Printed from http://www.electronista.com

Google, others said bypassing Safari cookie guards [U]

updated 11:55 pm EST, Thu February 16, 2012

Google alleged in Safari privacy circumvention

(Update: Google's full response) Google in a report Thursday night was accused of circumventing the cookie privacy settings in Apple's desktop and mobile versions of Safari. Web ad code seen by Wall Street Journal advisor Ashkan Soltani allegedly bypassed blocks in Safari's settings on about a fifth of the top 100 websites. Google wasn't alone as Media Innovation Group, PointRoll, and Vibrant Media were also using the strategy, but Google through its size and status was the most significant.

The method faked sending a web form that would get around the block. Ironically, Google's own advice on Safari privacy settings wouldn't necessarily eliminate its own tracking. The method possibly left a hole open for the "vast majority" of websites to insert cookies that wasn't available otherwise.

Google in a response claimed that the newspaper "mischaracterizes" the activity and was supplying cookies for Google users who had signed in, at their request. It didn't collect personal information, Google said. However, the firm didn't explain why code triggering the behavior was disabled shortly after the company was contacted, nor why verbiage guaranteeing privacy when using Safari's settings was removed.

The other providers either wouldn't comment or claimed not to have been aware of the activity.

Apple in a response has said it was "working to put a stop" to cookie workarounds in Safari, although it didn't say when a Safari update might come about.

While the actual damage to customers is likely to have been minimal, the very use of the fake form in question isn't likely to help Google's public image. The Mountain View company is already the subject of a widening FTC antitrust investigation and could be interpreted as ignoring visitors' privacy for the sake of inflating its ad performance. While it's likely that the trick was meant for the sake of Google sign-ins, as promised, the nature of its new Google+ service, Gmail, and others could make it difficult for most anyone to avoid the privacy issues while still trying to use a Google feature.

Update: Google has provided its full response. It argued that the desire to make sure users can give +1 votes to content inadvertently enabled the unwanted advertising cookies, which it had started pulling. The full statement is below.

"The Journal mischaracterizes what happened and why. We used known Safari functionality to provide features that signed-in Google users had enabled. It's important to stress that these advertising cookies do not collect personal information.

"Unlike other major browsers, Apple's Safari browser blocks third-party cookies by default. However, Safari enables many web features for its users that rely on third parties and third-party cookies, such as "Like" buttons. Last year, we began using this functionality to enable features for signed-in Google users on Safari who had opted to see personalized ads and other content--such as the ability to "+1" things that interest them.

"To enable these features, we created a temporary communication link between Safari browsers and Google's servers, so that we could ascertain whether Safari users were also signed into Google, and had opted for this type of personalization. But we designed this so that the information passing between the user's Safari browser and Google's servers was anonymous--effectively creating a barrier between their personal information and the web content they browse.

"However, the Safari browser contained functionality that then enabled other Google advertising cookies to be set on the browser. We didn't anticipate that this would happen, and we have now started removing these advertising cookies from Safari browsers. It's important to stress that, just as on other browsers, these advertising cookies do not collect personal information.

"Users of Internet Explorer, Firefox and Chrome were not affected. Nor were users of any browser (including Safari) who have opted out of our interest-based advertising program using Google's Ads Preferences Manager."



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. _Rick_V_

    Fresh-Faced Recruit

    Joined: Mar 2003

    +30

    What was that, Google?

    Oh, that's right, "do no evil"...

  1. Bobfozz

    Fresh-Faced Recruit

    Joined: Jul 2008

    +19

    Google really is becoming...

    the A------ of the internet!

  1. Gazoobee

    Forum Regular

    Joined: Feb 2009

    +2

    this is an explanation

    ... not an excuse. Even if you believe every word they say, they still fucked up. Personally, I tend to believe very little of what they say also.

  1. aaanorton

    Mac Elite

    Joined: Sep 2000

    +1

    Thank you Google

    A quick google for the phrase "Google’s Ads Preferences Manager" yielded this:
    www.google.com/ads/preferences

    Opted out once and for all.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    -2

    oooohhh

    And how does one opt out of Apple using your iOS information for iAds?

  1. Grendelmon

    Dedicated MacNNer

    Joined: Dec 2007

    +1

    Sounds to me like

    Google is getting desperate to compete against Spacebook. Or MyFace. Err whatever.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Patriot Supersonic Rage XT 128GB USB drive

USB thumb drives are getting larger by the day, their growth speeding along with the availability and expansion of memory chips. But h ...

Crucial MX100 256GB SATA-3 SSD

While the price-per-gigabyte ratio for magnetic platter-based hard drives can't be beat, the speed that a SSD brings to the table for ...

Narrative Clip

With the advent of social media technology, people have been searching for new ways to share the events of their daily lives -- be it ...

Sponsor

toggle

Most Commented

 
toggle

Popular News