[tor-talk] google analytics says it can track across separate domains

Joe Btfsplk joebtfsplk at gmx.com
Sun May 20 03:25:59 UTC 2012 

On 5/19/2012 5:00 PM, Mike Perry wrote:
> If you prevent the associated identifier transmission and 
> fingerprinting issues, "web beacons" do not link your activity on one 
> url to another. If we prevent identifier transmission and 
> fingerpritning, web beacons will see both visits, but they do not know 
> it is the same user on both visits. The reason we don't care that they 
> can still see both visits is because the urls you visit can and do 
> simply sell their logs to third parties already. If a site tries to 
> deploy web beacons, you should assume they are also selling your data 
> to whoever is buying, regardless of what the browser actually does.
>> Presumably, as they are loaded w/ pages, even w/ disk cache turned
>> off, they can still be stored in memory cache&  still track users,
>> unless memory cache is disabled.  True?
> Not exactly. In Tor Browser, cache is isolated by url bar domain,
> meaning that the cached copy of a web beacon that was loaded under one
> url bar is actually *not* used when the same web beacon is loaded under
> a different url bar.
>
> Though in interest of full disclosure, you'll notice that one of the
> "tbb-linkability" tagged bugs is an issue with this cache isolation
> specifically for images:
> https://trac.torproject.org/projects/tor/ticket/5742
>
> Tracking scripts are correctly isolated in the cache, however (which is
> more important, as many tracking scripts *do* embed unique identifiers
> to get cached and used when the user clears cookies).
I used the term "web beacon" too loosely, rather than as specifically 
1x1 GIFs.  Similar to how "trackers" is often used to describe a single 
beast, regardless of their function.
There are of course, several types of technology that are often loosely 
referred to under the general "tracker" term.  I didn't do a good job, 
but in my original question a month or so ago & again today, I meant to 
include java script trackers as well.  Many of the "true" trackers - w/ 
cross domain tracking ability - are java script.  Google Analytics is 
only one of many.

I think that those voicing a concern w/ these & TBB, were concerned w/ 
the trackers most difficult to stop.  Are you saying that * tracking 
scripts * are ALSO isolated per URL domain in the cache (see quote 
below)?  So that cross domain tracking isn't possible in TBB?  If that's 
not correct, then there's still a big problem for now.

> Tracking scripts are * correctly * isolated in the cache, however (which is
> more important, as many tracking scripts*do*  embed unique identifiers
> to get cached and used when the user clears cookies).

When you speak of sandboxing:
> Flash has tons of fingerprinting and proxybypass issues hidden in its binary blob. We
> really need a full sandboxing technology to make it safe to uniformly enable.
If running an app in something like Sandboxie, (maybe you mean a diff 
scenario), it is protecting the OS / machine from the APP.  It doesn't 
stop a browser (or, I assume, trackers; Flash) from connecting to the 
internet.  Maybe it would have value once the browser is closed, Flash 
proxy bypass has already occurred.  Unless you're talking about 
something else.

More information about the tor-talk mailing list