Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Facebook Privacy IOS OS X Operating Systems Safari Software The Internet Apple Technology

Apple Jams Facebook's Web-Tracking Tools ( 117

The next version of iOS and macOS "will frustrate tools used by Facebook to automatically track web users," reports BBC. At the company's developer conference, Apple's software chief Craig Federighi said, "We're shutting that down," adding that Safari would ask owners' permission before allowing the social network to monitor their activity. BBC reports: At the WWDC conference - held in San Jose, California - Mr Federighi said that Facebook keeps watch over people in ways they might not be aware of. "We've all seen these - these like buttons, and share buttons and these comment fields. "Well it turns out these can be used to track you, whether you click on them or not." He then pointed to an onscreen alert that asked: "Do you want to allow to use cookies and available data while browsing?" "You can decide to keep your information private."

Apple also said that MacOS Mojave would combat a technique called "fingerprinting", in which advertisers try to track users who delete their cookies. The method involves identifying computers by the fonts and plug-ins installed among other configuration details. To counter this, Apple will present web pages with less details about the computer. "As a result your Mac will look more like everyone else's Mac, and it will be dramatically more difficult for data companies to uniquely identify your device," Mr Federighi explained.

Apple Jams Facebook's Web-Tracking Tools

Comments Filter:
  • Can we also track the source of the traffic?
  • by AHuxley ( 892839 ) on Tuesday June 05, 2018 @03:37AM (#56729470) Journal
    Not a member of a social media brand?
    Ban it from the browser, OS until a user wants to register a social media account and be spied on.
  • by johnsie ( 1158363 ) on Tuesday June 05, 2018 @04:31AM (#56729556)
    Various plugins do a good job of this, but some sort of blocking should be a native optional feature in major browsers. I've already refused to accept the new privacy policy from Facebook as I refuse to let that company turn my data into a product. People let them go to far. There must be an option to choose which companies are not allowed to collect your data, and that's why GDPR is a good thing. Facebook tried to avoid data privacy by moving millions of accounts out of Europe/
  • by Solandri ( 704621 ) on Tuesday June 05, 2018 @04:37AM (#56729568)
    There are two ways to fight this:
    • Try to stop these tracking methods. Which just results in the people doing the tracking coming up with new tracking methods. That kicks off an endless arms race where each side keeps countering the move the other side makes.
    • Pollute the data. Let them collect the data, but the browser should surreptitiously add fake data. Either generated by randomly crawling linked pages in the background, or by sharing anonymized sites other users have browsed. The moment the "user's" browsing data is no longer an accurate representation of the sites the user is actually browsing, that data loses its advertising value. And advertisers will be forced to place ads based on the type of people who like to visit a certain site (e.g. GPU ads on a gaming site), rather than trying to display ads targeted at the person browsing regardless of what site they visit.

    The first method is a never-ending game of leapfrog. The second method favors users because there are a lot more of them than companies tracking this data. They can generate fake browsing data faster (up to the limit of their Internet bandwidth) than these companies can filter it out.

    • by johnsie ( 1158363 ) on Tuesday June 05, 2018 @04:40AM (#56729572)
      It'll still be an arms race. They'll try and find ways around it. GDPR has shown that strong legislation is probably going to be the best way to prevent this sort of tracking.
      • by Anonymous Coward

        On the eve of the GDPR I received an email from an affiliate organisation extolling how they would be complying with the law and be able to track users using such methods as the opt out of tracking cookies and industry wide opt ins (eg; agree with one website you agree with them all).

      • Legislation may help, but the GDPR is a nightmare. This Week In Law had an entire episode critiquing it.

        • by dAzED1 ( 33635 )
          No, it's not. It also had years of warning, so I have zero pity for companies of any size that waited until the last few weeks to even think about it.
    • The problem with your proposed solution is that you assume that these same tracking companies would be wholly incapable of cleaning the polluted data. All they would need is access to the browser that does the polluting and enough time to see how it works and they could probably get above 95% accuracy in terms of removing the fake, polluted data.

      It's always a game of cat and mouse. The only way to really stop it is to make a user's data so worthless as to remove the economic incentive to attempt to track
    • Pollution is quite effective. For example, there are various add-ons for popular browsers that add random noise to canvas elements, changing the fingerprint every time. Even if they are tracking you by other means such as detecting installed fonts, the random canvas fingerprint and maybe a random user-agent pollutes their data.

      • by 6Yankee ( 597075 )

        I'll let you send them my font list if I can send them yours...

      • by sinij ( 911942 )
        I think technical term is poisoning the data. It is brutally effective, and not because it hides your own data, it also makes entire data set less valuable by contaminating it with fake data.
    • You may be right about data pollution, although I have often wondered how easy it would be to tune out what you suggest. If my device randomly visits a needlepoint site, then a site about making home made sake, then FIVE sites about playing chess, it's pretty easy to figure out I like to play chess and the other ones were red herrings. My point is things that are true would rise above the noise of various random hits and would be easy to figure out based on timing, frequency, etc. Now, if I could create var
    • This is currently the same tactic being used by spambots and anarchists
      Look how many garbage posts are made in discussion forums, and they are growing in number.

      The idea is to pollute sites where people can have reasoned, intelligent discussions with so much junk that it destroys the forum and drives the thinkers away.

      This "normalises" abuse, hate, lies, anger, etc etc and that becomes part of normal society IRL.

      Without rational discussion, "fake news" will rule because there will be nowhere to disc
  • by Gravis Zero ( 934156 ) on Tuesday June 05, 2018 @05:05AM (#56729596)

    If you aren't already, you should be using SafeScript [] which allows you to block lots of fingerprinting stuff. If you think you don't need it then you should check out BrowserLeaks [] to see how horribly wrong you are. :)

    • If you aren't already, you should be using SafeScript [] which allows you to block lots of fingerprinting stuff. If you think you don't need it then you should check out BrowserLeaks [] to see how horribly wrong you are. :)

      And how! Early on in using NoScript I did an inventory of what was blocked. Facebook was the champ of tracking scripts, and a lot of those addresses the scripts reported to were obscured - ie not obviously facebook. And there were several FB trackers on most the sites that had them. Google had a number of scripts - at least they had the decency to make that clear. several ad providers, the font trackers, and a few I never figured out. My biggest haul for one page was over a hundred scripts.

      And this was

  • by sabbede ( 2678435 ) on Tuesday June 05, 2018 @07:40AM (#56729914)
    I'm using pfBlocker to filter DNS on my home network. You know what doesn't work without being able to talk to tracking and ad-serving servers (including google's for some reason)? The iTunes App Store.
  • Don't upset the Apple cart? Wonder how far Apple evaluated their own SNS FB alternative? Seems time might be ripe to trip the FB giant.
  • I don't see how any of these methods put a stop to user tracking unless you're using a VPN to obfuscate your source IP address. So is Safari going to include it's own free VPN service like Opera? Or is this all just a bunch of noise to try and capitalize on the anti-Facebook sentiment and gain market attention?
  • In other news, Apple wants to be the only one to be able to track its demographic to perform targeted advertising.

    • In other news, Apple wants to be the only one to be able to track its demographic to perform targeted advertising.

      Except they don't. And the truth is in the fact that I have NEVER seen an Apple-related ad show up anywhere that wasn't completely expected.

  • ^ what the subject said

The one day you'd sell your soul for something, souls are a glut.