Privacy and the evercookie

2010-09-23

in Geek stuff, Internet matters, Politics, Security

In the context of the internet, cookies are little bits of data stored by web browsers that allow them to track visitors. They have many useful purposes. Commerce sites can keep track of what you have put in your shopping cart; sites can store your language preferences and login information; and so forth. This site uses a cookie so that those leaving comments only need to enter their name and email address once. Of course, cookies can also be used in more malicious ways, such as keeping track of what sites you visit without your approval.

Clearing out cookies is something that can nominally be done by all browsers. Unfortunately, this only applies to cookies of the conventional sort. Now, there are a multitude of ways through which browsers can store information through which to identify a particular computer and browser. As a demonstration of that, the ‘evercookie’ developed by Sami Kamkar stores information in eight different ways. Furthermore, it is able to regenerate any of the information if the user deletes it, provided all eight are not deleted simultaneously.

Kamkar’s intention is to show how tracking technology has outpaced the privacy features in browsers. The loss of anonymity is one of two big changes that have taken place on the internet, since the heady days of its birth. The other, of course, is the increasingly intrusive role played by governments.

Report a typo or inaccuracy

{ 5 comments… read them below or add one }

. October 20, 2010 at 9:55 am

“The persistent method that security researcher Samy Kamkar introduced last week for storing tracking data on a user’s machine, known as the ‘Evercookie,’ is even more worrisome when used on mobile devices, according to another researcher’s analysis. The Evercookie is a simple method for forcing a user’s machine to retain browser cookies by storing the data in a number of different locations. The method also has the ability to recreate deleted cookies if it finds that the user has removed them. Created by Kamkar as a demonstration of a way that sites could use to persistently track users even after they clear their browser cookies, the Evercookie has drawn the attention of a number of other researchers who have spent some time looking for methods to defeat it. A researcher in South Africa took a look at the way the the Evercookie works on both Safari on the desktop and on mobile devices, and found that it can be undone in some circumstances. However, he also found that the mobile version of Safari fares far worse in its handling of the Evercookie than the standard version does.”

. January 24, 2011 at 7:04 pm

Google Adds To Mozilla’s Push For ‘Do Not Track’

“In a morning blog post, Google announced the release of a Chrome plug-in called ‘Keep My Opt-Outs,’ which hopes to block all tracking cookies. Interestingly, it is released as open-source with the hopes that it will gain quick deployment on non-Chrome browsers and find a robust foothold against ads. The story is also covered at Computerworld, which has broader insight into the issue, looking at Google, Mozilla and Firefox, and seems to indicate more rapid change is looming — potentially from the FCC itself.”

. January 24, 2011 at 7:04 pm
. April 7, 2011 at 9:40 pm

Online privacy
Stopped in their tracks
A proposed privacy law could help as well as hurt America’s web companies

THE outcry over internet firms’ habit of surreptitiously tracking web surfers’ activities has clearly resonated inside the White House. On March 16th the Obama administration announced that it intends to work with Congress to produce “a privacy bill of rights” giving American consumers greater control over how their information is collected and used by digital marketers.

Those who have been lobbying for change agree with, but are unsympathetic to, internet firms’ worries that such a law could dent their advertising-driven business models, which rely on tracking and targeting consumers to maximise revenues. “This is dimming the prospects of Google, Facebook and other digital ad companies,” says Jeffrey Chester of the Centre for Digital Democracy.

. May 31, 2011 at 7:31 pm

Innovation in online advertising
Mad Men are watching you
How real-time bidding will affect media companies

May 5th 2011 | from the print edition

YOU are browsing for lampshades on a department store’s website. You grow bored, and surf across to the website of your favourite daily newspaper. Mysteriously, the lampshades follow you: an advertisement for the same brand appears next to the article you are reading. Welcome to the world of real-time bidding, a cleverer and nosier way of selling advertising that is beginning to shake up the online media business.

A decade ago online display advertisements, or “banners” as they were often known, were booming. Companies paid huge sums to appear on news websites. But, as the number of ads increased, people stopped noticing them. Now, for every 1,000 display ads that pop up, less than two are clicked on. Prices have slumped. Some media firms, notably News Corporation, have concluded that online ads will never bring in enough money to support a newspaper. Meanwhile search advertising, which reaches people when they seem to be interested in something, has grown from 1% of American online ad spending in 2000 to almost half, turning Google into a $172 billion company.

Conventional display ads are simply wasteful, says Jakob Nielsen of GroupM, a large media buyer. Say a company wants to reach young men. It might buy ads on the sports section of a large portal such as Yahoo!. But it will also be paying for the women who visit that page. If it also buys ads on the sports section of another large portal, such as Microsoft’s MSN.com, it will pay twice for the people who frequent both web pages.

Leave a Comment

You can use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

{ 1 trackback }

Previous post:

Next post: