Printed from http://www.electronista.com

Google, others said bypassing Safari cookie guards [U]

updated 11:55 pm EST, Thu February 16, 2012

Google alleged in Safari privacy circumvention

(Update: Google's full response) Google in a report Thursday night was accused of circumventing the cookie privacy settings in Apple's desktop and mobile versions of Safari. Web ad code seen by Wall Street Journal advisor Ashkan Soltani allegedly bypassed blocks in Safari's settings on about a fifth of the top 100 websites. Google wasn't alone as Media Innovation Group, PointRoll, and Vibrant Media were also using the strategy, but Google through its size and status was the most significant.

The method faked sending a web form that would get around the block. Ironically, Google's own advice on Safari privacy settings wouldn't necessarily eliminate its own tracking. The method possibly left a hole open for the "vast majority" of websites to insert cookies that wasn't available otherwise.

Google in a response claimed that the newspaper "mischaracterizes" the activity and was supplying cookies for Google users who had signed in, at their request. It didn't collect personal information, Google said. However, the firm didn't explain why code triggering the behavior was disabled shortly after the company was contacted, nor why verbiage guaranteeing privacy when using Safari's settings was removed.

The other providers either wouldn't comment or claimed not to have been aware of the activity.

Apple in a response has said it was "working to put a stop" to cookie workarounds in Safari, although it didn't say when a Safari update might come about.

While the actual damage to customers is likely to have been minimal, the very use of the fake form in question isn't likely to help Google's public image. The Mountain View company is already the subject of a widening FTC antitrust investigation and could be interpreted as ignoring visitors' privacy for the sake of inflating its ad performance. While it's likely that the trick was meant for the sake of Google sign-ins, as promised, the nature of its new Google+ service, Gmail, and others could make it difficult for most anyone to avoid the privacy issues while still trying to use a Google feature.

Update: Google has provided its full response. It argued that the desire to make sure users can give +1 votes to content inadvertently enabled the unwanted advertising cookies, which it had started pulling. The full statement is below.

"The Journal mischaracterizes what happened and why. We used known Safari functionality to provide features that signed-in Google users had enabled. It's important to stress that these advertising cookies do not collect personal information.

"Unlike other major browsers, Apple's Safari browser blocks third-party cookies by default. However, Safari enables many web features for its users that rely on third parties and third-party cookies, such as "Like" buttons. Last year, we began using this functionality to enable features for signed-in Google users on Safari who had opted to see personalized ads and other content--such as the ability to "+1" things that interest them.

"To enable these features, we created a temporary communication link between Safari browsers and Google's servers, so that we could ascertain whether Safari users were also signed into Google, and had opted for this type of personalization. But we designed this so that the information passing between the user's Safari browser and Google's servers was anonymous--effectively creating a barrier between their personal information and the web content they browse.

"However, the Safari browser contained functionality that then enabled other Google advertising cookies to be set on the browser. We didn't anticipate that this would happen, and we have now started removing these advertising cookies from Safari browsers. It's important to stress that, just as on other browsers, these advertising cookies do not collect personal information.

"Users of Internet Explorer, Firefox and Chrome were not affected. Nor were users of any browser (including Safari) who have opted out of our interest-based advertising program using Google's Ads Preferences Manager."



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. _Rick_V_

    Fresh-Faced Recruit

    Joined: Mar 2003

    +30

    What was that, Google?

    Oh, that's right, "do no evil"...

  1. Bobfozz

    Fresh-Faced Recruit

    Joined: Jul 2008

    +19

    Google really is becoming...

    the A------ of the internet!

  1. Gazoobee

    Forum Regular

    Joined: Feb 2009

    +2

    this is an explanation

    ... not an excuse. Even if you believe every word they say, they still fucked up. Personally, I tend to believe very little of what they say also.

  1. aaanorton

    Mac Elite

    Joined: Sep 2000

    +1

    Thank you Google

    A quick google for the phrase "Google’s Ads Preferences Manager" yielded this:
    www.google.com/ads/preferences

    Opted out once and for all.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    -2

    oooohhh

    And how does one opt out of Apple using your iOS information for iAds?

  1. Grendelmon

    Dedicated MacNNer

    Joined: Dec 2007

    +1

    Sounds to me like

    Google is getting desperate to compete against Spacebook. Or MyFace. Err whatever.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

SMS Audio Sync Sport on-ear headphones

When hitting the gym or going out for a trail run, headphones can cause a number of problems. From the ear buds getting slimy with swe ...

Adesso Xtream S3B Bluetooth speaker

Finding a speaker purpose-built for a specific need is challenging. Even when a Bluetooth speaker can be paired with a mobile device, ...

JBL Synchros E40BT headphones

For all the different configurations of headphones on the market, it's always a tough choice for buyers to get something that is just ...

Sponsor

toggle

Most Commented

 
toggle

Popular News