Re: [tor-talk] google analytics says it can track across separate domains
On 05/20/12 02:17 AM, Mike Perry wrote: For example, I sure wish I could buy a fucking book without being tracked these days. There are no major brick and mortar bookstores left in my city, and I live in a pretty big city. Buying stuff semi-anonymously is easy with giftcards, prepaid cellphones, etc. Delivery is the hard part. Drug dealers have pretty much burned down the anonymous private mailbox niche. But even one that requires ID will prevent casual tracking. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] google analytics says it can track across separate domains
offtopic: Almost no one wants to solve the real technical problem, it seems. Sick sad world. hehe i always wonder why there is still no fresh e-mail protocol update that only allows known people, ans just refuses all the spam, spam is the biggest waste of bandwith and on-server-mailbox-diskspace though that would also destroy the privacy of your adressbook. Please do not reply on this, it is waaay off topic though it might trigger some inspiration. else ignore: ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] google analytics says it can track across separate domains
Thus spake Joe Btfsplk (joebtfs...@gmx.com): A few months ago, someone raised the question of TBB or any included addon not blocking web beacons / trackers and perhaps something like Ghostery should be included in TBB (I think). I asked about beacons (web bugs) compromising anonymity (not to mention privacy). Can't find the post, but I believe either Mike or Roger replied that it shouldn't be an issue because web beacons, like Google Analytics, can't track from site to site. Hope I've got the essence of the reply correct. Yes, that is correct. We consider the ability to link user activity across different url bar domains a violation of our design requirements (https://www.torproject.org/projects/torbrowser/design/#privacy), and any ability to do so is a major bug. Unfortunately, there are a couple such bugs we're already currently aware of: https://trac.torproject.org/projects/tor/query?keywords=~tbb-linkability We'll fix them, eventually. Help is always appreciated, though. There are other independent articles I've read about ability of web beacons to track across sites. Here from the horse's mouth, * seems * to be verifying in a matter of fact, ho - hum way, they can do track across completely separate domains. Unless I've completely misread it. I don't know what this means to Tor users, but as a Firefox user, I don't want them - always suspected they were capable of doing more than gathering data ONLY on the site where they were 1st loaded. BTW, have many read the new Google unified privacy policy? Yes, you are absolutely right. Normal web browsers do not consider the ability to link your accounts and activity across multiple url domains to be a problem. Actually, most of the major browsers see it as a totally awesome feature As a result, we have all sorts of stupid crazy conflict between policy people arguing for bullshit like Do Not Track; crazy lawsuits against Facebook and other companies who are simply using the tracking technology provided to them by browser makers; and weird filter addons like Request Policy and Ghostery to try to filter bad actors (who can simply reappear under new domains on a moment's notice anyway). Almost no one wants to solve the real technical problem, it seems. Sick sad world. -- Mike Perry signature.asc Description: Digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] google analytics says it can track across separate domains
Thus spake Mike Perry (mikepe...@torproject.org): Thus spake Joe Btfsplk (joebtfs...@gmx.com): A few months ago, someone raised the question of TBB or any included addon not blocking web beacons / trackers and perhaps something like Ghostery should be included in TBB (I think). I asked about beacons (web bugs) compromising anonymity (not to mention privacy). Can't find the post, but I believe either Mike or Roger replied that it shouldn't be an issue because web beacons, like Google Analytics, can't track from site to site. Hope I've got the essence of the reply correct. Yes, that is correct. We consider the ability to link user activity across different url bar domains a violation of our design requirements (https://www.torproject.org/projects/torbrowser/design/#privacy), and any ability to do so is a major bug. Unfortunately, there are a couple such bugs we're already currently aware of: https://trac.torproject.org/projects/tor/query?keywords=~tbb-linkability We'll fix them, eventually. Help is always appreciated, though. Oh, I should also mention https://www.torproject.org/projects/torbrowser/design/#identifier-linkability as the laundry list of linkability mechanisms we've already at least partially fixed. -- Mike Perry signature.asc Description: Digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] google analytics says it can track across separate domains
Thus spake Joe Btfsplk (joebtfs...@gmx.com): On 5/19/2012 3:14 PM, Mike Perry wrote: ...Normal web browsers do not consider the ability to link your accounts and activity across multiple url domains to be a problem. As a result, we have all sorts of stupid crazy conflict between policy people arguing for bullshit like Do Not Track; crazy lawsuits against ... companies who are simply using the tracking technology provided to them by browser makers; Browser companies are in business to make money. Even as a NFP, Mozilla still has to make $. How do browsers make $? From deals w/ companies involved w/ advertising. If browsers made it impossible to track users, negating the targeted ads concept, advertising companies wouldn't pay browsers or web sites for the right to track their users. Yep. Any userbases is worth money, though. Even one that prefers privacy still might like to buy a few things here and there. For example, I sure wish I could buy a fucking book without being tracked these days. There are no major brick and mortar bookstores left in my city, and I live in a pretty big city. So if Mozilla wants to surrender 5%+ of their userbase to us, hey man, we'll take it :) addons like Request Policy and Ghostery to try to filter bad actors (who can simply reappear under new domains on a moment's notice anyway). Maybe, but for now, TBB has NO way to block cross site tracking web beacons, AFAIK. Some protection seems better than none. In addition to disabled disk cache, we could turn off memory cache disable all images - not likely. I'm confused. What vectors do you belief remain that we have not covered a few dozen times in this thread and others? You smell a lot like a timewasting troll... I'm trying to help you understand what we're doing because I think it's important for everyone to understand. But you sure aren't making it easy ;) -- Mike Perry signature.asc Description: Digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] google analytics says it can track across separate domains
On 5/19/2012 5:00 PM, Mike Perry wrote: If you prevent the associated identifier transmission and fingerprinting issues, web beacons do not link your activity on one url to another. If we prevent identifier transmission and fingerpritning, web beacons will see both visits, but they do not know it is the same user on both visits. The reason we don't care that they can still see both visits is because the urls you visit can and do simply sell their logs to third parties already. If a site tries to deploy web beacons, you should assume they are also selling your data to whoever is buying, regardless of what the browser actually does. Presumably, as they are loaded w/ pages, even w/ disk cache turned off, they can still be stored in memory cache still track users, unless memory cache is disabled. True? Not exactly. In Tor Browser, cache is isolated by url bar domain, meaning that the cached copy of a web beacon that was loaded under one url bar is actually *not* used when the same web beacon is loaded under a different url bar. Though in interest of full disclosure, you'll notice that one of the tbb-linkability tagged bugs is an issue with this cache isolation specifically for images: https://trac.torproject.org/projects/tor/ticket/5742 Tracking scripts are correctly isolated in the cache, however (which is more important, as many tracking scripts *do* embed unique identifiers to get cached and used when the user clears cookies). I used the term web beacon too loosely, rather than as specifically 1x1 GIFs. Similar to how trackers is often used to describe a single beast, regardless of their function. There are of course, several types of technology that are often loosely referred to under the general tracker term. I didn't do a good job, but in my original question a month or so ago again today, I meant to include java script trackers as well. Many of the true trackers - w/ cross domain tracking ability - are java script. Google Analytics is only one of many. I think that those voicing a concern w/ these TBB, were concerned w/ the trackers most difficult to stop. Are you saying that * tracking scripts * are ALSO isolated per URL domain in the cache (see quote below)? So that cross domain tracking isn't possible in TBB? If that's not correct, then there's still a big problem for now. Tracking scripts are * correctly * isolated in the cache, however (which is more important, as many tracking scripts*do* embed unique identifiers to get cached and used when the user clears cookies). When you speak of sandboxing: Flash has tons of fingerprinting and proxybypass issues hidden in its binary blob. We really need a full sandboxing technology to make it safe to uniformly enable. If running an app in something like Sandboxie, (maybe you mean a diff scenario), it is protecting the OS / machine from the APP. It doesn't stop a browser (or, I assume, trackers; Flash) from connecting to the internet. Maybe it would have value once the browser is closed, Flash proxy bypass has already occurred. Unless you're talking about something else. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] google analytics says it can track across separate domains
Thus spake Joe Btfsplk (joebtfs...@gmx.com): I think that those voicing a concern w/ these TBB, were concerned w/ the trackers most difficult to stop. Are you saying that * tracking scripts * are ALSO isolated per URL domain in the cache (see quote below)? So that cross domain tracking isn't possible in TBB? If that's not correct, then there's still a big problem for now. This is correct. Any violations of this property are major bugs for us. Tracking scripts are * correctly * isolated in the cache, however (which is more important, as many tracking scripts*do* embed unique identifiers to get cached and used when the user clears cookies). When you speak of sandboxing: Flash has tons of fingerprinting and proxybypass issues hidden in its binary blob. We really need a full sandboxing technology to make it safe to uniformly enable. If running an app in something like Sandboxie, (maybe you mean a diff scenario), it is protecting the OS / machine from the APP. It doesn't stop a browser (or, I assume, trackers; Flash) from connecting to the internet. Maybe it would have value once the browser is closed, Flash proxy bypass has already occurred. Unless you're talking about something else. Yes, it would require a custom sandbox of our design. Current sandboxing tech (Seatbealt, AppArmor, Seccomp, SELinux) may actually need some additional hacking before they are sufficient for our needs for Flash. -- Mike Perry signature.asc Description: Digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] google analytics says it can track across separate domains
On 5/19/2012 9:17 PM, Mike Perry wrote: I'm confused. What vectors do you belief remain that we have not covered a few dozen times in this thread and others? You smell a lot like a timewasting troll... I'm trying to help you understand what we're doing because I think it's important for everyone to understand. But you sure aren't making it easy ;) I may be confused about TBB's ability to either stop * ALL * trackers or render them harmless for Tor users' purposes, but I'm not confused about your rudeness. I resent the hell out of that. Some vectors I might be concerned about are the many bug reports you've pointed out; Flash isn't controllable no need to list all unresolved issues - you pointed out several. Maybe you smell like a money grubbing hack trying to tout semi anonymous software, for * some * $ the attention it brings you. :D How do you like being disparaged w/o any basis? I didn't mean any of that - just making a point. See, if I put a emoticon after the insult, it makes it OK. Time wasting troll? I'm not a mindless drone that accepts everything at face value. I contribute a lot to this list I've come up w/ some ideas (or co-ideas) that were incorporated. I contribute a lot more to the list than I get out of occasionally using Tor. I think the problem may lie, not in the student, but in the teacher's explanations. I used to have some professors that got mad when students didn't understand or if they questioned the professors' logic or calculations. Who's fault was that? And no, we haven't covered ALL the different types of tracking cookies (as if they all behave the same), in any detail, a few dozen times - not in this list. Not even a few times. Professional programmers sometimes talk over the heads of very educated, but non - programmer users. Most of Tor's user base probably aren't programmers if it grows like it needs to, most will definitely not be programmers. Now, if * some * of the programming crowd wants to talk down to even insult non-programmer users (many, if not most are very patient helpful), that are trying to understand how or if Tor works, go ahead. It won't help build the user base. As far as me questioning how or if TBB handles something, you act as though there isn't a constant stream of bug fixes. Just because * anyone * says something (ANYthing) works - w/o question, doesn't make it so. What we think works today, turns out to have bugs (or someone found a hole) tomorrow. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] google analytics says it can track across separate domains
Everything takes time. You get upset because the software and the network you get to use for free is not perfect and you wonder why. I get upset because you make me explain to you over and over again how things work and why we've made the choices we've made with respect to development priorities. I have to do this instead of actually fixing the problems you complain about, you know.. Actually, I don't have to do it. I don't even know why I'm doing it... So don't push your luck, or no one will bother to answer you at all. How do we get to the point where I can stop answering the same questions from you over and over again? I've tried to document everything I've done. Maybe that documentation is still over your head, but you're not really telling me how or where it is over your head. It seems we might need a more effective translator between us before we can expect to come to an understanding. Thus spake Joe Btfsplk (joebtfs...@gmx.com): On 5/19/2012 9:17 PM, Mike Perry wrote: I'm confused. What vectors do you belief remain that we have not covered a few dozen times in this thread and others? You smell a lot like a timewasting troll... I'm trying to help you understand what we're doing because I think it's important for everyone to understand. But you sure aren't making it easy ;) I may be confused about TBB's ability to either stop * ALL * trackers or render them harmless for Tor users' purposes, but I'm not confused about your rudeness. I resent the hell out of that. Some vectors I might be concerned about are the many bug reports you've pointed out; Flash isn't controllable no need to list all unresolved issues - you pointed out several. Maybe you smell like a money grubbing hack trying to tout semi anonymous software, for * some * $ the attention it brings you. :D How do you like being disparaged w/o any basis? I didn't mean any of that - just making a point. See, if I put a emoticon after the insult, it makes it OK. Time wasting troll? I'm not a mindless drone that accepts everything at face value. I contribute a lot to this list I've come up w/ some ideas (or co-ideas) that were incorporated. I contribute a lot more to the list than I get out of occasionally using Tor. I think the problem may lie, not in the student, but in the teacher's explanations. I used to have some professors that got mad when students didn't understand or if they questioned the professors' logic or calculations. Who's fault was that? And no, we haven't covered ALL the different types of tracking cookies (as if they all behave the same), in any detail, a few dozen times - not in this list. Not even a few times. Professional programmers sometimes talk over the heads of very educated, but non - programmer users. Most of Tor's user base probably aren't programmers if it grows like it needs to, most will definitely not be programmers. Now, if * some * of the programming crowd wants to talk down to even insult non-programmer users (many, if not most are very patient helpful), that are trying to understand how or if Tor works, go ahead. It won't help build the user base. As far as me questioning how or if TBB handles something, you act as though there isn't a constant stream of bug fixes. Just because * anyone * says something (ANYthing) works - w/o question, doesn't make it so. What we think works today, turns out to have bugs (or someone found a hole) tomorrow. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- Mike Perry signature.asc Description: Digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk