Berkeley Researchers Find Insidious Web Tracking Technique
July 30th, 2011Update: Ghostery Blocks KissMetrics Crap By Default
I found a list of sites that use the KissMetrics nonsense and I went to one using Firefox. Ghostery detected and blocked KissInsights and KissMetrics by default.
Just FYI: Although I’ve mentioned addons like Ghostery, AdBlock+ and NoScript for years, these prevent me from earning commissions on your APMEX, Brownells, Nitro-Pak and Swanson Vitamins purchases. If you want your purchases to support Cryptogon, whitelist Cryptogon in your security/privacy software, turn off the software to complete the transaction or simply use a stock, non security hardened browser just to conduct your business, and then go back to using your regular browser.
Also, if you fiddle with your referrer data, that could probably stop Amazon and BlueHost commissions from counting. Don’t worry, if you don’t know what this is, you haven’t fiddled with it.
When I mention this stuff, it always causes confusion for people who are making a conscious effort to support Cryptogon. Just forget about past transactions. They either counted, or they didn’t. If they didn’t count, there’s no way to get a do-over. (Believe me, I’ve tried.) The thing to do is to make sure future transactions count by using one of the methods I’ve mentioned above.
Most site admins simply accept losses associated with people using hardened browsers. It’s only one or two percent of the regular web audience, so, no biggy, right?
You guys aren’t a regular web audience… Cryptogon reading grandmothers are running harder browsers than average people and this has resulted in a loss of something like $2000 in commission payments over the years ($300 on a single Nitro-Pak order that I know about). And that’s just based on kind people getting in touch with me to make sure their purchases counted. Who knows what the actual amount is. I try not to think about it.
So, this a mess, but there you have it.
—End Update—
Maybe I’m missing something here, but couldn’t one simply blacklist kissmetrics.com with Ghostery, adBlock+, firewall policy, etc. etc.???
Via: Wired:
Researchers at U.C. Berkeley have discovered that some of the net’s most popular sites are using a tracking service that can’t be evaded — even when users block cookies, turn off storage in Flash, or use browsers’ “incognito” functions.
Research Credit: EB
This sounds like the same kind of thing where working at the Application Layer doesn’t work or is less effective. tynt was another so-called ‘service’ like this (tynt prevented copy/paste).
The way to SOLVE this and other HTML5 hacks that go around those browser plugins is to do things BELOW the application level, down into the *OS Layer*.
On Mac/Linux this means adding kissmetrics to your /etc/hosts file.
On Windows this means doing much the same, perhaps editing the hostfile there (see someonewhocares.org) or maybe using Spybot Search and Destroy (and requesting Kissmetrics be added to their blacklist).
-Drunky