Microsoft says it will offer a privacy setting in the next version of Internet Explorer that will make it easy for users to keep their browsing habits from being tracked by advertising networks and other third-party websites. The feature, known as Tracking Protection, was unveiled on Tuesday, five days after the Federal Trade …
Flash LSO cookies?
Without some way to deal with them (like the BetterPrivacy Firefox addon) fancy cookie control is not going to do the job.
One up on Mozilla then? But they are MS and by definition Evil...
hmm need to look at the small print.
They are not really up on Mozilla as Firefox has an add on called Ghostery which blocks tracking. Ok, it is not built in to Firefox but it is still available, and it does block everything (well, that is known). I bet you can guarantee that if Microsoft has something like Google Analytics (have no idea if they do) then IE9's Do Not Track will not disable that!
Actually hoping it will shame Mozilla into copying it TBH.
Looks like Mozilla bottled out with their idea, under pressure from advertisers.
Yeah They Are
The whole idea of the article is that IE9 will have the feature BUILT-IN. FF doesn't have that. Getting dealer installed options is not the same as buying the product with the option already there. Kinda like aftermarket automobile air conditioning ... which would you prefer?
Cookie control? Firefox has had that for years
Though admittedly the interface to it is fscking awful ("what interface"???)
Tools - Options
Choose Use Custom Settings for History
Accept cookies from sites (unitck)
Then use the Exceptions to whitelist sites.
It would be nice if they actually made this easier to use (to say the least!), but the functionality has been there for as long as I can remember (but that may be not much longer than 7 seconds with my memory).
A white-list for cookie accept/decline. Not rocket science, but definitely a step forward. If it's easy to add site to, and maintain this list, it might work out nice. Still won't get me using IE again as a main browser, but still, a nice add.
I can just see the horde of users who disabled all cookies but forgot to whitelist their email/bank page and call to complain about why they can't log in....
Do not track?
Not possible. You can suppress the user agent header, but your IP still identifies you (given that most home users browse from a single PC). Without cooperation from the website you're hosed.. tracking will happen.
"given that most home users browse from a single PC"
My parents own two, most of my friends parents own two, I know families with 3 or 4 pc's. Don't forget the wii's, PS3's and Xbox's.What about iPhones, pad, tablets, et al?
Or do you mean by Home Users, you mean single people?
Most home users don't have a static IP address. And those that do may also be browsing from other locations as well. Your IP address might well identify you for a single session, though.
So set your browser to delete all data upon shut down to get rid of them when you can. Doesn't hurt to have Ccleaner (/AUTO) run a couple of times a day either.
Such as the commenter.
Yes and no...
I DON'T have a static IP address - but it hasn't changed in probably 8 months (I have some stuff online that can only be accessed via whitelisted IP addresses).
Although my PS3, Desktop, partner's laptop and the like all connect through the same router - ergo all have the same IP address as far as the Internet is concerned, it wouldn't take a great deal of effort to uniquely track any machine on the network based on information the browser "leaks" through the HTTP headers - hell, you can almost uniquely identify machines based on the UserAgent alone.
If my IP address doesn't change very often and there are only a handful of devices on my home network, uniquely tracking any machine on that network wouldn't be challenging irrespective as to whether I'm running the browser in porn mode or not.
Let's be honest - this improvement in IE9 is basically just selective porn mode - it _is_ an improvement... just not an enormous one (compared to almost any other browser going).
The ability to black/white list cookies from specific sites? SeaMonkey has had that since it was called the Mozilla Suite and was still pre 1.0 some 10+ years ago. What a staggering advance in IT MS have invented.
So they're coming out with features on a five-day turnaround time...but their bugfix list is -how- long, again?
I wonder how much an advertising company has to pay to be added to the default "allow" whitelist?
and I wonder if it will block bing advertising tracking by default.
Way to go
Better Privacy. CS-Lite. NoScript. RefControl.
Default setting of no cookies accepted. If the site fails to work without cookies then allow for session only. Third party cookies? NEVER. No script allowed except from trusted sites. If an untrusted site requires script to function I go elsewhere. The most prominent tracking and ad servers are blocked at router. Inconvenient? Yes a little.
Use of IE, WMP, Netmeeting, Chrome, Hotmail, Gmail or anything that connects to Google or MS servers never.
Logging of IP? This cannot be avoided unless one uses a chain of proxies, although I don't bother because I do not trust proxies either.
Do I need IE9 and it's new feature to protect me from tracking? Not at all.
Do I feel safe and secure online? Not entirely.
My paranoia? Rampant.
Do I care that I might be ridiculed for such draconian measures? Not at all.
...it's not just me then.
I just wish that Firefox had a setting (like IE) to always allow session cookies, would make shopping online so much easier.
& add a touch of
Ghostery, Add block & Keyscrambler
I think you're cautious as opposed to paranoid.
Thanks for info
I do use AdBlock but Ghostery and KeyScrambler are new to me.
Also I thank you for thinking of me as something less than a nut job.
My missus thinks I am paranoid and I am too scared to not take notice of her ;-)
Firefox *does* have that option.
Go to Tools - Options
Choose Firefox will: Use Custom Settings for History
Tick "Accept Cookies from Sites"
Untick "Accept Third Party cookies"
Keep Until: (choose) "I close Firefox"
Don't track me man.
Don't track... Zzzzztt.
Still the wrong approach
This is still completely the wrong approach, any form of tracking must be on an explicit opt - in basis only.
Protecting privacy is far more important than advertiser's desire for profit, if they consider this data so desirable, I expect to be paid for it.
Punishment for unauthorised tracking should be swift and unforgettable, appointing the PFY as consultant on sanctions should be the first step.
>>"This is still completely the wrong approach, any form of tracking must be on an explicit opt - in basis only"
Even if that's what you want, wouldn't it actually be an additional 'good' if you could explicitly blacklist some sites to stop them repeatedly asking (or doing things which caused you to be asked) if you wanted to opt in, even if adding someone to such a blacklist is effectively an opt-out option?
By definition, if you aren't letting a site track you, they can't know if you're a new visitor, are someone who declined their tracking previously on a one-off basis, or are someone who really doesn't even want to be asked.
If the site had some way of knowing your attitude to them, it could at least potentially avoid doing things that might annoy you.
... Microsoft introduce a feature that some browsers have had for yonks. Well done MS, I would so love to be in the meetings where some one comes up with these bright ideas.....
Lets call it a Zune! - "Your fired"
Lets call it bing! - "Your fired"
Lets introduce porn mode properly! - "Your fired"
Esc, because just like the Mafia, when I thought I was out, the IT geeks pulled me back in!
I clicked thumbs down due to bad grammar.
Corporate responsibility? Oxymoron?
". . . that we are far better off developing solutions and choices as an industry than if we allow the government to do it for us.”
If only more corporations would adopt this attitude. For instance, in the US, if the health insurance industry had this attitude in the 90s there would have been no real need for the Affordable Health Care Act. If the finance industry would target obscenely high pay in public companies. If natural gas drilling companies would take ground water contamination seriously. Etc,etc., ad naseum. . .
But no. Thank goodness for government of the people, by the people, and for the people to regulate corporate bastards when they won't do it themselves.
"Like 'do not call' for browsers"
That's as stupid as a "Do Not Spam" for your email inbox. Some legitamate companies might agree to it. But, there are millions that won't, globally speaking. It won't work in the virtual world of the internet.
How can it 'not work' if the relevant browser settings prevent a given site leaving tracking cookies unless a user chooses to allow that?
A site might try and track someone by IP address, but they could do that anyway already.
Re: david wilson "How can it 'not work'..."
I'm sure that M$ is refering to persistant "Flash" cookies. I wrote a Linux script a year ago, which removes flash-cookies while browsing. However, there is a new type of cookie making its way across the web. The EverCookie. The following address links provides more info and definition of what an evercookie actually is: "http://samy.pl/evercookie/" . Here's one more: "http://www.boingboing.net/2010/09/22/evercookie-a-trackin.html" . The first link is the actual developer's site. I've been to the site.. (No, it doesn't leave an evercookie on your browser).
But how does that compare to a 'do not spam' option for mail inboxes?
A 'do not track' browser setting could be designed to prevent a blacklisted (or non-whitelisted) site leaving any trace (not merely requesting that a site doesn't engage in tracking), and have its operation updated to keep up with attempts to get round it.
Re: @david wilson
In reference to 'do not spam' for email inboxes.. Most email clients already have filtering with blacklists. the reference was a silly comparison to something like a statewide 'do not call' list.
In reference to: "A 'do not track' browser setting could be designed to prevent a blacklisted (or non-whitelisted) site leaving any trace (not merely requesting that a site doesn't engage in tracking), and have its operation updated to keep up with attempts to get round it."
I invite you to read a comment left by "Paul 98" title: "Cookies aren't the real problem #". It's further down the comment list. Cheers ;)
The fingerprint thing is technically surmountable though - it woudn't be hard to limit what information a browser provides regarding fonts, plugins, etc, especially to untrusted sites.
Would it be hard to define a set of 'lowest common denominator' responses that would allow most sites to get the information they might need, without giving away significant information or having a browser over-claiming its capabilities?
If the information-limiting was actually tied to a browser privacy control, it could be that untrusted sites were given very limited information
They should have done this ten years ago.
My two year old covers her eyes
and thinks I cant see her.
The Ravenous Bugblatter Beast of Traal? Or does your daughter think you are?
Lets bash MS
Righty here we go again, MS does something that is a step in the right direction and still people slag them off.
Yes yes im sure someone else would have done it before but look, in 1959 Volvo was the first production car to slap a 3 point seatbelt in their cars.
Shock horror! others followed them because its a pretty good idea! so obviously we should all only buy Volvos now yes? because they did it first right?
You buy your gas and elecky from some provider because its the cheapest its ever been by anyone! Course no one going to do better are they? you'll just stick with your "brand" and imagin that its always the best
seriously guys, grow up, if you stick religiously to a brand or in this case product you are the ones to lose out, ill swap around browers and software every few years because different versions of different software are always different. From what ive seen ill give IE9 a go, if something better comes along ill swap to that.
Someone with intelligence here.
Will IE 9.0 run on Windows 2000 or XPee? No
Will it run on Vista? only if you install SP2.0
& will it run on Windows 8 ? well, I suspect if theres 'leverage' to convince/force users to migrate to a new platform, but then there will probably be IE10.0
So changing the operating system is no convincing reason to 'give IE 9.0 a go' thank you
Well obviously if you dont have the pre-requisites to run it then you are hardly going to migrate to W7 just to do so.
You are obviously forgetting to whom you speak.
Still Using ....
.... that typewriter too huh?
Really, come on, Will your ford focus run on 2 stroke? how about an old 8 track tape playing in your DVD player? Look, life moves on, software changes, one of the reasons Windows is (was) in such as mess was because it DID keep backward compatability, look around and do some research Dispite its flaws windows Xp was one of the most backward compatible OSs ever made.
Linux has (had) major issues with old hardware and still does to some degree, lets not even start with Macs and their closed hardware designs, I am glad that MS has finally removed some of the old crap from the OS, that they are forcing hardware and software vendors to adopt better standards, its called progress and i for one would give MS a big thumbs up if they went further to try and remove some of the system stability issues when you install third party apps/drivers.
If you wish to stay with your old OS then good for you, I and no one else is going to stop you, but if you want to play with the new toys then you will have to change because we do not want an OS or its software to be bugged down with your old software compatibility flaws
Better late than never.
Better late than never.
For years, it's seemed to me that browser manufacturers have been in league with the trackers. Otherwise, why would anti-tracking/privacy features be relegated to deep down in the options menu where they're a pain to use operationally?
"Like 'do not call' for browsers"
Oh, I see, so it's also open to abuse then.
Same old, same old...rinse repeat.
Server side tracking?
Of course, this system will make absolutely no difference to the likes of Phorm and Talk Talk who track and process your data at the server and so don't know about any block / white lists.
Ooooh ... so close!
Phorm et al. don't bother with the servers ... they use the ISP's pipes for their tracking.
Now go get that raise from your boss who'll be amazed at your IT acumen!
that this Microsoft "do not track" option works rather better than the Win98 "do not send details of my system to Microsoft" option
- Does Apple's iOS 7 make you physically SICK? Try swallowing version 7.1
- Pics Indestructible Death Stars blow up planets with glowing KILL RAY
- Hands on Satisfy my scroll: El Reg gets claws on Windows 8.1 spring update
- Video Snowden: You can't trust SPOOKS with your DATA
- 166 days later: Space Station astronauts return to Earth