Do Not Track default feature in IE 10 makes Digital Advertising Alliance unhappy

[dw426]

I have very serious doubts I'm in the minority in regards to thinking custom HOST files are ineffective. Otherwise, they'd be recommended by every "newbie friendly" computing/tech site out there in security articles. When almost all of the recommended basic security practices are, by the security sector's own admission, no longer as effective or not effective at all to rely on, what exactly is a list of domains that is updated even every other week going to do?

No disrespect, but I don't buy it. We just don't operate in that kind of environment anymore. A few years ago, sure, now, no way would I recommend such "protection". Having MDL in, let's say, Adblock+, sure, I see no issue with that whatsoever. But not even MDL can find them all.

[siljaline]

BrightFort would not offer support for a Hosts file if it was a redundant software package. If you have specific points other than blanket statements, I would be glad to read them.

[dw426]

Quote:

Originally Posted by siljaline

BrightFort would not offer support for a Hosts file if it was a redundant software package. If you have specific points other than blanket statements, I would be glad to read them.

My points were already made though. Malware listings (excluding MDL itself, which is still not perfect) change far too frequently to be used in any sort of filter list such as a host file. As far as ad servers go, I get it, it can be used for that. However I feel that they are not as efficient as say, AdBlock+ and its alternatives. Host files for blocking ad servers aren't redundant if you choose not to use another available method, no argument there.

I've used HOST files off and on since the early part of the decade, so I'm not saying this stuff simply because I have some personal thing against them. We differ in opinion, no disrespect or argument meant.

[Hungry Man]

I agree with DW. The arguments for host files being ineffective are largely the same for why an AV isn't effective. Except pretty much worse in every way. A decent layer, I used one on my router for a while, but I wouldn't rely on it ever.

[siljaline]

In the final analysis - it depends whether MS ships IE10 with DNT on by default or not

I would probably prefer off by default so as not to block what I may want to see. This will all pan out when IE10 goes to RTM.

[dw426]

Quote:

Originally Posted by siljaline

In the final analysis - it depends whether MS ships IE10 with DNT on by default or not

I would probably prefer off by default so as not to block what I may want to see. This will all pan out when IE10 goes to RTM.

It will be off by default, due to complaints. I'll hunt the link down if I can.

Edit: Here you go: http://www.wired.com/threatlevel/201...-do-not-track/

[siljaline]

Quote:

Originally Posted by dw426

It will be off by default, due to complaints. I'll hunt the link down if I can.

Not quite yet as MS and the W3C are hashing this out as I type.

Quote:

Edit: Here you go: http://www.wired.com/threatlevel/201...-do-not-track/

That would be one of the originating links pointing to IE10 TPL. Among the links I previously posted.

[JRViejo]

Quote:

Summary: In an open letter, an influential U.S.-based lobbying group for the advertising industry has sharply criticized Microsoft's decision to enable Do Not Track as the default setting in Internet Explorer 10.

Ad industry blasts Microsoft over Do Not Track defaults in IE 10 by Ed Bott.

[siljaline]

I don't agree with the ad Industry as all they want is cash for advertising.
See: http://en.wikipedia.org/wiki/Pay_per_click
Compensation methods for delivery of third party advertising. Web bug. When IE10 goes RTM, the onus will be on the user to use Do Not Track or not. This may pose issues in reaching certain sites that demand Cookies, etc. we shall see how this all pans out.
Meanwhile, protect your Browser data as best possible with Tracking Protection Lists.

[TheWindBringeth]

I wonder if the DNT header will be sent in the requests associated with Update Checking, Customer Experience Improvement Program, Flip Ahead, Microsoft Location Service, SmartScreen Filter, and Suggested Sites.

[Pinga]

Quote:

Originally Posted by siljaline

I don't agree with the ad Industry as all they want is cash for advertising.

Speaking of blanket statements... But I agree. Too bad this 'discussion'

Quote:

The DAA is very concerned that this unilateral decision by one browser maker - made without consultation within the self-regulatory process - may ultimately narrow the scope of consumer choices, undercut thriving business models, and reduce the availability and diversity of the Internet products and services that millions of American consumers currently enjoy at no charge. The resulting marketplace confusion will not benefit consumers, and will profoundly impact the broad array of advertising-supported services they currently enjoy.

is framed in terms of powerful multinational versus powerful alliance, not exactly an open debate. The use of pathetic language and fin du globe scenarios is hardly a replacement for such a discussion.

[NGRhodes]

Quote:

Originally Posted by JRViejo

Ad industry blasts Microsoft over Do Not Track defaults in IE 10 by Ed Bott.

Yet Microsoft has done nothing wrong, it has followed the specification correctly.

From the spec at:

http://www.w3.org/2011/tracking-prot...ml#determining

Quote:

A user agent must have a default tracking preference of unset (not enabled) unless a specific tracking preference is implied by the decision to use that agent

Implied decision is allowed - the express setup option in IE10 informs the user that DNT will be set to on by default.

Cheers, Nick

[siljaline]

Top admen beg Microsoft to switch off 'Do Not Track' in IE 10

Quote:

Microsoft is in hot water with big-brand advertisers over its implementation of Do-Not-Track by default in the latest iteration of its Internet Explorer browser. The ad-slingers say Internet Explorer 10’s Do-Not-Track feature will hurt advertisers, consumers and competition.

As I've said previously of late in this thread and in observance of Nick Rhodes statement, MS has done no wrong in offering this service. The onus is on the user to opt out in the event certain sites cannot be reached via Do not track.

Article

[siljaline]

In Amsterdam, A Lack of Consensus on Do Not Track
• BEHAVIORAL TARGETING •

Quote:

The New York Times reports on the World Wide Web Consortium’s (W3C) meetings in Amsterdam this week and the lack of consensus among stakeholders on how to bring a Do-Not-Track option to websites. The report states that “the stakes for Internet users are high and boil down to who determines the limits and protections of online privacy on the Internet…” The meeting continues today. While the W3C’s Thomas Roessler says he has “some measure of confidence we will come up with a workable solution,” the head of the European Commission’s Article 29 Working Party, Jacob Kohnstamm, an observer at the meeting, said, “It seems the process has been hijacked by commercial interests.” U.S. FTC Chairman Jon Leibowitz said, “There is enormous and bipartisan momentum for Do-Not-Track options for consumers if there is no agreement by the end of this year.”

Article

[siljaline]

• The Do Not Track standard has crossed into crazy territory •

Quote:

The advertising industry wants to change the definition of Do Not Track into something Orwell would be proud of. One influential member of the W3C working group says he's lost the energy to go on. Is it time to kill Do Not Track?

Quote:

The debate over the Do Not Track standard has officially moved beyond Alice in Wonderland. These days, I'm not sure whether it's 1984 or Brazil.

In a sane world, telling a website “do not track me” would result in behavior that assumed the person making the request did not want to have unnecessary data collected about them.

But to the online advertising industry, that DNT:1 signal means, “Right, you’re one of those idiots who thinks this is about privacy. Now give me all your data. You're welcome.”

I cannot make this stuff up. The representative to the W3C working group from the Direct Marketing Association (DMA) proposed this change the other day to the Tracking Definitions and Compliance section of the DNT standard.

Article

[noone_particular]

"Do Not Track" is little more than a joke, as is any measure that relies on voluntary compliance. Their own words prove it:

Quote:

The DAA does not require companies to honor DNT signals fixed by the browser manufacturers and set by them in browsers.

The only thing the DNT header does is identify you as one who values privacy as opposed to one who doesn't care. In our present climate, valuing your privacy is construed as suspicious.

The only semi-effective "Do Not Track" measures are those that make it impossible or much more difficult, and only if those measures are under your control. If you don't want Facebook or Google tracking you, block their IP ranges outright. If you don't want tracking data stored on your PC, make the areas they use "read only" or sandboxed and deleted on exit. Don't want scripts digging out identifiable info? Block them. Don't count on any single method, application, extension, etc. Use several. It's no different than implementing a layered approach to security except that it moves faster and changes more.

[Mman79]

Quote:

Originally Posted by siljaline

• The Do Not Track standard has crossed into crazy territory •

Article

That was absolutely hilarious yet concerning reading. However, that's exactly how the "powers that be" react these days when you try to fight them. Noone_Particular seems to be right, going by that response. DNT does seem to be a lost cause. I still disagree with those that say legislation will enforce it. No, it won't, not as long as these major companies hold the sway they hold. If they aren't required to respect DNT and if they want marketing to be excluded, what is the point of DNT?

[siljaline]

See also related thread: http://www.wilderssecurity.com/showthread.php?t=334825