Apache Hammers Microsoft Over Do Not Track

By t_r_nelson
in Back Page News

 Share

Recommended Posts

Grand Master

Redmak Administrators

Posted
  • Administrators
Posted

BTW this is more of what I predicted earlier. MS will get hammered regardless of what road they take with security.

I agree with what Microsoft is doing here, I'm just worried about the average user ending up with settings enabled or disabled without knowing what the actual consequences are.

This is always the case with default or express options, but in case of DNT it's a bit more than a simple user preference.

Mentor

+Heartripper Subscriber¹

Posted
  • Subscriber¹
Posted

In the pc word somethind that is turned off by default is, most of the times, turned off forever. What's the point of DNT if it's turned off by default? Only those who know about it would turn it on, and how many does?

Veteran

Shane Nokes

Posted
Posted

I agree with what Microsoft is doing here, I'm just worried about the average user ending up with settings enabled or disabled without knowing what the actual consequences are.

This is always the case with default or express options, but in case of DNT it's a bit more than a simple user preference.

...and that's what the Custom option is for.

Also if you looked at the screenshot it shows what Express will do for you. It doesn't hide anything. It spells it out pretty clearly. Also the feature is named in a manner that makes it easy to figure out. If I saw a setting called Do Not Track, I would assume it was something to help keep me from being tracked while using Internet Explorer since it states that it was an IE feature.

MS decided to create 2 routes to an install. Custom & Express. Express is a simple click here, no muss, no fuss install...but has a screen telling you what happens when you use it.

If they prompt again, then the user will go wait a minute...I thought I chose Express where it was supposed to just turn on everything for me...so why is it asking this now?

That's what Custom is there for. If we have to start prompting users at every single new feature added in new version of Windows then it goes back to being a non-Express experience again...so why even bother?

Grand Master

ichi

Posted
Posted

Yes, and it cannot be enforced if it's not a standard... ...by the very definition of what it means to be a standard in normal industry jargon.

Even if/when it becomes a standard, is there any plan to actually enforce it? That is, legally enforce it.

Or are we expecting ad companies complying out of free will?

The fact is that right now DNT is useless, and will be at the very least for quite some time.

Veteran

Shane Nokes

Posted
Posted

Even if/when it becomes a standard, is there any plan to actually enforce it? That is, legally enforce it.

Or are we expecting ad companies complying out of free will?

The fact is that right now DNT is useless, and will be at the very least for quite some time.

Indeed, for now it is.

There are perks to following a standard. For instance if you don't follow the WiFi standard you actually can't list the WiFi logo on your hardware or any associated boxes or advertising, and cannot call it certified.

As stands the draft is calling for voluntary participation, but I think it should be compulsory.

Grand Master

Ryoken

Posted
Posted

Indeed, for now it is.

There are perks to following a standard. For instance if you don't follow the WiFi standard you actually can't list the WiFi logo on your hardware or any associated boxes or advertising, and cannot call it certified.

As stands the draft is calling for voluntary participation, but I think it should be compulsory.

And how would you enforce that ?

Make every site offer up server access to a 3rd party to check it ? Don't think so.

Veteran

Shane Nokes

Posted
Posted

And how would you enforce that ?

Make every site offer up server access to a 3rd party to check it ? Don't think so.

Have a system similar to Verisign in place. Send a DNT request and check for the response. It's not hard to figure out...

Grand Master

Ryoken

Posted
Posted

Have a system similar to Verisign in place. Send a DNT request and check for the response. It's not hard to figure out...

Having a secure connection server to user is something you can test.

Proving at a server isn't keeping records of what you do is something you can't without access to the code.

I can track people coming to a site without even using cookies, just by logging the movies of their IP Address server side and no one without access to the code would have a clue.

Veteran

Shane Nokes

Posted
Posted

Having a secure connection server to user is something you can test.

Proving at a server isn't keeping records of what you do is something you can't without access to the code.

I can track people coming to a site without even using cookies, just by logging the movies of their IP Address server side and no one without access to the code would have a clue.

Right but that's not what this is for. With DNT a flag is sent to the server and a response is given showing whether or not they acknowledge the flag.

That's something that you can easily check.

So a standards body can easily confirm if the flag is being respected or not just by reading the response.

Grand Master

ichi

Posted
Posted

Right but that's not what this is for. With DNT a flag is sent to the server and a response is given showing whether or not they acknowledge the flag.

That's something that you can easily check.

So a standards body can easily confirm if the flag is being respected or not just by reading the response.

You can check a response but not if they are actually tracking you or not.

And then what's exactly tracking anyway? Tracking cookies are obviously considered tracking, but what about sites that get third party webs to load resources from their servers, like Facebook?

Grand Master

Stoffel

Posted
Posted

I can't believe people are all over MS again for protecting their average customer.

Like I said before, for some people MS can never win doesn't matter what they do.

And as been posted before, they give you a clear option to turn it on or off during installation.

Add companies are just mad because they were hoping the DNT option would stay hidden away in some obscure menu and now MS is bringing it to the front so more people will have this option on.

Can't believe people agree with what Apache just did, they openly admit they will ignore the choice of all IE users.

And to Shane Nokes, I have the feeling people are just being thick on purpose when they are answering to you, you make total sense to me!

Grand Master

Ryoken

Posted
Posted

Right but that's not what this is for. With DNT a flag is sent to the server and a response is given showing whether or not they acknowledge the flag.

That's something that you can easily check.

So a standards body can easily confirm if the flag is being respected or not just by reading the response.

That doesn't prove the flag is being respected, just that the server says it is..

It really wouldn't be hard to get a server to respond to the dnt saying it's following it, then Not following it.. that's my point.

It's very easy to get a server it lie to anyone..

Veteran

Shane Nokes

Posted
Posted

I can't believe people are all over MS again for protecting their average customer.

Like I said before, for some people MS can never win doesn't matter what they do.

And as been posted before, they give you a clear option to turn it on or off during installation.

Add companies are just mad because they were hoping the DNT option would stay hidden away in some obscure menu and now MS is bringing it to the front so more people will have this option on.

Can't believe people agree with what Apache just did, they openly admit they will ignore the choice of all IE users.

And to Shane Nokes, I have the feeling people are just being thick on purpose when they are answering to you, you make total sense to me!

Thank you. I try to be a clear & effective communicator. I don't think a lot of people realize that if this becomes a standard and violations occur that there are consequences that ensue.

That's why I pointed out Verisign. Usually when a standard comes along there are groups who verify it is being followed.

That doesn't prove the flag is being respected, just that the server says it is..

It really wouldn't be hard to get a server to respond to the dnt saying it's following it, then Not following it.. that's my point.

It's very easy to get a server it lie to anyone..

Indeed and do you know how hard companies get slammed if they lie? Any company that stated they complied with DNT and didn't would get dropped for contracts quickly if it went public.

Have you worked for one of the big tech companies before? I ask because if you had you'd know what a huge deal breaking standards is for most. Look how badly MS was taken to task?

Mentor

Colin McGregor

Posted
Posted

I'm with Apache on this. If the browsers default behavior is do not track then web services will simply ignore the flag entirely. It has to be a choice that the users make instead of a default if it has any hope of working.

This should force Microsoft to change their stance but we all know it won't they are too stubborn.

didn't ms have to include crappy browsers in a ballot box because google and mozilla assumed the user didn't know too much. Now MS does something that helps users stay more secure and its a bad thing??

Grand Master

Vice

Posted
Posted

didn't ms have to include crappy browsers in a ballot box because google and mozilla assumed the user didn't know too much. Now MS does something that helps users stay more secure and its a bad thing??

Yes this is bad because if this browser automatically defaults 25% of the web fairing public to "do not track" advertisers and other websites will just ignore the do not track system entirely. That is one of the major ways they make money, heck whole businesses are built on tracking. The only reason they are embracing it currently is for good PR and knowing that very few people will go in to the settings of their browser and turn on "do no track".

I applaud Microsoft for wanting to do the right thing but as usual their execution fails them and puts the whole do not track system in jeopardy from being ignored by the people we don't want to track us.

Veteran

Shane Nokes

Posted
Posted

Yes this is bad because if this browser automatically defaults 25% of the web fairing public to "do not track" advertisers and other websites will just ignore the do not track system entirely. That is one of the major ways they make money, heck whole businesses are built on tracking. The only reason they are embracing it currently is for good PR and knowing that very few people will go in to the settings of their browser and turn on "do no track".

I applaud Microsoft for wanting to do the right thing but as usual their execution fails them and puts the whole do not track system in jeopardy from being ignored by the people we don't want to track us.

Again it doesn't 'automatically default' anything. You are given a very clear choice during the setup of Windows to either enable or disable DNT.

The user has to make this choice. It isn't just automatically done without them having been given an option, so will you please stop trying to spread this FUD!

I'm starting to agree with Stoffel when they say that some of you are being thick on purpose. It's not amusing...

Grand Master

Vice

Posted
Posted

Again it doesn't 'automatically default' anything. You are given a very clear choice during the setup of Windows to either enable or disable DNT.

The user has to make this choice. It isn't just automatically done without them having been given an option, so will you please stop trying to spread this FUD!

I'm starting to agree with Stoffel when they say that some of you are being thick on purpose. It's not amusing...

And what happens if you just click this box away without choosing anything?

Also notice in my post I said "if this browser" I never said "this browser does".

Grand Master

hagjohn

Posted
Posted

I want to know what happens if the user doesn't read the box and just clicks the x. What is the default behavior if the user doesn't choose an option at all.

Isn't that also a choice?

Microsoft just can't win with some people. They don't do anything, people bitch. The do something proactive to protect people and people bitch. Frankly, this really isn't the place to hit Microsoft on. If you ask people if they want to be tracked online and most people will say no.

Grand Master

Vice

Posted
Posted

Isn't that also a choice?

Microsoft just can't win with some people. They don't do anything, people bitch. The do something proactive to protect people and people bitch. Frankly, this really isn't the place to hit Microsoft on. If you ask people if they want to be tracked online and most people will say no.

So do you not know the answer to my question because I don't which is why I asked.

Grand Master

Ryoken

Posted
Posted

Indeed and do you know how hard companies get slammed if they lie? Any company that stated they complied with DNT and didn't would get dropped for contracts quickly if it went public.

Have you worked for one of the big tech companies before? I ask because if you had you'd know what a huge deal breaking standards is for most. Look how badly MS was taken to task?

I know that most companies will try to get away with what they can.

Would they get fined big time if they were caught ? Ya.. of course.. but how are you gonna catch them.

Short of employees turning in their company, there is really no way..

Look at all the stuff Google has done, ignoring privacy, and when they get caught they pay a fine they can afford, but say they are sorry, didn't mean too, and then move along.. in a few months no one cared anymore..

Veteran

rfirth

Posted
Posted

And what happens if you just click this box away without choosing anything?

Also notice in my post I said "if this browser" I never said "this browser does".

I want to know what happens if the user doesn't read the box and just clicks the x. What is the default behavior if the user doesn't choose an option at all.

It's part of the install process. You can't just click an X to make it go away. You aren't in Windows when that box appears... there is nowhere to go but forward...

What is the default behavior if the user doesn't choose an option at all? To stay stuck on that screen forever.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Microsoft about to radically change how often your Edge browser updates

      By +Good Bot, Bad Bot · Posted

      There is a lot of reasons not to use Edge but faster fixes and security updates is not one of them.
    • Can't access the forum on mobile

      By Steven P. · Posted

      Can't reproduce. I installed Edge, went to neowin.net > accepted the cookie consent > used menu to go to forums, everything loads and I can browse around the forums. If you can't interact with the dialog on the forums for some reason, go to the main site and accept the cookie consent there? It is true that the site will not function properly until the cookie consent is accepted or rejected,. it's a legal requirement and I also know that certain VPN/ad blockers block it, which is a user related issue and not a neowin.net problem.   This is not our cookie consent dialog. Gotta love browser hijacking... /s Edit: this may be what Californians see, I will confirm with our consent provider.
    • Google Chrome 149.0.7827.115 (offline installer)

      By Copernic · Posted

      Google Chrome 149.0.7827.115 (offline installer) by Razvan Serea The web browser is arguably the most important piece of software on your computer. You spend much of your time online inside a browser: when you search, chat, email, shop, bank, read the news, and watch videos online, you often do all this using a browser. Google Chrome is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier. Use one box for everything--type in the address bar and get suggestions for both search and Web pages. Thumbnails of your top sites let you access your favorite pages instantly with lightning speed from any new tab. Desktop shortcuts allow you to launch your favorite Web apps straight from your desktop. Chrome has many useful features built in, including automatic full-page translation and access to thousands of apps, extensions, and themes from the Chrome Web Store. Google Chrome is one of the best solutions for Internet browsing giving you high level of security, speed and great features. Important to know! The offline installer links do not include the automatic update feature. Download web installer: Google Chrome Web 32-bit | Google Chrome 64-bit | Freeware Download: Google Chrome Offline Installer 64-bit | Direct Link | 131.0 MB Download: Google Chrome Offline Installer 32-bit | Direct Link | 119.0 MB Download page: Google Chrome Portable Download: Chrome ARM64 | Direct Link View: Chrome Website | Release Notes Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Can't access the forum on mobile

      By RaidenX · Posted

      Oh, it's happening on more than one dialog? This is the dialog that I'm unable to interact with.
    • WSCC - Windows System Control Center 10.0.3.8

      By Copernic · Posted

      WSCC - Windows System Control Center 10.0.3.8 by Razvan Serea Windows System Control Center is a free, portable program that allows you to install, update, execute and organize the utilities from various system utility suites. WSCC can install and update the supported utilities automatically. Alternatively, WSCC can use the http protocol to download and run the programs. WSCC is portable, installation is not required. Extract the content of the downloaded zip archive to any directory on your computer. Free for personal use. The setup packages and updates are downloaded directly from their author's website! This edition of WSCC supports the following utility suites: Windows Sysinternals Suite (including support for "Sysinternals Live" service) NirSoft Utilities Mitec and more... WSCC - Windows System Control Center 10.0.3.8 changelog: [NEW] update progress is now visible on the Windows taskbar [FIXED] fixed an issue with the Update dialog [FIXED] minor fixes Download: WSCC (64-bit) | 5.4 MB (Free for personal use) Download: WSCC (32-bit) | 6.3 MB View: WSCC Homepage | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware

  • Recent Achievements

    • One Month Later
      Clizby earned a badge
      One Month Later
    • One Month Later
      Timaximus earned a badge
      One Month Later
    • Week One Done
      Timaximus earned a badge
      Week One Done
    • Rookie
      FBSPL went up a rank
      Rookie
    • First Post
      davidbazooked earned a badge
      First Post

  • Popular Contributors

    1. 1
      +primortal
      491
    2. 2
      PsYcHoKiLLa
      170
    3. 3
      +Edouard
      164
    4. 4
      Steven P.
      85
    5. 5
      ATLien_0
      76
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!