Verizon Subscribers Can Now Opt Out of "Supercookies"

itwbennett writes Verizon said in January that it would allow subscribers to opt out of having a unique identifier placed on their phones that critics have labelled a "supercookie" because it's almost impossible to remove, but it didn't say when. On Tuesday, Verizon said the identifier won't be inserted for customers who opt out of its mobile advertising program: "Verizon Wireless has updated its systems so that we will stop inserting the UIDH after a customer opts out of the relevant mobile advertising program or activates a line that is ineligible for the advertising program, such as as a government or business line," Verizon said in a change to its policies.

Re:

[epyT-R]

Nope. It's 'crony capitalism', where large corps grow the size of the state with lobbies and use it to corner the market and impose the ethics of the principals on the rest of us. It's a revolving door at the top of the pyramid, and they're all friends. A corp can only refuse to employ you or refuse to sell to you, the state can confiscate your property and imprison.. It's both tracks together that create tyranny.

Re:

[epyT-R]

Says the guy promoting communism..

Re:

[Runaway1956]

*sigh*

Capitalism isn't a bad thing. Communism isn't a bad thing either. Nor is democracy. However, any form of government can be corrupted by bad men. Especially if the masses of poor clueless chumps sit around just watching. And, that is pretty much what happens with all forms of government.

I'm not in love with the concept of capitalism, but I do get tired of listening to poor clueless chumps blathering on about how evil it is.

In effect, you prefer to be manipulated by a communist leader, than by capi

Re:

[7-Vodka]

How about we pick freedom and give up being ruled over.

Re:

[Runaway1956]

Let me know how that works out for you. So far, history doesn't have many examples of it working. Perhaps there are some good examples in pre-history, or maybe some of the lost cultures, but I wouldn't count on it. Few men really want to be free - they can't handle the responsibility, for starters. Men and women demand good leaders, they are lost without leadership. And - of course - evil bastards covet those leadership positions. Even if you DO find a bunch of good people to lead, that will only last

Re:

[bondsbw]

Since we must have leaders [citation needed], I prefer that we spread their power around so nobody, nor any associated group of leaders, can have full power.

This is why I would like the US to engage in regular state-led Article V conventions. It isn't guaranteed to change much, I'm not even sure I want much to change, but does remove ultimate sovereignty away from Washington if it ever truly gets out of hand.

Re:

[Rakarra]

The fools certainly come out on April 1st!
Oh, I wish it only happened one day a year.

Re:

[johnsnails]

But whats this got to do with Verizon?

Re:

[_merlin]

Nope. It's 'crony capitalism'

Call me cynical, but I don't think I've ever seen any other kind of capitalism.

Re:

[GLMDesigns]

So this cannot happen in communist or fascist or theocratic states. Right?

What makes capitalism unique and useful to the individual is that one can push back against a corporation by not buying their products. This cannot happen when the state does it. At that point it requires guns.

Capitalism gives an option of wallets that you can take advantage of before you go to guns.

From my perspective you're the brainwashed, monkey kissing idiot.

I don't get it?

[awilden]

So what's the movie reference? It's obviously a joke story...

Re:

[IMarvinTPA]

I think it is a book, 1984. But I don't remember this part...

Hmm

April Fools???

[davidwr]

Okay this is last month's news and not a joke, but anything that reads like "BigName Telco Admits They Were Evil" has me waiting for someone to say "April Fools".

Re:

[Dutch Gun]

No, BigName Company was caught with their hand in the proverbial cookie jar, and the backlash was strong enough that they were forced to backtrack a bit. You could just substitute "Lenovo" and "Superfish" with "Verizon" and "supercookie", and the story would essentially be identical.

Don't discount the importance these headlines, though. The very fact that it *makes* news is a good thing, as it's the only thing that typically forces these companies to back down.

Re:

[Anonymous Coward]

Proverbial?

This was a very literal cookie jar

Re:

[AK Marc]

It wasn't a proverbial cookie jar. It was a literal cookie, thus a literal cookie jar.

Re:

[whh3]

I see what you did there.

It would have only been better had this somehow been related to a Java implementation. Then they could have had their hand in the Cookie.jar.

testing method?

[dltaylor]

I can set up a WiFi port to capture the data over that medium (really nice switches that allow port mirroring), but how can I test that 3/4G data requests not only no longer have the "supercookie", but have no new flavor of tracking tag? I'm concerned that they might have one that gets stripped except for special destinations, such as paying businesses, so I couldn't test it against my own web server.

Re:

[crtreece]

Not a verizon customer, but there is an easy solution to this, VPN. They get no idea where your data requests are going or what they are, and they don't get to violate your privacy or the copyright of the site with their Man-In-The-Middle attack.

Re:

[crtreece]

You do not have right to privacy.

Says Anon, LOL.

Re:

[wbr1]

Lease or build a stingray and connect to it. It should have deep packet inspection capabilities and catch things before being stripped on Verizon's network.

Re:

[Impy the Impiuos Imp]

I always assumed there were people who did this for Windows. to search for spy data streams of one type or another. Is there?

Re:

[johnmoe]

You just go to any of the web pages that will show you your http headers. Opt out. Notice that x-uidh header is now gone.

Re:

[viperidaenz]

The tracking is not done on the phone.

They inject HTTP tracking headers as the data goes over their 3G/4G network.

Even if you had a Stingray you couldn't check. You just have to trust Verizon.

Re:

[Anonymous Coward]

You could set up a web server somewhere and check the headers of incoming requests. This is in fact not that hard if you're familiar with capturing data from WiFi etc. When you e.g. request a web page, the web server sees the incoming page request and gets the headers of that request. The headers include thing like what page you are requesting.

There are many headers and Verizon is adding one non-standard header among them. There are several existing services that show you the headers you are passing the ser

Re:

[Neil Boekend]

Build a personal stingray. Connect through that.

Super!

[turkeydance]

Cookie Monster gets all Cookies now.

Re:

[Runaway1956]

I wonder if the Matrix would have ended differently if Neo hadn't eaten the cookie? What was IN the cookie?

Re:

[Runaway1956]

"well endowed black gentlemen"

Your insecurity is showing.

Confirmed!

[crow]

http://www.amibeingtracked.com... [amibeingtracked.com]

I just checked this. My phone is on a corporate account, so it shouldn't be eligible for the advertising program they're talking about in the first place. The cookie is gone.

I still hope they get sued out of business over this. Of course, they'll probably settle for something in the low millions that won't impact their profits.

Re:

[SeaFox]

>I still hope they get sued out of business over this. Of course, they'll probably settle for something in the low millions that won't impact their profits.

That will never happen. Verizon is on the "too big to fail" list, besides being a major telecommunications company (and therefore a part of the National Defense).
Even if they were actually found guilty/lost/whatever any penalty would be adjusted to make sure it doesn't really threaten their prof^H^H^H^ stability.

Re:

[bill_mcgonigle]

Do we know if amibeingtracked.com is reliable? I checked mine (on a Verizon MVNO) and it says I'm not being tracked (did not opt out).

Re:

[rworne]

They have an opt-in program. It's called "Verizon Selects".

Basically, it's a points-based award program that "rewards" you for letting them monitor your location, app usage, and web browsing activity on your phone.

But why is this opt-in and the super cookie business opt-out?

Simple. In the selects program, they "pay" you with gift cards or merchandise. With the super cookie, Verizon gets your browsing for free.

I opted out, still being tracked.

[rabbin]

I opted out of all of their advertising programs (including "Relevant Mobile Advertising", which is supposedly the "supercookie") a day or so ago, restarted my 4G hotspot, and the above http://www.amibeingtracked.com... [amibeingtracked.com] link says I'm still being tracked.

Re: I opted out, still being tracked.

[Thundersnatch]

Same here; opted out but cookie still present. I assume it takes some time for the settings to propagate from $central_database to $thousands_of_edge_devices.

I will check back every few hours to see how long it takes.

Re: I opted out, still being tracked.

[Thundersnatch]

4 days after opting out and amibeingtracked,com finally reports no super cookie present!

Re:

[rabbin]

Good to hear. Still being tracked on my end. If it doesn't change soon, I might give them a call.

Re:

[rabbin]

Finally no longer being tracked. So it can take a week or two.

Re: I opted out, still being tracked.

[Thundersnatch]

4 days after opting out and amibeingtracked,com finally reports no super cookie present. So it takes a while...

Opting out of Verizon is easier

[ZipK]

FU Verizon and your GD opt-out program.

MVNO's are already opted-out

[freeze128]

My mobile carrier is an MVNO that uses Verizon's network. I just went to the www.amibeingtracked.com website and it said that I am not being tracked. I had always wanted to know this, and it's good news for all the other users of Page Plus Cellular.

already opted out.

[Gravis Zero]

i opted out by leaving their entire network. fuck them and their unquenchable greed.

Re:

[account_deleted]

Comment removed based on user account deletion

Should be opt-in

[DrXym]

Opt-out is a pathetic concession. Most people don't even know they're being tracked and of those only a small fraction would bother to opt out. I would not be surprised that even with the option 99% of people are still tracked. It's probably why Verizon did it - a sop to those complaining without materially affecting their bottom line.

This is the sort of thing that should be covered by privacy law. This would be the case in Europe where data protection laws would require explicit consent and services woul

CORRECTION!

[ramriot]

Before we get too far down the rabbit home here, I would like to add a correction to the story above.

The Verizon 'SuperCookie' is not "placed on their phones" it is an additional header line 'X-UIDH' inserted in outgoing internet requests by their network management system see: http://en.wikipedia.org/wiki/V... [wikipedia.org]. As such it is never present on the users device, but does uniquely identify a user to any server they communicate with if that server either has back end pair access to verizon's customer database o