Sunday, October 28, 2007
The urchinTracker() method: How Dozier Internet Law, PC's website secretly spies on its visitors
Many web sites track or (to use a less friendly word) "spy"on their users. As tdaxp.com sits on top of blogspirit's blog content system, I can view aggregate data about who is accessing my posts. Many other sites use SiteMeter or another third-party tool to get even more detailed information.
Some attempt to hide their espionage, however. One such good example is Dozier Internet Law, PC (a company which forbids hyperlinking). They forbid the "view source" option in a web browser that allows individuals to see what code is being activated by their presense. A view source on Slashdot's copy of their web code reveals the following
_uacct = "UA-294347-1";
Curious about what this (I was inspired by Raise the Hammer's investigation) I searched, and found that it is part of Google Analytics:
For more information on using urchinTracker, please refer to the following help articles:
To their credit, they do state that visitors are being tracked on the Privacy Page. I'm really puzzled if they are taking seriously as Internet law experts.
Posted by: StrategyUnit | Monday, October 29, 2007
I wonder what is the process for refusing the user agreement, and un-tracking yourself on the index and user agreement pages?"
Also from the agreement:
"We don’t presently conduct e-commerce activities in the sense of accepting registrations or providing private access to a protected area of our website."
Which means, I assume that the protected area of their website, available by clicking on "Administration (authorization required)" , is unavailable for any non-Dozier-employee. Which makes it all the stranger there would be a link to it.
(a) the user agreement is in error
(b) Dozier has no security sense whatsoever
(c) the link is a honey-pot designed to track hackers
Posted by: Dan tdaxp | Monday, October 29, 2007