Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Privacy Your Rights Online

Tracking the Web Trackers 97

itwbennett writes "Do you know what data the 1300+ tracking companies have on you? Privacy blogger Dan Tynan didn't until he had had enough of being stalked by grandpa-friendly Jitterbug phone ads. Tracking company BlueKai and its partners had compiled 471 separate pieces of data on him. Some surprisingly accurate, some not (hence the Jitterbug ad). But what's worse is that opting out of tracking is surprisingly hard. On the Network Advertising Initiative Opt Out Page you can ask the 98 member companies listed there to stop tracking you and on Evidon's Global Opt Out page you can give some 200 more the boot — but that's only about 300 companies out of 1300. And even if they all comply with your opt-out request, it doesn't mean that they'll stop collecting data on you, only that they'll stop serving you targeted ads."
This discussion has been archived. No new comments can be posted.

Tracking the Web Trackers

Comments Filter:
  • Give Us A List (Score:3, Informative)

    by Anonymous Coward on Friday March 22, 2013 @07:51PM (#43253249)

    Give us a list of all companies and their affili-shit domains and I'll block them. I'll even add them to my 'Hosts' file just to make apk happy.

    • Re:Give Us A List (Score:5, Informative)

      by eksith ( 2776419 ) on Friday March 22, 2013 @07:58PM (#43253305) Homepage

      It doesn't always work that way. Sometimes, these companies use their own sites, but other times, it's a no-name domain and sometimes a random IP. It's almost a kin to a botnet herder where they all report to a root domain where they get their instructions.

      And other times these are from publicly available records; no direct connection to your web browser. If you buy a car, apply for a credit card or even register a new phone number, expect to get spammed shortly. The only way to not get included in a dossier of some sort is to not exist. But even that's no guarantee.

      • by Anonymous Coward

        Which is why I use RequestPolicy. It blocks all third-party browser requests by default. It's a mild PITA because practically every site seems to use a separate domain for static content nowadays, and you need to configure this in RequestPolicy, but once you've done that it's effortless.

        Of course, there's not much I can do about my credit history, but I'm fairly confident these companies know jack-shit about my browsing habits.

        • Re:Give Us A List (Score:4, Informative)

          by noh8rz10 ( 2716597 ) on Friday March 22, 2013 @09:05PM (#43253751)
          THe Ghostery plug in accomplishes the same thing... It automatically blocks trackers against a big black list. Something cool, it does a subtle pop up wheyou visit a page listing all the trackers on that page. Eye opening, for sure! Some pages ,a dozen different trackers! I know Ghostery is available for safari, not sure about other browsers.
          • Yeah, if you read the article, you'd see Ghostery is run by and advertising company.
            " About Evidon
            Evidon reveals the invisible web.

            Its technology gives brands, publishers, networks and other businesses around the world unique insight into the digital ecosystem—including unparalleled intelligence on the marketing technologies that underpin the commercial web —and the power to control their impact on business.

            Evidon's technology includes Ghostery®, the industry-leading browser tool that repor

            • by AmiMoJo ( 196126 ) *

              They sound smart. Give users an effective blocking tool, sell companies advice on how not to get blocked.

  • by popo ( 107611 ) on Friday March 22, 2013 @07:51PM (#43253253) Homepage

    You could be using Tor, or surfing through a proxy, denying cookies, etc.

    Why make it easy for them?

    • Re: (Score:1, Insightful)

      by Anonymous Coward

      You obviously haven't used tor, it's slow as molasses

    • by Anonymous Coward

      Because that kind of passive measures are not very effective.
      Also, the enemy has so much money which they are paying to some top programmers in the world, that they are just immensely more powerful technically.
      What we need is a new kind of company who will work for the people's protection. I for one would gladly pay a subscription fee to have that information poisoned. The real problem is not that there is no protection; the real problem is that noone cares. Most people want to be tracked. If they didn'

    • by Desler ( 1608317 )

      Because browsing through Tor does jack and shit?

    • you actually think using Tor prevents them from tracking you? Your IP address is only *one* of the multiple things they track.

    • by lucm ( 889690 )

      I do something even better than using Tor for browsing internet: I use a stolen MacBook, and I make sure to get a new one every week. On the plus side I get to listen to different music all the time, without this approach I would have never guessed Justin Bieber has so many different songs.

    • I disable cookies and ONLY allow the sites I want. I use Firefox and ABP (Ad Block Plus). They can have my IP but that's all they will get. I hate the advertising companies as on some sites, especially when downloading, they swamp the whole page with "Download" buttons which look like the download buttons from the actual website they are advertising on. Total nightmare!
  • by Anonymous Coward on Friday March 22, 2013 @07:55PM (#43253289)

    Enough to drive an honest man to fraud.

  • Use Ghostery! (Score:5, Informative)

    by Anonymous Coward on Friday March 22, 2013 @07:57PM (#43253301)

    Ghostery (Firefox plugin) allows you to block these trackers, it works great and you can also see when sites are loading the tracking code.

    • by Anonymous Coward

      Posting anonymously because I just modded you up. :)

      But I have to agree. I use Ghostery.

    • Re:Use Ghostery! (Score:5, Informative)

      by Nyder ( 754090 ) on Friday March 22, 2013 @08:21PM (#43253483) Journal

      Ghostery (Firefox plugin) allows you to block these trackers, it works great and you can also see when sites are loading the tracking code.

      https://www.ghostery.com/ [ghostery.com]

      • Re:Use Ghostery! (Score:5, Interesting)

        by Anonymous Coward on Friday March 22, 2013 @10:04PM (#43254083)
        I use ghostery and love it and all. But I wonder if passive resistance is the wrong way to go about this. Maybe what we need is to allow all those tracking cookies. But run a program on your computer which replaces the data in those cookies every 5-10 seconds. That is, instead of denying the marketers data (meaning the data they do get is still good), pollute their data so this whole business of tracking is less effective.
        • That's a great idea, but how can you ensure that the fake data still "looks right"? If it's completely random, it's going to be relatively easy to filter out. It needs to be consistent so that the cookie data is well formed according to the tracking company's system, I guess.

          One possibility might be to set up a server that 1) receives tracking cookies from people, and 2) returns a random tracking cookie from its collection whenever asked by anyone. Think of it like a cookie swap exchange, where your brows

          • by AmiMoJo ( 196126 ) *

            I'm gonna name my kid Spartacus.

            I wonder how many of these cookies would be vulnerable to an SQL injection attack? Has anyone tried replacing all strings in all their tracking cookies with "drop tables;"?

        • by theCoder ( 23772 )

          Maybe, but even the act of sending the cookie back, even if it seems to have bad data in it, can give information about you -- what sites you visit, how long you spend there, etc.

          Now, maybe a script that made random HTTP requests with random cookie data. It still would be tricky, and blocking the stalkers (especially facebook) seems much safer.

  • by rmdingler ( 1955220 ) on Friday March 22, 2013 @08:09PM (#43253379) Journal
    Who watches the Watchmen?
  • Disable third party cookies in your browser.
    • by Anonymous Coward

      There are also flash cookies and also fingerprinting. I noticed that some use javascript to create a 'fingerprint' eg: http://mpsnare.iesnare.com/snare.js

      • by DaveGod ( 703167 )

        So, does NoScript work then? It disables flash unless you whitelist the domain it is coming from.

  • Data (Score:5, Interesting)

    by Anonymous Coward on Friday March 22, 2013 @08:18PM (#43253457)

    Does anyone know how he got the data they had on him? I'm looking at the opt out pages he listed and I don't see data recovery functions.

  • by Jah-Wren Ryel ( 80510 ) on Friday March 22, 2013 @08:20PM (#43253473)

    And even if they all comply with your opt-out request, it doesn't mean that they'll stop collecting data on you, only that they'll stop serving you targeted ads."

    That line is the most important part of the story. The phrase "opt out" has been redefined by the marketers. You can not opt out of being tracked, you can only opt out of being reminded that you are being tracked. That is more than useless because it defuses the people most likely to be unhappy about these trackers with a false sense of safety.

    Your only way to avoid being tracked is not to ever talk to the trackers in the first place. For the less technically inclined, the Ghostery plugin for firefox is pretty much set it and forget it. If you can handle looking underneath the hood of the internet, check out Request Policy [requestpolicy.com] which gives you extremely fine grained control over what stuff a webpage can pull in from other webservers. I default block all cross-site includes from other domains and white-list them on an individual basis and it really isn't too inconvenient. Besides the privacy benefits, it makes web pages load super fast when they don't have to pull in crap from 15 other servers.

    • First steps I do after creating a new Firefox profile:

      1. Set Firefox to reject 3rd party cookies and remove all cookies on session end
      2. Disable all Plugins except Flash and your favorite media player's plugin; gecko-mediaplayer for example.The point is them not even appearing in navigator.plugins. (If you're on Windows(/Mac?), you'll have to repeat this check after every Skype/Office/.NET/Adobe Reader/whatever update. My condolences).
      3. Install Ghostery, RefControl, "Click to Play switch", Scriptish - all from addo
  • 1.) Install Ghostery. 2) Install AdBlock Plus. 3) Only accept cookies from sites you trust, and for best results clean those out regularly.

    You can go the extra mile with NoScript, Tor, and so on, but even just doing Ghostery and turning off third-party cookies will knock out much of the problem.

  • by Holistic Missile ( 976980 ) on Friday March 22, 2013 @08:35PM (#43253559)
    I use some domain blocking entries, plus a hosts file from http://pgl.yoyo.org/as/serverlist.php?showintro=0;hostformat=hosts [yoyo.org] on my router, with local DNS enabled. It redirects about 2500 URLs to DD-WRT for the win! I would imagine other third-party firmware allows this, too. When I have company, they sometimes comment how much better the web pages look and how fast they load on their laptops when they use my AP. They also wonder why Facebook and Twitter don't work... :-)
  • So many ads on this guys site, that I couldn't read the whole thing, that ads were distracting me

  • Tail your proxy (Score:5, Informative)

    by Nethead ( 1563 ) <joe@nethead.com> on Friday March 22, 2013 @09:01PM (#43253725) Homepage Journal

    I had a few users at work that were spending too much time on facebook, etc. and management asked me to block it except during breaks. So I fire up an old box and put squid on it and tell AD to force them to proxy through it.

    I then did a tail -f on the /var/log/squid3/access.log file and howdy boy do some sites have a lot of crap called when you load a page. Even our small town local newspaper site would call up about 30 different domains on each page load. Some of them would put a java script in to refresh each minute to see how long one stayed on the page.

    Now I see why I run no-script and ABP on my boxes.

    I started blocking a lot of them but real work called and I'm guessing that I only got about a third of them.

    The unfortunate thing is almost all the stuff on the web these days has a no-cache flag so running a proxy for web-cache/bandwidth reduction is almost useless. I only get about 2% cache hits.

    • Hmm... any chance to make the proxy ignore the no-cache flag with pages where you know they serve no purpose other than increasing their hits? It's not like I have to play nice if they don't.

    • Now I see why I run no-script and ABP on my boxes.

      I know better than to wish javascript were never invented, but when I have to deal with sites that don't work with javascript because they shit on themselves and sites that don't work without javascript because the web developers are incompetent in the space of about five seconds, I want to imminentize the eschaton.

    • by AmiMoJo ( 196126 ) *

      It's a shame Ghostery doesn't work at the proxy/router level because they have done all this hard work for you. You could probably use their list as a good place to start though.

  • 1. Install SRWare Iron (Chrome without usage tracking)
    2. Add NotScripts
    3. Add FlashBlock
    4. Add HTTPS Everywhere
    5. Add Ghostery
    6. Add AdBlock (cos why not)

    That's your minimum kit to browse the web these days.

    Ghostery's plan [venturebeat.com] is to sell all of your information to advertising companies. This isn't a bad thing necessarily, but you should probably know that before you install it.

  • by Opportunist ( 166417 ) on Friday March 22, 2013 @10:45PM (#43254259)

    It's not like we didn't notice yet that all sending an "opt-out" EMail accomplishes is to increase the value of your mail address because now it is confirmed to be one you actually use.

    The only way to stop trackers is to mislead them with false information and block as many tracking as you possibly can. Relying on those that benefit from tracking to comply with your requests is naive at best.

  • "I already bought this shit. GTFO!"

    Nothing more annoying than searching for a product, BUYING said product, and then for weeks/months later being shown ads for said product that I no longer have an interest in... BECAUSE I'VE ALREADY GOT ONE, YOU SEE?!?!" /French accent

  • Holy Crap (Score:3, Interesting)

    by wibblewibble ( 2766235 ) on Friday March 22, 2013 @11:44PM (#43254531)
    If you want to see Ghostery at work, try that link to the first opt-out site http://www.networkadvertising.org/choices/ [networkadvertising.org] with Ghostery running - the list of blocks scrolled right off the bottom of my page.
  • by lucm ( 889690 ) on Saturday March 23, 2013 @05:11AM (#43255553)

    I don't see what is actually the problem. Isn't that better to have somehow targeted ads?

    As for breaching my privacy: I'm just a record in billions of records for those companies. I'm pretty sure they don't give a shit about me as an individual, they care about categories and segments and groups. So what if they know which website I look at and how frequently. We are not talking about companies using my facebook pictures or my wishlist on Amazon, it's just ads.

  • On the Network Advertising Initiative Opt Out Page you can ask the 98 member companies listed there to stop tracking you and on Evidon's Global Opt Out page you can give some 200 more the boot

    No, no you can't. I just tried the Network Advertising Initiative opt out page. It doesn't work. Out of 96 sites, 0 worked. I also tried Evidon. Looks like about only 80% of them can be shut off from that page. And now I have a horrible suspicion that all I've done is confirmed my existence to spammers.

  • You do all that work of opting out and with a single click of the delete cookies button all your work and 200 different cookies just hit the shit fan. Google had a program that was installed to block tracking but i forgot what it was for. But opting out with a cookie is useless. It needs to reside somewhere other then the internet folder.

"You can have my Unix system when you pry it from my cold, dead fingers." -- Cal Keegan