Featured

Your decade highlight 2010s on internetcookies

What is your internetcookies main hightlight of the 2010s decade? Feel free to comment!
Is it the Facebook’s Cambridge Analytica scandal of March 2017? Becoming awareness of the impact of social media on daily live? Cookies will follow you every click on your digital journey also in the 2020s.

Google cutting web cookies

Google’s plan is to restrict advertising software companies and other organizations from connecting their browser cookies to websites they do not operate, the company said in a blog post on Tuesday. (bit.ly/2RmTYKK) source: Reuters

Photo by PhotoMIX Ltd. on Pexels.com

For nearly three decades, cookies placed by relatively unknown companies on nearly every website have fueled advertising on the internet.

With Google’s decision, it looks like taking a major step forward; but is that beyond question? Google just needs to change cookies to satisfy increased privacy demands from users. The subsitution will be profiles and we all know that is good for Google.

Google/Alphabeth with its subsidiairies AdMeld, AdMob, Adometry, Apture, Channel Intelligence, Custom Search Ads, DoubleClick, DoubleClick Ad Exchange-Buyer, DoubleClick Ad Exchange-Seller, DoubleClick Bid Manager, DoubleClick DART, DoubleClick Floodlight, DoubleClick Spotlight, Doubleclick Video Stats, FeedBurner, GA Audiences, GDN Notice, Google Ads Measurement, Google Adsense, Google Adsense, Google Adsense Asynchronous, Google AdServices, Google AdWords Conversion, Google Adwords User Lists, Google Affiliate Network, Google AJAX Search API, Google Analytics, Google API, Google Commerce, Google Custom Search, Google Custom Search Engine, Google Display Network, Google Dynamic Remarketing, Google Fonts, Google FriendConnect, Google IMA, Google Interactive Media, Google JSAPI Stats Collection, Google Pingback, Google Publisher Tags, Google Safeframe, Google Shopping Reviews, Google Syndication, Google Tag Manager, Google Translate, Google Travel Adds, Google Trusted Stores, Google Users, Google Website Optimizer, Google Widgets, Google+ Platform, Gstatic, Maps, Meebo Bar, Mindset Media, PostRank, Swiffy, Gmail and Youtube will benefit from profiling advertisements more.

So restrict advertising software companies and other organizations from connecting their browser cookies to websites they do not operate will promote profiling.

Cookie consent tools are being used to undermine EU privacy rules, study suggests

Cookie consent tools are being used to undermine EU privacy rules, study suggests

Cookie consent tools are being used to undermine EU privacy rules, study suggests


— Lees op techcrunch.com/2020/01/10/cookie-consent-tools-are-being-used-to-undermine-eu-privacy-rules-study-suggests/

MIT research on GDPR shows:

They also found that the vast majority of CMPs make rejecting all tracking “substantially more difficult than accepting it” — with a majority (50.1%) of studied sites not having a “reject all” button. While only a tiny minority (12.6%) of sites had a ‘reject all’ button accessible with the same or fewer number of clicks as an “accept all” button.

Cookie consent is not protective enough.

your privacy & imdb.com

An amazon company – the most popular online database of information related to films, television programs, home videos and video games, and internet streams.

“We help you jog your memory about a movie, show, or person on the tip of your tongue, find the best movie or show to watch next (..)

IMDB.com

Visit IMDB.com without Anonymous Startpage.com view on uMatrix 1.4.0 for Firefox, currently imdb.com interacts with your device with:
9 cookies, all 9 from imdb.com so no third-party cookies.
8 Cascading Style Sheets (or CSS), 1 from idmb.com, 6 from media-amazon.com and 1 from media-idmb.com; a style sheet language used for describing the presentation of a document written in a markup language like HTML. Privacy infringement: it allowed websites to uncover a user’s browsing history and figure out what sites the user had visited. Combined with other Web technology such as JavaScript or simply loading of background images, lets Web pages determine whether a URL is in the user’s history very quickly and without any interaction from the user. This is mitigated by browsers.
30 images, an (leaky) image can reveal whether the user is visiting a specific website. None from third-party sources.
0 media, viewing videos on the Internet might collect Personal Information.
33 scripts, all from either imdb.com or amazon.com; JavaScript tells all, which turns out not to be so great for privacy: Side-channel leaks can be exploited to follow you around the interweb. A JavaScript template Attacks wil Automatically be Inferring Host Information for Targeted Exploits. JavaScript Template Attacks can be used for user fingerprinting. None from third-party sources.
0 XHR, a built-in browser object that allows to make HTTP requests in JavaScript. Despite of having the word “XML” in its name, it can operate on any data, not only in XML format. It uses user and password for login and pasword on basic HTTP auth. Using resources retrieved via XMLHttpRequest in your background page could fall victim to cross-site scripting. Guard yourself against malicious web pages that might try to impersonate a content script. In particular, do not allow content scripts to request an arbitrary URL. Use HTTPS whenever possible. None from third-party sources.
3 frames, (or XMLHttpRequest), 2 from media-amazon.com and 1 from amazon-adsystem.com; beware of a Frame Injection. Cross-site Scripting is naturally prioritized since it seems easily exploitable and effective. Hackers also are attracted to this vulnerability, because there are aspects of the Frame Injection attack that can allow them to redirect users to other malicious websites used for phishing and similar attacks.

Visit imdb.com with Anonymous Startpage.com view on uMatrix 1.4.0 for Firefox, currently en.wikipedia.org interacts with your device with:
zero third party or wikipedia.org cookies, CSS, images, media, scripts, XHR or frames!
But: 213 items of startpage.com itself (see below)
13 cookies
29 Cascading Style Sheets (or CSS)
91 images
0 media
59 scripts
8 XHR
13 frames
Final remarks, stated in the privacy policy of Startpage.com. We don’t collect any “personal data”. We don’t record your IP address. We don’t serve any tracking or identifying cookies. We don’t record your search queries. We don’t disclose or sell your contact information. Regarding governmental requests; they can’t request what we don’t have. We will never comply with any voluntary surveillance program. Startpage.com complies with the GDPR.

Please visit my website https://internetcookies.food.blog/ regularly. Select your own internet cookies (and other privacy related) control Add-Ins. Enjoy the reading!

Mozilla says a new Firefox security bug is under active attack

Mozilla says a new Firefox security bug is under active attack

https://techcrunch.com/2020/01/10/firefox-security-bug-zero-day/
— Lees op techcrunch.com/2020/01/10/firefox-security-bug-zero-day/

“The vulnerability, found by Chinese security company Qihoo 360, was found in Firefox’s just-in-time compiler. The compiler is tasked with speeding up performance of JavaScript to make websites load faster. But researchers found that the bug could allow malicious JavaScript to run outside of the browser on the host computer.”

Security breach via JavaScript in FireFox. Update FireFox now.

Remarketing & your privacy

WordPress user Jonathan Bossenger wrote a blog on Remarketing as a key to driving Sales. In short Google AdWorks will track you after visiting a website. To Re-Market their products to you elsewhere on the internet while browsing!
Setting up a remarketing campaign, the comprehensive guide. In this guide Neil Patel points out there are generally three types of campaigns:

1. campaigns focused on people who have made a specific choice on your website (adding an item to a wish list),

2. campaigns for folks who make it up to a certain point in the checkout process (abandoned carts),

3. campaigns that promote specific content.

Photo by Pixabay on Pexels.com

So every visit of a website without block cookies of googletagmanager.com,

Blocking googletagmanager.com

wil point back to past visits to (commercial) websites.

For the full article of Jonathan Bossenger on WordPress Why Remarketing Keywords Is Key to Driving Sales

Pro-privacy search engine Qwant announces more exec changes — to ‘switch focus to monetization’

Pro-privacy search engine Qwant announces more exec changes — to ‘switch focus to monetization’

Pro-privacy search engine Qwant announces more exec changes — to ‘switch focus to monetization’


— Lees op techcrunch.com/2020/01/09/pro-privacy-search-engine-qwant-announces-more-exec-changes-to-switch-focus-to-monetization/

CEO of a pro-privacy search engine states: “We will now need to focus a lot on monetization and on our core business… to create a real ad platform,” he added, by way of explaining the latest round of exec restructuring.

How can a’real’ ad platform work without anti-privacy personal profiling like internetcookies and canvas fingerprinting? Please comment and explain.

your privacy & startpage.com

The world’s most private search engine?

Because it’s our belief that personal data should be your data, not Big Data. Period.” – startpage.com

startpage.com

Visit https://en.wikipedia.org/wiki/Main_Page without Anonymous Startpage.com view on uMatrix 1.4.0 for Firefox, currently en.wikipedia.org interacts with your device with:
3 cookies, 1 from wikipedia.org and 2 from en.wikipedia.org so no third-party cookies.
3 Cascading Style Sheets (or CSS), a style sheet language used for describing the presentation of a document written in a markup language like HTML. Privacy infringement: it allowed websites to uncover a user’s browsing history and figure out what sites the user had visited. Combined with other Web technology such as JavaScript or simply loading of background images, lets Web pages determine whether a URL is in the user’s history very quickly and without any interaction from the user. This is mitigated by browsers.
26 images, an (leaky) image can reveal whether the user is visiting a specific website. None from third-party sources.
0 media, viewing videos on the Internet might collect Personal Information.
7 scripts, JavaScript tells all, which turns out not to be so great for privacy: Side-channel leaks can be exploited to follow you around the interweb. A JavaScript template Attacks wil Automatically be Inferring Host Information for Targeted Exploits. JavaScript Template Attacks can be used for user fingerprinting. None from third-party sources.
8 XHR (or XMLHttpRequest) is a built-in browser object that allows to make HTTP requests in JavaScript. Despite of having the word “XML” in its name, it can operate on any data, not only in XML format. It uses user and password for login and pasword on basic HTTP auth. Using resources retrieved via XMLHttpRequest in your background page could fall victim to cross-site scripting. Guard yourself against malicious web pages that might try to impersonate a content script. In particular, do not allow content scripts to request an arbitrary URL. Use HTTPS whenever possible. None from third-party sources.
0 frames, beware of a Frame Injection. Cross-site Scripting is naturally prioritized since it seems easily exploitable and effective. Hackers also are attracted to this vulnerability, because there are aspects of the Frame Injection attack that can allow them to redirect users to other malicious websites used for phishing and similar attacks.

Visit https://en.wikipedia.org/wiki/Main_Page with Anonymous Startpage.com view on uMatrix 1.4.0 for Firefox, currently en.wikipedia.org interacts with your device with:
zero third party or wikipedia.org cookies, CSS, images, media, scripts, XHR or frames!
But: 74 items of startpage.com itself (see below)
7 cookies
14 Cascading Style Sheets (or CSS)
28 images
0 media
14 scripts
7 XHR
5 frames
Final remarks, stated in the privacy policy of Startpage.com. We don’t collect any “personal data”. We don’t record your IP address. We don’t serve any tracking or identifying cookies. We don’t record your search queries. We don’t disclose or sell your contact information. Regarding governmental requests; they can’t request what we don’t have. We will never comply with any voluntary surveillance program. Startpage.com complies with the GDPR.

Please visit my website https://internetcookies.food.blog/ regularly. Select your own internet cookies (and other privacy related) control Add-Ins. Enjoy the reading!

A New California Internet Privacy Law Returns Power to Consumers

A New California Internet Privacy Law Returns Power to Consumers

http://privacyblog.com/2019/12/28/a-new-california-internet-privacy-law-returns-power-to-consumers/
— Lees op privacyblog.com/2019/12/28/a-new-california-internet-privacy-law-returns-power-to-consumers/

What does companies store of your online profile for commercial purposes?

Photo by morais on Pexels.com

your privacy @ internetcookies.food.blog

According to uMatrix 1.4.0 for Firefox, currently internetcookies.food.blog interacts with your device with:
10 Cascading Style Sheets (or CSS), a style sheet language used for describing the presentation of a document written in a markup language like HTML. Privacy infringement: it allowed websites to uncover a user’s browsing history and figure out what sites the user had visited. Combined with other Web technology such as JavaScript or simply loading of background images, lets Web pages determine whether a URL is in the user’s history very quickly and without any interaction from the user. This is mitigated by browsers.
6 images, an (leaky) image can reveal whether the user is visiting a specific website.
0 media, viewing videos on the Internet might collect Personal Information.
8 scripts, JavaScript tells all, which turns out not to be so great for privacy: Side-channel leaks can be exploited to follow you around the interweb. A JavaScript template Attacks wil Automatically be Inferring Host Information for Targeted Exploits. JavaScript Template Attacks can be used for user fingerprinting.
0 XHR (or XMLHttpRequest) is a built-in browser object that allows to make HTTP requests in JavaScript. Despite of having the word “XML” in its name, it can operate on any data, not only in XML format. It uses user and password for login and pasword on basic HTTP auth. Using resources retrieved via XMLHttpRequest in your background page could fall victim to cross-site scripting. Guard yourself against malicious web pages that might try to impersonate a content script. In particular, do not allow content scripts to request an arbitrary URL. Use HTTPS whenever possible.
1 frame, beware of a Frame Injection. Cross-site Scripting is naturally prioritized since it seems easily exploitable and effective. Hackers also are attracted to this vulnerability, because there are aspects of the Frame Injection attack that can allow them to redirect users to other malicious websites used for phishing and similar attacks.

Please visit my website https://internetcookies.food.blog/ regularly. Select your own internet cookies (and other privacy related) control Add-Ins. Enjoy the reading!

Create your website at WordPress.com
Get started