Protecting Your Privacy in Safari for iOS

[Sill]

Visitors should be able to log into any website without the need to store cookies. Websites that demand cookies storage in those cases are totally corrupt and in desperate need of a recode.

To me, cookies seem to be completely unnecessary for any behavior outside of logging in to a membership site, such as this forum, and I'm perplexed with and dismayed by any site that requires cookies for casual browsing, Forbes is a good example. The big revamp of Apple's site a few months back, when they went from a static page to the scrolling live pages, now requires cookies to be turned on or generally Safari won't display the page properly. For instance, the the frame on the home page with the slideshow that displays the iPhone, Watch, MBP, etc, now shows as one pic with all the frame captions overlaid on each other. Its such a mess - it looks like some kids were playing a game of Barrel Of Monkeys on top of some ad proofs and gave up halfway through.

In-depth searching shouldn't require any cookies either, unless you're searching member content, again like our forum here. I've dealt with e-shopping sites that used javascript instead of cookies. Every time I went to a new item or category, the site would simply append more code to the end of the URL. No tracking to worry about; after you're done with the site simply clear history and forget it.

Since I mentioned membership sites like forums, another thing that bothers me are sites that require me to leave cookie acceptance active in order to keep using the site. For forum use I have the browser set to accept first party cookies, I login, then I turn the acceptance back to 'never'. The cookie is available for credentialing, but no new info can be added. But sites like cracked.com won't display article pictures unless cookie acceptance is left active. At the least thats poor coding, at worst its an attempt to ensure they can track every iota of your browsing habits.

Apple itself has contributed mightily to our inability to avoid tracking, despite Cook's speeches about how vigorously they defend user privacy. A few versions ago, Safari displayed cookies by item - going to the cookie controls showed what each site placed on my machine whether it was a regular cookie or a tracker - and allowed me to delete individual pieces as I wished. That way I could sign in to a site, turn off the cookie acceptance, and then delete all those vile _utm trackers from Google. Now, cookies are displayed by site and gathered under single name. I have Ghostery installed so it should be stopping those _utm's but is it really?

 

[LV426]

Until law-makers grow a pair, enabling Do Not Track is simply an exercise in futility. Trackers do their damnedest to keep tabs on users, and just ignore this option. Every time I open a web page in Safari, it sends a snippet of data along with the request saying Do Not Track. Does that stop any website tracking me? No, of course not.

We need legislation so that website must obey this option on penalty of stiff fines. But big business and the advertising industry have deep pockets, and money talks when it comes to defending vested interests.

 

[SteveW928]

Corrupt because cookies are not actually needed to login but instead are used to force the tracking of users.

Well, yea, to *log in*... but do do anything useful beyond that (which could be 100% for the convenience of the user), they are.

 

[smacrumon]

Well, yea, to *log in*... but do do anything useful beyond that (which could be 100% for the convenience of the user), they are.

Not really if the site is designed well and not interested in gleaning user information.

 

[SteveW928]

Not really if the site is designed well and not interested in gleaning user information.

Use of cookies and gleaning user info are independent. A truck could be used to run someone over, but that doesn't mean trucks are bad devices used to run people over.

 

[smacrumon]

Use of cookies and gleaning user info are independent. A truck could be used to run someone over, but that doesn't mean trucks are bad devices used to run people over.

One of those analogies, huh. Hmmm.

 

[SteveW928]

One of those analogies, huh. Hmmm.

OK, if you don't like analogies, then it's a combo of the genetic and slippery slope fallacy.
(Kind of like your gun death one in your links.)

 

[Sill]

Until law-makers grow a pair, enabling Do Not Track is simply an exercise in futility. Trackers do their damnedest to keep tabs on users, and just ignore this option. Every time I open a web page in Safari, it sends a snippet of data along with the request saying Do Not Track. Does that stop any website tracking me? No, of course not.

We need legislation so that website must obey this option on penalty of stiff fines. But big business and the advertising industry have deep pockets, and money talks when it comes to defending vested interests.

I don't think thats the way to go. Every time there is more regulation, the inevitable result is that some businesses are damaged, some consumers are hurt, and exceptions are made for politically favored groups. Then the government comes back with "if only we had more money/power/control..." and once again someone steps up with "there oughta be a law!" and the process starts over.

Prior to Google, remember how messed up search was? Excite, Atavista, Webcrawler, etc. Imagine if the feds decided to step in and say "we'll take care of search!" What would search have been like if it was brought to you by the same people who brought us the VA and the public school system, instead of the guys who started Google? Larry Page and Sergey Brin realized they could do a search superior to anything available at the time, and then give it away AND profit from it. Needs drives innovation.
I think the best thing to do is create enough of a noise about the tracking thing that someone or some group comes up with a solution that they can turn into a business, not get the feds involved in it.

 

[SteveW928]

I don't think thats the way to go. Every time there is more regulation, the inevitable result is that some businesses are damaged, some consumers are hurt, and exceptions are made for politically favored groups. Then the government comes back with "if only we had more money/power/control..." and once again someone steps up with "there oughta be a law!" and the process starts over.

Prior to Google, remember how messed up search was? Excite, Atavista, Webcrawler, etc. Imagine if the feds decided to step in and say "we'll take care of search!" What would search have been like if it was brought to you by the same people who brought us the VA and the public school system, instead of the guys who started Google? Larry Page and Sergey Brin realized they could do a search superior to anything available at the time, and then give it away AND profit from it. Needs drives innovation.
I think the best thing to do is create enough of a noise about the tracking thing that someone or some group comes up with a solution that they can turn into a business, not get the feds involved in it.

There needs to be enough regulation to protect people from real harm and the worst of human nature, but it's a really fine line. A nanny-state is even worse.... and then there's Nineteen Eighty-Four. It seems we can't keep from falling into either ditch anymore.

 

[Sasparilla]

I do wish Apple would relax their restrictions for browsers (maybe certify them before release) - so we could have the option for the Tor Browser (based on Firefox but configured for privacy and uses the Tor network to enhance the user's privacy even further)...this would actually be right up Apple's privacy alley if they'd get over their restriction from early on.

 

[LV426]

There needs to be enough regulation to protect people from real harm and the worst of human nature, but it's a really fine line. A nanny-state is even worse.... and then there's Nineteen Eighty-Four. It seems we can't keep from falling into either ditch anymore.

Electronic stalking of individuals by corporations is an invasion of privacy. There's no fine line about it. It's not a nanny-state that enforces the freedom to maintain privacy. The Thought Police in 1984 were agents of the state. The Thought Collectors in 2016 are massively powerful private corporations.

 

[Sill]

There needs to be enough regulation to protect people from real harm and the worst of human nature, but it's a really fine line. A nanny-state is even worse.... and then there's Nineteen Eighty-Four. It seems we can't keep from falling into either ditch anymore.

You're quite right. Government in its purest form was supposed to eliminate barriers to - and protect the pursuit of - life, liberty and happiness. It hasn't been that way for quite a few years. I think the problem is crony capitalism, as opposed to pure capitalism. Big money and big government have grown up side by side. One uses the other's power and they hand favors back and forth.
[doublepost=1469882376][/doublepost]

Electronic stalking of individuals by corporations is an invasion of privacy. There's no fine line about it.

You'd think so, as the state hates competition. However, people seem to think that privacy lost is the price of using internet services, and the government does nothing to discourage this. Perhaps its because they then claim a "need" to have access to that information. Its freely provided by the individual, so no warrant is needed. Its transmitted across state lines, using federally-regulated communication methods, so no warrant is needed. If any questions arise, a rubber stamp appears and grants jurisdiction and freedom from meaningful public backlash.

It's not a nanny-state that enforces the freedom to maintain privacy. The Thought Police in 1984 were agents of the state. The Thought Collectors in 2016 are massively powerful private corporations.

And, as I mention above.... not much difference. Does it matter if the government does the collecting, or if "private" corporations do it and then hand it over to the government?
[doublepost=1469882478][/doublepost]

I do wish Apple would relax their restrictions for browsers (maybe certify them before release) - so we could have the option for the Tor Browser (based on Firefox but configured for privacy and uses the Tor network to enhance the user's privacy even further)...this would actually be right up Apple's privacy alley if they'd get over their restriction from early on.

This is a good start. It would also place the blame and liability squarely on Apple's shoulders if any component of the privacy browser they certified turned out to be an information spigot.

 

[SteveW928]

... so we could have the option for the Tor Browser ...

Not necessarily: https://pando.com/2014/07/16/tor-spooks/

The Thought Police in 1984 were agents of the state. The Thought Collectors in 2016 are massively powerful private corporations.

Yes, and it's the State that I'm worried about. The corporations might be willing or unwilling accomplices, or even drive the corruption, I agree. But, I'm far more worried about the State taking my rights away than a corporation using data to sell me something.

But, my point is that the UN-nanny-state type cookie policy stuff doesn't accomplish anything but creating a hassle for legitimate cookie use.

 

[Sill]

Not necessarily: https://pando.com/2014/07/16/tor-spooks/

Well, thats just great. Thats just great. What are we going to do now, man? /CorporalHicksVoice

Thanks for posting that link. I had really hoped Tor was going to be a force for good, but in retrospect I should have seen it coming. Its just a natural progression of the analytics games the government plays to identify what they consider are "bad actors" (anyone who disagrees with the status quo). Daniel Suarez, a long time security specialist who also happens to write brilliant and very effective science fiction, described in his book Kill Decision just how it works.

When the feds want to identify a particular group they will "cast some stones in the pond" and see where the ripples go. They will plant a phony or distorted news story, or run a particular meme, or have a bot tweet out something mildly controversial. Then they will see how that item propagates. Those initial ripples can give away shadow social groupings, for instance. People that normally don't associate together in public are revealed by who passes along their tweets or postings. As the ripples develop further, data is produced that indicate how easy or complex the manipulation can be made. It finally approaches something like Asimov's psycho-history, in that the larger the number of people involved, the easier it is to anticipate where they're going. Or, as the case most likely is, how to direct that movement to produce the desired result - more control.

This is why I no longer trust large scale movements as they are energized by emotion and principal but directed by very powerful interests, either in the light or in the shadows. Its also why, despite all the claims of how wonderful the internet is and how it has done so much to liberate the dissemination of ideas, I consider it to be in some ways the heaviest of the chains laid on us.

 

[SteveW928]

Well, thats just great. Thats just great. What are we going to do now, man? /CorporalHicksVoice

Thanks for posting that link. I had really hoped Tor was going to be a force for good, but in retrospect I should have seen it coming. Its just a natural progression of the analytics games the government plays to identify what they consider are "bad actors" (anyone who disagrees with the status quo). Daniel Suarez, a long time security specialist who also happens to write brilliant and very effective science fiction, described in his book Kill Decision just how it works.

When the feds want to identify a particular group they will "cast some stones in the pond" and see where the ripples go. They will plant a phony or distorted news story, or run a particular meme, or have a bot tweet out something mildly controversial. Then they will see how that item propagates. Those initial ripples can give away shadow social groupings, for instance. People that normally don't associate together in public are revealed by who passes along their tweets or postings. As the ripples develop further, data is produced that indicate how easy or complex the manipulation can be made. It finally approaches something like Asimov's psycho-history, in that the larger the number of people involved, the easier it is to anticipate where they're going. Or, as the case most likely is, how to direct that movement to produce the desired result - more control.

This is why I no longer trust large scale movements as they are energized by emotion and principal but directed by very powerful interests, either in the light or in the shadows. Its also why, despite all the claims of how wonderful the internet is and how it has done so much to liberate the dissemination of ideas, I consider it to be in some ways the heaviest of the chains laid on us.

Sorry.

That said, once you realize that the US gov't is now one of the biggest, most sophisticated propaganda machines on the planet, you can start looking for little hints. Like, when all the media goes abuzz over some new privacy thing, that's probably the gov't trying to get everyone using it, thinking they are secure.

The one that has me a bit confused currently is Apple. Are they really fighting the gov't on this one, or is that just a cover for them secretly giving over what they can pull off and luring us all in.

Yes, the Internet has a bunch of upsides, as well as downsides. I guess that's like any technology I can think of, though.