Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft: The Biggest Web Bugger

timothy posted more than 13 years ago | from the brits-can-snicker-now dept.

Privacy 188

An unnamed reader writes: "A recently released web bug report shows that Microsoft (via Link Exchange) is bugging more web sites than any other organization. Less surprisingly, however, the same report shows that by making some rough traffic estimates, DoubleClick is probably bugging more web traffic than anyone else. (Except of course those big ISPs running proxy servers...wonder how long it will be before the ad agencies get into bed with the ISPs?)"

cancel ×

188 comments

It's easy to block these in IE (1)

Anonymous Coward | more than 13 years ago | (#390751)

If you use Internet Explorer, it's easy to block these. Just add any suspicious domains (e.g. *.doubleclick.net) to Restricted Sites in the Security tab of the Internet Settings control panel, disable everything (most things are already disabled for restricted sites), and that's that.

Re:Web standards (1)

pb (1020) | more than 13 years ago | (#390752)

Web standards are for *both*. If web browsers didn't render incorrect HTML, then web pages would stay clean.

However, I'd be happy if browsers even had the *option* to enforce compliance.

For instance, if browsers could actually obey the </HTML> tag, then the fascist disclaimer that is automatically appended to all of my pages at NCSU wouldn't show up. :)
---
pb Reply or e-mail; don't vaguely moderate [ncsu.edu] .

Buggy vs. Bugging (1)

pb (1020) | more than 13 years ago | (#390753)

I didn't know at first if this referred to "Buggy" web pages, or "Bugging" web pages.

Microsoft is surely responsible for more buggy web pages, such as any HTML generated by Word or FrontPage, and the creation of their own Windows-only character set that often render what should be simple ASCII punctuation into question marks, or worse. Also, their webpage fonts are incredibly small on any system that doesn't support *their* fonts.

Doubleclick also is responsible for buggy code, specifically something known *as* a "web bug" or a "GIF bug", but that's also used to track people, so that would count as "bugging" as well.

The short answer for that would be to simply install JunkBuster. As for fixing Microsoft's sloppy HTML, I bet a proxy server like Junkbuster could detect a "GENERATOR" tag or maybe an undefined character code and just run the page through the Demoronizer.

But I wish people actually implemented the web standards we had originally, or put such compliance in the web browsers we have now. Netscape and IE are much prettier than Amaya, but they still read past a closing HTML tag...
---
pb Reply or e-mail; don't vaguely moderate [ncsu.edu] .

Re:Web standards (1)

Chmarr (18662) | more than 13 years ago | (#390760)

Of course. It follows the standard adage: Be strict in what you emait. Be forgiving in what you accept.

Although, it would be really nice if IE, Netscape, etc, had a -strict switch.

Re:Other statistics on site (1)

Ensign Nemo (19284) | more than 13 years ago | (#390761)

completely offtopic.

Where do you get your information? check out netcraft. It shows that Apache is most definitely NOT losing ground to IIS. They're staying roughly the same. Apache~60%; IIS~20%

"Microsoft: The Biggest Web Bugger" (1)

Black Parrot (19622) | more than 13 years ago | (#390763)

Well, they bugger everything else. Why not the Web?

--

Re:Who cares? (1)

chris.bitmead (24598) | more than 13 years ago | (#390764)

By sending out a lot of spam with webbugs they can match email addresses to their webbugs. Then if they link up with e-commerce sites like amazon, ebay etc they can link the email address to a real address.

Re:Who cares? (1)

LennyDotCom (26658) | more than 13 years ago | (#390766)

see post #23

We're talking about /web/ bugs here. (1)

TheDullBlade (28998) | more than 13 years ago | (#390767)

It is not trivially easy to associate web bugs you encounter while surfing with your email address, only ones in spam. And then you have to read the spam while online, and allow it to load images.
---

Re:Defeating web bugs (1)

smutt (35184) | more than 13 years ago | (#390768)

I use Konquerer under KDE and set it to alert me for any cookie. If a site tries to set a cookie that I don't want, I click "Deny all cookies from that domain." That way I never get bugged about cookies from that site again. It also forces me to only allow cookies from sites that I explicitly allow.

You should use the same philosophy for cookies as you do for access lists: Anything that isn't explicitly allowed should be denied.


By the way this comment was posted in Konquerer, the coolest web browser on the planet.

Re:Bad statistics (1)

MadAhab (40080) | more than 13 years ago | (#390769)

Right, and I'm so sure they don't log that information.

I lost 50 pounds!!! Ask me how. Sucker.

Boss of nothin. Big deal.
Son, go get daddy's hard plastic eyes.

Re:We're talking about /web/ bugs here. (1)

MadAhab (40080) | more than 13 years ago | (#390770)

Right, it's not trivial. It works best if you put bugs into pages where the user enters the email address and you pass it through a query string, and you collect other info too, then you buy a major consumer marketing database named after a simple calculating tool, and turn around and make all your claims about aggregate information only into a big fat steaming load of shit.

Boss of nothin. Big deal.
Son, go get daddy's hard plastic eyes.

Re:A question about the proxy use (1)

duplicate-nickname (87112) | more than 13 years ago | (#390780)

go ahead and disable it....about the only thing you will notice is slower web access. Because, you know @Home is willing sift through their proxy cache to dig up the favorite pr0n sites of their 1 million users.

I bet you disable cookies on your browser...don't you?

BTW, if by "anything necessarily bad" you mean the @Home police breaking down your door and confiscating your Linux box for violating their TOS, then don't disable the proxy.

Re:This is old news (1)

invdaic (88360) | more than 13 years ago | (#390781)

I think the title was "The Net" and it was a terrible movie.

Re:A question about the proxy use (1)

}{avoc (90632) | more than 13 years ago | (#390782)

I'm with @home and have never used the proxy... Nothing seems to be different on my end.
-Dan

Re:A question about the proxy use (1)

}{avoc (90632) | more than 13 years ago | (#390783)

I really should do that... *goes off to DNS the servers*
-Dan

Re:Defeating web bugs (1)

mcrandello (90837) | more than 13 years ago | (#390784)

What's needed is a list, a'la MAPS or something, and freeware/'free software' that automatically updates your hosts file. Have clients for every OS+browser combination you can think of, after all we WANT joe-sixpack to jump on this. Make a big deal about how faster pages will load and how much more protected your "privacy" is.

Using the arguments that featured piracy-bounty-hunter guy was using (thin of the bandwitdh!)ISPs should be all over this, and maybe even reccomend it to their customers. After all, they still get paid, their service will be faster all around, which of course equates to more overselling they can get away with...you get the drift.

Re:A question about the proxy use (1)

boneshintai (112283) | more than 13 years ago | (#390787)

If you choose to use it, it's your own problem. If you installed their software package (a custom set of Netscape 4.something) their proxy and annoying homesite are pre-configured. Solution 1 (mine) is to configure (Windows, Linux) myself rather than let their CD within thirty feet of my drive and ignore the dang proxy server entirely -- they don't block port 80 anything, and instead rely on a Social Science number. Solution 2, if you've installed their crap, is to change the proxy settings and the homepage.

Bad @home, no biscuit.

-Owen

Re:Info v Privacy (1)

rhizome (115711) | more than 13 years ago | (#390789)

This information, if properly anonymized, is a useful commodity to other net firms as well, and helps them to provide us with better service. Could you provide some examples of this "better service" you mention that tracking has provided us? I'm certainly having trouble finding it.

Re:This is old news (1)

Red Pointy Tail (127601) | more than 13 years ago | (#390794)

Remember the bit where she typed the 4-byte IP address in full view? I don't recall the number, but one if it is larger than 255.

I LOLed right there in the cinema, but then there must not have been many geeks around, because no one else seemed to have found it amusing...

:)

Re:Info v Privacy (1)

bmasel (129946) | more than 13 years ago | (#390795)

If someone responsible can find out who is visiting a site that posts illegal information, then they can get better data on how to fight that particular crime.

If someone "responsible" is of the opinion that visiting a site on which there is discussion of matters illegal, is unwholsum, the 1st Amendment shrinks again.

Re:ahh yes, marketing (1)

Andrewkov (140579) | more than 13 years ago | (#390798)

Always carry a big stick.

---

Re:Who cares? (1)

Andrewkov (140579) | more than 13 years ago | (#390799)

They slow down your surfing ... If you go to a fast web site, there is a delay while the bug loads from the slow 3rd party ad server .. same deal with banner ads. And of course, these load first before any content is shown, so you have nothing to do but wait for those few seconds.

---

Re:A question about the proxy use (1)

Andrewkov (140579) | more than 13 years ago | (#390801)

Me too .. the @home proxy seemed unreliable and slow at times, so I don't use it. Junkbuster and Squid run locally do a better job anyway (I know it creates more network traffic, but it runs faster at my end -- that's all the counts! ;-) ). I also reference the news and mail server by IP address, since the DNS sometimes doesn't return an address for "news" and "mail".

---

Re:Who cares? (1)

Andrewkov (140579) | more than 13 years ago | (#390802)

Another good reason to disable HTML in email... Too bad both major browsers in Windows default to sending email in HTML format.

I need to look into reconfiguring me firewall ... I've always been more concerned with incomming packets, not thinking about web bugs and unauthorized outgoing packets. Blocking all those web-bug sites listed in the report sounds like a good idea to me.

---

DoubleClick bugging? Duh, it's what they do! (1)

shamino (146659) | more than 13 years ago | (#390805)

How do you think they can do geographic marketing? Of course they have 'bugs' in their web traffic. How else can they target an advertising campaign to a specific region?? What is Joe's Car Garage wants to advertise in upstate New York, does he really want to pay for banners served to people surfing the web in Asia?? Get a clue. Typical knee jerk reaction to something you don't understand.

Re:Who cares? (1)

EvlPenguin (168738) | more than 13 years ago | (#390810)

Ah, but what if you also run a webserver from that computer, and they could then run a whois on your website's domain name, producing your physical address, real name, etc.

Not that they would; that would be to time consuming. But still, it is possible (although not a threat because most people don't run webservers from the same computer they work on).

--

The Lynx using, web-surfing, British response... (1)

Akardam (186995) | more than 13 years ago | (#390818)

Parse that, you old bugger!

Ad Agencies (1)

carlcory (195521) | more than 13 years ago | (#390823)

...or they lobby for government restrictions on ISPs using proxy servers (like the recent Australia posting)

Re:Who cares? - Lots (1)

Technician (215283) | more than 13 years ago | (#390825)

Look at the server stats. I noticed that Apachie is the biggest server,followed by Netscape, followed by Unknown. The Unknown server is growing in size. I think this is deliberate!

And a web bug is...? (1)

kosipov (218202) | more than 13 years ago | (#390827)

What do they mean by web bugging?

it's not just for advertising... (1)

q000921 (235076) | more than 13 years ago | (#390831)

Web bugs and other cross-site tracking methods (static IP addresses, as with cable and DSL, are even better for tracking) give advertisers instant information about your interests and browsing history. But they don't just give that information to advertisers, they also give it to on-line businesses that you buy from. If you don't turn this off, when you fill in an on-line insurance or credit application, the company you apply for can get your browsing history just like an advertiser would. It's cheap, it's easy, why in the world would they not do it if they can?

You may say "I have nothing to hide". Neither do I. But the statistical analysis programs that grovel through browsing data are trained on the statistical average. For oddball populations like the readership of Slashdot, they may perform in completely haphazard ways. They might classify you as an educated person with great income potential, based on your fondness of gadgets, or they might classify you as a disturbed sociopath with violent tendencies, based on your fondness for computer games and fast computers you share with the Columbine high school kids. And if you get investigated or have credit or insurance denied because some program misclassified you, you'll never know what hit you.

The only way to deal with this is to not let the information get collected in the first place. Once it has been collected, it's impossible to keep it from being used for discriminatory purposes (in fact, often, that happens completely unintentionally).

Re:This is old news (1)

Da Masta (238687) | more than 13 years ago | (#390832)

Yup..."The Net"...yup...that was one shit assed movie! Got the plot sucked...the technicalities sucked. In the whole theme of sucking, the plot would have been MUCH better if maybe the bad dude just posted a vid of their sex romp on the net or something! (Of course then, there'd be no problems with her not existing...she just has to find the right 13 year old's house to crash ;-)

Re:And a web bug is...? (1)

k9nl (243530) | more than 13 years ago | (#390834)

You know this doesn't have to be img tags. The same thing can be achieved through server-parsed html. Cookies don't even have to be used if every link has an id string in it. This term "web bug" doesn't mean much. The problem here is tracking by whatever means are used.

Just some thoughts...

Re:Other statistics on site (1)

sacremon (244448) | more than 13 years ago | (#390835)

Carefully reread the title of the post 'Other statistics on site'. Does that give you an idea as to where the information is from? In fact, I give the title of the area on the site where the statistics come from.

What more do you need?

I was stating that their statistics show that. I didn't say that this was gospel. Sheesh - this is *marketing* research, which is virtually an oxymoron.

Re:Other statistics on site (1)

leviramsey (248057) | more than 13 years ago | (#390836)

Because it's a federal judge, he can be impeached using the same procedure used for all federal officials (such as the president). (i.e.: the House impeaches and the Senate may remove from office). The "high crimes or misdemeanors" standard applies, but it's generally thought that this means whatever Congress thinks it means at that particular moment (I'm not sure if an impeachment can be overturned by the Supreme Court).

The first federal judge to be impeached was John Pickering, the judge of the US District Court for New Hampshire, who was removed from office in 1804. Since then, 12 judges have been impeached, of whom 6 were convicted and removed from office. One of the 12, though, resigned before the trial.

Re:A question about the proxy use (1)

Mastagunna (251788) | more than 13 years ago | (#390837)

How do you enable it, or do you need to use there software to get it, or is it automatic.

Re:This is old news (1)

raju1kabir (251972) | more than 13 years ago | (#390838)

Yup, and then she leaned over, rested her hand on my thigh, and whispered this URL [neca.org] into my ear.

Re:This is old news (1)

raju1kabir (251972) | more than 13 years ago | (#390839)

Oops, she must have had a little too much to drink, because the actual URL is this [neca.org] .

Re:This is old news (1)

raju1kabir (251972) | more than 13 years ago | (#390840)

Oh, kinda like how phone numbers in most movies start with 555 (an invalid prefix, or at least it used to be, not sure if it still is)

At least in Los Angeles they've started using it. Not sure about other places.

Not likely (1)

Maskirovka (255712) | more than 13 years ago | (#390842)

"...wonder how long it will be before the ad agencies get into bed with the ISPs?)"

In my experiance most ISPs avoid forcing adds down a customers throat to that degree. Actually it almost seems to be an industry taboo. AOL is an exception of course.
Many newbies (and others) consider adds a form of spam, and if they were required to view them to use the web (or even worse, the net as a whole) the isp would loose a great deal of business, unless they had some kind of incentive like being free.
What I would like to see would be a broadband provider that made you watch adds in exchange for free service with unlimited bandwidth. While I'm dreaming I'd also like a G4 powerbook with a gig of ram. And a hummer. And a....you get the idea.

Maskirovka

-.

Marketing is one thing, what about Big Brother. (1)

ImaLamer (260199) | more than 13 years ago | (#390844)

Wouldn't it just be easier to just buy the stats from the web sites instead of doing it the hard way. Yahoo and other such sites track what you may click on after a search - so bother them for stats. See, what would bother me is if MicroSoft was turning around and selling the info to the gov't. Who cares if a stupid marketing company gets my info, they won't care if I click on a "How to make Crystal Meth" page? To marketing companies just remember you are only a number!

Re:Buggy vs. Bugging (1)

popular (301484) | more than 13 years ago | (#390848)

I hate this attitude about HTML. If it was "meant to be perfect", it wouldn't have drawn 99% of the interest it did. While other markup languages are for data, HTML is for presentation.

Imagine being a programmer developing a dynamically generated page. Frankly, I'm more interested in seeing if the output is correct -- the last thing I want is to have the page not render at all because it's "invalid". What if you actually did produce a valid document, and the browser's validator was buggy? It's much easier for everyone if the browser just renders the damn page.

If people want to get picky about their markup languages, may I suggest they look at SGML? If you're writing an O'Reilly book, perhaps it makes sense to use SGML and validate it against that gigantic DocBook DTD. Personally, I think it's overkill for a 13 year old making a Backstreet Boys fanpage, and HTML, for all its flaws, certainly must be better than Word!

--

Re:Who cares? (1)

Zuchinis (301682) | more than 13 years ago | (#390849)

Useful ads? Useful ads? Maybe an ad is useful to you or me or Joe Blow when it contains relevant and reliable information about the product or service being sold. That information is freely available to marketers if they want it, all they have to do is call up the product people at the other end of the company. the only reason why they want marketing information from web bugs and such is to learn what you think you want so as to manipulate you into buying something whether it is useful to you or not.

Re:A question about the proxy use (1)

bigbadwlf (304883) | more than 13 years ago | (#390853)

I've been using @Home forever, and I have NEVER used the proxy... and I've never regretted it.

Slashdot uses web bugs (1)

OlympicSporsor (321485) | more than 13 years ago | (#390859)

It's true; check out the source for the front page. Is it right to complain about web bugs and then use them at the same time? No! Fucking hypocrites.

Re:A fact of life... (1)

SacredSalt (321577) | more than 13 years ago | (#390860)

I think it's less that users don't care, and more that users are not aware, nor are the fixes always simple. What do you expect you when you make a GUI interface that gets people onto the net with little technical skill, but then wont allow them to edit these types of privacy settings with the same lack of technical skill? You get what we have know. Some of it's probably there by design (evil conspiracy?), and some of it purely uninteded consequence of trying to add new features to the web.

Re:Who cares? (2)

Caine (784) | more than 13 years ago | (#390862)

As my hostname contains the following information; Where i study, and therefore which town and country and more importantly it also contains my whereabouts down to my roomnumber, so I'm not that hard to track based on it, I find it rather relevant.

Re:Info v Privacy (2)

ChaosDiscord (4913) | more than 13 years ago | (#390863)

If someone responsible can find out who is visiting a site that posts illegal information, then they can get better data on how to fight that particular crime.

From there it's not too long until someone realizes that someone "responsible" can find out who is visiting a site that posts unpopular informaiton so they can get better data on how to fight that thought crime. It's just a another step until unpopular becomes "unamerican," and suddenly your curious browsing of, say, the World Socialism [worldsocialism.org] pages lead to you answering the question, "Are you now, or have you ever been a communist?" You need real privacy to listen to free speech. Without privacy, free speech is worthless.

Does this mean... (2)

matthewg (6374) | more than 13 years ago | (#390864)

...that the US DoJ's hotshot young lawyer is going to use the Little Doctor on them?

Exactly how long before ISPs and Spammers unite (2)

griffjon (14945) | more than 13 years ago | (#390869)

is equal to when I go buy ZeroKnowledge or full anonymizer services, less five minutes. Frankly, I'd be surprised if there isn't some of that already going on (naturally, NetZero and the like, but I mean normal, paid ISPs)

Congress will investigate Web Bugs (LINK) (2)

B.D.Mills (18626) | more than 13 years ago | (#390871)

Hey Lenny! Great anti-spam page. Spammers are up to $4.50 on goto.com [goto.com] ! Slashdotters, start clicking the link below to make spammers pay. Click this link to make spammers spend money! [goto.com]

Obligatory on-topic message:

Visit Junkbusters [junkbusters.com] and view information on Web Bugs [junkbusters.com] .

The industry uses the euphemism "clear GIFs" to describe web bugs. Search for "clear gifs" in a search engine as well as "web bugs" if you're after more information. I use TopClick [topclick.com] because it is a privacy-respecting search engine that doesn't use cookies and I have found it to be very good.

*** NEWS FLASH ***
Congress to investigate Web Bugs. More details here [internetnews.com] at intenetnews.com [internetnews.com] .
--

Buggy vs. Bugging vs. Buggering (2)

Saint Nobody (21391) | more than 13 years ago | (#390873)

actually, for a second when i saw the title of the story, i thought it was talking about buggering web pages.

Re:Who cares? (2)

ryanr (30917) | more than 13 years ago | (#390874)

They can't be mapped to your physical address, phone number, etc. without a call to your ISP

Umm... and what do you think happens when you oder something online from one of these sites that has the web bug?

Re:Other statistics on site (2)

s390 (33540) | more than 13 years ago | (#390875)

The above post is a Micro$oft troll. Typical M$ - turn the facts on their heads and assert the opposite of the truth: enough folks will believe you, if you _sound_ sincere.

In fact, Linux based (i.e. Apache) Internet servers gained market share _faster_ than M$ last year, according to IDC. It has been well reported here and elsewhere.

What's worse, this same approach seems successful in pulling the wool over the eyes of a whole US Appeals Court on the DoJ vs M$ antitrust case!

Anyone got the email addresses of the US Appeals Court judges hearing the DoJ vs M$ Antitrust case?

Is there any process available for impeaching Federal judges for rampant cluelessness in office?

Re:Not likely (2)

s390 (33540) | more than 13 years ago | (#390876)

FYI: the correct English verb for loss of money, market-share, whatever, is "lose" not "loose" despite Slashdot's spelling dysfunctionalities. Cmdr Taco is guilty of this.

If all you children want to hack software, fine. If you want to talk about it amongst the rest of us well educated adults, then learn to hack English appropriately!

Re:Info v Privacy (2)

MadAhab (40080) | more than 13 years ago | (#390877)

Well, if you know that they not only surf blowjob-related pages, but also interracial hardcore pages, you can recommend the oral "services" of a "talented" immigrant from your favorite ex-commie or capitalist dictatorship nation.

And don't you think your wife wouldn't pay for that info, too (if you give me a twenty, I'll tell you what she paid for it).

Boss of nothin. Big deal.
Son, go get daddy's hard plastic eyes.

ahh yes, marketing (2)

Zule_Boy (45951) | more than 13 years ago | (#390879)

It is like those darn marketing people. Always wanting numbers and statistics from people like me. I work in a good sized (250000+ users) ISP and this is always a hot topic. Maybe if we follow people around on the web, we can market things at the more effectively. It makes me sick. What do you do with these marketing people anyways?

Shoot, I parsed it as something entirely different (2)

devphil (51341) | more than 13 years ago | (#390881)

...as in, I say there old chap, bloody Microsoft seems to have gone and buggered my web page again.

Web standards (2)

Cuthalion (65550) | more than 13 years ago | (#390883)

Web Standards are for content creators to adhere to, not for browsers to enforce. Browsers should show standard compliant HTML according to the standard, and everything else, they should make their best guess on. Because when it comes right down to it, Joe User (such as, oh, for instance, me) just wants to read the page. They don't want to hear "We could render this page, but won't because there's no </html> tag." Not that many people complain "I hate this product. It doesn't break when it's supposed to."

I agree that web tools should output standards copliant HTML, for precisely the same reason - people don't want to fuck around with this shit, they just want it to work. The best way to do this is to only output well-formed files, but load and display any mess of angle brackets that you can figure out.

Re:dude! I parsed that as "booger" not "bugger" (2)

Nailer (69468) | more than 13 years ago | (#390884)

I parsed it as `Microsoft biggest web - bugger'.

`Bugger', asides from referring to someone who sodomizes others, is also colloqially used in Australia as a curse.

Re:dude! I parsed that as "booger" not "bugger" (2)

}{avoc (90632) | more than 13 years ago | (#390886)

However, Microsofts Booger would undeniably be placed behind a glass case, where we may only look at it, and marvel at the massive size. However, the booger of your average open source company would be completely moldable and customizable.. You could choose your own color, wetness, and basic shape, plus, it would come with free instructions on how to make your own boogers! Yay!
-Dan Posting without reading what I just typed, or checking for any coherent message, or spelling, or anything since... 3 minutes ago.

Re:Bad statistics (2)

cperciva (102828) | more than 13 years ago | (#390887)

So, how do you "customize content" without "tracking where people go"?

By doing exactly what they say they are doing... "accurately identifying the geographic location from which users access your Web site".

Akamai has servers distributed around the world; whenever there is an incoming request, it gets passed to the server closest to the user. Simply looking at which server is handling the request allows akamai to customize content based on the geographic location of users.

A fact of life... (2)

DESADE (104626) | more than 13 years ago | (#390888)

The trend is moving away from individual rights. This stuff has been going on for some time, and the marketing droids are just getting better at it. I'm sure MS uses this to "make their sites and products better" but it's a bad sign that users just don't seem to care.

Get ready for hooks in the os that work with web site tracking tools. Not far away.

Re:And a web bug is...? (2)

Cheshire Cat (105171) | more than 13 years ago | (#390889)

You can find a good article on web bugs here. [foxnews.com] If you do a Slashdot search on web bugs, it'll come up with some previous articles [slashdot.org] on them.

Hope this helps.

The problem is... (2)

malfunct (120790) | more than 13 years ago | (#390890)

Just because an image doesn't come from the same server as the page doesn't make it any more or less likely or more or less capable of tracking your usage. These stats are fully bogus and give you no real idea of who is tracking what. More information is tracked on the same server that hosts the page than is tracked on the ad server I will nearly garuntee that.

Basically people you need to realize that marketing knows what you are doing and they use this to make more money off of you. Furthermore you need to realize that they make more money off of you by providing you advertising of something you actually want. Is this awful?

Another thing to realize is that none of these companies does a very good job at using the stats they collect. Few if any companies provide an automated targeted ad system. Few if any have solved the problem of sorting these large lists of numbers.

I mean how scared can you get when you get 3 calls a week from the phone company asking you to order phone service that you already get. They don't know what you are doing because there is just to much info.

dude! I parsed that as "booger" not "bugger" (2)

StandardDeviant (122674) | more than 13 years ago | (#390891)

Proof positive I need to drink at least one cup of coffee before reading /. after waking up. The thought of M$ being invovled in some sort of webcam-of-giant-booger, and what nefarous reasons they would have, dude, that's just wrong. :-)


--
News for geeks in Austin: www.geekaustin.org [geekaustin.org]

Re:Who cares? (2)

yamla (136560) | more than 13 years ago | (#390892)

You are kidding, right? It is trivially easy to associate web bugs with your email address at the very least. Of course, it requires that your email client supports HTML, but most do these days.

--

Re:Who cares? (2)

Boulder Geek (137307) | more than 13 years ago | (#390893)

You should. see this [arsdigita.com] missive from Phil Greenspun. Scan down to the section that says "I want to know the age, sex and zip code..."

Re:And a web bug is...? (2)

Goldberg's Pants (139800) | more than 13 years ago | (#390894)

For all those worried by this, head to Freshmeat and grab Junkbuster. I've been running it for over a year now. A select few sites are permitted to set cookies (Slashdot for example), the rest are blocked, as are 99% of the banner ads on all sites. Browsing heaven!

---

In the TANSTAFL department .... (2)

Zero__Kelvin (151819) | more than 13 years ago | (#390896)


I remember Microsoft used to offer certain levels of access to MSDN (The Microsoft Developers Network) as long as you put a IE Logo on your web page in the form of a link to theirs. I used to think it was an exchange of information that should already be available for free and free advertisement. Now I finally see their real reason for doing this - maybe.

P.S. TANSTAFL == There aint no such thing as a free lunch

Missing the point. (2)

caduguid (152224) | more than 13 years ago | (#390897)

Notwithstanding all the previous posts that pointed out the foolishness in assuming 'anonymous' tracking will stay 'anonymous', I think you're missing the real point...

'Anonymous' tracking isn't harmless by any stretch of the imagination.

60% of people who visit the SMAP fanclub homepage visit pages on ecstasy parties within 2 hours afterwards.
Omigod. Call your congressman. SMAP causes drug abuse!
28% of visitors to the XYZ health center visit pages on abortion access.
Where do you get your funding, XYZ?
And, of course, there is a 93% correlation between readers of /. and visitors to the pages of the SPCJK (society for the promulgation of cruelty to jonkatz).

*They* don't care about *You* anyways. *You* are insignificant.
But if they could learn how to manipulate/control/smear the whole lot of you, now that would be worth something.

Re:And a web bug is...? (2)

EvlPenguin (168738) | more than 13 years ago | (#390898)

From what I understand, it's more of the same cookie=bug nonsense, although they have a good reason to think so.

To elaborate on that, they are talking about those lovely cookies that places such as amazon.com and banner ad hosts such as doubleclick put place on your drive in order to indentify you for whatver reason (to track buying patterns in order to serve up custom-talored ads is the first thing that comes to mind).

As for an actual "bug" that tracks every site you visit and then processes or sends it somehow in order to do something such as physically locate you and find out who could be "trouble", well, that's just hype.

--

Re:ahh yes, marketing (2)

EvlPenguin (168738) | more than 13 years ago | (#390899)

Well, you could put them all in a line and test out how many people a real railgun [mtu.edu] could shoot through.

It's not without purpose either! Based on the result, iD Software would be able to make the next Quake's railgun more realistic.

--

A question about the proxy use (2)

Lostman (172654) | more than 13 years ago | (#390900)

Sup guys... my ISP, @home, has a proxy installed as my default proxy for web traffic and I am wondering if this could cause a problem--eg: they watching everything I do, etc. Also, would anything "necessarily" bad happen if I choose to disable this? I would worry that they log all my traffic for use in some huge conspiracy, but its much more likely they use it for advertisements... any aid with problems with the @home proxy and if there is a problem with disabling it?

Re:BSD (2)

firewort (180062) | more than 13 years ago | (#390901)

feeding the trolls again, I am.

Since you've convinced yourself that the real value you and your employer seek can only be found in paid for systems, excluding BSDI, may I recommend you look further at AIX?

At least IBM is contributing to the community that does find value in open-source/free-software, while continuing to improve the AIX offering. Technologies like LVM and JFS, for instance, and others, make AIX a great system. Granted, it still uses CDE, but I expect that'll change, and you can always load your own, or go with that free one, GNOME, like Solaris is choosing to use.

Thanks for voicing your opinion, now go and spend your employer's money. Spread your deathknells for BSD elsewhere, we don't need 'em.

See, you can't kill a free-software (or alternatively, BSD licensed) operating system as long as people continue to use it or work on it. A proprietary operating system can be killed by the company that sells it, but as long as one person uses the system, and one person develops for it, it's a live system.

Now excuse me, I'll be installing Darwin for Intel and OpenStep 4.2 as dual-boot on the same machine. Not exactly free software, but definately open-source, and certainly not dead.

A host is a host from coast to coast, but no one uses a host that's close

What? Me worry? (2)

Alien54 (180860) | more than 13 years ago | (#390902)

I'm not all that worried about the connection of MS to web bugs, etc. I am not even that sure that they are the largest benefactor, although this makes sense.

After all, they give me plenty else to worry about [slashdot.org] . (My thoughts here [slashdot.org] )

Don't worry, just a bad case of caffiene deficiency syndrome.

Re:This is old news (2)

micromoog (206608) | more than 13 years ago | (#390904)

At least in Los Angeles they've started using it. Not sure about other places.

Is that what the girl at the bar told you when you asked for her number?

How can you blame MS for this? (2)

wadetemp (217315) | more than 13 years ago | (#390905)

A recently released web bug report [securityspace.com] shows that Microsoft (via Link Exchange) is bugging more web sites than any other organization.

From the data presented, it seems LinkExchange is the most common "web bugging" service. But that's what it is, a service. The companies paying for LinkExchange ads are the ones driving the "bugging". Without companies wanting to advertise and do business cheaply on the web there would be no LinkExchange/bCentral. Just because LinkExchange seems to be the most popular of web ad services doesn't mean it's some evil MS plot to bug the world. It just seems to be doing good business. If you ran an ad service, wouldn't you dream of the same?

Damn Buggers (2)

HongPong (226840) | more than 13 years ago | (#390907)

All I know is that Andrew Wiggin has the best shot at taking out the damn things once and for all.

--

You think that's bad? (2)

NineNine (235196) | more than 13 years ago | (#390909)

  • Then don't watch cable/satellite TV. Those companies all know EXACTLY what you're watching at every second of the day.
  • Then don't use a credit card. Those companies know exactly what you buy, where, and when you buy it.
  • Then don't use a bank. They know exactly how much money you make and where it comes from.
  • Then don't use a telephone. The telephone companies knows exactly who you call, when, and for how long.
Get the idea? Lots more more personal, and more in-depth information is gathered about you EVERY DAY from MANY sources. Ad banners are NEGLIGIBLE when compared with any one of these other sources of information gathering.


Other statistics on site (2)

sacremon (244448) | more than 13 years ago | (#390910)

One of the other summaries was server market share theft/upgrades - or how many servers were switched from one type of web server to another.

The interesting thing was that while Apache still has the lion's share of web servers in the survey, it has been losing ground to IIS. Given all the hacks on IIS-based servers recently, this is an unsettling trend.

Info v Privacy (2)

perdida (251676) | more than 13 years ago | (#390911)

Where does "free" as in open information end, and private information begin?

The ISP is doing this service: connects me to the internet, hosts a lot of the sites I am reading, protects me from spam.

Knowing traffic on certain sites helps my ISP do that.

This information, if properly anonymized, is a useful commodity to other net firms as well, and helps them to provide us with better service.

If someone responsible can find out who is visiting a site that posts illegal information, then they can get better data on how to fight that particular crime.

It is up to users to determine where this technology is applicable. But I wouldn't dismiss web-bugging as a tactic out of hand.

Re:Buggy vs. Bugging (2)

raju1kabir (251972) | more than 13 years ago | (#390912)

Imagine being a programmer developing a dynamically generated page. Frankly, I'm more interested in seeing if the output is correct -- the last thing I want is to have the page not render at all because it's "invalid". What if you actually did produce a valid document, and the browser's validator was buggy? It's much easier for everyone if the browser just renders the damn page.

But that leads to the worst outcome of all: unpredictable results.

The one way you can be sure that a web page will work properly everywhere, is if all browsers follow the standard (any standard; I don't particularly care whose). Otherwise there are going to be pages that break some places and not others, and that means higher development costs, testing costs, and lost visitors. An awful thing for the industry (though perhaps a great thing for amateur-hour FrontPage mavens).

Re:A question about the proxy use (2)

raju1kabir (251972) | more than 13 years ago | (#390913)

my ISP, @home, has a proxy installed as my default proxy for web traffic and I am wondering if this could cause a problem--eg: they watching everything I do

If they cared what you do, they could watch your traffic with roughly equal ease whether or not you used the proxy.

Re:Bad statistics (2)

rfsayre (255559) | more than 13 years ago | (#390914)

This is quite bogus, as evidenced by the #2 ranking of akamai; the fact that many high-traffic sites have their images served from akamai's network does not mean that akamai is tracking where people go.
What exactly do you think Akamai does, aside from providing infrastructure? Do you think any MBA in his right mind would go for such a one sided business model? As long as you're delivering content, you might as well track it, or so the thinking goes.

And now for a highlight from akaikai.com -- In today's fierce competition for Internet eyeballs, customized Web site content is big news. Customizing your content to individual end-users makes your site more relevant, enticing visitors to stick around longer-and come back more frequently. Akamai's EdgeScape service enables you to make customization a reality by accurately identifying the geographic location from which users access your Web site and the network origin of the user's request. So, how do you "customize content" without "tracking where people go"?

Re:Who cares? (2)

ziplux (261840) | more than 13 years ago | (#390915)

True, but even without a webbug, anyone with access to the server logs could do this....so why the fuss about webbugs?

You are _not_ anonymous (3)

ChaosDiscord (4913) | more than 13 years ago | (#390917)

Advertisers are very interested in connecting those anonymous statistics to real people. DoubleClick actually did so [usatoday.com] , but stopped after a public backlash. But they will try again, it's just a matter of time. In the meantime, whenever you enter contact information for a web site, that site may decide to sell that information to someone like DoubleClick. Advertisers really want this information, and they'll keep trying until they get it.

Re:So um... (3)

ChaosDiscord (4913) | more than 13 years ago | (#390918)

Perhaps because they have an effective wall between the editorial staff and the advertising staff, thus ensuring that editorial policy (as much as Slashdot has such a thing) is not tainted by advertisers?

Re:Who cares? (3)

Mojojojo Monkey Inc. (174471) | more than 13 years ago | (#390923)

A 1x1 pixel image slows your surfing? You still on a 9600 baud modem there?

Re:Info v Privacy (3)

Syllepsis (196919) | more than 13 years ago | (#390924)

Whatever...in a toltalitarian police state crime effectively drops to zero, but who wants that?

By invading the private lives of every american household, and doubling the world's incarceration rate, the US can effectively wipe out marijuana use completely.

By warehousing consumer data large corporations can market more effectively, that is, convince you that you are not happy w/o their product.

Time to wake up the populace: Your well being is not a univariate function depending only on GDP growth. Crime prevention will not help your well being if the means outweigh the ends. Does nobody care about search and seizure rights?

Since I despise spam I find this from the FAQ (4)

LennyDotCom (26658) | more than 13 years ago | (#390925)

Particularly problamatic

from the web bugs FAQ [privacyfoundation.org]
11. Why are Web bugs used in "junk" Email messages?
To measure how many people have viewed the same Email
message in a marketing campaign.
To detect if someone has viewed a junk Email
message or not. People who do not view a
message are removed from the list for future mailings.
To synchronize a Web browser cookie to a
particular Email address. This trick allows a Web
site to know the identity of people who come to
the site at a later date.

Spam sucks

This is old news (4)

miracle69 (34841) | more than 13 years ago | (#390926)

They made a movie about it with Sandra Bollock. Industry just got smart after that and made it to where you couldn't see the pi, even if you held down control shift. ;)

God, that was a bad movie. Thankfully, I don't remember the title.

Google, too (4)

look (36902) | more than 13 years ago | (#390927)

Yeah, I noticed Google was on the list, too. A lot of people put the canned HTML code that Google provides on their pages to provide search capability. That includes an image, but it doesn't mean Google is tracking users. I think this survey needs more meat. I shouldn't be whether a page includes images from another domain, but only if cookies from other domains are going to the user from a page.

I could probably whip up a Perl script to do this with libwww pretty easily. I can't believe whoever did this survey didn't!

So um... (5)

Wakko Warner (324) | more than 13 years ago | (#390929)

... why have I seen Doubleclick banner ads on Slashdot, if Web Bugs Are Bad?

- A.P.

--
* CmdrTaco is an idiot.

Associating e-mail addresses with cookies (5)

B.D.Mills (18626) | more than 13 years ago | (#390931)

Suppose I have my own advertising web site, "WebBugsAreEvil.com", and your e-mail address is YOUR_EMAIL_ADDRESS@yourhost.com.

I place my bugs all over the internet. You visit a site with one of my bugs on it. This sends a new cookie to you. You now have a cookie from "WebBugsAreEvil.com" on your hard drive. Every time you visit another site with one of my web bugs in it, your cookie is sent to my host "WebBugsAreEvil.com" including the URL of the page that you are viewing. Thus, I build up a detailed profile of your web surfing habits.

Now suppose you place an order on one of these sites and leave your e-mail address and other personal information. The site sells your e-mail address and other personal info to "WebBugsAreEvil.com". I now have your personal information and your cookie, but the cookie ID is not yet associated with your personal information because these were collected by two different servers. I need to do one more thing to put them together.

I do a mass mail out with all the new e-mail addresses. The e-mails are HTML-enabled e-mails. Embedded at the bottom of the e-mail is this web bug:

<IMG WIDTH=1 HEIGHT=1 border=0 SRC="http://track.WebBugsAreEvil.com/cgi.bin/ping? email_ID=YOUR_EMAIL_ADDRESS@yourhost.com & sequence=1928d4ae1228">

It's a 1x1-pixel GIF that has a single clear pixel in it; this is where the euphemism "clear GIFs" comes from. You cannot see this GIF.

When you open the mail, this new web bug is sent to WebBugsAreEvil.com. Because the URL has your e-mail address in it, and it also sends your "WebBugsAreEvil.com" cookie with the HTTP GET request, I can now associate your personal details with your surfing habits.

In short, it is very easy to remove anonymity.

I don't know about you, but I find the idea of anyone having this amount of knowledge about me and my browsing habits to be uncomfortably close to Big Brother's surveillance from George Orwell's novel "1984". Is your telescreen on, Winston?

--

Defeating web bugs (5)

B.D.Mills (18626) | more than 13 years ago | (#390932)

Web bugs are usually used in conjunction with cookies to profile your surfing habits. I find this to be a gross invasion of privacy, so I have chosen to fight back.

It's not hard to stop a site from using cookies as a tracking tool. If they cannot store a cookie on your hard drive, that cookie cannot be used to profile you.

The way to defeat this is to prohibit the web sites that use web bugs from storing cookies on your computer. A good browser will have security settings that can be customised. I place all web sites that I trust in my collection of trusted sites. These sites can store cookies on my machine. Sites that are not in my collection of trusted sites must go through the default setting where I must approve each cookie with a click before it can be stored on my hard drive. Persistently annoying sites get placed in my collection of restricted sites, which are prohibited from storing cookies. Sometimes, a trusted site that I have omitted gets added to the trusted list.

If you want to start a database of restricted domains, a good place to start is your cookie collection. You will find a lot of sites that you never visited in that list. Add anything suspicious to the restricted list before deleting the cookie.

I have only been doing this for a few weeks, so I haven't got any good results to report so far. I'm sure I'll get good results doing this, and I invite others to try it. It does involve a little work, but eventually I hope to have reasonable web-bug-free privacy online.

--

Bad statistics (5)

cperciva (102828) | more than 13 years ago | (#390936)

Looks to me like they are classifying any inline link to a different server as a "web bug".

This is quite bogus, as evidenced by the #2 ranking of akamai; the fact that many high-traffic sites have their images served from akamai's network does not mean that akamai is tracking where people go.

Who cares? (5)

ziplux (261840) | more than 13 years ago | (#390937)

So, they collect some *anonymous* usage statistics. So what? They can track your web surfing. Who cares? These stats are *anonymous*, people. They can't be mapped to your physical address, phone number, etc. without a call to your ISP and a good reason. These stats help advertisers market products to you more efficently. It saves them money, and you get the see ads that might encourage you to buy something that is really useful to you. So my question is, why do you care?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...