Slashdot

DoubleClick DoubleCross

Posted by michael on Wednesday January 26, @12:10AM
from the where-did-you-go-today dept.
Slav writes "We've known for a while that tracking of Web users was possible and a few companies have been experimenting with it on a small scale. Now DoubleClick, Inc. has confirmed that it's tracking Web surfers [by name and address] with the help of the databases of its newly acquired Abacus Direct." Every site that you visit which has a DoubleClick ad - all 11,500 of them - can be notified of your name, address, phone number, etc., as soon as you visit the site. Or to look at it another way, your consumer profile in the gigantic Abacus database (hundreds of fields of data for essentially every person in the United States) will now include information about what Web sites you visit.

<  eToys Inc. Drops etoy Suit - For Real This Time | Hope for Mars Polar Lander?  >

 

Slashdot Login

Nickname: Password: Don't have an account yet? Go Create One. A user account will allow you to customize all these nutty little boxes, tailor the stories you see, as well as remember your comment viewing preferences.

Related Links

Slav confirmed More on Privacy Also by michael

Your Rights Online

Filtering Internet in Public Libraries Politics Follows Code Open Letter to the Family Research Council Linux Journal on the DMCA Reason Magazine on Copyright Legislation LATimes Discovers UCITA No Internet Wiretaps Copyrights Need New Business Models DeCSS Injunction Ruling Washington 451

This discussion has been archived. No new comments can be posted.

Bad (Score:2) by RickyRay (rickyray@patrickhayes.dont_spam_me.com) on Wednesday January 26, @12:14AM EST (#3) (User Info)

What's the best way to block them from knowing who you are without going through an anonymizing site? (I'm not a novice; I just want a list of any products/free packages to get current info)

Re:Bad (Score:3, Informative) by pen (digdug@hotmail.com?subject=notspam:[subject]) on Wednesday January 26, @12:21AM EST (#26) (User Info) http://altern.org/digdug/

If you're a Windows or *nix user, you could try the Internet Junkbuster proxy. If you're willing to pay ($19.95) and use Windows, try interMute. The latter will auto-configure your browsers, including Netscape, IExplode, Opera, and AOL. -- If you're an Opera Win32 user, you should check out Opman.

Re:Bad (Score:2, Informative) by znu (znu@znu.dhs.org) on Wednesday January 26, @12:27AM EST (#48) (User Info) http://znu.dhs.org/

For Macs there's WebFree, which can block ads in IE and Communicator, or the rather nice but also rather beta iCab browser, which has ad filtering abilities built in. -- The revolution will not be televised. You'll have to watch the webcast

Re:Bad (Score:1) by Valheru on Wednesday January 26, @11:18AM EST (#358) (User Info)

Not sure if this is the case or not, but does just blocking the AD (and not displaying it) prevent DoubleClick from tracking you? When you load the web page I would assume that the cgi script is still processed and that doubleclick servers are hit to send the ad to your computer (which you then ignore). Thus, they already have your IP and know which web page you were on. Once again, I do not know if this is the case, and I hope that it isn't because it then you can just configure ipchains to block doubleclick.com (I think)

Re:Bad (Score:1) by MattJ on Wednesday January 26, @12:29PM EST (#388) (User Info) http://newsblip.com/

Good question, but its a separate cookie. There's a security design issue (bug) in the browsers where they'll allow a cookie in the headers sent with an image. When your browser retrieves the URL for the ad image, it's in that request-response that the doubleclick cookie gets sent.

Re:Bad (Score:1) by MattJ on Wednesday January 26, @03:36PM EST (#425) (User Info) http://newsblip.com/

(Actually, by the *security* issue I mean that the browser will accept cookies from the ad image's server, even if it's in a different domain than the web page. So you think you're only viewing xyz.com, but quietly your browser is accepting cookies from doubleclick.com via the ad image retrieval.)

Re:Bad (Score:1) by Ozwald on Wednesday January 26, @06:54PM EST (#449) (User Info)

No, Junkbuster (JB) does a lot of things really well. This is how it works: First: the browser sends the headers. This includes a server and file name, and the location of current url. JB reads this. If the server or file name look like an ad, the real web server (for example DoubleClick) never gets contacted and a dummy file is sent from JB to your browser; a couple byte html page or 1x1 transparent gif. Second: if the server and file name are cool, the headers are sent MINUS (this is important) the referrer tag. This prevents the web server from knowing what url you came from. Third: if the server requests cookie information, JB can decide whether or not to allow it. Depending on JB's settings, you can make that decision based on server. For example, cookies are good for Slashdot so you don't have to log in each time. Others are not allowed by default. In another words, DoubleClick doesn't even know you exist if JB is set up. As a side note, Altavista's and the Simpsons Free Internet ads are blocked by JB because they use the Internet Exploder ActiveX control to show the ads on the screen. Just an ironic side note is all. Ozwald

Re:Bad (Score:2) by jsm (james@jmarshall.com) on Wednesday January 26, @01:21AM EST (#128) (User Info) http://www.jmarshall.com

Yes! If I had points I'd moderate you up. If installing a CGI script somewhere is easier than installing the Junkbuster, then see my CGIProxy. Along with proxying pages, it can filter ads with either your own blocklist or a default one.

EVERYONE E-MAIL THESE ADDRESSES (Score:0) by Anonymous Coward on Wednesday January 26, @01:31AM EST (#142)

And let them know you you REALLY feel, okay? support@doubleclick.net; info@doubleclick.net; hostmaster@DOUBLECLICK.NET; acct_payable@DOUBLECLICK.NET; ang@doubleclick.com; root@doubleclick.com; webmaster@doubleclick.com; www@doubleclick.com; web@doubleclick.com; sales@doubleclick.com; dns@doubleclick.com; dcquestions@doubleclick.com; jblum@doubleclick.com; kryan@doubleclick.com; koconnor@doubleclick.com; dmerriman@doubleclick.com; lianuly@doubleclick.com; csaridakis@doubleclick.com; drosenblatt@doubleclick.com; ptsigrikes@doubleclick.com; scollins@doubleclick.com; jepstein@doubleclick.com; dmerriman@doubleclick.com; bsalzman@doubleclick.com; wmillard@doubleclick.com; jblum@doubleclick.com; Go for it!!!

Re:EVERYONE E-MAIL THESE ADDRESSES (Score:4, Funny) by sterno (sterno@bigbrother.net) on Wednesday January 26, @01:56AM EST (#171) (User Info) http://www.bigbrother.net/

I'd love to e-mail them but for some reason my firewall was just recently configured to block every IP address associated with doubleclick.com. Could you e-mail them once on my behalf? :) --- What would happen if there were no hypothetical situations?

Re:EVERYONE E-MAIL THESE ADDRESSES (Score:1) by niagaracyber on Wednesday January 26, @09:54AM EST (#325) (User Info)

What if the pro-privacy community dug up names and all kinds of personal info on the executives involved in making these decisions at Double-Click, and spread it all over the net? Sort of a taste of one's own medicine. Corporations don't feel anything, people do, and the people who make these kinds of decisions - and who lie about them - often feel they can act with impunity. -Dave

Webwasher is a free proxy for windows boxes (Score:0) by Anonymous Coward on Wednesday January 26, @03:29AM EST (#207)

There is also a Webwasher from Siemens, which is for Windows and it's free. You can find it here, http://www.webwasher.de.

Re:Bad (Score:1) by Keepiru on Wednesday January 26, @10:15AM EST (#329) (User Info)

Alright, I'll admit I replied to this so that I could be near the top, but, instead of just blocking the ads, why not screw up thier database? The database is based off of the number in the cookie, that is how it identifies you, why not change it every 5 minutes, to a new random number, a simple cron job should do the trick, of for the more ambitious, take an active approach and create scripts that actually go out and give them false information.

Re:Bad (Score:2) by orabidoo (see@my.webpage) on Wednesday January 26, @11:04AM EST (#352) (User Info) http://www.iagora.com/~espel/index.html

who needs a proxy! just 1) delete your entire cookie file once a day or so, and 2) stick the 50 or so biggest ad servers in your /etc/hosts (that's \windows\hosts for you windows users), assigned to a bogus IP like 127.0.0.2. start with ad.doubleclick.net, and add hosts as you see ads (under netscape, right-click to "copy image location") in general, cookies are OK, and quite useful, for short-lived browser/server interaction state keeping. There is no real need for long-term cookies; at worst you'll have to enter a password a few times more. And clearing your cookie file very effectively dissociates any further browsing from any profile doubleclick may have of you.

Re:Bad cookie, bad bad bad (Score:0) by Anonymous Coward on Wednesday January 26, @12:22PM EST (#385)

I empty my cookies every day or so any way (well, I don't exactly empty it, I keep /.'s, Hulka's, and a few other important ones. You know what, though? I fell like Bill Gates complaining about someone stealing his nickle, but I HATE it when some lame site I'll never visit again drops a cookie. A byte is a byte. It's MY hard drive, dammit, and I hate the fact that everybody from micro$hit to Joe Momma's Quake with 10 visitors and 11 ads puts crap on it I don't want. How about somebody publish a list of sites that carry doubleclick ads so we can boycott THEM? Also, does anybody have a freeware utility that will accept, then delete a cookie? I'll trade a copy (I hold the copyright) of Artificial Insanity for it. mailto:mcgrew@famvid.com -A.C. (password in the cookie at home)

Re:Bad cookie, bad bad bad (Score:1) by Ominous Coward (Coward@mad.scientist.com) on Wednesday January 26, @12:48PM EST (#392) (User Info)

If you don't want cookies loaded into your computer, change your prefs so that you're asked before a cookie's loaded. Simple, easy, elegant. Ceci ne pas un sig.

utility that will accept, then delete a cookie (Score:0) by Anonymous Coward on Wednesday January 26, @01:03PM EST (#394)

"Also, does anybody have a freeware utility that will accept, then delete a cookie?" If you're using Netscape, you can just lock the cookies file ("magiccookie" or something like that on a Macintosh, "cookies.txt" on Win32, "cookies" on Unix) This will allow a site to write a cookie that persists throughout the 'browser session', but disappears when you close the browser. You may be able to accomplish the same thing by locking the 'cookies directory' with MSIE, I haven't tried.

Re:utility that will accept, then delete a cookie (Score:2) by um... Lucas (lk@caralis.com) on Wednesday January 26, @04:22PM EST (#432) (User Info) http://www.caralis.com/us/lucas/

I wish that in netscapes prefs, you could list all the sites you go to and specify whether or not to accept cookies from them, so you could always accept cookies from Slash or Amazon but never from AdFu or Doubleclick... Maybe it could happen in Mozilla?

Re:utility that will accept, then delete a cookie (Score:0) by Anonymous Coward on Wednesday January 26, @06:42PM EST (#446)

Lynx does.

Re: Intermute (Score:0) by Anonymous Coward on Thursday January 27, @06:02PM EST (#492)

>If you're willing to pay ($19.95) and use Windows, try interMute. interMute is terrific & does more than block ads and cookies. Their web site says they plan Linux & Mac support this Spring...

Use the Junkbuster Proxy (Score:1) by Ethan Butterfield (primus@bayarea.net) on Wednesday January 26, @12:21AM EST (#27) (User Info)

http://www.junkbuster.com You can run the proxy server on either a UNIX box or a Win32 one, and it has the ability not only to filter out ad banners, but also to block cookies and to change the browser-type header you send. I've been using it for several months, and it's just peachy.

Yes, yes, yes, yes, yes (Score:5, Informative) by KMSelf (kmself@SPAMmeNOT.ix.netcom.com) on Wednesday January 26, @12:50AM EST (#94) (User Info) http://www.netcom.com/~kmself/

...that's full agreement with all points above. For Linux users, deploying Junkbuster is as easy as downloading the RPM or DEB file and installing it. For Windows users, either NT or Win9x, you can also use the proxy. Both the banner and cookie action are way cool. The following blockfile eliminates pretty darned near all the banner ads (and the sites associated with them if a full site or domain is listed). Note that I've allowed banners at a number of Linux-friendly sites, on principle, though you could change this if you wanted. /*.*/ad/ /*.*/ads/ /*.*/advert/ /*.*/adverts/ a32.g.a.yimg.com/ ad.*.* adforce.imgis.com/ adremote.*.* ads*.*.* doubleclick.net image.pathfinder.com/sponsors* preferences.com sfgate.com/place-ads Those few lines block virtually all the ad traffic I see. For cookies, I block all, then selectively allow a limited number of sites with which I do business. Mostly message boards. There was a really good program Online Profiling on NPR's Talk of the Nation a couple of months back. Other useful resources are Center for Democracy and Technology, and for a look at the other side, NetworkAdvertising.Org and Direct Marketing Association If setting up a proxy is too much for you, the following tricks will prevent a permanent cookie file from being generated: Linux, Netscape: ln -sf /dev/null ~/.netscape/cookies Windows, Netscape: set read-only permissions to your cookies file, or replace it with a directory. I'm not sure what the corresponding IE trix are. For Linux, lynx and other browsers can use the link to /dev/null trick. What part of "Gestalt" don't you understand? sid=moderation

Re:Yes, yes, yes, yes, yes (Score:1, Informative) by Anonymous Coward on Wednesday January 26, @01:50AM EST (#168)

#some additional notes...junkbuster can't block #cookies coming in from SSL connections...so #do this : #blocks all ports ~:80 #except for port 80 ~datek.com:443 #except for SSL to datek (I trade :-) #block these guys too focalink.com ngadcenter.net avenuea.com #block these guys..biggest hit tracker on net hitbox.com #take out the whole domain #biggest sex tracker on net sextracker.com/clit #YAHOO ADS #SAMPLE AD: http://a32.g.a.yimg.com/7/32/31/000/us.yimg.com/a/ya/yahoomail/promo1.gif yimg.com/.*us.yimg.com/a

here (Score:0) by Anonymous Coward on Wednesday January 26, @02:35AM EST (#188)

linuxtoday.com/ltbs/* *.bfast.* ads*.*.* ads*.*.*.* *.flycast.* *.netscape.com messenger.netscape.com 209.207.224.220 www.clickXchange.com email.cnn.com /blipverts/ static.wired.com www.hotwired.com rd.yahoo.com nsads.hotwired.com www.tek.com x25.futurequest.net usa.nedstat.net w23.hitbox.com *.hitbox.com view.avenuea.com /*.*ad.info.gif tracker.clicktrade.com rd.yahoo.com as5000.wunderground.com http://www.gamefan-network.com/ www.about.com www.123webhost.com www.hitbox.com www.amazon.com www.findcommerce.com *.valueclick.com www.pcworld.com ngserve.pcworld.com *.flycast.com www.graverobber.com #/*.*cgi-bin images.cnn.com /shop/ /SHOP/ /*.*ad-bin/ /*.*redirect www.cnn.com/cgi-bin/redirect?free_email gc1.freeshop.com pic.geocities.com a196.g.akamaitech.net www.cnn.com/event.ng/ /event.ng/ /jump/ barnesandnoble.bfast.com # Illustrative Blockfile for the Internet Junkbuster # The following line illustrates how to block a port (port 23 is telnet) :23 # for more detail see http://www.junkbusters/com/ht/en/ijbfaq.html#attack # To block a particular URL, you can list it in full (omit the http://): www.junkbusters.com/images/space.gif ads2.zdnet.com ad.uk.doubleclick.net gp2.deja.com web2.deja.com gp.deja.com # Almost all the following examples are commented out. To make them work, # remove the comment so that this: # www7.suckerfinder.com/cgi-bin/compost_tumbler/strayed-in-from=14387 # looks like this: www7.suckerfinder.com/cgi-bin/compost_tumbler/strayed-in-from=14387 gp2.dejan.com gp2.dejan.com g.deja.com q.deja.com *.zdnet.com # You can chop off parts on the left and right to get a broader block: suckerfinder.com/cgi-bin/compost_tumbler/ # To block an entire site, simply include its domain name: # ad.manipumedia.net # patentlyoffensive.com gp.*.* # With no hostname, a pathname blocks regardless of the domain name: # /images/banners/mindless/ # /bandwidth-hogs/ /adverts/ *.valueclick.* ad.*.* # Provided pattern matching option was used in the Makefile (now the default) # you can use patterns such as # the /*.* allows matches anywhere in the URL /*.*banner #/*.*cgi-bin /ads/ *free.email* /*.*click www.dejanews.com/jump/ web2.dejanews.com # /*.*/DespisedProductName.*.gif # you can put * in the domain part only, not the path. www.himemsys.com/ ad*.*.* ads*.*.* ads2.*.* /*.*ads # For more details see http://www.junkbusters.com/ht/en/ijbfaq.html#regex # The ~ character in column one stops blocking if a previous pattern matched. # The last match wins, so these exceptions are usually placed at the end. # ~mycompany.com image.pathfinder.com

Re:Yes, yes, yes, yes, yes (Score:2, Informative) by cloudmaster (cloudmaster@cloudmaster.com) on Wednesday January 26, @02:27AM EST (#182) (User Info) http://www.cloudmaster.com/cloudmaster

As a junkbuster alternative, you can use squid and this redirection script to block out web pages, and also do some cool caching proxy stuff that made squid popular (it's great if you have a masq'd dial-up with a few machines that all check similar pages). My blocklist is available here, and via anonymous rsync at rsync://cloudmaster.com/redir/redir Assuming you already have squid up and running, you can just mkdir /var/squid/blocker echo "redirect_program /var/squid/blocker/squid.redir" >> /etc/squid.conf rsync -v rsync://cloudmaster.com/redir/* /var/squid/blocker cd /var/squid/blocker make At least, I think that will likely work. You get the point... :) It'd prolly be better to just get the distrib from the other link, and then see if anything's in my blocklist that is desirable and isn't in the official distribution.

Re:Yes, solution for IE (Score:3, Interesting) by kimihia (kimihia@YUMMYmail.com) on Wednesday January 26, @02:57AM EST (#197) (User Info) http://surf.to/kimihia

For IE, add advert sites to your 'Restricted Sites' zone, and then set that zone not to allow cookies. How to do it

Re:Yes, yes, yes, yes, yes (Score:1) by DrXym on Wednesday January 26, @04:46AM EST (#246) (User Info)

Stefan Waldherr maintains a much superior version of Junkbuster here that not only blocks adverts but also replaces them with 1x1 transparent gifs (that stretch to fit if necessary) so you don't see broken links. There are also lots of other little improvements too. He also has an impressive block list that catches pretty much everything. The Windows NT/95/98 version in particular is considerably improved with a menu driven GUI and a natty taskbar icon that twirls when it's doing something!

Comparison (Score:2) by KMSelf (kmself@SPAMmeNOT.ix.netcom.com) on Wednesday January 26, @02:55PM EST (#418) (User Info) http://www.netcom.com/~kmself/

I haven't downloaded Stefan's junkbuster, but reviewing his page: The current implementation of the main Junkbuster includes an option to replace banners with a 1x1 clear gif, which also sizes to fit. The other options are to substitute a "Junkbuster" image, or the broken icon. My complaint against long blockfiles is that you start crossing the diminishing returns threshhold, and long lists become difficult to proof. My short list gives ~90%+ effectiveness, and is relatively easy to tune and test. All inclusive lists are interesting, but can be more bug-prone. I've seen a couple of samples posted here which block domains I'd choose not to (netcom.com?!). What part of "Gestalt" don't you understand? sid=moderation

Thanks! (Score:1) by Jake_Man (Jake@TheKeyboard.com) on Wednesday January 26, @02:43PM EST (#416) (User Info)

I just wanted to drop a note of thanks for the blockfile you whipped up. I've been meaning to play with Junkbuster for some time now, and you just removed my last excuse not to do so.

Re:Bad (Score:3, Informative) by Will_Malverson on Wednesday January 26, @12:22AM EST (#30) (User Info)

Alias their site to 127.0.0.1. If you're running Windows, edit the 'hosts' file. Here's mine, just to get you started: 127.0.0.1 localhost 127.0.0.1 ads.doubleclick.net 127.0.0.1 ad.doubleclick.net 127.0.0.1 adforce.imgis.com 127.0.0.1 ads.enliven.com 127.0.0.1 Ogilvy.ngadcenter.net 127.0.0.1 oz.valueclick.com All it takes is an annoying ad to get your site added to this list.

creating the hosts file (Score:2, Informative) by jesser on Wednesday January 26, @12:47AM EST (#88) (User Info) http://www.palosverdes.com/jesse/

If you don't already have a hosts file, the easiest way to create one is to type the following into start, run: notepad C:\windows\hosts. Note that there's a period at the end - that tells notepad not to try to add a .txt extension. Replace c:\windows\ with your windows directory if necessary. Windows allows you to include comments in the hosts file by beginning the line with a # symbol. (For the clueless, when you connect to a web server, it's usually a two-step process: first, look up the IP address for a hostname like "www.slashdot.org" and get an IP address like 209.207.224.42; then, connect to the computer with the IP address 209.207.224.42 and request the webpage. Adding entries to the windows hosts file short-circuits the IP address lookup, so your browser and other programs on your computer think that the IP address for "ads.doubleclick.net" is 127.0.0.1. But 127.0.0.1 is a special address called the loopback address, meaning that it always refers to the computer you're using. Since you probably don't have a web server on your computer, your browser fails in connecting to "ads.doubleclick.net" and displays an empty banner. This attempted connection to your own computer happens without wasting any of your bandwidth, by the way.) -- slashdot: I miss my free time, Rob.

Re:creating the hosts file (Score:1) by Skim123 (mitchell@4guysfromrolla.com) on Wednesday January 26, @01:26AM EST (#135) (User Info) http://www.4guysfromrolla.com/

You can look at C:\Windows\hosts.sam to see a sample hosts file. No sig right now

Re:creating the hosts file (Score:1) by Trombone8vb (johnbonehead@hotmail.com) on Wednesday January 26, @01:33AM EST (#149) (User Info) http://members.tripod.com/Trombone8vb

I certainly don't like my privacy being invaded like this. I'd like to try what you've suggested. I'm not going to do it now, because I'm getting ready to go to bed. You said, "Since you probably don't have a web server on your computer, your browser fails in connecting to "ads.doubleclick.net" and displays an empty banner. I do have a web server on my system, sort of. I'm using the MS Personal Webserver to create a site offline. Is this still going to work because the PWS is a POS? Could I just add an extra line to the host file? Or can I not even do this because of the PWS?

Re:creating the hosts file (Score:1) by jesser on Wednesday January 26, @01:43AM EST (#162) (User Info) http://www.palosverdes.com/jesse/

It will probably still work, but you'll get hits on your web server looking for nonexistant files like /ad/homepgtable.av.com/sponsor-button/minibadge;sz=230x33;ord=642143351. I tried doing traceroutes to the various "local network" address spaces in RFC 1597, but each of them made my modem light up. Maybe I'm just looking at the wrong RFC.. I'm not an expert at this. -- slashdot: I miss my free time, Rob.

Re:creating the hosts file (Score:0) by Anonymous Coward on Wednesday January 26, @03:21AM EST (#202)

All IP addresses are routable, even 127.0.0.1. By convention the IP 127.0.0.1 gets assigned to a loopback interface and called localhost. The other "Private Address Range" IP numbers *must* be blocked at the border router. The RFC states that "Because private addresses have no global meaning, routing information about private networks shall not be propagated on inter-enterprise links, and packets with private source or destination addresses should not be forwarded across such links. Routers in networks not using private address space, especially those of Internet service providers, are expected to be configured to reject (filter out) routing information about private networks. If such a router receives such information the rejection shall not be treated as a routing protocol error. Your machine is trying to access those IP adrresses because it is supposed to. If you get host unreachable or timeouts, then you ISP has done their job properly. If not, find another isp.

Re:creating the hosts file (Score:1) by Erik Hensema on Wednesday January 26, @06:10AM EST (#268) (User Info) http://www.xs4all.nl/~hensema

There is nothing special to the private ranges, except they're not on the internet. Your PC just looks in its routing table to figure out where it should send packets to 192.168.*, and is sees it should send them to the default route, eg. the internet. Your ISP's router is likely to be configured to drop packets to private ranges, so the trace will stop there. One way or another, your packets aren't going to make it to any machine on the net, they are going to be dropped somewhere. If you want to drop them locally on your machine, you should configure a firewall. In Linux 2.2, it should become something like: ipchains -A input -S 192.168.0.0/24 -J drop And similar lines for the other private ranges. When you're running a private net, you ofcourse shouldn't block the addresses when originating from your own net ;-) ipchains -A input -I ! eth0 -S 192.168.0.0/24 -J drop Or something like that. RTFM. MySQL internal error #241: ESIGTOOSTUPID

Re:creating the hosts file (Score:1) by chrisbolt (chris@/*spamsucks*/nysus.com) on Wednesday January 26, @01:50AM EST (#167) (User Info) http://chris.nysus.com/

You can, but it will fill up your error log. If you don't want to fill up your error log, you can just put an invalid IP, such as 192.168.0.1 which is reserved for internal networks.

Re:creating the hosts file (Score:1) by jesser on Wednesday January 26, @03:24AM EST (#206) (User Info) http://www.palosverdes.com/jesse/

yeah, that works, but 127.0.0.1 had the advantage that it didn't send any packets over your modem (and therefore didn't cost you any bandwidth). also, some isps (like mine, cox@home) actually do use 192.168.* internally. -- slashdot: I miss my free time, Rob.

Re:creating the hosts file (Score:1) by djdead (Seth@blowme.com) on Wednesday January 26, @01:38AM EST (#159) (User Info)

okay i tried this. i then rebooted. and ads still seem to come up. also i don't have that hosts.sam file.

Re:creating the hosts file (Score:1) by jesser on Wednesday January 26, @01:49AM EST (#166) (User Info) http://www.palosverdes.com/jesse/

You might search for the hosts.sam file.. it's possible that your windows decided hosts.sam and hosts should be in a different place. If that doesn't do it, try this procedure: Right-click on an advertisement, go to properties, and note the hostname (ads.doubleclick.net, etc.) Open your hosts file in notepad and add a line at the bottom: 127.0.0.1 ads.doubleclick.net Close all of your browser windows Re-open your browser and clear your cache Go back to the site with the banner ad Hopefully that will work.. btw, adding and modifying hosts is one of those occasional changes to windows that doesn't require a reboot :) -- slashdot: I miss my free time, Rob.

Re:creating the hosts file (Score:1) by Jomolungma on Wednesday January 26, @11:08AM EST (#353) (User Info)

I've tried this host file thing and everytime I come to a page with a doubleclick banner, my IE gives me a "couldn't find page" page, instead of just ignoring the ad. Does this method not work on IE? Or is it possible my office network that is doing the messin?

Re:creating the hosts file (Score:1) by jesser on Wednesday January 26, @03:43PM EST (#426) (User Info) http://www.palosverdes.com/jesse/

Try getting a newer version of IE.. I think IE 5.01 handles it correctly, but if not get IE 5.5 beta (which unfortunately introduces lots of new bugs in areas where features weren't even changed as it fixes some old bugs). -- slashdot: I miss my free time, Rob.

Re:creating the hosts file (Score:0) by Anonymous Coward on Wednesday January 26, @12:09PM EST (#379)

Hi, I followed these steps, and then went to http://www.altavista.com to try it out... The page took a *long* time to load; it was paused for a long time on the ad. Is there a way to speed this up? Thanks in advance, Thomas

Won't work for some (Score:1) by Jenova (rebooting@hotmail.com) on Wednesday January 26, @02:24AM EST (#181) (User Info)

Well just a note. That method won't work if you are forced to connect through a non transparent http proxy.

Re:Won't work for some (Score:0) by Anonymous Coward on Wednesday January 26, @08:33AM EST (#299)

It should work if you tell your browser not to use the proxy for those domains, or possibly just for the loopback address.

On NT it in \WINNT\System32\drivers\etc (Score:2) by bridgette (megaland@at@home@dot@com) on Wednesday January 26, @04:44AM EST (#243) (User Info)

On NT it in \WINNT\System32\drivers\etc - bridgette

Re:creating the hosts file (Score:1) by Trombone8vb (johnbonehead@hotmail.com) on Thursday January 27, @12:17AM EST (#469) (User Info) http://members.tripod.com/Trombone8vb

I've been fiddling with this for a while now. Every time I save it, notepad will only allow me to save it as a .txt file. If I put the period after it, it still comes out as .txt. Is there any extension at all for it?

Re:Bad (Score:2) by m3000 (m3000@tampabay_dot_rr_dot_com) on Wednesday January 26, @06:33AM EST (#272) (User Info) http://m3000.1wh.com/linux

Alias their site to 127.0.0.1. If you're running Windows, edit the 'hosts' file. And for all you Linux guys, do the same thing, except to the /etc/hosts file. It's very nice to surf with a lot less ads.

Re:Bad (Score:2) by PooF (aaron@fish.pathcom.com (remove fish...)) on Thursday January 27, @10:49PM EST (#497) (User Info)

Everyones forgeting a bunch of servers. 127.0.0.1 ad2.doubleclick.net 127.0.0.1 ad3.doubleclick.net 127.0.0.1 ad4.doubleclick.net 127.0.0.1 ad5.doubleclick.net 127.0.0.1 ad6.doubleclick.net 127.0.0.1 ad7.doubleclick.net 127.0.0.1 ad8.doubleclick.net 127.0.0.1 ad9.doubleclick.net you might want to add in these for when they grow... 127.0.0.1 ad10.doubleclick.net 127.0.0.1 ad11.doubleclick.net 127.0.0.1 ad12.doubleclick.net 127.0.0.1 ad13.doubleclick.net 127.0.0.1 ad14.doubleclick.net 127.0.0.1 ad15.doubleclick.net 127.0.0.1 ad16.doubleclick.net 127.0.0.1 ad17.doubleclick.net 127.0.0.1 ad18.doubleclick.net 127.0.0.1 ad19.doubleclick.net 127.0.0.1 ad20.doubleclick.net There ;-) Aaron "PooF" Matthews E-mail: aaron@fish.pathcom.com To mail me remove "fish." ICQ: 11391152 Quote: "Success is the greatest revenge"

Re:Bad (Score:1) by the phantom (NahenOdersSon@pPomonaA.eduM (figure it out)) on Wednesday January 26, @12:30AM EST (#55) (User Info) http://pages.pomona.edu/~ahenderson/act.html

Netscape will allow you to reject all cookies or it can be set to warn you before accepting cookies. This may not be the most efficient way of stopping them, but it does work. To refuse cookies, go to the preferences menu and highlight "Advanced." You can mess with cookies from there.

Re:Bad (Score:1) by Audin (amalmin@halcyon.com) on Wednesday January 26, @02:15AM EST (#177) (User Info) http://www.halcyon.com/amalmin/

Netscape will allow you to reject all cookies or it can be set to warn you before accepting cookies. This may not be the most efficient way of stopping them, but it does work. This isn't terribly safe, though... letting just one doubleclick cookie through will let them track you from that point on. It's quite easy to screw up when you're trying to work your way into some site which tries to set 20 cookies per page. A much better option is either a blocker like Junkbuster, or aliasing.

Re:Bad (Score:0) by Anonymous Coward on Wednesday January 26, @04:32AM EST (#239)

What about a program to selectively choose those sites you want to accept cookies from and under what terms? I'd like to find something I can set for folks in my company that's easy to apply across a network. Any ideas?

Re:Bad (Score:0) by Anonymous Coward on Wednesday January 26, @12:12PM EST (#383)

Junkbuster. You can specify certain sites that are allowed to set cookies, and any site connected to you over port 443 to set them. You can even allow cookies to go out but no new cookies to be set. Junkbuster is a network server, and netscape or some other browser is the client which can be running on any host with access to your network. Thus on my little LAN, where my Linux system is the gateway to the Internet, my Mac surfs through the Junkbuster server (netscape setting use proxy 192.168.1.1 port 8000) on the PC just like when I use netscape on the PC where Junkbuster is running. It's transparent. Really many thanks are due Jason Catlett the Junkbuster author.

Re:Bad (Score:0) by Anonymous Coward on Wednesday January 26, @04:58AM EST (#253)

letting just one doubleclick cookie through will let them track you from that point on. Even if you tell Netscape to not send cookies and delete your cookie file? How is that possible?

Re:Bad (Score:1) by Audin (amalmin@halcyon.com) on Thursday January 27, @04:02AM EST (#480) (User Info) http://www.halcyon.com/amalmin/

Even if you tell Netscape to not send cookies and delete your cookie file? How is that possible? It isn't. The original suggestion was to set netscape to "ask befor accepting cookie". Turing cookies completely off and deleting the cookie file should do the trick.

Dynamic IP? (Score:1) by ffatTony on Wednesday January 26, @12:34AM EST (#62) (User Info)

Do they just log IP addresses? What about us with dynamic IPs? Will each site try to palce a cookie and then store that info in the database for the other sites to share? I've never heard of this company, can anyone name some of the sites they provide? Does any one out there really use Gnome or KDE? WM is my favorite, I'm tired of start menu's (This also includes stylized "K"'s and "little feet")

Re:Dynamic IP? (Score:2) by MattMann on Wednesday January 26, @12:49AM EST (#90) (User Info)

they provide the ads for many many many sites. do a view-image on an Altavista ad, for example.

Re:Dynamic IP? (Score:1) by jesser on Wednesday January 26, @12:50AM EST (#93) (User Info) http://www.palosverdes.com/jesse/

Doubleclick abuses a "misfeature" in http (or is it in the browser implimentations?) that allows sites to attach cookies to images. Since you request the banner from a hostname like ads.doubleclick.net, doubleclick gets to look at your cookie each time you go to a site with a doubleclick ad. -- slashdot: I miss my free time, Rob.

Cookies with Images? (Score:1) by ffatTony on Wednesday January 26, @12:52AM EST (#100) (User Info)

Can you tell me more? How does someone do this? (I'm on my way to read the rfc right now) Does any one out there really use Gnome or KDE? WM is my favorite, I'm tired of start menu's (This also includes stylized "K"'s and "little feet")

Re:Dynamic IP? (Score:1) by plague3106 (ajj3085@rit.edu.no.spam) on Wednesday January 26, @12:59AM EST (#109) (User Info)

A cookie is a small text file that the browser (if set to accept them) will place on YOUR computer. So it doesn't matter if your IP changes the file is still on your computer. If you're running IE5, look in c:\windows\temporary internet files and look for files with the text icon. some will be called cookie:whaterver.com...delete them. (NOTE: that is how amazon remembers your credit card, so if you delete the cookie for amazon, the website will ask for your info again). Now the question is, are you going to trade your privacy for some convience?

Re:Dynamic IP? (Score:1) by pen (digdug@hotmail.com?subject=notspam:[subject]) on Wednesday January 26, @02:48AM EST (#191) (User Info) http://altern.org/digdug/

are you going to trade your privacy for some convience? You don't have to. Just use a proxy. Allow only the sites where you want cookies to be enabled, and then deny all others. Try JunkBuster. -- If you're an Opera Win32 user, you should check out Opman.

Re:Dynamic IP? (Score:1) by plague3106 (ajj3085@rit.edu.no.spam) on Wednesday January 26, @08:52AM EST (#302) (User Info)

Hehe....i know, i was asking the reader? I DO have junkbuster on my system already. I was attempting to drive home that maybe convience is not tht important comparied to privacy but i guess i goofed :)

Re:Dynamic IP? (Score:2) by sterno (sterno@bigbrother.net) on Wednesday January 26, @02:29AM EST (#183) (User Info) http://www.bigbrother.net/

Double Click does not actually provide any content. All they are is an ad banner company. You've probably run across countless sites that use double click's banners, but you never noticed. The tracking works regardless of IP address because the information is stored as a cookie. The cookie remains consistent on your browser even if you change IP addresses. --- What would happen if there were no hypothetical situations?

One possible way? (Score:1) by Petethelate (pdbrooksatpacbelldotnet) on Wednesday January 26, @12:34AM EST (#63) (User Info) http://home.pacbell.net/pdbrooks/index.html

What's the best way to block them from knowing who you are without going through an anonymizing site? I'm trying something right now that should/might help. First, I edited the *DO_NOT_EDIT* cookies file that Netscape puts in my directory. Then, I set permissions to read-only. I tried a couple of sites with cookie warning enabled. Even let doubleclick try to set a cookie. It (IIRC) lets cookies run during a Netscape session, but it cannot write the file. This wasn't my idea--read it somewhere else, but never got around to trying it. We'll see if any complications arise. At least, I got back into Slashdot....

Re:One possible way? (Score:1) by Bad-Tech on Wednesday January 26, @12:41AM EST (#74) (User Info)

If all you want is not to have cookies be set, you could sybolic link your cookie file to /dev/null.

Re:One possible way? (Score:1) by Petethelate (pdbrooksatpacbelldotnet) on Wednesday January 26, @12:50AM EST (#97) (User Info) http://home.pacbell.net/pdbrooks/index.html

If all you want is not to have cookies be set, you could sybolic link your cookie file to /dev/null. Well, if I were on a linux box, yep, but this thing is on Windoze. BTW, I tried re-logging and couldn't get back into Slashdot. Evidently, there is some odd reformatting in a cookie file that really does prevent you from effectively editing it. So, for the MK II attempt, I let Slashdot set a cookie, then reset permissions to read only. It looks like a cookie will be set (if you let it), but it's only active for the length of the session. As is my habit, I'll keep manually refusing cookies for the while. I've found very few sites where a long term cookie really needed to be set. I stopped doing business with Amazon, so that's another cookie not needed.....

Re:One possible way? (Score:2) by Zach Baker (zach@zachbaker.com) on Wednesday January 26, @01:44AM EST (#165) (User Info)

Evidently, there is some odd reformatting in a cookie file that really does prevent you from effectively editing it. Yes, it's actually a cute little hack... It's a text file with lines ending in \n\n\r, i.e. two carriage returns, then a line feed: 0D 0D 0A in hex. Most text editors will convert this weirdness to more traditional line endings, at which point Navigator knows some hapless luser has edited the file. Simple solution: use a hex editor (or, of course, a capable enough text editor). For the record, I use the "Accept all cookies" option with a read-only cookies.txt that contains only a small list of hand-picked cookies (Slashdot, for instance). Works splendidly.

Re:One possible way? (Score:0) by Anonymous Coward on Wednesday January 26, @08:27AM EST (#297)

I edit my cookie.txt file using wordpad. It seems to preserve the weirdness of the file so that it still works with netscape. I've been editing my cookies.txt file for years, making random changes. Changeing true to false, and vice versa, modifying serial numbers, etc.

Re:Bad (Score:1) by Vandermar on Wednesday January 26, @12:43AM EST (#81) (User Info)

Apparently, the way the system works it requires another site as a sort of referrer. That site is supposed to give you the option of not participating in the privacy section of their terms. Whether this will happen or not we'll just have to wait and see. The only other options that I can think of would be to not accept cookies or possibly pick through your cookies frequently. I'm not going to sack him straight away. I'm going to kill him straight away. Chef!

Re:Bad (Score:2, Informative) by jburroug (jburroug@*NOSPAM*lib.uaa.alaska.edu) on Wednesday January 26, @12:47AM EST (#87) (User Info) http://www.customcpu.com/personal/pointless

Since I run an IPMASQ/Firewall, at home, I just use ipchains rules to block out all traffic TO their servers: /sbin/ipchains -A output -j REJECT -d 199.95.207.0/24 /sbin/ipchains -A output -j REJECT -d 204.253.104.0/24 /sbin/ipchains -A output -j REJECT -d 199.95.208.0/24 /sbin/ipchains -A output -j REJECT -d 208.211.225.0/24 I only started doing this a few days ago (kinda profetic eh?) so I know i'm missing a few of the subnets their servers use (my rough guess is about 1 in 8 gets through ;-( ) since i block traffic to their sites, their servers don't even get my IP address ;->. If your machine isn't behind a firewall you control you can still run firewall rules locally to keep out unwanted crap and/or visitors ;-> "The only difference between me and a madman is that I am not mad." - Salvador Dali

Re:Bad (Score:4, Informative) by Seth Morabito on Wednesday January 26, @01:07AM EST (#115) (User Info) http://www.loomcom.com/

I got a full list of their subnets through ARIN, conveniently listed below. Some of these guys may not actually be Double Click, but since they all have "Double Click" somewhere in their names, they all get blocked at my router level: [root@foo /root]# whois "double click"@arin.net [arin.net] Double Click (NETBLK-UU-208-211-225) UU-208-211-225 208.211.225.0 - 208.211.225.255 Double Click (NETBLK-UU-208-203-243) UU-208-203-243 208.203.243.0 - 208.203.243.255 Double Click (NETBLK-UU-204-178-112-160) UU-204-178-112-160 204.178.112.160 - 204.178.112.191 Double Click (NETBLK-UU-204-253-104) UU-204-253-104 204.253.104.0 - 204.253.105.255 Double Click (NETBLK-CYPC-2162306564) CYPC-2162306564 216.230.65.64 - 216.230.65.79 Double Click (NETBLK-UU-63-77-79-192) UU-63-77-79-192 63.77.79.192 - 63.77.79.255 Double Click Computers (NETBLK-DCLICK-T1-BLK) DCLICK-T1-BLK 204.186.74.0 - 204.186.74.255 Double Click Imaging, Inc. (ICO-HST) NS1.ICONETWORKS.NET 204.94.129.65 Double Click Imaging, Inc. (NET-DOUBLECLICK2) DOUBLECLICK2 192.65.80.0 Double Click, Inc. (NETBLK-DOUBLECLICK31-60-18) DOUBLECLICK31-60-18 128.11.60.64 - 128.11.60.127 Double Click, Inc. (NETBLK-DOUBLECLICK-92-19) DOUBLECLICK-92-19 128.11.92.0 - 128.11.92.255 Double Click, Inc. (NETBLK-DOUBLECLICK-210-08) DOUBLECLICK-210-08 199.95.210.0 - 199.95.210.255 Double Click, Inc. (NETBLK-DOUBLECLICK3) DOUBLECLICK3 199.95.206.0 - 199.95.209.255

Re:Bad (Score:1) by whatever3 on Thursday January 27, @12:45AM EST (#470) (User Info)

Don't forget "doubleclick" (without the space). Here's my preliminary list...if anyone can improve on it, please do so: 199.95.206.0/23 199.95.210.0/24 208.211.225.0/24 208.203.243.0/24 204.178.112.160/27 216.230.65.64/28 63.77.79.192/26 128.11.60.64/26 63.160.54.0/24 208.210.202.0/24 216.94.59.64/27 208.228.78.0/24 208.228.86.0/24 209.167.73.128/27 208.229.75.0/24 208.32.211.0/24 btw, I'll lay $10 on them not actually using more than 10% of these addresses. Bunch of pigs, really.

Me Too! ;) Re:Bad (Score:0) by Anonymous Coward on Wednesday January 26, @01:19AM EST (#126)

I've done the same thing. Input and output from all my know doubleclick addresses is blocked. I also ban flycast.com in the same fasion. I don't remember where I first saw them, but they seemed to be behaving similar to doubleclick. (Note that some of the masks are /23, or some other odd number. When I looked these up on arin.net, there were holes in their assignments as seen.) I hope this is useful to som people. Please post bug reports, too. :) One more thing, don't forget to use junkbuster as well. (My firewall/router redirects port 80 through squid which then goes through junkbuster. Quite nice. :) Here are the addresses I have so far: # undesirable sites, init here for uniformity elsewhere BANNED_SITES="" # doubleclick.net BANNED_SITES="$BANNED_SITES"\ "208.10.202.0/24 216.94.59.64/27 208.228.78.0/24 208.228.86.0/24 "\ "209.167.73.128/27 208.229.75.0/24 208.32.211.0/24 208.211.225.0/24 "\ "199.95.206.0/23 199.95.208.0/23 209.67.38.99 " # flycast.com BANNED_SITES="$BANNED_SITES"\ "216.32.96.0/21 207.240.119.0/24 192.216.105.0/24 216.52.4.0/22 "\ "209.191.72.0/26 207.251.152.224/31 " for BANNED in $BANNED_SITES ; do ipchains -A input -d $BANNED -j REJECT -l ipchains -A output -d $BANNED -j REJECT done

All of Doubleclick's Networks! (Score:2) by sterno (sterno@bigbrother.net) on Wednesday January 26, @02:37AM EST (#189) (User Info) http://www.bigbrother.net/

For those of you who want to set up ipchains to block everything vaguely associated with doubleclick, I went over to ARIN and looked up what IP blocks have been assigned to them. This should block everything. On a couple I went a bit overboard and blocked an entire 0-255 subnet when they only had a small chunk. But i figure, better safe than sorry :). Here ya go: ipchains -A output -d 199.95.206.0/24 -j REJECT ipchains -A output -d 199.95.207.0/24 -j REJECT ipchains -A output -d 199.95.208.0/24 -j REJECT ipchains -A output -d 199.95.207.0/24 -j REJECT ipchains -A output -d 63.160.54.0/24 -j REJECT ipchains -A output -d 208.211.225.0/24 -j REJECT ipchains -A output -d 208.10.202.0/24 -j REJECT ipchains -A output -d 216.94.59.0/24 -j REJECT ipchains -A output -d 208.228.78.0/24 -j REJECT ipchains -A output -d 208.228.86.0/24 -j REJECT ipchains -A output -d 209.167.73.0/24 -j REJECT ipchains -A output -d 208.229.75.0/24 -j REJECT ipchains -A output -d 208.203.243.0/24 -j REJECT ipchains -A output -d 204.178.112.160/24 -j REJECT ipchains -A output -d 204.253.104.0/24 -j REJECT ipchains -A output -d 216.230.65.0/24 -j REJECT ipchains -A output -d 63.77.79.0/24 -j REJECT ipchains -A output -d 128.11.60.0/24 -j REJECT ipchains -A output -d 128.11.92.0/24 -j REJECT ipchains -A output -d 199.95.210.0/24 -j REJECT ipchains -A output -d 199.95.206.0/24 -j REJECT --- What would happen if there were no hypothetical situations?

Re:All of Doubleclick's Networks! (Score:1) by Rasha on Wednesday January 26, @04:05AM EST (#227) (User Info)

I added all these rules yet I still get some ads. for example at dilbert.com This list may not be exhaustive.

Re:All of Doubleclick's Networks! (Score:1) by coolgeek on Wednesday January 26, @12:11PM EST (#380) (User Info)

I guess it's just the wirehead in me (and maybe I'm paranoid, too), but I prefer to filter them out at the router, rather than trust an http proxy to block the traffic.

Re:Bad (Score:0) by Anonymous Coward on Thursday January 27, @08:46AM EST (#484)

Sites that try the sort of crap that doubleclick does deserve an immediate blocking to bring them to their financial knees. If you're running linux then setup your computer with ipchains and bind-utils. try nslookup ad.doubleclick.net to find their various subnets. So far: ipchains -A input -j REJECT -s 199.95.207.0/24 ipchains -A input -j REJECT -s 204.253.104.0/24 ipchains -A input -j REJECT -s 199.95.207.0/24 ipchains -A input -j REJECT -s 199.95.208.0/24 ipchains -A input -j REJECT -s 208.211.225.0/24 ipchains -A input -j REJECT -s 209.67.38.0/24 ipchains -A input -j REJECT -s 208.184.29.0/24 ipchains -A input -j REJECT -s 204.253.104.0/24 If you're running windows, then change the security level for doubleclick.net and doubleclick.com to refuse any cookies. If possible install software to refuse any sort of connection to or from doubleclick. Pretty soon these sorts of companies will need to realize when they've over-stepped their bounds, if not then they'll stay blocked from any computer under my control until they do. Matt. -- Every morning is a Smirnoff morning.

Re:Bad (Score:1) by lizrd (bumpusad@hotmail.com) on Wednesday January 26, @12:51AM EST (#98) (User Info)

The best way I've found to block them (and also speed download times) is to add a line to your hosts file (/etc/hosts c:\windows\hosts) to direct that domain to the null IP address 0.0.0.0 . Then they won't be able to track you and you won't have to look at the adds. ________________ Just because I can

Re:Bad (Score:1) by plague3106 (ajj3085@rit.edu.no.spam) on Wednesday January 26, @12:52AM EST (#101) (User Info)

Or you could just tell your broswer to refuse all cookies...that may break some sites, but so will blocking software...blocking software will give you better control, you can accept cookies only from certain sites and only specific ones from those sites

Re:Proxomitron Filter (Score:1) by seoman70 (seoman.Green.Eggs@zinkproductions.Spam.com) on Wednesday January 26, @01:09AM EST (#116) (User Info) http://thornvalley.zinkproductions.com/

I've gotta put in a plug for a filter that I'm fond of: The Proxomitron. It is Win32 only (unfortunately; if you use a different platform, Junkbusters is probably the way to go), is much more user-friendly than JunkBusters, and probably just about as configurable. Since it is a proxying filter, it works with all browsers. Hey, it's even skinnable. :) [Seoman] "A conclusion is simply the place where you got tired of thinking."

Yet more proof that COOKIES AND JAVA ARE EVIL!!!!! (Score:0) by Anonymous Coward on Wednesday January 26, @01:17AM EST (#124)

Keep cookies and java(script) disabled and keep yourself safe. Always be anonymous. When it's necessary to create accounts (like with New York Times web site), always supply bogus data, bogus names, and bogus email. For truly evil sites that require a valid email address to mail your real password back to, which you must receive before access is granted, get an anonymous throw away account (yahoo, hotmail, etc.) to receive this password. Never give out any real information. For regular email, use anonymizers (replay.com). Use SSL proxy servers to mask yourself behind. They are all against you. If some site needs geographical data (like to get TV listings), give zipcodes near you, but not your actual one. Within 50 miles is good enough for TV. And for better security use combinations of the above to anonymize yourself better. Chain through many proxies, remailers, anonymizers, preferable located in many different nations to make tracking you a logistical and bureaucratic nightmare. Go through nations that don't like your nation to deliberately hamper trace attempts. Would Cuba or Serbia help the US attorney general track down some h4x0r? Or Libya? Take advantage of political strife to hide yourself. As for your ISP, dynamic IP is your enemy (though static IP assigned only to you is worse). Dynamic IP can be linked to specific phone calls. Go for multi-user shell ISPs that have many users all logging on and off of the same machine (IP). Prepay service with money orders (use false name on them). Get the address off of a (distant) streetlight controller box and give that to the ISP as your home address. Surf from a laptop via telephones in motel rooms. Pay cash for your stay. And move around a lot. If you need to make LD calls, get one of those phone cards from the vending machine at 7-11. Using crypto wherever possile goes without saying. Use "n/a" and your name and company name for all software you install on your laptop, and bogus addresses. You never know what MS is sending back to the black helicopters. Do all of this and keep the information goons in check for another day. B1t Thr45h3r, s0UTH3rn h4X0rz

More privacy tips... (Score:1) by guardian-ct on Thursday February 03, @09:10AM EST (#515) (User Info)

Also, never post to slashdot using your real name. Build a real firewall around the inside walls of your apartment. Design carefully, so that a few pyrotechnics can start a fire that will burn all the evidence, even if the feds get in. Lock all food items in the refrigerator. (sorry, too much conspiracy theory)

E-MAIL them NOW!!!! (Score:0) by Anonymous Coward on Wednesday January 26, @01:33AM EST (#147)

support@doubleclick.net; info@doubleclick.net; hostmaster@DOUBLECLICK.NET; acct_payable@DOUBLECLICK.NET; ang@doubleclick.com; root@doubleclick.com; webmaster@doubleclick.com; www@doubleclick.com; web@doubleclick.com; sales@doubleclick.com; dns@doubleclick.com; dcquestions@doubleclick.com; jblum@doubleclick.com; kryan@doubleclick.com; koconnor@doubleclick.com; dmerriman@doubleclick.com; lianuly@doubleclick.com; csaridakis@doubleclick.com; drosenblatt@doubleclick.com; ptsigrikes@doubleclick.com; scollins@doubleclick.com; jepstein@doubleclick.com; dmerriman@doubleclick.com; bsalzman@doubleclick.com; wmillard@doubleclick.com; jblum@doubleclick.com;

even better (Score:0) by Anonymous Coward on Wednesday January 26, @09:13AM EST (#307)

I'll post that list to alt.sex and alt.2600 for the spam bots to pick up :)

Better Yetter (Score:0) by Anonymous Coward on Friday January 28, @11:41AM EST (#503)

Sign those addresses up with XOOM. They (XOOM) will sell the addresses to every company on earth.

Netscape Configuration (Score:1) by Fellgus (wiz@post2.tele.dk) on Wednesday January 26, @03:43AM EST (#214) (User Info) http://www.cs.auc.dk/~larsch/

Now how do they track you? Using cookies of course. In netscape, you can disable cookies from other hosts than the page being viewing. This effectively blocks Internet-wide tracking like doubleclick.net. Host cookies are still allowed, which I think is OK. -larsch

Re:Netscape Configuration (Score:2) by Mr. Slippery (tms@spambefuddler-infamous.net) on Wednesday January 26, @06:10PM EST (#442) (User Info) http://www.infamous.net/

In netscape, you can disable cookies from other hosts than the page being viewing. This effectively blocks Internet-wide tracking like doubleclick.net. NO. IT DOES NOT. Sorry to shout, but I fear many people share the same misapprehension. Cookies can be attached to images as well as to web pages. By attaching cookies to banner ads or invisible GIFs served from a common source, servers can pass information about you between themselves. Since the cookie comes from the same source as the image, the "Only accept cookies originating from the same server" option will gladly accept them. You must block or delete cookies if you wish to prevent this tracking. (Also note that even the mighty, mighty Junkbuster won't protect you fully - cookies can still get thru in Javascript and SSL.) For a detailed explanation see Chapter 9 of Phillip and Alex's Guide to Web Publishing (scroll down about halfway for the relevant section). Tom Swiss | the infamous tms | http://www.infamous.net/ "What's so funny about peace, love, and understanding?" - Nick Lowe

Re:Netscape Configuration (Score:0) by Anonymous Coward on Tuesday February 01, @06:30PM EST (#512)

To Stop Doubleclick I simply deleted all my cookies. Then I went to the two places That I wanted to recognize me. I verified that I only had cookies from where I wanted, then changed the file attribute on my cookie file to read only... A low Tech solution... BTW Who uses Doubleclick? I was surprised to find it on my favorite web site cnet.net, www.nydailnews.com, anybody think of keeping a list of sites that use it, then complaining to the sites ?

Re:Netscape Configuration (Score:0) by Anonymous Coward on Tuesday February 01, @06:51PM EST (#513)

Great idea, but I think you meant cnet.com. How about a simple program called Doubleclick catcher, that blocks and makes one aware of a doubleclick attempt.

Re:Bad (Score:0) by Anonymous Coward on Wednesday January 26, @05:46AM EST (#263)

It's all quite simple really :- bash-2.03$ cat /etc/hosts # Entry to stop doubleclick badness 127.0.0.1 ad.doubleclick.net bash-2.03$ Now, is it just me, or is this so blindingly obvious that you guys really should have thought about it before. :)) And what's more this will actually work on Windoze boxes as well (yes, Win95 and up does have a c:\windows\hosts file if you want one). Only problem with this technique is if you aren't running a httpd on localhost, you might get some browsers complaining all the time, and even if you are running httpd, your logs will start looking weird, but at least you're not getting ads, doubleclick aren't getting your hit, your privacy isn't being invaded, AND you're not spending 20 bucks on some badly written code that will 'junkbust' - whatever that is. :)

junkbuster is "free" code. (Score:1) by guardian-ct on Thursday February 03, @09:17AM EST (#516) (User Info)

No payment of 20 bucks necessary. Just download, compile, and install (well, maybe not That easy...) Someone else out there has modified the junkbuster code to return 1x1 blank GIFs in place of banner ads. www.junkbuster.com (basic junkbuster code nearby) www.waldherr.org (blank GIFifier) Junkbuster does have a logging function, but you can turn most of it off if you like. If you turn off all the debugging log functions, the only things left are "program started" sorts of log entries. If you turn them all on, everything that passes through the proxy gets logged, including all the data from the http connection. You can be your own paranoid delusion, and try to track yourself down. enjoy...

Simplest solution. (Score:0) by Anonymous Coward on Wednesday January 26, @06:15AM EST (#270)

Set doubleclick.net to point to 127.0.0.1 Doing this is easy just stick the following entry into c:\windows\hosts :- doubleclick.net 127.0.0.1 In most linux distros i think the file is /etc/hosts I did this ages ago as i pay for my bandwidth and dont like recieving banner ads.

foil double click by... (Score:0) by Anonymous Coward on Wednesday January 26, @09:20AM EST (#309)

using www.cyberarmy.com, www.anonymizer.com free services of allowing you to go through their proxies (you look like your coming from www.cyberarmy and your name is cyberarmy, and you live at cyber army etc)... it will slow your browsing down abit, but you will remain anonymous, even more so than now... you could also go to www.zdnet.com and look for their privacy pages... they have some good links to US NAvy pages that will do the same thing. It's a military excercise in encryption which keeps you commpletely in the dark to others

Re:Bad (Score:0) by Anonymous Coward on Wednesday January 26, @10:20AM EST (#331)

i am almost sure their system works with cookies. so going into the browser properties and disabling them should do the trick. --AC (too lazy to register)

Re:Bad (Score:0) by Anonymous Coward on Wednesday January 26, @10:53AM EST (#347)

In the M$ Windows world, there is a utility called CookiePal from Kookaburra Software http://www.kburra.com that allows you to selectively accept and reject cookies. It also allows to always or never accept a particular cookie. I have found this to be very useful, because there are some sites that I need to go to that require cookies. *I am in no way associated with Kookaburra Software, except that I use their software.

Need cookie control in browsers (Score:1) by skelter on Wednesday January 26, @11:22AM EST (#362) (User Info) http://www.skelter.net

We need to demand selective cookie control in our browsers! -- They say you die a little bit each day. Have a nice day!

Re:Bad ... You could always enter the lion's den (Score:1) by Buskaatt on Wednesday January 26, @11:50AM EST (#369) (User Info)

Go to http://www.doubleclick.net/optout/default.as and set your cookie to OPT_OUT. You lose your PID and its relationship to the Abacus database.

Re:Bad (Score:0) by Anonymous Coward on Wednesday January 26, @11:55AM EST (#372)

Where exactly do the banner sites get the info from? I've entered bogus info in most places, i.e. netscape's identity section and windows' user registration during installation. The only place where I entered real info was when I created my user under Linux. Would it be possible for them to get the info from there?

Re:Bad -- use Muffin (Score:1) by boyns on Wednesday January 26, @12:32PM EST (#389) (User Info)

Muffin can filter out doubleclick and much more. It's very powerful, allows users to write their own filters in Java, runs on linux/win32/mac, and it's freely distributed under the GPL. http://muffin.doit.org/

Re:Bad (Score:1) by Dimes (Dimes@fake-email.duh) on Wednesday January 26, @01:26PM EST (#402) (User Info)

This probably doesn't help much, but on my machines doubleclick.net resolves as 127.0.0.1, Not sure if this screws with the tracking info.....but it sure is nice not to have to wait for the adds to come up ;-) dimes

ummm... (Score:0) by Anonymous Coward on Wednesday January 26, @12:14AM EST (#4)

Shall all the ISP's start firewalling DoubleClick at the router level?

Just e-mail them, and let them know how you feel! (Score:0) by Anonymous Coward on Wednesday January 26, @01:33AM EST (#148)

support@doubleclick.net; info@doubleclick.net; hostmaster@DOUBLECLICK.NET; acct_payable@DOUBLECLICK.NET; ang@doubleclick.com; root@doubleclick.com; webmaster@doubleclick.com; www@doubleclick.com; web@doubleclick.com; sales@doubleclick.com; dns@doubleclick.com; dcquestions@doubleclick.com; jblum@doubleclick.com; kryan@doubleclick.com; koconnor@doubleclick.com; dmerriman@doubleclick.com; lianuly@doubleclick.com; csaridakis@doubleclick.com; drosenblatt@doubleclick.com; ptsigrikes@doubleclick.com; scollins@doubleclick.com; jepstein@doubleclick.com; dmerriman@doubleclick.com; bsalzman@doubleclick.com; wmillard@doubleclick.com; jblum@doubleclick.com;

Router-level blocking (Score:0) by Anonymous Coward on Wednesday January 26, @05:07AM EST (#257)

We already do at my company, all routers are configured to block ad sites such as doubleclick. Advert companies (online or not) do really suck anyway.

SECOND (Score:0) by Anonymous Coward on Wednesday January 26, @12:14AM EST (#6)

#RIT OWS * LET THAT BE KNOWn FEAR US

first post (Score:0) by Anonymous Coward on Wednesday January 26, @12:15AM EST (#7)

first post doodz

E-mail them!!!!!!!!!!!!!!!!!!!! (Score:0) by Anonymous Coward on Wednesday January 26, @01:32AM EST (#145)

support@doubleclick.net; info@doubleclick.net; hostmaster@DOUBLECLICK.NET; acct_payable@DOUBLECLICK.NET; ang@doubleclick.com; root@doubleclick.com; webmaster@doubleclick.com; www@doubleclick.com; web@doubleclick.com; sales@doubleclick.com; dns@doubleclick.com; dcquestions@doubleclick.com; jblum@doubleclick.com; kryan@doubleclick.com; koconnor@doubleclick.com; dmerriman@doubleclick.com; lianuly@doubleclick.com; csaridakis@doubleclick.com; drosenblatt@doubleclick.com; ptsigrikes@doubleclick.com; scollins@doubleclick.com; jepstein@doubleclick.com; dmerriman@doubleclick.com; bsalzman@doubleclick.com; wmillard@doubleclick.com; jblum@doubleclick.com;

first post--i think (Score:0) by Anonymous Coward on Wednesday January 26, @12:15AM EST (#8)

I think this is the first post, but anyway... this is BS... This just proves my theory that the commercialization of the internet is the worst thing to happen to computers. wow... the internet's on computers now...

*** IMPORTANT: e-mail them **** (Score:0) by Anonymous Coward on Wednesday January 26, @01:33AM EST (#153)

support@doubleclick.net; info@doubleclick.net; hostmaster@DOUBLECLICK.NET; acct_payable@DOUBLECLICK.NET; ang@doubleclick.com; root@doubleclick.com; webmaster@doubleclick.com; www@doubleclick.com; web@doubleclick.com; sales@doubleclick.com; dns@doubleclick.com; dcquestions@doubleclick.com; jblum@doubleclick.com; kryan@doubleclick.com; koconnor@doubleclick.com; dmerriman@doubleclick.com; lianuly@doubleclick.com; csaridakis@doubleclick.com; drosenblatt@doubleclick.com; ptsigrikes@doubleclick.com; scollins@doubleclick.com; jepstein@doubleclick.com; dmerriman@doubleclick.com; bsalzman@doubleclick.com; wmillard@doubleclick.com; jblum@doubleclick.com; 4 543

1st? (Score:0) by Anonymous Coward on Wednesday January 26, @12:15AM EST (#9)

Hmmm...

Re:1st? *** EMAIL THEM *** (Score:0) by Anonymous Coward on Wednesday January 26, @01:33AM EST (#151)

support@doubleclick.net; info@doubleclick.net; hostmaster@DOUBLECLICK.NET; acct_payable@DOUBLECLICK.NET; ang@doubleclick.com; root@doubleclick.com; webmaster@doubleclick.com; www@doubleclick.com; web@doubleclick.com; sales@doubleclick.com; dns@doubleclick.com; dcquestions@doubleclick.com; jblum@doubleclick.com; kryan@doubleclick.com; koconnor@doubleclick.com; dmerriman@doubleclick.com; lianuly@doubleclick.com; csaridakis@doubleclick.com; drosenblatt@doubleclick.com; ptsigrikes@doubleclick.com; scollins@doubleclick.com; jepstein@doubleclick.com; dmerriman@doubleclick.com; bsalzman@doubleclick.com; wmillard@doubleclick.com; jblum@doubleclick.com; eee

Enough with the complaining... (Score:0) by Anonymous Coward on Wednesday January 26, @12:15AM EST (#10)

How can we avoid that tracking? I mean... What can *I* do on *MY* computer to avoid them knowing who I am? Shutting off cookies isn't an option at all, nor is manually filtering all my cookies.

Re:Enough with the complaining... (Score:0) by Anonymous Coward on Wednesday January 26, @12:17AM EST (#17)

How about pouring hot grits down your pants... 11th post... Yee-UHh..

Re:Enough with the complaining... (Score:0) by Anonymous Coward on Wednesday January 26, @12:20AM EST (#24)

Check out Zero Knowledge's new software at http://www.freedom.net for anon surfing while still using cookies

Avoid it or destroy it? (Score:0) by Anonymous Coward on Wednesday January 26, @12:30AM EST (#56)

Better than figuring out how to avoid it why not figure out how to destroy it and make it illegal? Why not make an example of these bastards so that no one will ever want to do this shit again? THIS IS BIG BROTHER. They are tracking everything you do, what you look at, THEY KNOW. This is so fundementally wrong. We need to organize ourselves and stop them. Immediatly.

PISS THEM OFF (Score:0) by Anonymous Coward on Wednesday January 26, @01:33AM EST (#150)

support@doubleclick.net; info@doubleclick.net; hostmaster@DOUBLECLICK.NET; acct_payable@DOUBLECLICK.NET; ang@doubleclick.com; root@doubleclick.com; webmaster@doubleclick.com; www@doubleclick.com; web@doubleclick.com; sales@doubleclick.com; dns@doubleclick.com; dcquestions@doubleclick.com; jblum@doubleclick.com; kryan@doubleclick.com; koconnor@doubleclick.com; dmerriman@doubleclick.com; lianuly@doubleclick.com; csaridakis@doubleclick.com; drosenblatt@doubleclick.com; ptsigrikes@doubleclick.com; scollins@doubleclick.com; jepstein@doubleclick.com; dmerriman@doubleclick.com; bsalzman@doubleclick.com; wmillard@doubleclick.com; jblum@doubleclick.com;

Re:Enough with the complaining... (Score:0) by Anonymous Coward on Wednesday January 26, @04:08AM EST (#229)

Why can't you shut off cookies? I do.

Re:Enough with the complaining... (Score:1) by m3000 (m3000@tampabay_dot_rr_dot_com) on Wednesday January 26, @06:41AM EST (#275) (User Info) http://m3000.1wh.com/linux

Because a lot of cookies are very usefull to me. For example, thanks to cookies, I only have to log in once to Slashdot. Or it saves my preferences at places like zdnet.com and other personalization sites. It also saves some of my login's and passwords to certain sites, which, while I guess would be a security risk to yall, I trust my family. Of course, I could selectivly get cookies, but I tried that once, and spent about half my time clicking "no" to 5 at each website I visted, totally wasting my time. I don't really mind cookies when they're useful, it's just that sometimes they're not.

Re:Enough with the complaining... (Score:0) by Anonymous Coward on Wednesday January 26, @10:25PM EST (#465)

Browsers need to enable a "cookie zone" feature. This way you can deliberately add the useful sites and make all others not bother you at all with the question.

Re:Enough with the complaining... (Score:0) by Anonymous Coward on Thursday January 27, @09:47PM EST (#495)

Internet Explorer 5 has this feature. In addition to general Internet and Intranet security settings, you can define custom security settings for Trusted Sites and Restricted Sites. All you have to do is add sites you trust to Trusted Sites, then disable cookies for Internet sites generally (and Intranet sites, if you don't trust your local network; they're disabled by default for Restricted Sites, which is a good place for sites you definitely don't trust).

Re:Enough with the complaining... (Score:1) by atholbrose (cinnamon@one.net) on Wednesday January 26, @08:01AM EST (#288) (User Info)

If you go to www.doubleclick.com, click on "privacy policy" and follow a few more links, tey can send you an opt-out cookie. It sets your doubleclick user ID to "OPT_OUT". Is this good enough? I dunno. I'm going to see, though.

Rights? (Score:0) by Anonymous Coward on Wednesday January 26, @12:16AM EST (#12)

You have no rights online! Ask any OSU computer user! Taylor 5 represent Napster RIP

cookies... (Score:1) by JustShootMe (rmilleratduskglowdotnospamdotcom) on Wednesday January 26, @12:16AM EST (#13) (User Info) http://www.duskglow.com

Isn't it possible to reject any cookies from doubleclick.com? Not that I think this ia good thing, I think it's abhorrent. But one would think that's one way to combat it... If you can't figure out how to mail me, don't. Catch your very own geek - http://www.singlegeek.com

Re:cookies... (Score:2, Informative) by Jonathan C. Patschke (jp@nospam.totalaccess.net) on Wednesday January 26, @01:43AM EST (#161) (User Info) http://celestrion.totalaccess.net/

It's ``easy when you know how''. If you've got (or use) a Linux box nearby, and have an Ethernet card in it and your PC, it's possible to build a firewall and use the Squid web-proxy to block all content from DoubleClick.net. The blocker I use is available at http://www.zip.com.au/~cs/adzap/index.ht ml and makes my "Internet Experience" far more enjoyable as it blocks almost all banner ads, and even kills a decent number of popups and consoles. Since my browser cannot make a connection to DoubleClick.net, I cannot trade cookies with them. Oppress Frank Rizzo on Slashdot. Moderate him to Hell.

An Obvious Solution... (Score:1) by Tsian on Wednesday January 26, @12:16AM EST (#14) (User Info)

This is quite obviously a horrendous invasion of privacy on the part of doubleclick, and a boycott (of sorts) should begin immediately. I would presume that very few users want to be in the doubleclick database, and as such i submit a simple sollution. Simply put the doubleclick domain (in ie, i presume netscape has a similar feature) into the restricted sites area, and adjust security in that zone as necessary to as not accept cookies. Without light there is no darkness. Without darkness there is no light.

Re:An Obvious Solution... (Score:1) by Binar1 (use_my_public_key) on Wednesday January 26, @12:25AM EST (#42) (User Info)

Might want to add *.flycast.com to that restricted list, too.

Re:An Obvious Solution... (Score:1) by fougasse on Wednesday January 26, @12:55AM EST (#103) (User Info)

No, don't add flycast to that restricted list. This discussion is about the privacy violations of DoubleClick. I agree that what they're doing is a violation of privacy and that they should certainly be boycotted because of it. But you certainly can't extend that argument to "block all advertising". Flycast, for example, has a privacy policy that explicitly forbids associating personal information with your website-viewing profile. Advertising is increasingly unfashionable to defend, but if it weren't for advertising, much of the content on the Internet wouldn't exist. Without advertising, it is essentially impossible to put a useful page up on the web and not lose money. The only real alternative is paying for content... now which would you prefer? If users start blocking ads, then sites which advertise will make less money. As it is now, ad-blocking is generally restricted to techies, people who use the Web a lot and know a lot about it too. And so if this demographic (or psychographic, I'm not sure which applies here) blocks ads, sites which appeal to this demographic (to use advertising terms) will receive less revenue per visitor. That is, tech sites will make less money. Or, in other words, there will be fewer tech sites. In an Internet where content is almost universally supported by advertising, no advertising simply means no content. (And let me also point out that there's a banner at the top of this very page...)

Re:An Obvious Solution... (Score:0) by Anonymous Coward on Wednesday January 26, @02:53AM EST (#196)

Without advertising, it is essentially impossible to put a useful page up on the web and not lose money False.

Re:An Obvious Solution... (Score:1) by fougasse on Wednesday January 26, @09:54PM EST (#461) (User Info)

Thank you, Anonymous Coward, for your in-depth response.

Re:An Obvious Solution... (Score:0) by Anonymous Coward on Wednesday January 26, @03:52AM EST (#218)

As for Flycast, well... things can change. It takes a minute to change the policy. Every ad I've come across (including the ads at Slashdot) end up to my shitlist. I don't want to see them. So yes, I'd say put Flycast to your blocklist and sleep easy. Without advertising, it is essentially impossible to put a useful page up on the web and not lose money. Right, but wrong. There are many, many useful sites which do not advertise, for example www.gnu.org There are no banners there. And as for content, it's the top. Excellent tools. In an Internet where content is almost universally supported by advertising, no advertising simply means no content. It is not completely like this, and it would not have to be like this at all. It is sad to see the Internet gradually turn into a mindnumbing TV-like apparatus simply because "there can be no content unless you advertise". That is no free speech. It is free speech for those who have the money, because "you sing the songs of those whose bread you eat." (And let me also point out that there's a banner at the top of this very page...) I've felt so much better after I installed Waldherr's version of junkbuster. Windows-users might want to look at an easy-to-use and gratis Webwasher. Install them today and spare yourself from that corporate brainwashing...

Re:An Obvious Solution... (Score:1) by fougasse on Wednesday January 26, @10:08PM EST (#462) (User Info)

Right, but wrong. Oh no. Not paradox, please. I hate those. There are many, many useful sites which do not advertise, for example www.gnu.org There are no banners there. And as for content, it's the top. Excellent tools. I didn't say that there were no good sites without advertising... I said that you usually couldn't put up a good site without advertising and not lose money. And the only reason GNU does not lose large amounts of money is that they receive grants and donations. Grants and donations can't sustain more than a minuscule percentage of the Web... I assume you don't want search engines to have PBS-style pledge breaks. (We'll get back to your search in just a few minutes now, but wouldn't you love this novelty AltaVista heated blanket, available at the $85 level?) It is sad to see the Internet gradually turn into a mindnumbing TV-like apparatus simply because "there can be no content unless you advertise". That is no free speech. It is free speech for those who have the money, because "you sing the songs of those whose bread you eat." The cases in which advertising would limit free speech are very rare. But they certainly do exist. This is the case in many other media, though -- newspapers with, for instance, anti-capitalist views cannot be supported by advertising. So these newspapers either charge readers or operate at a loss (and solicit donations). The same is applicable to the Internet; nobody said that you can't put content up without advertising, only that you have to find an alternative revenue source or operate at a loss. And yes, as is the case with other media, this will make it more difficult to make anti-advertiser views heard. Capitalism inherently limits some forms of free speech, and this is one of them. However, without advertising, speech would be much more limited: those without enough money couldn't operate a web page. A case of "you can only sing if you have bread". That, it seems to me, would damage free speech much more.

Re:An Obvious Solution... (Score:1) by dhml on Wednesday January 26, @07:46AM EST (#285) (User Info)

Question: if flycast are innocent why have I just found a flycast cookie in my file? What possible innocent use is it to anybody? Another question: anybody used CutTheCrap (filter proxy)? I have it installed & I thought it was working (don't know how old the cookies are). Any reason to trade it for junkbuster which seems to be the favourite here? Michael

Re:An Obvious Solution... (Score:1) by fougasse on Wednesday January 26, @09:44PM EST (#457) (User Info)

Because cookies are not evil by definition. Cookies are used to, among other things, track which ads you've seen and which ads you tend to click on. Calling this a privacy violation is going overboard -- what private information is revealed? Is the fact that the user at IP 112.43.82.48 has already seen the ad with the dancing penguin and tends to click on ads about food a serious violation of your self?

Re:An Obvious Solution... (Score:1) by dhml on Thursday January 27, @05:12AM EST (#482) (User Info)

Clearly the above scenario is not a violation of self: however it is of no possible __benefit__ to me (the point of cookies) and could concievably be used for targetted marketing etc if the the info ever got married up with any of my pid. Bottom line: I do not think I should be sent cookies unless they are for my benefit eg user preferences.

Re:An Obvious Solution... (Score:1) by kurumi on Wednesday January 26, @01:50PM EST (#408) (User Info)

Advertising is increasingly unfashionable to defend, but if it weren't for advertising, much of the content on the Internet wouldn't exist. Without advertising, it is essentially impossible to put a useful page up on the web and not lose money. The only real alternative is paying for content... now which would you prefer? Paying for content. Cable TV, DSS, DMX, BBC, PBS... to varying degrees a similar revenue model and better content. Though PBS is showing more commercials all the time. In an Internet where content is almost universally supported by advertising, no advertising simply means no content. (And let me also point out that there's a banner at the top of this very page...) Hmmmm... I'll take your word for that. All I see is a broken image tag. :-) Also, advertising != content. There are tons of great pages for historical, entertainment, news, information, with no ads, because the webmasters have real jobs elsewhere and just want to contribute to the community. It's a pretty good deal: I give out free info, fun stuff, sw, and get the same from other sites. No adz needed. Anyway, I really resent these incessant, impudent demands for my attention ("eyeballs.") I don't want ad fsckers like Kevin O'Connor tracking me, and I'll use proxies, unlisted #'s, false demog info, and whatever else to thwart them. More: http://www.kurumi.com/opinion/adblock.ht ml

Re:An Obvious Solution... (Score:1) by fougasse on Wednesday January 26, @09:53PM EST (#460) (User Info)

Your claim that it's fully possible for Internet content to exist without advertising just doesn't ring true. Certainly, small sites will work just fine without ads -- webmasters will happily pay 20 dollars a month to share something they created. BUT this would rule out both larger sites and sites that need to be worked on full-time. It's essentially impossible to run a search engine without ads, for instance: the bandwidth and hardware requirements are so huge that engines would have to either be publically funded (publically funding the Internet is no longer feasible due to its size), display ads, or use micropayments. (Those search engine which operate without many ads today, i.e. Google, run based mainly on venture capital, which certainly is not permanent). So the only remaining alternative is micropayments. I certainly wouldn't want to pay for every search, and I don't think most users would either. You need only look at the introduction of flat-fee, unlimited Internet access: users left per-minute-fee ISPs in huge numbers. These days, virtually all home ISPs offer unlimited access, even the broadband ones. In fact, free, ad-based ISPs are becoming more and more popular these days.

Re:An Obvious Solution... (Score:1) by Mija Cat (acat@despammed.com) on Friday January 28, @01:25PM EST (#505) (User Info)

Yahoo did just fine as a search engine before ads. Yes, that's really my e-mail. Don't change a thing.

Re:An Obvious Solution... (Score:1) by fougasse on Saturday January 29, @06:35PM EST (#511) (User Info)

If I remember correctly, that's because it was hosted by a university, and therefore publically funded. This was possible then because the traffic levels that Yahoo received were much, much lower.

Re:An Obvious Solution... (Score:0) by Anonymous Coward on Thursday January 27, @10:10PM EST (#496)

I've found the most useful web sites by far are university sites (funded largely by the British, American, and other states). Apart from them, I also use the BBC sites quite often (again, funded by the British state). There are exceptions to this: newspapers/news sites, standards organisations, and corporate sites (for documentation, drivers, etc.). Of these, the only ones that rely on advertising are the newspapers/news sites. I suppose you could say that state-sponsored, corporate and organisational web sites lose money, but it would cost much more to published the same information by traditional means, so from that perspective, they're really saving money.

Re:An Obvious Solution... (Score:0) by Anonymous Coward on Wednesday January 26, @03:36AM EST (#211)

Don't just boycott the ads, this will take a lot longer. By boycotting any site that contains a DoubleClick ad banner we can force the sites to abandon doubleclick and change banner companies, thus bringing down doubleclick. Boycott and site with a doubleclick banner now!

Re:An Obvious Solution... (Score:1) by spodpit on Wednesday January 26, @04:57AM EST (#252) (User Info) http://www.spodpit.freeserve.co.uk/

> This is quite obviously a horrendous invasion of privacy on the part of doubleclick, > and a boycott (of sorts) should begin immediately. A possible suggestion for those of us in the UK, which I'd like some input on: www.freeserve.net (and probably other UK sites as well), get there adverts from ad.uk.doubleclick.net - from it's name and where it traceroutes to (pipex.net) it's based in the UK. Is there anyway that we can use the data protection act (think that's the right one) and demand a copy of all the information they have on us. If enough of us do this, it's going to be rather time consuming for them ... Also, if you're a Freeserve subscriber then it might be worth writing an email/letter of complaint to Freeserve suggesting that you're very unhappy about their use of doubleclick and that you're considering switching to another ISP. (Freeserve may not get any money off you directly, but they don't have whine when call minutes are down!)

Re:An Obvious Solution... (Score:0) by Anonymous Coward on Wednesday January 26, @07:12AM EST (#279)

It's all explained at: Here I've I got it right, you could request a copy of the information but they are entitled to ask for a small "admin" fee.

Re:An Obvious Solution... (Score:1) by Paul Wright (slashdot@verence.demon.co.uk) on Wednesday January 26, @08:27AM EST (#296) (User Info) http://www.verence.demon.co.uk/paul/

Is there anyway that we can use the data protection act (think that's the right one) and demand a copy of all the information they have on us. If enough of us do this, it's going to be rather time consuming for them ... Yes. I think you can at the moment, but you definitely can when the EU directive beomes law. The changes to European Union law will be propagated into UK law effective on 1st March, according to the Data Protection Registrar's website. The subject access rights have been extended: Whereas under the 1984 Act the data subject was only entitled to have a copy of any data processed by reference to him, the new Act states that he is also entitled to a description of the data being processed, a description of the purposes for which it is being processed; a description of any potential recipients of his data and except in limited circumstances, any information as to the source of his data (where available). The website also says: In addition Schedule 2 provides that processing may only be carried out where one of the following conditions has been satisfied i.e., where; the individual has given his consent to the processing the processing is necessary for the performance of a contract with the individual the processing is required under a legal obligation the processing is necessary to protect the vital interests of the individual or to carry out public functions the processing is necessary in order to pursue the legitimate interests of the data controller or certain third parties (unless prejudicial to the interests of the individual). Depends on whether Doubleclick's address tracking is "legitimate" I suppose... AFAIK, the DPA is criminal law: you don't have to sue them yourself.

Another solution (and a rant) (Score:3, Interesting) by B.D.Mills (starmaus@hotmail-You-Know-What-To-Do.com) on Wednesday January 26, @06:38AM EST (#273) (User Info)

Doubleclick.net and other unscrupulous online businesses rely on one simple principle for their online profiling to work: that the ID cookie that they send you will always be associated with you. This lends itself to some interesting possibilities if you want to really screw around with their online profiling. The simplest method would be to either block all traffic from doubleclick.net, or frequently go on search-and-destroy missions through your cookie files, looking for doubleclick.net cookies and systematically removing them all from your system. Profiling cannot work if the ID code is no longer valid. Another method that would take more effort to set up but can potentially cause irreparable damage to the usefulness of the cookie as a profiling tool follows. Set up a central web site for doubleclick.net cookies. Users of the site would download special software that swaps cookies. Then the software would upload your doubleclick.net cookie, and you would receive another random cookie back. Swapping cookies like this destroys them as a tracking resource. This isn't illegal, but doubleclick.net may decide to sue the site to force them to stop trading cookies in this way anyway. If this happens, all the users on the site can then launch a class action countersuit against doubleclick.net with the goal of forcing them to stop profiling. For example, does it constitute illegal wiretapping? And does doubleclick.net have a valid end-user licence for the use of the personal information in this way? Everyone, please remember the horrendous Orwellian scenario that already exists when profiling is combined with Web Bugs (also more euphemistically known as clear gifs). Web Bugs are small (typically 1x1 pixel) clear gifs that are found on the bottom of web pages that inform the owners that the page has been loaded. Doubleclick.net already know what pages you visit, a lot more than you think. And it's happening now. Doubleclick.net are not the only net terrorists that are acting this way. They are merely the most prominent, and the first that have actually admitted to the practice. Where I refer to doubleclick.net here, substitute many other ad banner companies freely. If you want to boycott companies, the following need to be boycotted, in order of importance: doubleclick.net and other ad banner companies that send you persistent cookies. All companies that have web bugs leading back to any of these companies, particularly if they do not disclose their use of web bugs in their "Privacy" page. All other companies that deal with ad banner companies mentioned in #1. -- "640K ought to be enough for anybody." -- Bill Gates, visionary, c. 1981.

Re:Another solution (and a rant) (Score:2) by gorilla on Wednesday January 26, @09:10AM EST (#304) (User Info)

I just edit my cookie file and change the cookie number on a random basis. Much simpler than any swaping scheme.

Re:Another solution (and a rant) (Score:0) by Anonymous Coward on Wednesday January 26, @11:03AM EST (#351)

Random perturbation is most likely ineffective, becuase cookies are probably encoded with an error-correcting scheme --- where given a change of a few bits, the original word can be reconstructed in cubic time. e.g., Hamming codes, BCH codes (which are used in audio CDs)

Re:Another solution (and a rant) (Score:2) by gorilla on Wednesday January 26, @04:10PM EST (#429) (User Info)

Changing the entire number makes it impossible to reconstruct any number, and it certainly makes it impossible to track me.

Re:Another solution (and a rant) (Score:1) by beagle on Wednesday January 26, @05:26PM EST (#438) (User Info)

I use a different solution, which I've found to be quite successful thus far. I'm surprised I haven't seen it mentioned here yet. Delete all entries that you don't want in your cookie file, then make it read-only. This works for both UNIX and Windows versions of Netscape. Anyone know how to do something similar in IE? I then accept all cookies. Voila - no more bother with "do I want this cookie?" Sure, I get tracked around for the short while that I'm running my browser, but since I shut it down every night after work, I don't ever end up with any "junk cookies" - and no tracking worth mentioning! (What good is a profile of 8 hours?)

Re: Yet Another solution (and a rant) (Score:0) by Anonymous Coward on Wednesday February 02, @05:46PM EST (#514)

For IE, I use a shareware called Cookie Pal (http://www.kburra.com/cpal.html). This program can always accept/reject cookies from domains that you specify. Just turn 'Prompt before accepting cookies' options on and let Cookie Pal take over. In fact, Cookie Pal can monitor any process that could put a cookie, like a HTML enabled email program. The best $15 I have spent :)

Data Mining (Score:3, Insightful) by oy (oy@DONTSPAM.tangerine.ucs.ualberta.ca) on Wednesday January 26, @12:17AM EST (#16) (User Info)

Information gathering is nothing new, everytime you go grocery shopping and use your "Club Card" your grocery purchases are put into a huge databse. Say you buy some pampers... instantly a red light goes off some where and next week you'll be getting mail about baby products.. Building huge data bases on people is extrmley scary, and at present laws don't really exist to protect peoples privacy, or information. Should you be allowed to know i have a history of cancer in my family before i buy insurance from you?

Re:Data Mining (Score:1) by dsl (qfyhpuva@lnubb.pbz [rot13]) on Wednesday January 26, @12:30AM EST (#53) (User Info)

This is exactly why I stopped shopping at Kroger the day they started having a "Club Card" (well, that and the fact that they raised prices 50% overnight so they wouldn't lose any money on the card discount). It's annoying sometimes since all of the all-night groceries around here are Kroger, and I liked buying food at 2 AM, but I won't patronize businesses that punish me for wanting to maintain a little privacy. I refuse, on principle, to have a .sig.

Re:Data Mining (Score:1) by kurumi on Wednesday January 26, @02:02PM EST (#410) (User Info)

This is exactly why I stopped shopping at Kroger the day they started having a "Club Card" (well, that and the fact that they raised prices 50% overnight so they wouldn't lose any money on the card discount) ... I won't patronize businesses that punish me for wanting to maintain a little privacy. I like club cards. I can live another life, and change it frequently. Back when Safeway would try to be personal and read your name, I became Ben Feldstein, and I would always correct the cashier on the pronunciation: "Thank you, Mr. Feldsteen." -- "That's FeldSTINE." "Good morning, Mr. Feldstine." -- "I'm sorry, that's FeldSTEEN." But that card is long gone. Right now I'm revered Penn State football coach Joe Paterno. A good rule of thumb for filling out any form: if their having the correct information does not benefit you personally, and is not required by law (e.g. SSN on your 1040), fake it.

Data mining = Big Brother (Score:0) by Anonymous Coward on Wednesday January 26, @12:41AM EST (#73)

Data mining is so fundementally wrong, I can not believe that it is a legal practice. It disgusts me to know that some corporation has a computer which contains a profile of me which I did not consent to them creating. Big Brother is coming, and unless we do something to stop him now we will not be able to stop him when he gets here. The Corporations are transforming the world into a fascist empire of braindead consumers.

America and Corporations (Score:1, Interesting) by Anonymous Coward on Wednesday January 26, @03:42AM EST (#213)

"The mass of mankind has not been born with saddles on their backs. Nor a favored few booted and spurred, ready to ride them. [...] We should oppose a single and splendid government founded on banking institutions and monied corporations." - Thomas Jefferson "I see in the near future a crisis approaching that unnerves me and causes me to tremble for the safety of my country... corporations have been enthroned and an era of corruption in high places will follow, and the money of the country will endeavor to prolong its reign by working upon the prejudices of the people until all wealth is aggregated in a few hands and the Republic is destroyed. I feel at this moment more anxiety for the safety of my country than ever before, even in the midst of war." -- Abraham Lincoln Let's not forget that one of the major reasons for the American Revolution and everything that followed was to escape from the tyranny of (British) corporations. Our country was originally founded on principles and laws which made The People sovereign and corporations directly accountable and subservient to them. This is what Democracy is about. Self-government. The People taking matters into their own hands. But naturally Private Power has other ideas. The original American ideals were gradually eroded until that infamous and fateful 1886 court decision which essentially reversed the American Revolution, granting rights to corporate entities on par with those of citizens. The world we live in today was most certainly not envisioned by our Founding Fathers. Jefferson and Lincoln would be appalled.

Re:America and Corporations (Score:0) by Anonymous Coward on Wednesday January 26, @11:12AM EST (#356)

What the hell is wrong with the moderators!? That is an excellent post which deserves at least a 2 for relevance. Jesus Christ, Slashdot is moderated by brain-dead tech-flunkies. Softly, As in a morning sunrise The light that gave you glory Will take it all away.

Re:America and Corporations (Score:0) by Anonymous Coward on Wednesday January 26, @11:19AM EST (#359)

Excellent post, dude.

Spoofing (Score:2) by KMSelf (kmself@SPAMmeNOT.ix.netcom.com) on Wednesday January 26, @12:56AM EST (#104) (User Info) http://www.netcom.com/~kmself/

Most club cards require zero authentication of ID. For years, my local grocery club card was listed as belonging to the CEO of a large IT organization (no, not that one, or that one). If you're familiar with IT operations, Fred Flintstone (etc.), Test User, Test Account, Admin Account, and similar interesting first/last name combinations can be fun to try. What part of "Gestalt" don't you understand? sid=moderation

Re:Data Mining (Score:1) by crush on Wednesday January 26, @01:19AM EST (#127) (User Info)

Building huge data bases on people is extrmley scary, and at present laws don't really exist to protect peoples privacy, or information. Nah. That's just paranoia, mostly it's manufacturers and retailers who want to be able to serve you better. They want to be able to respond to the free-market and listen to what their customers are telling them. Companies are often perceived as uncaring, deaf monoliths, but really they're just there to do your bidding. So why are you so scared of them? Like you say, this is nothing new, they're collecting information all the time. What really kills me are things like the grocery cards or airmiles - the bastards are asking us to work for them by providing a false reward. If they can afford to give away the airmiles then they should give them away. The cunning aspect of this tactic is that they've already got enough people doing it so that if you don't then you lose out. I hate it! If I were to sell my shopping data I'd expect a lot more money than that. Save us from the idiots. The only really postive thing that you can do is to fill out false and misleading information voluntarily on as many survey forms as you can, my father introduced me to this idea when I was quite young and they started collecting this data with grocery cards. Soon we had a pretty wacky family to go down on the unimportant cards: 3 bachelors uncles of ages 13, 53 and 93 lived with us and were employed respectively as: a stockbroker (earnings > $100,000 per annum), unemployed, and a garbage-man (30-50,000). There were also more subtle pieces of disinformation, altering the amount of products of a particular type that one was supposed to be buying up or down, some estimatedly reasonable fraction. Perhaps it does no good ( I can see our outlier being eliminated from the data set pretty quickly) but at least it did them no good!

Re:Data Mining (Score:2) by sjames (sjames@nospam.gdex.net) on Wednesday January 26, @12:48PM EST (#391) (User Info) http://www.members.gdex.net/sjames

That's just paranoia, mostly it's manufacturers and retailers who want to be able to serve you better. If that's all it is, then DoubleClick and it's business associates would be happy to tell us who is part of the program. No business serves a customer well by sneaking around behind their backs. If they want to listen to what I'm telling them, then they should listen to what I'M TELLING them, not covertly gather information that I'm NOT telling them. Furthermore, unlike many of those programs, DoubleClick not only does this after explicitly claiming otherwise, but they share it around with many other companies quietly. Even if I had some sort of grocery card (I certainly don't!), the information is not available to other merchants the moment I walk into their store. With DoubleClick, it apparently is. This like many other things is marginally acceptable on a small scale but becomes grossly unacceptable when applied on a larger scale. The only really postive thing that you can do is to fill out false and misleading information voluntarily... That's great fun! Von Wilhelm, Hochkis. nationality: German. Occupation: Shepherd. Relation to family: Other.

Re:Data Mining (Score:1) by Skim123 (mitchell@4guysfromrolla.com) on Wednesday January 26, @01:30AM EST (#138) (User Info) http://www.4guysfromrolla.com/

But with the supermarket card, you have the option of using it. With Doubleclick's scheme, you aren't aware that you're being tracked... No sig right now

Re:Data Mining (Score:1) by mcrandello (mcrandello@my-deja.com) on Wednesday January 26, @10:47PM EST (#467) (User Info) http://www.slashdot.org/comments.pl?sid=mcrandello

Better than that, I use the temporary card they gave me. The cashier *never* gives me a rough time, I get my discount, and if they ever do ask, I'll let them know I don't want a name attached to my spending habits. Oh, and I pay with cash. No bank cards or cheques. mcrandello@my-deja.com rschaar{at}pegasus.cc.ucf.edu if it's important.

Re:Data Mining (Score:1) by CleverNickName on Wednesday January 26, @02:03AM EST (#173) (User Info) http://superstringtheory.com/

To quote Dale, from King of The Hill: "By now, your name and particulars have been fed into every laptop, desktop, mainframe and supermarket scanner that collectively make up the global information conspiracy otherwise known as...The Beast." "The unexamined life is not worth living" -Socrates

Re:Data Mining (Score:0) by C.Lee on Wednesday January 26, @03:52AM EST (#219) (User Info)

>Information gathering is nothing new, everytime you go grocery >shopping and use your "Club Card" your grocery purchases are put into >a huge databse. Er, those grocery store "Club Cards" I use are in a false name dude. So they aren't actually tracking the purchases *I* make, but rather the name that's on the card....

Re:Data Mining (Score:0) by Anonymous Coward on Wednesday January 26, @04:42PM EST (#435)

Yeah, if you don't use a credit card and only pay in cash.

Re:Data Mining (Score:1) by Helge Hafting on Wednesday January 26, @05:53AM EST (#266) (User Info)

Building huge data bases on people is extrmley scary, and at present laws don't really exist to protect peoples privacy, or information. Laws exists where I live. Anyone wanting to build a database with information about identifiable persons must get a permission from the authorities. The law was made because of computer databases, but applies to other media as well. Of course there are exceptions for obvious stuff, a company may, for example, keep a payroll without applying for permission. The law also states that you may demand to see your own record in anybody's database, and you can tell them to delete it. I tell telemarketers to delete me from their lists, as required by law. They really don't call back - until the next edition of the phone directory is scanned. (Or whatever they use.)

Re:Data Mining (Score:1) by TheTomcat (sean@nbnet.nb.ca) on Wednesday January 26, @08:14AM EST (#291) (User Info) http://riptear.dyndns.org

Should you be allowed to know i have a history of cancer in my family before i buy insurance from you? OR, should you be allowed to see how many pounds of red meat I buy each year before selling me Life Insurance? Statistic in insurance should be regulated. I got quoted $4967/year for insurance on my new car. I'm male, under the age of 25. No, I've never been in an accident. Stats prove that I am more likely to get into an accident than females 10 years older than me, so I get shafted. What if stats proved that gays got in more accidents than straights (sorry if straight is considered a slur now... ) or if African Americans (insert politically-correct-term-of-the-week for black people here) got in more accidents than whites? Sorry. I know it's a little OT, but if corporations like double click can gather info on us the same way, who KNOWS what'll happen.

Re:Data Mining (Score:0) by Anonymous Coward on Wednesday January 26, @11:37AM EST (#366)

I have a more interesting question. If statistics actually showed the converse, would the rates be adjusted appropriately? What if women actually get in more accidents then men. Would the companies have the guts to charge women more? I wonder what cost these people can bear while holding to outdated notions of responsibility and demographics.

Re:Data Mining (Score:1) by TheTomcat (sean@nbnet.nb.ca) on Wednesday January 26, @01:58PM EST (#409) (User Info) http://riptear.dyndns.org

ok, this is WAY off topic, but: Ever notice that there IS no word for male feminist? Also notice that "sexist" is commonly understood as a male term? Now, I'm no misogynist, but I'm sure we'd see bra-burners at Wawanesa and State Farm if women were charged more based on stats.

Re:Data Mining (Score:0) by Anonymous Coward on Friday January 28, @03:56PM EST (#506)

Should you be allowed to know i have a history of cancer in my family before i buy insurance from you? OR, should you be allowed to see how many pounds of red meat I buy each year before selling me Life Insurance? If I'm the one selling you life insurance, then, yeah. Why would I want to sell life insurance to your fat fucking heart-attack prone ass? Life insurance is cheaper for non-smokers, you know. So lay off the Whoppers, you fat lazy fuck.

Re:Data Mining (Score:1) by bobv-pillars-net (bobv-slashdot@pillars.net) on Friday January 28, @05:27PM EST (#508) (User Info) http://www.pillars.net/

I know what you mean. Spent half an hour at a local bank today, on hold with their legal department (long-distance on THEIR nickel) waiting for a legal explanation of why they required my right thumbprint to cash a payroll check drawn on their bank. hostmaster@pillars.net, geek@large

Filter Plug-In (Score:1) by crashdavis on Wednesday January 26, @12:17AM EST (#18) (User Info)

It would seem pretty simple to me for someone to write a plug-in for IE or Netscape which would parse the HTML and remove doubleclick (or some configurable list of domains) image tags. What's the problem with doing this? Another way to do this, although potentially harder, would be to do what was suggested here during the last round of postings and produce a plug-in which would suppress creation of cookies for domains external to the displayed page. Whatever sophistication Doubleclick has in identifying this info, the fact is that *we*are*giving* this information to them with our stupid browsers. Crash Davis "The difference between theory and practice is small in theory and large in practice..."

Re:Filter Plug-In (Score:1) by reaper20 (castro@infantry.com) on Wednesday January 26, @12:22AM EST (#29) (User Info)

Doesn't junkbuster filter out all of this stuff already? I know it blocks the advertisements, but does anyone know if it blocks the information going the other way??

Re:Filter Plug-In (Score:1) by ffatTony on Wednesday January 26, @12:40AM EST (#71) (User Info)

Another way to do this, although potentially harder, would be to do what was suggested here during the last round of postings and produce a plug-in which would suppress creation of cookies for domains external to the displayed page. Netscape 4.7 already has an option of Only accept cookies from the same server as the page being viewed which is what I think you are refering to. Does any one out there really use Gnome or KDE? WM is my favorite, I'm tired of start menu's (This also includes stylized "K"'s and "little feet")

Re:Filter Plug-In (Score:1) by Bastian on Wednesday January 26, @03:22AM EST (#203) (User Info)

Netscape 4.7 already has an option of Only accept cookies from the same server as the page being viewed which is what I think you are refering to. I think what you mean is the "Only accept cookies which get sent back to the originating server" option. My understanding of this option is not that it filters out cookies which didnt come from the server that made the webpage, but that it rejects cookies that dont go back to the server that sent them. In this case, since the cookies are coming from doubleclick.net, that option would not filter them out.

Re:Filter Plug-In (Score:0) by Anonymous Coward on Wednesday January 26, @12:41AM EST (#75)

I was thinking the same thing. How privacy conscious is Mozilla? Mozilla is "open source" can't we write privacy/anonymous features directly into it? make Mozilla the anonymous browser?!? afterall my wife(tobe) would be really pissed to find out how many porn sites a REALLY visit :) STUPID DOUBLECLICK JERKS! Mitch

127.0.0.1 (Score:4, Informative) by Will_Malverson on Wednesday January 26, @12:17AM EST (#19) (User Info)

I've got all kinds of advertiser addresses aliased to 127.0.0.1. It protects your privacy and speeds up your Internet browsing. It's even possible if you, for whatever reason, use Microsoft Windows, there's a hosts file in the c:\windows (or whatever) directory, that you can edit. However, you do need the most recent version of IE (I don't know what Netscape would do) to make it not go to a full-screen error message on any site that has an ad. Sorry 'bout the heavy MS content.

Re:127.0.0.1 (Score:3, Informative) by Our Man In Redmond (deepcover@microsoft.com) on Wednesday January 26, @12:27AM EST (#49) (User Info)

Take a look at the Linux Tips page on Portico. They recently posted a list of servers you can alias to 127.0.0.1 in your /etc/hosts file. I haven't tried it yet but I'm going to. Any chance someone could create a cookie we could all paste into our caches that indicates that every single one of us is the MPAA Executive Offices? Let Doubleclick track them. Somehow I think they might deserve each other. -- Someone you trust is one of us.

Re:127.0.0.1 (Score:0) by Anonymous Coward on Wednesday January 26, @12:43AM EST (#80)

That list has ads.theonion.com... you know they have these ads for a reason?...do you not want The Onion to be around??! Sorry for the English.

Re:127.0.0.1 (Score:2) by Mr. Slippery (tms@spambefuddler-infamous.net) on Wednesday January 26, @06:30PM EST (#444) (User Info) http://www.infamous.net/

you know they have these ads for a reason?... And we block them for a reason. I'm trying to read a page and there's a damn flying monkey zooming all around the top of it, distracting me chewing up my CPU time. No thanks. Want me to know about your sponsors? I won't feel the need to block a simple, plain text "Supporters of this page include...The Frobozz Corp, makers of fine Frobozz Grue Repellent." It might even give me a warm fuzzy feeling towards The Frobozz Corp, that a dancing grue animation never would. Ad banners are dying, and I can't wait to piss on their graves. Tom Swiss | the infamous tms | http://www.infamous.net/ "What's so funny about peace, love, and understanding?" - Nick Lowe

Re:127.0.0.1 (Score:2) by jesser on Wednesday January 26, @01:13AM EST (#122) (User Info) http://www.palosverdes.com/jesse/

Sorry 'bout the heavy MS content. Nothing wrong with that. Considering that most Windows users aren't aware that they're being tracked, much less that they can opt-out by typing a medium-length URL into their browser, user education is important. And user education starts with the geeks, whether they use Linux, Windows, or any other O/S to surf, figuring it out. Link to the opt-out site from your website. Mention it whenever you discuss internet privacy with your friends. -- slashdot: I miss my free time, Rob.

Re:127.0.0.1 (Score:0) by Anonymous Coward on Wednesday January 26, @01:07PM EST (#395)

Another solution that unfortunately only works for internet explorer is to list these sites as "Restricted Sites" under the security settings in internet options. That way you don't get the cookies from them. It's really easy to find where/how this is stored in the registry, so you can export a *.reg file and pass it around. When I have some time I'll probably write a program to clean and ban all the advertisers who've dropped cookies on my system. Using Microsoft internet features to protect privacy - "embracing and extending" my personal cyberspace.

255.255.255.255 (Score:1) by Tom7 (spam-sucks) on Wednesday January 26, @02:47PM EST (#417) (User Info) http://www.andrew.cmu.edu/~twm/

255.255.255.255 works better for me, particularly if you're running a web server on your local machine. All real routers drop these packets immediately (god forbid). Here's my blacklist: ad.doubleclick.net vbn.adbureau.net www.adclub.net imageserv1.imgis.com adforce.imgis.com ads15.focalink.com geo.yahoo.com adproxy.whowhere.com ad.lycos.com adex3.flycast.com imageserv2.imgis.com www76.valueclick.com ads.msn.com oz.valueclick.com ads23.focalink.com adimages.gamespy.com adcontent.gamespy.com If you use linux, set up your own caching name server (faster anyway) and use it. You can probably do something similar (anybody know how easy this is, or do you need to hack the source?) Mac users are out of luck, as far as I know. I'm sure we'd all love to write a Mozilla plugin to keep ads away a little more cleanly -- I'm sure many of us will.

Re:127.0.0.1 (Score:1) by RickHunter on Wednesday January 26, @03:57PM EST (#428) (User Info)

Well, I've tried this on my system, following the instructions in C:\Windows\hosts.sam. Didn't affect Netscape at all, even though ping and tracert insist that they're being mapped right. Guess Netscape assumes you're too dumb to know how to use a hosts file. Yet another thing that irritates me about Windows and Windows products. As a note, I am pro-alternative-operating systems. I think Linux and *BSD are all very nice alternatives to Windows. Its just that this machine has a lot of Windows-only software. -RickHunter --"We are gray. We stand between the candle and the star." --Gray council, Babylon 5.

Re:127.0.0.1 (Score:0) by Anonymous Coward on Wednesday January 26, @05:52PM EST (#441)

Aliasing to 127.0.0.1 doesn't work. I've seen sites that have arranged so that you don't get the site content if you've got their advertiser aliased that way.

Re:127.0.0.1 (Score:2) by Cycon on Wednesday January 26, @07:42PM EST (#451) (User Info) http://cogengine.linuxbox.com

It's even possible if you, for whatever reason, use Microsoft Windows, there's a hosts file in the c:\windows (or whatever) directory, that you can edit. Under Windows 2000 (and I would assume NT as well) this file resides in the c:\winnt\system32\drivers\etc directory, to be exact.

Re:127.0.0.1 (Score:2) by Cycon on Wednesday January 26, @08:35PM EST (#454) (User Info) http://cogengine.linuxbox.com

However, you do need the most recent version of IE (I don't know what Netscape would do) to make it not go to a full-screen error message on any site that has an ad. Just checked this out and verified it under Netscape 4.7 (again, under Windows 2000 Professional) and it works just fine, that is where ads used to be you just see the broken image box in it's place.

am i missing something (Score:0) by Anonymous Coward on Wednesday January 26, @12:18AM EST (#20)

Ok, I understand logically how they can get your name, age, etc etc but how are they going to know it was you that clicked on their ad and how to correlate your click to your info? Can anybody enlighten me? http://enmasse.penguinpowered.com/

Re:am i missing something (Score:1) by Ravensign on Wednesday January 26, @12:26AM EST (#45) (User Info)

They have web site hosts who "cooperate" with them, and when you say give them your name for a service or product, they bacsially tell doubleclick what your cookie number is then they line that up with their direct marketing big database which in all probability has an entry for you already and viola, DoubleClick now knows what cookie goes with who. It's creepy and I don't think it's gonna stand. "Sig free in '03!"

Re:am i missing something (Score:1) by ffatTony on Wednesday January 26, @12:45AM EST (#83) (User Info)

hey bacsially tell doubleclick what your cookie number is then they line that up with their direct marketing big database which in all probability has an entry for you already and viola, DoubleClick now knows what cookie goes with who Perhaps I am wrong, but as I understood the cookie rfc, a cookie will only be returned to a site if the address is the same as the site that issued it, thus if xyz.com gives you a cookie, a script at doubleclick.com cannot access it. What I forsee is that when xyz.com gets some info about you, they'll pop it into a shared database and all connected sites will know. As for identifying you when you visit the page, ip-address is the only thing I forsee, unless you give them more info in which to identify you. Does any one out there really use Gnome or KDE? WM is my favorite, I'm tired of start menu's (This also includes stylized "K"'s and "little feet")

Re:am i missing something (Score:1) by Aaron Denney on Wednesday January 26, @01:24AM EST (#133) (User Info)

Perhaps I am wrong, but as I understood the cookie rfc, a cookie will only be returned to a site if the address is the same as the site that issued it, thus if xyz.com gives you a cookie, a script at doubleclick.com cannot access it Yes, but they can give out cookies for image requests, and since all of the banner ads come from doubleclick, they can get the cookies.

We have no privacy (Not that it isn't obvious) (Score:0) by Anonymous Coward on Wednesday January 26, @12:18AM EST (#21)

Just wait until AOL-Time Warner buys DoubleClick and controls your personal information, your content, and your method of accessing it. Every day our privacy and freedom is dimished, but what can we do?

Takeover (Score:0) by Anonymous Coward on Wednesday January 26, @12:42AM EST (#78)

Just wait until AOL-Time Warner buys DoubleClick... How about Microsoft and their tons of cash sitting around? They could buy DoubleClick and incorporate it into Windows. Then forget about the workarounds to avoid cookies and so forth.

Time to start poisoning those pigeons. (Score:2) by Stormbringer on Wednesday January 26, @01:32AM EST (#146) (User Info)

We need a script that will snag one of those cookie-fetches on the way past, find it in the "naughty" list, and modify the serial-number in it to a different value every single time... and then do ten more HTTP hits at the same URL, different serial number each time. Basically fill up that database with trash. More effective than singing a bar of Alice's Restaurant, anyway.

Re:Time to start poisoning those pigeons. (Score:0) by Anonymous Coward on Wednesday January 26, @02:49AM EST (#192)

BRILLIANT IDEA!!!! Let's take this a step further! Get a list of sites that use Double Click, then feed it into a spidering engine. Then have the spidering engine feed thousanda of the tainted cookies from thousands of sites into Double Click's database! AHAHAHAHAHA!!! I've been looking for a pet project to do. I'm thinking this would be a good opportunity to mess with Java Threads >:)

Re:Time to start poisoning those pigeons. (Score:0) by Anonymous Coward on Wednesday January 26, @03:49AM EST (#215)

Aren't there already free Perl spiders... seems like this would take all of 10 minutes to write if you had a list of double click sites...

We can Crack and DoS their frigging puters!! (Score:0) by Anonymous Coward on Wednesday January 26, @03:50AM EST (#216)

that's right.. DESTROY DESTROY DESTROY

Opt-Out (Score:5, Informative) by hernick on Wednesday January 26, @12:18AM EST (#22) (User Info)

This is the opt-out link. It will place a cookie on your computer that'll let you opt out of doubleclick's tracking. I am the administrator of a few web caches (I use squid) and I've started blocking web ads a while ago, replacing them by one-pixel blank gifs. It probably fixes the problem...

Re:Opt-Out - useful (Score:1) by paled (paled@EATSPAM.home.com) on Wednesday January 26, @12:24AM EST (#34) (User Info)

thanks. I'm opted out. Aspiring Oracle DBA - Disc Golf enthusiast.

Re:Opt-Out (Score:1) by TeddyR (syousif@iname.com) on Wednesday January 26, @12:28AM EST (#50) (User Info) https://www.mav.net/teddyr/syousif/

The thing is... Your way would make it harder for sites that DO depend on ads for revenue. And what if your users wanted to see the page as designed... ads and all... Personally I prefer to have squid "do its thing" normally, but use the Internet Junkbuster chained to a squid proxy. This way your users can select to have an ad-free proxy or a normal proxy. http://www.alug.org/

Re:Opt-Out (Score:5, Interesting) by hernick on Wednesday January 26, @12:42AM EST (#77) (User Info)

Actually, there is a problem with ads. We pay for bandwith. The stats for the proxies, when merged together, give exactly this: 62.46% Global Hit-Rate 29.63% Doubleclick.net Hit-Rate 03.72% Doubleclick.net KB Transferred By making a simple calculation doubleclick alone is using 7.84% of my bandwith, therefore increasing my monthly costs by more or less that amount. The connections we use have a base cost that's pretty low plus 12$ a gigabyte. So doubleclick (and other ad sites, but mostly doubleclick) is costing us a non-insignificant amount of money ! Now, I'm sure the stats are different than they would in another environement - this is an educational establishement so the sites visited tend to be more often the same, and a normal proxy would probably devote less bandwith to doubleclick.net, and a normal site would probably not pay for bandwith by the gig like we do. The problem is, they're making money without us getting anything in return. I don't feel it's immoral to deprive them of their revenue as long as they won't compensate us at all. I think that if more proxy administrators start doing the same, or perhaps even replacing the doubleclick banners (that's pretty easy to do, and I am considering doing it), doubleclick will have to react and do something. What I'd consider fair is for them to offer us a share of the revenue. It wouldn't have to be big.. And perhaps offer a solution to cache their ads more efficiently rather to get such a low hit-rate. Please reply with any constructive input, I appreciate it :)

Re:Opt-Out (Score:1, Flamebait) by Anonymous Coward on Wednesday January 26, @01:02AM EST (#112)

This is not "your bandwidth". YOU chose to visit the site... in return they would like to MAKE SOME MONEY! Many sites DEPEND on the small amount of income they get from these banners. If you don't want to pay with your bandwidth, then do not visit the site. Please don't op this down, I forgot my nick/passwd

Re:Opt-Out (Score:1) by spodpit on Wednesday January 26, @05:06AM EST (#256) (User Info) http://www.spodpit.freeserve.co.uk/

> This is not "your bandwidth". It sounds like he's in the UK, where he's paying by the second for his bandwidth (assuming it's either analog modem or ISDN), personally I'd say that makes it his - and if he doesn't want traffic from a certain site using it up, then that's his choice. As for paying with bandwidth - why should *I* pay for the dubious honour of receiving advertising, if you want to send me advertising then I want paying for it. As soon as doubleclick start offering money to offset the money I'd have to spend downloading their adverts, I'll start considering downloading them ...

Re:Opt-Out (Score:1) by grumpy_geek on Wednesday January 26, @09:49AM EST (#323) (User Info)

I'm sure they would be willing to pay for their portion of the bandwidth... Of course you would have to start sending a check back to the website for your bit of the bandwidth.... When was the last time you sent a check to slashdot, paying for the bandwidth you are using? Hmm... I guess someone thought that bandwidth only costs the end user; and that websites are free, as in free beer.

Re:Opt-Out (Score:0) by Anonymous Coward on Wednesday January 26, @12:03PM EST (#375)

Another problem with some banner advertisment servers is that they do not give up. I have found that if I close my browser while a site with a banner is showing then frequently I see the banner site trying to send packets to (the now non-existent) browser for quite some time. This can cause the idle timeout not to trigger and thus cause the telephone charges (I am in the UK) to be higher than they should.

Re:Opt-Out (Score:1) by jesser on Wednesday January 26, @01:26AM EST (#134) (User Info) http://www.palosverdes.com/jesse/

Doubleclick pays site to site admin can make money (or at least not lose too much money) while providing a free service. User pays internet provider in order to access free web-based service. What exactly is the problem here? -- slashdot: I miss my free time, Rob.

Re:Opt-Out (Score:1) by robl on Wednesday January 26, @01:31AM EST (#141) (User Info)

I don't know... I mean. when you factor in the fact that most sites don't charge you to use them, I think it's an okay deal. I appreciate the content on fool.com or slashdot or eetimes. But someone has to pay for the content provider's bandwidth too. The post-scarcity economy hasn't come to the bandwidth market, at least not yet! Now I started to be a hypocrite about two weeks ago when I downloaded internet junkbuster. I primarily wanted a service that would banish cookies from my browsing. But I also got something that would block banner ads... I really have to think about these ethical dilemnas some more. I mean I want content I don't have to pay for, but I just don't want to be treated like a piece of meat by a marketing company, either. I guess your argument might make more sense on spam, where spammers aren't required to pay for the connection that the user must use in order to receive the spam mail, and they don't help to pay for any content either. But, now that I think about it, you are right is that it does take about 70k to download some of these banners that are out there....

Re:Opt-Out (Score:5, Insightful) by earlytime (earlrob@mnsinc.com) on Wednesday January 26, @02:11AM EST (#175) (User Info) http://www.mnsinc.com/earlrob/

well it's fairly simple to argue that banner-ad clearing houses like double click make the cost of individual banner ads cheaper for the advertiser. Hence the advertiser may buy more ad space on more web sites. Even Taco will tell you that without ad revenue, slashdot would have gone bankrupt long ago. Advertising is not an inherently bad thing. At it's most basic level, it allows producers to educate consumers about their product offerings in a relatively non-intrusive way. Consider commercials versus tele-marketers. I'd prefer that the companies calling about all their crap would do commercials/banner-ads instead of calling me. That way I won't feel so violated when they pitch their products. When you call me day and night about some crap, even something I might want to buy, I can't just say "I don't wanna hear it, so I won't answer the phone." I pay for my phone, and I do expect that friends and family wanting to talk to me will call me from time to time. With commercials/banner-ads, I can choose to watch the ad, switch the channel, scroll the page, etc if I dont't want to hear your pitch. What I find happens often with both commercials and banner ads, is that since I only see them on the channels/sites where I have an interest,(as opposed to just being displayed on my screen from time to time the aol or geocities way) they are far more likely to be an ad for something I'm interested in. So I'm more likely to listen, read, inquire + buy. In essence what I'm saying is that yes, we do get something back from advertising in the form of: information about new products and services financial support for sites/channels/shows that otherwise would not exist, or would have to charge for access increased competition from content providers to attract and hold our attention (to help bring in the ad revenue of course) sometimes entertaining ads so you see, banner ads, or even cookies, are not the problem. The problem with the double-click thing is that the web surfer is being covertly tracked and logged in their travels around the web. Filtering out _all_ ads/cookies wil not simply subvert doubleclicks attempts at tracking you, but it could stifle the means by which many a web site makes the $$$ to keep serving up that porn^H^H^H^Hcontent, yeah content, that's the ticket. Of course, you are free to chose whether you, or the network you manage, will participate in the whole banner ad/cookies thing. I would be cautious however in choosing to replace banner-ads with banners of your own making. You could be opening a can of worms in regards to redistributing or modifying the copyrighted content of a particular web site. Several web sites have won lawsuits claiming that by altering their content, or putting it in a frame, you are violating their copyright on the content. It's the notion that ISPs have "common carrier" status that grants them some immunity from this kind of suit. However, if you start selectively modifying the ads that come through, you may be crossing that line from ISP for your students, to being a content provider. I would simply allow or deny all ads to keep that line clear. Otherwise, you could simply sell the (cached) banner ad space to advertisers who want to reach your students. Again, an extremely risky proposition. -earl "If Winoze is the answer, can we please have the problem back?"

Re:Opt-Out (Score:1) by Helge Hafting on Wednesday January 26, @06:03AM EST (#267) (User Info)

Consider commercials versus tele-marketers. I can't just say "I don't wanna hear it, so I won't answer the phone. You can - with caller ID. With ISDN you may even set the pc up as a selective answering machine. You can have the pc identify telemarketers by their number and deliver a rude message, while letting the phone ring normally for others. Whenever a new telemarketer get through - add their number to your own datbase. Databases can work for "the little man" too.

Re:Opt-Out (Score:1) by alecto (mwp@acm.org) on Wednesday January 26, @07:42AM EST (#284) (User Info) http://www.cstp.umkc.edu/~mpasser

Except for the regrettable fact that telemarketers have a talent for placing calls from outbound call centers in areas that show up as "out of area." (This avoids the stigma of having blocked caller ID.) I regret that I can't find a citation, but I've heard of at least one instance of RBOCs marketing caller-ID proof outbound lines to telemarketers. Anecdotally, this certainly seems true here. There are countermeasures against telemarketers, just as there are for banner ad tracking: Telemarketing Scum Page technical data. That link contains references to patents on call progress detection and tips on foiling predictive dialers.

Re:Opt-Out (Score:1) by LetterJ (jwynia@earthlink.net) on Wednesday January 26, @10:19AM EST (#330) (User Info) http://home.earthlink.net/~jwynia

In my area, it seems that anyone who is calling from behind a "corporate phone system" comes up "UNAVAILABLE". Unfortunately, that's also what several of my relatives and friend's come up as. The supreme irony came when US West (the provider of my CallerID) called to pitch me additional services and came up as "UNAVAILABLE". LetterJ "If you can't explain it to an 8-year-old, you don't understand it"--Albert Einstein

Re:Opt-Out (Score:1) by sarchasm on Wednesday January 26, @03:05PM EST (#419) (User Info)

Even without caller-ID, you can filter out most phone spam. Most of the time the caller uses an automatic dialer which introduces a noticable delay into the conversation. Answer the phone, say hello... if there's no answer within 1-2 seconds, hang up. High accuracy, and if it was a real call and they really want to talk to you, they'll call back and pay attention this time! ---------------- Overheard: "Aww, why'd you go and install Windows on a perfectly good machine?"

Re:Opt-Out (Score:0) by Anonymous Coward on Wednesday January 26, @03:51AM EST (#217)

Send them an invoice for your time and bandwidth.

Re:Opt-Out (Score:1) by fated (bit@me.now) on Wednesday January 26, @09:38AM EST (#317) (User Info) http://fated.pitfall.org

now we're talking ad space. Think about TV: approximatly 3 commercial breaks in a half hour, say 3 minutes a break (I believe I'm under the real numbers). That's 18 minutes in a half hour, or 30% of broadcast time. Do you pay for cable? Magazines and newspapers aren't quite as bad, but they, too, get frustrating. Fall out ads slips and full page spreads probably account for between 5% to 25% of magazine page space (those are total guesses). In relation, 7.84% ad space on the web doesn't seem quite as bad. Also, these databases seem to be a more specified "target audience" type of idea. Find out who goes where and send advertizements on similar products. It's the same with magazines: you buy MagX one day, get an ad for MadY the next. (also, the grocery store card someone mentioned). It's applying old practices to a new(er) medium. At least, that's what Fate says... At least that's what Fate says... -cc- the guy in the hat

Re:Opt-Out (Score:2) by plunge (cosym@yahoo.com) on Wednesday January 26, @09:40AM EST (#319) (User Info) http://cosym.net

You're missing the point of what the ads are there for in the first place- to pay for the page you're viewing. Doubleclick doesn't put it there and waste your bandwidth- the webmaster of the site you're viewing does because they need the cash. Viewing the ads is part of the "price" you pay to view the site itself. The fact that you (and i) are able to easily opt out is merely a demonstration of how easy it is for us to "steal"- and probably means we'll see more draconian measures in the future by webmasters to ensure that they get the number of banner-views they think they need.

not viewing ads != stealing (Score:2) by xdc (dcerman@verinet.com) on Wednesday January 26, @12:22PM EST (#386) (User Info) http://www.moby.org/

Viewing the ads is part of the "price" you pay to view the site itself. The fact that you (and i) are able to easily opt out is merely a demonstration of how easy it is for us to "steal"- and probably means we'll see more draconian measures in the future by webmasters to ensure that they get the number of banner-views they think they need. "Stealing" is a harsh way to put it. What about people who browse the web with auto-load images turned off? I see nothing wrong with processing downloaded code and data as the user or administrator sees fit. People should in no way be obligated to endure ads or any other objectionable content. The Internet is a public network. By putting up websites and serving requested information to users, site owners are freely offering and releasing information. Users may then store, process, act upon, or discard that information as they see fit. The fact that many sites are sustained by revenue from ads should not deprive users of those basic, reasonable rights. In any case, I think that it is less ethical to covertly track and profile people than for people to set up their software to not request ads or accept cookies. People don't exist for the sole purpose of generating revenue.

Re:not viewing ads != stealing (Score:2) by plunge (cosym@yahoo.com) on Thursday January 27, @05:39PM EST (#491) (User Info) http://cosym.net

I wasn't completely serious about "stealing" but you see my point- if we aren't actually seeing the ad content that companies pay webmasters to display, at some point they'll find out and try to work around it. The alternative may suck much more than what we have now. People aren't obligated to watch commercials on tv either, but companies will go to great lengths to see that their product gets the "views" it wants. This has included paying shows themselves to shill product. It is starting to really effect content of entertainment that relies upon ad dollars to fund itself. I don't know the solution here, but I do think just opting out (as both you and i obviously have a right to do) isn't going to be a stable situation.

advertisers will find a way (Score:1) by xdc (dcerman@verinet.com) on Thursday January 27, @11:47PM EST (#499) (User Info) http://www.moby.org/

Yes, I agree that there is a very real possibility that advertisers will find a way of getting their messages to us even if we filter or opt out of banner ads. I stopped using GeoCities when their pop-ups became unbearable. If a lot more websites resort to doing things more insidious and annoying than banner ads, we'll probably yearn for the good old days of waiting for banners to load so we can see a page. As the web gets XMLified, I expect to see more nifty agent programs that can go out and distill content from the web. The thought has occurred to me, though, that sites may block these agents/bots in the same way that we can block their ads, just to try to force us to view their sites with approved programs that will show us ads. Two can play at this game.

Re:Opt-Out (Score:2) by Kris_J (Kris_Johnson@yahoo.com) on Thursday January 27, @03:49AM EST (#476) (User Info) http://krisjohn.cjb.net

The "Opt-Out" option does not stop the ads from appearing on your screen, it stops the advertising company from tracking your details. The website still gets the revenue... If you want to actually block the ads (on a windows PC), I recommend Proxomitron. Otherwise, Junkbusters. (or adding the appropriate domain blocking to Squid, if used.) I'm the IT guy for a 50+ company. I use Proxomitron personally and I've blocked a number of advertising domains using the company proxy. I also have GIF animation turned off. All in all, I see few ads and even less advertising content. (You'd be surprised the effect just turning off GIF animation has....) [I hereby grant full permission for any and all to retransmit, archive, republish and broadcast all of my postings to Slashdot, past, present and future]

Re:Opt-Out (Score:2) by plunge (cosym@yahoo.com) on Thursday January 27, @05:34PM EST (#490) (User Info) http://cosym.net

but that's exactly what I'm talking about- if you aren't getting the full "ad view" the advert company wants, then at some point they'll find out and either not pay the website owner anymore, or find some other way to force you to see it. Ad companies aren't going to always be fooled by simple hits.

Re:Opt-Out (Score:2) by Kris_J (Kris_Johnson@yahoo.com) on Thursday January 27, @06:42PM EST (#493) (User Info) http://krisjohn.cjb.net

Fine, but that's not "Opt-Out", not in the context of this article. Ad companies are welcome to try whatever tricks they want to expose me to ads, so long as it's legal and above board. Similarly, I use any tricks I can to avoid seeing them. It's a competition and ultimately the result is less important than how you play the game... (In fact, how you are perceived to have played the game is part of the game. DoubleClick took a major risk with the unannounced tracking of personal details, and may have lost this round) [I hereby grant full permission for any and all to retransmit, archive, republish and broadcast all of my postings to Slashdot, past, present and future]

Re:"getting nothing in return????" (Score:1) by acomj (acomjean2@aol.com) on Friday January 28, @09:53AM EST (#502) (User Info) http://members.aol.com/acomjean2

How do you think web pages and those who create them pay for them..? I can't you believe all the pages you view were put on the web at a cost of nothing. Ads help pay for them in the same way they keep the prices of magazines and newspapers low. So in a way they are paying you to view them because you want to view the content (unlike unsolisited email). Yeah adds are annoying, but they're necessary. They'res also the question as "click through" rates fall as they are, whos is going to pay for serving all this content. As for thinking those add are immoral?? Its an advertisment. Do you stop wathcing TV because of ads (which actually waste your time..) On the otherside, doubleclick is a devious company trying to match real address to web cookiew. "Sit back and enjoy the chaos" -Unknown

Re:Opt-Out (Score:1) by Caspuh (caspuh@nospam.caspuh.com) on Wednesday January 26, @01:34AM EST (#156) (User Info) http://www.caspuh.com

Your way would make it harder for sites that DO depend on ads for revenue Maybe if enough people start blocking doubleclick ads, these sites will switch to an advertising company that doesn't violate poeple's privacy?

Re:Opt-Out (Score:1) by the way on Wednesday January 26, @12:38AM EST (#69) (User Info)

I've started blocking web ads a while ago, replacing them by one-pixel blank gifs One problem with this is that it makes some sights' design look wrong, since it assumes the ad exists. You might consider replacing the ads with a blank gif the same size as the original. Also, consider offering two proxies, one which doesn't block ads, so that users can exercise choice.

Re:Opt-Out (Score:1) by in8 on Wednesday January 26, @04:06AM EST (#228) (User Info)

Better yet - replace the ads with company custom ads! Say, Company Picnic June 11th!, Happy holidays from the CEO, The Firewall admin needs a raise....etc... Hmmmm - maybe we can make this into the next IPO? We could call it IntraClick! :-)

Re:Opt-Out (Score:1) by Malcontent (malcontent@msgto.com) on Wednesday January 26, @04:25AM EST (#234) (User Info)

Great Idea! Do unto others what has been done to you

Re:Opt-Out (Score:2) by Kris_J (Kris_Johnson@yahoo.com) on Thursday January 27, @03:53AM EST (#477) (User Info) http://krisjohn.cjb.net

Better yet - replace the ads with company custom ads! That is too cool. Sounds like a good reason to try Junkbusters on one of our servers... Staff would probably much prefer "local advertising" than the totally useless US crap (I'm down under). [I hereby grant full permission for any and all to retransmit, archive, republish and broadcast all of my postings to Slashdot, past, present and future]

Re:Opt-Out (Score:2) by QuMa (fvw+slashdot@var.cx) on Wednesday January 26, @09:31AM EST (#312) (User Info) http://www.var.cx

Just because the images are 1x1 doesn't mean you can't use the HEIGHT and WIDTH options. Though the custom ad idea posted is *way* cooler.

Should we trust Doubleclick not to track us? (Score:4, Insightful) by Mister Attack (hodgepodge@dartmouth.edu) on Wednesday January 26, @12:57AM EST (#107) (User Info) http://www.cs.dartmouth.edu/~attack

It will place a cookie on your computer that'll let you opt out of doubleclick's tracking. The thing is, do we want to trust Doubleclick not to track us personally, even after we opt out? I think it's less than prudent to put that kind of faith in a company that's been decieving us since last year. A simpler (and more thorough) solution: block cookies from doubleclick.net. Hell, if you've got a firewall, block all packets to and from doubleclick.net. I, personally, can't see any reason to connect to a doubleclick server. Who wants the ads anyway? Same thing goes for preferences.com, flycast.com, and any other advertising company. I've been dropping all packets to and from the domains mentioned above, with no significant problems. Of course, I don't get to see those specially targeted banner ads, but I don't really think I'm missing out :) -- Wow. I have LiViD and css-auth here.

Re:Should we trust Doubleclick not to track us? (Score:2, Informative) by god_of_the_machine (ryan (at) thiessen (dot) com) on Wednesday January 26, @01:18AM EST (#125) (User Info) http://www.ryan.thiessen.com/

They could still be tracking us. I just opted out and looked at my cookie files (Netscape 4.7 for Win98) and it didn't set the cookie to a string starting with "OPT_OUT". Here is my cookie strings in Netscape Before: www.doubleclick.com FALSE / FALSE 951372615 q4_popup 1 .doubleclick.net TRUE / FALSE 1920499068 id d7ee54a9 And after... www.doubleclick.com FALSE / FALSE 951372615 q4_popup 1 .doubleclick.net TRUE / FALSE 1920499068 id d7ee54a9 Check this out on other systems/platforms I know on my IE5.5 install, it does set it to "id~OPT_OUT~doubleclick.net/~0~1468938752~31583413~866453120~29321155~*" which doubleclick may still be able to track based on the complex numbers following the OPT_OUT. -- "Progress is the God of the Machine"

Re:Should we trust Doubleclick not to track us? (Score:1) by Mr. Piccolo (justin.kolodziej@vms^H^H^Hmarquette.edu) on Wednesday January 26, @01:35AM EST (#158) (User Info) http://vmsb.csd.mu.edu/~4wg7kolodzie

No change here either, though I just had a .doubleclick.net cookie after I checked. Perhaps it only works on IE? PEACE OR ANNIHILATION, IT'S YOUR CHOICE To mail me, press BACKSPACE where you see ^H.

Re:Should we trust Doubleclick not to track us? (Score:2) by Nodatadj (u07ih@NOSPAM.abdn.ac.uk) on Wednesday January 26, @08:11AM EST (#290) (User Info) http://www.abdn.ac.uk/~u07ih/spamfree/

No change here.... So I just deleted the .doubleclick line, and all the other ad ones.

You have to quit Netscape (Score:1) by mattc (mattc-at-pobox-dot-com) on Wednesday January 26, @10:26AM EST (#336) (User Info) http://pobox.com/~mattc

The cookie file isn't updated until you quit Netscape. Quit Netscape and then look at the cookie file.

Re:You have to quit Netscape (Score:2) by Nodatadj (u07ih@NOSPAM.abdn.ac.uk) on Thursday January 27, @09:11AM EST (#485) (User Info) http://www.abdn.ac.uk/~u07ih/spamfree/

I did. No change. So I deleted the cookies I didn't like and then made the file read-only.

Re:Should we trust Doubleclick not to track us? (Score:2, Informative) by isaac_akira on Wednesday January 26, @01:32AM EST (#144) (User Info)

The thing is, do we want to trust Doubleclick not to track us personally, even after we opt out? I just opted-out, and checked my double-click cookie. It now contains simply "OPT_OUT", with no extra characters (IE 4.5, MacOS). I don't see how they could possibly track my individual site visits with that. I'm actually quite happy with doubleclick about this. I hope they keep their word, and don't send me a new unique id cookie at some point. - Isaac =)

Probably -- misrepresentation & fraud (Score:3, Insightful) by KMSelf (kmself@SPAMmeNOT.ix.netcom.com) on Wednesday January 26, @02:16AM EST (#179) (User Info) http://www.netcom.com/~kmself/

If a company says it's going to do one thing, then does another, then they're open for a whole mess of legal problems -- misrepresentation, fraud, etc. A legal friend of mine is interested in pursuing this idea on the spam front -- include a header which says "this message is not spam", allowing people to filter on it. Including this header (a non-default, BTW) in mail which is spam then becomes legally actionable. Similar logic applies to Doubleclick. Do I give them the chance. No. Yes, the law can be your friend. What part of "Gestalt" don't you understand? sid=moderation

"This is not spam" (Score:2, Insightful) by Robin Lionheart on Friday January 28, @05:50AM EST (#501) (User Info) http://mars.superlink.net/~robinl/

> ...include a header which says "this message is not spam", allowing people to filter on it. I already filter on messages that say "This is NOT SPAM". They go straight to my spam folder. Haven't had a false positive yet.

Re:Should we trust Doubleclick not to track us? (Score:1) by guran (Reply to this@bottom of post) on Wednesday January 26, @02:51AM EST (#193) (User Info)

Hell, if you've got a firewall, block all packets to and from doubleclick.net You did not run into problems with page rendering? I've seen a coupla webpages that did not display at all since a freaking ad server was down. (Yeah I know "If they can't make proper web pages, why should I bother to visit yada yada" Yes, some strange looking pages is a small price to pay to get rid of doubleclicks tracking, but I still wonder All opinions are my own - until criticized

Re:Should we trust Doubleclick not to track us? (Score:2) by Mister Attack (hodgepodge@dartmouth.edu) on Wednesday January 26, @11:10AM EST (#354) (User Info) http://www.cs.dartmouth.edu/~attack

You did not run into problems with page rendering? Well, yes, on some extremely ad-heavy and poorly-designed sites that assumed the ads were there. Small price to pay... -- Wow. I have LiViD and css-auth here.

Doubleclicked opted me back in again! (Score:1) by type2 on Wednesday January 26, @06:26AM EST (#271) (User Info)

I opted out of doubleclick a couple of months ago. Today I went back to their opt-out page to find that I'm opted back in. So I opted out again, but who knows for how long? I will have to take other measures. Of course, I can't provide independently verifiable proof that I did indeed opt out before, or that I was opted in as of this morning. But I know I did. This pisses me off no end. -type2 PS: No, my ip address hasn't changed, and anyway that shouldn't be a problem since they are using cookies, right?

Re:Doubleclicked opted me back in again! (Score:0) by Anonymous Coward on Wednesday January 26, @01:08PM EST (#396)

Were you using Netscape? I use NS 4.7, and I notice that Netscape loses my entire cookie file at least once a month. This is a huge pain in the ass (anyone know why this happens?). In any case, if Double click is setting a cookie that identifies you as someone who has opted out, obviously that cookie will be lost if your entire coookie file gets cleared.

Re:Should we trust Doubleclick not to track us? (Score:1) by Ateran (ateran6@hotmail.com) on Wednesday January 26, @09:38AM EST (#318) (User Info) http://www.ateran.com

If you don't/won't set up a firewall, I suggest junkbuster. Blocks every ad I've come across, and allows cookie filtering. -Ateran

Re:Should we trust Doubleclick not to track us? (Score:2) by Fastolfe (david@fastolfe.net) on Wednesday January 26, @10:41AM EST (#341) (User Info) http://fastolfe.net/

I really don't have a problem with the *ads* themselves. Advertisements are what pays for sites like Slashdot. Blocking them out decreases revenue for Slashdot, so I'm quite happy to leave them in place, so long as they're benign (which seems to not be the case with DoubleClick). Hell, I occasionally (like once every few months) even click on one.

Re:Should we trust Doubleclick not to track us? (Score:1) by Ateran (ateran6@hotmail.com) on Wednesday January 26, @06:44PM EST (#448) (User Info) http://www.ateran.com

Neither do I. I do, in fact feel a little guilty about using junkbuster, because, as you say, they pay for a lot of sites. In fact, every so often I turn it off out of the "kindness of my heart =P". The problem is, and the reason I always turn it back on, that far too many ad servers are really slow, and when you use netscape, they makes you have to wait that much longer just to view the page. I've come across ad servers that take up to a minute just to contact. End result: I turn junkbuster back on, and I *do* find that it speeds up my web access. -Ateran

Cookie Filtering (Score:1) by kcarnold (kcarnold@yahoo.com) on Wednesday January 26, @02:42PM EST (#415) (User Info) http://geocities.com/kcarnold/

I set up a firewall (simple ipchains ... -d ad.doubleclick.net -j DENY) and it was a tremendous pain, especially with IE. In my experience, if IE5 has trouble loading an ad, it will cover the entire page with a location unavailable or something like that error. (I have seen IE only cover the image with the same, but that depends on some things that I don't want to spend my time investigating.) My bigger problem, though, was the problem of a heck of a lot of ad servers under doubleclick.net. I block one, the next day they have a different one and I block that, etc. It gets tiring, and I am still not guaranteed that somehow it isn't sneaking a cookie by (like a 1x1 image the same color as the background or something). I want the ability to block cookies from specific sites. This should be implemented in the browser, and is already sort of implemented in IE through the use of "zones". However, I have found this not to be flexible enough. I want to be able to specifically block cookies from specific sites, or even better, block cookies transmitted along with non-html (i.e. banner ads) content. Since we have the code for Mozilla, why not do it there? A simple list in the user preferences file would be enough to accomplish the desired result. Block cookies that come from *.doubleclick.net. Block all cookies that are attached to things not of type text/html. Or act like IE: only allow cookies from Slashdot, etc. Go ahead and tell me it's already been done and make me feel stupid... or make me happy by saying that you're working on it. If no one else wants to work on it, I'll try it. Can't be that hard. Kenneth (who wishes to remain "anonymous" but is definately not). PS - I don't like out-of-browser filters because (a) they are usually not cross-platform, while good browsers are, and (b) many rely on proxies, which I don't like, not to mention (c) they take up speed and resources on my computer that I don't really want to give away if I can help it. Some users have funny sigs. Not me.

Re:Cookie Filtering (Score:1) by Mister Attack (hodgepodge@dartmouth.edu) on Wednesday January 26, @06:42PM EST (#447) (User Info) http://www.cs.dartmouth.edu/~attack

Actually, IE4.5 (Mac version) allows cookies to be blocked by site. That would be my method if I didn't already have a firewall in place. And I've had very few rendering problems, BTW. -- Wow. I have LiViD and css-auth here.

Re:Cookie Filtering (Score:1) by kcarnold (kcarnold@yahoo.com) on Wednesday January 26, @07:49PM EST (#452) (User Info) http://geocities.com/kcarnold/

IE5/Win lets you do zones, which work all right but it lumps all sorts of other security stuff with it, like Java and ActiveX security. Just because I want cookies to be accepted by all of some subset of sites doesn't mean that for each site I want it to treat my security the same way. Some users have funny sigs. Not me.

Re:Cookie Filtering (Score:1) by bobv-pillars-net (bobv-slashdot@pillars.net) on Friday January 28, @04:10PM EST (#507) (User Info) http://www.pillars.net/

Change it from -j DENY to -j REJECT, and you won't get the delays. REJECT sends an "unreachable" response immediately, whereas DENY just drops the packet, leaving your browser to time-out the connection. hostmaster@pillars.net, geek@large

Re:Cookie Filtering (Score:1) by kcarnold (kcarnold@yahoo.com) on Friday January 28, @06:54PM EST (#509) (User Info) http://geocities.com/kcarnold/

Thanks; the docs I had weren't very clear on this. Some users have funny sigs. Not me.

Re:Opt-Out (yeah... right..) (Score:0) by Anonymous Coward on Wednesday January 26, @01:23AM EST (#131)

Does anyone actually trust them on their 'Opt-Out' option? A while ago they said they weren't tracking users. They lied. Now we should trust them on this? It's equally likely that hitting the 'Opt-Out' link will just get you tagged to receive all sorts of specifically targeted direct marketing 'protect your privacy' junk mail. The real solution requires actually recognizing that our privacy rights apply to databases too. Unfortunately, that might adversely affect the corporations. And whatever the corporations want, they get. After all, that's what they spend all that campaign donation money for. This is why corporations can have secrets "protected" from individuals by the gun wielding state-run police, but individuals have no such right to have their own secrets protected from the corporations (or their databases). If this doesn't make you furious, you aren't paying attention. What we really need is a way to completely "opt-out" of the Abacus Database (and any other database we don't want to be on). And there will need to be some realistic means of enforcement. But so long as we keep electing politicians without principles who will suck up to anything for enough campaign money, nothing short of bloody revolution is going to prevent this trend.

Re:Opt-Out (Score:0) by Anonymous Coward on Wednesday January 26, @01:34AM EST (#154)

This is the opt-out link. It will place a cookie on your computer that'll let you opt out of doubleclick's tracking. #host ad.doubleclick.net ad.doubleclick.net is a nickname for gd23.doubleclick.net gd23.doubleclick.net has address 207.239.35.90 #nmap -sS -O ad.doubleclick.net ing nmap V. 2.3BETA6 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/) Interesting ports on (207.239.35.90): (Not showing ports in state: filtered) Port State Protocol Service 80 open tcp http 443 open tcp https TCP Sequence Prediction: Class=trivial time dependency Difficulty=4 (Trivial joke) No OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi). Not that I would ever advocate anything illegal, of course.

Couldn't the database be poisoned? (Score:2, Insightful) by Anonymous Coward on Wednesday January 26, @01:34AM EST (#155)

Can anyone think of any good scheme to mess up their system? I mean, they're relying on the Internet's participation for populating their database, for linking users to cookies, right? So would there be some cool way for us Internet type folks to poison the database with fake entries, bogus cookies? Make it so they couldnt' tell real visitors hitting legitimate banners from say, an orchestrated champaign of spoofed visitors, visitors who want their privacy kept private? Can this be done? Would this be legal?

Re:Couldn't the database be poisoned? (Score:1) by Malcontent (malcontent@msgto.com) on Wednesday January 26, @04:25AM EST (#236) (User Info)

Should be easy to do with junkbusters it's the "orchestrated champaign" that's hard. Do unto others what has been done to you

Re:Couldn't the database be poisoned? (Score:0) by Anonymous Coward on Wednesday January 26, @04:45AM EST (#244)

Can anyone think of any good scheme to mess up their system? I can think of one particularly nasty way. It's an evil prank you could play by abusing the doubleclick database with bogus data. It also demonstrates the inherent evil^H^H^H^H problem with user tracking databases like this one. Say there's someone at your work you don't like. Say they are happily married. Say they have a deeply religious family. Say you break into their computer. Is there anything preventing you from copying their doubleclick cookie onto your own machine, spoofing their IP address, and then happily clicking away on all the hard core porn sites in the world (or just create a program to do it for you)? I don't think there's any technical reason why this would be impossible. Wouldn't doubleclick's 'targeted marketing' then cause this person to receive all sorts of customized pornographic advertisement on their browser and in their mail? Abacus' database holds their snail-mail address after all; that's what this is all about. I wonder what would happen to the co-worker's happy marriage when their spouse starts seeing all this porn junk mail showing up in the mail box addressed to your co-worker? What happens if you make it look like they've been visiting child pornography sites and the government finds out? I'm not saying anyone should attempt the hypothetical prank just described. I really hope nobody does it to me for posting this (I hope Anonymous Coward really is anonymous). I'm just saying I think it would be possible to do, and it demonstrates the sort of damage that can be done to real peoples lives just because user tracking and databases like doubleclick's exist. Just because doubleclick owns the database doesn't mean they're the only ones who can abuse it. The mere fact of the existence of the database makes this sort of abuse possible. Can this be done? Probably. The trick is not getting caught so they can't just block your bogus data. Or try to punish you for that matter. Would this be legal? I have no idea. Probably not. It's not very nice. It might be worth doing to a few of our elected representatives, directors of the MPAA, or the doubleclick people themselves.

Re:Couldn't the database be poisoned? (Score:1) by B1 (debrcmj@earthlink.net) on Wednesday January 26, @09:46AM EST (#322) (User Info)

Say there's someone at your work you don't like. Say they are happily married. Say they have a deeply religious family...[snip]...Wouldn't doubleclick's 'targeted marketing' then cause this person to receive all sorts of customized pornographic advertisement on their browser and in their mail? Good thinking! Just be careful that it doesn't backfire somehow...I can see it now... "Martha, this is the tenth pornographic banner ad I've seen tonight. The internet has way too much pornography on it. We must ban it, or make censorware mandatory...just think of the children!"

Re:Couldn't the database be poisoned? (Score:2) by orabidoo (see@my.webpage) on Wednesday January 26, @11:34AM EST (#365) (User Info) http://www.iagora.com/~espel/index.html

well, getting their banners and tracking cookies, but removing the cookie every day or more often, is a way of poisoning the db with lots of useless entries; however, these entries will eventually expire (no more hits in a long time => cookie must be lost; not associated to a real name profile => useless, expire it). a stronger way to poison the db would be to have a proxy that randomizes the content of the doubleclick cookie, within its usual syntax. depending on how their system is setup, you could either get ignored in most cases, or manage to assign your hits to other random people's profiles. but you'd need a lot of people doing that to have a significant impact, and most people just don't care enough. hell, *I* don't care enough either; I'm just happy to block them at /etc/hosts.

I own my cookies (Score:1) by dgonz on Wednesday January 26, @04:24PM EST (#433) (User Info)

How can it be illegal to manipulate cookies on your own machine? I can set up anything I'd like on my computer and if they want to read it and shove it in a db, fine. Good luck trying to get anything useful from it though.

Bocking DoubleClick at the firewall ... (Score:2) by Nicolas MONNET (nico@nospam.monnet.to) on Wednesday January 26, @03:56AM EST (#223) (User Info) http://monnet.to

It's amazing how many people do it! A friend of mine, who works as a consultant, does that on EVERY customer's firewall he puts his hands on. Also, I've noticed that KDE's file browser blocks pics from DoubleClick.

Re:Opt-Out (Score:1) by paRcat (Phillip(at)Ryals.com) on Wednesday January 26, @09:31AM EST (#314) (User Info) http://phillip.ryals.com

I decided to do the opt-out thing, and was curious about the cookie that they would send to remedy the situation. I looked at my cookies, only to find 2 from doubleclick.net. One certainly had the opt-out code, but the other was still the same. Not to mention it was the one that would be read if I ever went back. Yet another firewall that blocks their packets... - A man in a coon skin hat with a pig pen wants eleven dollar bills... and you only got ten. -

Opt-Out? A quicker and better solution. (Score:1) by Thorgal (thorgal@amiga.com.pl) on Wednesday January 26, @10:42AM EST (#342) (User Info) http://wfmh.org.pl/~thorgal/

echo "127.0.0.1 doubleclick.net" >> /etc/hosts

Web logs still leak info; opt out *completely* (Score:2) by Tau Zero (spherethis@youknownottoincludethis.yahoo.com) on Wednesday January 26, @11:21AM EST (#360) (User Info)

I have adopted a policy: if an ad site tries to serve me with a cookie, I block that ad site entirely. I never see ads from flycast.com, for example. I'm doing this by hand, mostly for fun, but also as a bit of consciousness-raising on my own part. I'm doing this under IE4.0 at work. The HOSTS file is useless since all HTTP traffic goes through a proxy, but going into the advanced-proxy configuration allows one to specify sites which should not be accessed through the proxy. Routing these to the local network gets them blocked at the firewall, and they time out. This is better than blocking cookies, because the ad site never gets to see an IP address, let alone the http:referrer field. Something to be aware of: Even if you use the write-protected cookie file trick under Netscape, if you accept a cookie it will still be active until the end of your session. This means you will be letting Doubleclick/Abacus connect your hits to your name and home address, at least for the rest of your surfing that day. Blocking all access to Doubleclick costs them a lot more. Slashdot serves a lot of its own ads, which I still see (of course). I will happily patronize Slashdot, because I doubt it is going to sell my private information to anyone or track me between sites. Doubleclick, flycast, bfast, hitbox and the rest are not so friendly, and I think that sites which use their services should not be given the benefit of the doubt (or the revenue). Here's my current blocklist (pardon the formatting): a32.g.a.yimg.com;valueclick.com; mojofarm.sjc.mediaplex.com;www.burstnet.com ad-adex3.flycast.com;ads17.focalink.com; ad.doubleclick.net;ad.uk.doubleclick.net; a1.g.a.yimg.com;ad.preferences.com; barnesandnoble.bfast.com;ads.enliven.com; ads09.focalink.com; view.avenuea.com;ads.i33.com;ads.bfast.com; adserver.track-star.com;ads.admaximize.com; ads24.focalink.com;banners.orbitcycle.com; adforce.imgis.com;service.bfast.com; ph-ad04.focalink.com;leader.linkexchange.com; adex3.flycast.com;Ogilvy.ngadcenter.net; ads18.focalink.com;ads06.focalink.com; van.ads.link4ads.com;view.accendo.com; ads19.focalink.com;ads21.focalink.com; thinknyc.eu-adcenter.net;ph-ad05.focalink.com; ad.doubleclick.net;barnesandnoble.bfast.com; gm.preferences.com;newads.cmpnet.com; ads25.focalink.com;ads22.focalink.com; app-05.www.ibm.com;cookies.cmpnet.com; ads20.focalink.com;idealab-ad.flycast.com; ph-ad07.focalink.com;ads15.focalink.com; ads10.focalink.com;ad.ca.doubleclick.net; static.admaximize.com;ads.dallasnews.com; realmedia.com;www.rbiproduction.co.uk; w131.hitbox.com;ln.doubleclick.net; c1.thecounter.com;ads23.focalink.com; maximumpcads.imaginemedia.com; maximumpcads.snv.futurenet.com; www56.valueclick.com;ads05.focalink.com; kansas.valueclick.com;oz.valueclick.com; ads07.focalink.com;ads12.focalink.com ;ads16.focalink.com;redherring.ngadcenter.net; ads.guardianunlimited.co.uk; media.preferences.com;excite.com; stats.superstats.com;mojofarm.mediaplex.com -- If sarcasm was posted to Slashdot, would anybody notice?

Offtopic: domain sorter script (Score:2) by Speare (e d @ e x p l o r a t i . c o m) on Thursday January 27, @11:58PM EST (#500) (User Info) http://www.explorati.com/people/ed/

#!/local/bin/perl5 # # usage: domain.sort.pl < listofdomainnames > sortedlistofdomainnames # # Sorts by each domain, so all *.com's are sorted together, and # all *.abc.com's are sorted together near the top of all *.coms, etc. # Doesn't sort dotted IP4 addresses well, but doesn't mangle them either. sub reversehost {   my @terms = split(/\./, shift);   @terms = reverse @terms;   join('.', @terms); } sub main {   my @lines = <>;   foreach my $line (@lines)     { chomp $line; $line = reversehost($line); }   @lines = sort { $a cmp $b } @lines;   foreach my $line (@lines)     { print reversehost($line) . "\n"; } } main(); 1; Ed Halley [ e d @ e x p l o r a t i . c o m ]

Re:Opt-Out (Score:1) by mitheral on Wednesday January 26, @11:54AM EST (#371) (User Info)

Hmm, The opt out page is /.'ed to hell and back. Wonder why that is. Maybe people actually do care about this.

doubleclick (Score:3, Insightful) by vectro on Wednesday January 26, @12:21AM EST (#25) (User Info)

You can use a junkbuster proxy to filter out ads. Alternatively, I believe that internet explorer allows you to set the 'doubleclick' domain to be in its own security zone, and then set that zone to not accept cookies. Note also that you will only be associated w/ the database if they have some way to associate you w/ your entry in their database. Once your cookie is there, though, they will know.

Re:doubleclick (Score:1) by the way on Wednesday January 26, @12:40AM EST (#70) (User Info)

I believe that internet explorer allows you to set the 'doubleclick' domain to be in its own security zone, and then set that zone to not accept cookies That's not necessary. Just click here, which places a special cookie on your computer telling Doubleclick not to give you a personalised cookie.

Re:doubleclick (Score:2) by Bob Ince (andrew@oaktree.co.uk.spam) on Wednesday January 26, @04:43AM EST (#242) (User Info)

I believe that internet explorer allows you to set the 'doubleclick' domain to be in its own security zone, and then set that zone to not accept cookies. True, though it is probably wiser to reject all cookies by default and only enable them on sites that you know you need them for. After all, doubleclick might for some reason use a different server name at some point, or an IP address. And doubleclick is not the only potential nasty out there. This problem is so very easily solved. Add "only accept cookies originating from the server that you see in the URL" (ie. that owns the HTML document or top frameset) to browsers like IE that don't have it, and make it the default option for all browsers. Legitimate sites disabled approx. zero. Doubleclick dead in the water. Wonder how much money Microsoft could extort from doubleclick by threatening to do this? :-) Go MS! -- This comment was brought to you by And Clover. (Sorry.)

Block ads and cookies (and tracking) (Score:1, Informative) by zlexiss on Wednesday January 26, @12:21AM EST (#28) (User Info)

Use internet junkbuster.. makes everything better, and now helps protect privacy too :-) http://www.junkbuster.com Good example of quality GPL'd software, even has win32 versions. I've been using it for a while even with a cable link to speed up web page loading and get rid of the ads..

How to avoid the scam (Score:1) by Rasha on Wednesday January 26, @12:23AM EST (#31) (User Info)

If you are running Linux you can compile your kernel with ipchains. This is essentially a firewall package that among other things can filter packets. That is it can block packets coming from or going to a specific url or ip address read the HOWTOS on ipchainsand if needed the kernel HOWTO. Does anyone know all the ip addresses that Double Click uses so that I can set up my firewall to block them?

Database access (Score:1) by BOredAtWork (dsracic at vt.edu) on Wednesday January 26, @12:23AM EST (#32) (User Info) http://www.vt.edu:10021/D/dsracic

So, how can I see what information is available about me in this database? Or can't I? -- Microsoft does have a year 2000 problem. We're it.

prOn habit (Score:0) by Anonymous Coward on Wednesday January 26, @12:23AM EST (#33)

Guess that would be a good reason to stop surfing for prOn huh?

You have mail! (Score:4, Funny) by seandunn (sdunn@SPAM-IS-BAD-M'KAYcalpoly.edu) on Wednesday January 26, @12:24AM EST (#35) (User Info)

What really worries me about this profiling is that sites might get information back from DoubleClick. I can just see it, my Grandmother types in www.whitehouse.com, and since she accidentally checked a box off on Yahoo stating "Please send me spam from anyone who gave us money" she is automatically signed up for the Big Bone of the Day. Well, I'm sure that going a little far, she probably will only be getting free samples of KY jelly in the mail and a free issue of Jonny Leatherpants and his Magic Nipple Clamps. But in all seriousness, I thought the FTC was tring to cut down or make on this kind of thing illegal, *and* with the whole Pentium 3 serial code fiasco, it is painfully clear that people value their privacy on the web. Anyone know of a site or utility to clear out certain cookies like these, but leave the nice ones in like Slashdot?

Re:You have mail! (Score:3, Informative) by Bitscape (bitscape@linuxstart.fuckspammers.com) on Wednesday January 26, @04:18AM EST (#231) (User Info) http://bitscape.festing.org/

Anyone know of a site or utility to clear out certain cookies like these, but leave the nice ones in like Slashdot? I wrote a perl script that does it. You just make a .cookies.allow text file in your home directory, have the script run as a cron job, whenever you start/stop Netscape, or any other time you feel like it. It wipes out all cookies except those from sites specified in the .cookies.allow file. Hope that helps! If train you in the ways of the Source I do, a vi Master you will be

Junkbuster! (Score:2) by sbeitzel on Wednesday January 26, @04:55AM EST (#251) (User Info) http://www.pobox.com/~sbeitzel

You may want to take a look at setting up a Junkbuster proxy server on your web browsing machine. There are proxies for *nix and Win32. I've set 'em up on my FreeBSD box, my NT box, and my Win98 box, then configured my web browsers to use the appropriate proxy. It's sweet!

Re:Junkbuster! (Score:1) by muleboy on Wednesday January 26, @05:51AM EST (#265) (User Info)

Junkbuster allows you to set up a list of "allowed" cookies sites whose cookies can get through. I wish it had an option to pass through when it blocks a link I want, instead of having to edit the configuration or disabling proxy in the browser to see the link.

Re:Junkbuster! (Score:1) by Rob_u (robertm@rojoma.com) on Wednesday January 26, @08:26AM EST (#294) (User Info)

Hm... a special passthrough link on the "blocked site" page. Doesn't sound too hard to code up. I think I'll write that, in fact.

Re:You have mail! (Score:1) by DeadSea (1010SD@LegOstermillerArm.com (Amputate to email)) on Wednesday January 26, @08:25AM EST (#293) (User Info) http://www.ostermiller.com/

I recomend Cookie Pal for windows. It intercepts the cookie alert window and then accepts or rejects the cookie for you based on filters. I don't know what is available for linux. You can get the program at Tucows. They also have several other cookie management tools available. Don't you wish you could play all classic arcade games like Ladder?

Re:You have mail! (Score:1) by SJS on Wednesday January 26, @02:39PM EST (#414) (User Info)

Anyone know of a site or utility to clear out certain cookies like these, but leave the nice ones in like Slashdot? 1. Get rid of your cookies file. 2. Hit those sites that you want to allow cookies from, like Slashdot. (Alternatively, you can just edit the cookies file...) 3. chmod a-w .netscape/cookies (Or whatever your cookie file is.) If you want to add cookies, briefly chmod the cookies file to be writable, hit the site, set the cookies, and then chmod the cookies file again.

This Might Sway Some (Score:1, Funny) by Mignon (satan@programmer.net) on Wednesday January 26, @12:24AM EST (#37) (User Info)

I have it on good authority that DoubleClick uses Linux. Seriously - no trollin'. They may be evil, but they're not all bad... I/O, I/O, it's off to sleep() I go.

Re:This Might Sway Some (Score:1) by DrEldarion (unit_02@secondimpact.stopthespam!.com) on Wednesday January 26, @12:45AM EST (#84) (User Info)

What's with this... Just because they use Linux doesn't mean jack shit. That's saying something like "Well, Hitler once saved a kitten from the cold.. see? he's not all bad!" -- Dr E. -- It's not what it is, it's something else.

Re:This Might Sway Some (Score:2) by Issue9mm (issue9mmAThotmailDOTnospamDOTcom) on Wednesday January 26, @01:32AM EST (#143) (User Info) http://issue9mm.freeservers.com/

Alright alright... This is gonna make me look bad, so before I start, I don't necessarily agree with everything that I say, think, or do. People do things for stupid reasons all the time, and while I haven't identified the stupid reason at stake here, I'm sure I will. On with the ignorance: Y'know, if Hitler saved a kitten from the cold, then, in fact, he WOULDN'T be ALL bad. That's exactly right. In fact, Hitler wasn't ALL bad. There were many GOOD things that he did, that simply happen to be overshadowed by all the VERY BAD things that he did. There is no single person without ANY redeeming qualities, and there are no people that act purely out of [evil|anger|rage|etc]. Nobody (at least that I know of (yes, I know of Manson, et al.) is ALL bad. Everyone has some redeeming quality, no matter how slight. Even Uncle Billy. Thank you for this time to make a fool of myself.

Re:This Might Sway Some (Score:1) by Mignon (satan@programmer.net) on Wednesday January 26, @10:21AM EST (#332) (User Info)

Just because they use Linux doesn't mean jack shit. That's definitely debatable, though someone else already has. My secondary point (aside from tossing out a Linux tidbit) was that lots of us get caught up in our Linux zealotry to the point where we would consider something like this to be a mitigating factor. For a reverse of this example, consider Slashdot. Most of us think they're a pretty cool site, but some have pointed out that in spite of promoting open source, they are not terribly forthcoming with their source. (Yes, I know they just released v.9 - damn irony!) Here's my sociological hypothesis about the quote above (are you listening, Jon Katz?): We've gotten so tightly enmeshed with our digital, binary, logical world, that we can't see that qualities like good and bad are on a continuum. I/O, I/O, it's off to sleep() I go.

Re:This Might Sway Some (Score:0) by Anonymous Coward on Wednesday January 26, @04:34AM EST (#240)

I have it on good authority that DoubleClick uses Linux. Seriously - no trollin'. They may be evil, but they're not all bad... I don't know who your athority is, but mine seemed to tell a different story... ;-) # nmap -O doubleclick.net Starting nmap V. 2.3BETA6 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/) Interesting ports on (208.211.225.89): Port State Protocol Service 25 filtered tcp smtp 80 open tcp http 111 open tcp sunrpc 135 open tcp loc-srv 443 open tcp https 465 open tcp smtps 1030 open tcp iad1 1433 open tcp ms-sql-s TCP Sequence Prediction: Class=trivial time dependency Difficulty=14 (Easy) Remote operating system guess: Windows NT4 / Win95 / Win98 Nmap run completed -- 1 IP address (1 host up) scanned in 43 seconds At least for their web server they don't use linux, and isn't their web server where they send their cookies from?

Re:This Might Sway Some (Score:1) by Mignon (satan@programmer.net) on Wednesday January 26, @09:34AM EST (#315) (User Info)

They have way more than one machine. I/O, I/O, it's off to sleep() I go.

Big Brother (Score:2) by dogbyte12 on Wednesday January 26, @12:25AM EST (#38) (User Info)

I can see a presidential election, 20 years from now, where these ad companies, sell to candidates, the url's their opponents went to when they were in college. But in a way, big brother will be a playing field leveler. If 20 years from now, somebody was running for President, and the only web sites they looked at were /., weather.com, and yahoo, I might be a little weirded out by them. It will ruin the idea of anonymous dialogues, which help in fostering honesty, but also bring along flame wars, but perhaps big brother will be a beacon of freedom in a perverse way. If we all act normally, i.e., not holier than thou, the notion of being watched will be like being ourselves in front of our families. I suggest we all order beer on line, go to playboy.com,(or playgirl for that matter for those so inclined;) order sex toys, join an online cult, and engage in flame wars on a star trek newsgroup by posting doctored naked pictures of our love affair with Spock. Hell, if Bill Clinton has shown us anything, it's that we have at least grown up enough to allow a human being to be president. The internet can allow us to grow as a society. If we act like ourselves, the truth will be less shocking. Isn't that a good thing? George W. Bush-- Not a crackhead since 1974!

Did you read 1984? (Score:0) by Anonymous Coward on Wednesday January 26, @12:50AM EST (#96)

Remember the ending? If not then go read the book and think long and hard about the ending. You should never love Big Brother.

DoubleClick's Opt-Out program (Score:1) by LonEagle on Wednesday January 26, @12:25AM EST (#39) (User Info)

I was considering pasting parts of DoubleClick's "privacy" policy and critiquing them, but it's much easier just to opt out of their little cookie system. They replace their userid string in your cookie with a string: OPT_OUT. If enough people do this, their little database scheme will be worthless... muahahah! http://www.doubleclick.net/optout/defau lt.asp

Re:DoubleClick's Opt-Out program (Score:1) by Gregg M (greggm@wordnet.att.net) on Wednesday January 26, @12:44AM EST (#82) (User Info)

Junkbuster allows you to edit the cookies you send back to certain domains. I like to put the "EICAR-STANDARD-ANTIVIRUS-TEST-FILE". You can put a well worded letter about what they can do with there database. Help Slashdot beat AnandTech and the Russians!

well, there's always ipchains (Score:1, Informative) by Anonymous Coward on Wednesday January 26, @12:25AM EST (#40)

From the ipchains howto: I don't want any local process (ie. Netscape, lynx etc.) to connect to doubleclick.net: # ipchains -A output -d 199.95.207.0/24 -j REJECT # ipchains -A output -d 199.95.208.0/24 -j REJECT http://www.rustcorp.com/linux/ipchains/HOWTO-4.html#ss4.2

I'm still a little confused... (Score:0) by Anonymous Coward on Wednesday January 26, @12:25AM EST (#41)

I can see how the bastards are tracking your surfing trail. I can't see how they're getting your name and address though. Anyone know how they are getting that info? If it weren't for the DMCA, someone out there could reverse engineer their system and create a way to send it bogus data. More proof the DMCA isn't just unconstitutional; it's just plain evil.

I don't think this is always possible (Score:0) by Anonymous Coward on Wednesday January 26, @12:25AM EST (#43)

How do they determine the user ? Most large ISPs (like AOL, etc.) go thru proxy gateways and the user has no unique IP address. Since cookies by themselves don't convey much about the user, how is it that they can get any info that could possibly tie the session to a user's personal information ? I'm a little sceptical about this. Please explain how its done if you actually know.

Re:I don't think this is always possible (Score:2, Informative) by billybob jr (bodell.no.spam@ihatespam.purdue.edu) on Wednesday January 26, @12:48AM EST (#89) (User Info)

When you accept a cookie from a site it is analogous to someone coming up to you and writing on your forehead 19876523. Does 19876523 mean anything in itself? No. But now lets say that the you go to the store and they see 19876523 on your forehead and write it down. Now you go to another store, and they write it down. These stores also write down everything you buy. Now let's say you go to another store and order something they are going to ship to you. They write down 19876523 as well as what you bought as well as your home address and name. Now a company knows what you ate at tacobell, bought at the supermarket, and what you bought at wal mart. Cookies in theory are limited in scope moreso than my example was, because only the company that wrote on your forehead could read the number. Only slashdot can read the cookies it sends to your browser. But, what ends up happening is that web pages use a 3rd party to serve up the banner ads. This 3rd party is the one that sends you the cookie. When you go to another site that this 3rd party is also serving up ads to, they instantly identify you from the old web site. If one of the websites you go to gets your shipping information and they have an agreement with the banner ad company, it's all over.

Re:Forehead (Score:1) by aegypt on Wednesday January 26, @04:25AM EST (#235) (User Info)

Something for the apocalyptically minded out there. Replace "mark" with "cookie" and "forehead" with "harddrive": Revelation 13:16: "He also forced everyone, small and great, rich and poor, free and slave, to receive a mark on his right hand or on his forehead, so that no one could buy or sell unless he had the mark, which is the name of the beast or the number of his name."

Look at it another way (Score:1) by blazer1024 (blazer@i.hate.spam.selectpath.com) on Wednesday January 26, @12:26AM EST (#44) (User Info)

I mean, sure, it's not so great they can track everything we do, but also look at it this way. If they start calling my house trying to sell me something, they're basically wasting my time. Same if they start cluttering my mailbox(both e- and snail) I delete it/throw it away--I already do that. However, if they're doing something like trying to find out what sorts of things I am personally interested in, let them. Wouldn't you much rather receive adds that you might possibly be interested in, rather than aluminum siding adds when you live in a dorm, or coupons for an oil change when you ride a bike to work/school, or internet web server tools when you don't have or want your own web site? (Okay, now I sound like an IBM/Lotus commercial) I mean, seriously... ad companies specialize in one thing, ads. They don't want to blackmail you because you've been buying diamond jewlery online for your mistress, and buying your wife cheap wal-mart stuff. They want more effective advertising. Plus, by showing them what we like, then the businesses trying to make goods we'll buy will concentrate on what people want, rather than what everyone things people want. It's not really anything to be paranoid about. I'm sure half the companies in the world already have my name and address because I've bought something, but I don't care. Let them. Then they can see what I buy, and what I like. Who cares if Doubleclick has access to them now? It's all the better for us, if you ask me.

Re:Look at it another way (Score:1) by znu (znu@znu.dhs.org) on Wednesday January 26, @12:46AM EST (#85) (User Info) http://znu.dhs.org/

They'd need to make strict laws regulating what information can be collected, who can see it, what it can be used for, and how long it can be kept. Until that's done, there's just no way I'll be comfortable with information about me being collected, even though I know there's only a very small chance an actual human will ever see it. -- The revolution will not be televised. You'll have to watch the webcast

Privacy invasion period. (Score:0) by Anonymous Coward on Wednesday January 26, @12:49AM EST (#92)

If I need something, they'll hear from me. Otherwise fuck off. If I ever came into personal contact with these people who would trample my rights and the constitution to make a buck off me I would permanently remove their genetic material from the gene pool.

Discoverable records (Score:0) by Anonymous Coward on Wednesday January 26, @01:06AM EST (#114)

There are three problems with your argument: Data which are collected becomes data which are discoverable. Law enforcement or investigative reporters snooping through my grocery, drugstore, video store, book store,.... receipts is not something I particularly relish. Even if the company doesn't have an interest in the data, individuals there may. Suppose you are a contractor working at a large financial services company and you realize that you have access to information on some jerk who's been annoying the hell out of you online for some time. Name, address, SSN, various account numbers and balances.... Companies are bought and sold. The current management might have one interest, but if an advertising agency is sold to a firm with a different business bent -- for the data held by the advertising firm (stranger things have happened), you now have an entity whose only interest is the data and what it can draw from it. No thanks.

Re:Look at it another way (Score:1) by Helge Hafting on Wednesday January 26, @06:12AM EST (#269) (User Info)

I mean, seriously... ad companies specialize in one thing, ads. They don't want to blackmail you because you've been buying diamond jewlery online for your mistress, and buying your wife cheap wal-mart stuff. They don't want to. Some private investigator might. He breaks in or gets a short-lasting job at the ad company. Then he collects info on thousands of people to find good blackmail candidates. Or maybe he finds the proof your wife hired him to find. Or he calls up the ad company claiming to be a online jewellry seller and could he please buy the dataset for people who have bought at least once?

Um (Score:0) by Anonymous Coward on Wednesday January 26, @12:27AM EST (#46)

I have never used my real name anywhere on the internet, or have had it stored anywhere on my computer. Even in the case of software I have paid for, i enter the name 'Buck Futter'. Switch some of the letters around, I'm sure the DoubleClick motherfuckers would like that one. Eat my shit.

What doubleclick? (Score:3, Interesting) by slashdot-me (slashdot-me@HORMEL.altavista.net) on Wednesday January 26, @12:27AM EST (#47) (User Info) http://www.ryans.dhs.org

[ryan@leia: serial]$ nslookup www.doubleclick.net Server: line.ryans.dhs.org Address: 199.201.131.225 *** line.ryans.dhs.org can't find www.doubleclick.net: Non-existent host/domain Golly, my dns server must be misconfigured :) Ryan sig: learn to spell.

Re:What doubleclick? (Score:1) by interiot on Wednesday January 26, @01:15PM EST (#399) (User Info)

Care to briefly share how you did that? Yours is a nice solution that I could share with my friends localy who don't have a linux box and don't want to install a proxy. --

Re:What doubleclick? (Score:1) by slashdot-me (slashdot-me@HORMEL.altavista.net) on Thursday January 27, @11:19PM EST (#498) (User Info) http://www.ryans.dhs.org

If your friends don't have a unix box to run a dns server they're out of luck. I run a name server (BIND) for my domain ryans.dhs.org. The server is set so it thinks it's authoritative for the doubleclick domain too. Any name lookup on my network gets routed to my dns server for resolution. Since my server thinks it's authoritative for doubleclick it won't attempt to resolve the name and just returns error "no such domain." You might try setting the address for ad.doubleclick.net to 127.0.0.1 in you hosts file. I think windows stores it in c:\windows\drivers\etc\hosts Something like that. Ryan Salsbury sig: learn to spell.

How To Block DoubleClick's Tracking In Two Steps (Score:1) by @Man on Wednesday January 26, @12:28AM EST (#51) (User Info) http://www.ecst.csuchico.edu/~atman

1. Put all DoubleClick's servers in your /etc/hosts file as 127.0.0.1 2. Put all of DoubleClick's servers in your "bypass proxy for" setting in your browser. This will kill both their ads and their cookies. I maintain a web page with a list of their servers and more detailed instructions for unix, windows, and BeOS (with experimental Mac instructions available tonight) using either Netscape or IE at http://www.ecst.csuchico.edu/ ~atman/spam/adblock.html. It is easy and it works great.

Re:How To Block DoubleClick's Tracking In Two Step (Score:0) by Anonymous Coward on Wednesday January 26, @12:49AM EST (#91)

Do you want to shut down all professional sites such as Slashdot.org or my site??? Many small timers depend on the advirtisements to justify spending vast amounts of time maintaining them. That's terrible.. I mean really.. do you have any morals?? Howabout ethics?? Any of those??

It's my computer, not yours (Score:0) by Anonymous Coward on Wednesday January 26, @01:43AM EST (#164)

I use junk buster which has worked better for me than the 127.0.0.1 thing which I've also tried. My monitor, my computer, my net, my electricity, and my time downloading your ads all belong to me. I will *never* intenionally click on *any* banner ads. By dumping ads on me you're wasting my time and *yours* as well. If you're selling impressions (downloaded but unclicked ads for those not in the web ad biz), then you really suck because now you're making money off my time and computer and *I* get _nothing_ for it. If you don't post the content, someone else will. The information wants to be free, not "ad supported". Find a business model that doesn't include killing my time or get off the net.

Re:It's my computer, not yours (Score:0) by Anonymous Coward on Wednesday January 26, @04:58PM EST (#437)

Haha.. with your business model, there will be no sites left.. look you hypocrite.. all the good sites have banner ads.. slashdot, freshmeat, sourceforge ALL OF THEM do you not understand??? why go to these sites if you are just going to rip them off??? Get off slashdot, you don't need it.. don't worry.. according to you someone will make one just as good without banners.

Re:How To Block DoubleClick's Tracking In Two Step (Score:1) by sallen on Wednesday January 26, @02:45AM EST (#190) (User Info)

Opting out of doubleclick is fine here, and if that causes a problem for site that use doubleclick for services, then that's too bad. Ethics you say? Ethical behavoir wouldn't include going through my wastebasket without my premission to put together all my receipts and sell the data with my name and address. How is doubleclick any different. If a RESPONSIBLE advertiser wishes to send me banner ads and that keeps web sites operating and provides them an income, then I'm all for it. Interestingly, as people mention FTC complaints (which is good), one should also remember that doubleclick is now a public company, listed on the stock exchange with a LOT of stockholders that expect to make money. A little bad publicity about a lot of opt-outs, even if only temporarily, can cause a hefty hit to their share price with the way the market acts these days. They're after a buck, and their shareholders are certainly after an increase in revenues...and unlike celebrities, the market DOESN'T like bad publicity for a company, even if the press does spell their name correctly.

old news sorta ... and how to avoid it (Score:2) by MrP- (defsoft[NO@SPAM]gis.net) on Wednesday January 26, @12:29AM EST (#52) (User Info) http://www.microsoft.com/billgates/

I saw on tv a while ago about this, like if you went to a site and entered a contest or something, if you read their disclaimer, way at the bottom it would say it is owned by doubleclick, so once you submitted that form, they now had info to associate with your cookie... but you can go to doubleclick.net, the privacy section, they have an opt-out form so they wont track you, i did that the second i saw this on tv #---------------------------- $mrp=~s/mrp/elite god/g; #----------------------------

Big Brother is watching you surf... (Score:1) by hypergeek (root@127.0.0.1) on Wednesday January 26, @12:30AM EST (#54) (User Info)

If I'm not mistaken, the Supreme Court recently ruled on a similar issue, saying that States' selling of DMV information to 3rd parties was an unconstitutional invasion of people's privacy. If that is the case, then these guys will come toppling down when the courts rule that they're infringing on people's rights... (At least, I hope that the courts will see the glaringly obvious similarities here!) If anybody has the specifics on the aforementioned Supreme Court ruling, please let me know... -Hypr Geeque Direct all flames to the above address... (especially if you're on a large campus/corporate network!)

Re:Big Brother is watching you surf... (Score:1) by billybob jr (bodell.no.spam@ihatespam.purdue.edu) on Wednesday January 26, @01:12AM EST (#121) (User Info)

The DMV selling information is a world of difference from some company doing it. We have to do business with the DMV. We have to give them our address. If you want to drive it is as simple as that. It is indeed wrong for the DMV to be able to sell off personal information for a few bucks, when the "customers" (everyone who wants to drive) have no say over the matter. It should not be illegal for a company to sell information about it's clients. You may not like it, I don't. Let's not do business with them. Let's find another company that is sensitive to our privacy needs. There is no need to get the government involved to force the "one true way" that we believe is right. What would be useful is legislation that would force disclosure of whether or not companies sold the information. We could make a little privacy ribbon .jpg that could be on sites that swore to not release privacy information. Maybe some sort of overseeing body that would revoke the "privacy friendly" status of a company if they acted stupid. My point is that we are not totally helpless here. We can solve the problem. No need to legislate.

Re:Big Brother is watching you surf... (Score:0) by Anonymous Coward on Wednesday January 26, @01:22AM EST (#130)

We can solve the problem. No need to legislate. (To the tune of "Celebrate":) Le-gis-late good times; come on!

Re:Big Brother is watching you surf... (Score:0) by Anonymous Coward on Wednesday January 26, @01:39AM EST (#160)

lol

Edit your cookies (Score:1) by Wabbit on Wednesday January 26, @12:30AM EST (#57) (User Info)

I flush out all of the advertisers cookies on a regular basis. I'm assuming that this will cause them to build up zillions of one off database entries. I'm making some assumptions here about how they do their database. I keep thinking there must be a way to filter what gets exchanged when I go to a web site. I don't want to shut off cookies, too many user id's and passwords. Someone with a little more knowledge about how all of this works may want to comment

Re:Edit your cookies (Score:2) by Mister Attack (hodgepodge@dartmouth.edu) on Wednesday January 26, @01:17AM EST (#123) (User Info) http://www.cs.dartmouth.edu/~attack

Depending on your OS, you have a couple of options(listed in order from my most favorite to least favorite): Use a program that replaces the contents of cookies to sites not specifically allowed with random data. This screws with their tracking and is fun, fun, fun! I am writing such a program for the Macintosh platform first, since that's what I primarily use; Linux support will follow RSN. set up a firewall that drops all packets to and from *.doubleclick.net (firewalls are nice to have anyway, and there's firewall software for every OS on the market) This, BTW, is what I currently do. Use Junkbusters or a similar proxy service. (Win, *nix only) There is also proxy software available for the Macintosh; basically, it sits between your Internet connection and your web browser and filters all the content you don't want (like ads). You can also use proxy software to block Javascript and anything else you don't want. Get all the cookies from the sites you need cookies for (like your Slashdot login), then set the permissions on your cookies file to read-only. Block all cookies. This will stop the tracking, but it will also break some sites. Don't autoload images. Just load the images you want to see manually. Since the cookie is attached to the banner, you don't get the cookie unless you look at the banner. I hope that gave you some nice ideas... -- Wow. I have LiViD and css-auth here.

Let's sue them!!! ;) (Score:1) by Munky_v2 (Munky Underscore v2 at yahoo dot com) on Wednesday January 26, @12:30AM EST (#58) (User Info) http://www.linuxlots.com/~dialug/

This is such crap. I always thought that the whole "you are losing your freedom" stuff was BS, but now with the MPAA and doubleclick pulling this thing, I am going to have to start IP spoofing all the time. I say we need to activley fight this kind of invasion of privacy. IMHO boycotting will not work - stupid people greatly outnumber geeks, and stupid people, 1. don't care about this (because they are too stupid to understand) and 2. don't want to chage there habbits at all (again, because they are stupid and set in their ways). Any ideas on what we can do??? Munky_v2 "Warning: you are logged into reality as root..." Check out our LUG

This looks like a job.. for Junkbuster (Score:1) by urashima on Wednesday January 26, @12:31AM EST (#59) (User Info)

http://www.junkbusters.com/ht/en/ijb.html Configurable site, ad, cookie, and browser query blocking.. Now all I need is an up-to-date blocklist. :)

Re:This looks like a job.. for Junkbuster (Score:1) by Bent_MG (dmiller.ihatespam@elknet.net) on Wednesday January 26, @01:51AM EST (#169) (User Info)

For those of those looking for a good blockfile, here's what i've pieced together over the past few months: http://www.elknet.net/dmiller/blockfile.txt It weighs in at about 19KB, but i'm sure it'll save much more bandwidth than that in a matter of seconds! Enjoy! ;) "Trying is the first step towards failure!" - Homer Simpson

COOKIES ARE EVIL! (Score:1) by Gregg M (greggm@wordnet.att.net) on Wednesday January 26, @12:32AM EST (#60) (User Info)

OK Rob, I don't want to say I told ya so, but... Cookies are they way people track you regardless of the morals behind it. When Mozilla happens we will have individual cookie control. Until then turn your cookies on and set your cookie file to read only. Then I'll need a button (on Mozilla) to set all security funtions for each web site I hit. Help Slashdot beat AnandTech and the Russians!

Oh. My. God. (Score:2) by cancrman (cancrman@hotmail.com) on Wednesday January 26, @12:35AM EST (#64) (User Info)

Wow. I mean sure, this was something that was sorta expected when I first heard about this (some old slashdot story). But after realizine the implications of this I just have to say...Wow. Welcome to a new era of junk mail people. Ultimately that is what this will result in. Okay it might be a little more severe than that, but what I really think will come of this is that a few more of us might be getting doubles of the edmund scientific cataloge. Okay, bad joke. This is serious. And I really wonder how the opt out link that they provide is used. Do you have to opt out for every IP address that you have? I opted out from my work IP but now I'm at home. Does that mean that evey thing I do from here they can track? What about people with dial-up connections? They don't have a static IP. Does this mean that they can't opt out at all? I'm kinda scared of the implications of this. For me I hope that it just means that I'll get more spam on my hotmail account. But still...... Pete The Internet's sole purpose is to get porn and bomb making plans into the hands of children

Re:Oh. My. God. (Score:1) by jesser on Wednesday January 26, @12:56AM EST (#106) (User Info) http://www.palosverdes.com/jesse/

Do you have to opt out for every IP address that you have? No, but you need to opt out for every browser you use. I think the opt-out site explains it fairly well - it gets rid of the unique doubleclick cookie in your browser by replacing it with OPT_OUT, and then leaves it there. Hopefully, they won't find other ways to track you once you no longer have a unique cookie. -- slashdot: I miss my free time, Rob.

Re:Oh. My. God. (Score:1) by joe52 on Wednesday January 26, @01:29AM EST (#137) (User Info) http://EasternSkiing.com

it gets rid of the unique doubleclick cookie in your browser by replacing it with OPT_OUT, and then leaves it there. Hopefully, they won't find other ways to track you once you no longer have a unique cookie. You can also delete the cookie(s) yourself. When I first heard about this story I went through my cookies and deleted a lot of them (including all of them from doubleclick). I also configured my browser to reject cookies from a number of ad networks. I tried doubleclick's opt-out and I am happy to say that it didn't work because they couldn't place another cookie on my system, which seems a lot better that trusting them to keep the opt-out cookie in place. joe

Re:Oh. My. God. (Score:1) by jesser on Wednesday January 26, @01:33AM EST (#152) (User Info) http://www.palosverdes.com/jesse/

You can also delete the cookie(s) yourself. Well, simply deleting the cookie won't solve the problem because next time doubleclick sees your browser come without a cookie, it's going to assign it a new cookie. Blocking cookies from specific sites is an interesting strategy, however.. how do you do it? :) -- slashdot: I miss my free time, Rob.

netscape solution. (Score:1) by radar bunny on Wednesday January 26, @12:36AM EST (#66) (User Info) http://bounce.to/home

All the more reason to use netscape. In netscape, all your cookies are stored in a single text file. Simply open the file and delete everything with a reference to double-click or any other site whose cookie you dont want. Then save the file and change the permisions to read-only. The result is that no more cookes can be placed on your computer. Under Micro$oft I.E. the only option is to find the double click cookie (also a text file) and emtpy its contents and then do the same, but then they wll just give you a new one so its kinda hopeless. On a side note, I wonder how many John Does living at Nil street with a zip code of 12345 they have in their database? it's stange that the internet used to be a place of openess and free exchange of information. Now, these guys give us a reason to lie about everything. The REALY strange thing is that i dont think our privacy is being threatened as much by our government. but big business is sre trying to make it a thing of the past. "I mean, All you can definately say about a fellow who thinks he's a poached egg, is; He's in the minority." James Burke

Re:netscape solution. (Score:1) by nylon66 (yer@mam.org) on Wednesday January 26, @12:46AM EST (#86) (User Info)

Yep -- I've done a different version of this on my Linux box: a Perl wrapper named 'safe-netscape' which runs through the cookies file and ditches all unwanted (i.e. non-Slashdot) lines. Writes the file, starts Navigator. /* The People's Republic of Chocolatey Delicious! */

Time for a new Mozilla module. Any volunteers? (Score:3, Interesting) by Apuleius (ocschwar@nospam.mit.edu) on Wednesday January 26, @12:36AM EST (#67) (User Info) http://udamisha.tep.org

It should be a domain/IP-address based module to remember never to send requests to domains like doubleclick. It should make its way to the preferences section, preferably together with a cookie filter. By making it a standard part of Mozilla, it will pressure Netscape and M$ to copy the feature. This way the user has some control of how much info he gives away by browsing. Anonimizing proxies are also a solution, but it's best to make a .22 pea shooter available to those who don't want to pack a shotgun. Tune out. Turn off. Log in.

Re:Time for a new Mozilla module. Any volunteers? (Score:1) by jesser on Wednesday January 26, @01:04AM EST (#113) (User Info) http://www.palosverdes.com/jesse/

Would it be legal for a company like Netscape to release a browser that blocks a specific company's website, even if it's just an option? I doubt they would block all the ad sites, because www.netscape.com uses a mixture of imgis and aol banner advertisements. Oh, wait, MS does things to break specific other products all the time, and they haven't gotten in any big trouble yet, so it must be ok. Never mind. Add to mozilla. Moderate down. -- slashdot: I miss my free time, Rob.

Re:Time for a new Mozilla module. Any volunteers? (Score:1) by QuantumET (quantumet@hotmail.com) on Wednesday January 26, @02:53AM EST (#195) (User Info)

The feature certainly wouldn't have to come with any preset addresses, or lists. Just a general feature of being able to block requests to certain addresses would be a very welcome addition, even if it is just a listbox in netscape.

Re:Time for a new Mozilla module. Any volunteers? (Score:2) by 1010011010 (1010011010@egcs-n-SPAM.holly-springs.nc.us) on Wednesday January 26, @08:58AM EST (#303) (User Info)

How about this, which is simpler: If I connect to a site, say, http://www.yahoo.com, and it references some content (graphics, whatever) not on a server in "yahoo.com", no cookies are sent. Don't like Echelon? Fight back! Agitate for a Transparent Society!

Fight Back!! Re:Time for a new Mozilla module. (Score:2) by BeBoxer (david-slashdot@themitchells.org) on Wednesday January 26, @09:52AM EST (#324) (User Info)

Actually, I've thought a little bit about this, and I think I 've got an idea that might be a little more fun. Of course, you should be able to specify the domains that you always accept cookies from, and the domains that you never accept cookies from. But, what could be an entertaining third option would be to send a fake cookie to the domain. I'm thinking of some simple configuration where you could set a fixed prefix, and have it add the right number of numbers and/or letters onto the end of it. Lot's of sites just use something simple like: "ID=nnnnnnnnnn". So, you just make up a random number each time you send them a cookie. End result? Their database starts filling up with random junk, and/or their error logs start growing with strange errors. If enough people were doing this, it could become a real headache for the cookie monsters. Another interesting possibility, which is more involved, is some sort of anonymous cookie exchange. When your browser got a new cookie, it could automatically upload it to the cookie exchange server. The server would then send you a whole list of other matching cookies to use randomly. This would prevent the cookie sites from using large cookies with CRC's or MAC's to detect spoofed cookies. Since they would all be real, legit cookies, they would all be accepted by the tracking site. End result? Lots of random records with little to no marketing value. I doubt that Netscape or IE would ever decide to pick up such a feature, but that's the great thing about Mozilla. They don't have to. --------------------- David Mitchell BeDevID: 7425 ---------------------

Great idea! (Score:2) by Brian Knotts (bknotts@europa.com) on Wednesday January 26, @02:32PM EST (#412) (User Info) http://xfmail.slappy.org/

Another interesting possibility, which is more involved, is some sort of anonymous cookie exchange. When your browser got a new cookie, it could automatically upload it to the cookie exchange server. The server would then send you a whole list of other matching cookies to use randomly. This would prevent the cookie sites from using large cookies with CRC's or MAC's to detect spoofed cookies. Since they would all be real, legit cookies, they would all be accepted by the tracking site. End result? Lots of random records with little to no marketing value. I really like this idea. This should definitely be added to Mozilla. The way to combat these sort of practices isn't just to block them, but to make them impractical/unprofitable. New XFMail home page

Protocol (Score:1) by kcarnold (kcarnold@yahoo.com) on Wednesday January 26, @03:11PM EST (#421) (User Info) http://geocities.com/kcarnold/

Missed one important option: selective cookie acceptance. Almost all browsers allow this. Idea for the protocol for such an exchange: The servers would be distributed, like the DNS system. One per ad server or whatever. When a browser receives a cookie: It checks the cookie against the "allow" list. It checks the cookie against the "ask" list. It checks the cookie against the "deny" list. It sends the cookie to the cookie exchange server. The packet to the exchange server would contain at least the following information: Protocol version (for extensibility) Cookie given Site visiting when cookie received (you must be able to opt out of sending this information, for privacy purposes.) The src= for the img tag (possibly a user tag - like/not like) Cookie sending would involve a similar exchange (since the mere presence of a cookie on a computer can be used for tracking without sending another cookie). If a cookie is sent more than once to a site that the user has specifically not said "allow" or "ask" to, it would also be exchanged. On the same subject, if the cookie was originally on the "ask" list when it was received, also ask before sending it back (option to exchange it also). The entire system must be structured to minimize the bandwidth necessary and the time delay in loading the page. This is why exchanging would be done on the receiving side always, and on the sending side sometimes; you can display the page without knowning whether or not to store a cookie, but you may need a cookie to load a page properly. The server would contain information by server as to whether or not scrambling the ID would work, and if it did work, the server would send back a scrambled cookie instead of a "recycled" cookie. The server would also keep track of how many times each cookie was sent so it could even out the averages. It would be necessary to keep users from accidently exchanging a cookie with a username/password in it. Maybe the browser could check whether a form submission included the text from an item whose input type was "password", then either "ask" or "allow" all cookies from that site by user preference. The worst-case scenario would be that the user was not tracked at all. The more likely case is that Internet cookie-based advertising dies. Be careful not to let up your guard if that happens, though. Suggestions for improvements? Ken, eating his cookies Some users have funny sigs. Not me.

Makes me very edgy. (Score:1) by Neuromancer (bacchus@spam.tampabay.rr.com) on Wednesday January 26, @12:37AM EST (#68) (User Info) http://home.tampabay.rr.com/wntrmute/

In a way it makes me queasy and a slight bit paranoid. In another way it annoys me that I've just become more spammable. This wouldn't be such a discomfort if we had more (or any) intelligent user agents to act as go betweens for us. Digital Liasons if you will. Sure, you can block this sort of abuse by using JunkBuster, or even IP chaining rulesets, but for the average user this can be too much work. Anyone have the 411 on browser add-ons that could automagically block this kind of thing? Are there even any such projects in the works? I'd have use of a "stealth" browser. :) .oO[ M$ Strategy: The enemy of my enemy is my enemy. ]Oo.

Yikes! (Score:0) by Anonymous Coward on Wednesday January 26, @12:40AM EST (#72)

I'm not usually one to jump up at privacy concerns - but I think this is pretty serious. Basically what it says, if you shop at a web store that uses DoubleClick's new tracking ads, then DoubleClick can associate the info that you typed in about yourself (name, real&email address, age, purchases, home/work/fax numbers, etc) And whenever you go to another site using DoubleClicks ads, they can read a cookie that was set and append to your profile that you visited the site. In other words, Marketting types would just LOVE this information. Shows all sorts of comparison shopping behavior and opens doors to all sorts of consumer analysis. What we need is a cookie filter to automatically reject DoubleClick cookies (without having to pop up a window for EACH cookie - thats gets rather annoying). I believe that should effectively foil this scheme. Maybe a plugin/patch like that already exists and I just need to find it. (But its sometimes just easier to write a quick perl script! ;) Tom

Arm Yourself Against Spam (Score:2, Informative) by x mani x (mani.ghasemlouATsympaticoDOTca) on Wednesday January 26, @12:41AM EST (#76) (User Info) http://www.cs.mcgill.ca/~mghase

The software package that I prefer using is junkbuster. It is an easy to set up web proxy server that runs on port 8000 ... it is extremely effective at blocking out banner ads, and it also has options for blocking out suspicious cookies, and preventing $HTTP_USER-type variables from being initialized. It is unfortunate that we have to go to the trouble of installing these things, but the only cost of running it is the time it takes you to install the software. on the other hand, you'll be protecting your privacy as well as your bandwidth. "to forgive and forget, i live and regret" -CaveIn http://www.cs.mcgill.ca/~mghase

Doubleclick/Real-Birds of a Feather... (Score:0) by Anonymous Coward on Wednesday January 26, @12:43AM EST (#79)

Here's what this benevolent company known as Doubleclick.net has to say about privacy: Information Collected in Ad Delivery In the course of delivering an ad to you, DoubleClick does not collect any personally-identifiable information about you, such as your name, address, phone number or email address. DoubleClick does, however, collect non-personally identifiable information about you, such as the server your computer is logged onto, your browser type (for example, Netscape or Internet Explorer), and whether you responded to the ad delivered. Now we find out that this is not only a bold-faced lie, but that they are proud and excited about this new opportunity to invade our lives. I for one am sick and tired of these incursions into my web-surfing habits. Sure, bills need to be paid so we can use web sites for free, I understand this. But there is a fine line between that and having some jack ass call me up at dinner time asking me if I'd like to enter in the Getaway 2000 Florida Vacation after his computer auto-dialed me from some massive database somewhere in the country. Why aren't the hackers going after these databases? Come on, do us proud boys! The marketing gurus have overstepped their bounds, and mark my words, it's just beginning. I wouldn't be surprised if some unsuspecting person clicks on a Gore2000 or Bush2000 banner ad and gets a phone call the next day asking for donations to the cause. Or how about you find a nice little banner ad for some church, like the Latter Day Saints, or any religious organization or group- the next week, two smart young missionaries show up at your door. This is ridiculous.

Someone's going to jail! (Score:0) by Anonymous Coward on Wednesday January 26, @12:50AM EST (#95)

Some advice for the DoubleClick suits: When you go to jail, kick someones ass the first day or become someones bitch. On a lighter note, these guys suck a really big, REALLY BIG COCK. This must be stopped, this must be illegal right now! or maybe a class action law suit... mmmm class action law suits *homer drool*

Opt out (Score:1) by rjamestaylor (rjtonlineAToneboxDOTcom) on Wednesday January 26, @12:51AM EST (#99) (User Info) http://home.earthlink.net/~thetaylorfamily

Please forgive me for not reading each post to see if this information is already given, but I'm tired tonight and my wife has had a sick baby all day (and it's my turn...see? I'm rambling). Here's the DoubleClick answer: Opt Out. Follow this link and get an untraceable cookie. At least, that's what they say... They assign you a cookie with the unique id "OPT_OUT" and they leave you alone. Of course, my conspiratorial side says that this will only draw their attention to you for closer surveillance.... :-only kona in my cup-: :-robert taylor-: :-rjtonline@onebox.com-:

Cookie crumbs (Score:4, Interesting) by scotch on Wednesday January 26, @12:53AM EST (#102) (User Info)

I use Netscape version 4.5-7-ish, and I have my settings configured to prompt me before accepting any cookies. This is probably not uncommon among slashdot readers; what is interesting is that when you do this, you really get an appreciation for how much cookies are abused or mis-used out on the web. Here are some of my humble observations on the matter: Most sites that I am personally interested in use very few or no cookies at all Many sites out there use an obscene number of cookies. 10-15 for 1 page is not uncommon. Regardless of whether you object to the privacy issues, this is bad design. I suspect that there are Web Authoring systems out there that enable cookies for every single page, image, and sound clip by default, and many of those cookies are not used for anything useful. Some sites have what I believe is a legitimate purpose for cookies. If I am not mistaken, /. sets only 1 cookie on my machine and from this 1 cookie is able to do all kinds of user specific configuration Other than for legitimate uses (user customation, on-line ordering, etc.,) (in which case I support accepting cookies) rejecting all other cookies on the web will not affect you web-surfing experience 99.44 percent of the time Fortunately, I usually find that sites that use lots of cookies are really not that interesting too me, anyway. Strange coincidence? Of course, regarding the last point, there are some exceptions. I find Netscapes's cookie-handling policy, while better than giving no choice at all, does not offer enough flexibility for my tastes. I would prefer to be able to accept/reject cookies based on a set of filters and rules for domains, transaction types, etc. I believe lynx has some better capabilites than Netscape in this department. Further, I think it would be useful to have a set of switches that are easily accessible on the toolbar that would allow you to toggle cookie policy on the fly. This would be much more useful than the latest Netscape feature, the "Shop" button. What a waste of real-estate. It would be nice to get something like that into Mozilla. I'll start tinkering with the Mozilla source just as soon as it takes less than two hours to download via cable modem ;) Ramble, ramble, ramble.

Shop button (Score:2) by Joe Rumsey (joe at rumsey dot org) on Wednesday January 26, @03:19AM EST (#201) (User Info) http://rumsey.dhs.org

This would be much more useful than the latest Netscape feature, the "Shop" button. What a waste of real-estate. Have you noticed that "Shop" and "Stop" are very similar in appearance, and placed right next to each other on the toolbar? I guess it's only because I turn the images on that bar off, but I think it's kind of funny that they're trying to trick me into clicking "Shop" by mistake when I meant to click "Stop". Do most people turn the images off, or do you like wasting all that space too?

Re:Shop button (Score:1) by scotch on Wednesday January 26, @03:52AM EST (#220) (User Info)

Yes, I've noticed that and am endlessly annoyed by the similarity (I use the text only buttons, saves space). I've hit that "shop" button many times on accident because of the similarity. You have to wonder if that added feature was meant to confuse. Another annoyance with the "shop" button is that it pushes the "stop" button further to the right which is off the edge of my browser at the width I like to run the thing at. Do any time-warner/aol/netscape employees know how to turn that damn shop button off with an X-default setting or something?

Re:Shop button (Score:4, Interesting) by Bradley (bbaetz at student.usyd.edu.au) on Wednesday January 26, @04:21AM EST (#232) (User Info)

From the release notes: You can disable the My Shopping button and Netscape Radio feature by editing the prefs.js file. To disable the My Shopping button, open the prefs.js file and add the following statement: user_pref("browser.chrome.disableMyShopping", true); To disable the Netscape Radio plugin, open the prefs.js file and add the following statement: user_pref("browser.chrome.disableNetscapeRadio", true); Its ~/.netscape/preferences.js on unix, but it works fine.

Re:Cookie crumbs (Mozilla to the rescue?) (Score:1) by in8 on Wednesday January 26, @04:01AM EST (#225) (User Info)

Ah... Mozilla would be cool if we could set which sites we want to reject cookies from! Someone could setup a dble-click-cookie-of-day-RE-server, and the rest of us could then setup webservers to pass that same cookie to other users. This should significantly screw with doubleclick stats! %^)

Re:Cookie crumbs (Score:1) by Convergence (convergence@hypercube.res.cmu.edu) on Wednesday January 26, @04:24AM EST (#233) (User Info)

Better suggestion... (Given by Greyfox above), just write a cookie file with those cookies you want in it, then chmod it to be unwritable. True, it remembers cookies WITHIN the session, but not between sessions. (And given the existing bugginess of netscape, it'll probably disintegrate within an hour anyways). Great suggestion, and what I just did, my cookie file has exactly one entry in it: slashdot.org FALSE / FALSE 4137829385 user %1832.... Though I might put the NYtimes cypherpunk cookie in it later. It is less flexible than what you describe, but a lot simpler. Convergence

Re:Cookie crumbs (Score:2) by !IH on Wednesday January 26, @04:53AM EST (#250) (User Info) http://www.stheno.demon.co.uk

Another thing I have noticed recently is an increasing number of browsers that ignore the rules on accepting invalid cookies. There are a number of criteria that a cookie must fulfil, and if it's invalid, it must be rejected. I'm mainly thinking about the domain setting. From RFC2109: To prevent possible security or privacy iolations, a user agent rejects a cookie (shall not store its information) if any of the following is true: The value for the Domain attribute contains no embedded dots or does not start with a dot. The value for the request-host does not domain-match the Domain attribute. The request-host is a FQDN (not IP address) and has the form HD, where D is the value of the Domain attribute, and H is a string that contains one or more dots. Basically, 1 means you can't set a cookie for .com, 2 means you can't set a cookie for another site, and 3 means you can only set a cookie 'up' on domain (eg www.host.co.uk can't set a cookie for .co.uk) However, I've seen the last one uses more and more by sites, hotmail being one example. One of Hotmail's servers lc2.law5.hotmail.passport.com sets a cookie for .passport.com, which is an invalid cookie, and by rights should be rejected. Of course, if your user agent is correct about cookies, then Hotmail will not work. This may not seem a problem if you usually browse sites with .com etc, but a lot of countries have a sub division for commerical under the country name - eg .co.uk. I don't want a site to be able to set a cookie that is valid for the entire uk commerical network, but currently there are no user agents (bar lynx which alerted me to the problem) that will reject invalid cookies like this. -- Exigo spamos et dona ferentes

Re:Cookie crumbs (Score:1) by pen (digdug@hotmail.com?subject=notspam:[subject]) on Wednesday January 26, @07:17AM EST (#280) (User Info) http://altern.org/digdug/

I would be willing to wager that Opera will reject the cookies, since it adheres to all the specs in other areas, including HTML, CSS, and similar things about cookies. However, I have also had some sites not work because of this. But that doesn't matter, since I block all cookies anyway, except for the ones I need. If you don't do this already, you really should get JunkBuster. Available for Win32 and *nix. -- If you're an Opera Win32 user, you should check out Opman.

Re:Cookie crumbs (Score:0) by Anonymous Coward on Wednesday January 26, @08:35AM EST (#300)

From the netscape javascript guide (http://devedge.netscape.com/docs/manuals/communicator/jsguide4/index.htm), appendix C Only hosts within the specified domain can set a cookie for a domain. In addition, domain names must use at least two or three periods. Any domain in the COM, EDU, NET, ORG, GOV, MIL, and INT categories requires only two periods; all other domains require at least three periods.

Re:Cookie crumbs (Score:1) by DeadSea (1010SD@LegOstermillerArm.com (Amputate to email)) on Wednesday January 26, @08:21AM EST (#292) (User Info) http://www.ostermiller.com/

I would recomend getting a program that works with your browser to filter cookies. If you are a windows user, Cookie Pal is by far my favorite choice. You tell you web browser to tell you about cookies and cookie pal finds that window, intercepts it and handles it according to the filter options you set. I don't know what options are out there for linux but I will probably check them out now since I'm using linux more. Tucows has a nice list of cookie programs. I'd check it out if I were you. Don't you wish you could play all classic arcade games like Ladder?

Re:Cookie crumbs (Score:1) by knutsen on Wednesday January 26, @10:36AM EST (#340) (User Info)

Cookie Pal may be downloaded directly from the vendor, Kookaburra Software.

Re:Cookie crumbs (Score:1) by jamienk on Wednesday January 26, @09:20AM EST (#308) (User Info)

I find Netscapes's cookie-handling policy, while better than giving no choice at all, does not offer enough flexibility for my tastes. I would prefer to be able to accept/reject cookies based on a set of filters and rules for domains, transaction types, etc. Mozilla has pretty good cookie functions already including GUIs with: * The ability to accept/deny cookies based on URL * Similarly, the ability to remember when I reject a cookie from a site * The ability to view/delete individual cookies I believe that there are more powerful capabilities in the JavaScript Prefs file, but no GUI for these.

Re:Cookie crumbs (Score:1) by General Winter on Wednesday January 26, @10:36AM EST (#339) (User Info)

WWWOFFLE offers the functionality and control you desire, and much more. Try it out, it's worth the effort. http://www.gedanken.demon.co.uk/wwwoffle/

Re:Cookie crumbs (Score:1) by Paolo (paolo@ideafuture.con (look closely)) on Wednesday January 26, @04:27PM EST (#434) (User Info) http://www.ideafuture.com

What Mozilla needs is what a little 3rd party MacOS browser upstart iCab has: the ability to ask before accepting cookies, and refuse all cookies from that domain from that point on. It is a lot more useful, because if some horrible site uses 5 cookies, or the admin has put on multiple-retry Apache cookieing it doesn't matter if you keep on hitting cancel, cancel, cancel, because it will take lots of time for them to go away. Any status reports on Mozilla as to whether this is possible with the latest? "In individuals, insanity is rare, but in groups, parties, nations, and epochs it is the rule." -Nietzsche

A Practical Solution (one of em, anyway) for this. (Score:1) by Threemoons (threeILOVEHORMELmoons@usa.net) on Wednesday January 26, @12:56AM EST (#105) (User Info)

Hey...for Win** users at least anyway...go to http://www.thelimitsoft.com and download Cookie Crusher...tastes great, less filling, and it KILLS DOUBLECLICK CRAP DEAD! Works on IE, NS, and Opera! For even more fun use AdsOff (site under renovation; get a copy from someone who has it) Both of these utils are simple to use and stable! If enough people use em it may just force these idiots to be honest... **To Email me, make me not love Hormel anymore.**

Time to Act on Privacy Issues (Score:4, Interesting) by Eric_Grimm on Wednesday January 26, @12:58AM EST (#108) (User Info)

The government is too busy (and ineffectual) to protect individuals' privacy. The alternative most often mentioned in Inside-the-Beltway debates is "industry self-regulation." What this REALLY means is that there are no rules for Commerce to play by and government will just look the other way so long as consumers don't get too upset. It is a recipe for abuse of individual rights on an industrial scale. Is there any alternative to these two options? You bet there is. The alternative is to empower individuals to police their own privacy. People shouldn't have to rely on the Federal Trade Commission or any bureaucratic agency to make sure their privacy is safe. This means making sure that every man, woman, and child has an ENFORCEABLE right to make sure their personal information is not used in a way they have not authorized. It also means making sure that all individuals have swift and certain REMEDIES against any business that (by negligence or deliberately) misuses personal data or fails to protect it. This proposal would not be bad for business. To the contrary, it s essential to the viability of the new economy. Protection for individual privacy just provides a better incentive for business to be truly responsive to customer wants and needs. Pipe dream? Not if enough people demand the rights they should already be able to enjoy. But the deal is ALREADY being cut in Washington next month to prevent YOU from exercisng the rights you should have. Look at the list of panelists on what the Federal Trade Commission calls a "balanced" committee to examine how to protect consumer information. See http://www.ftc.gov/opa/2000/01/asrev.htm -- aside from one or two "token" privacy advocates, the whole panel is dominated by comercial internests -- such as representatives of the Direct Marketing Association AND the law firm that represented it (Piper & Marbury) AND several of its member companies. So what can you do? Call your Member of Congress and both of your Senators. If you're really ambitious, call your state government representatives, too. For each office, get the name of the staffer who handles "Internet Privacy and Medical Privacy" issues. Tell that person that you are a constitutent, that you vote, and that it is important to you for Congress to empower individuals to protect their own privacy on the Internet. Ask if your Congressperson or Senator has a position on this issue, and if so, what that position is. Then point out how you are upset by how the FTC has composed its Advisory Panel principally of industry representatives. Tell your elected officials that you do not feel safe when government agencies puts representatives of the Wolves in charge of writing the rules for protection of the Sheep. If you learn anything particularly interesting on the subject, post it here on /. Other contacts (who may have good ideas on how to get involved in making sure lawmakers make good rules) are Diedre Mulligan at the Center for Democracy and Technology, and Mark Rotenberg at the Electronic Privacy Information Center.

Dataprotection Act : EU and UK (Score:2, Informative) by tubs (craig@tubbyc.freeserve.couk) on Wednesday January 26, @05:24AM EST (#260) (User Info)

There is a nice law in the UK (and EU) called the data protection act. Basically it says you are not allowed to keep inaccurate information, pass on information without my prior consent and when asked you must allow me to view this information. Why doesn't the US do somthing like this? Its not about interfereing with your rights, its to stop business from abusing your information.

Re:Dataprotection Act : EU and UK (Score:0) by Anonymous Coward on Thursday January 27, @02:09AM EST (#473)

The reason is that american companies do not like the idea of being subjected to such a rule. Also, what do you know about the enforcement mechanism for the EU Data Protection Directive? If I am not mistaken, enforcement power remains in the hands of government agencies rather than individuals in the EU.

Re:Dataprotection Act : EU and UK (Score:1) by tubs (craig@tubbyc.freeserve.couk) on Thursday January 27, @01:08PM EST (#488) (User Info)

From what I understand it is up to the goverment to enforce the regulations, specifically the "data protection registrar" who is appointed by the goverment, but is supposed to be independant. The Registrar can then take companies and individuals to court for breaking the Data Protection Act. Yes individuals can be taken to court (for example if someone asked a police friend to "get some details" for them, the Police Officer would be taken to court not the Police Force) From what I understand (I have only browsed the act) hefty fines and Jail terms (for directors etc) are the order of the day, so the registrar does actually have teeth.

Re:Dataprotection Act : EU and UK (Score:0) by Anonymous Coward on Saturday January 29, @10:10AM EST (#510)

There's one tiny problem with the European database laws: they require that companies and individuals report the existance of their databases to their government. The creation of such laws at the end of a century in which governments killed more than 100 million people is breathtakingly obtuse. Someone mentioned the Neatherlands had refused to go join this system; well, maybe they have better memories. A particular activist once related how he got his start: while in basic training (US Army back in the days of the draft), an aquainance told him of an incident he had witnessed as a young boy in the then Nazi occupied Neatherlands. An entire family was executed on the spot in front of their house when the father couldn't produce a pistol that was listed in a government gun registration database. And we all know how the US Census supplied the data to allow the US government to round up Japanese-American citizens after our entry into the war (and before you say this was only a necessary wartime measure, ask yourself why their land and other property wasn't returned to them after the war...).

Re:Time to Act on Privacy Issues (Score:1) by NecrosisLabs on Wednesday January 26, @10:54AM EST (#349) (User Info)

Did anyone else find this comment to be a bit rich: "Moreover, he adds, DoubleClick itself would hand over to privacy advocates the list of participating companies if it could. But as in many lines of business, partners frown when their relationships are disclosed without their permission, he says." Did it cross their minds that other people might feel that way too?

Re:Time to Act on Privacy Issues (Score:2) by warpeightbot (taliesin at-sign speakeasy.org) on Wednesday January 26, @11:49AM EST (#368) (User Info) http://www.babcom.com/~taliesin

Now, what I thought I just read was "Government is ineffectual" followed by "Call your congresscritter." Ummmm, huh? Government is not the answer to individual privacy, just as government is not the answer to individual security. Government can make it easier or more difficult to do these things, but ultimately it comes down to individual responsibility. Frankly, the best way for government to make anything easier is to get the hell out the way and let us do our thing. (Actually, the Europeans' various privacy legislation isn't such a bad attempt, but if you think the American Congress is going to pass any such thing, I have a steak dinner that says you're sadly mistaken.) Folks, our privacy is being taken away with technology. We can use technology (or the lack of it) to fight this. Junkbuster is an excellent example. Refusing supermarket club cards, and choosing who you shop with by how they respect your privacy, is another. Joining EFF, and contributing to other worthy organizations like EPIC, is yet another. We might be able, over time, to bludgeon the rotters in the District O'Crime into respecting us... which is why EPIC and such are worthy causes. But for the nonce, we are far more effective at protecting our privacy as individuals than as subjects of the Imperial Federal Government. IF your congresscritter will listen, talk to him. My last one would not (in fact, she was a Communist... but I digress). But in the short term, protecting privacy is simply a matter of using your head and the word "no"... and voting with your feet. Oh, one way to keep track of issues that I haven't seen posted here before: The Privacy mailing list, which IIRC is a digest of comp.society.privacy (not posting to Usenet is a good way to keep one's email private!), which is available from privacy-request@vortex.com. Simply being aware of what's out there is one of the best ways to run a clean operation. In The Art of War Sun Tsu says that if you know your enemy, and you know yourself, you have already won half the battle. You can use the Net, one of the very things being used to take your privacy, to learn about the enemy. You can learn what it knows about you. And once you do that, you can then figure out how to control it, make it work *for* you. I leave the rest to the reader. -- There is no spoon.

Re:Time to Act on Privacy Issues (Score:0) by Anonymous Coward on Wednesday January 26, @03:45PM EST (#427)

> In The Art of War Sun Tsu says that if you know > your enemy, and you know yourself, you have > already won half the battle. Wait, didn't G.I. Joe say that? Nevermind...

There's Government and there's Government (Score:1) by Eric_Grimm on Thursday January 27, @02:23AM EST (#474) (User Info)

Perhaps you did not read my post carefully enough. As you know, EPIC and EFF are both (to a greater or lesser degree) engaged in discussions about HOW the government should help solve this problem. Your problem is that you make the mistake of thinking of the "government" in monolithic terms. The argument I made is a little more subtle. There are two different approaches to the issue. The one I criticize involves an administrative agency serving as policeman. In other words, if you want a remedy from a merchant, then you have to ask the FTC and the FTC gets to decide whether you get any remedy (in other words, they can tell you they are too busy). The reason I suggest calling Congress is that there is a *second* Governmet solution that works better (especially when COUPLED with technology). The *second* approach involves tha passage of a law that empowers *every single consumer* to act as his or her own "mini-FTC" and to go directly after a merchant. If the merchant doesn't satisfy the customer, then the customer has a right to go to court -- no need to ask the FTC for *permission* first. Get it? There is a difference if you think about it. Now, please re-read the earlier post.

Big Brother 1984 (Score:1, Interesting) by nael (info@shopdifferent.com) on Wednesday January 26, @12:59AM EST (#110) (User Info) http://www.shopdifferent.com

Can anyone say BIG BROTHER IS WATCHING YOU! Orwell warned us about this! Did we listen no! We just stood there and let this merger go through without even saying a word. Yet, today we're here arguing it as if we weren't aware of it. Even if we choose to use netscape or I.E., the damage is already done. All they need is the information that they collected of you on each web site. For example, all you need todo is click on one of those banner ads, they can track whom you are , which web site you visited, where you visited, how long you were there for, what ip address you used, even your user name and email. Its not the goverment we fear regualting the net, its these mega corparations that get bigger and bigger every day. We need regulation to prevent anyone company from dominating this industry and I for one would not mind goverment intervention so long as it protects my rights as a consumer, and as user of the web. Even better lets bring the ACLU involoved in this. Isn't a violation of our civil liberty. (I'm just fumed at this right now). For example, I would not mind seeing is a community on the web thats elected by internet users, since we are the citzens of the net. We can vote for them online and no other form of media or voting method allowed. Lets create our own internet goverment body, that can appeal to both corprate america and protect our rights at the same time. Remeber today its just collecting names and emails, tommorow its collecting your personal profile, whom you chatted with, what messages you posted, what you purchased, what did you use to purchase, and even sell your information to other online retailes. They tel us they want to offer us special discount by authorizing to sell our names to their partners. But, are they doing more harm than good? He that hath a trade, has an estate. (Ben Franklin)

Re:Big Brother 1984 (Score:0) by Anonymous Coward on Wednesday January 26, @04:03AM EST (#226)

Who said you needed to click on the banner ad? With cooperation from sites in the network, they can just track you period.

How many id's can thay give out? (Score:1) by moore (moore@eds.org) on Wednesday January 26, @01:01AM EST (#111) (User Info) http://warez.slashdot.org

when I opted out thay toled me my ID it wasent a very long number. Now I am sure that thay have more then enough id's for every one in the world, probly way more then enough, but what if there were houdreds or thousands of people continusaly making requests for cookies and then deleteing them. How long untill we could exaust there ID space?

Only for Slashdot (Score:1) by solar on Wednesday January 26, @01:10AM EST (#118) (User Info)

I only except cookies from a VERY select group of websites, /. being one of them. Cookies are bad, very bad (except the chocolate chip kind, yum!).

pick one (Score:1) by Len-Brabant on Wednesday January 26, @01:10AM EST (#119) (User Info)

holy cow batman ... big brother internet is stealing our anominity !!! quick robin ... to the batcave! where ya all been ... none a ya listed in the fonebook ... been admitted to or treated @ a hospital ... bought batteries at radio shack, yada yada yada? chrissake lookit all the cameras gawking @ ya, why the hill aren't ya all up in arms about that one? remember ... those who do not learn from their errors are doomed to repeat them! twit filters, hosts.allow, hosts.deny, >/dev/nul (ya, 1 l alias) .*.conf, blah, blah, blah ... been around a long time. use um. or go live in a cave. Len Brabant

Here's the middle ground I'd like to see (Score:5, Interesting) by MattMann on Wednesday January 26, @01:21AM EST (#129) (User Info)

Now, if we could lay some ground rules for trust, I wouldn't mind having ads personalized for me and my tastes. I mean, I like drinking beer, and I don't like cola, so I'd rather see beer ads than cola ads. However, I'd want it to be "relatively" anonymous. That is (random list off the top of my head), I don't care if a computer knows that I have hemorroids, but I don't want a person to be able to look it up I don't mind if a person knows aggregate things like "a beer drinker just saw your ad on Slashdot" but I want to know what they'll know about me if I click on the ad, then I can decide whether to click. A promise of "aggregate" statistics is not good enough: what if the aggregate is "wine drinkers with hemorroids" Promising me "We won't sell your info" is not good enough. "We won't look at it with your name attached" is what I want. If info is shared between different domain names, I want to know. I'd like the "no sharing" promise enforced through merger and acquisition. What if Slashdot goes public and Microsoft acquires it, and the backup tapes? Yipes! I never agreed to that! I would accept promises from companies. I think most are trustworthy enough. But, promising alone is not enough, I want recourse and/or punishment. IRS employees keep getting caught sneaking peeks: the death penalty is what I'd like to see (don't like it? don't peek and even if you are the President (hi Echelon) something they've been known to do) But assuming others aren't that etreme, how about firing, pension loss... something serious. At least tell me what the punishment is. A simpler case to illustrate: I haven't forgiven Real Networks for its spying transgressions, but they could have repaired a lot of trust if they said, "we screwed up, and we are going to delete all the info we grabbed, plus one month worth of all our server logs, and we fired that guy." A more global pet proposal of mine is this: as a compromise between the privacy nuts and data gulpers: if information about me is stored in a database and includes any sort of address/contact information, then the database owner must tell me once a year what they have on me. It would cost only a small amount per person, and if it does not have that much economic value, don't keep it. Then at least the average person would develop an awareness of what's out there.

Re:Here's the middle ground I'd like to see (Score:0) by Anonymous Coward on Wednesday January 26, @04:28AM EST (#237)

Doubleclick has always been, shall we say, "aggressive" towards gathering customer information. A more moderate philosophy is embraced by the up-and-coming company, Engage Technologies. Their avowed policy is best summed up in the quote "Engage doesn't collect or store any personally identifiable data, or any data that is considered sensitive or controversial (medical information, adult content, etc)." Sorry, they won't be targetting hemorroid cream to you any time soon. Despite taking this stance towards privacy, their ad targetting still works well. UNIX geeks will be able to see UNIX ads on Yahoo and other non-UNIX sites since the ad-serving software knows that cookie 1AF48939948FAB399091 (aka you) reads freshmeat.net frequently. It has no idea who cookie 1AF48939948FAB399091 is, and it doesn't need to. Personally, I'd much rather see ads that I have a bat's chance in hell of relating too than the stupid 'punch the monkey' crap. And when I don't feel like wasting bandwidth on any ads at all, there's always JunkBuster.

Re:Here's the middle ground I'd like to see (Score:1) by tietokone-olmi (at-my-home-page-dummy) on Wednesday January 26, @03:05PM EST (#420) (User Info) http://www.pp.htv.fi/~ksandstr/

Umm.... couldn't everyone just lie about their name to the browser that they're using? Although some systems might take the name information from somewhere else, at least GNU and BSD users should be pretty safe. No .sig to see here. Move along, citizen.

Re:Here's the middle ground I'd like to see (Score:1) by MattMann on Wednesday January 26, @03:32PM EST (#423) (User Info)

yes, tricks like that work some of the time. The danger is: if you ever buy anything online, anywhere, using a credit card, and you have a static ip address, forget about cookies and lying in your registrations, you are at risk of being identified everywhere, all the time, very accurately, and tied into your full credit, purchasing, and healthcare histories. I think it would be nice to be able to use e-commerce without this kind of a problem.

Re:Here's the middle ground I'd like to see (Score:1) by Chalst (cas-at-cs.brandeis.edu) on Thursday January 27, @11:45AM EST (#486) (User Info)

I don't think that your proposal would preserve anonymity. It is quite possible to infer who someone is from apparently anonymous information. For example, a point made a while back on the PRIVACY mailing list is that date of birth and ZIP code uniquely identifies a high proportion of US residents.

Re:Here's the middle ground I'd like to see (Score:1) by mftuchman (emefftee@piggy.mindspring.com) on Friday January 28, @12:01PM EST (#504) (User Info)

I know how you feel...When I first got my yahoo mail account for the purpose of receiving primarily commercial email, I was excited about the idea of targeted specific advertisements. I figured - hey - if they want to sell stuff without killing trees, I'd give them the benefit of the doubt. But now my trust has eroded considerably. I question the viability of the middle ground simply because there is nothing to keep these merchants honest. True, they can lose business if word gets back, but it's a big if. Meanwhile they're making money selling your name behind your back and despite lip service to "trust" and "privacy" I'd like to see aggressive enforcement of these trust agreements. Every company must be required to disclose the source of data collected for each person, upon request. Consumers should be allowed to track back and verify who sold their name without permission. Then the heavy fines can begin - it's no different from the no-call lists for telemarketers. If they call you back against your will, you can collect penalties. --- To email me convert phonetic username & remove nonkosher meat.

Lets all use the same cookie! (Score:5, Funny) by Greyfox (nride@uswest.net) on Wednesday January 26, @01:23AM EST (#132) (User Info)

Someone pull the doubleclick cookie out of your cookie file and post it. Then we can all paste it into our cookie file and re-chmod the cookie file to be read only. Then it'll end up just being one person hitting every web page on the planet thousands of times a day (It would actually be interesting to see what kind of junk mail that guy gets after a year.) Someone had to put all that chaos there!

Re:Lets all use the same cookie! (Score:1) by cyanoacrylate (crispin@@myra.com) on Wednesday January 26, @03:04AM EST (#198) (User Info)

Not with my cookie... Maybe you'd like to offer yours up instead??? Or maybe we could steal Bill Gates'. But the best alternative, as mentioned above, is to turf all traffic to and from doubleclick.net at the firewall. (alternative for those without a firewall: set up a http server and set hosts table entry for *doubleclick.* to localhost (requests for doubleclick crap are redirected to your http server, which returns an error)). Damn nested brackets - I hated Lots of Irritating and Silly Parentheses. It was the silliest language I have ever seen! And for the rest of the world, they can wait for the consumer advocacy groups to make this practice illegal (if they can). Happy Surfing!

Re:Lets all use the same cookie! (Score:2) by QuMa (fvw+slashdot@var.cx) on Wednesday January 26, @09:34AM EST (#316) (User Info) http://www.var.cx

are wildcards allowed in /etc/hosts???? (Not that it matters in this case, all doubleclick ads are from ad.doubleclick.net. But that could change).

Serious, Re:Lets all use the same cookie! (Score:2, Interesting) by willitheowl (willitheowl(gmxde)) on Wednesday January 26, @04:00AM EST (#224) (User Info)

I wouldn't rate this funny, since it can be a very good means of boycott. One could create a special cookie (and mail-address) for this purpose and send all the Mail back to all the senders or such stuff. I would have real impact, when some ten thousands have the same identity. One could even fake one global PII-id (with a little hack in the Browser). That could be used to make public what immense amount of data is stored and collect by companies. It would sure get the medias/publics attention. cu, Robert

Re:Serious, Re:Lets all use the same cookie! (Score:2) by Tau Zero (spherethis@youknownottoincludethis.yahoo.com) on Wednesday January 26, @11:49AM EST (#367) (User Info)

One could create a special cookie (and mail-address) for this purpose and send all the Mail back to all the senders or such stuff. I would have real impact, when some ten thousands have the same identity. Many Slashdotters are already doing something like this to news sites like nytimes.com (slashdoted/slashdot or cypherpunk/cypherpunk). However, I don't know how many of them delete their cookies after every session (I do). Failing to delete the cookie allows tracking them upon their return, which I refuse to do. As far as these sites are concerned, I'm a new guy every time. Exchanging cookies (like wearing and swapping masks) is a great twist on this concept. I like it. -- If sarcasm was posted to Slashdot, would anybody notice?

Re:Serious, Re:Lets all use the same cookie! (Score:1) by A.Gideon on Wednesday January 26, @01:14PM EST (#398) (User Info) http://www.gideon.org/andrew/

At least at the moment, the real cookies being used are 8 hex digits representing an increasing value, with the name of 'id'. There's also what appears to be a temporary of A=id that is replaced at the second ad view. I've used a few, but the latest appears to be around d81af???, where the final three digits are missing because...well, guess. So a perfectly valid value would likely be id=d81af000.

Re:Serious, Re:Lets all use the same cookie! (Score:2) by Kris_J (Kris_Johnson@yahoo.com) on Thursday January 27, @04:01AM EST (#478) (User Info) http://krisjohn.cjb.net

One could create a special cookie (and mail-address) The mail address should be postmaster@localhost.com - if someone does a set of cookies for doubleclick et al with this e-mail address, I'd be most interested in using it... [I hereby grant full permission for any and all to retransmit, archive, republish and broadcast all of my postings to Slashdot, past, present and future]

Re:Serious, Re:Lets all use the same cookie! (Score:1) by Kris_J (Kris_Johnson@yahoo.com) on Thursday January 27, @04:02AM EST (#479) (User Info) http://krisjohn.cjb.net

Oops. No ".com" (*sheepish*) [I hereby grant full permission for any and all to retransmit, archive, republish and broadcast all of my postings to Slashdot, past, present and future]

Sure, I'll set up an internet account tonite! (Score:1) by reality-bytes on Wednesday January 26, @04:51AM EST (#249) (User Info) http://REALOS.cjb.net

Seriously, I will, then I'll send you a cookie :)

Re:Sure, I'll set up an internet account tonite! (Score:1) by spodpit on Wednesday January 26, @05:44AM EST (#262) (User Info) http://www.spodpit.freeserve.co.uk/

Assuming that cookies get modified over time depending on where you go, wouldn't it be slightly better to have a group of x people. They start by all using the cookie from person 1, then after a set period of time (1 week - 1 month say) they all start using the copy that person 2 has, then person 3 ... and so on. This way, even if the cookie value changes they'll be denied tracking information!

Re:Lets all use the same cookie! (Score:0) by Anonymous Coward on Wednesday January 26, @07:28AM EST (#282)

Someone pull the doubleclick cookie out of your cookie file and post it. Then we can all paste it into our cookie file and re-chmod the cookie file to be read only. Then it'll end up just being one person hitting every web page on the planet thousands of times a day (It would actually be interesting to see what kind of junk mail that guy gets after a year.) It would be nice if that cookie is associated with the e-mail address of someone at DoubleClick.

OK...everyone use this cookie (Score:2) by Brian Knotts (bknotts@europa.com) on Wednesday January 26, @12:08PM EST (#378) (User Info) http://xfmail.slappy.org/

This one is as good as any, I figure. I just created it by hand: .doubleclick.net TRUE / FALSE 1920499166 id bc2ff937 New XFMail home page

You can do better. :-) (Score:2, Interesting) by Mechanist on Wednesday January 26, @02:17PM EST (#411) (User Info)

Here's an alternate idea that's more appealing from a Discordian sort of perspective.... With a little Perl/Python/whatever hackery, you could easily create a script to randomize you cookie files. It's easy, you just open the file, read the cookie values, change a few random digits here and there, and write it back out. Ideally the new cookie should have the same format as the old one, so that it looks like valid data even though it's random junk. Then set up a cron job to run this script at regular intervals. And set your browser prefs to just accept all cookies, because you know they're going to get scrambled anyway. Voila, every day you are a different person to the likes of doubleclick. But they can't tell that they're getting bogus data, and so they aggressively attempt to target market these random non-persons. The only thing to keep in mind is to periodically quit/restart your browser, so as to wipe out any memory-resident cookies. I did this at my last job, but I lost the script in transition and haven't gotten around to re-creating it. But it's easy for anyone with even a little bit of Perl skill.

Re:You can do better. :-) (Score:2) by Kris_J (Kris_Johnson@yahoo.com) on Thursday January 27, @04:05AM EST (#481) (User Info) http://krisjohn.cjb.net

I remember someone claiming to have written a cookie mangler. It would just randomly change a bit here and a bite there, without any regard for what the cookie was supposed to look like. They said you could then surf to the sound of badly written web servers crashing... [I hereby grant full permission for any and all to retransmit, archive, republish and broadcast all of my postings to Slashdot, past, present and future]

We Await silent Tristero's Empire (Score:1) by Guy Harris (guy@alum.mit.edu) on Wednesday January 26, @01:29AM EST (#136) (User Info)

Don't Ever Antagonize The Horn.

Re:We Await silent Tristero's Empire (Score:2) by Guy Harris (guy@alum.mit.edu) on Wednesday January 26, @01:30AM EST (#139) (User Info)

Sorry about that; not intended to be posted to this thread. Please moderate it and this reply to -1, Offtopic.

Re: Uh. (Score:1) by Kibbled (ikibbles@SPAM.bigfoot.com) on Wednesday January 26, @02:33AM EST (#186) (User Info) http://kibbles.staticky.com

Hmm... and you get moderated... up? Sleep. It does the body good.

IANALAY? (Score:3, Interesting) by ajs (ajs@ajs.com) on Wednesday January 26, @01:30AM EST (#140) (User Info) http://www.ajs.com/~ajs/

Could someone with the legal credentials please explain why this is legal? It seems to me that offering an opt-out on per-user-per-site tracking on a site that I've never visited, but still tracking me should not be legal. Is there anything in the electronic privacy act or any other such legislation that gives the courts a way to stop DC from doing this? There are an awful lot of non-Slashdot users out there who have no idea they are being tracked. If I start finding Web hit logs in my TRW statement, I'm going to be pissed. -- Aaron Sherman (ajs@ajs.com) Perl Guy and Executive Glue Sniffer

Re:IANALAY? (Score:1) by lovebyte (lovebyte2000@yahoo.com) on Wednesday January 26, @05:05AM EST (#254) (User Info)

IANAL either, but I doubt tracking people without their knowledge is legal in the European Union. There is a law on privacy that all 15 EU countries have signed (but one. the Netherlands. Shame on you! It has been said that the average Dutch person has got some information stored about him in 400 databases! Scary.). This law implies that no data should be kept about someone without his/her knowledge. Unfortunately, who's going to sue anyone? The poor web surfer? I don't think so. We need a consumer association to do it. M$Windows users have RSI, Unix users have AWK

Re:IANALAY? (Score:2) by ajs (ajs@ajs.com) on Wednesday January 26, @08:06AM EST (#289) (User Info) http://www.ajs.com/~ajs/

If there truely is a law against this kind of tracking in the EU, then the authorities should be the ones pressing charges. -- Aaron Sherman (ajs@ajs.com) Perl Guy and Executive Glue Sniffer

IANAL either... (Score:1) by joshwa (josh@jwand.dhs.-oh.are.gee-) on Wednesday January 26, @08:51AM EST (#301) (User Info) http://jwand.dhs.org

Could someone with the legal credentials please explain why this is legal? Is there anything in the electronic privacy act or any other such legislation that gives the courts a way to stop DC from doing this? IANAL either, but I've just done a fair amount of research in law reviews, etc., and basically there aren't any laws on the books that cover this. Remember, the right to privacy is not in the Constitution, but was extrapolated by Warren & Brandeis in 1890, and enumerated into 4 torts (Appropration of Likeness for Commercial Benefit (eg product endorsements), Pulic Disclosure of Private Facts (eg tabloid press), Intrusion into Seclusion (eg peeping toms), and False Light (ie imputing upon an individual views not held by said individual)) by subsequent review and case law. There have been innumerable law review articles examining implications of Warren & Brandeis for the online environment, but precious little case law (US vs. Geocities, McVeigh vs. AOL were both settled without a ruling) to flesh out online privacy issues. However, most legal commentators agree (don't have my cites near me at the moment, but I'll provide them upon request) that these 4 torts hold very little authority for online privacy, because the case law surrounding them is very specific (see examples above). It would take a very gutsy judge (and eventually a gutsy Supreme Court) to apply historic privacy case law to the Internet. On top of that, Congress hasn't taken the best approach to legislating privacy; almost all privacy legislation has been piecemeal, addressing a specific technological situation (witness the legislation from the 80's dealing with large centralized 'data banks' and 'data files' that is hopelessly irrelevant now). Congress has not passed and lacks the will to pass (can we say corporate campaign contributors?) sweeping general privacy legislation, or even information privacy legislation. And given the makeup of the FTC panel mentioned above, things are not looking any rosier.

Ok. I'm scared now. (Score:1) by god_of_the_machine (ryan (at) thiessen (dot) com) on Wednesday January 26, @01:43AM EST (#163) (User Info) http://www.ryan.thiessen.com/

Okay... I just was reading this article and thought: "Who cares anyhow? As if they are really tracking me." Co-incidentally, I installed Netscape 4.7 on my machine that only had IE installed. One of the first sites I went to featured a doubleclick ad for Telus, the phone company where I live. I never gave out any information about myself with the new browser, so they are definately tracking beyond just the cookie files. Either they are doing reverse-DNS lookups, or track the fact that I had just been logged in with the same IP with a different browser and made the transistion themselves. Either way, they are good, and it's frightening. Hopefully they don't link me to any pr0n sites... -- "Progress is the God of the Machine"

Re:Ok. I'm scared now. (Score:1) by Megane (btomlin.texas@net) on Wednesday January 26, @10:05AM EST (#326) (User Info)

Co-incidentally, I installed Netscape 4.7 on my machine that only had IE installed. One of the first sites I went to featured a doubleclick ad for Telus, the phone company where I live. I never gave out any information about myself with the new browser, so they are definately tracking beyond just the cookie files. Either they are doing reverse-DNS lookups, or track the fact that I had just been logged in with the same IP with a different browser and made the transistion themselves. Did you fill in your e-mail address as requested when you installed Netscape? They can get that information without using cookies. Then when you connect to them, wham bam, they can give you a freshly baked cookie based on a database lookup of your e-mail address. IMHO, a web browser should be used only for web browsing, and not for reading usenet or email. So I always set my email address to "president@whitehouse.gov" or some similar bogosity. One other possiblity is that they could have looked up your IP block geographically. Even with ISPs that are located in more than one city, the dialups themselves have fixed IP block ranges, so it is not impossible to determine your city from your IP address. It just takes time to build the database. -- tr/@./.@/;

no matchup ? (Score:1) by serialk (-sld@themail.com) on Wednesday January 26, @01:52AM EST (#170) (User Info) http://aboutguide.tripod.com

but how can they tell any relationship if yopuare on anonymously ?

Change in doubleclicks reasoning (Score:1) by puppet10 on Wednesday January 26, @02:02AM EST (#172) (User Info)

One thing I haven't seen mentioned is that this represents a change in what double click says it is trying to do. From their site: Why shouldn't I opt-out? DoubleClick believes all users should have a positive Web experience. Because of this belief, we allow advertisers to control the frequency (the number of times) a Web user sees an ad banner. We believe that frequency control makes advertising on the Web less intrusive by insuring that users are not bombarded with repeat ad messages. Opting-out removes our ability to control frequency of exposure to individual users. How does tracking the surfing habits of individual users and attaching that to a name, address, etc. promote this (false) reason to put their cookie on your system in the first place. Because of this kind of misuse of cookies I turn them off for all sites except the ones I choose to allow to put their cookies on my machine. (Offtopic aside: the security zone idea in IE is really useful when coupled with their add on tools that allow you to restrict or trust a site with a quick click on the menu, is any of this functionallity going into Mozilla? If not it really should)

Help your friends (Score:1, Informative) by Anonymous Coward on Wednesday January 26, @02:10AM EST (#174)

I wrote and sent this e-mail around. Maybe you'll want to do the same and help some other people out. [Note: NYT article was copied and pasted directly below the 3 steps.] Many of you will consider the following steps very valuable. If this e-mail ruins your day, you need a vacation. If you are concerned about your privacy (or lack thereof), I suggest you: 1) READ the article below found on the internet edition of the January 25, 2000 New York Times and credited to CNET News.com. 2) Next, if you so choose, OPT OUT (I did) of the database by clicking here: www.doubleclick.net/optout/default.as p 3) FORWARD this e-mail along to your friends, relatives, acquaintances, enemies and bring this to their attention to give them a CLEAR choice on this important matter. [ARTICLE GOES HERE]

Realy Bad? (Score:0) by Anonymous Coward on Wednesday January 26, @02:11AM EST (#176)

I am not sure, if it's really that bad to get targeted banners. If doubleclick knows my interests and preferences, they can only send aadvertisment for services I am interested in. This is much better than being spammed wirh banners I am not interested in.

Re:Realy Bad? (Score:0) by Anonymous Coward on Wednesday January 26, @03:32AM EST (#210)

If that floats your boat, go for it! In exchange for your customized advertising: Every click is:..FOREVER..FOREVER..FOREVER..FO REVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER ..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FO REVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER ..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FO REVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER ..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FO REVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER ..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FO REVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER ..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FO REVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER ..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FO REVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER ..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FO REVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER ..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FO REVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER ..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FO REVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER ..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER..FOREVER

Information wants to be free (Score:1, Interesting) by Anonymous Coward on Wednesday January 26, @02:16AM EST (#178)

... as another slashdotter says: "that includes your personal information." Take all your MP3 and DeCSS arguments and apply them here: "information wants to be free", "if I can see it then I can rip it", "you can't stop technology", and the blatant lie of "I only do this for legitimate purposes." (that is only a blatant lie for some people ... but it's only a blatant lie for some companies in the consumer tracking business too). See, now Doubleclick is using those arguments right back on you. And as you develop cookie filters and ipchain filters and DNS filters, they'll just develop better tracking tools. Information wants to be free! How does it feel?

Interesting... (Score:3, Insightful) by Millennium (millennium@spam.spam.eggs.bacon.andspam.mac.com) on Wednesday January 26, @02:31AM EST (#185) (User Info)

However, in the end you miss the point. There is a difference between DeCSS and DoubleClick. The difference: DeCSS was made under a non-profit situation. DoubleClick's tracking reeks of commercialism. Information wants to be free. But DoubleClick wants to sell the information. Information it didn't even let the people know it was gathering. There is your difference for you. -Millennium

Re:Interesting... (Score:1) by Rakarra (rakNarraO@SpacbPellA.Mnet) on Wednesday January 26, @09:49PM EST (#458) (User Info)

DeCSS was made under a non-profit situation. DoubleClick's tracking reeks of commercialism. (and) But DoubleClick wants to sell the information. So what? A bad action is still a bad action whether or not you're making money on it or not. I think most objections to privacy violations are those: objections to an invasion of privacy, NOT just that privacy was invaded so someone could sell the information rather than give it away. If doubleclick GAVE away all their information to corporations rather than selling it (almost impossible scenario, since it would be a bad business model, but this is a hypothetical situation), I would still be complaining just as loudly, as would most privacy advocates. Take the NOSPAM out of my address if you're responding by mail..

However... (Score:2) by Millennium (millennium@spam.spam.eggs.bacon.andspam.mac.com) on Thursday January 27, @07:28PM EST (#494) (User Info)

So what? A bad action is still a bad action whether or not you're making money on it or not. Point for your side. But there's one thing: consider motives again. Let's look at DeCSS. Why was it made? It was made so Linux (and other alternative OS users) could play legitimately-purchased DVD's. Yes, you can copy disks, but that was not the intent of the project, nor its primary use. In short, the intent of the act is benign. DoubleClick's info-harvesting exists for one purpose only: to sell the information. Furthermore, to sell it to people who will use it in ways that DoubleClick knows will use it for the sole purpose of doing a primitive psychoanalysis on people and pushing ads based on the results. This is something that no one wants. So the intent is, albeit mildly, malicious. Information wants to be free, yes. But it does not want to be misused. That is the difference between DeCSS and DoubleClick's data-harvesting. -Millennium

Re:Information wants to be free (Score:0) by Anonymous Coward on Wednesday January 26, @04:29AM EST (#238)

That's an intersting point. But I have a slightly different take on it. All information has value to someone, somewhere. These people who enable cookies can't see the forest through the trees. People who've enabled cookies for a long time are *fucked*. But what can you do? I've been warning people about this for years, no-one listens. People think they can "trust" their favorite websites. Gimme a fucking break! Here's some irony. BIG story about cookies and crushing implications on privacy. What do people do? They gripe about it, using their cookie-required accounts! I just don't understand people. Ok, kiddies, one more time: COOKIES ARE EVIL!!! Get it through your thick skulls already.

Re:Information wants to be free (Score:1) by Rakarra (rakNarraO@SpacbPellA.Mnet) on Wednesday January 26, @09:52PM EST (#459) (User Info)

Here's some irony. BIG story about cookies and crushing implications on privacy. What do people do? They gripe about it, using their cookie-required accounts! I just don't understand people. Ok, kiddies, one more time: COOKIES ARE EVIL!!! Ummm, no. Cookies are not inherently evil. They are only a problem if they're used to track you over multiple sites, and slashdot doesn't do that. That's blaming stabbing deaths on knifes -- they have good legitimate uses, but are misused in some cases. That doesn't make them evil. Take the NOSPAM out of my address if you're responding by mail..

Re:Information wants to be free (Score:0) by Anonymous Coward on Wednesday January 26, @04:42AM EST (#241)

okay, information wants to be free.. So I can publish DeCSS and doubleclick can publish my info, if they have it - which they don't because I have doubleclick blocked out like everyone else with any common sense.

Re:Information wants to be free (Score:0) by Anonymous Coward on Wednesday January 26, @10:29AM EST (#337)

So long as we have tcpdump, we will prevail.

ad filtering proxies (Score:1) by kalaleq (nosp-damon-am@jumeaux.bc.ca) on Wednesday January 26, @02:18AM EST (#180) (User Info) http://jumeaux.bc.ca/damon/

does anyone have any thoughts on the various ad filtering proxies out there? i've tried adzapper, which was quite nice but seemed to drop requests from my browser or something every so often, so that the browser would just sit there churning its wheels; i've tried cut the crap but it didn't seem to perform too well, and i've tried various others that just didn't quite seem up to snuff in various ways. to anyone who thinks i'm cheating them out of much-needed revenue, just imagine i'm using lynx. which i do half the time (not now). lynx is nice - no ads, no distracting blinking graphics... all of which have their places, but most of the time they're just annoyances. the thing i hate most about doubleclick and other ad sites like it is the fact that my browser has to make another connexion to their servers, and quite often they seem to be slower than the site i'm visiting. hm, not to mention all those port scans they do to my echo port, which they've told me is to determine which server will serve the ads to me most quickly.. not that it seems to work...

Re:ad filtering proxies (Score:1) by palerider on Wednesday January 26, @12:11PM EST (#381) (User Info)

www.webwasher.com wonderful little piece of software

Re:ad filtering proxies (Score:1) by palerider on Wednesday January 26, @12:11PM EST (#382) (User Info)

www.webwasher.com wonderful little piece of software

Suggestion for a technical solution in Mozilla (Score:0) by Anonymous Coward on Wednesday January 26, @02:30AM EST (#184)

I suggest the following feature to be added to Mozilla: Accept to send cookies to the host where the main page in a HTTP request originates from. For example, if you load a page from www.slashdot.org, and this site includes graphics from www.doubleclick.net, the no cookie should be sent to www.doubleclick.net. However, if the graphics comes from www.slashdot.org, then a cookie can be sent with the request. This should stop some of the problem. Of course, sites can simply proxy the connections to www.doubleclick.net, but I still think this is a technically sound restriction to have in any browser.

Re:Already done... (Score:1) by Krimsen (krimsen@NO_SPAM_FOR_ME_THANK_YOU.acm.org) on Wednesday January 26, @11:22AM EST (#361) (User Info) http://www.3113.com

See this comment.

Mozilla open source solution (Score:2, Interesting) by yuriwho (no@email.please) on Wednesday January 26, @02:34AM EST (#187) (User Info)

The greatest gift that the open source movement can give to consumers will be privacy! A web browser that can protect your privacy. We need a solution that any newbie can use. Just download the browser and you are now anonymous when you want. I noticed many savy posters tell us to set up firewalls and allow/disallow packets from certain IP addresses etc. but we NEED a solution that works for the newbie. Is it possible to do IP spoofing via a browser? Never mind the cookies, they will track us with IP addresses. What I want is a button on mozilla that toggles whether I reject cookies, adds and spoofs my IP address or recieves cookies, ads and sends my real IP for any given site I am looking at, in real time. Is this possible? This may become the biggest issue on the net. Most slashdotters can probably figure out how to avoid tracking but we need a solution for idiots. I would love to hear suggestions. "There's a fine line between stupid and clever" Nigel from Spinal Tap

Anyone looked at DoubleClicks privacy notice? (Score:1, Interesting) by Anonymous Coward on Wednesday January 26, @02:52AM EST (#194)

If no one has looked at DoubleClick's privacy notice, you might find this ironic...this is the first paragraph, first section, first page of the said notice. ##### Starts here ##### Information Collected in Ad Delivery In the course of delivering an ad to you, DoubleClick does not collect any personally-identifiable information about you, such as your name, address, phone number or email address. DoubleClick does, however, collect non-personally identifiable information about you, such as the server your computer is logged onto, your browser type (for example, Netscape or Internet Explorer), and whether you responded to the ad delivered. #### Ends here #### Just thought that is the biggest lawsuit i've ever seen waiting to happen...

Re:Anyone looked at DoubleClicks privacy notice? (Score:2) by JamesKPolk (multivac @ fcmail.com) on Wednesday January 26, @09:30AM EST (#311) (User Info)

This worth noticing.. This should actually be grounds for a class-action suit.

they forgot (Score:1) by happyhamster on Wednesday January 26, @03:13AM EST (#199) (User Info)

... that despite all the hype the Internet in general and web in particular are still based on cooperation between all users. These greedy bastards hear the ecommerce hype and run on the internet and use it as if that's their property. But last time I checked, overwhelming majority of users pay(sometimes a lot) its own money to access it. With all recent abuses of privacy, I'm getting a strong feeling that the abusers must get a hard slap to remind that the internet is about cooperation, not abuse.

browsers (Score:0) by Anonymous Coward on Wednesday January 26, @03:15AM EST (#200)

I think it is about this point that our browsers should really be held responsible. Both Netscape and M$ have given companies this ability to track us, and they also have the ability to stop it. Perhaps a simple solution would be to require more than just an id to access a cookie. For example, if the IP address of the site requesting the IP were also checked, would this doubleclick scheme still work?

Another interesting fact. (Score:1) by pen (digdug@hotmail.com?subject=notspam:[subject]) on Wednesday January 26, @03:24AM EST (#204) (User Info) http://altern.org/digdug/

AFAIK, many of the pay-you-to-watch-banners people use DoubleClick's banners. However, many of them use Microsoft's IE controls for grabbing ads, and the controls use the same settings as IE itself, which includes the proxy settings. With AllAdvantage, I have successfully routed their banners through my proxy and I now have two blank boxes where the banners would be. -- If you're an Opera Win32 user, you should check out Opman.

Simple. No more cookies. (Score:2) by mindstrm (moctodemohtamrtsdnim) on Wednesday January 26, @03:24AM EST (#205) (User Info)

I've always been the one to say people are too paranoid about cookies.. but I suppose that's mainly because of the way the media misrepresents them. All legalities aside.. HTTP cookies were designed the way they were for several reasons, one being anonymity; granted, this wasn't a huge focus, and it's by no means a true security model.. but the spirit was there. IF used appropriately, cookies were very useful. Now.. by tying sites together in this manner.. doubleclick has basically violated that spirit. So.. screw 'em. You know... it would be nice if we had appropriate privacy laws in north america. Something along the lines of: 1) A business may only require information from you that is directly necessary in order to complete the business in a fair manner. 2) This information can *ONLY* be used for the plain and obvious reasons it was given. It cannot be sold or transferred to another party, unless for continuing business reasons (ie: Collection agency so they can collect, lawyers, so they can file suits, but even then, it must remain the business at hand) The video store has your name & number *ONLY* so they know who has their property, so they can come get it when you don't bring it back. 3) The penalties for this information leaking must be *HARSH* 4) You cannot take information from someone to track their behavior/actions unless you state *explicitly and clearly* that this is what you will be doing with said information. (ie: 'points' cards, 'Air Miles', 'Club cards' at grocery store.) 5) Generation of demographics from customer information is fine, so long as those demographics are anonymous. (so it's fair to say that 300 college-age white kids from a 2 mile radius rented horror movies this week, or ate kraft dinner, or whatever.) Folks.. it's not about cramping the freedom of people to keep records.. but those records have to have *some* kind of purpose. Your name and phone number should never be just a *commodity*, to be bought, sold, and traded. In other words.. forming a business to 'track' things in this manner (consumer profiles) is basically like spying! Were you aware this company has a file on you, Mrs. Smith, a foot thick? they know everything about your shopping habits? This is spying, and the citizen deserves to be protected from it. In the end.. don't give your name to people who don't need it. Don't give it just because some clerk *asked*. Don't feel awkward.. make *them* feel awkward. Those grocery store 'discount' or 'club' cards? Do they ID you? no.. *lie* on them. They aren't credit, they aren't monetary.. they just want to track you. web sites.. Guess it's time to remove the cookies permanently.

Privacy Laws (Score:2) by mindstrm (moctodemohtamrtsdnim) on Wednesday January 26, @03:30AM EST (#208) (User Info)

Folks.. this is where the need for good privacy protection laws need to be. And it's not hard to do, either. These laws are fairly straightforward, and simply say that, if you give personal information (name, phone number, address, etc) in the due course of business to a business, they are obliged to *ONLY* use that information in the due course of business. It does not become *their* information to give/sell to someone else. They can keep it on file, but only for themselves, only for the obvious purpose you knew of when you gave it to them. For instance.. radio shack. I buy something.. and the dude asks 'Can I have your name?' I say 'Why do you want it?' he says 'In order to cover the 3 year on-site guarantee on the laptop you just bought, we must record your name and date of purchase and contact info'. Okay.. fine. so I give it to him. Now.. does this not sound like an agreement? A verbal contract? He said what he was going to use this information for. If he uses it for *anything* else, I should be able to sue his ass. Hey... if we make it a high crime to leak this customer information... perhaps they won't even keep it around, as it increases their liability!

Privacy... did anyone else notice? (Score:1) by Esjion (alewis@crackcookies.com) on Wednesday January 26, @09:43AM EST (#320) (User Info) http://www.crackcookies.com

From the article: "Moreover, he adds, DoubleClick itself would hand over to privacy advocates the list of participating companies if it could. But as in many lines of business, partners frown when their relationships are disclosed without their permission, he says." Ok, am I the only one that has a problem with this? The companies involved would frown on their information being passed to us, but through this "service" our information gets passed to them, and most people probably don't even realize their information is being sent (let alone knowing that they can opt out). If they are getting people's personal information, those same people should be able to know who the companies are as well. Why should their privacy be protected while mine is so blatently abused? Oh, wait, they have the money. That's right. btw, mindstrm, do you have a link to these privacy laws? I can go look for them, but thought I would ask.

Re:Privacy... did anyone else notice? (Score:2) by mindstrm (moctodemohtamrtsdnim) on Wednesday January 26, @10:46AM EST (#345) (User Info)

Actually, I believe they are not law at all. I was describing how it should be, not how it is. EU e-commerce laws, apparently, are similar to this though, mainly dealing with credit card info and other stuff. Sorry, I have no link, but I recall that the EU has some policies that to do e-commerce with the EU, you must follow their strict privacy rules. ie: contact/name info can be provided for payment, but it is *forbidden* for the company receiving it to use it for anything else. And you are right.. it is completely screwed up that these companies can tell DoubleClick who *I* am, as their customer, but DoubleClick cannot tell *me* about their customers ;)

Re:Privacy... did anyone else notice? (Score:1) by Esjion (alewis@crackcookies.com) on Wednesday January 26, @01:25PM EST (#401) (User Info) http://www.crackcookies.com

Actually, I believe they are not law at all. I was describing how it should be, not how it is. That's too bad. I liked your description, and I agree that is how it should be. I may have to look into finding a link or additional info on the EU privacy laws - might be interesting to read. Thanks for the info.

Here is a simple solution... (Score:0) by Anonymous Coward on Wednesday January 26, @03:31AM EST (#209)

In netscape go to Edit:Preferences:Advanced and under "Cookies" select "only accept cookies originating from the same server as the page being viewed". This way you effectively have a different identity on every site. For example, double-click can only give a cookie if you visit their site.

Get the word out... (Score:1) by ca1v1n (hidingaway@hotmail.com) on Wednesday January 26, @03:39AM EST (#212) (User Info)

Here's a good Win9x solution for you: Doubleclick (ooh, the irony) on the following as they appear: My Computer C: Windows hosts Ok, Dorothy, you're not in AOL anymore! At this point it may ask you which program to open it with. Don't panic. Scroll down and select Notepad and click Ok. (a single click will do now) Scroll down to the bottom of the file, and on a new line (you might have to hit return!) type the following: 127.0.0.1 doubleclick.net Now hit return once, for good measure (Windows can be so finicky) and then click on the X in the upper right hand corner of the window. It will ask you if you want to save the changes you have made to hosts. Click on Yes, and you're done! Now send this to everyone you know within 10 minutes or your hair will fall out and your significant other will join the roman catholic clergy and a meteorite will fall from the sky and kill you. Yes, this will create some spam, but who knows how much it could save. Besides, you do it all the time anyway. Pain is simply joy we do not yet understand.

Internet == Advertisers? Bullshit. (Score:3, Insightful) by Roundeye (software_dev@hotmail.com) on Wednesday January 26, @03:52AM EST (#221) (User Info) http://127.0.0.1/

I am incensed about this whole "if it weren't for the ad companies, there wouldn't be an Internet" line that gets parroted whenever there's a revelation that another New Madison Avenue corporate shill sells our privacy for a fast buck. It's a load of horseshit. Give me the web minus advertisers any friggin' day. I don't want the ads, and I don't care if the sites that depend on them go away (including this one which I spend so much time on). If that means we go to a micropay system, that's fine with me -- I do however expect my ISP costs to go to $0 -- no InterLATA charge, no upstream provider costs, no "what the hell is that fee for?" -- $0. The advertisers' retort is that they provide a valuable referral service for businesses/websites that would otherwise disappear. If micropay comes onto the scene then so do microcredits for referrals, meaning that the role of advertisers is replaced by a less obtrusive referral system which eliminates the data-hoarding third-party which will continue to sell us out in ever more creative ways. The elimination of ubiquitous advertising would decrease by approximately 10% on average the amount of bandwidth consumed by web traffic. I am paying my ISP costs to fund infrastructure so those amoral cons can get rich? I am supporting their banner services to enable sites, the majority of which I would never even care to go to, to exist on impression revenues? Essentially we have a welfare system where poor sites which could not otherwise exist can rake in money from ad revenues and become hugely profitable (andover anyone?) at the expense of the privacy and bandwidth of net users. Let's go to micropay. Shut down the advertisers. Dump the sites if they can't make a buck. If they can't survive under micropay (i.e., no readers were willing to pay for their content) it is an indication there was nothing there worth paying for (and hence they were abusing this welfare system) anyway. Even under a micropay system many users will prefer to view ads instead of actually paying monetarily for their content (note this is different than not paying). The option of choosing which is the important thing -- a true "opt out": no ads, no doublecross, just "here's your penny, now gimme my page". This would, of course, have to be realized at the ISP level most likely ... My threshold is set to 1. Please post accordingly.

Re:Internet == Advertisers? Bullshit. (Score:1) by jamesl on Wednesday January 26, @01:32PM EST (#406) (User Info)

Sounds like PBS for the internet. Who is going to write the grant request to get it started?

web ad blocking that works! (Score:1) by Scudsucker (geyer@corpse.acm.ndsu.nodak.nospamplease.edu) on Wednesday January 26, @03:55AM EST (#222) (User Info)

The author at this page has compiled a large list of ad servers. You copy the list of domains to your resolve file...all pointing to localhost. Then you go into Netscape and paste a line of the same domains into your "no proxie" settings. Result: your browser will try, and fail, to load any banner adds from the sites included in the list. The author plans to update the page often; the last update was yesterday (1/25). He has instructions for blocking under Linux, Be, Win9x, WinNT, and Mac OS (experimental) with Netscape or IE. Incidentaly, the author published this under the GPL, so feel free to mirror.

MOD PARENT UP - Re:web ad blocking that works! (Score:1) by Northern Hunter on Wednesday January 26, @10:15PM EST (#463) (User Info)

(And mod me down :)

thanks north (Score:1) by Scudsucker (geyer@corpse.acm.ndsu.nodak.nospamplease.edu) on Thursday January 27, @03:23AM EST (#475) (User Info)

too bad I didn't get the message in the first 50 comments instead of 200+. :)

OpenSource or GPLed Perl Proxy? (Score:0) by Anonymous Coward on Wednesday January 26, @04:08AM EST (#230)

Is there a JunkBuster written in Perl? I'd really prefer that because I could modify the blocking regexps and program better...

Re:OpenSource or GPLed Perl Proxy? (Score:0) by Anonymous Coward on Wednesday January 26, @04:49AM EST (#247)

Not PERL, but it is GPL.

Simple, Existing Technical Solution (Score:2) by jetson123 (br_9801 at hotmail dot com) on Wednesday January 26, @04:46AM EST (#245) (User Info)

As far as I can tell, Netscape already has a perfectly good option for not getting tracked: select "Only accept cookies from the same server as the page being viewed." With that option, unless you go to Doubleclick's server, you can never get a doubleclick cookie. And the same is true for any other company that tries to track you across web sites.

Re:Simple, Existing Technical Solution (Score:1) by mckyj57 on Wednesday January 26, @04:49AM EST (#248) (User Info)

Unfortunately, an image is considered to be "the page being viewed". Unless/until this is changed, this is pretty worthless.

are they telling us everything? (Score:1) by Rainer on Wednesday January 26, @05:06AM EST (#255) (User Info)

> DoubleClick defends the practice, > insisting that it allows better targeting > of online ads -- and thus makes > consumers' online experiences at > once more relevant and more profitable > for advertisers. If all they want to do is target their ads they could set up a page where we could customize their ads. (lots of checkboxes) Then they could place a cookie on the users machine that tells them *exactly* which ads to serve to which user. So we could keep our privacy and they could save the costs for maintaining a large database. Just guess why they are not choosing the simple way! -- PGP-Key ID: DSS: 0xB4C11ED9 RSA: 0x682F4f5D -- PGP-Key ID: DSS: 0xB4C11ED9 RSA: 0x682F4f5D

Ad filtering on Windoze (Score:1) by HarryTuttle on Wednesday January 26, @05:11AM EST (#258) (User Info)

Don't think anyone's posted about WebWasher. It's pretty useful and is free for non-commercial use. Don't fight it son. Confess quickly! If you hold out too long you could jeopardise your credit rating.

Anybody have a list of Dblclick sites? (Score:1) by Grabble on Wednesday January 26, @05:21AM EST (#259) (User Info)

Step 1: find list of Doubleclick advertisers Step 2: string-compare to browser's history file Step 3: determine if I've filled out any forms at doubleclick "partner" sites Step 4: holler at said webmaster If you know of a list of Doubleclick sites, kindly post it.

Re:Anybody have a list of Dblclick sites? (Score:2, Interesting) by ardinos on Wednesday January 26, @09:44AM EST (#321) (User Info)

As a former employee of DoubleClick I can help you with some info here. Doubleclick maintains a network of sites that they don't host, but merely provide all advertising for. The network is pretty large and I'll guarantee you've hit thier sites before. Doubleclick when I was there wasn't matching cookies to names and addresses because they knew people would holler like mad if they thought they could be tracked down like that. I don't think you really have to worry about getting junk mail or anything as a result of the info they have. Then again that may have changed in the year since I worked for them, who knows.

Re:Anybody have a list of Dblclick sites? (Score:1) by Grabble on Wednesday January 26, @10:53AM EST (#348) (User Info)

Right. Thanks for replying, though. Flycast publishes a list of all the sites in their network. Does Doubleclick do the same? I'm looking to answer this question... What are all the sites that use to DoubleClick serve any portion of their ad inventory.

Here's A List of Dblclick sites! (Score:1) by blipvert on Wednesday January 26, @04:57PM EST (#436) (User Info)

here is what I found! http://www.doubleclick.com/advertisers/network/net_sites/all_sites/default.htm

Database sabotage (Score:0) by Anonymous Coward on Wednesday January 26, @05:35AM EST (#261)

What do you think if there was a way to just corrupt their database? Then the stuff they were trying to sell would be worthless. I was thinking if there was some way to randomly select from a pool of everyone's Doubleclick cookies then they couldn't really say they had any integrity in the profiles they've created? Fight the power baby! Now on the other hand, I don't really give a care about privacy. Eventually nobody's going to be able to hide anything anyway. But in the mean time, in the mean time this is the paradigm I am in favor of: Any available information about anybody accessable to anyone else, that if you are wanting invasion to my privacy you must submit equivilant private information. Market efficiency thrives on good information, so I understand the reasons for wanting to have this information available. But not forsale, if it's going to be there it needs to be freely available to everyone. That's fair and that's the only option I'm willing to embrace.

What the rest of the internet comunity needs. (Score:1) by HenrysCat on Wednesday January 26, @05:51AM EST (#264) (User Info)

It is ok for people with IT skills who can edit their cookies etc. I let mine be open because it tends to help and I know I can sort it if need be. But the non tecky peeps need help too. Someone should set up a site the maintains a list of bad cookies. Then people having spam problems can visit it once a month and let the site clean out it's bad cookies but leave the good stuff. Anyone seen such a site?

Time for a little Cyberwarfare, anyone? (Score:1) by Sir_Winston on Wednesday January 26, @06:40AM EST (#274) (User Info) http://homestead.dejanews.com/user.sirwinston/files/page1.html

How much continued cookie-shuffling would it take to start making their databases choke and sputter? I'm sure many of the dedicated scripters out there could cobble together something that would cycle through pulling down a lot of banner ad/cookie traffic and deleting it. Now, if just half the readership of Slashdot who have high-speed connections would participate--that'll add up to billions o' cookies for the database, and a lot of server time dedicated to serving up banners a la mode to little old us. Ideas, folks? It is, however, time to take a stand against the AOLified and doubleclicked idea of the Net which corporate America wants to feed us. We pay for this bandwidth, not DoubleClick, so why don't we start showing them how we can use that bandwidth to screw 'em in the arse?

Additional Information & Links (Score:3, Informative) by nlvp (nlvp (at) yahoo (dot) com) on Wednesday January 26, @06:48AM EST (#276) (User Info)

I did a couple of searches in the discussion and couldn't find any of these links, so I thought I'd supply them. DoubleClick's Privacy Policy. Information Collected in the Process of Delivering an ad by DoubleClick Doub leClick "Opt-Out" Option (how-to) info@doubleclick.net email address

rm -rf cookies.txt (Score:2) by kevlar (s391724@gettysburg.edu) on Wednesday January 26, @06:51AM EST (#277) (User Info) http://kevlar.cc.gettysburg.edu

End of story. BlackICE: Not that kind of Crack.

Re:rm -rf cookies.txt -- Not good enough (Score:1) by nlvp (nlvp (at) yahoo (dot) com) on Thursday January 27, @06:30AM EST (#483) (User Info)

As i understand it, this will no longer do the trick for most people. All of us have one or two sites we're members of that we enjoy using. For example, Freeserve are my ISP and their front page has a doubleclick ad on it. Now if I delete my cookies, then log back into Freeserve or another "doubleclick associate", even if they're not displaying doubleclick ads to me, the next time I do see a doubleclick ad, the doubleclick server will recognise an associates cookie in my cookies.txt file and go and ask that associate who I am. At that point, they can link up everything they learn about me now to all the knowledge they have accumulated in the past. This is why connecting that database has removed the privacy from internet surfing. For privacy, you have to shun all cookies forever, and sites like Yahoo, the Motley Fool and Slashdot require cookies in order for their system to remember you're a member.

What is with this?! (Score:1) by browser_war_pow on Wednesday January 26, @07:09AM EST (#278) (User Info) http://digitalheresy.tripod.com

I think Congress needs to outlaw this stuff altogether. It is one thing for an ecommerce stuff to track me on their site so that they can help me find cool stuff, but this is nothing close to something positive like that. Why do these people think that they have a right to get rich off of selling, using and abusing my personal information?! Welcome to the 21st century: megacorporations crush personal liberty and individual rights and the government calls it "capitalism"

Ad blockers (Score:0) by Anonymous Coward on Wednesday January 26, @07:19AM EST (#281)

I use the JunkBuster and Proxomitron proxy servers together to block ad banners and cookies. Here are some others too. http://www.junkbusters.com/ http://www.junkbusters.com/ht/en/ijb20.zip http://www.webwasher.com/ http://www.webwasher.com/en/software/wwash/downloa1.htm?submit=I+agree http://www.naviscope.com/ http://www.naviscope.com/nscope.exe http://www.clasohm.com/leanweb/ http://lide.punknet.cz/miri/adbuster.html http://www.ispec.net/adext/ http://members.tripod.com/Proxomitron/download.html http://www.meta.demon.co.uk/webmask/download.html http://home.comset.net/povarov/proxy.html http://www.geocities.com/SiliconValley/Heights/5287/ http://ourworld.compuserve.com/homepages/gtschech/ijb95_en.htm http://waldherr.org/junkbuster/ I recommend WebWasher or Naviscope to less experienced users and JunkBuster or Proxomitron to experts. The hosts file and Netscape's proxy.pac are other methods of blocking.

Suggested new open source browser feature (Score:1, Insightful) by Anonymous Coward on Wednesday January 26, @07:31AM EST (#283)

I would love to see open source browsers configurable to lie about cookies to a list of domains that you choose. The lies could come from the configuration as well. That would allow the browser to come with a set of pre-configured generic cookies for a variety of sites. Obviously, they should end up in the databases next to the name J. Random Hacker, with an e-mail address of jrandom@invalid.domain.con.

No need for hysteria (Score:1) by .uuo on Wednesday January 26, @07:51AM EST (#286) (User Info)

DoubleClick tracks people using a unique identifier in a cookie. DoubleClick has no way of matching that cookie with any peronally identifiable information unless *you* provide them with the information, either directly or indirectly. "Indirectly" means you register with a site and it passes your name,etc., to DCLK using redirection. If you don't want DCLK to match your name to your cookie, don't give them your name. Check the privacy policies of any website before giving out your name. Sue the websites who violate their privacy policies. Better yet, opt out of tracking. If you are paranoid about having your behavior tracked, then never buy anything using a credit card. And never fill out product registration cards or enter contests which require your name. All of that information finds its way into databases such as those maintained by Abacus and Experian.

Ad and cookie blocking for Windows (Score:2) by Paul Johnson (paul@treetop.demon.co.uk) on Wednesday January 26, @07:57AM EST (#287) (User Info) http://www.treetop.demon.co.uk

I am, for various reasons, constrained to using Windows. To stop this stuff, and also save on bandwidth, I use AtGuard. It filters cookies on a per-site basis, and also blocks access to URLs containing certain sub-strings (which can also be configured on a per-site basis). Overall a really cool and useful program which deserves to be far better known. Unfortunately I've just discovered that WRQ (the creators of AtGuard) have sold the rights to Symantec, and its now part of Norton Internet Security 2000 for almost twice the price of just AtGuard. But you get a virus scanner as well. Ho hum. Paul. You are lost in a twisty maze of little standards, all different.

Automated "Cookie Cutter" (Score:0) by Anonymous Coward on Wednesday January 26, @08:26AM EST (#295)

I put this 0,5,10,15,20,25,30,35,40,45,50,55 * * * * $HOME/bin/auto-cookie-cutter >/dev/null in my personal crontab. And wrote this... #!/bin/sh # auto-cookie-cutter: get rid of unwanted cookies netscapeHome="$HOME/.netscape" cookieFile="$netscapeHome/cookies" noCookieList='^\.?linkexchange\.com|^\.?doubleclick\.net' egrep "$noCookieList" $cookieFile >/dev/null || exit 0 cp -p $cookieFile $cookieFile.bak || exit egrep -v "$noCookieList" $cookieFile >$cookieFile.new || exit mv $cookieFile.new $cookieFile So even if doubleclick or linkexchange does try to leave me cookies, they won't be very long-lived! Heh heh heh.

Hypocrits to the highest degree. (Score:1) by oddRaisin (odd_raisin@hotmail.com) on Wednesday January 26, @08:31AM EST (#298) (User Info)

'Moreover, he adds, DoubleClick itself would hand over to privacy advocates the list of articipating companies if it could. But as in many lines of business, partners frown when their relationships are disclosed without their permission, he says.' ... From the article on USA today. Hmmm. Dare I ask why it's ok to disclose my relationship to a site I'm browsing without my permission? They seem to be more than just a little hypocritical and arogant (obvious, Joe Blow isn't worth applying ethics to).

How to get rid of doubleclick (Score:2) by David A. Madore (david.madore@ens.fr) on Wednesday January 26, @09:12AM EST (#305) (User Info) http://www.eleves.ens.fr:8080/home/madore/

A hint: cat >>/etc/hosts <<'EOF' 127.1.0.1 ad.doubleclick.net EOF cat >>/etc/httpd/conf/httpd.conf <<'EOF' <VirtualHost 127.1.0.1> ServerName ad.doubleclick.net AliasMatch .* /home/httpd/icons/spam.gif </VirtualHost> That's what I've been doing for the last year or so. It is just sooo pleasant. Also, it reduces the load times somewhat. And you can customize your spam.gif icon. If you aren't root on the machine you use, you have to LD_PRELOAD a bogus gethostbyname() that will similarly redirect ad.doubleclick.net. I've done this, but it's a pain. Another solution, of course, is to use a proxy such as junkbuster. Unfortunately, I know no proxy that has satisfactory HTTP/1.1 semantics.

Re:How to get rid of doubleclick (Score:2) by David A. Madore (david.madore@ens.fr) on Wednesday January 26, @09:24AM EST (#310) (User Info) http://www.eleves.ens.fr:8080/home/madore/

Rats. I forgot the <pre> tag doesn't work in Slashdot. Well, you can probably understand anyway.

Re:How to get rid of doubleclick (Score:1) by Sternn (sternn@NOSPAM.gothic.net) on Wednesday January 26, @11:56AM EST (#373) (User Info) http://www.gothic.net/~cptstern

I have been blocking doublclick for months now. If you use a firewall on your network, you can not only block themm, you can find out everywhere they are. FW1 does a nice job of hiding real IP's behind a fake Ip, which I use to catch all attempts from doubleclick (and other sites attempting to send/scan a users information). The scary thing is, they are not the only large company out there that is doing this...

Our privacy is already gone... (Score:2, Interesting) by artemis67 on Wednesday January 26, @09:12AM EST (#306) (User Info)

The mad rush to collect marketing data has already crashed on top of consumer privacy like a tsunami. While this DblClick news is upsetting, it's only a small step forward from what has already occurred. You can't do ANYTHING USEFUL on the web these days without filling out a user profile. For example, last night I went to do a Smart Update for Netscape, and I was asked to first create an email account by filling out a profile (What?!? I just want the stupid software update, not a long-term relationship!). Windows 98 has a feature where it can now download via the internet the latest drivers for your computer...but first, tell us about your first born. The problem is so bad that the Mac version of IE has an AutoFill button to give out all of your personal info with a single click (granted, a nice feature, but the very fact that it rates inclusion in the program says something about how often surfers have to fill out profiles). Don't look for the big battle, because consumers have already lost the war in the trenches.

And if you still don't trust them (Score:2) by drix on Wednesday January 26, @09:31AM EST (#313) (User Info)

If you still don't trust DoubleClick after opting out (heh, and why shouldn't we? ;) please check out the Internet Junkbuster Proxy, a proxy server which will filter out almost every banner ad and cookie on the net. Privacy guaranted, and it works with Squid and whatever other HTTP proxy you use. I've been using it for months; works like a charm. -- Slade.

Corrupt the data (Score:1) by Keepiru on Wednesday January 26, @10:05AM EST (#327) (User Info)

Even better than blocking the ads, would be corrupting the data that they retrieve. A cron job that randomly changes your cookie for them every 5 minutes, or a proxies that randomly changes it should do the trick.

Grep -v on your cookies file... (Score:0) by Anonymous Coward on Wednesday January 26, @10:12AM EST (#328)

I help some novices, and they are lothe to turn off cookies. Instead, I just purge doubleclick from thier cookies file each time they start the machine. From memory, the line near the end of rc.local looks something like this; cat /home/username/.netscape/cookies | grep -v doubleclick | grep -v yadda.yadda.yadda > /home/username/.netscape/cookies The username is hard coded since the machine isn't used by anyone else. Anyone who knows a better way of doing this, let me know!

Click THIS (Score:0) by Anonymous Coward on Wednesday January 26, @10:21AM EST (#333)

Are you SURE you want to opt out?

Spreading the word. (Score:4, Insightful) by Amphigory (patrick at extremehope dot organization) on Wednesday January 26, @10:23AM EST (#334) (User Info) http://www.extremehope.org

Guys, Its not enough for geeks to opt out. We need to get the whole 'net to opt out. Attached is the email I sent to about 20 people. May I suggest that all of you go and do likewise? -- Distribution of this memo is unlimited. Since I am probably the biggest spam-hater alive, you can imagine for me to originate one of these chain things is pretty unusual. (In fact, its more than unusual, its unprecidented). Nevertheless, I think that the danger to our society (and the internet as a whole) represented by the situation I am about to describe is great enough that I will take the flames and pass this on. There is a company called "doubleclick.com". They provide the little banner ads that you see on most web-sites nowadays. That is, when you pull up a web page with advertising, the company making that web page points your web-browser towards DoubleClick's web servers to get an appropriate ad. DoubleClick then pays the company if you click on the ad (anywhere from 1 to 10 cents for a click-through -- if you just look at it, they often get some small fraction of a penny for showing it to you). In order to target the ads, DoubleClick sets what is called a "cookie" in your browser. This cookie uniquely identifies your computer on the internet. DoubleClick uses this information to target advertisements towards you based on your previous viewing patterns: if you typically click on ads for computer hardware, DoubleClick will show you lots of ads for computer hardware. However, all of this is still anonymous. That is, it was thought to be until the following story came out: http://www.usatoday.com/life/cyber/tech/cth211.htm To summarize, the above story relates how DoubleClick bought a direct marketing company called Abacus Direct. Abacus Direct maintains a database covering over 90% of all American households. And DoubleClick acknowledges that they have begun linking Abacus Direct's database with theirs. The net effect of this is that, for a price, a vendor can get your name, address, phone number, /and/ your reading habits. They can find out what newspapers you read (over the web), what web sites you visit, etc. They can find out what products you buy -- it is simple to link information from amazon.com to doubleclick as well. They can then use this information to target advertisements at you. Many people don't see the problem with this. May I suggest that you consider this: the express purpose of advertising is to get you to buy things which you would not ordinarily buy. That is, the perfect person in their eyes is a profligate spend-thrift. Happiness through possesions is the mantra they push. The advertising industry has already demonstrated that they will stop at nothing to sell products. For example, consider that the "June Cleaver" perfect housewife of the 1950's is acknowledged to have been created by and for the advertising industry! Or consider some of the tactics used by the baby formula companies to get mothers to not breastfeed, despite the acknowledged medical fact that breast-feeding is far better for the child. (Some of the tactics used in developing countries were exceptionally gruesome.) What about the toilet-training "experts" who are employed by the diaper companies? Ever wonder why we suddenly need Size 5 Pampers? We have already seen what advertising can do with statistical sampling alone: what will they be able to do with specific data about you? That is, what will happen when, instead of marketing to a mythical (but frighteningly accurate) average household, they are marketing to you personally? Fortunately, there is a way out. You can visit: http://www.doubleclick.net/optout/optout.asp And decline to have your information tracked. I highly recommend it. I could go on for pages about why this is important -- the point is that once we have given Madison Avenue this power, we will never be able to take it back. The time to opt out is now. -- Religion begat prosperity, and the daughter devoured the mother -- Cotton Mather

Re:Spreading the word. (Score:1) by miyax (miyax@fruhead.com) on Wednesday January 26, @05:30PM EST (#439) (User Info) http://secondhandwonder.virtualave.net

Good plan. BTW, if anyone out there cares, I wrote an article about Doubleclick/Abacus Direct/internet privacy for my school's paper not to long ago. Hopefully that will spread this around a bit. Hopefully. The sad thing is, John Q. AOLuser doesn't really give a rat's ass. He doesn't look to see who's providing his banner ads, nor does he care, or would he even know who that company was. "Doubleclick? Who they hell are they? I thought this ad was about toasters." That was basically the point of my article, that and why John should care. Because this is coming. This is what everybody's going to do in a few years, if we don't stop them at the beginning. Sadly, Mr. AOLuser doesn't care. Maybe we should have tried to stop AOL before it took over the world. ::shrug:: Anywho, I for one will forward this to everyone I know, and instruct them to do likewise. miyax

CPM goes up for this. (Score:1) by asianflu on Wednesday January 26, @10:26AM EST (#335) (User Info)

For geotargetting, where ads are pitched based on your zip code, doubleclick can triple or quadruple the price it charges advertisers. Urban Fetch wants to advertise its NY delivery service? it can spend $20 on a run-of-site banner show to everyone including surfers from singapore, or $80 on doubleclick that can restrict the banners to web site visitors with zips in NY city. Which do you think is more valuable a campaign? That money magnet is what is dragging doubleclick to tear up its privacy agreements, its just too rich a prize, especially with run-of-site CPMs now down at the $5/1000 level and click throughs at the half percent.

pcweek's pc proxy rerview (Score:1) by sevenseven on Wednesday January 26, @10:33AM EST (#338) (User Info)

interestingly enough, zd-net's pcweek has a review of personal proxy servers for pcs: http://www.zdnet.co m/pcweek/stories/news/0,4153,2423273,00.html the review evaluates norton internet security 2000 and some other tools. all of them are commercial products however... ...sie sind nicht grün

Can you say DatAmerica? (Score:1) by Jomolungma on Wednesday January 26, @10:42AM EST (#343) (User Info)

After I read this article on CNet I immediately thought of William Gibson's DatAmerica, which shows up in Virtual Light, Idoru, and I believe his latest incarnation. Anyone else seeing this connection?

Privacy Statement Lies (Score:3, Insightful) by waldoj (waldo@waldo.net) on Wednesday January 26, @10:42AM EST (#344) (User Info) http://www.waldo.net

Their privacy statement says: In the course of delivering an ad to you, DoubleClick does not collect any personally-identifiable information about you, such as your name, address, phone number or email address. This, as we now know, is untrue. Granted, they collect it from another server, and not from you, but they still collect it when they send you an ad. Liars. -Waldo

Opt Out (Score:0) by Anonymous Coward on Wednesday January 26, @10:50AM EST (#346)

To opt-out of this, just visit: http://www.doubleclick.net/privacy_policy/privacy.htm Click thru the several links, and the computer and browser your are using will be opted out. You will have to repeat this for each computer and browser you use.

ADFU (Score:1) by Uart (uart@iname.com) on Wednesday January 26, @11:10AM EST (#355) (User Info) http://slashdot.org/comments.pl?sid=Uart

People, stop using this offensive Double-click! Use Adfu instead, from the people who brought you Slashdot! --- All commments are to be taken with a pinch of salt and a dab of pepper

Cookie -> Name mapping. (Score:1) by larva on Wednesday January 26, @11:13AM EST (#357) (User Info)

The first time you see a doubleclick banner you get a nice little cookie. from that point on all the banners that you see comming from doubleclick will get the cookie, save the info on your COOKIES surfing habit and then maybe update the cookie. couple this with an database filled with names and addresses. now, unless you somehow reveal your name to doubleclick it is impossible for them to make a mapping between these two databases. they dont have name->cookie pairs. so how are they going to make use of the name database? (l) -- gunzip-howto.tar.gz

Re:Cookie -> Name mapping. (Score:1) by A.Gideon on Wednesday January 26, @11:54AM EST (#370) (User Info) http://www.gideon.org/andrew/

>they dont have name->cookie pairs. so how >are they going to make use of the name database? First, recall that most browsers send - as a part of every HTTP request - a field called HTTP_REFERER. In the case of an image, this tells the web server the URL of the page on which the image has been displayed. Therefore, DoubleClick's servers get not just the cookie, but also the URL of the page on which the ad is displayed. This includes the query string of that URL. More, many uses of banner ads include query strings in the URLs to those banners, passing even more information. What DoubleClick has, based upon the above, is an easy way to map between a DoubleClick cookie and a visitor to all those many web sites which display DoubleClick ads. This means that they know a great deal about a person's browsing history. But you're correct that this isn't enough to get a name. However, once you pass your name (ie. as a part of a purchase, or even just a request for information via a form) to one of those sites which uses DoubleClick ads, that site's information can be combined with DoubleClick's to determine precisely who you are. Note that it only takes one "leak" of this information. Because your name is now associated with a DoubleClick cookie, all activity associated with that cookie - past, future, and all web sites - is now associated with you.

Re:Cookie -> Name mapping. (Score:1) by larva on Wednesday January 26, @12:04PM EST (#376) (User Info)

>However, once you pass your name (ie. as a part of a purchase, or even just a request for information via a form) to one of those sites which uses DoubleClick ads, that site's information can be combined with DoubleClick's to determine precisely who you are. that would require doubleclick to strike an alliance with all sites they have banners on, quite the infrastructure challenge there. (l) yes it is possible. but as long as you dont give away your name (or other identifiers )to doubleclick (or sites where they have banners to be even more secure) they will never be able to map your name to your cookie. -- gunzip-howto.tar.gz

Re:Cookie -> Name mapping. (Score:1) by A.Gideon on Wednesday January 26, @04:15PM EST (#431) (User Info) http://www.gideon.org/andrew/

It is less of an "infrastructure challenge" then you might thing. Actually, I can think of a couple of easy technological solutions just off the top of my head. Likely these aren't even the best. However, the "alliance" comment is right on the mark. I've no idea how likely or unlikely such a thing is. But it is worth noting that it doesn't require this alliance with all sites displaying DoubleClick ads; only a few. Let's consider one interesting case: Yahoo. Let's also assume that they display DoubleClick ads (I believe so, but I've not checked this). Yahoo has various means of inducing people to "sign up". That's a pool of identities that can be matched to DoubleClick's database. One the names from Yahoo are matched to DoubleClick cookies, your identity is tracked on *every* site displaying DoubleClick ads. Does Yahoo provide this information to DoubleClick? I've no idea, but they're only one example. Another point to consider is whether there is a way to get this information w/o the cooperation of the site displaying the ads. I'm thinking, for example, of email addresses being embedded in query strings. Given the problems that, for example, Hotmail has had with security, such a thing would not amaze me. A final point: mail messages with embedded HTML that accesses banner ads. This is a perfect way to match email addresses (and therefore people) to cookies. The worst aspect to this, from my perspective, is that it will only take a small abuse of this sort to generate a potentially nasty backlash against Internet commerce. Whatever form this takes, I'd not look forward to it.

Shareware tools for windows users (Score:2) by Merk on Wednesday January 26, @11:25AM EST (#363) (User Info)

If you're a windows user like I'm forced to be, I strongly recommend AtGuard. It was recently bought out by Symantec, but I think you can still get trial versions and stuff. The way this thing works is that it scans TCP/IP requests and never transmits the ones matching a certain pattern. I end up seeing less than 0.1% of the banner ads on the 'net, and when I do see one, I just add the relevant pattern to my block list and never see ads from that site again. AtGuard also does one more amazing thing -- it stops animated GIFs from looping. About time!! Along with AtGuard I use Cookie Pal. It basically intercepts the Netscape or IE cookie request dialog, and handles it. What makes it better than Netscape or IE is: It keeps a list of sites to accept / reject with wildcards. I reject anything from *.doubleclick.net for example. Once that site is in your list, you never get asked about cookies from that site again. On sites not found in your lists it asks: "Accept a cookie from www.spamsite.net?" with the options "Yes, No, Always, Never" and a checkbox allowing you to apply the always/never rules to *.spamsite.net. This flexibility far exceeds what browsers can do with their one-time Yes / No capability. Eventually (once it's more stable and I have more time) I plan to get Mozilla and, if someone hasn't done it first, add all these features to the source. At one point I had read enough of the Mozilla source to know how to stop the animated GIFs but I never got around to adding the changes. Until then these tools are amazing and I can't recommend them enough. Moderators: I know this is endorsement of commercial Windows products by a Windows user. I know it's not accompanied by the requisite amount of Slashdot Windows trashing or anti-commercial ranting, but let's face it, many of us have to use Windows, and many of us are willing to pay a few bucks for a good commercial tool when there's no open source alternative. Please help me get the word out and help people regain their privacy and freedom from advertising by bumping this up a couple of points. (And no, I'm not associated with either product, just a happy user).

FYI, there is an Open Source option (Score:2) by DragonHawk (dragonhawk@iname.microsoft.com) on Wednesday January 26, @01:28PM EST (#403) (User Info)

...many of us are willing to pay a few bucks for a good commercial tool when there's no open source alternative. I don't have any problem with your endorsement (it is useful information, after all), but For Your Information, there is an Open Source product available that blocks banner ads, cookies, and such. Source available, no cost, and protected by the GPL, it is called "The Internet Junkbuster" and is available for free download from www.junkbusters.com. It functions as a proxy server, and guards your privacy. Just FYI. I do not like Microsoft. Remove them from my email address.

Filter doubleclick at your proxy... (Score:0) by Anonymous Coward on Wednesday January 26, @11:33AM EST (#364)

I have been filtering doubleclick.net from my proxy for months now and am still amazed at how much less bandwidth I use use while surfing. torch@ripco.com

Question (Score:1) by xdroop on Wednesday January 26, @12:01PM EST (#374) (User Info)

I presume that adopting another user's cookie ID without their consent would be illegal. But what if everyone here decided to use the same cookie? I mean, what if someone says "this is my cookie, you have my permission to use it"? A cookie equivilent to the 'cypherpunks' accounts that are here and there. Everyone wins: doubleclick sells the eyeballs, sites get advertising money, and we get access to the content without a 'profile' being developed! -- xhost +

*Ads* aren't necessarily bad... (Score:2) by Colm@TCD (colm at tuatha.org) on Wednesday January 26, @12:07PM EST (#377) (User Info) http://www.tuatha.org/~colm/

As I'm sure has been posted elsewhere in this thread, it's important to draw a distinction between the mere presence of advertising on the Net, and the privacy issues which arise from tracking users in the manner described. Like it or not, advertising revenue pays for a substantial part of "The Internet" as we know it today. Yes, it probably would be nice if the whole thing was funded by magic, but it isn't, and banner advertising does provide a relatively straightforward way of funding lots of useful sites. There's nothing intrinsically wrong with provision of advertising space, and DoubleClick does do a pretty good job of selecting and targeting ad banners based on your cookie trail - no worse than anyone else, anyway. However, the business of associating this cookie trail with your "real-life" name and address takes us into serious privacy issues - I'm not totally clear what the legal situation in the USA is, but in the EU they must provide an opt-out from such a system, and they must abide by it. Any evidence that they are failing to abide by the opt-out will be taken very seriously indeed by the data protection people. I'm sure a similar régime must prevail in the USA and elsewhere. Let's not get carried away, folks. Don't confuse the "necessary evil" (web ads) with the serious privacy issue. Ads aren't necessarily bad, but DC and others have to abide by the rules of privacy, and these are legally enforceable. Slight disclaimer : My fiancée works for DoubleClick, but the views expressed above are mine alone.

your fiancee' is lame, dude (Score:0) by Anonymous Coward on Wednesday January 26, @09:07PM EST (#456)

she should, like, do something about that.

iCab browser is solution for Mac users (Score:1) by Topia on Wednesday January 26, @12:14PM EST (#384) (User Info)

The iCab web browser iCab web browser allows filtering of page images by source (server, path, filename, and URL) and by dimension (eg 1 pixel x 1 pixel). It comes preconfigured to filter out images from double-click and friends. Check it out. This browser is free and surprisingly smart and configurable.

Aren't you just being a little paranoid? (Score:1, Interesting) by Anonymous Coward on Wednesday January 26, @12:29PM EST (#387)

I think a lot of people are being slightly paranoid here. First, some words on banners in general: Banner advertisements are normally the single revenue stream for web sites. Sometimes they irritate the hell out of me, like when there are about 6 on the same page, but I really don't see how someone can object to one or two banners on a page when they don't really get in their way. The argument about the slowing down a site carries little merit. What slows down a site is massive pages, whimsical graphics and icons that each involve a new HTTP connection. Using programs such as Web Washer means that in the future, you'll see less sites around. And naturally, most don't object to banner advertising on Slashdot and other open-source type sites. Hmmm, so I suppose Yahoo, Excite and co. don't have the right to display banners (and go out of business)? Yeah guys, that makes real sense (!) Now, the DoubleClick thing: As for the whole DoubleClick thing: only DoubleClick have access to the database. No one gets this paranoid about 'normal' direct marketing. Why all the hype. You can easily opt out if you want to. Face it - having your details record in many places and being tracked is just a part of everyday modern life: web site logs, supermarket loyalty cards, credit card bills, CCTV, credit rating databases. Short of going to Mongolia and living by subsistence farming (Very hard given Mongolia's climate!), there's nothing you can do. Mailbombing or sending mails to all the DoubleClick staff is unlikely to have any effect either. (Except your ISP closing down your account for violating their TOS). Be a bit more sensible. If you really object to it yourself, then by all means opt-out.

Privacy! (Score:0) by Anonymous Coward on Wednesday January 26, @12:42PM EST (#390)

I think it's a good trade, less privacy for more money, money for me that is. :) DCLK stock holder.

I've secured the patent!! (Score:2) by Travoltus (travoltus@hot.mail.com) on Wednesday January 26, @12:54PM EST (#393) (User Info)

I was awarded the patent today on open source petrified telemarketers and advertising executives. My IPO is April 1st. :)

Opt-out and tech fixes not enough (Score:1) by timboy61 (tim_converse@yahoo.com) on Wednesday January 26, @01:13PM EST (#397) (User Info) http://www.sciencebookguide.com

Lots of DoubleClick defeating schemes have been posted here (editing cookie files, editing host files, anonymizing browsers, etc.), and also people are encouraging others to opt out. I think this is almost a negative thing, and practically helps DoubleClick. Does DC care if everyone on Slashdot solves the problem for themselves? Not. The result will be that the very people who are knowledgeable enough to get irritated (a trivial slice of Doubleclick's market) aren't that irritated anymore. DoubleClick will still know who your grandmother is, and you'll be the only person who your grandmother knows that DoubleClick isn't tracking. If they get away with making it tricky not to be tracked, they just won. So let's write them, write the media, write legislators, etc. (I would of course never endorse tactics like DoS or other attacks ... but they do have the virtue that your Grandma might benefit from them too.) -t

DoubleClick question. (Score:0) by Anonymous Coward on Wednesday January 26, @01:23PM EST (#400)

Anyone know why doubleclick.com scans port 7 when you click on an ad?

Write your State's Attorney General. (Score:1) by kilroy666 on Wednesday January 26, @01:30PM EST (#404) (User Info)

If you live in New York, Eliot Spitzer is doing something to protect your privacy. Drop him a line (if you're in NY) and let him know what is going on. Mention that the Privacy Statement is wrong on DoubleClick's web page, reference the Usa Today article, Agitate. The AG's in NY have been pretty good about at getting the 'bad guys'. RobM.

Boycott doubleclick SPECIFICALLY (Score:2) by sjames (sjames@nospam.gdex.net) on Wednesday January 26, @01:31PM EST (#405) (User Info) http://www.members.gdex.net/sjames

Blocking all ads from all ad companies won't do much good, the market will shrink a bit bit the percentages will be about the same. The answer is to specifically block doubleclick (and any others that start tracking name/address etc.). That way, a specific practice is punished, and not doing that is rewarded. It also sends a message to DoubleClick's clients "your ad isn't being seen, but it WILL be if you get rid of DoubleClick and choose another ad company". To advertising supported websites it says "You'll get more clickthrough pay if you switch away from DoubleClick". That DOUBLES the impact of the boycott. Now for some notes on blocking DoubleDlick. First, they use round robin DNS and several different address blocks. If you don't firewall every last one of them, you will get their ads. They have some sort of odd DNS system that assigns addresses to ad.doubleclick.net based on network latencies which they measure by sending packets to port 7 (TCP echo service). I know this because they triggered portsentry on a network I am responsable for and they explained that when I emailed root about it. The easiest option if you are on a Unix system is to use a local DNS server and set up doubleclick.com and doubleclick.net as master zones. That will cause name lookups for doubleclick to fail. I would like to firewall their address blocks as well for good measure. Does anyone have a list of all of the addresses assigned to them? I did do dns lookup and check the returned address with rs.arin.net, but the IP is a non-portable address owned by above.net.

Mac IE 4.5 anticookie (Score:0) by Anonymous Coward on Wednesday January 26, @01:43PM EST (#407)

Mac IE 4.5 has nice per-site cookie blocking/allowing.

Privacy invaders can kiss my ass (Score:0) by Anonymous Coward on Wednesday January 26, @02:35PM EST (#413)

I for one hope that DoubleClick rots in hell for this blatent invasion of users privacy. Anyone with 0.5g of brain cells knew this would happen - to anyone with less (ahhh, politicians) this will be a complete surprise...But I digress. I firmly believe that it's MY INFORMATION, I OWN IT, and I get to CONTROL WHO USES IT! This means that if you want to use my information, you have to apply and PAY for a non-exclusive license to do so - FROM ME or my authorized agent(s). Things I hate and block: 1) Junk snail mail. I file prohibitory orders against all junk mail I receive. Result: I don't get very much of that crapola anymore. I got this way after saving it all for a month to see how much I got. When I discovered that I had 70 lbs, I became an active mail refuser. US Supreme court decisions and Federal law support your right to declare anything you want to be a pandering and erotic advertisement. You have complete and unfettered discretion in this matter. Go to www.junkbusters.com and get more info. Go to your postoffice and get form 1500 - the one against erotic mail. Fill it out, attach those annoying advertisements from Advo or ValueMailer, or whatever and then mail it yourself to the prohibitory order processing ctr... Volia! Stuff's gone after about 30 days... If not, send it back to the proh. ctr with notes, and they'll sue the fucks for you at no cost to you. 2) Those god damned "Fresh Values" or "Super Saver" cards from the groceries. First off, those fucks raised the prices to cover their costs, then they issued the cards. They sell information on what you buy to people you buy it from, they sell info on what you didn't buy to people you didn't buy it from. They know what time you shopped. When you traditionally shop. What you traditionally spend. Waaaaaaay too much info if you ask me - mainly because it shows when I'm NOT home - so some $5/hr backoffice fuckwad can have his 'homies' rob my house... And if you don't have the card, they try to make you feel like a 2nd class citizen. Since so many people lied on the forms, they've started requesting ID's to verify the info... 3) Internet AD's. Ummm, If I want something, I'll go to a search engine and find it and find the best price. I'm never going to click on some god damned ad. I also despise cookies - there's no good reason for the damn things. I'm happy to log in when I need to use a service - learn to type. One site, www.800.com REQUIRES a cookie be set just to surf the damn site - so guess what? I went elsewhere with my $$$... I block ALL ads (visit www.webwasher.com - Nice free software). Blocks all those assinine popups, ads, flashing crap, etc. And it's easily configurable. Too bad it doesn't deal with cookies (yet - there's plugin ability for it...). I could care less how the web site makes it's $$$, find a better way. I for one didn't mind the occasional small ad at the bottom of the screen when this all started - but now it's totally out of hand - something like 150K worth of ads on some sites... so I said screw it - got rid of that crap and all the litter that it put into my caches... 4) My next vacation is going to be spent writing some software (yeah, I'm a geek) that intercepts a cookie, checks against a list of "OK" cookies (like say from Datek...ok, so I like to trade...), and the rest just takes it and perverts it at random and returns it to the offending assholes... Go ahead, look at that... have fun... 5) Those damn RF readers for Tollway booths - why, oh why, do they have to be keyed to me? Why can't they be anonymous? For years I've been saying they capture an audit trail - what booth, what time, what date, etc. Now some lawyer has subopenead the records on some poor fool to prove that he's in a specific area at a certain time... What's next? Oh you went thru booth A and B in record time - here's your speeding ticket... or the backoffice fool saying "gee, here's a guy with a mercedes...every day he's at booth A...and he's got a bitch with a Ford Excursion who's at booth B by 30 min's later... crossed with the tax records, they have two kids who are in school... not paying any nanny tax, so there's no one at home... and they make $200K/yr... let's hit their shack!" No thanks - I'll stick to coins... DEFEND IT OR LOSE IT PEOPLE!

Blocking Doubleclick (Score:1) by supz (supz@i.love.spam.net) on Wednesday January 26, @03:14PM EST (#422) (User Info)

Is there any possible way to block out all connections from doubleclick.net in Windows? I know in linux you can do it, but my family primarily uses windows, and I would like to protect them from the prying eyes of the pervasive eyes of the people at doubleclick.

E-Mail Response From DoubleClick (Score:2) by waldoj (waldo@waldo.net) on Wednesday January 26, @03:34PM EST (#424) (User Info) http://www.waldo.net

Libby, Alycia Wednesday, January 26, 2000 3:22 PM "Waldo L. Jaquith" RE: Privacy Statement Thank you for contacting DoubleClick with your concerns. Protecting the privacy of consumers is of paramount importance to DoubleClick. We are founding members of several organizations (NetCoalition.com and Network Advertising Initiative) that are currently creating standards that protect online consumer privacy, and belong to the Online Privacy Alliance. First and foremost, we want to make sure that you understand exactly what we do, and to clear up any misperceptions that exist in the media or marketplace. First, it is important to understand that Web advertising is critical to ensuring that consumers like yourself can continue to access Web sites at no cost. . Effective Web advertising assures that the Web's information, content, and resources remain free for everyone. Second, we would like to clear up a huge misconception in the marketplace that companies such as DoubleClick have the ability to "track" what an Internet user is doing throughout the Web without their knowledge or consent. The fact is that the only time DoubleClick knows when a user visits a Web site is if DoubleClick is serving an ad to that particular Web site. Even then, the information that is collected by DoubleClick is used only for advertising and reporting purposes, so that our customers can gauge the effectiveness of their advertising campaigns. DoubleClick does not know the identity of any user to whom DoubleClick delivers an ad until and unless that user has been provided notice about and consented to having his or her identity used in connection with serving advertising and other online marketing services. You should also know that DoubleClick does not sell any information collected from cookies to third parties. DoubleClick has an explanation of what a "cookie" is and how it is used on its Web site that we invite you to read at http://www.doubleclick.net/privacy_policy/. Simply put, cookies are small text files that are sent to a user's hard drive in order to facilitate surfing on the Internet. They are commonly used by Web sites to maintain a customized environment for each user and to make it easier for customers to purchase goods and services. DoubleClick also uses cookies to limit the number of times a customer sees an ad, which our customers have told us is important to them. We also use them to measure ad effectiveness on behalf of advertisers and Web sites with which DoubleClick does business. However, please be assured that until, and unless, a person chooses to provide personally identifiable information to a Web site, DoubleClick has no way to know their identity. All DoubleClick knows is that a computer's browser is visiting the site. Finally, we want you to know that DoubleClick does create profiles about consumers solely in an attempt to deliver ads that the user may be interested in viewing. Again, DoubleClick does not create a profile about any user unless that consumer has received notice and the opportunity to opt out from such profiling. Moreover, DoubleClick does not create profiles that contain sensitive information such as a consumer's medical information. Consumers can absolutely choose not to accept DoubleClick cookies or to receive ads tailored to their personal information by opting out at DoubleClick's Web site at http://www.doubleclick.net/privacy_policy/privacy.htm. We hope that you will take a minute to read the complete discussion of what information DoubleClick does collect and how it's used. Please visit our privacy policy on our Web site at http://www.doubleclick.net/privacy_policy/. The page also provides you with the opportunity to opt out from DoubleClick's cookies. If you need more information about DoubleClick please feel free to contact us at 212-683-0001. Again, thank you for contacting us with your concerns. We hope that this letter has helped to clear them up and that you will contact us if you need more information. Sincerely, DoubleClick, Inc. (NASDAQ: DCLK) http://www.doubleclick.net

surf anonymously (Score:1) by dexter_goodfeather on Wednesday January 26, @04:12PM EST (#430) (User Info) http://www.designdevils.com

check out spaceproxy.com they allow you to surf the internet anonymously, and you can even use their proxy server. free of charge of course.

Ironic: slashdot postings on evils of web ads (Score:1) by timboy61 (tim_converse@yahoo.com) on Wednesday January 26, @05:49PM EST (#440) (User Info) http://www.sciencebookguide.com

I am as down on DoubleClick as the next guy (I have already sent them a complaint, and got their helpful boilerplate response saying that they are misunderstood and it will all be clearer to me once they explain to me what a cookie is). But it's ironic to see /. posters seriously arguing that Web banner ads are evil and should be abolished. Um, ads pay Cmdr T. and Hemos to do this full-time, and presumably pay for some of the hardware and connectivity making it possible for those very anti-ad rants to be posted. No, I don't think that people are obligated to download ads as "payment" for the privilege of seeing a content site, unless they signed a contract. But in aggregate, that's the money model that supports content sites, and if everybody blocked ads by default, free content sites would largely go away.

An attempt to understand how this works (Score:1) by Spittoon on Wednesday January 26, @06:13PM EST (#443) (User Info) http://www.mediasnob.com

John: http://www.usatoday.com/life/cyber/tech/cth211.htm Steve: oh, that Steve: that's just personalization John: oh John: ok John: i won't worry about it then Steve: nothing to worry about here Steve: move along John: i feel soothed Steve: darn it, now I hate cookies again John: i know! John: i was like "what's wrong with cookies?" until this Steve: I'm not sure I follow how it works, though Steve: double click makes a cookie Steve: they give the unique id to a company Steve: the company gives it to you, and you send them info. Steve: that seems circular to me Steve: I think I'm misunderstanding John: yeah John: Doubleclick sends an ID number to your browser and at the same time sends the same number to the site you're visiting. John: the site you're visiting sends DoubleClick some sort of information that lets DoubleClick look you up in their Abacus database. John: so the site you're visiting has to be a collaborator Steve: I thought you could only access cookies for the domain you've served the webpage from Steve: oh, ok now I understand Steve: duhh John: i have no idea how the site you're visiting correlates the ID number it receives with your identity Steve: wait, I still don't understand