Printed from http://www.electronista.com

Microsoft alleges Google dodged IE privacy settings too

updated 05:00 pm EST, Mon February 20, 2012

Microsoft tries to press Google on privacy tricks

Microsoft's Corporate VP for Internet Explorer, Dean Hachamovitch, made allegations Monday that Google was bypassing Internet Explorer's privacy settings, not just Safari's measures. After checks, he claimed that Google's cookie text files, meant to allow +1 actions for those who were signed into Google, were skirting the P3P Privacy Protection standard as it was implemented in Internet Explorer 9. The technique supposedly made IE9 take third-party cookies that it would block by default while keeping the action a secret.

To honor P3P, Google was supposed to send a set of policy tokens indicating how the cookie's information would be shared. Google was supposedly exploiting a P3P clause that skipped users' preferences if the policies weren't defined. Any browser that used P3P interpreted the message that the token was "not a P3P policy" as a sign to allow the cookie, letting Google have its intended +1 effect but also possibly allowing third-party ads despite the usual blocking settings.

The executive implied this wasn't just a casual trick, since Google would have had to use "technically skilled" staff with "special tools" to see the P3P descriptions.

Microsoft had developed a cookie blocking list update for IE9 (link only working inside the post) as "protection" from the cookies and suggested that those concerned could implement a complete block of all Google cookies, although this would break all account-based Google activity. Hachamovitch wasn't clear on whether it would change its own software to prevent what Google allegedly did outright, but he implied that Microsoft was considering taking a recommendation from P3P founders that the spec be changed such that undefined tokens be rejected outright, not let through.

Google hadn't responded to the new accusations as of Monday afternoon.

The claims if borne out would point to Google using multiple browser-specific tricks to push the +1 allowance regardless of a visitor's browser choice or their security settings. Google has already said that the cookies weren't intended for any other purpose, although at least the Safari implementation allowed multiple third-party advertisers.

Some skepticism has emerged over Hachamovitch's post given Microsoft's tendency to exaggerate Google's privacy position for the sake of its own search market share. While more technically sound, the reaction is still based around getting users to drop all their Google services rather than arguing for a measured reaction.



By Electronista Staff
toggle

Comments

  1. Bobfozz

    Fresh-Faced Recruit

    Joined: Jul 2008

    +11

    Can't trust Google anymore...

    I have no particular fondness for MS, but this Google behavior is getting tiresome.

  1. Arne_Saknussemm

    Forum Regular

    Joined: Apr 2011

    +8

    ANY

    Big company cannot be trusted fully.

  1. nowwhatareyoulookingat

    Fresh-Faced Recruit

    Joined: Jul 2009

    +1

    Kinda bogus

    It turns out that Microsoft itself [ie, live.com and msn.com] do EXACTLY the same thing that Microsoft is accusing Google of doing, for exactly the same reason. Microsoft even RECOMMENDS doing it to work around 'an IE 9 bug'.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Tablo DVR

With over-the-top content options growing past Hulu and Netflix, consumers may be finding it harder to justify paying a monthly fee fo ...

Sound Blaster Roar Bluetooth speaker

There could very well be a new king of the hill for Bluetooth speakers, with Sound Blaster's recent entry into the marketplace. Bringi ...

Kenu Airframe Plus

Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this y ...

Sponsor

toggle

Most Commented

 
toggle

Popular News