[LINK] Another Form of Super-Cookie Exposed

Roger Clarke Roger.Clarke at xamax.com.au
Sat Jul 30 13:19:36 AEST 2011 

>On 30/07/2011 11:07 AM, Roger Clarke quoted:
>>  This means that if a person clears their browser cache or cookies,
>>  the random identity is likely to persist and that person will keep
>>  being "known" as a consistent random identity. If the random identity
>>  persists in one of these methods, we will reset the others so they
>>  all share that same random identity.

At 12:48 +1000 30/7/11, Bernard Robertson-Dunn wrote:
>Are they assuming person==user==computer?
>
>If multiple users (say a family, or at an internet cafe, or library) use
>the same computer, can their system differentiate between them?

I can see no evidence of them differentiating among users.

The language on Kissmetrics' site utilises the popular-but-wrong 
conflation of user with device.

(However, it's tenable, to the extent that individuals have 
detectably different usage patterns.  One such is where users 
formally logout/login.  That should cover at least 3% of the 
population of desktops, maybe even more business laptops and some 
consumer laptops.  Another logical approach would be to differentiate 
on the basis of separate usernames for logging in to 
KISSmetrics-using sites.  A less logical approach could be based on 
the sites, sub-sites or pages accessed, or keywords used, e.g. 
assuming that toys pages are visited by children rather than by 
adults).

Most of the 'science' underlying online consumer marketing and 
behavioural manipulation, sorry service-provision, appears to 
blithely assume either that devices are overwhelmingly single-user, 
or that it doesn't matter whether they're single- or multi-user.

In the eCommerce world, the assumption's dubious in respect of a 
significant proportion of consumer desktops and even organisational 
desktops, and in relation to a smaller proportion of 
portables/laptops (many of which are used for at least some of the 
time in much the same way as desktops have been).

Of course, in the MCommerce / handheld world, it's much more likely 
to be the case that devices are and will remain predominantly 
single-user.


-- 
Roger Clarke                                 http://www.rogerclarke.com/

Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA
                    Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au                http://www.xamax.com.au/

Visiting Professor in the Cyberspace Law & Policy Centre      Uni of NSW
Visiting Professor in Computer Science    Australian National University

More information about the Link mailing list