back to article Microsoft unveils 'do not track' option for IE9

Microsoft says it will offer a privacy setting in the next version of Internet Explorer that will make it easy for users to keep their browsing habits from being tracked by advertising networks and other third-party websites. The feature, known as Tracking Protection, was unveiled on Tuesday, five days after the Federal Trade …

COMMENTS

This topic is closed for new posts.
  1. Tom 35

    Flash LSO cookies?

    Without some way to deal with them (like the BetterPrivacy Firefox addon) fancy cookie control is not going to do the job.

  2. SilverWave
    Linux

    One up on Mozilla then? But they are MS and by definition Evil...

    hmm need to look at the small print.

    1. Andy Jones

      Not really

      They are not really up on Mozilla as Firefox has an add on called Ghostery which blocks tracking. Ok, it is not built in to Firefox but it is still available, and it does block everything (well, that is known). I bet you can guarantee that if Microsoft has something like Google Analytics (have no idea if they do) then IE9's Do Not Track will not disable that!

      1. SilverWave
        Go

        Actually hoping it will shame Mozilla into copying it TBH.

        Looks like Mozilla bottled out with their idea, under pressure from advertisers.

      2. Doug Glass
        Go

        Yeah They Are

        The whole idea of the article is that IE9 will have the feature BUILT-IN. FF doesn't have that. Getting dealer installed options is not the same as buying the product with the option already there. Kinda like aftermarket automobile air conditioning ... which would you prefer?

    2. Circadian
      Grenade

      Cookie control? Firefox has had that for years

      Though admittedly the interface to it is fscking awful ("what interface"???)

      Tools - Options

      Choose Use Custom Settings for History

      Accept cookies from sites (unitck)

      Then use the Exceptions to whitelist sites.

      It would be nice if they actually made this easier to use (to say the least!), but the functionality has been there for as long as I can remember (but that may be not much longer than 7 seconds with my memory).

  3. Michael C

    not bad

    A white-list for cookie accept/decline. Not rocket science, but definitely a step forward. If it's easy to add site to, and maintain this list, it might work out nice. Still won't get me using IE again as a main browser, but still, a nice add.

    1. Ammaross Danan
      Coat

      Users

      I can just see the horde of users who disabled all cookies but forgot to whitelist their email/bank page and call to complain about why they can't log in....

  4. TonyHoyle

    Do not track?

    Not possible. You can suppress the user agent header, but your IP still identifies you (given that most home users browse from a single PC). Without cooperation from the website you're hosed.. tracking will happen.

    1. Anonymous Coward
      Stop

      @TonyHoyle

      "given that most home users browse from a single PC"

      Really?

      My parents own two, most of my friends parents own two, I know families with 3 or 4 pc's. Don't forget the wii's, PS3's and Xbox's.What about iPhones, pad, tablets, et al?

      Or do you mean by Home Users, you mean single people?

      1. Doug Glass
        Go

        Uh Huh

        Such as the commenter.

    2. Chris Miller

      Not quite

      Most home users don't have a static IP address. And those that do may also be browsing from other locations as well. Your IP address might well identify you for a single session, though.

      1. CD001

        Yes and no...

        I DON'T have a static IP address - but it hasn't changed in probably 8 months (I have some stuff online that can only be accessed via whitelisted IP addresses).

        Although my PS3, Desktop, partner's laptop and the like all connect through the same router - ergo all have the same IP address as far as the Internet is concerned, it wouldn't take a great deal of effort to uniquely track any machine on the network based on information the browser "leaks" through the HTTP headers - hell, you can almost uniquely identify machines based on the UserAgent alone.

        If my IP address doesn't change very often and there are only a handful of devices on my home network, uniquely tracking any machine on that network wouldn't be challenging irrespective as to whether I'm running the browser in porn mode or not.

        Let's be honest - this improvement in IE9 is basically just selective porn mode - it _is_ an improvement... just not an enormous one (compared to almost any other browser going).

    3. Doug Glass
      Go

      Yep

      So set your browser to delete all data upon shut down to get rid of them when you can. Doesn't hurt to have Ccleaner (/AUTO) run a couple of times a day either.

  5. Dave Murray

    LOL

    The ability to black/white list cookies from specific sites? SeaMonkey has had that since it was called the Mozilla Suite and was still pre 1.0 some 10+ years ago. What a staggering advance in IT MS have invented.

  6. Anonymous Coward
    WTF?

    Features?

    So they're coming out with features on a five-day turnaround time...but their bugfix list is -how- long, again?

  7. Joel Stobart
    FAIL

    Whitelist

    I wonder how much an advertising company has to pay to be added to the default "allow" whitelist?

    and I wonder if it will block bing advertising tracking by default.

  8. adnim

    Way to go

    Better Privacy. CS-Lite. NoScript. RefControl.

    Default setting of no cookies accepted. If the site fails to work without cookies then allow for session only. Third party cookies? NEVER. No script allowed except from trusted sites. If an untrusted site requires script to function I go elsewhere. The most prominent tracking and ad servers are blocked at router. Inconvenient? Yes a little.

    Use of IE, WMP, Netmeeting, Chrome, Hotmail, Gmail or anything that connects to Google or MS servers never.

    Logging of IP? This cannot be avoided unless one uses a chain of proxies, although I don't bother because I do not trust proxies either.

    Do I need IE9 and it's new feature to protect me from tracking? Not at all.

    Do I feel safe and secure online? Not entirely.

    My paranoia? Rampant.

    Do I care that I might be ridiculed for such draconian measures? Not at all.

    1. Anonymous Coward
      Thumb Up

      Oh good...

      ...it's not just me then.

    2. Andrew Baines Silver badge
      Black Helicopters

      Me too

      I just wish that Firefox had a setting (like IE) to always allow session cookies, would make shopping online so much easier.

      1. Circadian

        @Andrew Baines

        Firefox *does* have that option.

        Go to Tools - Options

        Choose Firefox will: Use Custom Settings for History

        Tick "Accept Cookies from Sites"

        Untick "Accept Third Party cookies"

        Keep Until: (choose) "I close Firefox"

    3. N2

      & add a touch of

      Ghostery, Add block & Keyscrambler

      I think you're cautious as opposed to paranoid.

      1. adnim

        Thanks for info

        I do use AdBlock but Ghostery and KeyScrambler are new to me.

        Also I thank you for thinking of me as something less than a nut job.

        My missus thinks I am paranoid and I am too scared to not take notice of her ;-)

  9. LaeMing

    Don't track me man.

    Don't track... Zzzzztt.

  10. Graham Dresch
    FAIL

    Still the wrong approach

    This is still completely the wrong approach, any form of tracking must be on an explicit opt - in basis only.

    Protecting privacy is far more important than advertiser's desire for profit, if they consider this data so desirable, I expect to be paid for it.

    Punishment for unauthorised tracking should be swift and unforgettable, appointing the PFY as consultant on sanctions should be the first step.

    1. david wilson

      @Graham Dresch

      >>"This is still completely the wrong approach, any form of tracking must be on an explicit opt - in basis only"

      Even if that's what you want, wouldn't it actually be an additional 'good' if you could explicitly blacklist some sites to stop them repeatedly asking (or doing things which caused you to be asked) if you wanted to opt in, even if adding someone to such a blacklist is effectively an opt-out option?

      By definition, if you aren't letting a site track you, they can't know if you're a new visitor, are someone who declined their tracking previously on a one-off basis, or are someone who really doesn't even want to be asked.

      If the site had some way of knowing your attitude to them, it could at least potentially avoid doing things that might annoy you.

  11. jphn37

    Corporate responsibility? Oxymoron?

    ". . . that we are far better off developing solutions and choices as an industry than if we allow the government to do it for us.”

    If only more corporations would adopt this attitude. For instance, in the US, if the health insurance industry had this attitude in the 90s there would have been no real need for the Affordable Health Care Act. If the finance industry would target obscenely high pay in public companies. If natural gas drilling companies would take ground water contamination seriously. Etc,etc., ad naseum. . .

    But no. Thank goodness for government of the people, by the people, and for the people to regulate corporate bastards when they won't do it themselves.

  12. Daemon ZOGG
    Pirate

    "Like 'do not call' for browsers"

    That's as stupid as a "Do Not Spam" for your email inbox. Some legitamate companies might agree to it. But, there are millions that won't, globally speaking. It won't work in the virtual world of the internet.

    1. david wilson

      @Daemonn ZOGG

      How can it 'not work' if the relevant browser settings prevent a given site leaving tracking cookies unless a user chooses to allow that?

      A site might try and track someone by IP address, but they could do that anyway already.

      1. Daemon ZOGG
        Pirate

        Re: david wilson "How can it 'not work'..."

        I'm sure that M$ is refering to persistant "Flash" cookies. I wrote a Linux script a year ago, which removes flash-cookies while browsing. However, there is a new type of cookie making its way across the web. The EverCookie. The following address links provides more info and definition of what an evercookie actually is: "http://samy.pl/evercookie/" . Here's one more: "http://www.boingboing.net/2010/09/22/evercookie-a-trackin.html" . The first link is the actual developer's site. I've been to the site.. (No, it doesn't leave an evercookie on your browser).

        1. david wilson

          @Daemonn ZOGG

          But how does that compare to a 'do not spam' option for mail inboxes?

          A 'do not track' browser setting could be designed to prevent a blacklisted (or non-whitelisted) site leaving any trace (not merely requesting that a site doesn't engage in tracking), and have its operation updated to keep up with attempts to get round it.

          1. Daemon ZOGG
            Pirate

            Re: @david wilson

            In reference to 'do not spam' for email inboxes.. Most email clients already have filtering with blacklists. the reference was a silly comparison to something like a statewide 'do not call' list.

            In reference to: "A 'do not track' browser setting could be designed to prevent a blacklisted (or non-whitelisted) site leaving any trace (not merely requesting that a site doesn't engage in tracking), and have its operation updated to keep up with attempts to get round it."

            I invite you to read a comment left by "Paul 98" title: "Cookies aren't the real problem #". It's further down the comment list. Cheers ;)

            1. david wilson

              @daemon ZOGG

              The fingerprint thing is technically surmountable though - it woudn't be hard to limit what information a browser provides regarding fonts, plugins, etc, especially to untrusted sites.

              Would it be hard to define a set of 'lowest common denominator' responses that would allow most sites to get the information they might need, without giving away significant information or having a browser over-claiming its capabilities?

              If the information-limiting was actually tied to a browser privacy control, it could be that untrusted sites were given very limited information

  13. Lord Lien
    Coffee/keyboard

    So finally,,,

    ... Microsoft introduce a feature that some browsers have had for yonks. Well done MS, I would so love to be in the meetings where some one comes up with these bright ideas.....

    Lets call it a Zune! - "Your fired"

    Lets call it bing! - "Your fired"

    Lets introduce porn mode properly! - "Your fired"

    Esc, because just like the Mafia, when I thought I was out, the IT geeks pulled me back in!

    1. Anonymous Coward
      Headmaster

      (untitled)

      I clicked thumbs down due to bad grammar.

  14. David 141
    Thumb Up

    About time

    They should have done this ten years ago.

  15. Anonymous Coward
    Grenade

    Lets bash MS

    Righty here we go again, MS does something that is a step in the right direction and still people slag them off.

    Yes yes im sure someone else would have done it before but look, in 1959 Volvo was the first production car to slap a 3 point seatbelt in their cars.

    Shock horror! others followed them because its a pretty good idea! so obviously we should all only buy Volvos now yes? because they did it first right?

    You buy your gas and elecky from some provider because its the cheapest its ever been by anyone! Course no one going to do better are they? you'll just stick with your "brand" and imagin that its always the best

    seriously guys, grow up, if you stick religiously to a brand or in this case product you are the ones to lose out, ill swap around browers and software every few years because different versions of different software are always different. From what ive seen ill give IE9 a go, if something better comes along ill swap to that.

    1. Test Man
      Thumb Up

      FINALLY

      Someone with intelligence here.

    2. N2

      Yes but

      Will IE 9.0 run on Windows 2000 or XPee? No

      Will it run on Vista? only if you install SP2.0

      & will it run on Windows 8 ? well, I suspect if theres 'leverage' to convince/force users to migrate to a new platform, but then there will probably be IE10.0

      So changing the operating system is no convincing reason to 'give IE 9.0 a go' thank you

      1. Danny 14
        FAIL

        <sigh>

        Well obviously if you dont have the pre-requisites to run it then you are hardly going to migrate to W7 just to do so.

        Muppet.

      2. Doug Glass
        Go

        Still Using ....

        .... that typewriter too huh?

      3. Anonymous Coward
        Anonymous Coward

        yes but...

        Really, come on, Will your ford focus run on 2 stroke? how about an old 8 track tape playing in your DVD player? Look, life moves on, software changes, one of the reasons Windows is (was) in such as mess was because it DID keep backward compatability, look around and do some research Dispite its flaws windows Xp was one of the most backward compatible OSs ever made.

        Linux has (had) major issues with old hardware and still does to some degree, lets not even start with Macs and their closed hardware designs, I am glad that MS has finally removed some of the old crap from the OS, that they are forcing hardware and software vendors to adopt better standards, its called progress and i for one would give MS a big thumbs up if they went further to try and remove some of the system stability issues when you install third party apps/drivers.

        If you wish to stay with your old OS then good for you, I and no one else is going to stop you, but if you want to play with the new toys then you will have to change because we do not want an OS or its software to be bugged down with your old software compatibility flaws

    3. Doug Glass
      Go

      Grow up???

      You are obviously forgetting to whom you speak.

  16. Tom 7

    My two year old covers her eyes

    and thinks I cant see her.

    1. The Beer Monster
      Alien

      Are you...

      The Ravenous Bugblatter Beast of Traal? Or does your daughter think you are?

  17. Graham Wilson
    WTF?

    Better late than never.

    Better late than never.

    But we've still no instant one-key operation to kill JavaScript or clear cookies. What's so difficult about having a single on-the-fly function key to toggle JavaScript on and off and another to clear cookies?

    For years, it's seemed to me that browser manufacturers have been in league with the trackers. Otherwise, why would anti-tracking/privacy features be relegated to deep down in the options menu where they're a pain to use operationally?

  18. Winkypop Silver badge
    FAIL

    "Like 'do not call' for browsers"

    Oh, I see, so it's also open to abuse then.

    Same old, same old...rinse repeat.

  19. Phil A

    Server side tracking?

    Of course, this system will make absolutely no difference to the likes of Phorm and Talk Talk who track and process your data at the server and so don't know about any block / white lists.

    1. James Butler

      Ooooh ... so close!

      Phorm et al. don't bother with the servers ... they use the ISP's pipes for their tracking.

      Now go get that raise from your boss who'll be amazed at your IT acumen!

  20. ShaggyDoggy

    Let's hope

    that this Microsoft "do not track" option works rather better than the Win98 "do not send details of my system to Microsoft" option

  21. bob's hamster

    Give them their dues

    As a Web Designer going back to the days of Netscape 2.1 and Mosaic I have developed a really big mistrust of Microsoft's IE, the "sod the rest of you do it our way" thought processes which went into the creation of IE5 and IE6 still make me shudder.

    However, I must say that Microsoft do seem to really be doing some good things with IE. I'm still not at the point where I would dump Firefox (and all its wonderful plug-ins) for IE9 but that point may well arrive. Regardless, it is refreshing that they are finally looking at web browsing and innovating.

  22. Lewis Mettler 1
    Stop

    stop forcing the sale then

    If Microsoft is at all concerned about consumers they would stop forcing the sale of IE upon everyone.

    Funny that Microsoft thinks about stopping the tracking but not stopping the forced sale. IE costs real money. Cash money. Yet, the idiots at Microsoft claim to think that all consumers want to spend more money for their crap.

    Give individual consumers the choice or go home.

    1. Anonymous Coward
      Anonymous Coward

      oh dear

      forced sale huh? tell you what, lets make Microsoft make an OS without any browser at all, and whilst they are at it they may as well not offer a download link to other browsers, it is their software they can do what they like (as Apple does), so that leaves every day joe sh** out of luck if they wanted to jump on the net or download a broswer of their choice. you have the choice to use it or not to use it, if you wish to remain ignorant and insist that browser X (insert any browser in there including IE) is the best ever and never use anything else thats your choice.

      Now your going to go on about the intigrated browser bit, well yes, even if you uninstall it, bits are still there, but remember, ITS THEIR OS!! use something else if you dont like it.

  23. Anonymous Coward
    Anonymous Coward

    yawn

    Just use Firefox and go to Tools>Options>Privacy and check the "Accept third party cookies" with "Keep until" set to "I close Firefox", and check "Clear history when Firefox closes". Also go to Tools>Options>Advanced>Network and set the cache to 0MB. Keeps the functionality at websites but gets rid of everything upon close.

  24. Paul 98
    Big Brother

    Cookies aren't the real problem

    Good on MS for doing this. Personally I've set FF to delete all cookies on exit and use other plugins etc. But anyway, the issue is not cookies. They're fairly easy to deal with by just deleting them, manually if you have to, or automatically, whatever.

    Even if you have no cookies or any other identifying file on your PC (flash files etc) you can still be tracked using the information your browser sends to the sever alone: User Agent, plugin details, installed fonts, time zone, screen resolution and colour depth etc all combine to provide a fingerprint that is unique enough to identify you, especially when combined with an IP.

    See how unique you are: https://panopticlick.eff.org/

    Even if you disable java script you can still be tracked with a fairly high degree of accuracy.

    And even if you manage to disable all of that data being sent by customizing your browser and changing non standard settings or compiling your own, well you can still be tracked because 99.999% of other users don't have blank data for these things - you're unique in sending no information.

  25. Anonymous Coward
    Gates Halo

    @Darren Tuffs

    I heartily agree!

    I was an avid Firefox user for years, and for a very long time used to stick with software packages faithfully, rarely finding the time or inclination to 'play the field', as it were.

    And in all fairness, who of us finds the time to constantly look for a newer, better CD writing program or media player.

    It was no different with my Windows install. For five years I refused to reinstall, as my software suite spanned literally several hundred apps. Add to that 3 different graphics cards from 3 different manufacturers, requiring specific driver versions to work together, you may start to appreciate my reluctance, but I digress.

    Obviously, when you install 300+ apps (not all well written) on one poor OS, things start to become a little unstable. I persevered with it's increasingly quicky behaviour, until Firefox, AND Opera became too unstable to use.

    It really took this much preassure for me to finally try IE, and obviously I wasn't going to use IE6. What suprised me, was that despite the entire system being about as stable as a one-legged man in an arse kicking competition, IE8 ran quite smoothly on the ancient hardware.

    Smoothly, but slowly. IE8s javascript engine is an absolute dog.

    Then I discovered the power of the Internet Accelerators. MS have made it sooo much quicker and simpler to add your own, for pretty much any website. In IE8, open the search drop-down, choose 'Find more providers' and at the bottom of the page click "create your own search provider".

    Now, I can highlight a bit of text on a webpage, click the accelerator button, and choose from any of my custom serch providers. This will open a new tab instantly with search results from that website.

    At work, I have PCI vendor database, technet, driver download sites, google maps.

    At home, I have torrent sites, IMDB, Disc label sites, certain astalavista sites, and even google images with 'safe search' turned off - highlight celebrity name in news and auto-perv.... (posting anon. for obvious reasons!)

    I have long since remastered, and upgraded my hardware, but I now use IE primarily at home, because of the speed at which I can process one key word or phrase through a dozen different sites to glean the content I want in a fraction of the clicks required in Firefox.

    I still use Firefox for javascript heavy sites like facebook, but that may change with version 9 if the rumours of engine improvements are anything to go by.

  26. Anonymous Coward
    Anonymous Coward

    Only a matter of time

    before some fool gets in trouble with their other half because they were stupid enough to blacklist their porn sites instead of whitelisting the legit ones.

  27. Colin Millar
    Badgers

    You can do this in IE8

    And I think you could do it in 7

    You choose the prompt option and after a few weeks browsing with a few additional clicks hey presto - you have a black and white list where you can change the setting for any site if you find you blocked/allowed it accidentally.

    The real problem is crap sites which rely on cookies wanting blanket cookie enablement coz they cant be arsed to tell you the name of the site that needs to be allowed. Still - they couldn't be arsed to write a proper web site in the first place so no real surprise there.

  28. Tom Maddox Silver badge
    Badgers

    Optimism defined

    "They should serve as a catalyst for continued thoughtful discussion and debate about how best to achieve that balance . . ."

    Yeah, that seems likely.

This topic is closed for new posts.

Other stories you might like