The Wall Street Journal kan fortælle, hvordan Google har brugt en form for bagdør i Safari-browseren på iPhone og computere til at få sat cookies, der kunne tjekke om brugeren var logget ind med en Google-konto.
Hos det danske it-medie ComON har Karim Pedersen skrevet artiklen Google smugler cookies ind i Safari, der beskriver sagen.
The Wall Street Journal-artiklen forklarer, hvordan Google rent teknisk har gjort – og det er ikke uden snilde.
Last year, Google added a feature to put the +1 button in ads placed across the Web using Google’s DoubleClick ad technology. The idea: If people like the ad, they could click “+1” and post their approval to their Google social-networking profile.
But Google faced a problem: Safari blocks most tracking by default. So Google couldn’t use the most common technique—installation of a small file known as a “cookie”—to check if Safari users were logged in to Google.
To get around Safari’s default blocking, Google exploited a loophole in the browser’s privacy settings. While Safari does block most tracking, it makes an exception for websites with which a person interacts in some way—for instance, by filling out a form. So Google added coding to some of its ads that made Safari think that a person was submitting an invisible form to Google. Safari would then let Google install a cookie on the phone or computer.
The cookie that Google installed on the computer was temporary; it expired in 12 to 24 hours. But it could sometimes result in extensive tracking of Safari users. This is because of a technical quirk in Safari that allows companies to easily add more cookies to a user’s computer once the company has installed at least one cookie.
Det lyder lidt anderledes end Googles udmelding om, at man har brugt “kendt funktionalitet i Safari”.
Efter The Wall Street Journal rettede henvendelse har Google fjernet koden. Det kan du læse mere om hos The Washington Post.
På battlemedia.com har ‘JBAT’ skrevet indlægget ‘A sad state of internet affairs: the journal on Google, Apple, and “privacy”‘‘, hvor pilen også bliver peget mod Apple, der forhindrer den metode, der bruges til cookies på “det åbne internet” – altså det internet, der er udenfor Apple-produkter som iPhone og Safari-browseren. (Set via Twitter)