Latest in Advertising

Image credit:

WSJ: Safari loophole lets Google track Apple users through web ads

Amar Toor, @amartoo
February 17, 2012
Share
Tweet
Share

Sponsored Links

Stanford researcher Jonathan Mayer has discovered a curious Safari loophole that allows Google to track a user's browsing activity via cookie-laced web ads. As it turns out, Apple's browser normally accepts cookies from sites that a user visits, but automatically blocks them from third-party advertisers. As Mayer found out, though, advertisers can still circumvent this filter by enticing users to interact with ads in different ways. In the case of Google, the search giant embedded a "+1" button on ads produced with its DoubleClick technology, as part of an opt-in feature for Google+ users. If a user was logged in to Google+ and had agreed to see +1 ad displays, he or she would have a cookie planted on their device, thanks to a system that sent invisible forms from Apple computers or iPhones. This made it seem as if a user actually submitted the form intentionally, thereby convincing Safari to allow cookies. These cookies were only temporary, with shelf lives of up to 24 hours, but they could open the door for many more, since Safari allows sites to plant them after having received access to install at least one.

After the Wall Street Journal notified Google of this loophole, the company promptly disabled it and duly apologized, adding that it didn't realize that its +1 system would plant tracking cookies on a user's device. "We didn't anticipate that this would happen, and we have now started removing these advertising cookies from Safari browsers," Google's Rachel Whetstone explained. "It's important to stress that, just as on other browsers, these advertising cookies do not collect personal information." An Apple spokesperson, meanwhile, issued the following statement: "We are aware that some third parties are circumventing Safari's privacy features and we are working to put a stop to it."



All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Share
Tweet
Share

Popular on Engadget

Peter Parker has been recast in ‘Marvel’s Spider-Man: Remastered’

Peter Parker has been recast in ‘Marvel’s Spider-Man: Remastered’

View
Google's 'Hold for Me' Assistant feature appears first on new Pixel phones

Google's 'Hold for Me' Assistant feature appears first on new Pixel phones

View
The Aura Strap adds new tricks to your Apple Watch

The Aura Strap adds new tricks to your Apple Watch

View
Twitter bans deepfakes that are 'likely to cause harm'

Twitter bans deepfakes that are 'likely to cause harm'

View
Here's everything Google announced at its Pixel 5 event

Here's everything Google announced at its Pixel 5 event

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr