What's killing off "gameified" communities (yes I made a post of my tweets, suck it)
-
It's a red herring. Analytics is how advertings agencies collect information and target their demographics. Blocking one without blocking the other would actually be worse for advertizing agencies.
-
If you can get one or two accepted answers in, you unlock the basic features like commenting. That might be enough for your purposes.
Oh, yeah, then they'll be exposed to his penchant for abuse. Oh, wait, you probably meant getting answers to his question. Probably best he keeps his rep low.
-
Yup. Example: I used to whitelist wowhead.com, because I found the site legitimately useful. Then I discovered that they would wait about 5 minutes and load an autoplay video ad.
I'm sorry, I must have missed when we started talking about advertising.
using fucking autoplaying video ads with audio
I'm sorry, I must have missed when we started talking about advertising.
I don't particularly want them to know, including things (they think) I might be interested in seeing ads for. (I don't think I've ever bought anything from an Internet ad.)
I'm sorry, I must have missed when we started talking about advertising.
Analytics is how advertings agencies collect information and target their demographics.
Well I can't debate that.
But the converse ("analytics is only used by advertising agencies to collect information and target their demographics") is not true at all.
-
It's a red herring. Analytics is how advertings agencies collect information and target their demographics.
In any event, I don't care, which takes, as a reason for blocking, priority over "I don't know".
I understand web site owners gotta eat. When they figure out how to provide content without beating me over the head with 8 ads including an autoplay video with audio, I'll cut back on the blocking.
-
Oh, yeah, then they'll be exposed to his penchant for abuse.
Supposedly, _____ ______, the guy behind the persona, isn't as much of an asshole.
I understand his not wanting to partake in the gamification. But a total refusal to participate is actually a little counterproductive, if a little participation would actually get him an answer. (I don't know that it will, of course.)
-
I'm sorry, I must have missed when we started talking about advertising.
No, you really didn't.
But the converse ("analytics is only used by advertising agencies to collect information and target their demographics") is not true at all.
Find a way to let users distinguish between the two uses. I opt in to most of Microsoft's CEIPs because I know what they're (claimed to be) for. I wouldn't object to providing the same kind of information to a web site, in principle.
-
I'm sorry, I must have missed when we started talking about advertising.
We're talking about it because the same things i use to block one blocks the other too. i was already made to make special effort to block ads because of their behavior. i have no incentive to unblock analytics. particularly when 3 out of 6 items on my list of do not want are analytics related.
but if you want to move the goal posts again, be my guest.
-
Find a way to let users distinguish between the two uses.
There's already zero overlap between them, at least among all the major providers. Domains that collect site analytics never also serve ads. (Disclaimer: I'm sure some pedantic dickweed is going to bring up a penny-ante company with like 3 customers that uses the same domain for both.)
I'm not sure what more you want than that.
-
but if you want to move the goal posts again, be my guest.
I'm not the one moving goal posts. I was talking about X, then suddenly 37 people started talking about utterly-unrelated thing Y without any warning or transition whatsoever.
Although now I'm thinking it's because they're so rock-brained stupid they literally don't know the difference between X and Y.
-
No, you really didn't.
But just to play along, it came in when we talked about where advertising and analytics overlap, and is intimately involved in why people block analytics.
@blakeyrat has never done a thing to demonstrate a distinction between analyticisers and advertisers that would show the former aren't a uniformly sleazy group, just like the latter; in fact, he's probably set back the cause.
-
Uh, you really think Google doesn't use Google Analytics data to target users? The problem isn't the domain. It's the data, which is being used by a different domain to do things I find annoying.
-
We're talking about it because the same things i use to block one blocks the other too.
Don't argue on his terms. He knows, he just wants to troll everyone else. He's like your typical SJW in that regards.
If @blakeyrat were a real person, the only people who would spend time with him are probably people like Adria Richardson or Zoe Quinn, who are also assholes.
-
-
Uh, you really think Google doesn't use Google Analytics data to target users?
I'm sure they do, but only in an statistical fashion. There's no cookie sharing between the two domains, there's literally no technical way they can possibly associate that data 1:1 with an ad server. If you had even the most fundamental knowledge of how browsers and XSS protection works, you'd know that already just by grinding some of those neurons together.
I assume, perhaps naively, when people gripe about being targeted by ads, they're referring to individual targeting.
-
I'm not the one moving goal posts. I was talking about X, then suddenly 37 people started talking about utterly-unrelated thing Y without any warning or transition whatsoever.
WTF are you talking about? The transition was pretty obvious. We're not all as dumb as you look.
-
there's literally no technical way they can possibly associate that data 1:1 with an ad server.
False.
-
Analytics.
Suddenly advertising. With no transition in between.
I might look dumb, but I can prove my assertion with actual links.
-
-
I'm not sure what more you want than that.
Well, if you can convince the people who write whitelists that, you'd probably have some success.
I actually am curious: can you provide semi-realistic examples of what a website analytic tool would provide? Maybe, say, in the context of this site or SO. As I said, I'm not inherently opposed to them. But to date they haven't done anything to help their cause.
Let me give you an example of why I say that, in an unrelated context: paperless billing. I regularly get emails (and postal mail!) from my health insurance company, my phone company, and a couple other utility-type providers, begging me to go paperless. "Think of the environment!" they plead. "We won't charge you for it," they say, which is downright insulting considering it will save them money.
I have a friend who told me he knows someone who works for a middleware company that provides mass mailing services. He claimed it costs $5-10 PEPM (or rather PPPM) to send out such mailings. That seems high to me, but it's probably for smaller markets. I can't imagine it costs AT&T that much, but obviously it at least costs them postage and materials. Instead of saying "we won't charge you to save the environment" say "we'll provide you a small discount on your bill" and I bet adoption rates would soar.
-
FTFTW
I don't see that at all tbh. His actions are characteristic of the way SJWs try to stifle discussion.
-
By doing a database insert when google serves an analytics widget, and making a query when it serves an ad.
-
His actions are characteristic of the way SJWs try to stifle discussion.
but diametrically opposed to your standard SJW's goals and ambitions.
-
I might look dumb, but I can prove my assertion with actual links.
I wish you would. Maybe those links made sense in your head, but they don't have anything to say about analytics. OTOH, there was this:
I can't say for certain that you read it, but you replied to it.
-
there's literally no technical way they can possibly associate that data 1:1 with an ad server.
If you think that's true, you're far stupider than I've thought, up until now. It literally took me 2 or 3 seconds to come up with a way to do it. First off, claiming XSS protection means anything is improbable given server-side CORS setup. Second, while it might not be easy, what's to stop someone who owns both servers from simply letting both of them access the same back-end database, outside the context of the web server process?
-
but diametrically opposed to your standard SJW's goals and ambitions.
Yes, but I was specifically talking about tactics. There's some comments in the really long discussion here about that.
-
Well, if you can convince the people who write whitelists that, you'd probably have some success.
That's not my job. I'm not even in that industry anymore. It mostly just bothers me that people who are obviously so fucking ignorant of the entire industry, business practices, and technology used are writing these blocking tools.
I actually am curious: can you provide semi-realistic examples of what a website analytic tool would provide?
The classic example is usability and funnel optimization. People enter the checkout funnel, but leave before converting-- why is that? What step do they leave-off at? Does that mean the form is too complicated?
It's also used for normal website uptime monitoring, more sophisticated than just "is the web server returning a 200?" you can actually use analytics data to ensure pages are working in a way that satisfies users. Not just one that satisfies the monitoring tool.
But to date they haven't done anything to help their cause.
How would you know?
Seriously. Answer me that one question. How would you know?
Let me give you an example of why I say that, in an unrelated context: paperless billing. I regularly get emails (and postal mail!) from my health insurance company, my phone company, and a couple other utility-type providers, begging me to go paperless. "Think of the environment!" they plead. "We won't charge you for it," they say, which is downright insulting considering it will save them money.
I have a friend who told me he knows someone who works for a middleware company that provides mass mailing services. He claimed it costs $5-10 PEPM (or rather PPPM) to send out such mailings. That seems high to me, but it's probably for smaller markets. I can't imagine it costs AT&T that much, but obviously it at least costs them postage and materials. Instead of saying "we won't charge you to save the environment" say "we'll provide you a small discount on your bill" and I bet adoption rates would soar.
I don't understand the purpose of this rambling, nor what it has to do with the subject-at-hand.
-
Yes, but I was specifically talking about tactics.
oh. missed that.
objection withdrawn your honour.
-
By doing a database insert when google serves an analytics widget, and making a query when it serves an ad.
Right; but how does Google know the query comes from the same person who hit the analytics widget?
Please answer in a way that shows you have some knowledge of the problem involved. If you make another post like this one, I'll just assume you're a drooling fuckwit talking gibberish.
-
Suddenly advertising. With no transition in between.
I might look dumb, but I can prove my assertion with actual links.
My second snip that you posted was talking about SO, not ads. Captain was the first person I noticed mentioning advertising.
But as far as that goes, it must be AWFUL that you can't maintain absolute control of a conversation. It's too bad you're such an awful persona, or the other personae here might make more effort to stay on-topic.
-
Right; but how does Google know the query comes from the same person who hit the analytics widget?
By logging details like the IP address, browser, and so on.
Seeing how most people have MULTIPLE electronic devices, and don't share, this is enough information to pin someone down.
-
The classic example is usability and funnel optimization. People enter the checkout funnel, but leave before converting-- why is that? What step do they leave-off at? Does that mean the form is too complicated?
And couldn't you also just as easily glean that data from statistics like how many times each controller was called? Seriously, this does not require analytics.
It's also used for normal website uptime monitoring, more sophisticated than just "is the web server returning a 200?" you can actually use analytics data to ensure pages are working in a way that satisfies users. Not just one that satisfies the monitoring tool.
And if so, it matters fuck-all if everyone in the world blocks it, as long as the monitoring tool does not block it also. So what's your fucking point?
-
First off, claiming XSS protection means anything is improbable given server-side CORS setup.
I admit CORS complicates the issue. Google could in theory implement it. Do you have evidence Google is using it?
Second, while it might not be easy, what's to stop someone who owns both servers from simply letting both of them access the same back-end database, outside the context of the web server process?
Nothing; but that has nothing to do with the problem.
The problem is, how do you know the person hitting the ad server is the same person who earlier hit the analytics server? How do you tie those two data sets together? This is the thing you're claiming can be done; how do you do it?
(Of course, I'm cheating because I already know the answer is: Google doesn't do it.)
See also my reply to Captain. Please demonstrate in your next response that you've spent at least 15 milliseconds thinking about the problem.
-
Seriously. Answer me that one question. How would you know?
Honestly? I don't know for sure. But I figure it might well get mentioned by someone like esr at some point, or (maybe) Less Wrong, or even (remotely possibly) Ars Technica or something.
-
sending flash objects that have KNOWN security holes
Hrm -- I wonder if you could say that "exceeds authorized access" under the CFAA -- which'd be grounds for a lawsuit, with good potential for a class action at that.
Hint: breaking the law in 1 case is bad. breaking the law repeatedly is worse. breaking the law repeatedly in a way that harms a large group of people is dumb and potentially suicidal
The rest of the analytics complaints (the 8MiB JS, and the 4kx4k gif to display in the 1x1 image element) are just plain wastes of bandwidth. although not as bad as they could be thanks to gzip and lossy compression.
-
Right; but how does Google know the query comes from the same person who hit the analytics widget?
Please answer in a way that shows you have some knowledge of the problem involved. If you make another post like this one, I'll just assume you're a drooling fuckwit talking gibberish.
Are you being deliberately obtuse, or coincidentally obtuse?
-
I don't understand the purpose of this rambling, nor what it has to do with the subject-at-hand.
If you can't draw the connection, I don't know if explaining it will help.
You asked why people don't like analytics. I'll just say that appealing to someone else's altruism rarely works, but appealing to his self-interest frequently does. I provided an example of someone doing the former and provided a way they could instead do the latter. The switch would almost certainly gain them money, which is what they want.
The analogy, then, would be if the analytics people could come up with a way of making people in general, but specifically whitelist creators, want to work with them.
-
And couldn't you also just as easily glean that data from statistics like how many times each controller was called?
At a page level, you can. At a within-page level, no way. Unless you do ASP.net-style callbacks.
What that means is you can answer questions like, "how many people go from Address to Credit Card Information?" but you can't answer, "what was it about the Address page that caused people to drop out of the funnel?" Heck, you can't even answer, "did the user actually see the Address page on their screen?"
And if so, it matters fuck-all if everyone in the world blocks it, as long as the monitoring tool does not block it also. So what's your fucking point?
Huh? I'm sure you're going to call me a liar, but I honestly have no idea what this paragraph means or what point you're trying to make.
-
Huh? I'm sure you're going to call me a liar, but I honestly have no idea what this paragraph means or what point you're trying to make.
So, assuming you are not being facetious, this would mean you are either being coincidentally obtuse or you are fucking stupid. I know you to be intelligent, so either you are being facetious or coincidentally obtuse.
-
Right; but how does Google know the query comes from the same person who hit the analytics widget?
You could possibly use something like an etag as a cookie instead of whatever they are supposedly actually for.
You could just lie and connect the two systems together. I don't think Google's doing that, but I wouldn't be surprised to find out some advertising network does. If you told me Verizon was doing it I'd believe it.
-
Hrm -- I wonder if you could say that "exceeds authorized access" under the CFAA -- which'd be grounds for a lawsuit, with good potential for a class action at that.
hmm... i could look into that.
the specific flash object i was seeing was one that could be exploited to create an arbitrary code execution attack. none of the ads i saw using it were making such an attack, but the presence of the component could have facilitated the attack by another party also embedding code in the web page.
and knowing the industry, or at least a select number of representatives of it that i'm sure blakey will claim were a minority of the industry, they were only still shipping it because no one had waved court documents in their face saying they had to update.
-
I admit CORS complicates the issue. Google could in theory implement it. Do you have evidence Google is using it?
No, but that wasn't the question, and I like the goalposts where they were. (Note I was just responding to your blanket assertion it can't be done. I have no reason to think anyone is doing it, but I'm willing to bet a small amount of money that Google could do it if they wanted to.)
-
The analogy, then, would be if the analytics people could come up with a way of making people in general, but specifically whitelist creators, want to work with them.
Since the default position for them is "do absolutely nothing whatsoever", I'm not sure exactly what anybody could possibly do. It's not the analytics industry is asking them to do all this labor to implement something; we're just asking them to not go out of their way to block it for no reason. (At least, no reason based on rational thought instead of ignorance.)
-
Yes, because knowing that unique identifiers are built into our browsers is ignorant.
And knowing just how easy it would be for a large organization with large budgets to tie two database systems that were designed as part of a strategic initiative in becoming the world's largest advertizing company makes me ignorant.
-
You could possibly use something like an etag as a cookie instead of whatever they are supposedly actually for.
Etags are subject to XSS rules, AFAIK. If you know otherwise, then by all means educate me.
You could just lie and connect the two systems together.
But how could you do that? The enforcement is on the browser, not on the server-side.
If you told me Verizon was doing it I'd believe it.
Verizon certainly was doing some weaselly shit. Note they got caught almost immediately. And the web analytics community were the first to gripe against it.
No, but that wasn't the question, and I like the goalposts where they were. (Note I was just responding to your blanket assertion it can't be done. I have no reason to think anyone is doing it, but I'm willing to bet a small amount of money that Google could do it if they wanted to.)
It can't be done because:
-
Until recently (CORS) it was literally technically impossible
-
If Google tried to do it by implementing CORS, they'd be caught instantly. Since it shows right there in the web traffic.
You're only replying to point 1. But both points 1 & 2 contribute to my "it can't be done" statement.
-
-
But how could you do that? The enforcement is on the browser, not on the server-side.
Too stupid. Again, browsers leak enough information to uniquely identify users. The only thing a malicious analytics company has to do is log these details when users visit content, and use the details when they serve ads.
-
See also my reply to Captain. Please demonstrate in your next response that you've spent at least 15 milliseconds thinking about the problem.
If I wanted to do it I would attempt a multilayered method to create a reasonably-unique identifier. I'd probably use cookies, etags, local storage, and so on to attempt to create identities that could be paired up. Captain (?) mentioned the eff link that supposedly provides a pretty decent browser fingerprint.
If I wanted to hide what I was doing, I would use something like etags to provide one identifier via analytic software, a different one via ad software, and then attempt to keep track of them outside of the web server context. That is, have a database table linking the two. I don't know how feasible it is, but I've only spent a minute or so on it. (Don't get hung up on my mentioning etags. This is not an area I know a hell of a lot about, so "etags" is a bit of a handwave. I meant "some thing that would attempt to be useful as a more or less unique identifier". Microsoft, during the XP beta, attempted to spot leakers by embedding a GUID in the middle of the ISOs you could download. Someone who knows more about this shit than I do could probably create some method of fingerprinting a browser: order of fields in form submissions, or what looks like a session ID but actually has a few extra characters embedded in there that can be pieced back together to form a separate ID.
If I were serving ads to tens or hundreds of millions of people I might not even worry about anywhere close to "unique identifier". If I could tie together a small fraction of those people I would have a pretty big database.
-
Yes, because knowing that unique identifiers are built into our browsers is ignorant.
The webpage that specifically says it collects only anonymous data is somehow claiming that... magically... someone can use the same mechanism to collect non-anonymous data? Huh? TDEMSYR.
And knowing just how easy it would be for a large organization with large budgets to tie two database systems that were designed as part of a strategic initiative in becoming the world's largest advertizing company makes me ignorant.
Tying the database servers together isn't the problem, for what feels like the 57 thousandth time. Uniquely identifying users across two different domains is the hard part.
-
Tying the database servers together isn't the problem, for what feels
like the 57 thousandth time. Uniquely identifying users across two
different domains is the hard part.EXCEPT THAT THEY CAN BE UNIQUELY IDENTIFIED BY THEIR BROWSERS.
-
EXCEPT THAT THEY CAN BE UNIQUELY IDENTIFIED BY THEIR BROWSERS.
I'm waiting for the explanation of how.
Simply repeating a claim isn't the same thing as proving a claim. Even if you use all-caps.
-
Somebody has requested that I stop feeding the useless asshole troll. And it seems like good advice at this point, since the point has been made to everybody but the useless asshole troll.
