>>>>> "Tim" == Tim May <[EMAIL PROTECTED]> writes:
Tim> If visitors to Intenet sites wish to be untraceable, they can
Tim> of course use Web proxies, Freedom, Hotmail/MyDeja-types of
Tim> cutout accounts, and so forth.
The problem is that it isn't quite that simple anymore. Some of these
tracking systems are combining different pieces of technology against
users, such that it will defeat various proxies, sometimes even
Freedom.
Coremetrics, for example, uses obfuscated JavaScript code to swipe
personal information out of forms that the user presumably fills out
for the purpose of telling the vendor where to ship stuff. The data
are stuffed into the query string of a fetch for a web bug that takes
place -- which has a persistent cookie, of course. Freedom will be
defeated in the case of a site that's using SSL, since the web bug
request will also be an SSL request in that case. Details are at
http://www.interhack.net/pubs/intimately/.
Of course, there are still things that can be done, including blocking
traffic to data.coremetrics.com and disabling JavaScript that will
work, but the whole issue here is an arms race.
This is basically as it's always been, but without disclosure of
what's happening in these systems, the level of technical prowess
needed to monitor the monitors and to eliminate their cruft is getting
higher.
The trick that we have now is defeating these tracking systems and
making our solutions available.
[Upon reflection, it seems that this means that things are pretty much
as they have always been...]
--
Matt Curtin [EMAIL PROTECTED] http://www.interhack.net/people/cmcurtin/
