- This iPhone app says it will alert you if you’ve been hacked Today 2:43 PM
- ‘Marvel’s Hero Project’ is the wholesome content 2019 needs Today 2:40 PM
- Get more out of VSCO with VSCO search Today 2:09 PM
- Twitter carves out ‘cause-based’ advocacy exemption in political ads ban Today 2:06 PM
- Disney+ accounts are being hacked—here’s how to protect yourself Today 1:52 PM
- Instagram is hiding likes globally and searching for a ‘well-being’ product researcher Today 1:42 PM
- ‘The Mandalorian’ opens up its mythology even further in ‘Chapter 2’ Today 12:54 PM
- Want to buy a drone on a budget? We’ve got you covered Today 12:51 PM
- ‘Simpsons’ writer accuses Republicans of stealing Sideshow Bob’s defense Today 12:49 PM
- Keanu Reeves’ appearance in ‘SpongeBob Movie’ trailer quickly becomes a meme Today 12:35 PM
- Charli XCX makes the band in Netflix’s ‘Nasty Cherry’ Today 12:33 PM
- Taylor Swift’s distress call reignites fight with Scooter Braun and former label Today 12:16 PM
- How to disable autoplay for previews and trailers on Disney+ Today 12:10 PM
- College basketball stream: How to watch North Carolina vs. Gardner-Webb Today 12:00 PM
- Trump accused of witness intimidation for tweets during impeachment hearing Today 11:48 AM
Obama and Romney websites leak user data to third parties
The campaigns’ websites have failed to protect their users’ data from third-party trackers.
Representatives of both the Romney and the Obama campaigns have put their foot down: no data on their respective website users will be released. In fact, “safeguards” have been put in place to protect against that very possibility.
But those safeguards apparently weren’t sufficient to keep supporters of the two campaigns from being tracked online.
As Natasha Singer reported on the New York Times Bits blog, both camps are leaking information to third parties.
Jonathan Mayer of Stanford has released a new report putting the lie to the campaigns’ assertions of security.
“Leaking” in this case is not someone consciously, purposefully slipping info to a shady fellow in a parking garage. Mayer, a grad student in computer science, explains the mechanism in a blog post.
Leakage most commonly occurs when a website includes identifying information in a page URL or title. Embedded third parties receive the identifying information if they receive the URL (e.g. referrer headers) or the title (e.g.document.title). Even a little identifying information leakage thoroughly undermines the privacy properties of web tracking: once a user’s identity leaks to a tracker, all of the tracker’s past, present, and future data about the user becomes identifiable.
Some of these third party groups, according to Mayer, include companies who provide services for “advertising, analytics, social network integration, and more.”
This cyber-stalking worries privacy advocates because, on top of being creepy, it can also bring the profound irritation of a never-ending spam avalanche.
As Mayer says, “Even a little identifying information leakage thoroughly undermines the privacy properties of web tracking: once a user’s identity leaks to a tracker, all of the tracker’s past, present, and future data about the user becomes identifiable.”
Photo by Eli Christman/Flickr
Curt Hopkins has over two decades of experience as a journalist, editorial strategist, and social media manager. His work has been published by Ars Technica, Reuters, Los Angeles Times, and San Francisco Chronicle. He is the also founding director of the Committee to Protect Bloggers, the first organization devoted to global free speech rights for bloggers