Re: [privacybadgerchrome] tagsrvcs.com (#431) from Joseph Lorenzo Hall on 2015-07-16 (public-privacy@w3.org from July to September 2015)

From: Joseph Lorenzo Hall <joe@cdt.org>
Date: Thu, 16 Jul 2015 08:20:15 -0400
To: "Mike O'Neill" <michael.oneill@baycloud.com>
Cc: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Message-ID: <CABtrr-VhiQ-u+JrnP2Ai77KwoZqsz-t0BkkX6-qx2G0pksT3xA@mail.gmail.com>

somewhat interesting thread here on Hacker News:

https://news.ycombinator.com/item?id=9894264

On Wed, Jul 15, 2015 at 7:15 AM, Mike O'Neill
<michael.oneill@baycloud.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Thanks for your fast response Dan. The previous code has illuminated important privacy risks with this otherwise useful API.
>
> Mike
>
>
>
> From: dakami [mailto:notifications@github.com]
> Sent: 14 July 2015 20:53
> To: EFForg/privacybadgerchrome
> Cc: michael-oneill
> Subject: Re: [privacybadgerchrome] tagsrvcs.com (#431)
>
> Indeed, I killed the STUN queries.
>
> - --Dan
>
> On Tue, Jul 14, 2015 at 12:19 PM, michael-oneill <notifications@github.com>
> wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Hi Jacob,
>>
>> That was quick.
>>
>> As of about an hour ago there are no longer STUN accesses from nytimes.com,
>> washingtonpst.com, ft.com and cnbc.com. In case it is a geolocation
>> specific thing what are you seeing? I am in UK
>>
>> Mike
>>
>> From: Jacob Soo [mailto:notifications@github.com]
>> Sent: 13 July 2015 15:55
>> To: EFForg/privacybadgerchrome
>> Cc: michael-oneill
>> Subject: Re: [privacybadgerchrome] tagsrvcs.com (#431)
>>
>> Seems like mostly American website(s) are using that.
>> http://www.vanityfair.com/ and http://www.wired.com/ are using the
>> same3rd party tracking code.
>> Apparently Eric Lawrence found an interesting thing if the content is
>> blocked in IE.
>>
>> http://textslashplain.com/2015/06/22/content-blocking-unintended-consequences/
>> —
>> Reply to this email directly or view it on GitHub./
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1
>> Comment: Using gpg4o v3.4.103.5490 - http://www.gpg4o.com/
>> Charset: utf-8
>>
>> iQEcBAEBAgAGBQJVpWCpAAoJEHMxUy4uXm2JNVUIANavZ8w24KpLpKAP1Aopacw7
>> mQnDyaFuCN/zzZWBPxLuDa0mV8x9b463QiLBc59hqFBtsCuhUhTJ0btxpVaDcf9g
>> 1i5mRv2HMWoIsdGjVJX16+3KlE2vv+PQ+jSMIhVVcMYXqiQ7KdmDBVb8CBhStOPy
>> MOjTbMyZx2WGK3DSvj77X74NkKv+1uR54Y3bMPX+yc3ztX5cb/deqorUbyt3b7/U
>> KfW1QgwsTvjMdooaq/QFHwAW9XGUOXA1GcFuufZL1AmfCFAUiq8sF2O7VAce+Wem
>> 7jS2HB8Ym0h7G9+9XrZDfRSSBHDQaPnT5tG2m1jZfvD3q8WjH5sAXZqpx5noOZc=
>> =J6Ct
>> -----END PGP SIGNATURE-----
>>
>> —
>> Reply to this email directly or view it on GitHub
>> <https://github.com/EFForg/privacybadgerchrome/issues/431#issuecomment-121346937>
>> .
>>
>
> —
> Reply to this email directly or view it on GitHub./
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
> Comment: Using gpg4o v3.4.103.5490 - http://www.gpg4o.com/
> Charset: utf-8
>
> iQEcBAEBAgAGBQJVpkDCAAoJEHMxUy4uXm2J1JsH/j9J77JybByee4jPLZySdlTN
> OIlqUU+V95XrzSShXtuLL682oF0xTYdY2n56lMMQw4LQ66FXIdjE10Ptj9yE8XUU
> pVdhDpSPub2O68azb9KgJGwWCHqbQRTBc+Gc6J+bCgjVq3HNPnTvaAzQXRFwm/rf
> HrTgCKFfjFcKdbWyRBJomA93qouQyr3y7BMXclzOt4rJXRNcoDHMy/Mpef12PLtU
> ToIy3BPB9Wgnz8SDeJxGcsqiPkj4JydaF8ik7hYcMjxamBC13YIfQxuJsz2bzSwz
> GIFKOl2jHCcwAzkP+De3Z5VYblHmi4LnDqnwkUd7mIOQodQ9xwzhsysf/qlr1sE=
> =j59j
> -----END PGP SIGNATURE-----



-- 
Joseph Lorenzo Hall
Chief Technologist
Center for Democracy & Technology
1634 I ST NW STE 1100
Washington DC 20006-4011
(p) 202-407-8825
(f) 202-637-0968
joe@cdt.org
PGP: https://josephhall.org/gpg-key
fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871

Received on Thursday, 16 July 2015 12:21:16 UTC