flat assembler
Message board for the users of flat assembler.
 Home   FAQ   Search   Register 
 Profile   Log in to check your private messages   Log in 
flat assembler > Heap > Why we should always disable JS (and flash)

Goto page 1, 2, 3, 4, 5, 6, 7  Next
Author
Thread Post new topic Reply to topic
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 14794
Location: Lost in translation
Why we should always disable JS (and flash)
Researchers Expose Cunning Online Tracking Service That Can’t Be Dodged

http://www.wired.com/epicenter/2011/07/undeletable-cookie/

Quote:
So if a user came to Hulu.com from an ad on Facebook, and then later, using a different browser on the same computer, visited Hulu.com from Google, and then at some point signed up for the premium service, KISSmetrics would be able to tell Hulu all about that user’s path to purchase (without knowing who that person was). That tracking trail would remain in place even if a user deleted her cookies, due to code that stores the unique ID in places other than in a traditional cookie.

Without JS all the methods used completely fail.

Cookies can be controlled by you at will but only if you disable JS. Otherwise, expect to be tracked and to have information about you sold to the highest bidder.
Post 30 Jul 2011, 18:41
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 6519
Location: ˛                              ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣ Posts: 6699
even without JS, this kinda "global id giver sharing" will work...

as long as i can store something in your computer, by visit, pre-pend in your URL, loading simple small GIF ads with unique id got from global id giver, or just simple DIV calling to load some text.

it becomes possible by target the top 10 Alexa and put ads with global id, then wherever you go, they can trace us.

it is more evil when the ISP participate in such kinda campaign to trace everybody.

i would say, even no JS, you still can be traced.
Post 30 Jul 2011, 21:20
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 6519
Location: ˛                              ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣ Posts: 6699
those online banking, paypal, moneybookers would be the end-point that highly 99% accurate to reveal who this person who bear such id number travel from website A-Z.

very evil if those bank participates, but i guess, FBI, CIA will just force them to use such technology.
Post 30 Jul 2011, 21:24
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
some cookies will respawn after being deleted...they are called 'zombie cookies'
Post 30 Jul 2011, 22:37
View user's profile Send private message Reply with quote
xleelz



Joined: 12 Mar 2011
Posts: 86
Location: In Google Code Server... waiting for someone to download me

Quote:

'zombie cookies'


INTERNET ZOMBIES?!?!?! what is the world coming to???
Post 30 Jul 2011, 22:44
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
Post 31 Jul 2011, 01:04
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
And how to get rid of them :

http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html

Uncheck Allow 3rd party Flash content to store data on your PC
Post 31 Jul 2011, 01:10
View user's profile Send private message Reply with quote
Enko



Joined: 03 Apr 2007
Posts: 659
Location: Mar del Plata
Safe internet is like safe sex, you can try, but at some point, it will eventually get you.
Post 31 Jul 2011, 03:05
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 14794
Location: Lost in translation

sleepsleep wrote:
i would say, even no JS, you still can be traced.

Yes, with cookies. This is well known. But it is simple to delete or disable cookies as long as you are not running JS.

typedef wrote:
And how to get rid of them :

That is only for flash cookies. This problem goes deeper than that. Cookies can be respawned even without flash installed. But only if you have JS running.

JS is the key here. And with the upcoming HTML5 there are even more options for JS storing information about you in many different places.
Post 31 Jul 2011, 04:03
View user's profile Send private message Visit poster's website Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
@rev i was talking about zombie cookies only.

i think i'll start using lynx web browser or is it too late. i mean look at these sites taking so long just to load a damn JS file into the caching folder. even worse when you are on at&t's 22.5k bandwidth speed. what a joke...fuck at&t for ripping us off.

what's wrong with people?
Post 31 Jul 2011, 06:01
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
comcast is better.
anyways back on topic. i just needed to get my frustration off on something.
Post 31 Jul 2011, 06:05
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 6519
Location: ˛                              ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣ Posts: 6699

Quote:
Yes, with cookies. This is well
known. But it is simple to delete
or disable cookies as long as you
are not running JS.


it is easy to delete all, but most website just won't function if u delete or disable their cookies.

Forsure we can set rules on those sites that we usually visit, how bout those that we random visit while google for info.

I c no way we can disable tracking
Post 31 Jul 2011, 10:23
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 14794
Location: Lost in translation
Disable JS and flash. That gets rid of the nasty stuff

Disable third party cookies. Now you are 99% of the way there.

Clear your cookies each day or so. Now you are 99.9% done.

Forge your referer. 99.999% done.

Disable FRAMEs, IFRAMEs and external images. Now you are 99.9999% done.

If still worried then use proxies and make your browser ID string uniform. You're 100% done.

Did I miss something?


Last edited by revolution on 31 Jul 2011, 12:57; edited 1 time in total
Post 31 Jul 2011, 10:29
View user's profile Send private message Visit poster's website Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
yes!
sit back and enjoy the .GIF hardcore porn.


btw, if you go to adobe's flash application data folder, you'll find all the flash settings files for all the sites you visited that have flash on. and some sites have hidden flash too.

anyways...
Post 31 Jul 2011, 11:39
View user's profile Send private message Reply with quote
TmX



Joined: 02 Mar 2006
Posts: 781
Location: Jakarta, Indonesia
Disabling JS? Nowadays JS are even more widely used in web apps UI, like jQuery UI or YUI 3.

I can't imagine of that Very Happy
Post 31 Jul 2011, 12:34
View user's profile Send private message Reply with quote
MHajduk



Joined: 30 Mar 2006
Posts: 5861
Location: Poland
Without JS and Flash I would be like a deaf and blind, I can't imagine life without music and visual arts (Internet is a cheapest source of media these times).
Post 31 Jul 2011, 12:40
View user's profile Send private message Send e-mail Visit poster's website Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7111
Location: Slovakia
Oh yeah, "visual arts" and "media" are how the big brother bribes us into giving up our privacy Very Happy
Post 31 Jul 2011, 13:11
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
MHajduk



Joined: 30 Mar 2006
Posts: 5861
Location: Poland

vid wrote:
Oh yeah, "visual arts" and "media" are how the big brother bribes us into giving up our privacy Very Happy

Maybe "privacy" in the Internet and real life is only useful illusion? Razz
Post 31 Jul 2011, 13:21
View user's profile Send private message Send e-mail Visit poster's website Reply with quote
TmX



Joined: 02 Mar 2006
Posts: 781
Location: Jakarta, Indonesia

MHajduk wrote:
Without JS and Flash I would be like a deaf and blind, I can't imagine life without music and visual arts (Internet is a cheapest source of media these times).



anyway, I think Flash will be gradually superseded by HTML 5
Post 31 Jul 2011, 13:37
View user's profile Send private message Reply with quote
MHajduk



Joined: 30 Mar 2006
Posts: 5861
Location: Poland

TmX wrote:
anyway, I think Flash will be gradually superseded by HTML 5

Technologies and tools evolve over time but the purpose ("to entertain people") stays the same since the dawn of history. Wink
Post 31 Jul 2011, 13:41
View user's profile Send private message Send e-mail Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2, 3, 4, 5, 6, 7  Next

< Last Thread | Next Thread >

Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2005 phpBB Group.

Main index   Download   Documentation   Examples   Message board
Copyright © 2004-2016, Tomasz Grysztar.