Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Privacy The Internet Advertising Technology

Ask Slashdot: How Much of Your Online Browsing Can Advertisers See? 189

dryriver writes: We all know the phenomenon of browsing from an internet site A to a completely unrelated internet site B, and having identical ads follow you from site A to site B. Logic suggests that some kind of advertising system is following you from site A to B, and possibly onto subsequent sites C, D and E as well. Logic also suggests that this advertising system can now put together a nice long list of whatever you are looking at online. So here's the question: How much of your online browsing is "monitored" or "logged" this way by advertisers? Can there be any realistic expectation of privacy on the internet if the default behavior of advertisers is to track you as much as they can?
This discussion has been archived. No new comments can be posted.

Ask Slashdot: How Much of Your Online Browsing Can Advertisers See?

Comments Filter:
  • all (Score:5, Informative)

    by turkeydance ( 1266624 ) on Thursday August 24, 2017 @08:46PM (#55079721)
    of it
    • by ls671 ( 1122017 )

      Agreed, with most browser default settings,

      Then, you can add privacy add-ons to your browser with the implied risk to make matters worse.

      After that, worry about lower levels like the network etc. and your post was just as right as it can get.
      reference:
      https://en.wikipedia.org/wiki/... [wikipedia.org]

      • Adblockers and third party cookie blocking can help. Also avoid plugins like flash that caches data on your computer.

        All of this we see was basically predicted in the Max Headroom tv series and in the novels by William Gibson - cyberpunk.

    • Advertisers wish that could be true. Easiest way to know, dear submitter, create a throwaway account in Adsense or Facebook Ads and look for yourself is not a great deal, everything is aggregated. Fellow nerds like to think that you can pick individual people to advertise to, that might happen on Facebook, you can spam with ADs your friends but thats about it.

      You are not an individual on the ad systems, you are part of a lot of groups of people based mostly on demographics, locations, and lastly, your brows

      • by ls671 ( 1122017 )

        Advertisers wish that could be true...

        Yet, it may tend to be true depending on how big you are.
        reference:
        https://en.wikipedia.org/wiki/... [wikipedia.org]

        • Advertisers wish that could be true...

          Yet, it may tend to be true depending on how big you are.
          reference:
          https://en.wikipedia.org/wiki/... [wikipedia.org]

          +1

          It may be paranoia if you are too little to matter.

          Al in all, the chances of being personally tracked increase by the more unique you try to be in your browsing habits. Should be common sense.

      • Advertisers must think I'm an over 40 y/o single man. I get so many "Date 40+ year old women" ads.

        I'm married, don't go on dating sites, and in my 30's. I wish I knew what made advertisers think I'm looking for older women. Makes me chuckle.

      • You're mostly correct. You're also stating stuff that almost everybody on /. already knows.

        • You're also stating stuff that almost everybody on /. already knows.

          Am I? Do they? It does not look that way since every single time someone brings the topic the answers are long lists of comments dickwaving about who has the most blockers and ridiculous privacy set ups.

          Most people in here act as if the ad networks target them specifically or personally as if this demographic was worth the effort. Millenials on the other hand... see Snapchat.

  • by Static ( 1229 ) on Thursday August 24, 2017 @08:54PM (#55079763) Homepage

    Advertising content puts tracking cookies in your browser. Due to how cookies work, they are associated with the advertiser, not the website you're looking at. This means that the advertiser will see the *same* tracking ID whenever their content appears regardless of the site they're advertising on. Since they know what sites they're advertising on, they can match that with the tracking ID they've dropped on you to assemble a history of what sites you're browsing through. Including giving you the same ads.

    This is the "forgotten" reason why people run ad-blockers: to nix the tracking data across websites!

    • by lucm ( 889690 )

      It's not just cookies. Etags also, and those leave nothing behind that you can see.

      • by unrtst ( 777550 ) on Thursday August 24, 2017 @09:41PM (#55079983)

        Thank you. I initially thought you were mistaken, cause I'm familiar with ETags, but I hadn't thought it all the way through. Those are some sneaky buggers.

        FWIW for others, ETags are optional, and generated server side per resource. They are used to determine if an item you have cached needs refreshed (if the etag you have differs, you need the updated version). That happens to be done server side... if you already have a resource, you send an HTTP request to the server, and your request headers include "If-None-Match", which has the ETag. If you send an ETag to the advertising server, they can misuse that feature and just send you back the same tag... this is how they end up tracking you (or part of it), as they can associate a unique ID with you because you always send them that same ETag.

        • by AmiMoJo ( 196126 )

          PrivacyBadger is great for handling that kind of tracking. It works by looking for third party sites that seem to be common to multiple websites you visit, and are thus able to track you as you move between them. It can then either block just cookies (allowing stuff like content to load) or it can block them entirely.

    • I thought the real reason people run ad blockers now is because quite a bit of malware is delivered by ads
      • Malware is an important reason, but for me, tracking is the #1 reason. The #2 reason is because so much of the web is functionally unusable if you aren't blocking ads.

    • I find that multiple layers are helpful:
      1. Privoxy
      2. Turn off "Allow 3rd party cookies"
      3. Install NoScript. White list only the sites you need for work, e.g.: fogbugz.com

      If I can't see your site without JavaScript enabled then it was probably a steaming pile of shit anyway.

    • by Anonymous Coward

      Wow. Thank you for explaining this. I've recently switched to using the 'Brave' browser. One of the things it blocks and reports on is 'trackers'.

      I never really understood what this meant, but now I see how insidious it all is. I'm glad I switched to Brave.

    • This is the "forgotten" reason why people run ad-blockers: to nix the tracking data across websites!

      This is the primary reason that I block all the advertising agencies that I can. I'm not allergic to seeing a reasonable number of respectful ads. However, I 100% don't want the tracking that advertising brings.

      This is why all the industry efforts to make ads "acceptable" are worthless to me -- all of those plans think that tracking is not a problem.

  • by Anonymous Coward

    Install the firefox self destructing cookies plugin. This is how cookies should work. Unless you whitelist the domain, its cookies are destroyed 10 seconds after you leave their page. Others go further with adblock, but just this with kill the tracking.

    • I use Privacy Badger for this. Cookies can be 100% blocked, allowed but only for the session, or allowed to be stored for future sessions. What's more there's a central repository of knowledge about what settings are necessary in order for sites to work so you don't have to figure it out yourself.

      Oh my, that's a lot default blocked entirely here on /.

  • by rtb61 ( 674572 ) on Thursday August 24, 2017 @09:11PM (#55079831) Homepage

    Want more privacy, absolutely do not run windows anal probe 10 because if you do, you have already lost. Next up run add ons to control your internet experience, the first up a script blocker to block scripts you do not like especially bad advertiser scripts add to that a cookie control add on to either block cookies from particular sites or make them session only and delete them when you leave.

    I prefer to control what is allowed to run and what is blocked. So for advertisers, show me shit ads and you are blocked, just one shit ad advertising crap products or services and that also includes ending up at a bad site, those providing ads services to that bad site and you are done, from there on in. You behave yourself with those ads and fine, they might even be informative.

    Google search is becoming nothing but google ads, it is starting to look very much like the old asta la vista and MSN, all you see is ads on first the screen, drop to the bottom and look the fucking arse holes have dumped all ads at the bottom, you now have to try to find the bit in between to see your actual search and the shit fucks did that on purpose to force you to read the ads. Google is just becoming more and more shite, from the YouTube advertiser friendly horse shit to google advertiser search bullshit. M$ would have a chance now with MSN search but they decide to be douche bags with Windows anal probe 10.

    Why is it, that old tech companies must go down, to be replaced by new client respecting companies, whom then become douche bag corporatists and must again be replaced. Why the crazy stupid business style, is it an American thing, is that the norm for American business, start small and customer orientated become big and become customer abusive.

    • Want more privacy, absolutely do not run windows anal probe 10

      Yet Windows 10 comes on the majority of laptops in U.S. showrooms. Staples and Best Buy have zero GNU/Linux laptops. So what's the alternative? MacBook? Chromebook? I don't see how a Chromebook is any better privacy-wise; it just has Google's tendrils in it instead of Microsoft's. Or ought everyone to research a Windows laptop's Linux compatibility, buy it, format it, and install Linux?

    • by AmiMoJo ( 196126 )

      Why is it, that old tech companies must go down, to be replaced by new client respecting companies, whom then become douche bag corporatists and must again be replaced.

      Because they start out losing vast amounts of money by not having ads or monetizing your data, and then realize that they need to show a profit one day and go bad. Then some startup does the same thing and the cycle repeats.

      By the way, blocking all third party Javascript (except for a few whitelists for common libraries) is pretty effective.

  • by n329619 ( 4901461 ) on Thursday August 24, 2017 @09:24PM (#55079903)
    98% slashdot, 2% everything else. Slashdotters don't deny it, be proud of it.
  • by grub ( 11606 ) <slashdot@grub.net> on Thursday August 24, 2017 @09:24PM (#55079907) Homepage Journal
    How much can the trackers/advertisers on your own site see? There are enough: rpxnow.com, crsspxl.com, google-analytics.com, janrain.com, pro-market.net, taboola.com, ml314.com, and (lol) analytics.slashdotmedia.com.
    • by bigtiny ( 236798 )

      Additionally there are non-user facing network infrastructures that can track you -- akamai, limewire, etc. Akamai in particular has software all over the internet that is VERY good at gleaning information from network traffic.

  • extreme measures (Score:2, Insightful)

    by Anonymous Coward

    Unless you take extreme measures, which only a small minority do, they can see all of it, or so near as not to matter.

    The measures you must take increasingly break web sites, because we the public have trained the sites that it is acceptable to require privacy invading features for basic functionality. The more sites are broken in this way, the less people are willing to take the measures that might cause them a tiny bit of inconvenience, and so the cycle continues.

    The only way for this to be avoided was i

    • The measures you must take increasingly break web sites

      This doesn't happen as much as it used to, in my experience. But if my countermeasures make a website nonfunctional, I simply don't use that website.

      There are only three sites that I can think of that are actually essential to me, and none of them break because of my countermeasures.

  • I'm only tracked by the large number of privacy-guard and productivity extensions installed into Firefox running under a fringe open source OS. I've checked before, it's a highly unique fingerprint.

    Yeah, so I'm sure there are some companies out there tracking me as the man with seven middle fingers, all extended in the direction of the company tracking me.

    Thus, I only ever see advertising for the Armsel Striker [wikipedia.org].

    Haha. Just kidding. Though I might actually click through if they did take a hint.

  • Right-click, copy address, open new tab, paste?
    • Very bad link, use this if wish to know of beacons https://en.wikipedia.org/wiki/... [wikipedia.org]

  • When was there an expectation of privacy in the internet?

    If you visit Site A, Site A has your browsing history of Site A. They're free to share that information with who ever they please.
    When you visit Site B, they're free to share it all too.

    If Site A and Site B both share that information with Adverting Network A, then Advertising Network A has your browsing history of Site A and Site B

    It's like rocket science, only not quite.
    More like brain surgery.

    • In theory, Site A and Site B don't know that you're the same person. Advertiser tracking cookies and ETags bridge that gap in a way people did not expect. I don't think that many people would expect Pornhub to know their Facebook profile.

      • Who visits pornhub without incognito mode? (don't forget to close the browser first, or ETag's can leak in to the incognito session)

        • Pretty sure incognito mode only stops the tracking on your computer, so your mrs can't see you've been on porn. It doesn't change any data that is or isn't sent and has no effect on what the sites do with said information. I could be wrong though.
          • It doesn't allow access to your regular set of cookies and starts with a clean slate so you only get cookie-tracked in the single session.
            It's supposed to not use your regular cache too, so ETags don't leak but Chrome has a bug where you need to close the browser first.

    • If you visit Site A, Site A has your browsing history of Site A. They're free to share that information with who ever they please.

      That's a big part of the problem, right there. They shouldn't be free to share that information with whoever they please.

      • Why not? Nobody is forcing you to visit their website. They're paying for the content, servers and bandwidth. Are you paying for the service?

        • Why not?

          Because (and I recognize that people have different perspectives on this) the data about me is mine, not the site's.

          Are you paying for the service?

          Depends on the site. There are several that I pay for, yes.

          • and the data about their site is not theirs?

            If you paid for a service, there should be an agreement as to what you've paid for. That's bound to include how any data is used.

  • According to "Chaos Monkeys: Obscene Fortune and Random Failure in Silicon Valley" [amzn.to] by Antonio Garcia Martinez, who combined Facebook data with third-party demographic data to determine the identity of a user either logged in or browsing anonymously, quite a bit. And he ain't sorry for compromising user privacy in this podcast [wnyc.org].
  • I watch Netflix exclusively on my PS3 and yet Pornhub shows me ads on my laptop based on what I watched on my PS3. I'm not logged into my Netflix account on my laptop. In fact, the only account that's shared between the two is Amazon. Netflix must be sharing my viewing habits [readwrite.com] by IP address to an advertiser who has a relationship with Pornhub. Does that strike anyone as unexpected and creepy?

    This leaves only a couple options for privacy on the Internet:
    1. Use TOR to do all your browsing.
    2. Demand regulations

    • I keep getting ads on my phone for stuff I've searched for at work, probably because I connect my phone onto works wifi but I'm not sure how they associate the two. Probably from some third common factor but anyway I'm definitely not buying a learning management system or vle for my personal use.

      The best one is though, I have a couple shirts on that redbubble site (sly link drop https://www.redbubble.com/peop... [redbubble.com]) and it keeps advertising my own designs back to me.
  • because I don't see advertisements.
  • They can serve up all the ads based on my browsing habits they want. They just get ignored like TV/print ads and more often than not they advertise stuff to either after you've bought it or decided you don't want it. If by chance they do manage to serve up an ad for something you're after for a good price then all's the better, if you even notice.
    • more often than not they advertise stuff to either after you've bought it or decided you don't want it

      Better still (or worse, depending on how you see it) they advertise stuff you are selling yourself, and you have looked at ads for it to see what prices your rivals are selling it for.

  • This article [techworld.com] has brief descriptions of six secure browsers and a secure plug-in. The article is pretty recent (August 1, 2007). The browsers and plug-in are
    Epic Privacy Browser
    Comodo Dragon/Ice Dragon
    Brave
    Tor
    Dooble
    HTTPS Everywhere (plug-in)
    Yandex Browser

  • There were a couple presentations at Defcon around this very topic. I took from it there is good news and bad news. The bad news is the answer is probably not. You can certainly reduce the tracking considerably with all the countermeasures mentioned here. But there is always going to be some leakage, especially once the primary domains start hosting the trackers themselves then sharing the data on the backend. I think that is inevitable as ad/script blockers become more and more prevalent. The good news is
  • Seriously, don't we all have adblocking software installed by now? I haven't seen an ad in years - because I do not want to run the risk of infection through malware ads, because I do not care to be tracked, because I don't want to spend the resources to download them and render them, because they draw my attention to things I don't care about in the first place, and finally... because I can.

    Ads could have been an acceptable form of commercialisation on the internet. It's entirely on the companies that load

  • it's like drinking water from a fire hose. Too much of anything and you get lost in the sea of what you are looking for.
  • Shameless self-promotion of my master's thesis on third-party tracking [joelpurra.com] follows; see full PDF [joelpurra.com] for numbers backing up claims. A paper based on the thesis also got published by IEEE [joelpurra.com].

    I'm uncomfortable being "monitored" and "logged" -- but worry less about visible advertisements, and more about either hidden web beacons or visible (but desirable) content served by known tracker organizations. Adblockers can block most visible ads, and you'll notice if one slips through -- but fewer care about less blinky-flas

  • It depends on how strong your countermeasures are. But it's a safe bet that, even with very strong defenses, some advertisers will see some of it.

  • "We all know the phenomenon of browsing from an internet site A to a completely unrelated internet site B, and having identical ads follow you from site A to site B."

    Yeah, uh...no. We don't. I've never experienced this, because I've been running some variety of ad blocker for the past...14 years. Not to mention protecting myself from tracking cookies for the last 10.

    This type of user behaviour monitoring is unacceptable. I can't fathom how any user could ever go on the web without protection against it.

Don't hit the keys so hard, it hurts.

Working...