Saturday, August 30, 2014
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Samsung Partners with Nike On Running App
Samsung Applied for Samsung Quantum Dot TV Trademark
New iPhones Expected at Sept. 9 Event
Google Tests Drones For Delivery Of Goods
UMC To Partner With Fujitsu On Chip Production
Samsung, LG Introduce New Smartwatches
Sharp, Pioneer Dissolve Their Capital Alliance
Nero 2015 is Coming At IFA
Active Discussions
help questions structure DVDR
Made video, won't play back easily
Questions durability monitor LCD
Questions fungus CD/DVD Media, Some expert engineer in optical media can help me?
CD, DVD and Blu-ray burning for Android in development
IBM supercharges Power servers with graphics chips
Werner Vogels: four cloud computing trends for 2014
Video editing software.
 Home > News > General Computing > Microso...
Last 7 Days News : SU MO TU WE TH FR SA All News

Monday, February 20, 2012
Microsoft Says Google Bypassed IE Cookie Settings Too


In the wake of reports that Google had sidestepped privacy settings in Apple's Safari browser, Microsoft announced today it had discovered the Web giant had done the same with Internet Explorer.

"Google is employing similar methods to get around the default privacy protections in IE and track IE users with cookies. We've also contacted Google and asked them to commit to honoring P3P privacy settings for users of all browsers," IE executive Dean Hachamovitch wrote in a blog post.

Microsoft found that Google bypasses the P3P Privacy Protection feature in IE. The result is similar to the recent reports of Google's circumvention of privacy protections in Apple's Safari Web browser, even though the actual bypass mechanism Google uses is different.

By default, IE blocks third-party cookies unless the site presents a P3P Compact Policy Statement indicating how the site will use the cookie and that the site's use does not include tracking the user. Google's P3P policy causes Internet Explorer to accept Google?s cookies even though the policy does not state Google?s intent.

P3P, an official recommendation of the W3C Web standards body, is a Web technology that all browsers and sites can support. Sites use P3P to describe how they intend to use cookies and user information. By supporting P3P, browsers can block or allow cookies to honor user privacy preferences with respect to the site's stated intentions.

Technically, Google utilizes a nuance in the P3P specification that has the effect of bypassing user preferences about cookies. The P3P specification states that browsers should ignore any undefined policies they encounter. Google sends a P3P policy that fails to inform the browser about Google's use of cookies and user information. "Google?s P3P policy is actually a statement that it is not a P3P policy. It?s intended for humans to read even though P3P policies are designed for browsers to "read"", Hachamovitch added.

Users cannot easily access P3P policies. Web sites send these policies directly to Web browsers using HTTP headers. The only people who see P3P descriptions are technically skilled and use special tools, like the Cookie inspector in the Fiddler tool.

Hachamovitch also took the opportunity to point out at IE users have access to a Tracking Protection List that it says prevents the P3P bypass. Additionally, he said Microsoft is "investigating what additional changes to make to our products. The P3P specification says that browsers should ignore unknown tokens. Privacy advocates involved in the original specification have recently suggested that IE ignore the specification and block cookies with unrecognized tokens."

Safari is not the only browser with this problem and Google is not the only company to exploit it. Many Web sites, including giants like Facebook, appear to be using a loophole that circumvents I.E.'s ability to block cookies.


Previous
Next
Microsoft Extends Support Lifespan For Windows 7, Vista        All News        Latest AnyDVD Release Introduces Speedmenus
Microsoft Extends Support Lifespan For Windows 7, Vista     General Computing News      SkyDrive and Windows 8

Get RSS feed Easy Print E-Mail this Message

Related News
Google Tests Drones For Delivery Of Goods
China Probes Microsoft Over Web Browser And Media Player
FCC Filing Hints At a Microsoft Rival To Chromecast
German Regulator Will Pursue Complaint Against Publishers
Microsoft to Announce Windows 9 on September Event: report
Samsung, Microsoft Want To End Android Patent Dispute Soon
Google Buys JetPac
Sony, Huawei, Microsoft To Announce New Smartphones at 2014 IFA
Microsoft Releases 19-euro Music Phone
Google Releases Fit SDK, Special Version Of Android L
Google To Rank Websites with HTTPS Higher
Google and Barnes & Noble Take On Amazon

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .