WebProNews

Tag: Tracking

  • Facebook and Instagram Try to Scare iOS Users Into Accepting Tracking

    Facebook and Instagram Try to Scare iOS Users Into Accepting Tracking

    Facebook and Instagram are resorting to scare tactics to convince iOS users to allow the companies to track them.

    The latest version of iOS 14 forces apps to ask for permission before tracking users. Apple has framed the feature in the context of protecting user privacy and, just as importantly, giving users control over their own data and how it is used. As a company that charges for the vast majority of its products and services, Apple does not view its customers as the product, and doesn’t need to sell its users’ data to make money.

    In contrast, Facebook, Instagram and other social media companies view their users as their main product, profiting off the wholesale monetization of their data. Facebook has made no bones about its opposition to Apple’s latest iOS privacy move, and is now resorting to scare tactics to convince iOS users to give them permission to track them and continue profiting off of them.

    In the most recent notification asking for permission, Facebook and Instagram’s iOS apps imply that, without permission to track, the apps may not remain free. Ashkan Soltani, a technology reporter and former Obama White House advisor, was the first to report on the change.

  • PSA: Beware of FedEx Tracking Texting Scam

    PSA: Beware of FedEx Tracking Texting Scam

    Gizmodo is warning of a new scam involving text messages posing as FedEx tracking notifications.

    Android and iOS users (including this writer) have received text messages including what purports to be a FedEx tracking number and a link to set delivery preferences. Clicking on the link, however, goes to a fake Amazon listing and survey.

    As Gizmodo highlights, this is where the scam takes a turn. “If you proceed any further, the survey will then ask users for a range of personal information including their credit card information, which for anyone who hadn’t already started feeling suspicious, should set off serious alarms.

    “Apparently, by entering in your address and credit card number and agreeing to pay a shipping fee for your “prize,” you are also signing up for 14-day trial that turns into a $100 recurring subscription for a range of products, which you will continue to get billed for every month until you figure out how to cancel the payment.”

    One way to spot the scam is the alphanumeric nature of the supposed tracking numbers. FedEx tracking numbers are almost always exclusively numbers, whereas the fake ones include letters as well. Similarly, FedEx tracking numbers are 12 or 15 digits long, as opposed to the 10-digit fake ones.

    Police departments are warning citizens of the scam and encouraging individuals to check any tracking numbers they receive directly on FedEx’s website, rather than following a link in a text message.

  • Google Restricting Cookies In Chrome To Improve Privacy

    Google Restricting Cookies In Chrome To Improve Privacy

    The days of cookies may be coming to an end as Google announces its plans to phase out third-party cookies within two years.

    The first indications of Google’s plans came in August when the company announced a new initiative called Privacy Sandbox. The initiative was founded in an effort to keep publishers from abusing technologies to track users. Specifically, many web publishers have found ways to work around blanket efforts to block third-party cookies with even more invasive types of tracking, such as fingerprinting. As Google describes:

    “With fingerprinting, developers have found ways to use tiny bits of information that vary between users, such as what device they have or what fonts they have installed to generate a unique identifier which can then be used to match a user across websites. Unlike cookies, users cannot clear their fingerprint, and therefore cannot control how their information is collected.”

    With today’s announcement, Google is looking for a more nuanced approach, one that addresses the needs of advertisers to make money in a way that does not abuse privacy. The company has been receiving feedback from W3C forums and other standards participants, feedback that indicates it is on the right track. Bolstered by this feedback, Google has committed to a timeline for its plans.

    “Once these approaches have addressed the needs of users, publishers, and advertisers, and we have developed the tools to mitigate workarounds, we plan to phase out support for third-party cookies in Chrome. Our intention is to do this within two years.”

    Google also plans to address other privacy issues, such as cross-site tracking and fingerprinting. The company has been under increasing scrutiny for Chrome’s privacy, or lack thereof. In June 2019, The Washington Post went so far as to label the browser “spy software,” and blamed it on Google’s position as both a browser maker and the single biggest cookie generator on the web. Relying on the search giant to protect user privacy is akin to relying on the fox to guard the henhouse.

    Hopefully Privacy Sandbox and Google’s commitment to phase out third-party cookies are a step in the right direction.

  • Millions of Child-Tracking Smartwatches Exposed In Flaw

    Millions of Child-Tracking Smartwatches Exposed In Flaw

    TechCrunch has reported on a vulnerability in GPS-enabled smartwatches for kids that could allow anyone to track them.

    In an exclusive release to TechCrunch, security firm Pen Test Partners detailed their findings. The researchers found a vulnerability in the cloud platform developed by a Chinese firm called Thinkrace.

    Not only does Thinkrace manufacture and sell its own line of child-tracking smartwatches, but it is also a white-label manufacturer. In other words, it manufactures devices that are relabeled and sold by other companies under different names and brands. All told, Thinkrace makes some 360 different devices, totaling at least 47 million units.

    “Often the brand owner doesn’t even realize the devices they are selling are on a Thinkrace platform,” Ken Munro, founder of Pen Test Partners, told TechCrunch.

    Because all Thinkrace devices use their cloud platform, all of them—regardless of what companies they’re branded under—are vulnerable.

    According to TechCrunch, “each tracking device sold interacts with the cloud platform either directly or via an endpoint hosted on a web domain operated by the reseller. The researchers traced the commands all the way back to Thinkrace’s cloud platform, which the researchers described as a common point of failure.

    “The researchers said that most of the commands that control the devices do not require authorization and the commands are well documented, allowing anyone with basic knowledge to gain access and track a device. And because there is no randomization of account numbers, the researchers found they could access devices in bulk simply by increasing each account number by one.”

    Perhaps most disturbing, because Thinkrace watches allow parents and children to talk to each other, walkie-talkie-style, “researchers found that the voice messages were recorded and stored in the insecure cloud, allowing anyone to download files.”

    Worse yet, the researchers told TechCrunch that the most common commands are well documented and do not require authorization, leaving them virtually wide open for anyone to access. Account numbers are also in sequential order, rather than randomized, meaning that with a single account number a hacker could keep accessing other devices by increasing or decreasing the account number a digit at a time.

    Pen Test Partners discovered the vulnerabilities and notified the affected companies in 2015 and 2017, giving manufacturers time to address the issues. While some did, unfortunately many did not. Even those companies that implemented fixes saw some of them undone at a later date.

    The lack of definitive action to address these vulnerabilities prompted Pen Test Partners to finally go public with their findings in the interest of warning people about the danger of Thinkrace’s devices.

    It continues to be utterly shocking how irresponsible companies can be in handling user data, not to mention data involving children. Needless to say, any individual—and especially parents—using a Thinkrace device should stop immediately.

  • Facebook Defends Tracking Users Even They Opt Out

    Facebook Defends Tracking Users Even They Opt Out

    According to The Hill, Facebook has admitted to senators that it ignores users’ settings and continues to track their location in order to profit off of that information.

    Senators Christopher Coons (D-Del.) and Josh Hawley (R-Mo.) had questioned how the social media giant handled location tracking, specifically whether it continued to track individuals even if they turned location tracking off. In reply to the senators’ request, Facebook’s deputy chief privacy officer, Rob Sherman, indicated that the company continues to use other means at its disposal to track users, regardless of their location sharing settings.

    “When location services is off, Facebook may still understand people’s locations using information people share through their activities on Facebook or through IP addresses and other network connections they use,” Sherman wrote.

    Sherman went on to add that as people use Facebook, they often leave indicators of their activities, such as checking in at a restaurant, location-tagging a photo or appearing in a friend’s photo, all of which the company uses to continue tracking them. In addition, the company uses this indirect tracking information to keep providing targeted ads based on that location data, even if location tracking is turned off on their phone.

    Needless to say, the senators were not pleased with this admission and had strong words regarding the company’s behavior.

    “Facebook claims that users are in control of their own privacy, but in reality, users aren’t even given an option to stop Facebook from collecting and monetizing their location information,” Coons said. “The American people deserve to know how tech companies use their data, and I will continue working to find solutions to protect Americans’ sensitive information.”

    “There is no opting out. No control over your personal information,” Hawley tweeted. “That’s Big Tech. And that’s why Congress needs to take action.”

  • Google Reminds You It’s Tracking Your Every Move with Creepy, Somewhat Useful New Maps Feature

    Here’s the thing: We all know that Google knows everything about us – and of course that includes where you are and where you’ve been.

    But seeing all of that tracking in a neat little timeline is a tad disconcerting. A little bit neat and possibly useful, but pretty damn weird as well.

    Google has just launched a new feature for Android and desktop Google Maps called Your Timeline. What it amounts to is a detailed listing of all the locations you’ve been during a given day, month or year.

    “Have you ever wanted a way to easily remember all the places you’ve been — whether it’s a museum you visited during your last vacation or that fun bar you stumbled upon a few months ago? Well, starting today, Google Maps can help. We’re gradually rolling out Your Timeline, a useful way to remember and view the places you’ve been on a given day, month or year. Your Timeline allows you to visualize your real-world routines, easily see the trips you’ve taken and get a glimpse of the places where you spend your time. And if you use Google Photos, we’ll show the photos you took when viewing a specific day, to help resurface your memories,” says Map Product Manager Gerard Sanz.

    Creep level 100.

    As long as you’ve enabled “Location History”, Google tracks your every move. This is how it populates your Timeline.

    “Location History helps you get useful information – for example, automatic commute predictions, improved search results – by creating a private map of where you go with your logged-in devices,’ says Google.

    You Timeline is private and only visible to you. If you’re a person who frequently travels, or drinks too much, this could prove a useful reminder of where you’ve been (or what you’ve done).

    But there’s no denying that to some, this sort of knowledge of how much they’re being tracked will simply be unsettling. Even though they already knew.

  • Facebook Says Its Intentions Were Pure with Those Rainbow Profile Pics

    When the Supreme Court ruled in favor of same sex marriage, Facebook was ablaze with status updates, link shares, and photo uploads. If you were on Facebook in the hours following the landmark decision, it sure seemed like the entire world was sounding off – or at least you and your friends.

    Soon after, Facebook announced a seemingly fun and easy new tool – a way for users to “celebrate pride” and show off their support for the ruling.

    The tool allowed users to rainbow-ify their profile pictures with a filter overlay. Simple enough.

    Mark Zuckerberg did it. Arnold Schwarzenegger did it. Your mom probably did it. Everyone was doing it.

    In fact, in about three days, Facebook says that 26 million users rainbowed their profile pictures – and these received over a half a billion likes and comments.

    But it didn’t take long for some to question Facebook’s motivations. Had Facebook simply capitalized on an emotional, highly-charged moment to run yet another experiment on its users? Was this all just a big data grab?

    “All this raises a serious question: Is Facebook doing research with its “Celebrate Pride” feature? Facebook’s data scientists have attracted public scrutiny for conducting experiments on its users: tracking their moods and voting behavior. Much less attention has been given to their ongoing work to better understand collective action and social change online,” asked The Atlantic

    Social testing? Data tracking for ads? Exactly what was Facebook up to?

    None of that, really, says the company.

    “This was not an experiment or test, but rather something that enables people to show their support of the LGBTQ community on Facebook,” said the company in a statement. “We aren’t going to use this as a way to target ads and the point of this tool is not to get information about people.”

    But of course, Facebook has the data. How else would it know how many people changed their profile pic? How else would they know the level of interaction on said pics?

    Is Facebook tracking your every move? Of course. Is every bit of tracking for the purpose of ad sales? It’s hard to say. Facebook says this was simply an exercise in giving the community a way to show pride. Do you believe them?

  • Skynet Is Real, and the NSA Uses It To Track Locations with Phone Metadata

    When a spy agency decides to call one of its various tracking programs Skynet, it’s just screwing with us, right?

    A troubling report about a journalist misidentified as a terrorist from The Intercept has revealed that the National Security Agency actually has a program called Skynet.

    If you’ve never seen the Terminator movies, here’s a crash course. If you have, you understand why this is so morbidly hilarious.

    The NSA’s Skynet is unlikely to become self-aware and wipe out humanity, but it is tracking people’s whereabouts using phone metadata. The reveal was provided by documents from none other than Edward Snowden.

    The Intercept calls Skynet “a program that analyzes location and communication data (or “metadata”) from bulk call records in order to detect suspicious patterns … the NSA uses its version of SKYNET to identify people that it believes move like couriers used by Al Qaeda’s senior leadership.”

    But Skynet doesn’t always get it right, as would be expected. You know who also “moves like couriers”? Journalists reporting on said activity.

    From The Intercept:

    The briefing singles out Ahmad Muaffaq Zaidan, Al Jazeera’s longtime Islamabad bureau chief, as a member of the terrorist group. A Syrian national, Zaidan has focused his reporting throughout his career on the Taliban and Al Qaeda, and has conducted several high-profile interviews with senior Al Qaeda leaders, including Osama bin Laden.

    A slide dated June 2012 from a National Security Agency PowerPoint presentation bears his photo, name, and a terror watch list identification number, and labels him a “member of Al-Qa’ida” as well as the Muslim Brotherhood. It also notes that he “works for Al Jazeera.”

    Zaidan has denied being part of Al-Qaeda. He has, however, spent a lot of time in Pakistan and Afghanistan – conducting interviews and such.

    Earlier this week, a federal appeals court ruled that the NSA’s bulk metadata collection is illegal.

  • Google Launches Upgraded URLs For AdWords Ads

    Google announced the launch of new “Upgraded URLs” for AdWords Ads, which enable advertisers to spend less time managing tracking updates while reducing crawl and load times for their websites. They also come with new ValueTrack parameters, which provide new insights about ads.

    As Google notes, with current destination URLs, you have to update the entire thing whenever you want to adjust tracking, which triggers a re-review of your entire URL, and causes your ads to stop running during the process. Upgraded URLs enable you to enter the landing page portion and tracking info separately so you can update tracking at your account, campaign, or ad group without having to re-set ad stats.

    “Tracking templates are where you enter your tracking information and tell AdWords how to assemble your URLs,” explains product manager Leo Sei. “Now, if you’d like to scale your tracking updates across multiple URLs, you can use a shared tracking template at the account, campaign or ad group level. If you’d prefer to manage your URL tracking information at the individual URL level, you can use a tracking template at the ad, keyword, or sitelink level.”

    “Custom parameters let you customize the information you’d like to monitor as well as the specific values that get inserted into your URLs when your ad clicks are triggered,” says Sei. “For example, if you’d like to insert the value 12345 whenever this specific ad is clicked, you can set the custom parameter {_mycreative} in this ad.”

    As far as the new ValueTrack parameters, you’ll be able to track how many ad clicks were triggered by your creative by location, for example.

    Google is rolling out Upgraded URLs to all advertisers beginning this week. After July 1, all URLs will begin to update to the new structure on their own.

    Image via Google

  • Twitter Wants to Track Which Apps You Have on Your Phone; Here’s How to Stop It

    Twitter has just added a section to its security & privacy terms that explains how the company is about the start “collecting and occasionally updating the list of apps installed on your mobile device”.

    Re/code first spotted the updated page, which explains Twitter’s ‘App Graph’ and what it means for you.

    In short, Twitter is occasionally checking in on which apps you have downloaded – but that’s as far as it goes. Twitter assures users that “we are only collecting the list of applications you have installed … we are not collecting any data within the applications.”

    Why would Twitter want to do this? Well, ads first and foremost. Generically, Twitter’s rationale for the app-tracking is to “help build a more tailored experience for you on Twitter”. More specifically, that means “showing you more relevant promoted content”.

    Twitter also says this will help them to add more interesting content to your timeline. You may have noticed recently that Twitter has been messing with your timeline a bit, showing tweets and other stories from and about accounts you don’t follow.

    If your first thought is something along the lines of oh hell no – don’t worry – it’s easy to turn off. All you have to do is find the “tailor Twitter based on my apps” option in your settings and shut it down. For iOS users, it’s located under Privacy inside Settings. For Android users, it’s located inside the Other section inside Settings.

    But here’s the thing – Twitter’s probably not tracking your apps yet. Here’s how it will go down:

    We will notify you about this feature being turned on for your account by showing a prompt letting you know that to help tailor your experience, Twitter uses the apps on your device. Until you see this prompt, this setting is turned off and we are not collecting a list of your apps.

    So, until you see the warning, there’s nothing for you to do.

    Opt-out data tracking is probably one of the least-popular things on the planet – running close behind root canals and Yoko Ono Christmas covers. We’ll see how this goes over the next few days/weeks – but I’m betting there will be some backlash.

    Image via Jason Howie, Flickr Creative Commons

  • Google Pays $17 Million To States Over ‘Safari-Gate’

    Last year, Google was handed the largest fine for a single company in FTC history when it was penalized to the tune of $22.5 million in relation to the tracking of Safari users. Critics felt the fine didn’t go far enough, but a federal judge disagreed last November, ruling that the settlement was “fair, adequate and reasonable.”

    Google had been accused of placing cookies on Safari-users’ devices when they visited sites in the DoubleClick network back in 2011 and early 2012. Google maintained that it collected no personal data.

    Today, Google settled with 37 states and the District of Columbia for $17 million over what came to be known as “Safari-gate”.

    A Google spokesperson is quoted as saying, “We work hard to get privacy right at Google and have taken steps to remove the ad cookies, which collected no personal information, from Apple’s browsers. We’re pleased to have worked with the state attorneys general to reach this agreement.”

    New York Attorney General Eric Schneiderman said, “Consumers should be able to know whether there are other eyes surfing the web with them. By tracking millions of people without their knowledge, Google violated not only their privacy, but also their trust. We must give consumers the reassurance that they can browse the Internet safely and securely. My office will continue to protect New Yorkers from any attempts to deliberately expose their personal data.”

    His state gets $899,580 of the $17 million.

    According to the AG, Google has agreed to the following:

    • Not deploy the type of code used in this case to override a browser’s cookie blocking settings without the consumer’s consent unless it is necessary to do so in order to detect, prevent or otherwise address fraud, security or technical issues.
    • Not misrepresent or omit material information to consumers about how they can use any particular Google product, service, or tool to directly manage how Google serves advertisements to their browsers.
    • Improve the information it gives consumers regarding cookies, their purpose, and how the cookies are managed by consumers using Google’s products or services and tools.
    • Maintain systems designed to ensure the expiration of the third-party cookies set on Safari Web browsers while their default settings had been circumvented.

    You can read the settlement here.

    Image: Google

  • Google Adds Auto-Event Tracking To Tag Manager

    Google announced on Thursday that it has launched Auto-Event Tracking for Google Tag Manager, enabling users to measure events happening on the page without HTML or Javascript.

    You can use the Event Listener tag to tell Tag Manger when you want to listen for events, and write rules for what to do next.

    Auto Event Tracking in Tag Manager

    “Once you have your event listener set up, you can have tags fire based on form submits using a rule that looks for the event gtm.formSubmit (Of course, Tag Manager supports more than form submits: it also includes clicks and timer events.),” says product manager Lukas Bergstrom. “You can also make sure you’re getting the right form by using our Auto-Event Variable macros that let you narrow things down with attributes like the element ID and the form target.”

    “The end result: you can deploy event tracking to your site and send event tracking data to Google Analytics without adding any code to your site,” he adds. “You can deploy measurement campaigns faster, and not writing custom code makes your solutions more robust.”

    Google recently launched Tag Manger for mobile apps after first showing if off at Google I/O.

  • Senator Al Franken’s Privacy Bill Is Approved By Senate Committee

    We brought you word earlier this month that Sen. Al Franken was trying his hand at passing a privacy bill again. The Location Privacy Protection Act would require any and all app makers to request permission to track users before being able to do so. His first attempt at passage in 2011 failed, but it’s looking a bit more optimistic this time around.

    The Hill reports that the Senate Judiciary Committee voted in favor of Franken’s bill on Thursday. Now the bill can be brought up in the senate for a vote later this month before the current Congress ends at the beginning of January. Franken argues that the bill is not only important to protect an individual’s privacy, but also to protect the privacy of children who are increasingly using connected mobile devices:

    “I believe that Americans have the fundamental right to control who can track their location, and whether or not that information can be given to third parties. But right now, companies – some legitimate, some sleazy – are collecting your or your child’s location and selling it to ad companies or who knows who else.”

    Franken’s bill appears to have made it through committee without much change from its original text. Sen. Chuck Grassley of Iowa introduced an amendment that would have required state attorneys general to be transparent about hiring outside counsels, but it was defeated by committee democrats. Still, Grassley approved the bill, but remains concerned that its limits on tracking could hurt “commercial innovations.”

    Other members on the committee expressed some concern with language in the bill, but have said that they’re willing to work with Franken to improve the bill before it goes up for vote in the Senate. Franken will also have to work with his colleagues in the House if he wants to ensure passage this year, but the current negotiations over the “Fiscal Cliff” will most likely push Franken’s bill to next year.

    Regardless, it’s an encouraging sign to at least see a committee forward a digital privacy bill. There’s not enough legislation that addresses the current privacy concerns that have crept up with the advent of the Internet and mobile devices. Franken’s bill doesn’t address all of the concerns, but it’s a good start.

  • Archify Is A Tool You Might Actually Want Tracking Everything You Do Online

    Sometimes people actually wish everything they did was tracked online. That may be a hard concept for some to swallow, but surely you’ve encountered an experience where you ran across some piece of online content, but then want to see it again, days later, only to realize that you can’t find it. You can’t remember where you saw it, and you can’t find it with a search. This has actually happened to me more times than I care to admit.

    This is an issue that Archify is trying to solve. It’s a browser plug-in aimed at being your archive for the web. It’s pretty simple really.

    “Have you ever wondered how you can have all your online content in one single place?” Archify asks in its pitch. “All your Facebook and Twitter updates, your email conversations, the websites you’ve recently seen…every day, you use different devices and different browsers to access your online content. The footprints of your online journey are scattered and lost over time. Wouldn’t it be great to have your own personal archive of things which matter most to you?”

    Launched in limited beta earlier this year, Archify is now available to all.

    With the tool, you can search your archive from your Gmail account, from the browser plug-in, from archify.com, or even from Google itself, as the plug-in will add archive results to the Google search page.

    It even comes with an analytics suite, so you can learn more about your Internet browsing behavior, and see stats like what sites you visit most often, where you spend most of your time, and what time of day/week you’re most active.

  • Google Tag Manager Lets You Consolidate Site Tags Into One Snippet Of Code

    Google has announced the launch of Google Tag Manager, a new tool to consolidate the various tags you may use for your site into one snippet of code, and to manage from a single web interface.

    Users can add and update their own tags anytime. It’s not limited to Google-specific tags. It includes asynchronous tag loading, so “tags can fire faster without getting in each other’s way,” as Google puts it. It comes with tag templates for marketers to quickly add tags with Google’s interface, and supports custom tags. It also has error prevention tools like Preview Mode, a Debug Console, and Version History “to ensure new tags won’t break your site.”

    There are user permissions and multi-account functionality, and Google says it will be adding more features over the coming months.

    Google Tag Manager is launching globally in English, but it will come to other languages soon.

    Google has also announced the Tag Vendor Program, which enables tag providers to get templates within Tag Manager.

  • IBM’s New Augmented Reality App Will Track Your Grocery Shopping

    IBM’s New Augmented Reality App Will Track Your Grocery Shopping

    If you simply can’t get enough targeted advertising into your life, IBM’s new augmented reality mobile shopping app is probably for you. IBM research scientists today announced the app, which will allow customers to scan store shelves with their smartphone to receive coupons and recommendations on the spot. It’s the modern version of the grocery store card.

    IBM envisions customers downloading the app as they enter a store, then creating a profile based on their phone number or store loyalty card. The app will then allow customers to enter some personal information, such as whether they have specific food allergies, whether they care about biodegradable packaging, or whether they have other dietary needs, such as kosher foods. From there, as customers point the camera of their smartphone at various products, an overlay on the screen will provide informantion about price, ingredients, and possible discounts. Also, social networks can be integrated into results, in case customers want to know what types of food their friends and family “Like.”

    “In the age of social media, consumer expectations are soaring and people want information and advice about the products they’re going to buy,” said Sima Nadler, retail lead at IBM Research. “By closing the gap between the online and in-store shopping experience, marketers can appeal to the individual needs of consumers and keep them coming back.”

    IBM is promising to increase retailers’ in-store traffic with the technology, stating that the targeted marketing the app provides could help retailers retain customers. IBM even suggests that the app could be used to up-sell or cross-sell products to customers right as they are shopping.

    The researchers at IBM have provided the infographic below that shows exactly how the app will work, why they believe retailers should be excited about it, and what they envision the app’s effect will be:

    How IBM's augmented shopping will work

  • Googler: Nobody Wants To Be Tracked Online

    Googler: Nobody Wants To Be Tracked Online

    Last week, Google launched Google Consumer Surveys. These were designed both as a way for publishers to potentially make a bit of revenue, as well as a way to easily and cheaply collect market research.

    So far, at least Googlers themselves are running some interesting surveys. We already reported on one Matt Cutts ran, finding that only one in five Americans have heard of SEO.

    Now Google’s Justin Cutroni has posted the results of a survey where he asked if businesses should be able to anonymously track your actions on their website. The results? 84.7% said no.

    Google tracking survey

    “I was a bit surprised!” exclaimed Cutroni in a Google+ post. “I did not think the percentage would be that high. It also tells me that there is strong opposition to all tracking, even anonymous tracking. There were no demographic segments, based on location, age or income that agreed. Nobody wants to be tracked.”

    “We in the analytics industry really need to explain what we do and why we do it,” he added. “This is a great opportunity for the Digital Analytics Association to help spread information about what we do and why we do it.”

    Since the Federal Trade Commission issued its final report for how companies should handle consumer privacy, Google has indicated it will include a “Do Not Track” in Chrome.

  • Twitter Sells Past Tweets For Reference

    Twitter Sells Past Tweets For Reference

    Twitter is now offering access to 30 days of historical tweets through Gnip. The service, called 30-Day Replay, would be a handy tool for companies that already keep an eye on their social media presence but need to do some comparisons to older items that they were not aware of.

    Gnip describes the serve on their blog and offers this as an example of a handy use for the service;

    “Imagine you run a consumer electronics company. You just launched a game-changing new smartphone that will make or break your company. Two weeks after the launch, you’re hearing stories about your new phone burning users while they’re using it. You see the odd Tweet here and there but aren’t sure what the scale of this problem is or how you should respond. You make a panicked call to the company who monitors social media for you and they tell you that they can start tracking for this going forward but since they only get a realtime stream of Twitter data, there’s nothing they can do to get the last 14 days worth of Tweets.”

    Gnip offers services that help companies build social media tracking tools. Their pricing depends on the complexity of how you want to filter the results you take away from the Twitter “fire hose”. They also offer access to data from Google Plus, Flickr, Facebook, YouTube and other sites.

  • Is Facebook Tracking Everywhere You Go Online?

    Is it possible that Facebook is tracking your web browsing activity, even when you are logged out?

    According to Australian hacker and writer Nik Cubrilovic, Facebook could know that you are reading this article, simply because we, like most sites nowadays, have a Facebook share button.

    Cubrilovic ran a little test involving cookies and found that logging out of Facebook does not mean that Facebook can’t still know every page you visit on the same browser.

    Is it possible to be both private and social? Is privacy a long lost cause because of social networking like Facebook? Let us know what you think.

    On his blog post on Sunday, he shows what cookies are sent during a logged-in Facebook user’s visit to Facebook.com compared to a logged-out user’s visit to Facebook.com. Logging out is apparently supposed to prompt the deletion of certain identifiers, but that doesn’t happen, says Cubrilovic.

    The primary cookies that identify me as a user are still there (act is my account number), even though I am looking at a logged out page. Logged out requests still send nine different cookies, including the most important cookies that identify you as a user

    This is not what ‘logout’ is supposed to mean – Facebook are only altering the state of the cookies instead of removing all of them when a user logs out.

    This means that whenever you visit a page online that has a Facebook share button, like button or any other related widget, all of this pertinent information is being sent to Facebook. That’s how they can know where you are going on the web.

    This shouldn’t be news to anyone. It’s right there in the Facebook Privacy terms

    We receive data whenever you visit a game, application, or website that uses Facebook Platform or visit a site with a Facebook feature (such as a social plugin). This may include the date and time you visit the site; the web address, or URL, you’re on; technical information about the IP address, browser and the operating system you use; and, if you are logged in to Facebook, your User ID.

    But the revelation here is that this information is available even when you are logged out, as the cookie experiment notes. And people might wonder what all of this data does for Facebook –

    The advice is to log out of Facebook. But logging out of Facebook only de-authorizes your browser from the web application, a number of cookies (including your account number) are still sent along to all requests to facebook.com. Even if you are logged out, Facebook still knows and can track every page you visit. The only solution is to delete every Facebook cookie in your browser, or to use a separate browser for Facebook interactions.

    Apparently, Cubrilovic has been sitting on this information for a while, and has reached out to Facebook without any substantial response. He says that he was prompted to share this information due to the renewed privacy discussions happening across the internet regarding all of Facebook’s upcoming Open Graph changes and “frictionless sharing.”

    That “frictionless sharing” phrase is one that Mark Zuckerberg used quite a bit in his f8 keynote. He explained that it meant users can share their activities across the web to Facebook without having to really think about it. The melding of Facebook and everything else, per say.

    Some have privacy concerns, fearing that since applications will be allowed to post things to Facebook regarding your actions without explicit opt-in authorization, users might share stuff on Facebook that they really don’t want to share.

    ZDNet has obtained a response from Facebook. They explicitly state that Facebook does not track users’ web activity. They also explain the purpose of logged out cookies –


    Facebook does not track users across the web. Instead, we use cookies on social plugins to personalize content (e.g. Show you what your friends liked), to help maintain and improve what we do (e.g. Measure click-through rate), or for safety and security (e.g. Keeping underage kids from trying to signup with a different age). No information we receive when you see a social plugins is used to target ads, we delete or anonymize this information within 90 days, and we never sell your information.

    Specific to logged out cookies, they are used for safety and protection, including identifying spammers and phishers, detecting when somebody unauthorized is trying to access your account, helping you get back into your account if you get hacked, disabling registration for a under-age users who try to re-register with a different birthdate, powering account security features such as 2nd factor login approvals and notification, and identifying shared computers to discourage the use of ‘keep me logged in’.

    Facebook has responded in an additional way as well. As of today, the so called “a_user” cookie, the one which contains the user’s ID, is now destroyed upon logging out. Facebook said that “there is a bug where a_user was not cleared on logout, we will be fixing that today.”

    Cubrilovic has updated his blog to discuss this change. He still warns about privacy, saying that the remaining post-logout cookies will still be there, and as a Facebook user, you just have to trust that they are using them for what they say they are using them for (see above).

    Facebook has changed as much as they can change with the logout issue. They want to retain the ability to track browsers after logout for safety and spam purposes, and they want to be able to log page requests for performance reasons etc. I would still recommend that users clear cookies or use a separate browser, though. I believe Facebook when they describe what these cookies are used for, but that is not a reason to be complacent on privacy issues and to take initiative in remaining safe.

    In a nutshell, Facebook still has access to information about you when you logout. They give their specific reasons for keeping specific cookies active – mainly security and protection. I guess it’s up to Facebook users to decide if this explanation is understandable, or if measures like Cubrilovic suggests need to be taken – specifically wiping all cookies or using different browsers.

    Privacy concerns and Facebook are the peanut butter and jelly of the social networking world, but it sure doesn’t seem to be hurting business.

    What do you think? Is Facebook’s explanation satisfactory? Do you worry about your privacy as a Facebook user? Let us know in the comments.

  • South Park Does Steve Jobs Tonight, Looks Promising

    Historically, it’s not exactly been an honor to make a cameo on South Park.  Just ask Barbara Streisand, immortalized as MechaStreisand, a giant malevolent robot that hid a special crystal in its giant nose.

    Or ask Ben Affleck, who was depicted in a love-act with an 8-year-old’s hand-puppet that he thought was current girlfriend Jennifer Lopez.  Or more recently, Britney Spears’ cameo involved her attempting suicide but surviving as a disfigured, headless monster.

    So Steve Jobs can’t be too thrilled that he is the focus of the season premiere of South Park, airing tonight on Comedy Central.

    In this sneak peak of the upcoming episode we find Jobs’ in his trademark black turtleneck, introducing his newest creation, the HumancentiPad.  He lauds the new invention as “a new product that will once again revolutionize the way we use our phones and tablet devices.”  Video is NSFW due to unsavory references.

    HUMANCENTiPAD
    Tags: SOUTH
    PARK    more…

    This bit is clearly a reference to last year’s underground hit horror film, The Human Centipede.  No need for me to go into details about it.  If you haven’t seen it, Google it.  Be careful, however.

    The last time Mr. Jobs appeared on South Park, he was a featured guest at the premiere of Mr. Garrison’s new transportation device, the “IT.”  The IT operated by two strategically placed metal rods…just check out the video below.  If you haven’t guessed, it’s also NSFW.

    Job’s company Apple has been in the news recently.  Two data scientists discovered a file in iOS devices that stores users’ location data.  It took Apple over a week to respond, but they finally did this morning in a press release.

    Today, Jobs himself responded to the tracking issue in an interview with All Things D’s Mobilized.  He reiterated what Apple’s release said earlier, that they weren’t tracking anyone.

    “We haven’t been tracking anyone,” Jobs said in a telephone interview with Mobilized on Wednesday. “The files they found on these phones, as we explained, it turned out were basically files we have built through anonymous, crowdsourced information that we collect from the tens of millions of iPhones out there.”

    “As new technology comes into the society there is a period of adjustment and education,” Jobs said. “We haven’t–as an industry–done a very good job educating people, I think, as to some of the more subtle things going on here. As such, (people) jumped to a lot of wrong conclusions in the last week.”

    It’s a good thing he responded, as the public’s concern continues to grow about the tracking issue.  The recent privacy concern is most likely too recent to be a part of tonight’s South Park episode, but who knows.  Those guys are crafty.  I can see it now:

    Unencrypted geo-logging is bad, mmmmmmkay.

  • Apple Responds to Location Tracking (About Time)

    Apple is not tracking the location of your iPhone. Apple has never done so and has no plans to ever do so.

    This is the unequivocal opening statement from Apple’s official release this morning.  This marks the first official response from the company since the iPhone tracking location data snafu.

    Of course by now you know that last week two data scientists presented information on a hidden data file on iOS devices that was storing location data that reached as far back as one year.  Although there was no indication that this specific data was being directly sent to Apple or any other party, the data was unprotected and unencrypted so it raised privacy concerns.

    Apple, as well as Google have admitted in the past to collecting anonymous random location data for the purposes of improving upon its location database.  But logging all of that info into a single file was ominous news for some.

    Earlier this week, an email surfaced that purported to be a conversation with Steve Jobs about the issue, but the validity of that correspondence wasn’t confirmed.  The response did sound snarky enough to be Mr. Jobs, however.

    In today’s official release from Apple, they address the  particular data file that was found to be storing location data.  Apple states that the reason it exists is to assist location calculating.  They blame a bug on the fact that it has been logging data as far back as one year.

    6. People have identified up to a year’s worth of location data being stored on the iPhone. Why does my iPhone need so much data in order to assist it in finding my location today?
    This data is not the iPhone’s location data—it is a subset (cache) of the crowd-sourced Wi-Fi hotspot and cell tower database which is downloaded from Apple into the iPhone to assist the iPhone in rapidly and accurately calculating location. The reason the iPhone stores so much data is a bug we uncovered and plan to fix shortly (see Software Update section below). We don’t think the iPhone needs to store more than seven days of this data.

    On Monday, it was also found that the iPhone was logging your location data even if you disabled location services in the settings.  Apple also says that this is a bug, and will be fixed.

    Here is Apple’s full statement:

    Apple would like to respond to the questions we have recently received about the gathering and use of location information by our devices.

    1. Why is Apple tracking the location of my iPhone?
    Apple is not tracking the location of your iPhone. Apple has never done so and has no plans to ever do so.

    2. Then why is everyone so concerned about this?
    Providing mobile users with fast and accurate location information while preserving their security and privacy has raised some very complex technical issues which are hard to communicate in a soundbite. Users are confused, partly because the creators of this new technology (including Apple) have not provided enough education about these issues to date.

    3. Why is my iPhone logging my location?
    The iPhone is not logging your location. Rather, it’s maintaining a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than one hundred miles away from your iPhone, to help your iPhone rapidly and accurately calculate its location when requested. Calculating a phone’s location using just GPS satellite data can take up to several minutes. iPhone can reduce this time to just a few seconds by using Wi-Fi hotspot and cell tower data to quickly find GPS satellites, and even triangulate its location using just Wi-Fi hotspot and cell tower data when GPS is not available (such as indoors or in basements). These calculations are performed live on the iPhone using a crowd-sourced database of Wi-Fi hotspot and cell tower data that is generated by tens of millions of iPhones sending the geo-tagged locations of nearby Wi-Fi hotspots and cell towers in an anonymous and encrypted form to Apple.

    4. Is this crowd-sourced database stored on the iPhone?
    The entire crowd-sourced database is too big to store on an iPhone, so we download an appropriate subset (cache) onto each iPhone. This cache is protected but not encrypted, and is backed up in iTunes whenever you back up your iPhone. The backup is encrypted or not, depending on the user settings in iTunes. The location data that researchers are seeing on the iPhone is not the past or present location of the iPhone, but rather the locations of Wi-Fi hotspots and cell towers surrounding the iPhone’s location, which can be more than one hundred miles away from the iPhone. We plan to cease backing up this cache in a software update coming soon (see Software Update section below).

    5. Can Apple locate me based on my geo-tagged Wi-Fi hotspot and cell tower data?
    No. This data is sent to Apple in an anonymous and encrypted form. Apple cannot identify the source of this data.

    6. People have identified up to a year’s worth of location data being stored on the iPhone. Why does my iPhone need so much data in order to assist it in finding my location today?
    This data is not the iPhone’s location data—it is a subset (cache) of the crowd-sourced Wi-Fi hotspot and cell tower database which is downloaded from Apple into the iPhone to assist the iPhone in rapidly and accurately calculating location. The reason the iPhone stores so much data is a bug we uncovered and plan to fix shortly (see Software Update section below). We don’t think the iPhone needs to store more than seven days of this data.

    7. When I turn off Location Services, why does my iPhone sometimes continue updating its Wi-Fi and cell tower data from Apple’s crowd-sourced database?
    It shouldn’t. This is a bug, which we plan to fix shortly (see Software Update section below).

    8. What other location data is Apple collecting from the iPhone besides crowd-sourced Wi-Fi hotspot and cell tower data?
    Apple is now collecting anonymous traffic data to build a crowd-sourced traffic database with the goal of providing iPhone users an improved traffic service in the next couple of years.

    9. Does Apple currently provide any data collected from iPhones to third parties?
    We provide anonymous crash logs from users that have opted in to third-party developers to help them debug their apps. Our iAds advertising system can use location as a factor in targeting ads. Location is not shared with any third party or ad unless the user explicitly approves giving the current location to the current ad (for example, to request the ad locate the Target store nearest them).

    10. Does Apple believe that personal information security and privacy are important?
    Yes, we strongly do. For example, iPhone was the first to ask users to give their permission for each and every app that wanted to use location. Apple will continue to be one of the leaders in strengthening personal information security and privacy.

    Software Update

    Sometime in the next few weeks Apple will release a free iOS software update that:

    • reduces the size of the crowd-sourced Wi-Fi hotspot and cell tower database cached on the iPhone,
    • ceases backing up this cache, and
    • deletes this cache entirely when Location Services is turned off.

    In the next major iOS software release the cache will also be encrypted on the iPhone.