about vista atm (performance, etc), knowing it had embedded spyware (or what exactly is a "special cookie program"?) would stop me moving to it.

In case anyone asks

[Orion Blastar]

my real name is Shackelford, Rusty Shackelford. I happen to share the same name and have the same web browsing habits of over 15 million other people like reading Slashdot.

I doubt Microsoft can figure out my real name, if I keep entering bogus online profiles like Rusty Shackelford and I happen to visit the same technology news sites as 15 million other people.

On the Internet nobody knows if you really are a dog.

The Ugly Truth About Online Anonymity

[irishkev]

This essay takes the paranoia all the way, but, as it turns out, maybe not far enough...

The Ugly Truth About Online Anonymity

http://cryptogon.com/?p=624 [cryptogon.com]

All of the stuff that you do with your "normal" online persona, you know, online banking, checking email, discussion groups, etc: You can't do any of that. The second you associate a user profile on a server with your behavior, you're back to square one. The Matrix has you. You would have to create what the intelligence business calls a "legend" for your new

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[account_deleted]

Comment removed based on user account deletion

Anonymous Use Case

[IL-CSIXTY4]

In response to the snarky aside in the summary, the Cardspace designers actually had anonymous use cases in mind when they designed it. You can generate a card at any time with any information on it. When you submit a card to a site, you get to choose what personal information (if any) gets sent along with it. And, there is a unique ID generated for each site/card combination. So, you could create 100 different cards named "Anonymous Coward" and use a different one each time you came to Slashdot to post as 100 different Anonymous Cowards from one machine.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:no chance with read-only cookies

[Tackhead]

> My cookies files and folders are read-only. Every time I shut down the browser (at least daily), all cookies are gone. Works great with cookies-required sites, since they're still enabled, but leaves no trail beyond the session.

And of course, there must be thousands of people in my ISP's /16 of the network, who, once a day, log onto Slashdot, hits Digg's homepage, checks stock quotes for MSFT, GOOG, AAPL, FOO, BAR, and BAZ (and only those six stocks, and always in that order), and then does some SSL with Quuxbank (and only Quuxbank), before going back to reading stories on Slashdot and Digg, predominantly in the "YRO" category.

What are these cookies of which you speak? Cookies only make tracking easier. NSA had to compromise the backbone routers to gain access to every user's clickstream. All Microsoft has to do is control the browser and embed the spyware in the OS... oh, wait.

Re:

[Jugalator]

Ugh... Typing in that Slashdot CAPTCHA every day just out of Slashdot admin paranoia... :-S

Re:

[geekoid]

You assume those are the onlything it's writing for tracking.

They own the OS. it is very possible for them to write filees that there own files system is designed to ignore.

Not that they do, but alls you know is what the OS is designed to tell you, no more.

By 'you' I mean most people, there are tools that can report the exact data that has been transferred. TO be anygood, they ahve to NOT use any MS-APIs and mount the drive themselves.