[LiveBrianD]

Using Ghostery, I've found several scripts on pcworld.com and blocked them. However, I've found that if I block 'omniture', I can't comment on articles (the forums work though). What does this script actually do? It looks like a tracking one from what I've seen.

[bcappel]

Omniture is what we use to track page views so we know what pages are getting read. We use it to help figure out what content our readers like so we can create more like it.

Any script you block on PCWorld is likely causing us a loss of money, so we'd appreciate it if you do not block any scripts so we can keep this site free.

Thanks,
Bill

[LiveBrianD]

bcappel, on 28 November 2011 - 10:31 AM, said:

Omniture is what we use to track page views so we know what pages are getting read. We use it to help figure out what content our readers like so we can create more like it.

Any script you block on PCWorld is likely causing us a loss of money, so we'd appreciate it if you do not block any scripts so we can keep this site free.

Thanks,
Bill

The thing is, can't those scripts also see what other sites you visit? Granted, it's not like I'm an FBI agent dealing with confidential information, but I still consider that an invasion of privacy. That's the whole reason I block ads (that, and how they slow down the page loading). If ads were just plain PNG images or text ads, with no audio, popups, ad landing pages, or ads that show up in my face or take over the page when you hover over them, I wouldn't have the slightest problem allowing them. I also have FF clear my cookies and history when I close it, just in case I missed a tracking cookie or two.

Anyway, how does Omniture make the comments on articles work? That's why I allow Omniture (though none of the others).

[LiveBrianD]

Is one of those scripts what updates the part of your profile that says where you currently are? I just made a post a moment ago but when I checked myself from another browser, that I was not logged in with, it said I was offline.

[Evildave]

Omniture is a separate beast from the forum software its self. It's pure spyware, jerry-rigged into everything like poorly thought out booby traps.

Because even though almost any web server could quietly log the info themselves, with nary a bit of suspicious scripted crap on the front-end, there aren't a thousand marketing specialists calling every web developer's boss, boss' boss, and boss' boss' boss, telling them that the server can 'log' things on the back end for free. They are calling those clueless dimwits, telling them that only by paying an external corporation exorbitant fees can they get that information. It generates the same work for the developers to log and extract, versus call an alien 'API' and extract from that mess on someone else's server. But it does have a nice GUI with pretty colors, which those bosses will have to pay someone to use for them, anyway.
http://www.omniture.com/en/

I've seen this on a couple of forums, like 'Pluck' forums for small newspapers. Some bits and pieces passed through the ad server scripts that are served up, and if you block the content, certain features break, like the ability to login. Of course, you can make an ad blocking exception for one page of a site, log in there, and carry on. That usually works.

I started blocking ads long ago because they slowed down my dial up connection. Now they're HUGE, with nasty tentacles.

I probably wouldn't bother blocking ads if they were straight text and plain static images. But since there can be SWFs and all manner of scripted horrors completely beyond any web site's control, I think I'll carry on blocking.

If you don't want your users blocking ads, serve them from your own domain.

[LiveBrianD]

I totally agree. Plain text ads and PNGs that do not track, perhaps they send you through a redirect when you click them that lets them know you clicked the link, are fine. fyi, I think that's how google's searches work - there are no scripts there that I can detect, or 3rd party cookies, but each link goes through a google redirect when clicked.

The thing is, I think the UI for comments on articles is an addon to the regular IP.Board forum software we're posting in here, and maybe that needs omniture. I also found that if I disable gigya, when I click on images on the site, nothing happens (instead of it showing the full sized image).

[Evildave]

I'm not really so selective or subtle in my script blocking, really. Swf blocking, ad blocking plugins, and that's about it.

I'm not really going to 'care' about every scripted bit of nastiness, because I can't. It would be doing a full day's code review on every web site I visited. Automated things are certainly helpful, but they can't (as demonstrated here) be trusted to always do it so that the page 'works', or always to correctly identify content from crap.

I have some direct experience with projects that used 'Omniture', and without exception, it was for 'watching' users. I've even seen this kind of tracking put into console games (PS2/XBOX and ever since - EA was completely enamored with watching how many seconds players spent on various pieces of their games - ALL of their games call home and report what you did, as soon as there's an internet connection for them to do it).

Every click on the web is calling home, telling someone about what you saw, and what you did. And that gets your IP/port stamped right onto it. And since they all report to a very few centralized ad serving systems, it doesn't take much to connect the dots and make a complete history of where you went, and what you did.

Not that I have anything specific for you to do about it. It's just one of those things you should know.

[bcappel]

Evildave, on 04 December 2011 - 12:51 AM, said:

Omniture is a separate beast from the forum software its self. It's pure spyware, jerry-rigged into everything like poorly thought out booby traps.

Because even though almost any web server could quietly log the info themselves, with nary a bit of suspicious scripted crap on the front-end, there aren't a thousand marketing specialists calling every web developer's boss, boss' boss, and boss' boss' boss, telling them that the server can 'log' things on the back end for free. They are calling those clueless dimwits, telling them that only by paying an external corporation exorbitant fees can they get that information. It generates the same work for the developers to log and extract, versus call an alien 'API' and extract from that mess on someone else's server. But it does have a nice GUI with pretty colors, which those bosses will have to pay someone to use for them, anyway.
http://www.omniture.com/en/

I've seen this on a couple of forums, like 'Pluck' forums for small newspapers. Some bits and pieces passed through the ad server scripts that are served up, and if you block the content, certain features break, like the ability to login. Of course, you can make an ad blocking exception for one page of a site, log in there, and carry on. That usually works.

I started blocking ads long ago because they slowed down my dial up connection. Now they're HUGE, with nasty tentacles.

I probably wouldn't bother blocking ads if they were straight text and plain static images. But since there can be SWFs and all manner of scripted horrors completely beyond any web site's control, I think I'll carry on blocking.

If you don't want your users blocking ads, serve them from your own domain.

Sorry but you are almost completely wrong here. I am the PCWorld software engineer for web analytics, which includes omniture. I know exactly how omniture works, and you are not even remotely close. It is not, in any way, shape, or form, spyware of any sort. Furthermore there is absolutely not a way the information omniture provides could be found using only weblogs with no scripts.

Sounds like you also don't have any idea how ads actually work.

Bill

This post has been edited by bcappel: 05 December 2011 - 09:56 AM

[bcappel]

LiveBrianD, on 04 December 2011 - 03:19 PM, said:

I totally agree. Plain text ads and PNGs that do not track, perhaps they send you through a redirect when you click them that lets them know you clicked the link, are fine. fyi, I think that's how google's searches work - there are no scripts there that I can detect, or 3rd party cookies, but each link goes through a google redirect when clicked.

The thing is, I think the UI for comments on articles is an addon to the regular IP.Board forum software we're posting in here, and maybe that needs omniture. I also found that if I disable gigya, when I click on images on the site, nothing happens (instead of it showing the full sized image).

Google tracks every single page load, ad load, and ad click, just like every other site that has ads on it. No advertiser will buy ads on any website, including in google search, if they aren't going to know how many times their ads get displayed and clicked. Otherwise they will have no way of knowing how effective an ad is for them. The only exception to that is links for the sole purpose of SEO, and those links pay very little.

Nothing on our site anywhere *needs* omniture, gigya, or anything else. But in some cases we do have the scripts integrated. We use omniture to count how many replies are made to posts. If replies suddenly drop we know that there may be something wrong with the forums, or something we changed is making people post less. So if you try to post a reply and the omniture script isn't loaded, then when the reply script tries to call the omniture script to log that a reply happened, the reply script will end up failing. The only thing that gets logged is that a reply happened, not the text of the reply or anything else, including your ip address.

Bill

[LiveBrianD]

So basically, that's why I always appear offline even if I made a post just a minute ago and am still signed in? (checking from a different browser where I'm NOT signed in)

[bcappel]

LiveBrianD, on 05 December 2011 - 03:41 PM, said:

So basically, that's why I always appear offline even if I made a post just a minute ago and am still signed in? (checking from a different browser where I'm NOT signed in)

Where are you seeing that you appear offline? Do you mean the little online/offline icon that appears next to your name in posts? I just looked at you from a browser that I'm not logged in on and you appear online when I look in your profile, and next to your name in posts, and at the bottom on the forum index page. I don't know for certain, but if you aren't seeing yourself online I'd guess that there's a script you have disabled in that browser that shows online/offline. I don't recall the code for that offhand, but I don't think a script should be affecting that, so I'm not sure.

[LiveBrianD]

I use FF for posting, and checked my online status in IE9. It says "Last Active: Today, 04:23 PM" with the little online person icon, but says "Currently: Not online". Yet I just made a post. Huh?
Edit: On posts, it shows the little online icon. However, my profile never shows where I am on the forum, it just says offline. This has to be some script I'm blocking. (note: I usually open several forum tabs at once, so what that says isn't usually accurate of what I'm actually looking at.)

This post has been edited by LiveBrianD: 05 December 2011 - 04:26 PM

[Evildave]

bcappel, on 05 December 2011 - 09:52 AM, said:

Sorry but you are almost completely wrong here. I am the PCWorld software engineer for web analytics, which includes omniture. I know exactly how omniture works, and you are not even remotely close. It is not, in any way, shape, or form, spyware of any sort. Furthermore there is absolutely not a way the information omniture provides could be found using only weblogs with no scripts.

Sounds like you also don't have any idea how ads actually work.

Bill

Yes, as a matter of fact, I DO know how Omniture works. And looking at this page's source code, it's the same 'Omniture' I had to integrate.

So you say it's not spyware? OK. it's just software that watches everything you do on this web site and tells a different server about it, so it can record and correlate it in all kinds of ill-defined ways.

You load the page, the script sends an 'impression' to Omniture. (With your IP address, and whatever else PCWorld has elected to throw in among the parameters.)

You click the ad (or other links), it sends a 'click' event to Omniture. (With your IP address, and whatever else PCWorld has elected to throw in among the parameters.)

No, the script doesn't send your IP address. They get that because the browser sent ANYTHING to Omniture over TCP/IP, as soon as the listen returned a socket handle.

It's not rocket science.

You don't like the term 'spyware', but what else shall I call it? 'Marketing research'? That's the kind of candy coating that everyone else gives their spyware, too. Even when they use your phone's GPS to record where you go, and quietly call a server to record it.

If you are doing it to others, it's 'legitimate and harmless research'.

When others catch you doing it to THEM, it's SPYING. Snooping, monitoring, eavesdropping, prying... pick your word. The thesaurus is full of them. IT MEANS THE SAME THING.

When I'm forced to write code that reports/records what people do, I call it software that is spying, hence 'SPYWARE'.

And hey, not only is omniture being called (Right Click and 'View Source' to play along at home, folks), a 'Nielson SiteCensus' thing is also recording your activities. With just as poor a reputation as Omniture. Who'd have guessed? It even pings a parsely.com site.

I didn't bother copying the long list of variables initialized before these code snippets got called.

Because reporting to one kind of spy master isn't enough. On top of all the recording and reporting the ads themselves do, you have not one, not TWO, but THREE different kinds of scripted spies calling home with impressions, and of course, every user's IP/port comes with that.

Yeah, I don't know all of what you're doing with this crap. I only spent 30 seconds tracking down SOME of your various bits of SPYWARE. There are probably even more, if I cared to turn off some of the browser filtering and poke around in the ads, which you have very little control over, if any.

/************* DO NOT ALTER ANYTHING BELOW THIS LINE ! **************/
var s_code=s.t();if(s_code)document.write(s_code)//--></script>
<script language="JavaScript" type="text/javascript"><!--
if(navigator.appVersion.indexOf('MSIE')>=0)document.write(unescape('%3C')+'\!-'+'-')
//--></script><noscript><a href="http://www.omniture.com" title="Web Analytics"><img 
src="http://pcworldcommunication.122.2o7.net/b/ss/pcwmwdev/1/H.20.3--NS/0"
height="1" width="1" border="0" alt="" /></a></noscript><!--/DO NOT REMOVE/-->
<!-- End SiteCatalyst code version: H.20.3. -->


<!-- START Nielsen Online SiteCensus V6.0 -->
<!-- COPYRIGHT 2010 Nielsen Online -->
<script type="text/javascript">
  (function () {
    var d = new Image(1, 1);
    d.onerror = d.onload = function () {
      d.onerror = d.onload = null;
    };
    d.src = ["//secure-us.imrworldwide.com/cgi-bin/m?ci=us-203426h&cg=0&cc=1&si=", escape(window.location.href), "&rp=", escape(document.referrer), "&ts=compact&rnd=", (new Date()).getTime()].join('');
  })();
</script>
<noscript>
  <div>
    <img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-203426h&amp;cg=0&amp;cc=1&amp;ts=noscript"
    width="1" height="1" alt="" />
  </div>
</noscript>
<!-- END Nielsen Online SiteCensus V6.0 -->

<!-- START Parse.ly Include: Standard --> 
<div id="parsely-root" style="display: none"> 
<a id="parsely-cfg" data-parsely-site="pcworld.com" href=" http://parsely.com">Powered by the Parse.ly Publisher Platform (P3).</a> 
</div>
<script> (function(s, p, d) {
var h=d.location.protocol, i=p+"-"+s, e=d.getElementById(i), r=d.getElementById(p+"-root"); 
if (e) return; e = d.createElement(s); e.id = i; e.async = true; e.src = h+"static.parsely.com/p.js"; r.appendChild(e);
})("script", "parsely", document);
</script>
<!-- END Parse.ly Include -->	

[bcappel]

Evildave, on 05 December 2011 - 11:38 PM, said:

bcappel, on 05 December 2011 - 09:52 AM, said:

Sorry but you are almost completely wrong here. I am the PCWorld software engineer for web analytics, which includes omniture. I know exactly how omniture works, and you are not even remotely close. It is not, in any way, shape, or form, spyware of any sort. Furthermore there is absolutely not a way the information omniture provides could be found using only weblogs with no scripts.

Sounds like you also don't have any idea how ads actually work.

Bill

Yes, as a matter of fact, I DO know how Omniture works. And looking at this page's source code, it's the same 'Omniture' I had to integrate.

So you say it's not spyware? OK. it's just software that watches everything you do on this web site and tells a different server about it, so it can record and correlate it in all kinds of ill-defined ways.

You load the page, the script sends an 'impression' to Omniture. (With your IP address, and whatever else PCWorld has elected to throw in among the parameters.)

You click the ad (or other links), it sends a 'click' event to Omniture. (With your IP address, and whatever else PCWorld has elected to throw in among the parameters.)

No, the script doesn't send your IP address. They get that because the browser sent ANYTHING to Omniture over TCP/IP, as soon as the listen returned a socket handle.

It's not rocket science.

You don't like the term 'spyware', but what else shall I call it? 'Marketing research'? That's the kind of candy coating that everyone else gives their spyware, too. Even when they use your phone's GPS to record where you go, and quietly call a server to record it.

If you are doing it to others, it's 'legitimate and harmless research'.

When others catch you doing it to THEM, it's SPYING. Snooping, monitoring, eavesdropping, prying... pick your word. The thesaurus is full of them. IT MEANS THE SAME THING.

When I'm forced to write code that reports/records what people do, I call it software that is spying, hence 'SPYWARE'.

And hey, not only is omniture being called (Right Click and 'View Source' to play along at home, folks), a 'Nielson SiteCensus' thing is also recording your activities. With just as poor a reputation as Omniture. Who'd have guessed? It even pings a parsely.com site.

I didn't bother copying the long list of variables initialized before these code snippets got called.

Because reporting to one kind of spy master isn't enough. On top of all the recording and reporting the ads themselves do, you have not one, not TWO, but THREE different kinds of scripted spies calling home with impressions, and of course, every user's IP/port comes with that.

Yeah, I don't know all of what you're doing with this crap. I only spent 30 seconds tracking down SOME of your various bits of SPYWARE. There are probably even more, if I cared to turn off some of the browser filtering and poke around in the ads, which you have very little control over, if any.

/************* DO NOT ALTER ANYTHING BELOW THIS LINE ! **************/
var s_code=s.t();if(s_code)document.write(s_code)//--></script>
<script language="JavaScript" type="text/javascript"><!--
if(navigator.appVersion.indexOf('MSIE')>=0)document.write(unescape('%3C')+'\!-'+'-')
//--></script><noscript><a href="http://www.omniture.com" title="Web Analytics"><img 
src="http://pcworldcommunication.122.2o7.net/b/ss/pcwmwdev/1/H.20.3--NS/0"
height="1" width="1" border="0" alt="" /></a></noscript><!--/DO NOT REMOVE/-->
<!-- End SiteCatalyst code version: H.20.3. -->


<!-- START Nielsen Online SiteCensus V6.0 -->
<!-- COPYRIGHT 2010 Nielsen Online -->
<script type="text/javascript">
  (function () {
    var d = new Image(1, 1);
    d.onerror = d.onload = function () {
      d.onerror = d.onload = null;
    };
    d.src = ["//secure-us.imrworldwide.com/cgi-bin/m?ci=us-203426h&cg=0&cc=1&si=", escape(window.location.href), "&rp=", escape(document.referrer), "&ts=compact&rnd=", (new Date()).getTime()].join('');
  })();
</script>
<noscript>
  <div>
    <img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-203426h&amp;cg=0&amp;cc=1&amp;ts=noscript"
    width="1" height="1" alt="" />
  </div>
</noscript>
<!-- END Nielsen Online SiteCensus V6.0 -->

<!-- START Parse.ly Include: Standard --> 
<div id="parsely-root" style="display: none"> 
<a id="parsely-cfg" data-parsely-site="pcworld.com" href=" http://parsely.com">Powered by the Parse.ly Publisher Platform (P3).</a> 
</div>
<script> (function(s, p, d) {
var h=d.location.protocol, i=p+"-"+s, e=d.getElementById(i), r=d.getElementById(p+"-root"); 
if (e) return; e = d.createElement(s); e.id = i; e.async = true; e.src = h+"static.parsely.com/p.js"; r.appendChild(e);
})("script", "parsely", document);
</script>
<!-- END Parse.ly Include -->	

Thanks for proving my point. Omniture has nothing to do with ads at all. And most of that script you attached has nothing to do with Omniture. And Omniture does not collect your IP address. Omniture is not in any way spyware.

Bill

[bcappel]

LiveBrianD, on 05 December 2011 - 04:25 PM, said:

I use FF for posting, and checked my online status in IE9. It says "Last Active: Today, 04:23 PM" with the little online person icon, but says "Currently: Not online". Yet I just made a post. Huh?
Edit: On posts, it shows the little online icon. However, my profile never shows where I am on the forum, it just says offline. This has to be some script I'm blocking. (note: I usually open several forum tabs at once, so what that says isn't usually accurate of what I'm actually looking at.)

Oh! I see what you're talking about now. It doesn't show that for me from a browser that I'm not logged on to either. I think that is a setting in the software so people who aren't logged in can't see what logged in people are doing.

Bill

[Evildave]

No, I said that ADS ARE AN ADDITIONAL MEANS OF TRACKING ON TOP OF YOUR THREE, COUNT THEM, THREE FLAVORS OF TRACKING.

OMNITURE GETS YOUR IP ADDRESS BECAUSE YOU SEND ANYTHING TO IT.

They get my IP address the same way that PCWorld forum software gets my IP address. Because that HTTP message over TCP/IP has my IP address, because it's a two-way communication channel. Two way means that it must be able to send information BACK to me.

Don't you even understand how TCP/IP works? The very act of sending data to them SENDS YOUR IP TO THEM. Don't you worthless script kiddies understand ANY of the underlying technology?

Omniture (and your TWO OTHER pieces of spyware, AND the various ad servers) can elect to record (or not to record) your IP address, any information you send along with it, cookies that the browser has attached with those requests. Because THEY CAN.

They can TELL YOU they don't record your IP address, and YOU can trust them like cattle being lined up, but I certainly don't 'trust' spyware like this.

Stop being so thick.

[bcappel]

Evildave, on 06 December 2011 - 01:54 PM, said:

No, I said that ADS ARE AN ADDITIONAL MEANS OF TRACKING ON TOP OF YOUR THREE, COUNT THEM, THREE FLAVORS OF TRACKING.

OMNITURE GETS YOUR IP ADDRESS BECAUSE YOU SEND ANYTHING TO IT.

They get my IP address the same way that PCWorld forum software gets my IP address. Because that HTTP message over TCP/IP has my IP address, because it's a two-way communication channel. Two way means that it must be able to send information BACK to me.

Don't you even understand how TCP/IP works? The very act of sending data to them SENDS YOUR IP TO THEM. Don't you worthless script kiddies understand ANY of the underlying technology?

Omniture (and your TWO OTHER pieces of spyware, AND the various ad servers) can elect to record (or not to record) your IP address, any information you send along with it, cookies that the browser has attached with those requests. Because THEY CAN.

They can TELL YOU they don't record your IP address, and YOU can trust them like cattle being lined up, but I certainly don't 'trust' spyware like this.

Stop being so thick.

Omniture does not log your IP address. Of course your IP address is used in the call, that is how the internet works. I see the data that is collected by omniture every day, I know what is in it. Don't call something spyware that you clearly do not understand.

There is absolutely zero spyware running on PCWorld. You need to check the definition of spyware before you going making such baseless accusations.

Bill

[Evildave]

You're going to tell me what an external company that you have ABSOLUTELY NO ACCESS TO does and does not do with IP addresses?

Gosh, tell us what Apple will do next!

Zero spyware, except the scripts reporting your every move to various off-site servers.

You don't give out out IP address to anyone, but that doesn't mean the three (or more) companies who are also being notified BY YOUR SCRIPTS when we make a post, when we visit a page, etc. aren't logging it, and/or reselling it.

Tell us what to call this scripting, then? Shall we call it 'definitely not spyware that just happens to spy on you'?

[Evildave]

In short, you're not in any position to guarantee what Adobe (Omniture) logs, or does not log.

Nor can you make any assurances about what 'Nielsen Online SiteCensus' or 'Parse.ly' do with the data that YOU send them from OUR browsers.

You especially can not make assurances about random scripted crap that ad servers send to fill those spots on your site will make your users' browsers do, either.

You have no access to know what they ACTUALLY do.

But because you put their scripts on your pages, THEY have access to US.

This post has been edited by Evildave: 06 December 2011 - 07:54 PM

[Evildave]

And here's a FOURTH piece of constant spying and prying:

Right-click on any link in a forum post, 'copy' link, and paste it into any editor. You'll get a nice, long, spammy thing, kind of like this...

http://api.viglink.com/api/click?format=go&key=2b0adaafa9ad8a29fede7758fada1730&loc=http%3A%2F%2Fforums.pcworld.com%2Findex.php%3F%2Ftopic%2F131757-us-navy-declares-war-on-trash%2Fpage__gopid__559074%23entry559074&v=1&libid=1323366245993&out=http%3A%2F%2Fen.wikipedia.org%2Fwiki%2FWaste-to-energy&ref=http%3A%2F%2Fforums.pcworld.com%2Findex.php%3Fapp%3Dforums%26module%3Dpost%26section%3Dpost%26do%3Dreply_post%26f%3D2023%26t%3D131757%26qpid%3D559031&title=Us%20Navy%20Declares%20War%20On%20Trash%20-%20PCWorld%20Forums&txt=http%3A%2F%2Fen.wikipedia....Waste-to-energy&jsonp=vglnk_jsonp_13233662516661

http://www.viglink.com/

Every link that gets posted into a forum post gets wrapped in this 'viglink.com' stuff, identifying what you were reading, and of course yielding up your IP address and any previously saved cookies along with the HTTP request. It hits their site first, and then redirects to the referenced page, enabling even more spying, on the off chance it's a product link that PCWorld could get paid for, but always recording and watching what you do, regardless.

Accumulate and resell those statistics.

Or potentially report to online reputation management when people post certain kinds of links, because you need to get those shills in, earning their money, too. An invaluable service.