Firefox’s optional Tracking Protection reduces load time for top news sites by 44%.
How to turn on Tracking Protection:
- In the Location bar, type about:config and press Enter.
- The about:config “This might void your warranty!” warning page may appear. Click I’ll be careful, I promise! to continue to the about:config page.
- Search for privacy.trackingprotection.enabled.
- Double-click privacy.trackingprotection.enabled to toggle its value to true.
This will turn on Tracking Protection. If you later want to turn it back off, repeat the above steps to toggle the preference back to false.
As The Wall Street Journal recently reported, “There’s an Uber for everything now. Washio is for having someone do your laundry, Sprig and SpoonRocket cook your dinner and Shyp will mail things out so you don’t have to brave the post office. Zeel delivers a massage therapist (complete with table). Heal sends a doctor on a house call, while Saucey will rush over alcohol. And by Jeeves — cutesy names are part of the schtick — Dufl will pack your suitcase and Eaze will reup a medical marijuana supply.”
I thought MoDo had been played, but it’s all true, even if some of them only serve Seattle and Silicon Valley.
In order to get box.com to work on my computer, I had to enable TLS 1.0, 1.1, and 1.2 in Internet Explorer, even though I almost never use IE.
I had turned off all three versions of TLS on security grounds. As a result, I kept getting an error message when I tried to log into Box Sync on my computer (“Cannot connect”).
Box.com help desk’s explanation for the requirement — amazingly — is that SSL 3.0 is not secure so they don’t use it. It’s true there have been issues with SSL 3.0, but TLS, as I understand it, has the same issues plus much worse. [UPDATE: Dan Riley explains why I have it all backwards in the comments.]
On the positive side, I only figured out the source of the problem thanks to efficient and friendly work from ‘Ashley’ at the box.com help desk, so they are doing something right.
We identified three types of scams happening on [Chinese dating site] Jiayuan. … Another interesting type of scams that we identified are what we call dates for profit. In this scheme, attractive young ladies are hired by the owners of fancy restaurants. The scam then consists in having the ladies contact people on the dating site, taking them on a date at the restaurant, having the victim pay for the meal, and never arranging a second date. This scam is particularly interesting, because there are good chances that the victim will never realize that he’s been scammed — in fact, he probably had a good time.
Would be a nice tort problem if I taught fraud (and I should).
Spotted via via Schneier on Security: Online Dating Scams.
How Verizon and Turn Defeat Browser Privacy Protections
Verizon advertising partner Turn has been caught using Verizon Wireless’s UIDH tracking header to resurrect deleted tracking cookies and share them with dozens of major websites and ad networks, forming a vast web of non-consensual online tracking. Explosive research from Stanford security expert Jonathan Mayer shows that, as we warned in November, Verizon’s UIDH header is being used as an undeletable perma-cookie that makes it impossible for customers to meaningfully control their online privacy.
Mayer’s research, described in ProPublica, shows that advertising network and Verizon partner Turn is using the UIDH header value to re-identify and re-cookie users who have taken careful steps to clear their cookies for privacy purposes. This contradicts standard browser privacy controls, users’ expectations, and Verizon’s own claims that the UIDH header won’t be used to track users because it changes periodically.
This spectacular violation of Verizon users’ privacy—made all the worse because of Verizon’s failure to allow even an opt-out—has already had far-reaching consequences.
UPDATE (1/17/15): Ad Network Turn Will Suspend Zombie Cookie Program. When Will Verizon?