Quantserve and Google Analytics
p2pnet view P2P | Advertising | Freedom | Security:- A recent post by surfer, ”Ensuring Online Privacy“, generated some comments that expressed some concern over connections emanating from this site. It has been suggested that p2pnet may be running or facilitating a few datamining trackers.
Evidence of the offending activity seems to be based solely from reports acquired from the Firefox plug-in, NoScript, involving Quantcast and Google trackers.
Here’s the bald-faced truth on the subject, whether anyone chooses to accept it or not…
Quantserve
Quantserve is definitely a tracking service, run by Quantcast (3rd party), that doesn’t just measure “raw traffic statistics”, as I was lead to believe. Quantserve measures and graphs the whole “demographics” thing, much like Google Analytics and a lot of others. Cookies are installed to the visitor machines, and javascript is embedded at the WordPress level.
Before I go any further, I cannot comment on whether or not Jon is aware of this activity, or whether or not it’s even an actual threat. For all we know, Jon has full knowledge and has disabled the service’s ability to ultimately claim the results, which would be a perfectly acceptable remedy in my eyes.
It would seem Quantserve may be a “compulsory” feature when using WordPress to host your site. Can the site owner choose to disallow it, without any “repercussions”? I don’t know the answer to that (yet). Is it something I want to bother Jon about at this point in time, while he’s struggling with his recovery? Certainly not!
The best recommendation I can make at this time would be for the users to simply block Quantserve and Quantcast from their machines. The fact that they feel the need to embed it in WordPress itself seems to warrant that thinking.
NOTE: If you have quantcast.com and quantserve.com blocked by NoScript, the cookies still get planted on your computer, if you haven’t already instructed your browser to block them as well. If you haven’t already done this, and you wish to shut out Quantserve, I would recommend you refer to the appropriate instructions for your browser.
Google Analytics
While dataminers like Quantcast are certainly a great concern, they certainly don’t compare to Google. Google is, without a doubt, becoming the biggest threat to worldwide network security, and the privacy of every concerned internet user.
They have created a barrage of “services” (most of them “free”) that definitely have a lot of positive potential, yet have demonstrated over and over again how psychopathic they are with our personal information. Google repeately claims to have no evil intentions, yet they’re never very clear with what info they’re gathering, what need there would be for it, and often deny they’re even gathering it at all. They never directly offer you a way to control or consent to any of this from your end.
Google has no interest in what anyone but Google wants. When confronted with privacy concerns, they claim to be a ”do no evil” company, and that “your privacy is very important” to them, everything worded in true Corporate Speak. Google arbitrarily decides what we supposedly should be okay with, and arbitrarily shuns any other arguments as “inapplicable” or “misinformed”, or simply “nonsense”. Those qualities are true psychopathic qualities.
Google has often been referred to as an “octopus” on steroids. Its tentacles seem to reach every crevice of the World Wide Web in its quest to stay locked on to everyone’s online activities. Despite thousands of major requests from individuals, groups, and companies to respect private networks (and street properties alike), they continue to plant cookies that keep reporting back directly from the subject computers, and logging the whole thing.
There’s a shitload of Google activites I could go into great detail with, but it’s time to give you the point to all that preamble…
When a user’s computer has any of these cookies installed, it doesn’t matter if a website participates in Google Analytics or if it even has any Google Ads, the tracking script kicks in, and that computer’s activities are logged. Without the site’s blessing and without user consent.
This also can create an illusion that the site in question is doing the tracking for Google. That would seem to be the biggest conundrum reflected in the discussion on this subject.
I’ll now repeat what I said in a few comments: p2pnet does not employ a Google tracker, does not facilitate Google Analytics (google-analytics.com), and does not subscribe to Google Ads. One look at any p2pnet page should tell you that. The same handful of static advertisers has always been all you’ve ever seen. If a Google Analytics tracker is trying to connect with you, it’s because you already have at least one cookie on your machine that’s trying to phone home.
You also have to remember that these cookies are often dished out in multiple formats, some of which are designed with backup mechanisms that rewrite them upon deletion, and even rewrite the others as well. (Do no evil, eh?! 
)
As you should know, I don’t have any stake in this site. I’m just a reader and contributor to p2pnet myself, and I also have to connect the same way everyone does. When it comes to this particular issue, what may set me apart from some of you could simply be that I barred Google from my computer, in multiple ways, ages ago.
Surfer made a really constructive statement in “Ensuring Online Privacy“:
“If you do nothing more than just put www.google-analytics.com in your firewall, you are doing yourself a great service. This particular domain name keeps track of what sites you visit so that google ads can be more precisely targeted. Many domains out there use APIs from Google that are intrusive and violate your privacy by not only tracking hits to a particular website, but sends additional data back to Google themselves for their own nefarious uses.”
I can attest to that.
I not only banned Analytics a long time ago, but I also don’t accept AdSense or Buzz, and don’t use Google DNS or any other “services” that would give Google any excuse for “implied consent”.
When the issues of Quantserve and Analytics came up, I fired up 3 different browsers (Firefox with NoScript was, of course, one of them), and brought up my firewall monitor, my peerblocker, and a few other utilities, while going to a few sites, and calling up p2pnet. First I tried it without clearing any caches, and then repeating the whole thing after clearing different ones, eventually all of them. I also tried going to p2pnet only, after clearing caches, and looking at the results. The results were the same every time, with one exception, which I’ll talk about after the results…
Google Analytics, as well as Quantserve and Quantcast, only showed up at the firewall level, and were unsuccessful, as their packets were tossed away. There were also no cookies installed by any of them, and p2pnet’s cookie remained unaltered, containing only the login info it’s supposed to. And here’s the clincher: p2pnet’s IP address was only attached to Quantserve, along with another WordPress IP. The IP addresses reported for Analytics had no relation to p2pnet or WordPress.
As I said, there was one exceptional result I promised to relate. When I cleared all caches and went straight to p2pnet, there were no Google entries at all. Not even at the firewall. That’s because Analytics doesn’t emanate from p2pnet, and because I didn’t pick up the cookies from anywhere else that Google needs me to have to track me TO p2pnet.
Devil’s Advocate – p2pnet
First they ignore you, then they laugh at you, then they fight you, then you win ~ Mahatma Gandhi
World War III will be a global information war with no division between civilian & military participation ~ Marshall McLuhan
Use free p2pnet newsfeeds for your site. Subscribe to p2pnet.net | rss feed: http://p2pnet.net/feed
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.
April 22nd, 2011 at 6:02 pm
well researched, well said
April 22nd, 2011 at 8:29 pm
I know very little on how these trackers work. I will say, I’m running Ghostery on Safari an when I come to p2p I have Quantcast and Google Analytics pop up. If I open a new page I get different results with them… yahoo sports (doubleclick and rightmedia) or another forum site (I get nothing).
Now maybe I didn’t understand that stuff you researched above but if Googl Analytics is running stuff automatically in the background shouldn’t I see that on every page I visit… anywhere on the web? Because, it’s not.
April 22nd, 2011 at 10:22 pm
@scott:
1) DoubleClick = Google, and Rightmedia = malware
Two reasons why an increasing number of people avoid Yahoo!
2) “…if Googl Analytics is running stuff automatically in the background shouldn’t I see that on every page I visit… anywhere on the web?”
The short answer is no.
There are many factors at play, such as…
a) the time intervals the script in a cookie institutes a “phone home”
b) the network connections that are being monitored
c) the connections that trigger an exchange of information
d) whether or not the activity has already been logged
e) what type of protection a computer has running
Those are just a few.
Without knowing more about what you do online, and what kind of stuff you’re running in between you and the Internet (other than Ghostery), your whole scenario is wide open to interpretation.
There’s also the matter of how long your present configuration has been in place, and what was done with it during that period of time. As I touched in the other comments section, sometimes it’s not what you’re doing at the present time that hangs you, but something you did in the past that never got cleaned out.
April 23rd, 2011 at 2:04 am
k, let me tell you what’s going on – in short
p2pnet may not have google-analytics and Quantserve code on pages at the server, but it does use wordpress, and there’s other things to consider
someone at one time may have signed up for google-analytics which injects itself into pages users browse, it’s done in background and out of p2pnet administrator’s sight. Same for wordpress end as p2pnet is using wordpress: http://wordpress.org/extend/plugins/google-analytics-for-wordpress
with wordpress all one needs to do is use the counter tracking option and google-analytics or Quantserve gets activated, or both
Quantserve: is a tracking plugin similar to google-analytics using similar attachment/injection methods: http://en.forums.wordpress.com/topic/what-is-quantservecom-loading
both grab info on users. besides IP, number of visits, location and rest of technical stuff [if turned on] both can also try to get:
* Gender
* Age
* Household Income
* Ethnicity
* Head of Household Education
* Children Ages 6-17 in Household
and other info as selected. list is quite extensive
so you may not see it on server pages you admin but it is there for users. also, you may not see it due to security schemes you are using
to see full activity of what’s going on one needs to use backtrack live CD on an open connection and know all it’s tools well, know java code and what networking plugins do, and be able to map it all and piece it all together – because google, quantserve and sun java are not about to give up their core code
if one knows how to code very well, edit cookies, sol cookies and mess with all of this they can go after accounts, banking, schedules, more personal info or anything else they choose
- this highly malicious part of code is not being used on p2pnet, although it is present with some if not many spy agency regulated sites
April 23rd, 2011 at 10:04 am
“someone at one time may have signed up for google-analytics which injects itself into pages users browse, it’s done in background and out of p2pnet administrator’s sight.”
This is where Google gets away with confusing people.
When a code is injected into a page, this occurs on the user’s computer, not on the site server. When your machine is clean of Analytics (like mine), this injection won’t happen when visiting sites that don’t run Analytics (like p2pnet).
There are just too many sites drinking the Google Kool-Aid right now, and too many users oblivious to what’s going on. And, all the Google “services” and applications are most likely spreading Analytics as part of their code as well.
As I said, “do no evil”?!
:S
April 23rd, 2011 at 10:08 am
As for plug-ins, this site is not using any Google plug-ins, or any others that aid “demographics” collection, or allow 3rd-party interaction with the users.
April 23rd, 2011 at 12:01 pm
ok, i knew this was coming – so then how do u explain this?
took clean boxes, no HD so no OS, live CD of numerous linux distros and 1 stripped down MAC OS on USB stick, new and direct wifi accounts, including 1 new private and clean fiber account with trusted hosting server, even asked admin to wireshark it
- made sure there were no phone home or malicious code on any of them, secured each with wireshark and or user side browsing trackers
each one of them was tried on basic pages around net – even tried http://www.wikipedia.org and NO spy code came up
as soon as i tried p2pnet google-analytics and Quantserve mysteriously popped up
after leaving p2pnet both didn’t hit while looking at other clean sites
i could see it if it was one of my boxes that load 1 to 200 sites per start of browser , but not on clean boxes with clean OSs
just in case i was doing it wrong i asked one of coders for RIM to check all i was doing
- yup, sure as sh*t – he found same
he took the time out of his busy schedule and tried himself on his boxes and found same
his critical analysis says its “someone signed up for counters somewhere along the line”
so, either i’m confused, a net newbie, must be dreaming or there’s something to this
- users can test and decide for themselves
April 23rd, 2011 at 1:24 pm
@gabbi:
Okay, you’ll have to forgive me if I’m, er, slowly getting the idea [(cough!) whew!, excuse me...] that you’re just “on a mission”.
_______________________________
@everyone else:
Listen everybody! Gabbi insists that p2pnet is deliberately running spyware, despite all my attempts to illustrate otherwise. And, gabbi *says* he’s a CODER, so he *must* be onto something that I’m either blind to, or simply not levelling with everyone about.
So, it’s time to confess…
People! This site is performing a secret datamining project for Google, who’s paying Jon $2M for the effort, and crossing my palm with $100G for my complicity. There are hidden Google Ads all over every one of p2pnet’s pages, and visiting any of them will put your machine permanently on Google’s radar.
The next step of the project will be to inject everyone’s computer with a really cool virus that will report back everything being stored on each box. It will also turn on any available webcams, and stream the subsequent video data to the server for permanent record (Google’s looking for YouTube material). [Nyah-ah-ahhh!]
If you value your privacy, you simply shouldn’t come to p2pnet anymore.
_________________________________
@gabbi:
All right?!
You’re right, as you have been all along, and I’ve confessed.
“Now, please… let these people go!”
April 23rd, 2011 at 9:12 pm
@DA
Eat crow on this one. At bottom of every page are scripts for “edge.quantserve.com/quant.js” and “google-analytics.com/ga.js”.
In Mozilla Firefox hit CTRL+U to get page source … at bottom of page you will see them.
n3X
April 23rd, 2011 at 11:57 pm
“At bottom of every page are scripts for ‘edge.quantserve.com/quant.js’ and ‘google-analytics.com/ga.js’ “.
Again, for the visually impaired…
Nobody’s disputing the fact that SOME people are seeing these scripts.
The scripts are just not being injected by this site.
“But, hey! Thanks for playin’!”
April 24th, 2011 at 4:56 am
Quantcast provides anonymous statistics for the web site owner which can be very handy when attempting to sell advertising on your web site. They have no way to know any demographic information unless it was provided to them by your own ISP, or another marketer with whom you voluntarily provided the information to. Either way the information is not provided on a per user basis but on a site wide basis. To see what information Quantcast provides see: http://www.quantcast.com/p2pnet.net. Notice it doesn’t provide information on any specific visitor to this or any other web site.
Next Google Analytics
This provides the web site owner with statistical information which tells them things like where are their visitors coming from, how many times the average person visits, what content are the visitors to the site reading, what was the total number of unique visitors to the site. Again this information is provided on a site wide basis and no specific information is provided on any particular visitor.
Take off the tin hats already people.
April 24th, 2011 at 6:02 am
I dont think there is any question of these scripts being put there delibrately, however it does seem that a large number of people are seeing the scripts even after starting afresh (eg with live CD or having wiped cookies etc clean), while being unable to find them on a large number of other sites. On the other hand, for all DA’s arguments and reasoning, he is the only one to report not seeing the scripts in question. It just seems unlikely that everyone else is wrong/lying/incompetent.
April 24th, 2011 at 1:36 pm
“…for all DA’s arguments and reasoning, he is the only one to report not seeing the scripts in question. It just seems unlikely that everyone else is wrong/lying/incompetent.”
As if I were any of the 3!
I didn’t say I DIDN’T see them.
I told where I DID see them and where I DIDN’T.
Period.
April 24th, 2011 at 1:52 pm
@Sys Admin:
You describe these things like you’re writing a marketing PR brochure for Quantserve.
Naturally, the website wouldn’t boast that they’re doing anything evil. Every datamining company out there denies that they’re collecting either anything “specific to the individual”, or anything the individual “hasn’t volunteered”. The bullshit abounds.
And, anyone who tries to paint Google Analytics as something as totally benign as you do, is either ignorant, or some industry shill who wants everyone else to be that ignorant. I’d say at least half the commenters here have a better grasp of what Google’s really doing than that.
April 24th, 2011 at 8:43 pm
I saw the script.
With a little poking around it seems to be tied to something called Ylist. com, which no longer comes up.
The cached description ….
” This will change the way you design websites. Add a line of code to your pages and choose from hundreds of fonts. Simple, bulletproof, standards compliant, ”
It’s called feed.co feed reader, and seems to be related to RSS feeds and webpage fonts.
It may be something that was added when Jon began providing RSS support, though obviously I could be wrong.
Seems benign enough.
April 24th, 2011 at 8:44 pm
oooooohh k , i guess i’m going to have to dumb it down even more, since this is basic HTML , home page networking and interaction with internet
think i better do it before Noah’s flood comes around again, earth starts to shake much worse than Japan, volcanoes start popping like pop corn, winds of over 300 miles per hour and tsunamis 1,000 ft high around end of 2012 .. gonna need someone left to have this on record and remember for the future
4 main things: p2pnet is a website, a blog, uses wordpress and uses a counter -> wordpress counter
anyone who’s ever made their own home page server [at home] knows they need to format [program] their pages so PPL on internet will come and visit, this means they need to spread their link to bunch of search engines [maybe google being one of them] … well it’s same for P2Pnet
but [great big wide ass but] when using an ISP side home page the administrator [in this case Jon or DA] doesn’t get to see all of the background networking, code, tools, appz, or ANY of nefarious stuff their ISP / provider and or internet sites do
one can easily make a mistake and unknowingly choose options which may compromise their users
let’s design P2Pnet from scratch: first we start with basic HTML to setup home page on someone’s server, basic whois search tells us it’s in Germany. Now we have to contend with German rules/laws too … check ‘em if you wish.
but to edit and do other funky/cool things we need the admin to have more toys, so we choose a blog setup and or wordpress one, java, java scripts etc.
now everyone is dealing with 2 websites not just basic one server website
as we add toys we deal with more websites and their servers and including their junk … with me so far? good
now for SIMPLE step by step calls between them all:
- user chooses to click on p2pnet due to description on search engine
- HTML gets activated and starts showing up in users browser … part of P2pnet gets loaded but needs more info due to it Java and java scripts … as they are part of homepage
- it’s not enough so parts of wordpress toys is loaded for more cool things
- HTML on P2Pnet server / homepage calls wordpress for more info
- wordpress happily provides it and sets a number of options … one of them being a cookie [if cookies are blocked it goes to next step]
NOTE: since the internet can use number of ports and threats at virtually same time other stuff gets loaded … pictures, formatting,
- the interaction between ALL of them eventually loads a counter
- this counter is attached to worpress and goes by name of Quantserve – which provides statistics and other junk for admin of P2Pnet to see
NOTE to DA: go see Jon and or wordpress account to see stats and settings for it
- if that’s not enough then we have similar for google-analytics through wordpress or standalone as part of signing up for google search or similar
NOTE to DA: admin [this means you] doesn’t see it due to background calls [go see Jon or whoever activated it at any time in the past], also admin should remember it being activated or signed up for – there should be notes and backup of passwords for access to them … somewhere. if not then you’re screwed for taking it off
- if no cookies were blocked then wordpress and toys continue to gather info as well as sending the webpage to your browser
- ga.js and quant.js gets loaded and provides more toys as well as gathers more of your info
NOTE: java is a bunch of containers that format cool things like flowing water, this message box i’m typing in so it an be stretched and other cool stuff … YET originally java was a virus to video cards and had to be contained or blocked from users. Sun Systems java had to be recoded so these containers didn’t leak outside their parameters.
- since most don’t know what ga.js and quant.js do internally and how they affect users we can only watch with capture programs and figure out parts of their actions
NOTE: for more info on both see wordpress website descriptions and google as well, they tell some but not all functions
- then rest of P2Pnet page now gets loaded
If you want to find out what gets loaded in what exact order then attach your box/puter to a screamingly slow 300 baund modem and dialup connection with a P1 puter and CPU slowed to 386 or even 286.
Or use a 386 box with Linux on it and same slow dialup
Admins use them to check page loading time and ease of use per user.
If this has not been clear enough for anyone then go to school or your local nerd and get some lessons.
With all due respect … You can also pick up HTML for Dummies and basic Networking for Dummies at most used book stores.
April 24th, 2011 at 11:18 pm
@gabbi:
What makes you think I’m behind the WordPress server??
I’m simply operating the site from a home computer several thousand miles away from Vancouver Island.
And, when I did the test, I wasn’t stupid enough to be logged on as an administrator.
(What kind of test would that be?!)
The intention was, of course, to keep myself in the same position as everyone else.
The whole point to surfer’s article and this one was to illustrate the importance of shielding yourself, as the Internet is getting overrun with dataminers who will stop at nothing to fulfill their mission. My part in this was intended to show that it’s still possible to do that, and I think I accomplished that. For some reason, you’re having trouble absorbing it.
[Hint: If the thing doesn't get past my firewall, it's not going to inject the script, now, is it?!]
At this point, I’m just going to ask you what point you think YOU’RE making, because from here it looks like you’re totally k00king out.
April 24th, 2011 at 11:27 pm
@Dredd:
I do think the *WordPress* counter you’re referring to is a plug-in from WordPress.
That one is benign.
Quantserve, on the other hand seems to have a bit of a jaded reputation, in that, there are certain capabilities it has that a number of other sites are allowing it to exercise that I don’t particularly approve of. As for what part WordPress has it play, however, I’m not finding much to worry about.
April 25th, 2011 at 2:30 am
DA:
common thread through your comments is that … and i quote :
“I’ll now repeat what I said in a few comments: p2pnet does not employ a Google tracker, does not facilitate Google Analytics (google-analytics.com), and does not subscribe to Google Ads.”
well guess what? THE reality is that YES it does … through contacting and using wordpress and it’s counters and settings. See links previously provided
to find out whether it is for yourself [without touching or damaging your present OS or setup] go to http://www.livecdlist.com
Get a copy of Ubuntu or Backtrack or Knoppix or Mepis … just to name a few Full Linux versions with full desktop and tools. Ubuntu and Mepis 8.0 are about the simplest
Burn it to CD or DVD
boot your box with it , bring up P2Pnet and see what actually gets loaded for yourself
WITHOUT doing so you don’t know what we [the rest of us] are talking about here .. since you have protection on your box and can’t see it.
starting to get the drift?
April 25th, 2011 at 4:31 am
DA:
and one more thing … where do i say that you’re behind a wordpress sever?
P2pNet is connected to wordpress and wordpress servers by using their services … not you
April 25th, 2011 at 11:23 am
” I do think the *WordPress* counter you’re referring to is a plug-in from WordPress.
That one is benign. ”
Kind of what I thought.
Tracing the Quantserve account number in the tagged section ( 08N6FXP0wN1LA ) is what led me to the
dead Ylist site and Feed.co reader info. It seems extremely likely that WordPress provided this as and add-on
for RSS feeds and web fonts, so, I don’t see a lot to worry about either
” At this point, I’m just going to ask you what point you think YOU’RE making, because from here it looks like you’re totally k00king out. ”
It’s been tried before.
One poster tried desperately to convince everyone that Jon was logging and checking IP’s
Another claimed the site was infected with Malware.
Basically, just to try to scare readers away.
Heh, ‘Pop Quiz’ …. Who else uses these methods to try to scare people away from web sites they don’t want others to visit ?
April 25th, 2011 at 1:21 pm
Abraham Lincoln defined insanity as, “doing the same thing over and over again and expecting different results.”
@gabbi:
I’m not about to keep this up, when you obviously can’t (or won’t) even read what’s been laid out.
Now, I’ve already confessed to being a total liar, and to being complicent in a p2pnet-abetted scheme to datamine you all to death. What else do you want?
Your work is done.
Feel good.
Go home.
Your mama’s probably gettin’ worried about ya.
April 25th, 2011 at 1:22 pm
@Dredd:
I hear ya.
(Boy, do I hear ya!)
8~
April 25th, 2011 at 2:50 pm
LOL DA: apology accepted
my work is never done til truth comes out. i don’t care who’s lying – be it mass media, government shills, spy agencies, cops, lawyers, elites of this world or whomever – i find out, expose and report the truth
go home? LOL … home is wherever i am. as for my home base – many should be so lucky to have one as we do: 4,000 sq ft of computer room, R&D, beta testing upcoming hardware and operating systems, data center, local community servers and much more.
if i didn’t care so much about p2pnet it would be long gone
and .. at over 90 where do you think my “mama” is?
starting to get it now?
enjoy
April 25th, 2011 at 3:14 pm
Oh, I “get it” alright.
And, I think everyone here gets the pathos as well as I do.
April 25th, 2011 at 3:27 pm
I’m still batman
April 25th, 2011 at 4:19 pm
A few points:
(1) Ghostery *does* detect Google Analytics tracking cookies when you visit P2Pnet. I tested in a fresh VM, a fresh install of FF, and a fresh install of Ghostery. It was 100% clean is detecting Google.
(2) I doubt Jon know about Quantcast, because of how it came to be integrated into WP (self-hosted and WP-hosted alike). If you have installed the WP stats plugin WordPress recently, or are hosted by WordPress, then the Quantcast tracking was added without any clear notification to the end-user. I discovered this when I was doing work on my own site, and ran into the quantcast cookie. The easiest solution (at the moment) is to install Frank Goossens’ ‘DoNotTrack‘ plugin, which prevents the Quantcast system from tracking users on the site.
April 25th, 2011 at 5:04 pm
@Christopher Parsons:
(How ya doin’ Chris!
)
The point of this whole exercise may have gotten lost in a “Gabbi storm”.
Basically, I’ve been trying to say that (and you can correct me if/where I’m wrong):
1) while Quantserve is embedded in WP, it’s probably not a big deal.
2) Both Analytics and Quantserve can, and maybe should be, blocked anyway.
3) Google script “injecting” is most likely taking place on the users’ computers, rather than on p2pnet’s server.
4) Those (like me) who have truly barred these dataminers from their computers (at the firewall level or better) don’t have these scripts being injected into their surfing.
April 25th, 2011 at 5:06 pm
@Dredd:
LOL!
April 25th, 2011 at 6:13 pm
@ DA
Not bad – pounding through chapter 1 of the dissertation & dealing with some other stuff that should be live & public soon
Quantserve is another 3rd party tracker. I have *HUGE* issues with them, and WP, because Matt Mullenweg (founder of automatic, WP) has been absolutely unwilling to disclose how, exactly, those stats are being used. He’s been challenged, directly, and just ignores complaints. The tracking is (arguably) in violation of the WP-Stats privacy policy (and by that, I mean there is no such policy, as is required whenever collecting statistical information) nor is there any indication of how Quantserve is going to use/share/sell/otherwise exploit the data. It really seems like a massive dick move on the part of WP and there is no mention in changelogs that most people see that they’ve partnered with the analytics firm.
While yes, individuals *can* block it, they (a) shouldn’t have to; (b) were previously going to websites without the tracking and likely presume that there has been no change in how data is being collected.
I haven’t spent time working out how/why Google’s analytics are showing up – I’ve got other stuff on the go – but from a 100% clean (virtual) machine I’m seeing those cookies get dropped. I would be highly surprised if something was hijacking the browser and forcing those cookies upon me. More likely there is something in the code of P2Pnet (though to confirm I’d need to dig around and at present lack that bit of time).
As for ‘is this a really big deal’? Maybe not, but I think it’s valuable to see where those Google analytics are coming from. We can guess that WP is likely responsible for the Quantserve and thus can be blocked at the server level with the plugin I mentioned earlier.
April 25th, 2011 at 7:55 pm
Christopher:
… and the truth comes out bit by bit. Thank You
DA:
“Gabbi storm” would have never happened if you would have admitted to facts in the first place
Dredd:
didn’t someone say you do same thing on most forums – finding the negative and instigating conflict?
–
SO HOW ABOUT SOME NEWS EVERYONE? … which should be main cause of P2Pnet
Apple, Google summoned to Senate hearing on mobile device privacy
http://arstechnica.com/apple/news/2011/04/apple-google-asked-to-join-judiciary-hearing-on-mobile-device-privacy.ars
FBI raids apartment of alleged King’s Speech uploader
http://arstechnica.com/tech-policy/news/2011/04/fbi-raids-apartment-of-alleged-kings-speech-uploader.ars
PSN update: Sony isn’t sure your credit card data is safe
http://arstechnica.com/gaming/news/2011/04/psn-update-sony-isnt-sure-your-credit-card-data-is-safe.ars
AND MOST IMPORTANTLY:
The gadgets police use to snarf cell phone data
http://arstechnica.com/tech-policy/news/2011/04/michigan-state-police-we-only-grab-your-cellphone-data-with-a-warrant.ars
- if your cell info is not encrypted by default then start DEMANDING IT from your provider
Note: if you are are recording a situation a cop can’t access your phone, hopefully recording your interaction with cop and how many rights he/she is breaking
April 25th, 2011 at 8:50 pm
@Chris:
Personally, I have big problem with the whole idea of internet tracking, as I’m sure you remember from lots of previous entries. And, I know Jon has a similar sentiment, and if I’m not mistaken, so does the actual administrator for p2pnet (Cliff in Holland).
My distaste for tracking and targeting for goes back to their very inception. It’s one of the biggest reasons I started a long time back barring many of the connections Google and others use for these activities from my computer. Interestingly, one of the blocklists I was using to supplement my protection had already been including quantcast.com and quantserve.com. When I did a little digging as to why, my decision to recommend that others block it as well was reinforced.
I have yet to query Cliff about this stuff, and whether he’s onto it. I understand he’s pretty resourceful. For all I know, he’s been dead-ending the quantcast tracker for its results, and saving Jon the trouble of thinking about it, who knows. Something like that would explain why Jon hasn’t been receiving a shitload of compliants.
However, the sudden introduction of such tracking to the WP code itself would certainly explain the bot spam that needs to be deleted every day now, but I’m not convinced such a thing is going on, as my machine that blocks Analytics doesn’t show the code coming in from the whitelisted p2pnet. If WP itself were serving the code, I should be seeing it.
Now, I’m not trying to piss on what you’re saying, Chris.
Hell, I respect more of what you’d have to say on this than a lot of people, and you’re mode of presentation is certainly more desireable than *some others* (you should be teaching that to some people, if you’re not already) but bear with me…
You say you’ve tried monitoring a clean *virtual* computer visiting p2pnet, and found the Analytics “bug” crawling around? Are you saying WP may have actually allowed its very code to be injected, and therefore all the sites it serves?? (This doesn’t seem like a very “logical” thing for WP to have done.) It would be interesting to see what you’d get it you reset that experiment, and repeated it with Analytics completely blocked, so that the only source of the code would have to enter via transmission from p2pnet.net.
Something tells me that would put you closer to where I am with all this.
I still believe the injection point is at the user end, by an independent Google transmission, and that a cookie has to make it in before it tries to happen. In your case, I suspect the cookie made it in from “somewhere” prior to seeing the code.
I’ll repeat: I have a lot of respect for your knowledge and experience. The only reason I’m throwing this (well, lobbing it nicely, really
) at you is because you said yourself you haven’t had the time to actually assess this definitively.
Sometimes I wonder if this is one of those things that can’t be completely pinpointed, and is being used against the end user.
April 25th, 2011 at 9:45 pm
I don’t know how Jon is hosting this, if it’s a premier account with wordpress or a self-install. Self-installs are clean of the tracker (so long as you’re not using Automatic plugins that now also include Quantcast tracking, such as WordPress stats) but as far as I know, all of the wordpress hosted systems are running with Quantcast tracking. (this is presumably baked into the statistics engine that is included by default in pretty well all the WP-hosted accounts).
What I’ve done was this: create a virtual machine. That machine had *never* hit the web before in it’s (very!) brief existence. I hit up p2pnet and using Ghostery saw that Quantcast and Google Analytics were running on the site. To have gotten in from somewhere else the browser itself would have had to be compromised, or (alternately) the OS. I’ll see if I can get some additional confirmation but my money is on something is buried in either a plugin p2pnet is using or has otherwise burrorwed into the site somehow.
April 25th, 2011 at 9:46 pm
(oh, and no worries about me feeling like your pissing on me; detailed analysis of technical issues is key! )
April 25th, 2011 at 9:55 pm
Thanks for this, Chris!
I wasn’t thinking the browser was compromised, per se, but rather that the cookie got in as your were making the initial connection, as Analytics wasn’t being blocked at the time.
Tin foil hat firmly in place…
April 25th, 2011 at 9:56 pm
In the meantime, I’ll have another look at what plug-ins are being run by p2pnet. Maybe Jon threw something in there, with useful intention, and wasn’t aware of a “side effect”.
April 25th, 2011 at 10:22 pm
” Dredd:
didn’t someone say you do same thing on most forums – finding the negative and instigating conflict? ”
That would be odd since the only other forum I have posted on under this name more recently than 3 years would be
A2F2A. For someone so concerned with the truth, you sure make up a lot of shit.
Enlighten me, who said, and what other ‘forum’ oh bastion of truth ?
April 25th, 2011 at 10:30 pm
http://www.democracynow.org/2011/4/25/headlines#13
reports:
Rep. Markey Calls for Probe into iPhone Location Tracking Technology
Congressman Edward Markey of Massachusetts has called for a congressional investigation into the computer giant Apple after researchers revealed the iPhone was secretly collecting and storing detailed location information on the phone. The iPhone controversy continues to grow. The Wall Street Journal reports today that the iPhone is collecting and storing location information, even when location services are turned off. Last week, the Journal reported that the iPhone and cell phones powered by Google Android software were also directly transmitting their locations back to Google and Apple.
April 26th, 2011 at 3:57 am
dredd:
http://www.p2pnet.net/story/50499/comment-page-1#comment-1060407
and before you fly off the handle …
if one does their homework and puts the pieces together one can get more than your location – for a small fee they can get the rest your life, any contract you have made or paper you have singed that’s in the system: driver’s license, insurance, health info, credit history and or cards, banking, criminal record or any interaction with cops, etc. etc.
this internet info also leads to your other profiles as well
NOTE: this is not an attack of any sort … it’s a demonstration of how system works, what tracks you and most PPL actually leave behind, and how they are compiled by business interests whom think they run the internet … to make up your online profile, and everyone else they can do it to
it is not up to me to expose such info on you [i'm not that stupid] – it is up to YOU to figure out how to be anonymous … and maybe change your online habits as well as your own habits
now that you have made this internet profile and others tied to it this requires a full restart from scratch to be anonymous again, as follows: [and this goes for rest of internet community]
- new or used box/puter – hopefully number of disposable ones
- disable reporting of puter ID
- start using free open wifi for your internet activities
- create new profile for each time you’re on net
- use protection – lots and lots of protection
- refuse to use social media websites – your job, business, personal life and even hobbies depend on not using them
- use only offsite anonymous encrypted email and chats that agencies don’t have backdoors to
- use VPNs , Tor , bounce servers, remote boxes for browsing, live CDs and many more such protections
- use your brain – don’t talk about your wife and your kids or your new camera or let any other personal info on internet, if you do then make it a deception for criminals to wonder and their databases to be screwed up
- never ever dis anyone on net unless you can back it up by proof – you haven’t met them in person and they are not your friend and really you don’t know who they are – you never know how it can come back and bite you in a roundabout way
* if you don’t do the above then you take the chance of being in front of courts to answer questions and or doing time out in one of their warehouses/prisons – as is becoming the norm
April 26th, 2011 at 8:01 pm
I’ve already googled my nick.
It tells you I like Snuff.
An Imod forum that I have never actually posted on.
And, of course, P2Pnet and A2F2A.
only P2Pnet has any correct real life info. But please, feel free to find my RL name.
I know it can be done, and it would sure prove to he-who-must-not-be-named that it’s
possible without any help from Jon. I would welcome the proof of concept. Someone
really needs to see it
So, So far this statement of yours …. ” didn’t someone say you do same thing on most forums – finding the negative and instigating conflict? ”
Still is not backed up by any concrete fact. I do find the statement itself interesting though, since only one poster in my recollection since
being involved with P2Pnet ( back when ‘thumbtack’ still ran it ) has ever said that about me. No, I don’t think you are him, if he wanted to
‘bark’ at me he would definitely not use an alt, but now I understand why you target me, and that makes it very easy no to ignore you.
See that DA, poison in the well. Have fun with this ‘person’, i’m done.
April 26th, 2011 at 11:48 pm
thank you Dredd
reason/s for this explanation of you is clearly seen in this thread. Stick to the subject instead of second guessing someone’s intent and reasons for bringing up P2Pnet spy counters by wordpress or any other.
by pointing out spy sites a website can be changed or repaired – for the betterment of all – and P2Pnet won’t be on block lists, personal of public
this brings in more viewers [genius Dredd], and p2pnet becomes more trusted
reality is that you don’t know who i am nor the lifestyle i live or what i have learned over my 90+ years of life, so what right do you have to open your squawk box with negative comments directed to me or about me or anyone else here or anywhere?
i’m still waiting for your answer on http://www.p2pnet.net/story/50499/comment-page-1#comment-1060454
moral of the story is: look in your own skeleton closet and clean it up before you put your brain, mouth and fingers into motion
at my age i’m still learning without disrespecting my teachers … that’s everyone i have the pleasure to meet
thank you for the lesson you have given me. you will be treated in kind – whatever that may be as you show
April 26th, 2011 at 11:56 pm
“…at my age i’m still learning…”
Sure! As long as it doesn’t come across as, “ya can’t teach an old dog new tricks”.
I gotta tell ya, gabbi, when the delivery sucks, it doesn’t matter if the joke’s actually funny, you’re gonna get egged, if you catch my drift. That’s a clue to the skeleton in your own closet.
April 27th, 2011 at 2:32 am
ya i know my english “sucks”
i speak and write a number of languages, teach in some of them, teach kids and ppl basics of life [ones they don't teach at school], learn more from them than teach them some days, study history, archeology, geology, cosmology and all other sciences as one, practice and teach self honor [martial arts] and all that’s related, design natural systems, help operate a number of various clubs, techie for a number of others, etc. … so my plate is kind of full
and this makes me use the KISS rule: keep is simple stupid
but i do make a good trap for ones who think they know but don’t
start off simple and increase it to level of their intelligence
as for skeletons in my closet? most don’t want to go there as i’ve survived numerous wars and conflicts and related carnage, no one should have to experience that, especially to the level i have … that’s why i’m so animate about exposing elites and shills of this world, and most likely have a target and shoot me sign on my back because of it
April 27th, 2011 at 12:19 pm
[trying to get the image of the 90-year-old virgin geek-wannabe still living in his mother's basement outta my head] 8(
April 27th, 2011 at 1:47 pm
the level of disrespect by some on this website is beyond imagination
April 29th, 2011 at 11:42 am
“the level of disrespect by some on this website is beyond imagination”
Respect is generally earned, isn’t it?!
You need to ask yourself if your approach and conduct have been beyond reproach enough to actually generate respect.
April 29th, 2011 at 5:04 pm
@DA
I’ll be blunt and say what others won’t. Your argument on both pages comes from different angles by saying everything and not saying much in way of facts. It’s a woman’s argument.
Along with your sidekick Dreddsnik you laugh at anyone outside your education level. Do YOU deserve respect you ask of others?
This situation began due to Reader’s Write mentioning “ironically this site is running google analytics…and another tracker called quantcast” @ http://www.p2pnet.net/story/50664#comment-1060573 … Now look at your immediate response.
It took numerous comments by numerous individuals and two pages for you to get it through your thick head P2Pnet.net is running spybots. All this time your sidekick Dreddsnik is systematically trying to make laughing stock of anyone not on your side.
Reader’s Write, Gabbi, Surfer, System Administrator, Christopher Parsons let you and your sidekick know you are both full of it. Still you haven’t shown one bit of EVIDENCE to support your view. It’s all hearsay to this point. And who should deserve respect? Is this the kind of treatment users can expect @ P2Pnet.net when dealing with serious issues such as privacy?
That wasn’t the end of it when Gabbi opened up to say she (he) didn’t have a good command of English. You totally disrespected Gabbi in the most fundamental way by attacking with “[trying to get the image of the 90-year-old virgin geek-wannabe still living in his mother's basement outta my head] 8(“. Who the f*ck do you think you are to laugh at someone who’s probably been around before you were in diapers?
April 29th, 2011 at 8:52 pm
Okay Zak, let’s just break your comment down, and see what your points are supposed to be…
1) “Your argument on both pages comes from different angles by saying everything and not saying much in way of facts. It’s a woman’s argument.”
Since you’re not supplying much in the way of specifics, nobody could possibly know what you’re referring to. (And what the fuck is a “woman’s argument”?! Sounds bigotted, but whatever it is, it can’t be anything but stupid.)
2) “Along with your sidekick Dreddsnik you laugh at anyone outside your education level.”
I’m glad someone’s making a positive assumption of both my educational status, and Dredd’s as well, though I’ve never once ever posted anything about it.
3) “Do YOU deserve respect you ask of others”
Did you even read the comment that was responding to? It wasn’t me asking for respect, and I’ve never voiced any expectation of it myself. I just basically reminded someone that respect is earned.
4) “It took numerous comments by numerous individuals and two pages for you to get it through your thick head P2Pnet.net is running spybots.”
And, it appears that throughout those “numerous comments by numerous individuals” you didn’t absorb what was actually being said by anyone. Let me spell it out for ya…
The whole conversation was about the SCRIPTS that are being injected by the dataminers, and how these scripts are discovered. It was also discussed that WordPress may now be embedding Analytics, without the consent of the sites that are using WP. This still doesn’t mean that p2pnet is “running” this script voluntarily, or even at all.
There’s also the inconvenient fact that you can still be injected at the user end, and that Google has already proven to engineer that. I’ve been saying I may not see it due to the fact that I have completely barred Google and Quantcast from my computer for a long time. I also can’t dismiss the fact that this is evidence that user-end injection may very well be the culprit.
Even Chris said he hadn’t had the time to ultimately verify anything that may be suspect. Nothing discussed has been definitive, and I’m still looking into it myself.
My immediate response was, and still is, that p2pnet is not deliberately running any spybots. The statement can be made automatically, because it is a true statement. If we find out WordPress is running them as some “compulsory” part of using WP, I’m sure Cliff and Jon will have something to say about it.
In the meantime, I did recommend blocking Google Analytics and Quantcast/Quantserve at the firewall level, and looking for every kind of cookie either of those may have planted *anywhere* on your drive. Doing so may just put you where I already am.
As for evidence, I gave plenty, for anyone actually paying attention.
5) “You totally disrespected Gabbi…”
and “Who the f*ck do you think you are to laugh at someone who’s probably been around before you were in diapers?”
First of all, you assume too much.
You have no idea how old either of us actually are. How do you know we’re not BOTH centurians or BOTH teens?! Or maybe I’m actually the old one, and someone’s lying about being 90. I’m not saying either way, I’m just saying you don’t know.
You need only look at the respect I give Chris Parsons to understand something. 2 people can make a similar or identical point, yet one person’s presentation can make all the difference in the world. You might even say, a respectful (or simply, civilized) approach actually generates respect in return.
If someone’s English “sucks”, that’s no excuse. That “someone” is responsible for throwing a barrage of ignorance knowingly, and shouldn’t be too surprised if he’s either misunderstood, or labelled a troll.
For all I know, that “someone” could now using the pseudonym “Zak”, in order to vent, but I’m not going to make that accusation.
April 30th, 2011 at 7:57 am
@DA
I join the ranks of users who say google and qauntserve are injecting malicious code by way of WP. WP explains it in detail on their website. Full code and information is available on numerous websites about both. Do your research DA. You are NOT judge jury and executioner on this internet. As my mom keeps telling me, treat others how you want to be treated. You laugh at us users, demean us, manipulate what we say, exploit and maneuver until you think you are top dog. At the same time you promote comments by assh*les who think they’re funny. I don’t think it’s funny. I think it’s very disturbing of a moderator to abuse users from whatever country they’re from or whoever they are. I absolutely don’t want my kids visiting this website with your kind of trash.
May 1st, 2011 at 7:06 pm
I was going to dissect the last RW comment and reply, but it looks like it’s time do a followup page, in response to all the remarks here.
May 3rd, 2011 at 8:36 pm
A couple of things in the following might interest a few of you…
AnonNews allows Google to track commenters with reCAPTCHA
“A particularly scathing piece of anti-Google propaganda from our friends at p2pNet graced AnonNews early this morning. This led Chronicle.SU to the conclusion that we must boycott …”
http://www.chronicle.su/news/anonnews-allows-google-to-track-commenters-with-recaptcha/