Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Privacy Cellphones Verizon

Verizon Subscribers Can Now Opt Out of "Supercookies" 82

itwbennett writes Verizon said in January that it would allow subscribers to opt out of having a unique identifier placed on their phones that critics have labelled a "supercookie" because it's almost impossible to remove, but it didn't say when. On Tuesday, Verizon said the identifier won't be inserted for customers who opt out of its mobile advertising program: "Verizon Wireless has updated its systems so that we will stop inserting the UIDH after a customer opts out of the relevant mobile advertising program or activates a line that is ineligible for the advertising program, such as as a government or business line," Verizon said in a change to its policies.
This discussion has been archived. No new comments can be posted.

Verizon Subscribers Can Now Opt Out of "Supercookies"

Comments Filter:
  • by awilden ( 110846 ) on Wednesday April 01, 2015 @09:08PM (#49389367)
    So what's the movie reference? It's obviously a joke story...
  • Okay this is last month's news and not a joke, but anything that reads like "BigName Telco Admits They Were Evil" has me waiting for someone to say "April Fools".

    • No, BigName Company was caught with their hand in the proverbial cookie jar, and the backlash was strong enough that they were forced to backtrack a bit. You could just substitute "Lenovo" and "Superfish" with "Verizon" and "supercookie", and the story would essentially be identical.

      Don't discount the importance these headlines, though. The very fact that it *makes* news is a good thing, as it's the only thing that typically forces these companies to back down.

      • by Anonymous Coward

        Proverbial?

        This was a very literal cookie jar

      • by AK Marc ( 707885 )
        It wasn't a proverbial cookie jar. It was a literal cookie, thus a literal cookie jar.
        • by whh3 ( 450031 )

          I see what you did there.

          It would have only been better had this somehow been related to a Java implementation. Then they could have had their hand in the Cookie.jar.

  • testing method? (Score:5, Interesting)

    by dltaylor ( 7510 ) on Wednesday April 01, 2015 @09:12PM (#49389381)

    I can set up a WiFi port to capture the data over that medium (really nice switches that allow port mirroring), but how can I test that 3/4G data requests not only no longer have the "supercookie", but have no new flavor of tracking tag? I'm concerned that they might have one that gets stripped except for special destinations, such as paying businesses, so I couldn't test it against my own web server.

    • by wbr1 ( 2538558 )
      Lease or build a stingray and connect to it. It should have deep packet inspection capabilities and catch things before being stripped on Verizon's network.
    • Re: (Score:3, Informative)

      by johnmoe ( 103704 )

      You just go to any of the web pages that will show you your http headers. Opt out. Notice that x-uidh header is now gone.

    • The tracking is not done on the phone.

      They inject HTTP tracking headers as the data goes over their 3G/4G network.

      Even if you had a Stingray you couldn't check. You just have to trust Verizon.

    • by Anonymous Coward

      You could set up a web server somewhere and check the headers of incoming requests. This is in fact not that hard if you're familiar with capturing data from WiFi etc. When you e.g. request a web page, the web server sees the incoming page request and gets the headers of that request. The headers include thing like what page you are requesting.

      There are many headers and Verizon is adding one non-standard header among them. There are several existing services that show you the headers you are passing the ser

    • Build a personal stingray. Connect through that.

  • Cookie Monster gets all Cookies now.
  • Confirmed! (Score:5, Informative)

    by crow ( 16139 ) on Wednesday April 01, 2015 @09:23PM (#49389417) Homepage Journal

    http://www.amibeingtracked.com... [amibeingtracked.com]

    I just checked this. My phone is on a corporate account, so it shouldn't be eligible for the advertising program they're talking about in the first place. The cookie is gone.

    I still hope they get sued out of business over this. Of course, they'll probably settle for something in the low millions that won't impact their profits.

    • by SeaFox ( 739806 )

      >I still hope they get sued out of business over this. Of course, they'll probably settle for something in the low millions that won't impact their profits.

      That will never happen. Verizon is on the "too big to fail" list, besides being a major telecommunications company (and therefore a part of the National Defense).
      Even if they were actually found guilty/lost/whatever any penalty would be adjusted to make sure it doesn't really threaten their prof^H^H^H^ stability.

    • Do we know if amibeingtracked.com is reliable? I checked mine (on a Verizon MVNO) and it says I'm not being tracked (did not opt out).

    • I opted out of all of their advertising programs (including "Relevant Mobile Advertising", which is supposedly the "supercookie") a day or so ago, restarted my 4G hotspot, and the above http://www.amibeingtracked.com... [amibeingtracked.com] link says I'm still being tracked.
  • FU Verizon and your GD opt-out program.
  • My mobile carrier is an MVNO that uses Verizon's network. I just went to the www.amibeingtracked.com website and it said that I am not being tracked. I had always wanted to know this, and it's good news for all the other users of Page Plus Cellular.
  • already opted out. (Score:5, Insightful)

    by Gravis Zero ( 934156 ) on Wednesday April 01, 2015 @10:39PM (#49389585)

    i opted out by leaving their entire network. fuck them and their unquenchable greed.

  • Opt-out is a pathetic concession. Most people don't even know they're being tracked and of those only a small fraction would bother to opt out. I would not be surprised that even with the option 99% of people are still tracked. It's probably why Verizon did it - a sop to those complaining without materially affecting their bottom line.

    This is the sort of thing that should be covered by privacy law. This would be the case in Europe where data protection laws would require explicit consent and services woul

  • Before we get too far down the rabbit home here, I would like to add a correction to the story above.

    The Verizon 'SuperCookie' is not "placed on their phones" it is an additional header line 'X-UIDH' inserted in outgoing internet requests by their network management system see: http://en.wikipedia.org/wiki/V... [wikipedia.org]. As such it is never present on the users device, but does uniquely identify a user to any server they communicate with if that server either has back end pair access to verizon's customer database o

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (1) Gee, I wish we hadn't backed down on 'noalias'.

Working...