Saturday, February 28, 2015
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
New Draft Bill Focuses On Consumer Data Privacy
Uber Says Breach Affected 50K Drivers
Google Showcases Future Silicon Valley Headquarters
Lenovo Offers Free McAfee LiveSafe Following Superfish Security Concerns
Yahoo Gains Search Share
Twitter To Offer More User Safety Features
Google to Start Ranking Mobile-friendly Sites Higher
Qualcomm Extends LTE to Unlicensed Spectrum to Enhance Mobile Experiences
Active Discussions
Need serious help!!!!
burning
nvidia 6200 review
Hello
Burning Multimedia in track 0
I'm lazy. Please help.
sanyo e6 camera
need help on some cd burning...
 Home > News > General Computing > Microso...
Last 7 Days News : SU MO TU WE TH FR SA All News

Monday, February 20, 2012
Microsoft Says Google Bypassed IE Cookie Settings Too


In the wake of reports that Google had sidestepped privacy settings in Apple's Safari browser, Microsoft announced today it had discovered the Web giant had done the same with Internet Explorer.

"Google is employing similar methods to get around the default privacy protections in IE and track IE users with cookies. We've also contacted Google and asked them to commit to honoring P3P privacy settings for users of all browsers," IE executive Dean Hachamovitch wrote in a blog post.

Microsoft found that Google bypasses the P3P Privacy Protection feature in IE. The result is similar to the recent reports of Google's circumvention of privacy protections in Apple's Safari Web browser, even though the actual bypass mechanism Google uses is different.

By default, IE blocks third-party cookies unless the site presents a P3P Compact Policy Statement indicating how the site will use the cookie and that the site's use does not include tracking the user. Google's P3P policy causes Internet Explorer to accept Google?s cookies even though the policy does not state Google?s intent.

P3P, an official recommendation of the W3C Web standards body, is a Web technology that all browsers and sites can support. Sites use P3P to describe how they intend to use cookies and user information. By supporting P3P, browsers can block or allow cookies to honor user privacy preferences with respect to the site's stated intentions.

Technically, Google utilizes a nuance in the P3P specification that has the effect of bypassing user preferences about cookies. The P3P specification states that browsers should ignore any undefined policies they encounter. Google sends a P3P policy that fails to inform the browser about Google's use of cookies and user information. "Google?s P3P policy is actually a statement that it is not a P3P policy. It?s intended for humans to read even though P3P policies are designed for browsers to "read"", Hachamovitch added.

Users cannot easily access P3P policies. Web sites send these policies directly to Web browsers using HTTP headers. The only people who see P3P descriptions are technically skilled and use special tools, like the Cookie inspector in the Fiddler tool.

Hachamovitch also took the opportunity to point out at IE users have access to a Tracking Protection List that it says prevents the P3P bypass. Additionally, he said Microsoft is "investigating what additional changes to make to our products. The P3P specification says that browsers should ignore unknown tokens. Privacy advocates involved in the original specification have recently suggested that IE ignore the specification and block cookies with unrecognized tokens."

Safari is not the only browser with this problem and Google is not the only company to exploit it. Many Web sites, including giants like Facebook, appear to be using a loophole that circumvents I.E.'s ability to block cookies.


Previous
Next
Microsoft Extends Support Lifespan For Windows 7, Vista        All News        Latest AnyDVD Release Introduces Speedmenus
Microsoft Extends Support Lifespan For Windows 7, Vista     General Computing News      SkyDrive and Windows 8

Get RSS feed Easy Print E-Mail this Message

Related News
Google Showcases Future Silicon Valley Headquarters
Yahoo Gains Search Share
Google to Start Ranking Mobile-friendly Sites Higher
Microsoft Band Gets New Features
Google Buys Softcard To Push Google Wallet Service
Google Mobile Search Now Shows Videos, News In One Place
Italy Plans To Conduct Inspections At Google U.S. Offices
Google Launches Chinese Language Developer Channel on YouTube
Internet Explorer To Support HTTP Strict Transport Security Protocol
Mattel And Google Reimagines the Iconic View-Master Toy
Microsoft Buys Sunrise In A Smartphone Push
Google Offers You 2GB Of Storage If You Run A Security Checkup

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2015 - All rights reserved -
Privacy policy - Contact Us .