back to article Apple users: Only Apple can track us! Not Google

UK Apple fans are suing Google for tracking them online against their will over a five-month period. iThing owners who used the Safari browser between September 2011 and February 2012 allege that Google bypassed the web browser's security settings to plant a temporary cookie that skimmed information from them to personalise …

COMMENTS

This topic is closed for new posts.
  1. messele
    FAIL

    More Leach tripe.

    Let's deflect attention with childish sarcastic headlines.

    Let's gloss over the fact that Google knowingly wrote code to achieve their end goal by calling it a "cookie slip-up".

    No mention of sinister war driving SSID slurping sinister Google tactics then? No, of course not.

    Boot. Other foot. Usual standard of journalism.

    1. dotslash
      Trollface

      Re: More Leach tripe.

      I wish people would get over the fact that privacy when you're using technology doesn't really exist.

      Of course, paranoid people wearing tin hats will always spend time and effort trying to keep what they think is their privacy intact. Personally, I've got better things to do with my life - governments and tech companies can judge what I do with that life as much as they want.

      1. Graham Dawson

        Re: More Leach tripe.

        New variation on "if you've nothing to hide" hmm?

      2. Vimes

        Re: More Leach tripe.

        @dotslash - There's a world of difference between 'privacy doesn't really exist' and 'actively going out of their way to destroy what little does exist'...

        1. Anal Leakage

          Re: More Leach tripe.

          Why would you expect a Google Greenshirt to comprehend that difference?

    2. LarsG
      Meh

      It is only

      It is only a slip up when you get caught with your pants down...

      1. Anonymous Coward
        Anonymous Coward

        Re: It is only

        you're bound to slip over if you go around with your pants down....

      2. zb

        Re: It is only

        Their new motto is don't do anything that is totally evil ... unless it increases the share price.

    3. Anonymous Coward
      Anonymous Coward

      Re: More Leach tripe.

      And no mention of the flaky Apple browser than allowed it....

    4. wowfood

      Re: More Leach tripe.

      It's great how they're suing for damages, disclosure and an apology. Y'know considering they've already got the last two out of the three.

      Also seems a bit of a double standard considering the amount of things apple track themselves.

  2. andreas koch
    Joke

    But

    . . . but IOS and Safari are safe, they're made by Apple! So it can't be.

    I'll have a skinny soymilk frappucino.

    1. Ian McNee
      Gimp

      Re: But

      Sorry but I'll have to see your lawyers before you can have a "skinny soymilk frappucino" as that is a method outlined in Apple's patent iCaff.

      As for a lawsuit over this, I wonder what sort of ads Google ended up targetting at these clueless Safari users (pardon my tautology)? I'm willing to bet they were mainly for wildly over-priced brushed aluminium-clad laptops and fruity phones. Oh and trendy coffee bars where the punters cogitate deeply on what kind of cow soymilk comes from...

      1. JDX Gold badge

        @Ian

        The real losers in all this are those who like to generalise people based on the browser they use. Inf act, they're the losers in pretty much any situation.

        1. Jean-Luc Silver badge
          Trollface

          Re: @Ian

          >The real losers in all this are those who like to generalise people based on the browser they use.

          Even IE6 users?

        2. Mark .

          Re: @Ian

          Though I'd make the same criticism of the media here - why is it being spun as "Apple users", when Apple is irrelevant to this story (if it affected IE, it wouldn't be "Microsoft users"; if it was something else affecting Chrome, it wouldn't be "Google users").

      2. Anonymous Coward
        Anonymous Coward

        Re: But

        I wonder what sort of ads Google ended up targetting at these Safari users

        Privacy protection software, I'd imagine. And thank you for labelling normal computer users who like some quality as "trendy" - let me know when you've looked up the word usability. I know it's not a common word in the world of Linux and Windows.

    2. W.O.Frobozz

      Re: But

      Or as they say across the pond, "Frap me, y'all."

  3. o5ky
    Devil

    seriously you think Google are the only ones to have tracking cookies... it's just that Safari is such an insecure browser that they are easy to write for!

    get a real browser and then you won't have the problems :)

    1. Anonymous Coward
      Anonymous Coward

      It's based on Webkit which is also what Chrome is based on.

      1. Big-nosed Pengie

        It's based on Webkit which is also what Chrome is based on.

        He said a secure browser.

    2. Anonymous Coward
      Windows

      @o5ky

      Don't forget that the same kind of thing also happened on MSIE (link to El Reg article), I quote: "“When the IE team heard that Google had bypassed user privacy settings on Safari, we asked ourselves a simple question: is Google circumventing the privacy preferences of Internet Explorer users too?” Dean Hachamovitch, VP of Internet Explorer wrote in a blog post. “We’ve discovered the answer is yes: Google is employing similar methods to get around the default privacy protections in IE and track IE users with cookies.”".

      Only Microsoft has also released data which should show this behaviour.

      Hmm, Apple and Microsoft against Google, now that's a somewhat odd combination IMO.

      1. Mark .

        Re: @o5ky

        But if that's the case, it means that Apple is irrelevant to the story. It's rather sloppy reporting for the media to go on about Apple users, when it affects a far larger number of IE users (and possibly others - wonder if it affects Chrome!), and the issue was noticed on IE almost a year ago.

    3. Anonymous Coward
      Anonymous Coward

      "seriously you think Google are the only ones to have tracking cookies... it's just that Safari is such an insecure browser that they are easy to write for!

      get a real browser and then you won't have the problems :)"

      Does it matter what tech you like? You're all being tracked no matter what you do.

  4. Lockwood

    Ols"wang"

    That name sums up the whole thing nicely

  5. Anonymous Coward
    Anonymous Coward

    er ... why not sue Safari ?

    If a website is able to bypass the instructions given to the browser, surely it's the browsers fault ?

    1. ThePlanMan

      Re: er ... why not sue Safari ?

      Not really. similarly if I was able to bypass restrictions on your computer, it would not be your fault (in the eyes of the law at least)

      1. PsychicMonkey
        Stop

        Re: er ... why not sue Safari ?

        no, it would be the fault of the OS...

    2. Anonymous Coward
      Anonymous Coward

      Re: er ... why not sue Safari ?

      Probably because everyone decided to make voluntary? It is a W3C proposal, y'know those people who look after http standards.

      So Apple is following standards and Google is choosing to ignore them.

      http://en.wikipedia.org/wiki/Do_Not_Track

      Both Google Search and Microsoft's Bing ignore it.

    3. Kieran
      FAIL

      Re: er ... why not sue Safari ?

      They circumvented it by writing code that went out of its way to fake what looked like a legitimate response to user action (posting data to a third party domain). They explicitly did this to get around the fact that Safari (unlike any other browser including Chrome and Firefox) defaults to reject third-party cookies.

      Similar to the long-running furore over :visited links it's really not just as simple as 'just stop it'. If you stop this kind of thing (by doing deep analysis on exactly what every script is doing for example), you break thousands of websites who are doing this kind of thing perfectly legitimately to do things users actually WANT. At that point everyone says "this browser's rubbish" and simply switches to another less privacy-conscious one.

      Google circumvented this deliberately, and justified it internally by saying that if a user hadn't consciously opted out (it was the default) then how were they to know if it was actually the users' preference or not... until they got caught of course, when they promptly admitted it and stopped. For the latest round of this particular argument, look at the response to IE10 defaulting to Do Not Track.

      1. DougS Silver badge
        Thumb Up

        Kieran has it 100% right.

        The Apple haters blaming Safari or iOS for "insecurity" are showing their ignorance. Google didn't exploit a security hole to do this, they were just acting like a spoiled child whose parents told him he couldn't have a cookie and took one while his parents weren't looking. The "do not track" standard is rather like the "do not call" list. There is nothing in the protocol to enforce it, but one should be able to assume that companies which violate it are up to no good. Google's "oops it was an accident" excuse might possibly have been believable, if they hadn't been caught doing exactly the same thing (but in a slightly different way) to IE.

        The fact is, Google is all about standards and freedom, until something comes along to threaten what they make most of their money on: knowing as much as possible about its users to serve it's customers' needs. Note that "customers" to Google isn't us, it is the advertisers who pay them. People can whine about Apple, Microsoft or IBM being soulless profit motivated corporations all they want, but while they're right the "soulless profit motivated" part was redundant to the word "corporation". The problem is, those who think Google is any different are just as delusional as those who think Apple occupies some special slot in the tech world.

  6. Anonymous Coward
    Anonymous Coward

    They've got two hopes. The data protection act very clearly defines what is classed as "personal" information, and your shopping history, once anonymised, ain't it. Besides, just about every major UK-based website has had the requisite "BY USING THIS SITE YOU AGREE TO OUR COOKIES" notification popup in place for the best part of a year now.

  7. mark l 2 Silver badge

    Are these people really saying that they deserve financial compensation for this?

    Sounds like the UK is getting like the US where people sue for the slightest thing. We are going to need warnings on microwaves not to put your pets inside soon

    1. Andrew Jones 2
      Unhappy

      We have warnings on some beaches that sand is dangerous and can kill - because who knew that digging a hole in sand and crawling inside it could suffocate you :/

      Additionally we have these wondeful LED road signs that impart such useful information as "Caution Low Temperature" and "Snow Forecast" - I'm pretty sure we all have the ability to determine if the air feels cold and therefore there is likely to be cold and perhaps icy roads, and I'm fairly sure when we see snow on the ground - we can suspect that there will be snow on roads - but my favourites are things like "Winter Driving, drive to road conditions" - which suggests that we don't drive to the road conditions unless told to. There is also a drink that comes in a carton which has "instructions for use" and a push chair with instructions on how to fold which begin - "Step 1, Remove baby" - the saddest part of this whole post though - is that these instructions came about because someone, somewhere was stupid enough - that they honestly didn't know :/

      1. Steve Knox
        Trollface

        Outrageous!

        ...things like "Winter Driving, drive to road conditions" - which suggests that we don't drive to the road conditions unless told to.

        Hear, hear! How dare they suggest such a thing, when the reality is that most of us don't drive to road conditions even when told to!?

        By the way, have you ever seen the instructions on a packet of toothpicks?

      2. Tom 35 Silver badge

        I have a shirt that tells me "Do not iron while wearing" I have peanut butter cookies that "MAY CONTAIN NUTS".

        1. Evil Auditor Silver badge

          Tom 35, don't forget the milk. Allergy info: contains milk.

        2. Anonymous Coward
          Anonymous Coward

          "I have a shirt that tells me "Do not iron while wearing" I have peanut butter cookies that "MAY CONTAIN NUTS"."

          All because of our litigious brothers across the pond. Their evil ways rub off on those who don't want to earn a living in the UK, and go scrounging for money.

        3. liophaec
          Paris Hilton

          A peanut is not a nut.

          The more you know and all that.

      3. Anonymous Coward
        Meh

        DNA said it best....

        http://en.wikipedia.org/wiki/Wonko_the_Sane#Wonko_the_Sane

        When Wonko saw instructions on how to use a toothpick on a packet of toothpicks, he became convinced that the world had gone crazy and so built the house as an asylum for it,

    2. zb

      I doubt if anyone expects any compensation, it is probably enough for the claimants that Google incurs a large legal bill, some bad publicity and a spell on the naughty step. . Oh, did I forget the claimant's lawyers? No doubt any settlement will include a massive wodge of moolah for them. These things are usually lawyer driven.

      So yes, you are right, the UK is getting like the US :(

  8. Andrew Jones 2

    As someone else has already mentioned the Cookie law - I thought I would just pop in.

    I'm much more concerned that us smaller websites have had to bend over backwards to implement what is arguably the most stupid tech law ever conceived - while I still see no signs of the likes of Google, Facebook, Twitter complying with it - they have a UK presence and they certainly have an EU presence - we are now almost a year into the new law - and I see no sign that they even plan to comply with it..... I take it - it is just small websites that are going to be fined for not complying then?

    1. Anonymous Coward
      Anonymous Coward

      We moved our hosts outside the UK

      ... if it is hosted outside the uk, then you don't need to worry about the silly cookie law.

      Holland has good latency to the UK.

      1. DavCrav Silver badge

        Re: We moved our hosts outside the UK

        "... if it is hosted outside the uk, then you don't need to worry about the silly cookie law.

        Holland has good latency to the UK"

        Isn't Holland in the EU, and it was an EU directive? I haven't checked, maybe it wasn't implemented in such a way in the Netherlands, but it might just be a matter of time.

      2. Charlie Clark Silver badge
        FAIL

        Re: We moved our hosts outside the UK

        Two things: firstly, you obviously don't seem to know much about jurisdiction in the EU; secondly, the UK law is only the national version of EU-wide legislation. But, please do carry on with your feckless approach to stuff. You might even want to start a Facebook group about it.

      3. Alexander Hanff 1
        FAIL

        Re: We moved our hosts outside the UK

        That is the dumbest reply to a post I have ever seen on ElReg - you realise that Dutch regulations on Cookies are actually more strict than UK and require EXPLICIT consent (opt-in) whereas ICO in the UK is allowing implied consent (opt-out).

        Bloody fool.

        1. Charlie Clark Silver badge
          Devil

          Re: We moved our hosts outside the UK

          That is the dumbest reply to a post I have ever seen on ElReg

          Well, while it's pretty stupid it's nowhere near as dumb as some of the stuff we get. Some of our commentards are, er, really gifted when it comes to getting the wrong end of the stick.You obviously don't read enough. Don't worry, stick around long enough and you'll soon lose the will to live and any hope you might have left for humanity!

          1. Alexander Hanff 1

            Re: We moved our hosts outside the UK

            hehe I have been a regular reader here since oooo '97ish and I have seen a lot of trolls come and go in the comments but rarely see genuinely dumb responses like the fool above.

            1. Anonymous Coward
              Anonymous Coward

              Re: We moved our hosts outside the UK

              I have seen a lot of trolls come and go in the comments but rarely see genuinely dumb responses like the fool above

              I fear it's you who is the fool here. For what I've seen so far of Google, that's EXACTLY what they do.

              Take, for instance, their statement that the cookie doesn't contain personal information which is completely irrelevant. That's almost as bad as the BS they put in their mail service explanation that has to explain away that they are in essence running a service that as far as I can tell is fully in breach of privacy laws (actually they already have convictions for that outside Europe, so it's only a matter of time before it hits them in the EU too).

              A cookie doesn't have to CONTAIN personal information to violate Data Protection, all it needs to do is to act as a reference to such information which allows to tie together various otherwise separate bits of information.

              It's exactly this kind of bullshit that has made me distrust *anything* that Google does. Their preference to serve up large gobs of BS instead of coming right out indicates to me an attitude of "as long as we're getting away with it it's legal" instead of looking what the law actually says.

              Which is the point the original OP made.

    2. Anonymous Coward
      Anonymous Coward

      Google = Evil

      This is the Google MO.

      Break the law openly, brazenly and on a massive scale, thus rendering the law useless. Why should anyone else comply when the web's largest presence openly flaunts the law.

      No fine can hurt them, because the politicos who make the law simply do not understand, or have been paid to misunderstand.

  9. Anonymous Coward
    Anonymous Coward

    Probably the tip of the iceberg from Google - after all they make money by selling access to you / your data.

    1. Anonymous Coward
      Anonymous Coward

      FUD

      Have you even read google's privacy policy?

      They make money serving adverts that are relevant to a person that matches a certain UUID basically.

      They can't sell your details to anyone. They can offer to serve adverts to you that appeal to certain advertisers.

      1. Anonymous Coward
        Anonymous Coward

        Re: FUD

        I can't be asked to re-read the whole thing, but the containment conditions for your information are exceptionally weak. As long as you have any sort of business relation with Google, the terms allow them to share your information. Thus, if you supply toilet paper to Google it's enough.

        There is, however, a much more dangerous aspect which Google is skirting. Under UK as well as EU data protection laws, accessing "sensitive" information about you (i.e. what medicine you look up, or which financial service you use for, say, debt management) requires EXPLICIT permission from the user (let me spell that out for you: Google needs to ask your permission in a separate, isolated statement, not embedded in light grey 6 point on white font somewhere down in the ToS). As far as I know, it has not done so for the majority of its current users in Europe which seems to put them in breach - yet again.

        They really seem to consider fines just the cost of doing business, and given what the FTC fined them you cannot really blame them for having that opinion. I call that a Wall Street spillover - after all, that's the attitude that gave us global economic crisis III.

  10. Jones
    Joke

    Oxymorons

    Upset about tracking and advertising? Lets start a facebook group for that...

    1. Anonymous Coward
      Thumb Up

      Re: Oxymorons

      > "Upset about tracking and advertising? Lets start a facebook group for that..."

      Brilliant!

      1. Alexander Hanff 1

        Re: Oxymorons

        The Facebook group was set up because Olswang wanted a medium people are familiar with - the issues with this have been pointed out and an independent web site will be available towards the end of the week.

  11. Dan 55 Silver badge

    The Cult only following His Jobsness' teachings

    After all, is it easier to change over to better software or sue people...?

  12. Anonymous Coward
    Anonymous Coward

    My iphone is tracking my every movement...

    The Location Tracking icon appears in the upper right of my iPhone's screen even though *all* individual apps have Location Services disabled.

    *They* (the 'Them-They' They with the capital 'T') are tracking me.

    So I'll have to spend the evening driving around to places that do not interest me in the slightest, to throw Them off the track.

    1. This post has been deleted by its author

    2. Anonymous Coward
      Anonymous Coward

      Re: My iphone is tracking my every movement...

      "The Location Tracking icon appears in the upper right of my iPhone's screen even though *all* individual apps have Location Services disabled.

      *They* (the 'Them-They' They with the capital 'T') are tracking me.

      So I'll have to spend the evening driving around to places that do not interest me in the slightest, to throw Them off the track."

      Best way. Throw them nonsense.

      1. Philip Lewis
        Devil

        Re: My iphone is tracking my every movement...

        Exactly, disguise the signal with random noise.

        For FF users - https://addons.mozilla.org/en-us/firefox/addon/trackmenot/

  13. Anonymous Coward
    Anonymous Coward

    One the one hand, it's a storm in a teacup

    OTOH, do bear in mind that while there's no a lot we can do to stop our government snooping on us, Google is a different matter (and unlike a government, not as above the law as they might believe they are).

  14. SteveTM
    WTF?

    Get A Grip People

    People really need to chill out. So what if someone tracked the crap you are looking at. Unless your an agent you really dont need to worry, and if you are an agent chances are you are working through some proxy or not even using a device like this.

    Get a grip people!

  15. Anonymous Coward
    Anonymous Coward

    Consequence

    "engagements, presents and holidays were destroyed when partners looked at their computers and saw display ads based on sites previously visited"

    Whiners! Real men do the online shopping from work, and wouldn't dream of looking on their partners iThingy

    On an unrelated note, why does my popular! webmail! provider! serve me up adverts for Asian dating and a certain tubular video sharing site serve me adverts for mature dating? It makes no sense - I've only been browsing latex bdsm sites.

  16. ExpatZ

    Irony

    So, I see the irony of creating a Facebook page bitching about being tracked is completely lost on the fanbois.

    Quite funny that is.

  17. Rawr.
    FAIL

    Was not a "gaffe" by Google

    "It took a Stanford researcher to spot the cookie planting gaffe by Google."

    Err no it was not a gaffe. The code was specifically designed to submit a page to Google, fooling Safari into thinking the user had submitted the page, thus bypassing the "only allow cookies from sites I visit" security setting. There was absolutely no gaffe at all, Google knew exactly what they were doing. Get it right, and perhaps the pro-Google, anti-Apple bias should be toned down a bit too?

  18. ForthIsNotDead
    Stop

    Just...

    ...make an entry in your hosts file:

    *google*<tab>127.0.0.1

    Problem solved. Worked for me for years. I use startpage.com for all my searches, as it doesn't track you, and even includes an online proxy for viewing those slightly dodgy pages via a proxy.

  19. Anonymous Coward
    Anonymous Coward

    Security Issue?

    "It could mean for many users that surprises such as engagements, presents and holidays were destroyed when partners looked at their computers and saw display ads based on sites previously visited. There are many examples of the inappropriate consequences of such intrusion"

    would this only happen if they were using the same account and therefore password sharing?

    hmmm

    1. Steve Renouf
      FAIL

      Re: Security Issue?

      Password? What password? Why do we need a password on our home FAMILY computer that only we use?

      1. Anonymous Coward
        Anonymous Coward

        Re: Security Issue?

        "Why do we need a password on our home FAMILY computer that only we use?"

        Really?

    2. EvilGav 1
      Stop

      Re: Security Issue?

      iThingys don't have multiple accounts, so the argument is somewhat moot from the start.

    3. Anonymous Coward
      Anonymous Coward

      Re: Security Issue?

      would this only happen if they were using the same account and therefore password sharing?

      I dont know a huge number of people who have password management policies established for their families use of their home IT assets, but you make a good point.

      Unfortunately, I dont think the cool iShiny has the ability to set up multiple users so it is only one account - password sharing is broadly irrelevant (assuming it has been configured to use a password in the first place).

  20. Jo 5
    Thumb Down

    Dear Appletards

    Nothing is free on this planet. Even your death will cost your next of kin a bomb. If you don't want Google trying to make a living off supplying products and services to you then stop using all google products FFS.

    Maybe you could try Bing?!

    Queue maniacal evil laugh muhahahahahaaaaaa

    1. Pseu Donyme

      Re: Dear Appletards

      The problem with that is you really can't avoid Google's ad-pushing services (and Google Analytics) on 3rd party web pages. These are (or can be) used to collect profiles as well (IPs which Analytics collects and keeps are as good as cookies in most cases, or actually better in that they are globally unique identifiers at a given point in time).

  21. Senior Ugli
    Coffee/keyboard

    Im sure the tracked habits of perving over girls on facebook and looking at porn are of no use to anybody.

    I think people want to feel important enough that they think people actually give a shit what they have been looking at

    1. Anonymous Coward
      Anonymous Coward

      browsing habits

      You may think no one gives a shit what you have been looking at, but people will pay good money for that information so they must actually give a shit.

      The fact you are selling it for a lot less than other people are selling it on is a totally different matter. The fact is that you are the only person losing out on the deal.

  22. Anonymous Coward
    Anonymous Coward

    "It could mean for many users that surprises such as engagements, presents and holidays were destroyed when partners looked at their computers and saw display ads based on sites previously visited. There are many examples of the inappropriate consequences of such intrusion."

    Glad they could come up with an excuse they could use in front of their wives. They probably won't be served with adverts for large plugs but may wonder why the advert for the Lesbian Advice Line pops up so regularly.

  23. Anonymous Coward
    Anonymous Coward

    Err...

    Where is Eadon telling us how great Google are and how MS are all bastards that invade your privacy and etc. etc...

  24. Grimster
    Trollface

    Forgive the irony

    But the inference is that people browsing pr0n will in turn be the recipient of pr0n ads therefore ruining their lives.

    Sounds like win/win to me.

    Trollface because - yeah.

  25. Big_Boomer Bronze badge
    Facepalm

    Screwed?

    They paid to be screwed by Apple and are upset because Google slipped one in there. I'm not arguing that they shouldn't prosecute, but is it really news that some Brits are doing what some Yanks did?

    What's next? Frontpage news that Cameron stubs his toe just hours after Obama?

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019