Microsoft Says IE8 Phoning Home Is "Pretty Innocuous" 194
CWmike writes "Microsoft has defended the IE8 tool that suggests sites based on URLs typed into its address bar, saying that the browser 'phones home' only a limited amount of information to Microsoft and that the company discards all user IP addresses almost immediately. Company managers also contrasted IE8 Beta 2's 'Suggested Sites' feature with the 'Suggest' feature used by Google Chrome, saying that Microsoft's requires the user's explicit permission before it's used. They did acknowledge a bug that prevents the request from reappearing when users reinstall the browser. Cyra Richardson, a Microsoft principal program manager on the IE team, said: 'Suggested Sites is connected to the browser's history, and it's not looking at each of the keystrokes. IE only captures the URL as it is navigated [to], when that URL goes into your history.' Nor does Suggested Sites log and transmit cookies to Microsoft's servers, as does Google Suggest, Richardson said. 'The data we log is actually pretty innocuous.'"
What did you expect them to say? (Score:5, Funny)
"We are going to use the data to sell you Zunes?"
Re: (Score:2, Funny)
As long as it works with a Zune.
Re:What did you expect them to say? (Score:5, Funny)
If Google does it, it is because they are using the information to help us.
If Microsoft does it, it is used for evil.
CONSISTENCY PEOPLE!
Did you have Google preinstalled? (Score:5, Insightful)
Or could you choose another browser?
Now, can you remove IE from windows?
RATIONAL THOUGHT, PEOPLE!
Re: (Score:2)
Even without uninstalling IE. You don't have to use it... Even for windows you can install other browsers... The point is If Microsoft does it, it is Evil, If Google does it it is good and innovative.
Re: (Score:2)
I can block MS IE from accessing the internet. Is that not all that I require?
I uninstalled Chrome as soon as I saw what it was doing with the URL bar. And then, I started getting notices about GoogleUpdate (updater?) wanting to connect ... even after uninstalling there were spyware bits floating around on my computer. I was almost amused that it comes with a "stealth-mode", but phones home incessantly - don't store your stuff on your computer, store it on ours.
I certainly would not want Chrome preinstall
Re: (Score:3, Interesting)
Except we know Google will store and OWN all the data. And, if it comes from someone criticizing the Chinese government, it will turn over said data to said government.
Just remember... (Score:5, Funny)
If Google does it, they do it because they "probably have to." Luckily, they said they "do no evil" so that means they're absolute good and thus immune to scrutiny.
If Microsoft does it, then they're obviously logging all the data on you and plan to sell it to the highest bidder, to use to pay for restrictive DRM technologies and run over old ladies in the street. Though you do not have facts to back up the last statement, you've always conceded that they are a luxury around here. Besides, Microsoft is a convicted monopolist, which somehow magically changes all the rules on logical arguments, or something.
Did I get it all right? I know there's nothing about Apple in here, but I'll try harder next time.
Re:Just remember... (Score:5, Insightful)
Eh, privacy nuts get on Google about things like crazy nowadays. I seriously doubt either company is up to some nefarious plot to stealz mah dataz through my web browser, but I don't mind some of the more paranoid folks keeping them honest. If they have to explain to an angry person every time they collect a piece of info, I figure they'll be less likely to try and pull a fast one.
Re:Just remember... (Score:5, Insightful)
My question is, what does "almost immediately" mean?
In my experience, PR/advertising/lawyer types are very careful what they say. They don't lie outright, but will frequently mislead with seemingly innocuous statements that seem to mean one thing, but when they are really looked at, mean something else entirely.
If they'd said that IP addresses were discarded immediately, that would mean that as soon as the information transaction is completed, the IP address is no longer needed, so it's discarded.
Saying "almost" immediately, means it is not discarded at this point. What does "almost" mean in this context, coming from a Microsoft PR person?
Is it discarded almost immediately, after a "small" amount of data analysis is done for marketing purposes?
Is it discarded almost immediately after a scheduled task to purge their server logs once a day?
Is it discarded almost immediately after the DOJ gets on their case about keeping it?
Re:Just remember... (Score:5, Funny)
"Almost immediately" means it's discarded right after the URL is linked to your profile in their Global Database of Evil and forwarded to hundreds of Cheap Viagra internet companies and the NSA, all of which takes about a second, which IS almost immediately.
Re:Just remember... (Score:5, Informative)
Well if you'd just RTFA... you'd see that "PR/advertising/lawyer types" did not say "almost immediately", the journalist did.
What was said by Microsoft about the IP was quite clear:
But I guess that's no good for your water-cooler soap-box look-at-me speech, is it?
Re:Just remember... (Score:4, Interesting)
Re: (Score:2)
Well if you'd just RTFA... you'd see that "PR/advertising/lawyer types" did not say "almost immediately", the journalist did.
As has been said on here plenty of times. This is Slashdot. Why would I read the article? :)
What was said by Microsoft about the IP was quite clear:
Which is worse than the summary. "We get all the information that we need from it..." He didn't say "all the information we needed to perform the recommendation."
What information do they need? Your browsing history? This is significantly worse than the doubleclick cookies that people bitch about on a regular basis.
And the fact that the Suggested Sites database contains no user IP addresses is irrelevant, if IP a
Re: (Score:2)
But do they put the IP Addresses through the shredder and have them taken away by a certified disposal company? Or do they just chuck them in the bin where anyone can find them by digging through a couple piles of broken chairs and crushed souls?
Re: (Score:2)
OK, the quoted comments are a MS manager speaking. Believe it if you want to.
That said, even if true, this is a description of current practices, not a promise of future practice.
The difference between Google and MS is that I don't trust Google, and I do trust MS. But what it trust MS to do isn't something that I want to have done.
And what was said may not be a lie about current practice. This doesn't mean that I would find it acceptable. (Not that it matters, as I'm a *very* unlikely customer. The las
Re:Just remember... (Score:5, Insightful)
In other words, no matter what Microsoft says or does, you'll condemn them, so what's the point? You've made up your mind to condemn Microsoft regardless while giving Google a pass for much worse.
You're logic is astonishing. Microsoft's Suggested Sites feature is much less intrusive than Google's yet you condemn Microsoft because they might become more intrusive in the future? Meanwhile you give Google a pass for being more intrusive than Microsoft in the present? Are you for real?
Re: (Score:3, Funny)
we take the IP address, get all the information that we need from it...
ie, "We only record the first four bytes of the IP address, then we toss the rest"
Re: (Score:2)
In English class, they taught us that when it comes to advertising speak, the words "basically", "virtually", and "almost" are all words that really mean "not".
The summary says they claim they're not keeping IP addresses or cookies, but there's nothing there that says they don't keep the actual addresses of the websites you go to. That seems like a much bigger deal for privacy.
Re: (Score:2)
I like the way you think. Delegate some of your responsibility. Shows true managerial potential.......
Re:Just remember... (Score:5, Insightful)
"If Google does it, they do it because they "probably have to." Luckily, they said they "do no evil" so that means they're absolute good and thus immune to scrutiny."
It's been obvious to anyone with half a brain that google (and most other websites who are able to and have a clue) logs damn near everything. Many are just covert / quiet about it.
Technically makes privacy pretty moot unless we pass laws enforcing companies to build encryption into everything. The truth is the majority of people are not educated enough, nor even have an inkling of an idea of how computers work and that everything they do is recorded, that when you're on the internet you are totally naked.
The nature of networks themselves by having to communicate back and forth with one another in order to 'browse' (really in the ultimate sense sending and receiving files and bits of data). Means you are constantly broadcasting and receiving data, thereby leaving all those breadcrumbs for everyone who has a clue to read about you and compile on you.
The fact is though we have done this to ourselves by adopting technologies and caring more about content and what value it adds to our lives then any amount of the values in regards to privacy we claim to care about... the internet and our lack of encryption/laws, etc, enforcing security of information from the get go proves we don't give a fuck about privacy very much. Simply because it's too inconvenient.
The really hard core about privacy (tor, encryption, etc) are evidence of the common man, and probably common slashdotter's total lack of concern about his or her own privacy. Otherwise we'd be using them and demanding these services but no one wants to expend the political energy an/or the money to pay for them. Hence we don't really give as much of a fuck as we seem to since our actions do not match our words in regards to the amount of whining about privacy we output.
Re:Just remember... (Score:5, Funny)
...that when you're on the internet you are totally naked.
Speak for yourself.
Re: (Score:2)
Re: (Score:2)
I can live with individual websites collecting this data. No one held a gun to my head and forced me to go to those sites. I know when I go to a website, THAT WEBSITE collects certain more-or-less standard data. (And if they share it with others, well, I can choose not to go to their sites anymore.)
However, I don't like the idea of my browser sending this info to a THIRD PARTY. I don't care if that third party is Google, Microsoft, IBM, the Chinese Ministry of Defense, or the moon, I still don't want to be
Re: (Score:2)
"However, I don't like the idea of my browser sending this info to a THIRD PARTY"
Your data passes through a whole host of third parties before it even gets to the site via routers. Governments or corporations who are involved in the underworld can abuse our rights without our consent and we'd never know it because the network itself is constantly leaving breadcrumbs of data everywhere, and each packet has to be routed and repeated to its destination, not to mention subnet spam, if someone is keen enough to
Re: (Score:2)
Oh, let's not be dense on purpose... I know there are lots of third parties involved, from the next router on down the line forward. But that's unavoidable unless you invest in your own private internet, and it's also normal everyday procedure, akin to driving on public streets to the store where you buy your beer. But when the beer can reports your tastes in porn back to the brewer, that's a bit much.
As to gov't snooping, that we have no control over one way or the other. But because one outfit snoops is n
Re: (Score:2)
"Oh, let's not be dense on purpose... "
I wasn't being dense, I was saying you can't control it anyway because of the fact it has to pass through 3rd parties and you don't get to control which routers your data passes through. Seems like an excellent point IMHO, since routers are technically '3rd parties', whether you acknowledge it or not.
Re: (Score:2)
But that's the design inherent to the net, and necessary to this form of communication.
Conversely, it's totally *unnecesary for software on MY machine to pass data to a party who has *nothing do with the above necessary data transmission*.
How would you like it if every time you drive your car, it reports your destination to the car's manufacturer? The fact that you had to drive on public streets anyway is irrelevant to that needless reporting of your private activities.
This seems obvious to me, but ... ther
Re: (Score:2, Insightful)
Re: (Score:2)
This is probably just my misanthropy talking, but I always figured Microsoft's egregious level of "security" was prima facie evidence of their collusion in some sort of conspiracy to provoke us to demand that our fearless leaders take action to protect us from internet freedom.
Re: (Score:2)
There was a symbol called "_NSAKEY." Microsoft denied that it had anything to do with the National Security Agency.
http://en.wikipedia.org/wiki/NSAKEY [wikipedia.org]
Re:Just remember... (Score:5, Interesting)
Holy Jesus man, have you even been to any other web forum? Compared to the normal signal-to-noise ratio on the internet, Slashdot (if you browse at +3 or +4) is a cut or three above just about anything else, and almost exclusively so for unmoderated forums. But yeah, other than that, you hit the "groupthink" idea right on, except for that a lot of people, lately, have been getting annoyed at google's "collect data for everything" policy, among other things.
Re: (Score:2)
While I mostly agree, how do you figure that Slashdot browsing at +3 or +4 is "unmoderated"?
Re: (Score:2)
Re: (Score:2)
Your phrasing is ambiguous. You can read it as slashdot being especially better than unmoderated forums (as you apparently meant it) or as slashdot being almost uniquely good for an unmoderated forum (as I understood it).
Re: (Score:2)
Re: (Score:3, Informative)
Its all about track record.
Microsoft has a track record for shady business practices.
Google does not.
Of course people are going to be quicker to bash Microsoft than Google.
Under oath? (Score:2)
If Microsoft says they destroy any IP addresses and details when they receive it, will they sign a contract with all users confirming that? Will they repeat it under oath on penalty of perjury?
I will believe a corporate only when it is under oath.
Sorry.
Re: (Score:3, Funny)
Whoosh!
Boom!
The Whoosh! was the humour in the OP apparently flying over your head.
The Boom! when the joke broke the humour barrier and put the mods into a case of shock, apparently causing them to mod you up.
Re: (Score:2)
I find it exceptionally hard to maintain chaotic neutral in my day to day work. Every time I hold the door open for someone, I have to shut it in someone else's face. That act itself is one of "evil", meant to offset the "good".
Google must not do much of *anything* if they're going to maintain chaotic neutral for any meaningful period of time.
Especially if they make the mistake of being good from time to time :O
Suggestions? (Score:5, Insightful)
So, we see "targeted" ads and have "suggestive" sponsorship in other browsers in exchange for getting the browser for free.
Isn't IE a part of Windows, and don't we sort of pay for it already?
Opt-in service (Score:5, Insightful)
Re: (Score:2)
I'm thinking he's saying "stop trying to protect the idiots who can't take responsibility for their own actions by fucking reading what it says on the fucking screen".
It's pretty simple, really. If people fail at reading comprehension or are too lazy to bother with it, then they fucking deserve everything they get.
Re:Suggestions? (Score:5, Funny)
People pay for Windows?
Yes, almost every time I use it.
damn right...almost (Score:3, Interesting)
Re: (Score:2)
However, Microsoft doesn't seem to understand that just because google's browser is worse, that doesn't mean IE8 is okay.
Since IE8's "suggested site" feature is opt-in, I don't know how anyone but the most dedicated Microsoft hater and/or Google apologist could say that it's not "okay".
pr0n (Score:5, Funny)
Re: (Score:3, Funny)
Whats your ISP? I'd like to use it to... erm... do "research".
Re: (Score:2, Funny)
The same happens to me with URLs containing penisland, cummingfirst, and whorepresents.
Re: (Score:2)
I absolutely hate site suggestions when I mistype an URL. Why? Because if the url contains the phrase "kicks-ass", my ISP starts advertising porn.
You don't even need a 'suggestions' feature for that. S[pc]ammers and pr0n site operators have bought up every conceivable typo/variation of any popular domains already.
Re: (Score:2)
You don't even need a 'suggestions' feature for that. S[pc]ammers and pr0n site operators have bought up every conceivable typo/variation of any popular domains already.
True. But since I'm paying for the isp, I expect them to be a little bit more professional. Since I had gotten the search page, the url at least didn't exist in that type/variation. A default safe search filter would be the very conservative thing to do.
Re: (Score:2)
Yes, it certainly seems unprofessional for an ISP to have unsafe anything (hosted by them obv. I'm not talking about filtering) by default.
Re:pr0n (Score:5, Funny)
I get porn suggested just b/c i type in 'tea-bag' but then I'm like..hmmm this looks interesting.
ProTip: Instead of searching, bookmark Bungie.net for when you want to see your Halo profile.
Re: (Score:2)
SuperProTip: Instead of searching, looking at Bungie, etc, just read this comic on how to best teabag: http://www.joeandmonkey.com/74 [joeandmonkey.com]
Let me get this straight... (Score:3, Insightful)
Oh, I feel much better now...
Re:Let me get this straight... (Score:5, Insightful)
A big, powerful, arrogant company is telling me that their very iffy handling of my personal data is "OK" because some other big, powerful and arrogant company is already doing pretty much the same?
Spinning things against Microsoft/Google even if there's no basis for your statements, is just as bad as Microsoft/Google spinning things in their favor when there IS basis.
In both cases, it's disinformation which promotes acting on "gut feelings" and ignorance.
The feature is quite innocent and handy, as it's apparent that anything less would be torn apart from the community.
Last couple of years Microsoft is showing some signs of listening to their customers and they're well on track repairing their IE/Vista fiascos. If all they get in return is the same overly negative responses, they'll just stop trying.
Re: (Score:2)
"In both cases, it's disinformation which promotes acting on "gut feelings" and ignorance."
So... they're all Republicans?
Re: (Score:2)
You need to work on your reading comprehension.
Nowhere did I say IE8 sucks because Windows 95 was the chunks.
I said Microsoft is claiming this feature is harmless, however, I can see why it's not. Microsoft has lied about every product they've ever released to the consumer masses for at least 13 years, so why should we believe them on this one?
And Windows 95 was not an amazing OS for the time. OS/2 was an amazing OS for the time. But of course, it was crushed by Microsoft's antitrust violations.
Re: (Score:2)
Re: (Score:2, Insightful)
A big, powerful, arrogant company is telling me that their very iffy handling of my personal data is "OK" because some other big, powerful and arrogant company is already doing pretty much the same?
No, they're telling you that you can *explicitly* turn on an option to share *some* information about your browsing habits. I know this is Slashdot, but some people get overparanoid.
Open up the protocol (Score:5, Interesting)
Microsoft and Google should just publish the exact data exchange protocol used by their respective "smart search" features -- and keeps those documentations up to date, of course.
The protocols are gonna get out, anyway -- someone will snoop them out soon enough. Better have an official documentation than endless wild rumors, and the whole thing would hardly cost any resources.
Re: (Score:3, Insightful)
Publishing the protocol is pointless. You'll still have to take their word on what they do with the data after they receive it.
Re: (Score:2)
And an opt-out option, FFS (if not making the tool opt-in). And I mean that across all browsers, not just MSIE8 and Chrome.
I hope it would be safe to assume that when you've got porn mode enabled (err, I mean private browsing) that this data transfer wouldn't happen regardless of whether you've opted-in/out.
Whew! (Score:2)
Well, as long as it's "pretty" innocuous, I guess it's OK. /sarcasm
As for that annoying Google Suggest, I killed that by having my proxy add the "SG=0" item to the PREF cookie. Dear Google (and Ask), Traffic for every keystroke is messed up.
ok.. as I see it. (Score:2)
If Microsoft wants to log data back to the home base for IE 8, it should do one of 2 things, since it's a beta. 1) before install, clearly acknowledge that they WILL be collecting data, and more precisely, describe exactly what the data will be or 2) ask users if they wish to let Microsoft receive data and again, a description of what that data will be.
Would one not think that it would be just common courtesy to do that?
Re: (Score:2)
Danger Signs (Score:5, Funny)
1) After installing IE8, webcam tracks your movements around the room.
2) Strange giggling from PC speakers when you Agree to the EULA.
3) When you start Spybot Search & Destroy you get a phone call from someone sounding an awful lot like Jerry Seinfeld threatening your pets.
4) Paperclip is back, and now its mad.
5) The next time you hear the phrase "actually pretty innocuous" is in President Palin's speech about what happens in Loyal Citizens' Youth Brigade moral rectification camps.
6) You printer puts job sheets at the beginning of each document. Job sheets with coupons for Brawndo.
7) Activity gadget in upper right hand corner of browser is a Total Information Awareness icon.
8) Entering URL for Chrome download page redirects to gay furry bondage snuff porn site.
9) After refusing to upgrade to IE8 you wake up to find the Firefox's severed head on your bed.
10) Ghost of grandmother appears to you in dream, begging you to install Ubuntu. Which is just plain weird because she was a Slackware fan!
Gay Furry Bondage Snuff Porn! WHEE! (Score:5, Funny)
Wow, I'm impressed. Googling for "gay furry bondage snuff porn" [google.com] produces your post here as the top hit only a couple hours after you posted.
Aside from being impressed, I'm also somehow disappointed... ;)
Cheers,
Re:Gay Furry Bondage Snuff Porn! WHEE! (Score:5, Funny)
A quick check of this revealed that you are now number one! Congratulations...I think.
Another quick check (Score:2)
Shows a pink slip coming in the mail from the employers of the parent and grandparent. Apparently something based on inappropriate google searches using company computers :-)
Fired? But I'm self-employed! (Score:2)
Aw, man, I fired *myself*? And couldn't even be bothered to do it face-to-face. What's the world coming to these days! :)
Re: (Score:2)
Now that's entertainment!
Somebody once said there's a website for anything you can think of and anything you'd rather not think of. This might be one of those cases.
Re: (Score:2)
Time for some absolutism. (Score:5, Insightful)
People need to stop hiding behind the even worse failings of others, and start justifying themselves in terms of why they don't suck rather than why the suck incrementally less than the other guy. FFS.
Re:Time for some absolutism. (Score:5, Insightful)
Wow... an intelligent post!!! Someone mod this -1 Overrated or -1 Offtopic, or some other minus moderation quickly! ;-)
Or... maybe someone with mod points can mod it up, since it is one of the most insightful posts in this topic so far. Fuzzy is right on the mark... Microsoft's (and too many other companies who are starting to play the same game) answer sounds like my brother and I when we were little kids... "But he did that!!!"
This isn't elementary school. These are supposed to be businesses.
Re: (Score:2)
Or... maybe someone with mod points can mod it up, since it is one of the most insightful posts in this topic so far. Fuzzy is right on the mark... Microsoft's answer sounds like my brother and I when we were little kids... "But he did that!!!"
Stevie, put down that chair!
- But mom, he started!!!
Re: (Score:2)
People need to stop hiding behind the even worse failings of others
A form of stupidity common enough to warrant its own name. [wikipedia.org]
Re: (Score:3, Insightful)
Re: (Score:2)
That was essentially my point up above, too. The first (only :) reply so far chose to misinterpret it.
I swear, if the average slashdot mind is the future of der interveb and der technoreich, we're all in a shitload of trouble!!
Users say piracy is pretty innocuous (Score:5, Interesting)
After all most users who pirate Microsoft products discard most of them almost immediately.
Yeah that works doesn't it? If you violate someone's right's it's not okay just because you do it for a short time! Cuts both ways.
Does 'URL' include the GET arguments ? (Score:2)
There can be sensitive data in the GET arguments, much more than just which site you have visited.
evil (Score:4, Funny)
"We're not evil [today.com]," said Google. "We just want to know your confidential business data, bank account details, medical information, personal preferences in pornography and DNA code. Microsoft ... they want to make you use Windows Live Search."
Re: (Score:2)
I click a little button in Firefox.
Suddenly, Im in another country, no cookies or anything.
Oh yeah, it's torbutton. You control what you want websites to see. Take control.
A better feature (Score:5, Interesting)
I am here to help! (Score:2)
First of all, there are the key combinations that automatically fill in the protocol name and TLD (check the help file).
Second of all, THE BACKSPACE KEY YOU GREAT CLEFT. Come on!
and... (Score:3, Funny)
... me not upgrading to IE 8 is pretty innocuous too!
The "discarding" is ok (Score:2)
It's the word "almost" which is killing it for them.
Extra bandwidth use (Score:2)
Now that a lot of us are capped on our use, is Microsoft going to reimburse us somehow for wasting our service?
But oddly..... (Score:2)
amazing (Score:2)
Amazing how Microsoft always get found out with this 'hidden phone home' stuff, they always make some really lame excuse, and nobody ever actually does anything about it.
A lot can happen.. (Score:2)
... the company discards all user IP addresses almost immediately.
A lot can happen in the time frame of 'almost immediately' when running a computer capable of 11+ terflops [nwsource.com].
meh (Score:2)
IE? (Score:2)
Is that thing still around? I thought it died from irrelevance years ago.
Oh well, I guess there are still people using black-and-white TVs too.
Re: (Score:2, Insightful)
They should be sued for electronic monitoring without a warrant!
They explicitly ask you if you like to get suggestions or not. You can say NO.
Re: (Score:2)
Considering their track record on software, I sincerely do hope they coded an 'else' to the 'if reply=y' in that block of code.
Re: (Score:3, Insightful)
Re: (Score:2)
Re: (Score:2)
Yes, actually. I have some fantastic friends who work there.
Not everyone who works at Microsoft is a cocksucker, you know. Sure, once you get higher up in the food chain, they kind of morph into tremendous dbags, but so far in my life, I've found that's true with every manager, everywhere.
Re:To defend Microsoft. (Score:4, Insightful)
Re: (Score:2)
It's easy: Google pwns you