1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Why Verizon's 'zombie cookies' are scarier than ever

Discussion in 'Security Updates' started by starbuck, Oct 12, 2015.

  1. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    The Verizon and AOL merger means 'zombie cookies' will be used to track consumers on even more websites.

    299387b94a1071835352d6b621d3e489.jpg

    Like the Walking Dead lurching across your TV screen, Verizon's "zombie cookies" never give up. These hard-to-kill bits of code that track your mobile surfing habits are about to be shared with Verizon's newest acquisition, AOL, and that means additional advertisers will learn even more about you.

    Beginning in November, if you access the Web via Verizon’'s network, data on "your gender, age range and interests," (according to a Verizon FAQ page on its Relevant Mobile Advertising program) will be pushed to AOL's extensive network of advertisers.

    Unless you opt out, you're an unwitting participant in the program, which is meant to deliver ads tailored to your interests or shopping habits. Verizon has used these tracking identifiers for some time, but by sharing data with AOL, the cookies will be used on many more sites.

    Verizon customers can't kill zombie cookies

    It's easy to find things to dislike about the program, but first a bit of context.

    Verizon's cookies aren't really cookies. If they were, you could simply block them.
    They are actually streams of data known as tokens, or Unique Identifier Headers, that Verizon inserts in the path of your browser when you visit websites with devices that are connected to the Verizon network.
    Cookie blockers won't stop them, and using private browsing modes also doesn't stop the data transfer, Verizon says.

    The information contained in the tokens does not actually identify the people who are browsing, according to Verizon. Instead, it reportedly identifies their phones. Verizon also says you can opt out by either logging into your Verizon account or by calling 1-866-211-0874.

    However, the opt-out doesn't always work, or at least it takes some time to kick in. I opted out on Friday, and when I went to a test site called AmIBeingTracked.com a few days later I was still being tracked. I asked Verizon for an explanation and will update this post when I get one.

    Why you should worry about zombie cookies

    So what's the big deal? Seeing ads tailored to you isn't really a major issue. But the privacy implications are serious.

    The tokens Verizon passes to advertisers are not encrypted, according to Yehuda Lindell, chief scientist of Dyadic Security, an Israeli security firm. If they're intercepted, the information is there to be read. Advertisers that receive tokens won't be able to link the information to specific users, but Verizon can, because the carrier has detailed information on its customers, Lindell says. Even if we assume that Verizon won't do anything untoward with the information, its network could be hacked, and the unencrypted data could fall into the wrong hands, according to Lindell.


    Source:
    http://www.networkworld.com/article...es-are-scarier-than-ever.html#tk.rss_security
     
    starbuck, Oct 12, 2015
    #1

Share This Page