Google Busted With Hand in Safari-Browser Cookie Jar (adapted)
By Ryan Singel | February 17, 2012
Ryan Singel is the editor and co-founder of the Threat Level blog. He keeps his eye on privacy, tech policy
and online liberties.
Google intentionally circumvented the default privacy settings of Apple’s Safari browser, using a backdoor to set cookies on browsers set to reject them, in the latest privacy debacle for the search and advertising giant.
Google immediately disabled the practice after the Wall Street Journal disclosed the practice Thursday night, which was discovered by Stanford researcher Jonathan Mayer and confirmed by security consultant Ashkan Soltani.
Safari, which accounts for about 6% of desktop browsing and more than 50% of mobile browsing, is the only major browser to block so called third-party cookies by default. When you visit a website, all browsers, including Safari, allow that site to put a small tracking file on your computer, which allows the site to identify a unique user, track what they’ve done and remember settings. However, many sites also have Facebook “Like” buttons, ads served by third parties, weather widgets powered by other sites or comment systems run by a third party.
Safari blocks the sites that power those services from setting or reading cookies, so a Facebook widget on a third-party site, for instance, can’t tell if you are logged in, so it can’t load a personalized widget. Google, along with a number of ad servers, were caught by Mayer avoiding this block, using a loophole in Safari that lets third parties set cookies if the browser thinks you are filling out an online form.
Google said it used the backdoor so that it could place +1 buttons on ads it places around the web via its Adsense program, so that logged-in Google+ users could press the button to share an ad. Without the workaround, the button wouldn’t be able to tell Google which Google account to link the button to.
Now if Safari weren’t so dominant on mobile to the popularity of the iPhone, it’d hardly be worth the code to get at the 6% of desktop users.
But more to the point, if this is a problem for Google and Facebook, and if the defaults actually do mess with user’s expectations, it would seem that there are better ways to bring attention to the issue than getting busted working around them. It may not be Apple’s first priority to help Facebook and Google, but I likewise doubt that Apple is intentionally trying to ruin user experience in order to hobble Facebook, Google and online ad networks.
Given that Google announced it is backtracking on its privacy promises to users in order to create the mother of all online profiles by combining the data you give it to nearly all of its services, that secrecy may be more disturbing than the “crime” itself.
Fonte: http://www.wired.com/threatlevel/2012/02/google-safari-browser-cookie/
De acordo com o texto, o Safari tem uma característica única entre os navegadores mais populares. Essa característica pode ser encontrada na seguinte alternativa:
