Privacy is as big an issue today as its ever been in the online world, with Google and Google+ (the behemoth of data mining), real name usage online, and even bills in the US government to require ISPs to track web usage. If you’ve ever wondered about how web sites track you online, even when you think you’re being private, check out the Wired article, “Researchers Expose Cunning Online Tracking Service That Can’t Be Dodged.” Especially check out the embedded link to KISSmetrics’ details. This sort of detail is sobering and annoying at the same time.
On a side note, I dislike seeing discoveries like this made by academic researchers, in a way. I really wish more corporate security staffs would uncover things like this, or even leisure/hobby groups. It sort of suggests that corporate security staffs just don’t have the time to do much more than get by, while academic researchers (who are often on the fringe of practical reality) have plenty of free time to…well…research. And that sucks, since you’d certainly see things like the KISSmetrics scripts i.js and t.js run through regularly, and you can likely even stop that on your corporate “borders” with zero issues.
Maybe staffs do find these things, but we certainly don’t have a place to air such discoveries and likely the rest of us have way too many other things to think about or look at on any given week…
I guess that’s part of what makes security exciting. 🙂