Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Google Government Privacy Safari United States News Your Rights Online

Google Facing FTC Fine Over Safari Privacy Breach 73

Posted by Soulskill from the really-expensive-cookies dept.
suraj.sun writes "Bloomberg is reporting on Google's negotiation with the U.S. Federal Trade Commission over 'how big a fine, which could amount to more than $10 million, it will have to pay for its breach of Apple's Safari browser. The fine would be the first by the FTC for a violation of Internet privacy as the agency steps up enforcement of the Web.' Last year, Google agreed to a settlement in which the FTC would monitor Google's privacy practices for an extended period of time. 'The 20-year settlement bars Google from misrepresenting how it handles user information and requires the company to follow policies that protect consumer data in new products.' This February, Google was found to be bypassing privacy controls in Safari by making the browser think a user was submitting a form, when they actually weren't. '(The code used by Google was part of its program to place the "+1" button in advertisements.) At the time, the company issued a statement saying that the circumvention wasn't intentional, but privacy groups were still quick to file complaints with the FTC over Google's actions. That was quickly followed by a class-action lawsuit and an investigation by European regulators.'"
This discussion has been archived. No new comments can be posted.

Google Facing FTC Fine Over Safari Privacy Breach More

Google Facing FTC Fine Over Safari Privacy Breach

Comments Filter:

  • Re:Absolutely right! (Score:5, Interesting)

    by symbolset ( 646467 ) * on Friday May 04, 2012 @09:19PM (#39898201) Journal
    This is a fairly standard method. If Safari's design allows more disclosure than intended that's Safari's fault, not Google's. If this is not the intended functionality it's a browser bug and should be fixed.

  • Re:How about fix the browser (Score:5, Interesting)

    by VortexCortex ( 1117377 ) <VortexCortex AT ... trograde DOT com> on Saturday May 05, 2012 @06:39AM (#39900487)

    Safari does block third-party cookies. Google fooled Safari into thinking they were first-party cookies so that they would be accepted by the browser. RTFA next time.

    Safari does NOT block third party cookies. Safari blocks SOME third party cookies -- You know, unless the user interacts with 3rd party assets, then they don't block the 3rd party cookies at all. The issue is caused by Safari's erroneous concept of what a user initiated event is. Which it damn sure knows how to tell the difference between a user initiated event! That's how pop up blocking has worked for over a decade. It's defective by design. Submitting a form to a hidden iframe is how we made Ajax work before XML HTTP Request was born, so it's not like Google did some magic mojo. I used to be able to pass JS variables across domains via iframe, but now browsers don't allow that -- Was I fooling the browsers by using their features before they disabled the feature?

    Oh I can hear the apple sauce sloshing already! But you're WRONG. You see -- There's this thing called JavaScript, and using it I can hover a 1px invisible iframe around under your gods damn mouse cursor -- And within that iframe: A 3rd party site. Now, just try and click anything. TADA Safari not blocking 3rd party cookies again. BECAUSE THEY DON'T. Well, actually yes... Safari does block a few 3rd party cookies -- But only if the 3rd party doesn't really want you to have the cookie. That you can't easily tell your browser WTF to do and have it just do what it says the option is Ridiculous. Here, I'll show you:

    if ( Third_Party_Cookies_Disabled && window.top.location != window.location ) return; // without setting the cookie.

    But NOOO! Safari has some other explicit BS logic that makes EXCEPTIONS to the rule. On Purpose! Google used such features that Apple devs made... And the dumb ass users got pissed off because their browser wasn't doing what they told it, but they couldn't blame Apple -- NO! Not Apple! So who? Google -- Protip: Google's not the only one bypassing your 3rd party cookie "blocking" system... Hey, doesn't Apple sells ads too? I bet they want them to "just work" too.

    Google was only serving up the form to people who were logged in to the service and had accepted their privacy policy stating that GOOGLE WOULD DO THIS.

    Also, if you disable all cookies in Safari -- It keeps sending my sites your cookies. You have to restart the browser before that setting takes effect. Why? Why doesn't that just work?! Every other browser just stops sending the cookies. Why? Because the names of the settings in Safari are specious. They're misinformative to say the least! "Disable 3rd party cookies unless you just recently changed the setting, or you accidentally click a 3rd party site, or the page submits a form or some Javascript puts a button under your cursor, or a bunch of other BS logic that we added to specifically ALLOW 3rd party cookies." -- THAT is what Safari does. RTFM next time, then test the software to be sure the manual's not lying. -- That's what I did.

Slashdot Top Deals

When bad men combine, the good must associate; else they will fall one by one, an unpitied sacrifice in a contemptible struggle. - Edmund Burke

Close