So you think nobody knows what you've been watching on the net?

Subject: General Tech | August 17, 2011 - 11:03 AM |
Tagged: security, fud, tracking cookie, super cookie, ETag value

KISSmetrics is a small company which is able to track your movements across sites like Hulu and Spotify, using what some call a super cookie but more accurately is an ETag value.  That ETag value is a unique identifier stored in both a browser's cache and metadata folders which can be sent to KISSmetrics via JavaScript along with a header, so that any time you visit a site partnered with KISSmetrics they will know it is you.

Of course, very soon after the technical documentation of the trick was released to the net KISSmetrics claimed that they were completely innocent and that it was all a misunderstanding.  According to the CEO of KISSmetrics the company has never tracked anyone nor shared the information with a third party, so either the company never plans to ever make any money or he is being very specific in his definitions of what "is is".  Even better, they claim not to use ETag values at all only first party cookies.  As well, they claim support for the Do Not Track header and a "consumer-level opt-out" for their tracking as well.  That is disingenuous in that there is no sign of how to start the opt out process on their site, nor is there any clear way that they could identify you in order to let you opt out without a cookie or ETag placed on your machine in the first place.

The Do Not Track header is a good idea, but in addition you should consider browser add ins such as BetterPrivacy, NoScript and Ghostery as essential and perhaps even get used to running Chrome in Incognito mode, if you do not want to be trapped.  Don't use them to disable the ads which fund your favourite websites, they should be used to identify and possible block violations to your privacy only.  You can follow the link at The Register if you would like to see the technical research that has lead to these questions about KISSmetrics.

View Full Size

"A privacy researcher has revealed the evil genius behind a for-profit web analytics service capable of following users across more than 500 sites, even when all cookie storage was disabled and sites were viewed using a browser's privacy mode."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register
No comments posted yet.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote><p><br>
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

By submitting this form, you accept the Mollom privacy policy.