ILI Student Blog

Tag: tracking

  • New Phones! Now With More Personal ID!

    Just in case anyone had trouble making the argument that our cell phones are actually personally identifying despite our ability to leave them at home, it looks like we might not have to worry about that much longer. Look, I’m all for pursuing whatever leads show up in science, but is there really no one at Nokia who realizes that this is a terrible idea?

  • Is my Mac laptop sharing my location?

    how is this ZIP code being sent?

    Is my Mac laptop using cell tower information to calculate and transmit my location to third parties? I believe the answer is yes.

    Here is my evidence. I cleared recent history from Firefox, selected private browsing, then typed “Msn.com” into my browser. Then I looked at what was stored in my cache (using about:cache), and I found this entry (see above).

    This entry is a message from my browser to msn.com with whatever data can be passed along. Notice the “euid” field is empty. That is good, I am using private browsing. Then notice it is passing back my zip code as 07024, and my local news provider as WNBC. Is this coming from my IP address?

    The answer is no, it is coming from cell tower location information. How do I know this comes from cell tower rather than my IP address?

    The zip code transmitted is  07024 (Fort Lee, NJ). However I live right across the river is Washington Heights, upper Manhattan (below is the view of New Jersey from Washington Heights).  Often 911 calls via cell phone from my neighborhood get routed to New Jersey by mistake due to our close proximity to NJ cell towers. So my zip code is not coming from my IP address, which comes from Time Warner, hence it should be a NYC zip code, not a NJ zip code. It seems to be coming from cell tower triangulation, being collected and passed along by my Mac laptop :(

    View of New Jersey from Washington Heights

  • HTML5 and Mobile Tracking

    From Ars Technica Article: “A New York-based mobile-web advertising company was hit Wednesday with a proposed class action lawsuit over its use of an HTML5 trick to track iPhone and iPad users across a number of websites, in what is believed to be the first privacy lawsuit of its kind in the mobile space.”  Full article here.

  • A proof-of-concept nearly irrevocable cookie

    The always-fascinating Samy Kamkar has produced a super-tenacious cookie designed to “identify a client even after they’ve removed standard cookies, Flash cookies (Local Shared Objects or LSOs), and others.” Indeed:

    “evercookie accomplishes this by storing the cookie data in several types of storage mechanisms that are available on the local browser. Additionally, if evercookie has found the user has removed any of the types of cookies in question, it recreates them using each mechanism available.”

    Check out that list: ETags, IE userData storage, “storing cookies in RGB values of auto-generated, force-cached PNGs using HTML5 Canvas tag to read pixels (cookies) back out” — fiendish! (With a cache time of twenty years, no less.) I’ll take bets as to how long it’ll be before this proof-of-concept is in use by unscrupulous parties.

    UPDATE: The New York Times has an informative, if basic, article on HTML 5 and privacy; it specifically addresses Kamkar’s cookie. Check it out!