The Inquirer-Home

Sneaky online tracking used by major websites is exposed

Cookie blocking, Do Not Track and private browsing are circumvented
Mon Aug 01 2011, 18:24

ONLINE TRACKING OUTFIT Kissmetrics has been exposed by researchers for using surrepticious techniques to track users without their knowledge and even against their wishes.

Researchers at UC Berkeley found that Kissmetrics, a sort of Google Analytics on crack, uses sneaky methods to track users from one website to another, violating any user disablement of cookies, use of the 'Do Not Track' features of web browsers, or use of a 'private browsing' mode. According to the researchers, who took apart the tracking code used by the online video streaming website Hulu, the only way to avoid persistent tracking is to clear the web browser's cache between visits.

Kissmetrics confirmed to Wired that the research findings were valid, meaning that it was using Etags, something that until now was only thought of as a theoretical way of tracking users. The researchers sent a snippet of a cookie to Wired that shows a cookie using the same identifier between Kissmetrics.com, Hulu.com and Spotify.com. This essentially allows these three sites to share information without the user's knowledge.

Hulu told Wired that it had severed links with Kissmetrics. Hitten Shah, founder of Kissmetrics said, "We don't do it for malicious reasons. We don't do it for tracking people across the web [...] I would be having lawyers talk to you if we were doing anything malicious."

However Shah's answer isn't being accepted by Ashkan Soltani, one of the authors of the paper, who told Wired, "Both the Hulu and KISSmetrics code is pretty enlightening [...] these services are using practically every known method to circumvent user attempts to protect their privacy (Cookies, Flash Cookies, HTML5, CSS, Cache Cookies/Etags...) creating a perpetual game of privacy 'whack-a-mole'."

The issue here is not tracking users per se, as many outfits including firms such as Facebook, Google and Microsoft already do that, but the stark fact that users cannot opt out of Kissmetrics' tracking methods. Shah's claims that Kissmetrics doesn't go to any such lengths in order to track people are highly questionable.

As the report clearly states, firms such as Kissmetrics employ elaborate methods in order to get around those users who take the time to tweak privacy settings in the first place. It is sad, yet with tracking users being such a profitable source of information, we will be surprised if that is all Kissmetrics is used for. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Blackberry completes restructuring process

Do you think Blackberry can bounce back to growth?