Google is to restrict web pages from loading 3rd party profiling cookies when accessed via its Chrome browser. Many large websites, eg major newspapers make a call to hundreds of 3rd part profilers to allow them to build up a profile of people's browsing
history, which then facilitates personalised advertising.
Now Google has said that it will block these third-party cookies within the next two years.
Tracking cookies are very much in the sights of the EU who are trying to put an end to the
exploitative practise. However the EU is not willing to actually ban such practises, but instead has invented a silly game about websites obtaining consent for tracking cookies.
The issue is of course that a lot of 'free' access websites are
funded by advertising and rely on the revenue from the targeted advertising. I have read estimates that if websites were to drop personalised ads, and fall back on contextual advertising (eg advertising cars on motoring pages), then they would lose about
a third of their income. Surely a fall that magnitude would lead to many bankrupt or unviable websites.
Now the final position of the EU's cookie consent game is that a website would have to present two easy options before allowing access to a
Do you want to allow tracking cookies to build up a database of your browsing history
Do you NOT want to allow tracking cookies to build up a database of your browsing history
The simple outcome will be that virtually no one will opt for tracking, so the website will lose a third of its income. So it is rather unsurprising that websites would rather avoid offering such an easy option that would deprive them of so much of
In reality the notion of consent it not practical. It would be more honest to think of the use of tracking cookies as a price for 'free' access to a website.
Perhaps when the dust has settled, a more honest and practical
endgame would bea choice more like:
Do you want to allow tracking cookies to build up a database of your browsing history in return for 'free' access
Do you want to pay a fee to enable access to the website without tracking cookies
Sorry you may not access this
The EU has been complaining about companies trying to avoid the revenue destroying official consent options. A study just published observes that nearly all cookie consent pop-ups are flouting EU privacy laws.
Researchers at the Massachusetts
Despite EU privacy laws stating that consent for cookies must be informed, specific and freely given, the research suggests that only 12% of the sites met the minimal requirements of GDPR (General Data Protection Regulation) law. Instead
they were found to blanket data consent options in complicated site design, such as:
pre-ticked boxes burying decline buttons on later pages multiple clicks tracking users before consent and after pressing reject
Just over half the sites studied did not have rejecting all tracking as an option.
Of the sites which
did, only 13% made it accessible through the same or fewer clicks as the option to accept all.
The researchers estimate it would take, on average, more than half an hour to read through what the third-party companies are doing with your data, and even longer to read all their privacy policies. It's a joke and there's no actual way you could do
this realistically, said Dr Veale.
The UK ISP BT has become the first of the major broadband providers to trial their own DNS over HTTPS resolver, which encrypts Domain Name System (DNS) requests.
This is response to Firefox offering its own choice of encrypted DNS resolver that would
effectively evade BT's current unencrypted DNS resolver which allows the UK government to monitor and log people's internet use, block websites that are considered 'harmful'; snitch people up to the police for politically incorrrect comments; and snitch
people up to copyright trolls over dodgy file sharing.
However BT's new service will allow people to continue using website blocking for parental control whilst being a lot safer from 3rd party snoopers on their networks.
BT have made the
following statement about its experimental new service:
BT are currently investigating roadmap options to uplift our broadband DNS platform to support improvements in DNS security -- DNSSEC, DNS over TLS (DoT) and DNS over
HTTPS (DoH). To aid this activity and in particular gain operation deployment insights, we have enabled an experimental DoH trial capability.
We are initially experimenting with an open resolver, but our plan is to move a closed
resolver only available to BT customers.
The BT DoH trial recursive resolver can be reached at https://doh.bt.com/dns-query/
The Chinese government has taken yet another step in strengthening its ability to track and scrutinize its citizens' activities by mandating new SIM card buyers to register their faces with the government.
The new rules, which China will
mandate cellphone companies with the responsibility of having customers scan their faces before buying a new SIM card or registering a new cellphone number at offline stores. The country's authorities already require users to link their national IDs to
their cellphone numbers, but these latest regulations would incorporate the use of biometric authentication and artificial intelligence into its overarching surveillance regime.
No doubt the authorities have got some really nasty ideas lined up
for the control of citizens using facial recognition technology. And no doubt they will selling these to teh est very shortly.
Smart TVs are called that because they connect to the Internet. They allow you to use popular streaming services and apps. Many also have microphones for those of us who are too lazy to actually to pick up
the remote. Just shout at your set that you want to change the channel or turn up the volume and you are good to go.
A number of the newer TV's also have built-in cameras. In some cases, the cameras are used for facial recognition
so the TV knows who is watching and can suggest programming appropriately. There are also devices coming to market that allow you to video chat with grandma in 42" glory.
Beyond the risk that your TV manufacturer and app
developers may be listening and watching you, that television can also be a gateway for hackers to come into your home. A bad cyber actor may not be able to access your locked-down computer directly, but it is possible that your unsecured TV can give him
or her an easy way in the backdoor through your router.
Hackers can also take control of your unsecured TV. At the low end of the risk spectrum, they can change channels, play with the volume, and show your kids inappropriate
videos. In a worst-case scenario, they can turn on your bedroom TV's camera and microphone and silently cyberstalk you.
TVs and technology are a big part of our lives, and they aren't going away. So how can you protect your
Know exactly what features your TV has and how to control those features. Do a basic Internet search with your model number and the words "microphone," "camera," and "privacy."
Don't depend on the default security settings. Change passwords if you can -- and know how to turn off the microphones, cameras, and collection of personal information if possible. If you can't turn them off, consider whether you are
willing to take the risk of buying that model or using that service.
If you can't turn off a camera but want to, a simple piece of black tape over the camera eye is a back-to-basics option.
the manufacturer's ability to update your device with security patches. Can they do this? Have they done it in the past?
they collect, how they store that data, and what they do with it.
Windows will improve user privacy with DNS over HTTPS
Here in Windows Core Networking, we're interested in keeping your traffic as private as possible, as well as fast and reliable. While there are many ways we can and do approach
user privacy on the wire, today we'd like to talk about encrypted DNS. Why? Basically, because supporting encrypted DNS queries in Windows will close one of the last remaining plain-text domain name transmissions in common web traffic.
Providing encrypted DNS support without breaking existing Windows device admin configuration won't be easy. However, at Microsoft we believe that
"we have to treat privacy as a human right. We have to have end-to-end cybersecurity built into technology."
We also believe Windows adoption of encrypted DNS will help make the overall Internet ecosystem healthier.
There is an assumption by many that DNS encryption requires DNS centralization. This is only true if encrypted DNS adoption isn't universal. To keep the DNS decentralized, it will be important for client operating systems (such as Windows) and Internet
service providers alike to widely adopt encrypted DNS .
decision made to build support for encrypted DNS, the next step is to figure out what kind of DNS encryption Windows will support and how it will be configured. Here are our team's guiding principles on making those decisions:
Windows DNS needs to be as private and functional as possible by default without the need for user or admin configuration because Windows DNS traffic represents a snapshot of the user's browsing history. To Windows users,
this means their experience will be made as private as possible by Windows out of the box. For Microsoft, this means we will look for opportunities to encrypt Windows DNS traffic without changing the configured DNS resolvers set by users and system
Privacy-minded Windows users and administrators need to be guided to DNS settings even if they don't know what DNS is yet. Many users are interested in controlling their privacy and go looking for
privacy-centric settings such as app permissions to camera and location but may not be aware of or know about DNS settings or understand why they matter and may not look for them in the device settings.
Windows users and
administrators need to be able to improve their DNS configuration with as few simple actions as possible. We must ensure we don't require specialized knowledge or effort on the part of Windows users to benefit from encrypted DNS. Enterprise policies
and UI actions alike should be something you only have to do once rather than need to maintain.
Windows users and administrators need to explicitly allow fallback from encrypted DNS once configured. Once Windows has
been configured to use encrypted DNS, if it gets no other instructions from Windows users or administrators, it should assume falling back to unencrypted DNS is forbidden.
Based on these principles, we are making plans to adopt DNS over HTTPS (or DoH) in the Windows DNS client. As a platform, Windows Core Networking seeks
to enable users to use whatever protocols they need, so we're open to having other options such as DNS over TLS (DoT) in the future. For now, we're prioritizing DoH support as the most likely to provide immediate value to everyone. For example, DoH
allows us to reuse our existing HTTPS infrastructure.
Why announce our intentions in advance of DoH being available to Windows Insiders? With encrypted DNS gaining more attention, we felt it was
important to make our intentions clear as early as possible. We don't want our customers wondering if their trusted platform will adopt modern privacy standards or not.