Friday, August 01, 2014
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Researchers Discover New Smartphone Flaws
U.S. Government Issues Warning About Malicious Software
Hackers Can Use USB Devices in Attacks
Next Apple TV Release Delayed
CoD: Advanced Warfare Collector's Editions Announced
Lite-On IT Merged With Lite-On
AMD Introduces New Kaveri APUs for System Builders
Toshiba, Samsung Vie For 48-layer 3-D NAND Chips
Active Discussions
help questions structure DVDR
Made video, won't play back easily
Questions durability monitor LCD
Questions fungus CD/DVD Media, Some expert engineer in optical media can help me?
CD, DVD and Blu-ray burning for Android in development
IBM supercharges Power servers with graphics chips
Werner Vogels: four cloud computing trends for 2014
Video editing software.
 Home > News > General Computing > Microso...
Last 7 Days News : SU MO TU WE TH FR SA All News

Monday, February 20, 2012
Microsoft Says Google Bypassed IE Cookie Settings Too


In the wake of reports that Google had sidestepped privacy settings in Apple's Safari browser, Microsoft announced today it had discovered the Web giant had done the same with Internet Explorer.

"Google is employing similar methods to get around the default privacy protections in IE and track IE users with cookies. We've also contacted Google and asked them to commit to honoring P3P privacy settings for users of all browsers," IE executive Dean Hachamovitch wrote in a blog post.

Microsoft found that Google bypasses the P3P Privacy Protection feature in IE. The result is similar to the recent reports of Google's circumvention of privacy protections in Apple's Safari Web browser, even though the actual bypass mechanism Google uses is different.

By default, IE blocks third-party cookies unless the site presents a P3P Compact Policy Statement indicating how the site will use the cookie and that the site's use does not include tracking the user. Google's P3P policy causes Internet Explorer to accept Google?s cookies even though the policy does not state Google?s intent.

P3P, an official recommendation of the W3C Web standards body, is a Web technology that all browsers and sites can support. Sites use P3P to describe how they intend to use cookies and user information. By supporting P3P, browsers can block or allow cookies to honor user privacy preferences with respect to the site's stated intentions.

Technically, Google utilizes a nuance in the P3P specification that has the effect of bypassing user preferences about cookies. The P3P specification states that browsers should ignore any undefined policies they encounter. Google sends a P3P policy that fails to inform the browser about Google's use of cookies and user information. "Google?s P3P policy is actually a statement that it is not a P3P policy. It?s intended for humans to read even though P3P policies are designed for browsers to "read"", Hachamovitch added.

Users cannot easily access P3P policies. Web sites send these policies directly to Web browsers using HTTP headers. The only people who see P3P descriptions are technically skilled and use special tools, like the Cookie inspector in the Fiddler tool.

Hachamovitch also took the opportunity to point out at IE users have access to a Tracking Protection List that it says prevents the P3P bypass. Additionally, he said Microsoft is "investigating what additional changes to make to our products. The P3P specification says that browsers should ignore unknown tokens. Privacy advocates involved in the original specification have recently suggested that IE ignore the specification and block cookies with unrecognized tokens."

Safari is not the only browser with this problem and Google is not the only company to exploit it. Many Web sites, including giants like Facebook, appear to be using a loophole that circumvents I.E.'s ability to block cookies.


Previous
Next
Microsoft Extends Support Lifespan For Windows 7, Vista        All News        Latest AnyDVD Release Introduces Speedmenus
Microsoft Extends Support Lifespan For Windows 7, Vista     General Computing News      SkyDrive and Windows 8

Get RSS feed Easy Print E-Mail this Message

Related News
Google To Show Ratings to Search-Results Ads
Microsoft Details Windows Phone 8.1 Update, Brings Cortana To New Markets
Microsoft Releases The Sharks Cove, A Raspberry Pi Alternative
China Starts Anti-monopoly Investigation On Microsoft
Google Does Not Confirm to $1 Billion Acquisition Of Twitch
Google Implemented "Right To Be Forgotten" Ruling Inadequately, EC says
Microsoft's Profit Hurt By Nokia Acquisition, Plans Unified OS
European Regulators May Need Extra Concessions From Google
Microsoft Is Shutting Down Xbox Entertainment Studios
Google Profit And Revenue Jump
Microsoft To Eliminate 18,000 Jobs
Microsoft To Take EU 'Right to be forgotten' Requests

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .