Last Site Update: Sept 28-00
Lots of people sharing knowledge about privacy issues and the choices available to us to protect our privacy online is what this website is about. I've tried to present information fairly and accurately (I can't help but slip in a sarcastic remark here and there - or in TRUSTe's case, everywhere) so that each person can come to their own conclusions and make their own decisions about both the companies and the protections presented.
Personally, I hope that all who visit here will realize that third party advertising and vaguely worded Privacy Policies that can change at any moment are worse than useless, that information trustingly given to one company today may be secretly sold to ten others tomorrow, and that Opt-Out Cookies are unacceptable alternatives to user initiated Opt-In choices.
I hope all will choose to take active rather than reactive control of their online experiences and stop the spies, lies, information thievery, and profiling by whatever legal means possible. Knowledge is power and what the heck... (jingling my love beads)... Power to the people (Right on)!
jane (aka "small fish" on the grc newsgroups)
Server URLs Needed! Server information is needed to create a Block List for IPs and extended URLs. Examples: http://207.218.316.23/pic.jpg or http://www.someplace.com/xyz/pic.jpg
See Proxomitron: URL Kill Filtering And Hosts for more info. Please send these types of servers to Willem at: mailto:firstname.lastname@example.org. Thanks!
Join in on the GRC Newsgroups Discussions! grc.com/discussions.htm. Steve Gibson's "Discussions" page explains the what, where, and how.
What's Been Going On: News & Noteworthy
As of Sept 05, 2000 I will no longer link to stories on MSNBC.com due to use of GUIDs and cross-domain tracking from msid.msn.com.
Sept 26, 2000 - New MSN feature encourages spamming friends news.cnet.com
"The latest test version of Microsoft's MSN Explorer is setting off sparks over a feature that converts MSN email accounts to Hotmail, as well as over an accompanying spam-like missive that encourages customers to send an advertisement-laden email to friends and colleagues. Representatives from Microsoft said the optional mailing notice is not spam. "It's an opt-in feature," a representative said. "If (consumers) do choose to download Preview 2...they will also be choosing to move to Hotmail and lose POP3 email," or email on a local server, Microsoft said in a statement." What's really scary are the follow-up remarks by readers. Clueless. Sigh. (link courtesy of "Andreas")
Sept 26, 2000 - IE 5.5 hole lets hackers into personal records news.cnet.com
"Georgi Guninski, of Bulgaria, published his advisory of the exploit today, warning Web surfers using Microsoft's recently released Internet Explorer 5.5 that they are at risk. Malicious programmers who set up booby-trap Web sites to lure unwitting surfers can break into someone's computer records - including cookies, or digital tags that reveal valuable information about a person - using Microsoft's ActiveX technology, which manages the sending and receiving of files. "The attacker may steal every file to which the user has access and send it to an arbitrary server," Guninski wrote in an email." (link courtesy of "Kevin McA.")
Sept 26, 2000 - Software tracks Web habits, click by click news.cnet.com
"As the online advertising industry prepares a torrent of new technology to keep personal information under wraps, one company is swimming upstream with software aimed at learning about consumers with every click they make. Predictive Networks, a start-up based in Cambridge, Mass., is using artificial intelligence to map out the kind of person a consumer is and the kinds of ads he or she might want to see." (link courtesy of "The WebFairy")
Sept 25, 2000 - Online marketers propose privacy standards news.cnet.com
"Mindful that growing worries about privacy on the Internet may stall the growth of the online marketing industry, a coalition of Web advertising companies today released privacy protection standards intended to control the proliferation of unwanted bulk email, known as spam. As previously reported, the Responsible Electronic Communications Alliance (RECA) comprises 16 online marketers including industry leaders DoubleClick, 24/7 Media and CMGI's Yesmail.com. The Web marketing industry is hoping to set standards to regulate itself rather than being told by outside regulators what standards to adopt." Oh, this is helpful. Another "self-policing" coalition of marketing and advertising groups. Yawn.
Sept 14, 2000 - Web site violated law by giving out personal information to third parties after stating it would not www.ago.state.mo.us
"Missouri Attorney General Jay Nixon on Wednesday sued an Internet business that Nixon said was giving personal information about consumers to third parties after telling consumers it would not do so. Nixon filed the lawsuit in Greene County Circuit Court against More.com Inc., a business which sells health care and nutrition products on its Web site. Nixon added that More.com also is deceiving consumers visiting its site by not informing them that the More.com Web site contains "web bugs."" (link courtesy of "William M.")
Sept 14, 2000 - Microsoft quietly shadows Web surfers across MSN sites (persistence issue) news.cnet.com
"In response to an advisory posted by PCHelp, a Washington state Internet technology consultancy, Microsoft said it redirects its various Web properties' visitors to a single server that assigns them a unique identifier. Microsoft last month patched its Internet Explorer browser to give people more information about and control over the types of cookies Web sites were attempting to place on their computers. The complaint that spurred that repair had to do with third-party cookies that worked across different domains. Microsoft confirmed that the IE patch does not detect its own cross-domain cookies, so visitors are not warned when the cookies are placed." (link courtesy of "pchelp")
Sept 13, 2000 - Privacy advocates write Web bug rules news.cnet.com
"A privacy group today issued a new set of industry guidelines to regulate the use of invisible technology that keeps tabs on Web site visitors. The Privacy Foundation, a nonprofit privacy group based in Denver, is proposing that Internet advertising companies and Web sites disclose the use of "Web bugs" wherever they are found online. Web bugs, or clear GIFs, are tiny images embedded in a Web page or HTML-enhanced email that transmit information to a remote computer when the page is viewed. The Privacy Foundation is presenting its guidelines today at the Global Privacy Summit in Washington, D.C." (link courtesy of "William M.")
Sept 11, 2000 - IE feature can track Web surfers without warning (persistence issue) news.cnet.com
"People surfing the Web incognito may want to think twice before using Internet Explorer. The feature in IE 5 and above, referred to by Microsoft as "persistence," is designed to let Web pages remember information, such as search queries, entered by visitors. "If you disable cookies and there's something that works just like them, what are you supposed to do?" said Richard Smith, chief technology officer of the Privacy Foundation. " In the meantime, IE users can turn off the browser's scripting capabilities, on which IE persistence depends." (link courtesy of "fenix") For additional information on "persistence" in IE, see Posible privacy problem in Explorer by Guille (link courtesy of "reader")
Sept 11, 2000 - Consumers care less about Web privacy www.zdnet.com
Sept 08, 2000 - E-mail glitch found in MSN Explorer beta version www.idg.net
"A glitch in the beta version of the new MSN Explorer software doesn't allow users to revert to the older version once they have downloaded the new software. User groups are flooded with discussion - and many complaints - about the new MSN Explorer. Its similarity to America Online has put off some MSN users, who don't like the graphics and the inability to access their e-mail through Post Office Protocol 3 (POP3) software like Microsoft Corp.'s own Outlook." I'd be worried about more than that if I was using MSN (not if it was the last ISP on earth). See pchelp's "MSN Cookie Data Crosses Domains And, MSN GUIDs Are Accessible to Anyone" on the Cookies page. (link courtesy of Mike at Voice of The Public)
Sept 08, 2000 - A kinder, gentler Carnivore? www.zdnet.com
"In an effort to polish the image of the FBI's controversial e-mail monitoring system, Carnivore, Attorney General Janet Reno said today that the FBI will change the program's name. Reno also said that an independent review of Carnivore is going forward, in an effort to reassure a skeptical Congress and civil liberties groups that the program doesn't infringe on the privacy rights of citizens." It didn't work for Radiate. (link courtesy of Mike at Voice of The Public)
Sept 07, 2000 - Bills would protect against Net surveillance www.usatoday.com
"Shocked at how simple it is for law enforcement to get court permission to see the telephone numbers people dial, legislators Wednesday discussed new bills aimed at tightening surveillance laws and put final touches on a plan to address workplace privacy. The proposed wiretap bill would make it more difficult for prosecutors to obtain court permission to monitor the telephone numbers dialed by a suspect." (link courtesy of "Randy W.")
Sept 07, 2000 - Amazon e-mail glitch found www.infoworld.com
"Associates customer Dave English said that when he logged into Amazon.com's Associates' page last week, he discovered that Amazon accidentally exposed other users' e-mail addresses to him. Although English notified Amazon.com about the problem on Aug. 31 -- he provided Computerworld with an Aug. 31 reply e-mail from Amazon.com saying the company was investigating the matter -- he said he was still able to access other users' e-mail addresses Thursday. [...] Rich D'Amico, business development manager for Ikea North America, said that at about 8 p.m. Sunday night, someone broke into the company's catalog database file, which contains the names, addresses, and telephone numbers of people requesting catalogs, and downloaded the file." (link courtesy of Mike at Voice of The Public)
Sept 07, 2000 - Microsoft says it has settled e-mail lawsuit with Harris www.mercurycenter.com
"Microsoft Corp. said Thursday it had settled a lawsuit filed against it by Harris Interactive Inc., promising to let the online market research firm reach users of its Hotmail e-mail service. Harris said MAPS had unfairly added it to its "Realtime Blackhole List," a register of 3,000 companies and groups that allegedly sent out unsolicited mass e-mails, commonly called "spam," and thus blocked Harris from reaching users." (link courtesy of Mike at Voice of The Public)
Sept 07, 2000 - AmEx unveils "disposable" credit card numbers news.cnet.com
"Cardholders using the disposable credit card option will be able to log on to a secure Web site and receive a one-time-use credit card number to make purchases over the Internet. The company also announced a program called "Private Browsing" in partnership with Privada, a California-based privacy services company. The service, to be launched in November, will allow customers to "set the meter" on how much information is collected about them while browsing the Web or allow them to surf incognito." (link courtesy of Mike at Voice of The Public)
Sept 07, 2000 - Carnivore to Continue Munching www.wired.com
"The FBI said its Carnivore system will continue to munch on intercepted communications while an outside review is taking place. Some House legislators suggested Wednesday that the government should suspend use of the Internet surveillance tool, but the Department of Justice refused." (link courtesy of Mike at Voice of The Public)
Sept 04, 2000 - Netizen Fears Hackers Will Steal His VISA Card No. 8099 0788 341 9800 EXP. 12/01 www.satirewire.com
"New Privacy Study Reveals Consumer Concerns, Addresses, Phone Numbers." This satire of the PEW Internet Project Survey (see Aug 20th news stories) provides a much needed laugh! (link courtesy of "C.G.")
Sept 04, 2000 - UK Government "tags" citizens www.zdnet.com
"...under the newly introduced RIP Act, police will be given powers to routinely monitor the movements of mobile phone users with a minimum of accountability. The superintendent will [...] have the power to order the use of positioning technology to locate an individual using his/her mobile phone as a tracking device. The next generation of European phone technology GPRS (General Packet Radio Service) and UMTS (Universal Mobile Telecommunications System) will have position capabilities as standard. Similar capabilities are to be phased into existing American mobile phone standards in accordance with recent legislation pushed through congress by the FCC." (link courtesy of Mike at Voice of The Public)
Sept 02, 2000 - Is Eudora Snooping on You? www.pcworld.com
"The popular mail client sends information to its servers when you're online. It may not identify you. But shouldn't you know about it?" (link courtesy of "Don E.")
Sept 01, 2000 - Old Internet Explorer Plus New Hotmail Equals Big Vulnerability www.zdnet.com
"By enticing a Hotmail customer running Internet Explorer 4.x or 5.0 into clicking on a carefully constructed link, the unwary victim would be tricked into abdicating crucial cookie information that would allow the hacker to gain access to the Hotmail account." Fix: IE 5.01 Service Pack 1 or IE 5.5. Older Netscape versions, also likely to have this vulnerability, can be updated to Netscape 4.75. Also see Richard M. Smith's advisory from July 10 on data spills: Hotmail gives away users' Email addresses www.privacyfoundation.org/advisories/advHotmail.html.
Sept 01, 2000 - Amazon clarifies customer info policy www.zdnet.com
< Visit the Archives for past news stories >
Unobfuscated links to news stories have been shortened for page sanity. Please send links to world-wide news stories & related privacy articles to email@example.com. Credit appreciatively given.
Please refresh or reload pages to make sure you have the latest versions.