Apache webserver patch set to ignore IE10's Do Not Track feature

Leeky

Leeky

Posts: 3,357   +116

An Apache HTTP webserver developer has stirred up controversy after releasing an update for the webserver application to Github that ignores Internet Explorer 10's "Do Not Track" (DNT) settings. Roy Fielding, an architect of the DNT standard, an Adobe employee and the chief scientist for Apache, says he made the changes because Microsoft is deliberately violating the standard -- a fact Apache won't tolerate.

"[DNT] must reflect the user's preference, not the choice of some vendor, institution, or network-imposed mechanism outside the user’s control." DNT is intended to give computer users a simple means of preventing their browsing habits from being tracked by websites and advertisement networks. Although it's yet to be finalized, it hasn't stopped Microsoft from adding its own interpretation to its Web browser.

In June, Microsoft said that IE10 would enable DNT by default, which raised curiosity and anger in equal measures because the decision seemed contrary to an agreement made with the Digital Advertising Alliance, a consortium of which Microsoft is a member. The company agreed with all parties to honor DNT as long as it was not made the default setting for all browsers.

Critics of Fielding's patch say that users are informed DNT will be enabled when they select the "express settings" option during the final stages of installation and, as such, IE10 is fully compliant with the standard. They argue that it isn't Apache's job to police the standard.

"The only reason DNT exists is to express a non-default option," Fielding wrote when defending the patch. "That's all it does. It does not protect anyone's privacy unless the recipients believe it was set by a real human being, with a real preference for privacy over personalization."

Permalink to story.

https://www.techspot.com/news/50109-apache-webserver-patch-set-to-ignore-ie10s-do-not-track-feature.html

 
So if you workaround some copy protection you'll go to jail, but if some corporations override your privacy settings its ok?
 
Very poor from Apache.... but then again leaving the server to honour "do not track" client settings was always flawed and subject to such abuse in the first place.
 
Darth Shiv said:
Very poor from Apache.... but then again leaving the server to honour "do not track" client settings was always flawed and subject to such abuse in the first place.
Click to expand...

This exactly. Design your browser to hide all possible information from the webserver if you want privacy. Add vpn and proxy specific options if you really want privacy.
 
Design your browser to hide all possible information from the webserver if you want privacy.
Click to expand...

+1

I wonder if MS would push/support for alternatives e.g. Lighttd, Nginx, Boa, IIS etc. ....... could be fun if it happens.
 
Archean said:
+1

I wonder if MS would push/support for alternatives e.g. Lighttd, Nginx, Boa, IIS etc. ....... could be fun if it happens.
Click to expand...

You wonder if Microsoft would support IIS as an alternative? That's an emphatic yes.

Very poor from Apache
Click to expand...

I disagree, it should be the user's choice, not Microsoft's.
 
Personally I feel that they shouldnt track you anyways. The joy of online, is that the user gains annonimity. You get to surf the web in the comfort of your own home. Going to whatever website strikes your fancy. That allows you to explore the web and all it has to offer w/o the judgments of others. I find it a bit disturbing that ppl want to know if im going on a game site or a porn site. Tracking is a slippery slope. Yea I'm sure those that track you are going to say they are doing it to provide you a better web experience. In the end it all boils down to the fact that DNT should be a default setup. Its not anyones business what and where you choose to visit.
 
I understand wanting to stick by a standard but I don't get Apache's position here. How is "uncheck here if you don't want DNT" different qualitatively from "check here if you do want DNT"? Either way, it's the user's choice. If IE10 presents the choice clearly during the install but defaults to more not less privacy, doesn't this server mod award the Snoopy Bad Boy demerit badge to Apache? This makes no sense.
 
Tygerstrike said:
Personally I feel that they shouldnt track you anyways. The joy of online, is that the user gains annonimity. You get to surf the web in the comfort of your own home. Going to whatever website strikes your fancy. That allows you to explore the web and all it has to offer w/o the judgments of others. I find it a bit disturbing that ppl want to know if im going on a game site or a porn site. Tracking is a slippery slope. Yea I'm sure those that track you are going to say they are doing it to provide you a better web experience. In the end it all boils down to the fact that DNT should be a default setup. Its not anyones business what and where you choose to visit.
Click to expand...

Giving users a "better experience" is noble, but the *real* problem with DNT is untargeted advertising is nearly worthless. Advertising, of course, makes a lot of the free content we enjoy on the Internet possible and knowing what your demographics and interests are raises the value of that advertising a great deal.

It's really a matter of privacy vs. revenue. There needs to be a balance. An extremely hard turn in either direction could make the web a very unfun place to hang out.
 
You must log in or register to reply here.

Similar threads

Jimmy2x
New HTTP/2 vulnerability leaves servers in danger of devastating DoS attacks, even from a single TCP connection
Replies
4
Views
122
bviktor
B
Daniel Sims
Game patch notes recommend downclocking high-end Intel CPUs for the sake of stability
Replies
6
Views
215
Nobina
Nobina
E
Windows 11's latest feature will eliminate reboots for OS updates
Replies
17
Views
342
netman
netman

Latest posts

Back