Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google: IE Privacy Policy Is Impractical

timothy posted more than 2 years ago | from the like-a-landmine-with-redial dept.

Google 258

itwbennett writes "In response to Microsoft's claim that Google circumvented Internet Explorer privacy protections (following the discovery that Google also worked around Safari's privacy settings), Google on Monday said that IE's privacy protection, called P3P, is impractical to comply with."

Sorry! There are no comments related to the filter you selected.

Impractical to who? (5, Insightful)

scruffy (29773) | more than 2 years ago | (#39110901)

I suppose privacy is impractical to those who want to sell our personal information.

Re:Impractical to who? (2, Insightful)

badness (78200) | more than 2 years ago | (#39111081)

When has Google ever stated, or even indicated, that as a goal? They serve personalized ads, but the data they use to do so never leaves their own servers.

Re:Impractical to who? (3, Insightful)

WolfgangPG (827468) | more than 2 years ago | (#39111177)

Why would it need to leave their servers when they are a marketing company? They are selling our demographic information to advertisers.

Re:Impractical to who? (5, Funny)

alphatel (1450715) | more than 2 years ago | (#39111399)

Why would the need to sell our demographic information to advertisers? They are a company that offers free profile pages to plus one enthusiasts.

Re:Impractical to who? (4, Insightful)

gorzek (647352) | more than 2 years ago | (#39112675)

Selling that demographic information is how they provide all the free services they do. Their ability to target ads effectively is what makes them attractive to advertisers.

I get that Slashdotters are deeply paranoid about anyone knowing anything about them, but at the same time, you aren't entitled to free services like those that Google provides. If you really don't want anything to do with Google, modify your hosts file so all requests to *.google.com (and related domains) are sent nowhere. That's "voting with your wallet," so to speak.

But I can't say I have much patience for people who want to use Google's services and then complain about Google using the information they gather about you as part of their advertising system. There's room to argue about what they should or shouldn't be allowed to do with it, but to presume they shouldn't have any information about you at all is a bit silly.

Re:Impractical to who? (4, Informative)

Anonymous Coward | more than 2 years ago | (#39111185)

actually, they would be quite stupid to sell ... because when I consider how much time I spend with google services compared to anything else, they must know about five times as much about me as the next best competitor ... so selling stuff that helps their competition would be really not a good idea ;)

Re:Impractical to who? (0)

Anonymous Coward | more than 2 years ago | (#39111367)

"but the data they use to do so never leaves their own servers."

I guess you believe everything you hear/read....

Re:Impractical to who? (5, Interesting)

egamma (572162) | more than 2 years ago | (#39111435)

"but the data they use to do so never leaves their own servers."

I guess you believe everything you hear/read....

Why would the data leave their servers? They don't need to sell the information to advertisers--they simply tell advertisers, "We know everything about everyone. We will put your ad in front of the 1 million people most likely to respond. You don't need us to sell their information to you--they will provide it when they buy your product."

Re:Impractical to who? (1)

bhcompy (1877290) | more than 2 years ago | (#39112147)

That's for internet advertising. Google does no print advertising, which loads every mailbox in the nation with tons of shit. Considering the amount of people that use their real names, you don't think they'll sell all that data they collect on you to print advertisers for targeted mailing?

Re:Impractical to who? (3, Interesting)

darkpixel2k (623900) | more than 2 years ago | (#39112477)

That's for internet advertising. Google does no print advertising, which loads every mailbox in the nation with tons of shit. Considering the amount of people that use their real names, you don't think they'll sell all that data they collect on you to print advertisers for targeted mailing?

What's a mailbox? I don't have a single bill that shows up in my mailbox. It's all paid online. Anything that shows up in the USPS box just gets chucked into the burn barrel. (Unless it's a package shipped by one of the few companies that charges $1 to ship via USPS from clear across the US--but that's rare.)

To save myself time, I've been thinking about replacing my mailbox with an always-on burn barrel--maybe using a propane barbecue bottle to supply it. Maybe the USPS would finally get the hint. Anything 'important' needs a signature and the mail carrier knocks on the door.

Re:Impractical to who? (1)

bhcompy (1877290) | more than 2 years ago | (#39112813)

And how is that any different from a spam folder on Gmail, Yahoo, Hotmail, etc? Or using Adblock? Or any other measure that accomplishes the same thing?

Re:Impractical to who? (1)

Anonymous Coward | more than 2 years ago | (#39112853)

I thought about that, too, until I got a jury duty notice last year. I almost threw it away since it looked like so much junk mail (seriously, I've been getting free loan offers that are disguised to look like official government documents lately that are from local car dealers mostly).

Re:Impractical to who? (0)

Anonymous Coward | more than 2 years ago | (#39112557)

You assume their downstream buyers are corporate rather than governmental. I bet there's 200+ nations willing to buy the extremely targetted data mining google has available on citizens around the world, and I'll bet despite their motto they're giving it up like a cheerleader on prom night.

Re:Impractical to who? (0)

Anonymous Coward | more than 2 years ago | (#39111891)

How do think the Google assholes make money, by selling Boy Scout cookies?

Re:Impractical to who? (4, Funny)

Anonymous Coward | more than 2 years ago | (#39112057)

Dude - get your monopolies straight! It's Girl Scouts with the cookies, Boy Scouts with the popcorn, and Congress with the assholes!

It's that last one which doesn't leave many unfilled niches for world dominating companies like Google.

Re:Impractical to who? (1)

Inconexo (1401585) | more than 2 years ago | (#39112301)

That doesn't give them the right to bypass other privacy policies. Cool that they earn money, but wrong if they do it with bad praxis.

Re:Impractical to who? (2)

CimmerianX (2478270) | more than 2 years ago | (#39111971)

The data never needs to leave their servers. They sell access to their servers so companies can run queries against the data. The 'Results of the query' go with the company. Never the data.

Re:Impractical to who? (1, Funny)

postbigbang (761081) | more than 2 years ago | (#39112337)

...never leaves their own servers.

I have great assurances that Google cannot be hacked, and that their contractors and affiliates use the excellent resources and high standards of Fleishman Hillard to protect data integrity from all possible hacking and cracking attempts.

not sold, but perhaps rented (1)

OrangeTide (124937) | more than 2 years ago | (#39112843)

So they merely rent our personal information instead of selling it. That's a pretty small distinction.

Re:Impractical to who? (1, Redundant)

0123456 (636235) | more than 2 years ago | (#39111215)

Impractical to those who want to spy on everything users do, anyway.

misleading/wrong question (5, Insightful)

poetmatt (793785) | more than 2 years ago | (#39111287)

The question that should be asked is: Why does IE have some part of their framework in place which can be simply ignored/violated?

Re:misleading/wrong question (1)

yotto (590067) | more than 2 years ago | (#39111369)

Where are my mod points, damnit!?

This is the FIRST thing I thought of.

Re:misleading/wrong question (4, Insightful)

timeOday (582209) | more than 2 years ago | (#39112777)

I disagree. A culture of, "if you are able to do it, it must be fine" is flawed at a very basic level. It's a failure to recognize anything above the law of the jungle. Property law gives us the freedom to have windows in our homes, even though, technically, they're easy to smash. Envelopes are easy to open an copper pairs are easy to tap, yet the laws that preclude this have been very effective - not totally, but far better than nothing. With the level of automated tracking of all kinds available these days, there simply cannot be any privacy unless there is a collective commitment to creating preserving such rights.

Re:misleading/wrong question (2)

Barsteward (969998) | more than 2 years ago | (#39111571)

honey trap?

Re:misleading/wrong question (2, Insightful)

Anonymous Coward | more than 2 years ago | (#39111633)

Yeah! Why are they bothering to follow the P3P standard that they didn't invent?

(rolling eyes)

Re:misleading/wrong question (0)

poetmatt (793785) | more than 2 years ago | (#39113049)

This is equivalent to allowing a buffer overflow, the question is not about whether they made it or not.

If P3P is being violated, then they should be making sure P3P is enforced, not calling into question google who they see as a competitor simply for purposes of fud.

Re:misleading/wrong question (0)

Anonymous Coward | more than 2 years ago | (#39111649)

One word ... marketing

Re:misleading/wrong question (5, Insightful)

Desler (1608317) | more than 2 years ago | (#39112235)

Yeah how dare they implement the P3P standard as it tells them to! Google is using a loophole in the standard to bypass the privacy protection.

Re:misleading/wrong question (0)

Anonymous Coward | more than 2 years ago | (#39112967)

I'm as shocked as you are that Microsoft adhered in some way to a public standard.

Impractical to Microsoft, MS also send invalid P3P (4, Interesting)

Anonymous Coward | more than 2 years ago | (#39111401)

I find it interesting that Microsoft also sends an invalid privacy header, just as they are complaining about Google doing.
I also find it interesting that MS is blaming Google for IE's failed handling on invalid P3P headers rather than fixing their product.

Re:Impractical to Microsoft, MS also send invalid (4, Informative)

0racle (667029) | more than 2 years ago | (#39111689)

I also find it interesting that MS is blaming Google for IE's failed handling on invalid P3P headers rather than fixing their product.

As I understand it, Microsoft is following the spec properly. Google is exploiting a loophole in the spec. [slashdot.org]

Re:Impractical to Microsoft, MS also send invalid (4, Insightful)

msauve (701917) | more than 2 years ago | (#39111789)

" Google is exploiting a loophole in the spec."

Which is another way of saying: Google is also following the spec. The problem is, the spec is faulty, and doesn't provide what it's intended to.

Re:Impractical to Microsoft, MS also send invalid (5, Insightful)

Americano (920576) | more than 2 years ago | (#39112129)

User: "I don't wish to be tracked. I've opted out using this P3P setting."
Google: "Haha there's a loophole that we're gonna use to track you anyway. Blame Microsoft if you don't like it, sucker!"

Yep, Google has done nothing wrong here whatsoever. They're completely right to exploit a known loophole which allows them to disregard the wishes of the users accessing their services, if those wishes would make Google's services less profitable.

If this is "Do no evil," I shudder to think about the damage Google could do if they decided one day to deliberately engage in evil.

Re:Impractical to Microsoft, MS also send invalid (1)

Klync (152475) | more than 2 years ago | (#39112371)

If this is "Do no evil," I shudder to think about the damage Google could do if they decided one day to deliberately engage in evil.

cf. Hank Scorpio, Globex Corporation.

Re: I shudder to think about the damage (2)

TaoPhoenix (980487) | more than 2 years ago | (#39112617)

Obligatory!
Don't make Google angry. You wouldn't like it if it became angry.

Re:Impractical to Microsoft, MS also send invalid (1, Interesting)

shadowmas (697397) | more than 2 years ago | (#39112143)

If it's something that can be exploited then it's a bug. Any security/privacy feature of the browser should be in the control of the user not at the mercy of the http server.

If it was something like a buffer overflow would microsoft still complain how that bad guys should stop sending invalid data packets to the browser?

I don't like googles extensive tracking either, but complaining that it's not using some unpopular protocol is just silly. If you are going to implement privacy control then make it work regardless of the information that the site may send or just don't bother.

Re:Impractical to Microsoft, MS also send invalid (3, Informative)

TheGratefulNet (143330) | more than 2 years ago | (#39112171)

what the text SHOULD look like (assme angle brackets here; sorry for having to reformat to get around slash filters)


[META xmlns="http://www.w3.org/2002/01/P3Pv1"]
  [POLICY-REFERENCES]
        [POLICY-REF about="/P3P/Policies.xml#first"]
              [COOKIE-INCLUDE name="*" value="*" domain="*" path="*"/]
              [COOKIE-EXCLUDE name="obnoxious-cookie" value="*" domain=".example.com" path="/"/]
        [/POLICY-REF]
        [POLICY-REF about="/P3P/Policies.xml#second"]
              [COOKIE-INCLUDE name="obnoxious-cookie" value="*" domain=".example.com" path="/"/]
        [/POLICY-REF]
  [/POLICY-REFERENCES]
[/META]

and what googles looks like:

P3P: CP="This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 [google.com] [google.com] for more info.

now, without even having a compsci101 level course, anyone here see which is the more correct parseable string and which is weasel bullshit?

Re:Impractical to Microsoft, MS also send invalid (2)

gnasher719 (869701) | more than 2 years ago | (#39112709)

Suggested update for Internet Explorer:

IE should try to parse the P3P according to the spec. If that fails, then display the contents to a user, with buttons: "Accept cookie", "Reject cookie", and "never allow visits to this site again".

Re:Impractical to Microsoft, MS also send invalid (5, Informative)

Lonewolf666 (259450) | more than 2 years ago | (#39112827)

Consider the following (from http://www.w3.org/TR/P3P11/#ua_compact [w3.org] ;

6.4 Compact Policy Processing

P3P user agents MUST NOT rely on P3P compact policies that do not comply with the P3P 1.0 or P3P 1.1 specifications or are obviously erroneous. Such compact policies SHOULD be deemed invalid and the corresponding cookies should be treated as if they had no compact policies.

As I understand this, IE should actually search the Google P3P header for a valid statement of what Google intends to do with regard to tracking cookies. If it does not find those, it should apply the default behaviour for web sites without any P3P header. As described by Dean Hachamovitch (the author of the blog post):

By default, IE blocks third-party cookies unless the site presents a P3P Compact Policy Statement indicating how the site will use the cookie and that the sites use does not include tracking the user.

Fine. So your browser sees a Google P3P header without any valid policies. At this point, the clause "unless the site presents..." should kick in and cookies should be blocked. To me this looks like a bug in IE, as they failed to implement the default behavior in this case. It would be appropriate for Microsoft to fix this bug, send the fix as update on next patch day and otherwise be very humble about their error.

  Instead, Dean Hachamovitch tries to paint this as conspiracy by Google to circumvent IE's security protection. FAIL.

I think (1, Offtopic)

koan (80826) | more than 2 years ago | (#39110991)

We should get over the privacy aspect, if you truly want privacy there are ways to deal with it, and second I find it amusing that as often as IE gets raped on the Internet Microsoft chose this to get public about.

No it isn't. (2, Insightful)

Anonymous Coward | more than 2 years ago | (#39111007)

Stop including P3P header data if all you're going to put is "this is not a P3P policy" in it. How impractical is that?

fuck you, Sergei and Larry (-1)

Anonymous Coward | more than 2 years ago | (#39111037)

Google THAT, you greedy swine.

Google (4, Funny)

Dexter Herbivore (1322345) | more than 2 years ago | (#39111041)

Do No... errr, nevermind.

Wer're safe! (5, Funny)

accessbob (962147) | more than 2 years ago | (#39111045)

Thank goodness they're not an evil company. It could have been M$ breaking the Web standard...

Re:Wer're safe! (2)

poetmatt (793785) | more than 2 years ago | (#39111745)

Well it's not like they have a contract with facebook as Microsoft does, to do what google does to IE anyway, right? Right?

Too soon?

Microsoft Quality (4, Funny)

darkfeline (1890882) | more than 2 years ago | (#39111075)

IE privacy protections were "circumvented" by Google sending a string stating, "This is not a P3P policy." Typical Microsoft quality product, that's like getting conned by a guy wearing a shirt that says "I don't guarantee I won't run off with your money" and then sueing them.

Re:Microsoft Quality (5, Insightful)

betterunixthanunix (980855) | more than 2 years ago | (#39111201)

Frankly, as an approach to a security engineering problem, P3P is pretty bad. You are basically allowing your adversary to declare what the security policy will be, then leaving it up to your adversary to follow that policy.

If browser makers were serious about protecting their users' privacy, they would make adblocking the default, they would have stricter cookies policies, and they would not let a company like Google decide what sort of privacy people will have.

Re:Microsoft Quality (5, Funny)

msauve (701917) | more than 2 years ago | (#39111907)

Plus, P3P is faulty, it has a loophole which one can take advantage of. Much better to simply follow a properly designed spec for this sort of thing, like RFC 3514 [ietf.org] .

Re:Microsoft Quality (1)

betterunixthanunix (980855) | more than 2 years ago | (#39111975)

Unfortunately, it is unlikely that you will get modded funny. Nobody will RTFA here, not even the moderators!

Re:Microsoft Quality (4, Insightful)

Xest (935314) | more than 2 years ago | (#39112215)

I remember thinking the same when I was forced to study it academically some time ago, and thought at the time what the fuck is the point in it exactly?

Well at least now I have my answer, it makes for good headlines when you want to troll your competitors with it if nothing else.

Re:Microsoft Quality (1)

Nimey (114278) | more than 2 years ago | (#39112793)

A good second-order use is when someone wants to stoke the flames of anti-Google hysteria, as seen with this article and many of the posters.

Re:Microsoft Quality (5, Funny)

SaroDarksbane (1784314) | more than 2 years ago | (#39111255)

Future News: For Windows 8, Microsoft has replaced the traditional log on screen with a text field. Users will now have to simply enter a reason why they should be allowed to log onto the system. The system will accept all answers.

Re:Microsoft Quality (4, Funny)

SJHillman (1966756) | more than 2 years ago | (#39111353)

Or if you have a webcam, it will accept sincere looking smiles.

Re:Microsoft Quality (0)

Anonymous Coward | more than 2 years ago | (#39113041)

Or if you have a webcam, it will accept sincere looking smiles.

... or boobs. Just make sure that your computer is connected to the Internet while logging in.

Re:Microsoft Quality (0)

Anonymous Coward | more than 2 years ago | (#39111317)

What? So if a guy with a shirt that says "I'm going to rob you" goes ahead and robs you, you wouldn't press charges?

Re:Microsoft Quality (0)

Anonymous Coward | more than 2 years ago | (#39112293)

Nope, he would preventively walk to the other side of street, tase him, release the hounds and shoot him when he attempts to escape.

FTFY (5, Funny)

elrous0 (869638) | more than 2 years ago | (#39111079)

Google on Monday said that IE's privacy protection, called P3P, is unprofitable to comply with."

Re:FTFY (3, Informative)

Larryish (1215510) | more than 2 years ago | (#39111547)

MS is a private company, not a legislative body.

As the situation is presented, Google is under no legal requirement to comply with any 3rd party browser "privacy requirements" outside of any existing legal agreements with manufacturers of said browsers. Was any such agreement in place?

tl;dr - MS can go get stuffed.

Re:FTFY (1)

betterunixthanunix (980855) | more than 2 years ago | (#39111695)

More importantly, why are browser makers worried about Google's interests? Google is the adversary as far as user privacy is concerned, and browsers should ship with security against that adversary. Adblocking should be the default. Cookie policies should be strict and should forbid iframes from third party sites from setting or reading cookies. If browser makers actually cared about user privacy, we would not be in this situation.

Re:FTFY (1)

xeno314 (661565) | more than 2 years ago | (#39111829)

Well, there are a few problems with those suggestions (outside of the "they're just following the P3P standard" issue). A browser that shipped with an ad blocker enabled is unprofitable for the publisher and competitors. If it allows the publisher's ads and not everyone else's, they're going to end up in court. Actually, if it has the equivalent of ABP or other extensions included and on by default, they're probably going to end up in court. Targeting particular adversaries with privacy controls -- same problem. Even if they win all of the lawsuits, it's a major diplomatic failure for them with adversaries who may also be business partners.

That said, I'd like to see it happen, but unless some rich benefactor independently funds a browser, it's not likely.

Re:FTFY (2, Interesting)

Americano (920576) | more than 2 years ago | (#39111755)

Google is under no legal requirement, but remember, they're the "Do No Evil!" crowd. Deliberately circumventing a system which allows browser USERS to say "I don't want to allow cookies from sites which will do X, Y, or Z with my data," would seem to fly in the face of that policy, wouldn't it?

What you're saying is, "Since Microsoft didn't create a hermetically sealed box that's unable to be bypassed, it's okay for Google to simply disrespect the wishes of the user - as expressed by the web browser settings - and do whatever they want."

Is this REALLY a road you think any company should be going down, where "whatever's not bolted down" is fair game for anybody smart enough to take it?

Re:FTFY (0)

Anonymous Coward | more than 2 years ago | (#39111995)

Deliberately circumventing a system .... ? Its IN THE SPEC for P3P to do what it does in response to Google's P3P notpolicy. It is not circumvention when both sides are adhering to the specification. It is, as they say, a feature.

It is more like saying "Since Microsoft didn't create anything at all that does anything for privacy, regardless of what users say or want, its okay for Google to not try very hard to implement it"

Re:FTFY (2, Interesting)

Americano (920576) | more than 2 years ago | (#39112279)

If Google sent nothing, and simply said "We refuse to support P3P," then the P3P system would have stopped them setting the tracking cookie. So Google had to expend the effort to:

1) Find a loophole that would allow them to track users even if this P3P system was in place;
2) Implement & test their workaround;

So yes, they had to deliberately develop and implement a workaround to allow them to plant the tracking cookie on IE users. Because not planting that cookie would be ever-so-inconvenient and unprofitable for them otherwise.

What blows my mind is that people are trying to frame this as a "Google vs. Microsoft" issue, when it is very clearly a "Google vs. User" issue. Google should respect the wishes of the users, as expressed by the P3P settings, or work to convince users that it is trustworthy & that they should change their settings (or use a different browser) that would allow google to track them. Hard claiming you're trustworthy when you're caught making an end-run around user preferences because they happen to be at odds with your business model.

Re:FTFY (1)

thsths (31372) | more than 2 years ago | (#39112181)

> Google is under no legal requirement to comply with any 3rd party browser "privacy requirements"

Maybe in the US, but not in the rest of the world, where privacy laws exist. Time and time again Google has argued that the consent of the user can be presumed, because cookies are enabled. Only with this presumed consent are they allowed to track users.

However, cookies are enabled by default, so this argument is pretty weak. And it collapses as soon as the user takes any action to discourage tracking, whether it is effective or not. Google is certainly not allowed to work around any imperfect measures to stop tracking.

It is not all clear here, because again MS has turned this on by default. But if P3P is actively being used to prevent tracking, then Google has to respect that.

don't follow that link --- it's worse than gotse (0)

Anonymous Coward | more than 2 years ago | (#39111149)

it's itworld!

Re:don't follow that link --- it's worse than gots (0)

Anonymous Coward | more than 2 years ago | (#39111309)

Indeed. I can't fap to itworld.

Dear Google (3, Interesting)

JamesP (688957) | more than 2 years ago | (#39111151)

So you're telling me it's impractical to send nothing or to NOT SEND BS in the field?

Congratulations for being as evil as MS

Re:Dear Google (1, Insightful)

yotto (590067) | more than 2 years ago | (#39111445)

Google could have lied. They could have sent a page of lawyerese that looked OK on the surface but actually said that they weren't complying. But they didn't. They provided you with a service (whatever wouldn't have worked) and openly stated while doing so that complying with the policy was idiotic.

They had at least 2 chances to be evil and failed to be both times.

Re:Dear Google (0)

marcroelofs (797176) | more than 2 years ago | (#39111777)

+1

Re:Dear Google (2)

xeno314 (661565) | more than 2 years ago | (#39111893)

They could also have just not sent P3P headers if they didn't intend to actually provide a valid one and comply with it...

Re:Dear Google (2)

BitZtream (692029) | more than 2 years ago | (#39112141)

They send a valid P3P header that says 'we're not complying with your privacy request'

IE says 'Thanks for complying! with our policy!'

How exactly is that googles fault?

Re:Dear Google (0)

mr_gorkajuice (1347383) | more than 2 years ago | (#39112671)

It's Googles fault exactly because it's done to achieve the end result of ignoring user preferences.

Is it really that hard to understand? Are you really that blinded by your love for Google?

Re:Dear Google (0)

Anonymous Coward | more than 2 years ago | (#39113003)

Laywer thinking. Jamming arbitrary garbage into machine-interpreted fields must not change the contract. See that Linuxant junk where they declared the module license string to be GPL\0only for files in the GPL subdirectory.

Re:Dear Google (4, Insightful)

Americano (920576) | more than 2 years ago | (#39112053)

I find it amusing that you are twisting and squirming to rationalize how Google explicitly disregarding the wishes of the user and exploiting a well-known loophole in the P3P spec in order to do something against that user's wishes is "not evil."

Even in the best "Microsoft should have prevented this" light, it makes them no better than the used car dealer who tries to convince you that the rust on that El Camino is a special limited-edition two-tone finish that the manufacturer tested out, and the noise from that busted exhaust system is just evidence that the car has a special glasspack muffler. It's bottom-feeding behavior of the worst sort, and blatant hypocrisy from a company that carries on about its "do no evil" policy.

Re:Dear Google (3, Interesting)

ceoyoyo (59147) | more than 2 years ago | (#39112841)

Right. They exploited a bug in Internet Explorer so they could track users against their wishes. On is own maybe more naughty than evil, but following on their very purposeful and sneaky bypassing of anti-tracking measures in Safari, it's just a continuation of a pattern of sneaky disregard for users' wishes.

Don't be evil had to go out the window the second Google became an advertising company. If you didn't realize before, it should have become obvious when they bought doubleclick, the evilest company on the web.

Old and Busted (5, Interesting)

uigrad_2000 (398500) | more than 2 years ago | (#39111167)

P3P has been Old and Busted [epic.org] since Slashdot first covered it [slashdot.org] in 2002.

Microsoft would never bring it up, if they weren't already in panic mode. This seems to indicate that MS is in far worse shape than we know.

Not impractical, ridiculous! (5, Interesting)

sugarmotor (621907) | more than 2 years ago | (#39111231)

I think Google is being polite, as do people who quote a "lack of value"

From http://en.wikipedia.org/wiki/P3P [wikipedia.org]

The main content of a privacy policy is the following:

        which information the server stores:
                which kind of information is collected (identifying or not);
                which particular information is collected (IP address, email address, name, etc.);

Kind of information??? As if the AI problems were all solved. IP Address? Of course it is collected. Email address? Yes if there is an input box that says email address then the address is collected.

Re:Not impractical, ridiculous! (0)

Anonymous Coward | more than 2 years ago | (#39111883)

IP Address? Of course it is collected.

Why is this an "of course" item? There is no immediate reason to collect and store IP addresses for long term, past the end of the current TCP connection.

Re:Not impractical, ridiculous! (1)

Anonymous Coward | more than 2 years ago | (#39112281)

I gather you've never ran any ecommerce sites have you? Or any other kind of site that needs to keep track of customers to prevent fraud. You are a clueless idiot.

Re:Not impractical, ridiculous! (1)

sugarmotor (621907) | more than 2 years ago | (#39112329)

Let's put it the other way around. If you were to tell your browser you only want to visit websites that do not store your IP address, how far would you get?

Or, how tired would you get of pop-up's saying " This site stores your IP address. Continue viewing?"

Re:Not impractical, ridiculous! (0)

TheGratefulNet (143330) | more than 2 years ago | (#39112009)

read this again, mate:

P3P is a machine-readable language that helps to express a websiteâ(TM)s data management practices

MACHINE READABLE.

is english machine readable? english sentences?

NO.

google fucked up. such a simple thing and they fucked it up.

ON PURPOSE.

this was not incompetance. what is difficult about making something either blank or token scannable via a simple grammar?

english grammar? sorry google, but you lose in the worst possible way if you think THIS is the correct answer.

Re:Not impractical, ridiculous! (1)

sugarmotor (621907) | more than 2 years ago | (#39112411)

The file may be machine readable, but someone has to configure the other side, the client's preferences.

Here you will run into an overwhelming list of options that an average user is simply not going to bother with ---> Ridiculous waste of time.

Slashdot censorship (-1)

Anonymous Coward | more than 2 years ago | (#39111283)

I was browsing at -1 and I refreshed and saw a post disappear.
Being at -1 it was a crap post, but not enough to warrant deletion. This is proof enough for me, that slashdot is engaging in censorship.

Do you think the little report flag that appeared a few weeks ago is just there for decoration? Of course not. Slashdot's new corporate overlords clearly want to clean the place up for ad publishers, and given the presence of that flag, well some people are just born with the snitching instinct.

Slashdot has always been anti-censorship, so this is shocking to me. Hardly a day goes by that we don't discuss the slippery slope of censorship, once the tools of censorship are in place.

And now they're on slashdot. Very disappointed.

Re:Slashdot censorship (0)

Anonymous Coward | more than 2 years ago | (#39111519)

I've just reported your post as "anti-censorship."

so long,

Why is there a lack of outrage? (0, Informative)

Anonymous Coward | more than 2 years ago | (#39111295)

If it was the other way around, there would be a pile of MS hating nitwits here already.

Re:Why is there a lack of outrage? (1)

Anonymous Coward | more than 2 years ago | (#39112113)

If it was the other way around, there would be a pile of MS hating nitwits here already.

From this thread:

I suppose privacy is impractical to those who want to sell our personal information.

Do No... errr, nevermind.

Google on Monday said that IE's privacy protection, called P3P, is unprofitable to comply with."

Android (0)

geoffrobinson (109879) | more than 2 years ago | (#39111341)

So tell me again why I would want to use Android? No way I want Google to have built my phone. They know enough about me, thank you.

Re:Android (2)

andydread (758754) | more than 2 years ago | (#39111657)

You do realise that Microsoft does the same thing right? They send an invalid privacy header the same way they are complaining that Google is doing. So you trust Microsoft to tell you the truth?

Re:Android (2)

Anonymous Coward | more than 2 years ago | (#39112067)

[Citation Needed]

Re:Android (0)

Anonymous Coward | more than 2 years ago | (#39111857)

You do not have to have a Google account to use Android. You could level the same criticisms against iOS or windows phone but don't let that get in the way of your paranoid google hate.

Tomorrow Never Dies (1)

pan0k (580784) | more than 2 years ago | (#39111793)

All these bugs bring back my favorite quote from that movie. " Elliot Carver: Mr. Jones, are we ready to release our new software? Jones: Yes, sir. As requested, it's full of bugs, which means people will be forced to upgrade for years. Elliot Carver: Outstanding. " If Microsoft and Apple knew about the bug, why left them open? Hoping that somebody would find the bug for them?

One question never answered (3, Interesting)

microbee (682094) | more than 2 years ago | (#39112015)

How does Facebook do it (the Like button)? Does Facebook also circumvent it this way? Either Facebook found a way to do it better, or they are both doing the same thing.

Can we stop the Google/Microsoft bashing and focus on the techniques please?

Re:One question never answered (5, Informative)

MozeeToby (1163751) | more than 2 years ago | (#39112291)

Not only does Facebook do it but Microsoft also does it. The standard they are accusing Google of violating is so out of date that W3 doesn't even try to update it anymore, because no one follows it and most browsers don't even implement it fully. This is a non-story in every direction.

Re:One question never answered (4, Informative)

Anonymous Coward | more than 2 years ago | (#39113019)

Check the ARS story with 2 updates:

http://arstechnica.com/tech-policy/news/2012/02/google-tricks-internet-explorer-into-accepting-tracking-cookies-microsoft-claims.ars

Yes Facebook is doing it as well as msn.com and live.com

MS Rocks (0)

Anonymous Coward | more than 2 years ago | (#39112031)

Wow! My respect for Microsoft just went up a notch. Release IE for Mac again and I'll use it as long as you have strict privacy standards like this. LOVE IT!!!

Re:MS Rocks (0)

Anonymous Coward | more than 2 years ago | (#39112437)

You are a complete fucking tool.

Irony. (1)

forkfail (228161) | more than 2 years ago | (#39112093)

Thy name is Corporate.

Be less evil and confused for a day, Google. (1)

sander (7831) | more than 2 years ago | (#39112101)

Microsoft's privacy protection feature in Internet Explorer, known as P3P

This is simply utterly preposterous. P3P is not a Internet Explorer thing. Even google search knows its a w3c thing - but apparently those coming up with such excuses do not use Google search. Google can do with a doze of being at least a bit less evil.

You know those locks on people's doors? (0)

Anonymous Coward | more than 2 years ago | (#39112499)

They are also impractical. We should just get rid of them.

I am sorry, but Google has outlived it's mantra. They should change it to:

Don't get caught.

Because honestly, they are now evil-er than almost any other company. At least with facebook, they admit they are stealing your personal data.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?