Mozilla Proposes 'Do Not Track' HTTP Header

MozTrack writes "The emergence of data mining by third party advertisers has caused a national debate from privacy experts, lawmakers and browser supporters. Mozilla's Firefox, a popular browser company, has proposed a new feature that will prevent people's personal information from getting mined and sold for advertising. The feature would allow users to set a browser preference that will broadcast their desire to opt-out of third party, advertising-based tracking. It would do this via a 'Do Not Track' HTTP header with every click or page view in Firefox."

"Mozilla's Firefox"

[supersloshy]

Mozilla's Firefox, a popular browser company

...Do I even need to say what is so wrong with this?

Eh, I will anyways:

• Mozilla is a non-profit organization (though they do have a subsidiary named Mozilla Corporation, the profits from that go directly to Mozilla Foundation)
• Firefox is a browser, not a browser company; they're thinking of Mozilla Corp/Foundation

Given how popular Google and Wikipedia are these days, mess-ups like this should have completely vanished by now.

Already exists?

[mukund]

Using Firefox + Adblock Plus + NoScript:

No. Time Source Destination Protocol Info
          27 3.918190 10.4.12.92 216.34.181.48 HTTP GET /story/11/01/24/1657252/Mozilla-Proposes-Do-Not-Track-HTTP-Header HTTP/1.1

Frame 27 (582 bytes on wire, 582 bytes captured)
Linux cooked capture
Internet Protocol, Src: 10.4.12.92 (10.4.12.92), Dst: 216.34.181.48 (216.34.181.48)
Transmission Control Protocol, Src Port: 34619 (34619), Dst Port: http (80), Seq: 1, Ack: 1, Len: 514
Hypertext Transfer Protocol
        GET /story/11/01/24/1657252/Mozilla-Proposes-Do-Not-Track-HTTP-Header HTTP/1.1\r\n
        Host: tech.slashdot.org\r\n
        User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.12) Gecko/20101027 Fedora Firefox/3.6.12\r\n
        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n
        Accept-Language: en-us,en;q=0.5\r\n
        Accept-Encoding: gzip,deflate\r\n
        Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n
        Keep-Alive: 115\r\n
        X-Do-Not-Track: 1\r\n
        Referer: http://slashdot.org/ [slashdot.org]\r\n
        Connection: keep-alive\r\n
        Cache-Control: max-age=0\r\n
        \r\n

Oh and Slashdot, how the heck am I supposed to post on your system when I'm behind my ISP's NAT and someone else has already beat me to it?

O RLY?

[DragonWriter]

Advertisers and tracking services will fight this to the bitter end.

Google, as well as other major online ad and tracking services, already support [blogspot.com] "Do Not Track" mechanisms with similar functionality.

Re:Great idea but not likely to happen

[jimicus]

Not to send what exactly? Were browsers to not send cookies by default, they'd break an awful lot of websites for the majority of their users. It's fairly fundamental to HTTP that it's not stateful between requests - cookies allow applications to work around that issue.

Re:Great idea but not likely to happen

[simplypeachy]

You haven't seen what happens when you visit a web site - say with a youtube video, a flash advert, four or five social networking widgets or logos, analytics, plain old and flash cookies, even geolocation.

It's breathtaking and disturbing. Give Privoxy a try and see just who's watching :-)