http://www.theregister.co.uk/2011/10/11/websites_share_usernames/ By Dan Goodin in San Francisco The Register 11th October 2011 Home Depot, The Wall Street Journal, Photobucket, and hundreds of other websites share visitor's names, usernames, or other personal information with advertisers or other third parties, often without disclosing the practice in privacy policies, academic researchers said. Sixty-one percent of websites tested by researchers from Stanford Law School's Center for Internet and Society leaked the personal information, sometimes to dozens of third-party partners. Home Depot, for example, disclosed the first names and email addresses of visitors who clicked on an ad to 13 companies. The Wall Street Journal divulged to seven of its partners the email address of users who enter the wrong password. And Photobucket handed over the usernames of those who use the site to share images with their friends. The report comes as US officials have proposed a mandatory Do Not Track option for all websites. Some operators have argued such measures are unnecessary because their systems for tracking visitors' browsing histories aren't linked to a user's specific identity. In the report, Jonathan Mayer, a Stanford graduate student who led the study, argued against the claim that the online tracking is anonymous. A username alone, he explained, is often more than adequate to identify the owner, and when it's combined with other information, such as his geographic location or first name, even widely used usernames can be uniquely assigned to an individual. [...] _____________________________________________________________ FINAL CALL to register #HITB2011KUL - Asia's premier deep-knowledge network security event now in it's 9th year! http://conference.hitb.org/hitbsecconf2011kul/Received on Wed Oct 12 2011 - 01:39:37 PDT
This archive was generated by hypermail 2.2.0 : Wed Oct 12 2011 - 01:49:03 PDT