The Glade 4.0

Schneier



Wired
Ashkan Soltani

I only understand the very basics of it, but I'm glad (and a bit concerned) Hulu stopped the practice at the end of July.

_________________
"Dress cops up as soldiers, give them military equipment, train them in military tactics, tell them they’re fighting a ‘war,’ and the consequences are predictable." —Radley Balko

I doubt "undeletable" is fair. Perhaps just 'difficult to delete'?

I doubt you read the links. Perhaps you could take it up with Schneier regarding his use of language?

_________________
"Dress cops up as soldiers, give them military equipment, train them in military tactics, tell them they’re fighting a ‘war,’ and the consequences are predictable." —Radley Balko

Did read the links.
It wasn't a criticism of you. I'm just pointing out that major-pain-in-the-ass-to-eliminate doesn't mean impossible.

Low level format works nicely
To be clear there are 'undeletable' methods which rely on uniquely identifying hardware, (which mercifully can be turned off these days) or tracking can be instituted at other locations not associated with the PC itself which I would consider 'undeletable' because no action on the PC would clear the the tracking.

...

I'd seriously shut up about now ...

_________________

Except that you're incapable of doing such, Khross?

Wow, found the post, read the links and posted a reply, all within five minutes. Impressive!

_________________
"Dress cops up as soldiers, give them military equipment, train them in military tactics, tell them they’re fighting a ‘war,’ and the consequences are predictable." —Radley Balko

Yes, apart from the code, which I didn't bother to read, as I'm NOT coder, I am quite capable of reading 5000 words far less than 5 minutes.
Thanks for checking up on me though Vindicarre.

But it doesn't require any detailed reading of the articles to pull out that these sites are STILL tracking data on the computer. Data can be purged.

What the articles say is that none of the built in features of browsers or plugins have methods of purging the data.

That does NOT mean the data is undeletable. It simply means that until someone writes a tool that deletes the data, your only recourse is actually locate the data, the files its stored in, and purge those, potentially by hand.

That is NOT the same as undeletable.

Like I said, take it up with Schneier, I'm sure your qualifications will wow him. Deleting the cookies does not remove them. The cookies, as such, aren't removed upon deletion.

_________________
"Dress cops up as soldiers, give them military equipment, train them in military tactics, tell them they’re fighting a ‘war,’ and the consequences are predictable." —Radley Balko

Because bloggers & news articles never use sensational headlines with just a little bit of hyperbole to get you to read?

Yet, your comments had nothing to do with the facts in the articles, but please continue.

_________________
"Dress cops up as soldiers, give them military equipment, train them in military tactics, tell them they’re fighting a ‘war,’ and the consequences are predictable." —Radley Balko

Chill.

_________________

Why are you guys doing this in the tech forum (again)? This is partly why I posted my Google article in Hellfire.

TheRiov, unless you have access to delete info on their servers, you're not going to be able to delete the cookies.

_________________
In time, this too shall pass.

The portion of the article you're referring to Taskiss, is actually about an older code, and the cookie is still on the user's pc --but other parts of the script that are downloaded to the pc, regenerate the cookie after its deleted.

in some respects this behavior (in what you're quoting) isn't dissimilar from what some virii do. They exist as several discrete pieces, and even if you delete part of it, the other pieces restore the deleted parts of the virus. Perhaps only one of the files actually does the damage, but because the other two, otherwise harmless files, check to see if the destructive portion is there, just deleting the damaging portion doesn't solve it.

The situation being described in the section of the article you're referring to is similar. Only the cookie itself is passed back to the server to uniquely identify the user. BUT if you delete the cookie, other buried parts of the code tucked away in cached javascript/flash files that are NOT trashed with cookies will rebuild the cookie.
Now cookies are usually unique to a browser (ie, if Load up Chrome and Firefox, If I load a page with one, the other browser has no idea that I logged in to the site) You can test this easily enough by signing into the Glade with Chrome and Firefox as different users-- the cookies that identify you to the site are NOT shared.


The article/blog post reference the above script but are actually pointing to a separate part of the code where the browser checks to see fi there is a newer file when reloading a web page. the KISSmetrics scripts are really unrelated to the example you're citing (other than the fact they make it hard to browse anonymously) But apparently the KISSmetrics is loading it into a share library that is NOT unique to any browser.

This is the part where some of our resident web developers can explain it better than I can, but the way I understand it, javascript & flash scripts are cached in a generic 'flash' or javascript cache that is not unique to a browser. The information there is what is being used to uniquely identify the pc. So if I load up chrome, and now have this tracker in my flash cache, then close it down and load up Firefox, firefox still pulls from the same cache so the website can still uniquely identify my pc. Standard instructions to a browser to clear cache/cookies dont tell it to purge the flash cache, so you're stuck being identified.

Reread the section marked "3RD PARTY LINKING AND ENHANCEMENT" and "UNAVOIDABLE 3RD PARTY TRACKING"

_________________
In time, this too shall pass.

Not quite. This is the part where the resident web developer tells you that you don't really know what you're talking about. When there are redundant copies of your cookies saved in multiple locations, some of which you do not have access to, your saved variables (practically) become "undeletable". They're not tied to your computer, they're not tied to your browser, they're tied to your USER and they're updated every time you visit.

The request itself includes cookie type unique user identifiers and is kept on their server.

_________________
In time, this too shall pass.

Wow, a low level format? That.is.awesome! I haven't done one of those since the mid-90's.

Thankfully, I've upgraded hard drive technology a few times since then.

There are a bunch of toll house cookies I wish I could delete.

_________________
The U. S. Constitution doesn't guarantee happiness, only the pursuit of it. You have to catch up with it yourself. B. Franklin

"A mind needs books like a sword needs a whetstone." -- Tyrion Lannister, A Game of Thrones

I'd hate to have to low level format my hard drive every time i visit a certain website

_________________
Ron Paul 2012

oh man...

Heh, I hear that!

_________________
"Therefore do not worry about tomorrow, for tomorrow will worry about itself. Each day has enough trouble of its own." Jesus of Nazareth