Re: [liberationtech] FB-like Twitter-connect soon. How can we avoid all this tracking?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/30/2012 01:50 PM, Bernard Tyers - ei8fdb wrote: Does anyone have an opinion on the browser plugin Ghostery? [3] It seems to allow web browser users to block these cross site tracking bugs, however I have not yet tested Ghostery fully. According to their website: ... I've been using Ghostery for over a year and it seems to do what it says on the tin. I've deployed it on all of my workstations at home and also at work as basic security. It even updates its ruleset over Tor if you're using it with the TBB (confirmed with tcpdump). Has anyone tested this plugin to see what information is leaked back to Ghostery servers? When last I checked with tcpdump (about sixteen months ago) I saw no such leakage. - -- The Doctor [412/724/301/703] [ZS] PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ You're messin' with my Zen thing, man. --Kevin Flynn, _Tron Legacy_ -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/NCwsACgkQO9j/K4B7F8EfBACfbpXG0cI3j400tp9pP0T8C2+x 8kkAmgP2/SmMc/mYJqBnuFCLpbP48p0E =zuvQ -END PGP SIGNATURE- ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] FB-like Twitter-connect soon. How can we avoid all this tracking?
Am 27.05.12 08:15, schrieb The Dod: For example, the page users get when they click on the I: http://thedod.github.com/socialshareprivacy/about.html should probably be a translation of http://www.heise.de/ct/artikel/2-Klicks-fuer-mehr-Datenschutz-1333879.html * Any volunteers for translating that page? (Anne?). Yes, I can do that (not right away, but soon) Anne * Any other feedbacks? Could people here test this? (a question for those who have facebook: /is/ there a difference between like and recommend, or is it just a button label? * Campaign-wise, any ideas how to expose this to as many webmasters/webmistresses as possible? I'll be traveling for the next 2 days and I'm not sure I'll have internet (or even phone for that matter), but I'll be dreaming of pull requests :-) ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech -- http://about.me/annalist http://pgp.mit.edu:11371/pks/lookup?op=vindexsearch=0x7689407F942951E2 ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] FB-like Twitter-connect soon. How can we avoid all this tracking?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I may have the wrong end of the stick but in my mind, a solution would be: Use a Site-specific browser/Single-Site Browser (SSB), such as Prism, or Fluid. An SSB is a software application that is dedicated to accessing pages from a single source (site) on a computer network. [1] [2] Does anyone have an opinion on the browser plugin Ghostery? [3] It seems to allow web browser users to block these cross site tracking bugs, however I have not yet tested Ghostery fully. According to their website: What is Ghostery? Ghostery is a browser tool available for Firefox, Chrome, Safari, Opera and Internet Explorer. It scans the page for scripts, pixels, and other elements and notifies the user of the companies whose code is present on the page. These page elements aren't otherwise visible to the user, and often not detailed in the page source code. Ghostery allows users to learn more about these companies and their practices, and block the page elements from loading if the user chooses. block if the user chooses - this for me is the key. Has anyone tested this plugin to see what information is leaked back to Ghostery servers? thanks. Bernard [1]: https://mozillalabs.com/en-US/prism/ Unfortunately now discontinued. [2]: http://fluidapp.com/ [3]: http://www.ghostery.com/about On 25 May 2012, at 08:33, The Dod wrote: It used to be easy: Facebook spies on you when you browse 3rd party sites, twitter doesn't. But now that twitter begins to spy on users who visit a 3rd site you visit has a tweet this link, (and updates its privacy policy accordingly), would webmaster gradually lose the option to include non-snitching share links like twitter's /intent/tweet/ and facebook's /sharer.php? Even if the situation doesn't escalate in the future, like buttons are already spying on you today (not on me, because I don't have a facebook account, but pretty soon twitter will be on my tail). How can we minimize the damage? The key (IMHO) is a webmaster (and user) awareness campaign to use a [yet to be developed] fetch-a-button ajax widget with buttons like (lame phrasing): I want to like this or I want to tweet this. These would fetch the code (and thus - snitch) only for people planning to publicly admit they've watched the page :-) - -- Bernard / bluboxthief / ei8fdb IO91XM / www.ei8fdb.org -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJPxl3fAAoJENsz1IO7MIrriL4H/2Yja2pkABNX7n7bBIfZjHzH axDTxO2OnfRrbKyFAfK7Y/TRXSTuq5Q+zrKxt4bjiFiYCeXhnDoBfMzGVAeBjllT 92zfBKTtjfqx2ki1phdCqFwCXojaNnTzxkOCEJNmUeZ6UEm7T3emtOHtwXc8a92H 4cmCi1YD+9dCu5V0x/r7BX/FSc4LYqdUD9B3UXURl9OcIAEwrk3WnTwqq7SUlv72 1bj5yH6xlU0abmg2vWq50P/CtJ2phQyngYFCFGLuN9PDo3Bz4WEqkqigUnh6NcV5 LVVwt751Vxbo/42i//HMWYb7ZDJVZXZ0w7+vADSxVsd1pYet4rEWXtYyIKwDtS4= =4dI8 -END PGP SIGNATURE- ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] FB-like Twitter-connect soon. How can we avoid all this tracking?
I responded to this thread earlier to plug my own plugin (yes, pun), DoNotTrackPlus (DNT+) http://www.abine.com/dntdetail.php, but I can answer your Ghostery question. All in all, both add-ons are very similar, simple, functional starters for people who want privacy while they're browsing. DNT+ ships with tracking blocked by default, while Ghostery does nothttp://www.itworld.com/it-managementstrategy/249964/ghostery-machine-tracking-trackers. Both add-ons let you whitelist particular trackers and sites. However, the biggest complaint we hear from our users is that Ghostery was purchasedhttp://www.mediapost.com/publications/article/120927/better-advertising-gobbles-ghostery-bolsters-bt-m.htmlby Better Advertising, Inc., an advertising company built around--duh--making more effective ads. They've since changed their name from Better Advertising to Evidon, but they're still built around making the advertising industry more efficient, not necessarily giving users greater privacy. They depend on Ghostery users to opt into GhostRank, a system that shares de-identified user data with advertisers. From Dan Tynan at ITWorldhttp://www.itworld.com/it-managementstrategy/249964/ghostery-machine-tracking-trackers : Readers should keep in mind that Evidon, which purchased Ghostery in January 2010http://blog.evidon.com/2010/01/19/better-advertising-acquires-ghostery/when the company was still called The Better Advertising Project, has a vested interest in industry self-regulation of online tracking. Evidonhttp://www.evidon.com/about/believes if consumers know what information is being gathered about them and by whom, it will alleviate their fears about tracking. Evidon sells its data services and compliance tools to the Web tracking industryhttp://www.clickz.com/clickz/news/2122603/self-reg-icon-millions-revenue . From a MediaPost articlehttp://www.mediapost.com/publications/article/120927/better-advertising-gobbles-ghostery-bolsters-bt-m.htmlabout the acquisition and GhostRank, their CEO, Scott Meyer, says that the company will use that panel data [from GhostRank] to determine whether Web companies are honoring users' decisions to opt out of behavioral targeting -- or receiving ads based on sites they have previously visited. More differences between DNT+ and Ghostery are highlighted in this ITWorld articlehttp://www.itworld.com/it-managementstrategy/248582/how-kill-web-trackers-dead, but I'll summarize below: 1. DNT+ is faster (based on page load/processing times) 2. DNT+ sets opt out cookies and the Do Not Track header and blocks more categories of things (like facebook buttons and twitter buttons collecting your info) 3. DNT+ generates far fewer Javascript errors on the top 10,000 web sites 4. We're not an advertising company making our money from advertisers and businesses paying us for ad data and compliance, unlike Evidon. We have a freemium model and are funded by our investors and our customers. 5. Unlike Ghostery/Evidon, we don't collect any of your data when you use DNT+. The only communications a user's DNT+ has with our servers is 1), noting that a download occurred, which lets us know how many users we have; and 2), a daily ping to our servers for updated tracking and blocking rules. You can start using DNT+ with 1 click and no exchange of your personal information. I'd be curious to see the answer to your question about what data is leaked back to Ghostery's servers. Clearly that's a different answer depending on whether the user has opted into GhostRank. -Sarah On Wed, May 30, 2012 at 1:50 PM, Bernard Tyers - ei8fdb ei8...@ei8fdb.orgwrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I may have the wrong end of the stick but in my mind, a solution would be: Use a Site-specific browser/Single-Site Browser (SSB), such as Prism, or Fluid. An SSB is a software application that is dedicated to accessing pages from a single source (site) on a computer network. [1] [2] Does anyone have an opinion on the browser plugin Ghostery? [3] It seems to allow web browser users to block these cross site tracking bugs, however I have not yet tested Ghostery fully. According to their website: What is Ghostery? Ghostery is a browser tool available for Firefox, Chrome, Safari, Opera and Internet Explorer. It scans the page for scripts, pixels, and other elements and notifies the user of the companies whose code is present on the page. These page elements aren't otherwise visible to the user, and often not detailed in the page source code. Ghostery allows users to learn more about these companies and their practices, and block the page elements from loading if the user chooses. block if the user chooses - this for me is the key. Has anyone tested this plugin to see what information is leaked back to Ghostery servers? thanks. Bernard [1]: https://mozillalabs.com/en-US/prism/ Unfortunately now discontinued. [2]: http://fluidapp.com/ [3]:
Re: [liberationtech] FB-like Twitter-connect soon. How can we avoid all this tracking?
Thanks to Michael and Anne for the heads up. I've forkedEnglish support for Heise's +2 widget: http://thedod.github.com/socialshareprivacy It's still a first version. For example, the page users get when they click on the I: http://thedod.github.com/socialshareprivacy/about.html should probably be a translation of http://www.heise.de/ct/artikel/2-Klicks-fuer-mehr-Datenschutz-1333879.html * Any volunteers for translating that page? (Anne?). * Any other feedbacks? Could people here test this? (a question for those who have facebook: /is/ there a difference between like and recommend, or is it just a button label? * Campaign-wise, any ideas how to expose this to as many webmasters/webmistresses as possible? I'll be traveling for the next 2 days and I'm not sure I'll have internet (or even phone for that matter), but I'll be dreaming of pull requests :-) ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] FB-like Twitter-connect soon. How can we avoid all this tracking?
I'm writing to suggest a tech solution. I'm an attorney and privacy analyst at an online privacy startup in Boston called Abinehttp://abine.com/, and we developed a tracker-blocking browser add-on called DoNotTrackPlushttp://abine.com/dntdetail.php(DNT+) with unique capabilities around social button tracker blocking. My response contains elements of shameless pluggery, but it's so relevant to the OP's call for a solution that I had to weigh in. DNT+ stops tracking in 3 ways: 1), by blocking Javascript requests; 2), by broadcasting the Do Not Track HTTP header http://donottrack.us/ (it isn't mandatory that sites actually adhere to the request, although more of them have come out in support of it, like Twitter did last week); and 3), setting opt-out cookies for NAI-member ad networkshttp://www.networkadvertising.org/managing/opt_out.asp. It blocks social button tracking by default by cutting off the Javascript requests that build the buttons themselves, so it's a more aggressive--and also successful--method than simply broadcasting the passive Do Not Track HTTP header and hoping that whatever site you're visiting adheres to it. What really sets DNT+ apart, though, is that it safely rebuilds social buttons with identical placeholders. This means that you'll still see social buttons on web pages like normal, but they won't be tracking you. You can still use them, but your choice to do so necessarily re-enables tracking. It's *your *choice, however, not Twitter's or Facebook's or whatever other social network's. Of course, whatever info you choose to share with social networks is exempt from DNT+'s tracking protection. We're completely dedicated to privacy, so don't collect or track anything when you get DNT+ (unlike some other companies with ties to and funding from advertising companies). It has no ability to collect data about what sites you visit or any other web behavior. The tool can save your personal settings and preferences, but those are stored locally on your computer and are not visible to us. You can verify the fact that DNT+ doesn’t track you by using an app that monitors the requests made for your computer's information throughout the day. One example of an app like this is Live HTTP Headershttps://addons.mozilla.org/en-US/firefox/addon/live-http-headers/; we have no affiliation with whoever makes it. Our software makes 1 request per day to your computer to ask our servers for updates on new tracker-blocking rules. You will be able to see that one request and what it entails; there is no further communication or transfer of information. You can also see in part A of our privacy policyhttp://abine.com/privacypolicy.phpthat Abine will not track, store or transmit to any server or third party, information regarding users' behavioral data (to include web browsing activity), nor will we deliver or help others deliver any targeted advertising to users (part C). You can also check out our privacy bloghttp://www.abine.com/blog/(which I write) for more on our pro-privacy standpoints. We have a freemium model. Our mission is to give consumers control back over their private information online. Building tools for consumers that improve privacy is all we do. DNT+ is our free product, and it will always be free. Our focus is to make DNT+ a great product that people love, and by doing so, we hope that some people will like it enough to want to upgrade to paid products that offer additional privacy protection, such as our subscription service, DeleteMe http://www.abine.com/deletemedetail.php(and we've even posted a free, DIY set of instructions for that process http://abine.com/optouts.php). I hope that you find this useful, and please email me if you have any questions, comments, or suggestions. Happy Friday, -Sarah On Fri, May 25, 2012 at 7:32 AM, liberationt...@lewman.us wrote: On Fri, May 25, 2012 at 02:33:06PM +0700, unclezz...@gmail.com wrote 4.1K bytes in 103 lines about: : Even if the situation doesn't escalate in the future, like buttons : are already spying on you /today/ (not on me, because I don't have a : facebook account, but pretty soon twitter will be on my tail). I believe you are being tracked, even without a facebook account. You are just 'anonymous user the dod' in some distributed database at facebook. Maybe they aggregate this data, maybe they throw it away after some period of time (hours, days, weeks, years). See http://yro.slashdot.org/story/11/10/18/1429223/facebook-is-building-shadow-profiles-of-non-users as an example. Twitter, google, facebook, and others all have the capacity to do this with ease. And just because you clear some cookies and log out of facebook, twitter, etc, doesn't mean they stop tracking you. Here's the facebook example, https://www.eff.org/deeplinks/2011/10/facebook%E2%80%99s-hotel-california-cross-site-tracking-and-potential-impact-digital-privacy . And here's a couple of articles on how to track you without using
Re: [liberationtech] FB-like Twitter-connect soon. How can we avoid all this tracking?
*Michael* Heise's SocialSharePrivacy is mighty cool. I like the gui concept. I also like the concept and logo of +2. Brilliant basis for an awareness campaign. I see there's also a github mirror https://github.com/tinnet/socialshareprivacy so I can try and do an English fork as my next procrastination. *Anne* Thanks for willing to help. Once I commit something in English, I'll ping you. BTW, Do Autistici have a repository of their variant? *Andrew* I have a feeling we're talking about different sides of the same stick. The fact that the attackers (marketing companies etc.) become more devious (e.g. e-tag trickery) doesn't change the fact that the *webmasters* are the ones who let them put the foor in the door in the first place. The mainstream webmasters (and orgs) don't care. When I go to a magazine site or a shopping mall, I will be tracked. But where can I go after hours? Where's my information-super-casba? Most webmasters and orgs who believe they *are* privacy aware, would use the standard buttons offered by fb/twitter/etc. without blinking (or worse use a let me track you too 1-panel-does-all solution). If they're not offered an alternative, most won't even think there's a problem. This is how this can of worms works. It's not like this is going to stop one day, but - as you see, it's already beginning to happen (in German and Italian). Let's hope we can make this thing popular (English support would be a good start ;-) ). ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] FB-like Twitter-connect soon. How can we avoid all this tracking?
Unless I'm mistaken, your source code isn't publicly available. I don't see how binary files could be part of any privacy solution. On 05/25/2012 07:35 PM, Sarah A. Downey wrote: I'm writing to suggest a tech solution. I'm an attorney and privacy analyst at an online privacy startup in Boston called Abine http://abine.com/, and we developed a tracker-blocking browser add-on called DoNotTrackPlus http://abine.com/dntdetail.php (DNT+) with unique capabilities around social button tracker blocking. My response contains elements of shameless pluggery, but it's so relevant to the OP's call for a solution that I had to weigh in. ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] FB-like Twitter-connect soon. How can we avoid all this tracking?
There's no binary in DNT+'s code, so you may want to check your facts. I'll respond to your everything must be open source statement, although I'm fairly certain it won't have any effect on your opinion that closed always equals bad. And please keep in mind that we're giving away a *free *add-on with *zero *tracking of or advertising to its users. It's an unnecessarily restrictive and self-handicapping position that software *must *be open source to be useful for privacy. Plenty of open source privacy tools have come and gone in the past because they aren't sustainable without funding. Our software does what it says, and it's designed to be simple enough that the vast majority of Internet users--people who aren't coders or particularly tech savvy--can use it. It also represents an inordinate amount of time, effort, and intellectual endeavor; years of work that simply wouldn't have been possible as a side project to supplement a paying job. There's nothing wrong with getting paid. Financing allowed us to create what we did. It's a double-edged sword: our VC funding provided the resources to create what we did, which means that our investors wouldn't be thrilled if we turned around and gave away our IP. We're already giving the product away for free without any monetary gain from it. You can categorically write off software because it's not open source, but you'll miss a lot of legitimate opportunities for privacy protection. -Sarah On Fri, May 25, 2012 at 10:47 AM, The Dod unclezz...@gmail.com wrote: Unless I'm mistaken, your source code isn't publicly available. I don't see how binary files could be part of any privacy solution. On 05/25/2012 07:35 PM, Sarah A. Downey wrote: I'm writing to suggest a tech solution. I'm an attorney and privacy analyst at an online privacy startup in Boston called Abinehttp://abine.com/, and we developed a tracker-blocking browser add-on called DoNotTrackPlushttp://abine.com/dntdetail.php(DNT+) with unique capabilities around social button tracker blocking. My response contains elements of shameless pluggery, but it's so relevant to the OP's call for a solution that I had to weigh in. -- *Sarah A. Downey* Privacy Analyst | Attorney Abine, The Online Privacy Company t: @SarahADowney | p: 800.928.1987 ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] FB-like Twitter-connect soon. How can we avoid all this tracking?
This conversation could quickly spiral out of control, but I just want to point out that a precompiled piece of software is called a 'binary' because it is an opaque blob. I'm pretty sure that's what 'The Dod' meant. Isaac On 05/25/2012 11:37 AM, Sarah A. Downey wrote: There's no binary in DNT+'s code, so you may want to check your facts. I'll respond to your everything must be open source statement, although I'm fairly certain it won't have any effect on your opinion that closed always equals bad. And please keep in mind that we're giving away a /free /add-on with /zero /tracking of or advertising to its users. It's an unnecessarily restrictive and self-handicapping position that software /must /be open source to be useful for privacy. Plenty of open source privacy tools have come and gone in the past because they aren't sustainable without funding. Our software does what it says, and it's designed to be simple enough that the vast majority of Internet users--people who aren't coders or particularly tech savvy--can use it. It also represents an inordinate amount of time, effort, and intellectual endeavor; years of work that simply wouldn't have been possible as a side project to supplement a paying job. There's nothing wrong with getting paid. Financing allowed us to create what we did. It's a double-edged sword: our VC funding provided the resources to create what we did, which means that our investors wouldn't be thrilled if we turned around and gave away our IP. We're already giving the product away for free without any monetary gain from it. You can categorically write off software because it's not open source, but you'll miss a lot of legitimate opportunities for privacy protection. -Sarah On Fri, May 25, 2012 at 10:47 AM, The Dod unclezz...@gmail.com mailto:unclezz...@gmail.com wrote: Unless I'm mistaken, your source code isn't publicly available. I don't see how binary files could be part of any privacy solution. On 05/25/2012 07:35 PM, Sarah A. Downey wrote: I'm writing to suggest a tech solution. I'm an attorney and privacy analyst at an online privacy startup in Boston called Abine http://abine.com/, and we developed a tracker-blocking browser add-on called DoNotTrackPlus http://abine.com/dntdetail.php (DNT+) with unique capabilities around social button tracker blocking. My response contains elements of shameless pluggery, but it's so relevant to the OP's call for a solution that I had to weigh in. -- *Sarah A. Downey* Privacy Analyst | Attorney Abine, The Online Privacy Company t: @SarahADowney | p: 800.928.1987 ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] FB-like Twitter-connect soon. How can we avoid all this tracking?
On 2012.05.25 16.37, Sarah A. Downey wrote: I'll respond to your everything must be open source statement, although I'm fairly certain it won't have any effect on your opinion that closed always equals bad. And please keep in mind that we're giving away a /free /add-on with /zero /tracking of or advertising to its users. It's an unnecessarily restrictive and self-handicapping position that software /must /be open source to be useful for privacy. Plenty of open source privacy tools have come and gone in the past because they aren't sustainable without funding. Our software does what it says, and it's designed to be simple enough that the vast majority of Internet users--people who aren't coders or particularly tech savvy--can use it. The problem here is that we don't trust you. It's nothing personal. We don't trust anyone, unless we can verify. If we can't see exactly what the tool does, we don't have a way of verifying what it does. This is critical normally, but much more important for tools that claim to provide privacy or security protection. There are a lot of ways around this. Open source is one of them. Providing source access to independent auditors under a license that does not restrict them from talking about what it does and how it does it is another. If you're not willing to be open about exactly how your tool protects my privacy, why should I trust that you got it right? No, I don't expect all users will check, or care, but some of us will, and we tell others what they should use. Privacy, like crypto, is *hard*. Would you trust someone who claimed to have a super-secure crypto algorithm that they wrote themselves that's never been peer reviewed? No. Why should we do it with a privacy tool? E. -- Ideas are my favorite toys. signature.asc Description: OpenPGP digital signature ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech