Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Verizon Advertising Privacy

Ad Company Using Verizon Tracking Header To Recreate Deleted Cookies 70

itwbennett writes The story began a few months ago when it was reported that both Verizon and AT&T were injecting unique identifiers in the Web requests of their mobile customers. AT&T has since stopped using the system, but Verizon continues. Now, Stanford computer scientist Jonathan Mayer has found that one advertising company called Turn, which tracks users across the Web when they visit major sites including Facebook, Twitter, Yahoo, BlueKai, AppNexus, Walmart and WebMD, uses the Verizon UIDH to respawn its own tracking cookies.
This discussion has been archived. No new comments can be posted.

Ad Company Using Verizon Tracking Header To Recreate Deleted Cookies

Comments Filter:
  • “If a Verizon customer tethered with their phone, their notebook could get stuck with the zombie value. (The ultimate in cross-device advertising!) And the zombie value could spread between cookie stores on a device, including between the web browser and individual apps. (The ultimate in inter-app advertising!)”

  • Oh, I'm sorry, that must have been one of my OTHER personalities!!!!
  • lumascape (Score:1, Interesting)

    by Anonymous Coward

    if you haven't ever waded thru pcap traffic of adfraud, you may not be familiar with this steaming shitpile.

    http://www.lumapartners.com/wordpress/wp-content/uploads/2012/04/Display-LUMAscape_2012-04-05.jpg

    turn, bluekai, and appnexus are all companies in the lumascape group.

  • by Anonymous Coward

    All of these greedy assholes who run these companies which exist to violate our privacy?

    They've all given up any right to privacy and to be treated like humans.

    Start doxxing the fuckers. Release their home addresses, phone numbers, baking information. release every mother fucking piece you can find on them, their families, their friends, their business partners.

    If they want to make their living by trading on our personal information without our consent, then they utterly deserve to be driven into the grou

    • Or you could just... Use another carrier and educated users so they could make an informed decision. Also your anger is misplaced. You focus it on just one of the several parties involved. If you are being tracked, you are visiting sites that knowingly deal with these people and get income from dealing with these people. So your actions would just harm the very sites you seem to want to visit so much. Wouldn't it be a better idea to just not go to sites who use these ad companies? Not use the network of
    • by Agripa ( 139780 )

      Start doxxing the fuckers. Release their home addresses, phone numbers, baking information. release every mother fucking piece you can find on them, their families, their friends, their business partners.

      And then attach a note identifying your "tracking brick" and start throwing it through their windows.

  • by sdguero ( 1112795 ) on Thursday January 15, 2015 @04:55PM (#48823893)
    I just tried this URL on three Verizon phones:

    http://uidh.crud.net/ [crud.net] On all browsers on the Android phones, no ehader was detected. THe iphone we tested, there was a header insertion.

    I assume this is due ot a "no track" setting at the browser application level. Interesting that androids browsers have it enabled but iphone browser does not.
    • It shows up on mine. I did not previously, but from what I understand it depends on the tower to which you are connected as much as the phone. I have already done Verizon's opt-out which of course does not turn it off, but rather just stops them from selling the data.

      Anyone have good reason to believe there is an alternate carrier that actually has decent respect for privacy? I'd like to ditch Verizon as soon as my contract is up.

      • by dkman ( 863999 )
        I use Ting. It's a smaller service that piggybacks on Sprints network. They seem really good. I haven't dug to this level to make sure they don't do anything screwy, but if nothing else they aren't charging what Verizon does. You don't need to pick service levels, you only pay for as much as you use. I could have 3 phones on Ting and pay 1/2 of what I'd pay for 1 phone on Verizon.
    • I assume this is due ot a "no track" setting at the browser application level.

      The browser has nothing to do with this at all, and there's nothing a browser (or any other software you can run on the phone) can do about it short of using a VPN.

      When you did your tests on the Android phone, are you quite certain that you weren't using the WiFi connection? The tracking header is only inserted into traffic that goes over the cell network.

      • Yes, quite certain WIFI was disabled on all devices tested. I also tested the android phones in two different geographical locations in San Diego.

        Only the iphone/safari that I tested showed header insertion.

        I found this on reddit, some people reporting that same thign I'm seeing...

        https://www.reddit.com/r/priva... [reddit.com]
        • Re:Only iOS? (Score:4, Interesting)

          by JohnFen ( 1641097 ) on Thursday January 15, 2015 @06:57PM (#48824967)

          There are only three possible explanations for this: the two phones were using different carriers, or they were being tested in different geographical locations, or the cell carrier itself is making the distinction for some weird reason. The header injection itself is totally unrelated to the phone, the operating system, or what the software on the phone does.

  • VPN to some endpoint outside of VZ's network.

  • by Rick Zeman ( 15628 ) on Thursday January 15, 2015 @05:55PM (#48824445)

    "So, what’s a Verizon subscriber to do?,"

    Dump Verizon.

  • by BUL2294 ( 1081735 ) on Thursday January 15, 2015 @07:44PM (#48825365)
    Verizon also injects the UIDH header even for those who aren't Verizon customers--like those of Straight Talk, a reseller that uses Verizon's network.

    From https://www.eff.org/deeplinks/... [eff.org]

    Because the header is injected at the network level, Verizon can add it to anyone using their towers, even those who aren't Verizon customers. Notably, Verizon appears to inject the X-UIDH header even for customers of Straight Talk, a mobile network reseller (known as a MVNO) that uses Verizon's network. Customers of Straight Talk don't necessarily have a relationship with Verizon.

  • Man, those guys at Verizon are getting the job done. I gotta step up my game.

It has just been discovered that research causes cancer in rats.

Working...