undefined | Better HN

0 pointsAbundnce1010y ago0 comments

Nice! I'm seeing an `X-Uidh` attribute in my request headers, is that the Verizon Zombie Cookie?

0 comments

bndw10y ago

Looks like that's the one: http://www.verizonwireless.com/support/unique-identifier-hea...

Not that I approve at all of what Verizon is doing, but apart from the item about opting out ("Verizon Wireless will stop inserting the UIDH after a customer opts out of the Relevant Mobile Advertising program"), this stands out:

They plan to (eventually) only send this to Verizon-owned (or contracted) servers. This has two roughly equivalent corollaries:

1. They don't need to use a header for this because they can trivially accomplish the same thing with a database of IP addresses.

2. They can trivially accomplish this with a database of active IP addresses, so it doesn't really matter if they use a header or not.

Incidentally, other ISPs do this too, but for more benign reasons because they don't (as far as I know) own an ad network: for example, T-Mobile automatically logs you in to My T-Mobile when you access it over 3G. Basically, if your ISP wants to track you, they will have no trouble with this (except to the extent that they can be stopped with SSL). You'll just have to switch ISPs, if possible.

j / k navigate · click thread line to collapse