Skip to comments.
Blue Apples, privacy, and Web Bugs at FR
5/10/2004
| self
Posted on 05/09/2004 10:09:59 PM PDT by Future Useless Eater
Blue Apples, privacy, and Web Bugs at FR
Some freepers use a visible graphic or 'icon' on their every post such as one person that uses a "blue apple" from his own home webspace. Icons like that can serve as a 'web-bug' to harvest personal info from freepers.
Now I realize FR doesn't allow java, javascript, vbscript, or active-x content so the risk is lowered. But some of these same freepers are also amatuer programmers with access to detailed webmaster server-access statistics. Those stats can collect the IP addresses, and a number of other environment variables from every computer that accesses a planted 'image'. So its possible for one of them to, let's say 'match-up' your comments here and learn personal details about you that he can abuse in dispicable ways.
I wish the Robinson's would make some type of policy statement at the very least, about web-bugs. Some things I might recommend are:
- enforcing no images smaller than 10x10 unless the image originates from freerepublic.com.
- enforcing all non-FR images to have a 1-pixel 'link' drawn around them in case the image happens to be otherwise invisible, like this
- allowing and encouraging freepers to upload commonly used icons into FR webspace.
- banning of images that appear to be there for cyber-tracking purposes.
Whenever it becomes KNOWN that a freeper you disagree with strongly may be mining his posts with web-bugs, there is a way to block them. For example, all Windows computers have a plain-text 'hosts' file, and you can add entries to that to block graphics from any particular server, (including many advertisement servers by the way!). On XP computers, that 'hosts' file probably resides at:
"c:\windows\system32\drivers\etc\hosts"
It can be edited with a plain-text editor, and the following sample lines inserted...
(you should do this editing ONLY when your browser is totally shut down)
0.0.0.0 home.hiwaay.net
0.0.0.0 doubleclick.com
0.0.0.0 doubleclick.net
0.0.0.0 ads.doubleclick.net
0.0.0.0 ad.trafficcmp.com
0.0.0.0 popup.msn.com
0.0.0.0 ads.specificpopup.com
0.0.0.0 ads.specificpop.com
0.0.0.0 ads.specificclick.com
The first line will block the blue apple 'icon'. The others will block some of the worst ad-servers or spyware tracking sites. I like to browse my 'cookies' file occasionally, and when I see a server that is setting cookies (or serving popups or annoying ads), add a line to the 'hosts' file to permanently block them.
John Robinson, have you ever discussed or considered web-bugs here at FR?
TOPICS: Computers/Internet; Focus Software
KEYWORDS: privacy; webbugs
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-60, 61-80 ... 101-104 next last
To: FL_engineer
And I won't bother correcting you, or pointing out the dastardly things that 'could' be done because that will only give @ssholes more ideas. Of course you won't. Naturally.
There's nothing you can post that isn't already known by someone else out there, so I think begging off by claiming that you don't want to "give [people] ideas" is absolutely ridiculous. You've accused someone of bugging FR in order to track other posters, and now I think it's time for you to back that accusation up, or withdraw it and apologize. Your choice.
21
posted on
05/10/2004 11:05:31 AM PDT
by
general_re
(Drive offensively - the life you save may be your own.)
To: general_re
Thanks for explaining it. I though the notion of tracking people with .GIF files was crazy, but I don't have the knowledge to pin it down and and defend myself.
22
posted on
05/10/2004 11:05:46 AM PDT
by
William Terrell
(Individuals can exist without government but government can't exist without individuals.)
To: FL_engineer
Did you neglect to mention that I posted my own chart on the same thread that I posted the other?
23
posted on
05/10/2004 11:09:53 AM PDT
by
William Terrell
(Individuals can exist without government but government can't exist without individuals.)
To: William Terrell
The real problem in all this would be tying your screen name - or some other sort of online identity - to an IP address. Companies that use web bugs don't bother trying to do that, which makes their task infinitely easier - they just associate activity with the IP address, and build profiles about that address. Yes, I can put an image on this thread, and use my logs to see that users at 127.0.0.1, 127.0.0.2, and 127.0.0.3 loaded this thread, but that doesn't tell me which
posters those addresses belong to, nor does it tell me whether the users at those addresses
posted to the thread, or simply
read it, and I'll bet that there are far more people reading threads than actually post to them.
What would I do with a thread like this, where I might have hundreds of unique IPs reading it, and hence loading my image, but only a dozen or so people actually posting? How do I know which IP belongs to which poster? Eventually I could probably narrow it down, but for the end result, it would be much simpler to simply walk through someone's posting history as you did.
24
posted on
05/10/2004 11:17:29 AM PDT
by
general_re
(Drive offensively - the life you save may be your own.)
To: general_re
Yes, it's simplier to just walk through the posting history, but it's time consuming. I don't bother with it after I saw how much time I used vis s vis the results I got. I challenge a lot of sacred cows on FR. I suspect this is politically motivated since it doesn't seem to make much sense otherwise.
I don't buy the "chilling effect". Perhaps it's "chilling" to those who think they have something to hide. I've had private requests to do the requesters own chart. Too much time and I can't charge for it.
25
posted on
05/10/2004 11:29:49 AM PDT
by
William Terrell
(Individuals can exist without government but government can't exist without individuals.)
To: FL_engineer
A big part of the fun of FR for me is the gifs and graphics. Of course, the content is key, but the gif and graphic embellishments add interest and fun to posts and enhance the site immmensely. I would hate seeing any of it banned. I am guessing that John could find ways of detecting any malicious script and ousting it and the offending poster without taking away one of the nicer features of FR.
26
posted on
05/10/2004 11:36:06 AM PDT
by
sweetliberty
("Better to keep silent and be thought a fool than to open your mouth and remove all doubt.")
To: FL_engineer
There are a number of FReepers who use icons in their posts. For that matter, it is common practice all over the internet. Also, any FReepers posting history is accessible to any other FReeper. There is nothing abusive about it.
27
posted on
05/10/2004 11:45:40 AM PDT
by
sweetliberty
("Better to keep silent and be thought a fool than to open your mouth and remove all doubt.")
To: William Terrell
Yes, it's simplier to just walk through the posting history, but it's time consuming. I don't bother with it after I saw how much time I used vis s vis the results I got. I figured as much. I work with data miners, so this doesn't particularly surprise me, but I think some folks are surprised to discover just what sort of information one can expose if you are motivated enough to assemble it into a useful form - it would be trivial to throw together a perl script that automates everything you did by hand, and I'm sure there are some very clever perl coders who hang out here. However, people don't seem to realize this, and so the immediate assumption is that you must have some devious, underhanded method of gleaning private information, when in fact the information is quite public, and available to anyone who's interested.
28
posted on
05/10/2004 11:47:38 AM PDT
by
general_re
(Drive offensively - the life you save may be your own.)
To: FL_engineer; cinFLA; Roscoe
Posted by FL_engineer to cinFLA; Roscoe; robertpaulsen; tpaine
On General Interest (Chat) ^
05/10/2004 11:04:50 AM PDT #20 of 28 ^
I Thought some of you would also be interested in these questions-to-management.
And Roscoe, were you EVEN AWARE that freepers had published your posting-pattern published for the purposes of criticizing you?
Yep, both roscoe & cinfla were well aware of those posts, as I pinged both of them while we were having those discussions..
-- As you must be aware, FL_engineer, -- seeing you based this thread on them.
General questions to all of you, Do you agree some people could find their posting-patterns put on public display to be intimidating, or have a chilling effect on them?
Of course it could, if said posting patterns revealed that they were only posting during business hours, for instance.. Leads one to wonder, at least, - who is paying for their chit-chat habits..
-- I suspect that in many such cases, the public is paying.
Just a hunch of course, based on the fact that most of these 9 to 5 types support bureaucratic institutions .
Do you agree this sometimes seems to be done to silence their competition? Do you agree this could be seen as abusive?
I see it as a form of whistle blowing on cheating public servants, -- But I could be wrong, of course.
or wasteful of F.R.'s CPU time or bandwidth?
Thats what FR is all about, imo, exposing government cheating, fraud & corruption.. You object?
29
posted on
05/10/2004 12:30:12 PM PDT
by
tpaine
(In their arrogance, a few infinitely shrewd imbeciles attempt to lay down the 'law' for all of us.)
To: FL_engineer; William Terrell
Maybe someone should ask
William Terrell why he did it and what he hoped to gain by doing it.
Then we could all have a good laugh at his answer because, given the targets, I believe it was his intent to be intimidating, to have a chilling effect, and to silence the competition.
This could be seen as abusive and wasteful of F.R.'s CPU time or bandwidth, but that's not for me to decide. I never thought to report it as such. .
To: robertpaulsen
I did it because it was a challenge and I like programing. I posted the result on you and Mr. cinFLA because they so dramatically differed from mine and a number of others I ran, but didn't post. I also posted mine.
Do you have something to hide? Should someone else had come up with the same program, and posted the results on me, I wouldn't have cared less. Why do you?
31
posted on
05/10/2004 12:51:36 PM PDT
by
William Terrell
(Individuals can exist without government but government can't exist without individuals.)
To: William Terrell; cinFLA
"I posted the result on you and Mr. cinFLA because they so dramatically differed from mine and a number of others I ran,"Maybe cinFLA will buy that. I don't.
Now, if you would have used your talents to track the many faces of MrLeRoy to compare posting patterns, that program might be useful to the admin mods in helping to keep banned posters off the board. But he's pro-drug legalization, so that's no good.
Something to hide? Me? Well, thanks to you, not any more. Not that you posted anything that wasn't already publicly available (with some effort). But since you brought it up ....
The information I want people to know about me is posted on my Profile page. You'll note that my posting pattern is not there.
Although FR keeps track of all posters, I think you were out of line to selectively single out people with whom you disagree and post that information. Are you the type who tracks down publicly available information on your neighbors (like divorce records) and publish that information in the local newspapers? Hey, it's legal!
Here I thought you were a big believer in freedom and liberty, keeping the government out of our private lives, and here you are, a little Nazi, collecting tiny tidbits of useless information on your fellow posters. What's next? Do you plan on hacking FR to get our e-mail info? Password info?
To: FL_engineer; William Terrell; Sabertooth; Coral Snake
As pointed out in this thread, William didn't use a web bug or underhanded method to gather posting history, that information is readily available on the pages we all see and can be extracted by hand given enough time.
Now, the idea of using a participant's contributions to FreeRepublic against him must be discouraged for the better of the site. A typical goal of a site is to grow participation. Misuse of such data could be detrimental to that goal. And while isolated cases wouldn't have this effect, widespread misuse would.
As for web bugs specifically, they're a problem on any open forum such as FreeRepublic. The best solution is to force all images to be hosted on FR. That means providing disk space and bandwidth for images and securing against several new avenues of attack such a system exposes. Other solutions include blacklisting known offenders--but that isn't secure, it would be better to whitelist know safe sites. I cannot detect when an image is being used as a bug, I would have to assume all images are possibly bugs. Which brings me to an end-user solution:
Block all images. All but maybe WebTV and those stuck with restricted environments allow you to configure the browser to prevent images from being downloaded. And sophisticated browsers are capable of blocking only third party images (those not hosted on the site you are currently reading.)
Other points:
- Third party images don't use FR bandwidth or CPU time. We're merely hosting a link that tells your browser to download an image from some other site. The burden becomes someone else's--so please only link images on sites that explicitly permit such linking (paid hosting sites?) It's costing somebody money.
- Adaware will not catch these things. But a personal firewall probably will. When configuring your firewall, look for something to do with blocking third party images. (Partially related are third party cookies--you should always disable these, there is no good in it.)
- I cannot detect web bugs on FR. All third party images would have to be assumed to be web bugs.
- I personally think apples, sabertooth tigers, snakes, and whatnot decorating posts are distracting. I'm thinking about opening a "header" and "footer" HTML area that will automatically bracket all posts with these personal decorations. (Some people like them, and they do add character to a post.) I would then provide a configuration option to allow others to disable this added fluff.
- Play nice.
- Be happy.
To: robertpaulsen
"-- a little Nazi, collecting tiny tidbits of useless information on your fellow posters."
-rp-
_____________________________________
Totally confused concept paulsen, as is usual for you.
-- As I commented at #29, there are valid uses to such posting info.
Certainly, such info could be MIS-used, in a nazi-like fashion, to fink out a chatting employee to his employers.
-- But to my knowledge, this has only been done once on FR, and IMS, it resulted in a suspension of the texan involved.
34
posted on
05/10/2004 1:56:09 PM PDT
by
tpaine
(In their arrogance, a few infinitely shrewd imbeciles attempt to lay down the 'law' for all of us.)
To: tpaine
"As I commented at #29, there are valid uses to such posting info."Your example is valid if you know the identity of the poster, where he works, etc.
On FR the information is, as I said, useless.
To: John Robinson
I personally think apples, sabertooth tigers, snakes, and whatnot decorating posts are distracting. Ditto.
I'm thinking about opening a "header" and "footer" HTML area that will automatically bracket all posts with these personal decorations. (Some people like them, and they do add character to a post.) I would then provide a configuration option to allow others to disable this added fluff.
I'm for that, bigtime..
Play nice. Be happy.
Ahh, but its hard to be happy if you gotta play nice all the time.
When are you going to put in a bozo feature for all the Pollyanna's, John? -- They could filter out everyone/anything 'unpleasant', and leave the rest of us to our fun.
36
posted on
05/10/2004 2:12:20 PM PDT
by
tpaine
(In their arrogance, a few infinitely shrewd imbeciles attempt to lay down the 'law' for all of us.)
To: John Robinson
I personally think apples, sabertooth tigers, snakes, and whatnot decorating posts are distracting. I'm thinking about opening a "header" and "footer" HTML area that will automatically bracket all posts with these personal decorations. (Some people like them, and they do add character to a post.) I would then provide a configuration option to allow others to disable this added fluff. I like this idea.
To: robertpaulsen
Which proves my point, not yours..
38
posted on
05/10/2004 2:15:17 PM PDT
by
tpaine
(In their arrogance, a few infinitely shrewd imbeciles attempt to lay down the 'law' for all of us.)
To: John Robinson
I personally think apples, sabertooth tigers, snakes, and whatnot decorating posts are distracting. I'm thinking about opening a "header" and "footer" HTML area that will automatically bracket all posts with these personal decorations. (Some people like them, and they do add character to a post.) I would then provide a configuration option to allow others to disable this added fluff. Personally, I think that you have given room for a signature, and a place for a profile, and that that allows enough room for creativity and expression. If I want to see someone's creative side, I'll check their profile.
Additionally, I don't understand why anyone feels the need to place their nick at the end of their post, since that is automatically put on the post.
39
posted on
05/10/2004 3:06:43 PM PDT
by
sharktrager
(The greatest strength of our Republic is that the people get the government they deserve.)
To: William Terrell
Doesn't Cinfla claim to have a program that does the same thing, only better, and pre-dates yours?
40
posted on
05/10/2004 3:11:42 PM PDT
by
tacticalogic
(Controlled application of force is the sincerest form of communication.)
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-60, 61-80 ... 101-104 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson