# Another reason to dump Verizon - always trackable super cookie



## drmike (Jan 14, 2015)

Zombie Cookie: The Tracking Cookie That You Can’t Kill


An online ad company called Turn is using tracking cookies that come back to life after Verizon users have deleted them. Turn’s services are used by everyone from Google to Facebook.

An online advertising clearinghouse relied on by Google, Yahoo and Facebook is using controversial cookies that come back from the dead to track the web surfing of Verizon customers.

The company, called Turn, is taking advantage of a hidden undeletable number that Verizon uses to monitor customers' habits on their smartphones and tablets. Turn uses the Verizon number to respawn tracking cookies that users have deleted.



Does Your Phone Company Track You?

CHECK FOR TRACKING CODE
 

 

Click from your smartphone or tablet (with Wi-Fi turned off) to see if your telecom provider is adding a tracking number. We don't save any information.

Al Shaw and Jonathan Stray, ProPublica




"We are trying to use the most persistent identifier that we can in order to do what we do," Max Ochoa, Turn's chief privacy officer, told ProPublica.

Turn's zombie cookie comes amid acontroversy about a new form of tracking the telecom industry has deployed to shadow mobile phone users. Last year, Verizon and AT&T users noticed their carriers were inserting a tracking number into all the Web traffic that transmits from a users' phone – even if the user has tried to opt out.

Users complained that the tracking number could be used by any website they visited from their phone to build a dossier about their behavior – what sites they went to, what apps they used.

 In November, AT&T stopped using the number. But Verizon did not, instead assuring users on its website that "it is unlikely that sites and ad entities will attempt to build customer profiles" using its identifiers.

When asked about Turn's use of the Verizon number to respawn tracking cookies, a Verizon spokeswoman said, "We're reviewing the information you shared and will evaluate and take appropriate measures to address."

Turn privacy officer Ochoa said that his company had conversations with Verizon about Turn's use of the Verizon tracking number and said "they were quite satisfied."

Turn's actions were spotted by Stanford researcher Jonathan Mayer, and confirmed by ProPublica's testing.

Turn and Verizon also have a separate marketing partnership that allows Verizon to share anonymized information about its mobile customers. In April, Verizon sponsored a Turn event in New York City called " Bringing Sexy Back to Measurement."



rest of the article here:  http://www.propublica.org/article/zombie-cookie-the-tracking-cookie-that-you-cant-kill


----------



## mojeda (Jan 14, 2015)

I believe you can circumvent this by using a VPN on your phone.


----------



## Steven F (Jan 14, 2015)

I just checked from my Samsung Galaxy S5 Verizon cell phone and I am not being tracked, according to the link provided in the article above. So, I mean, what percentage of people are being tracked?


----------



## drmike (Jan 14, 2015)

I am hoping there are fixes and workarounds, but expect most of them won't be in the default Verizon network - normal customer use stream.

Folks need to lean on the industry about these intentionally shady practices.


----------



## lowesthost (Jan 14, 2015)

Just checked my AT&T no tracking


----------



## TruvisT (Jan 14, 2015)

lowesthost said:


> Just checked my AT&T no tracking


Yep. They used to but dropped it.



mojeda said:


> I believe you can circumvent this by using a VPN on your phone.


Yes, that is true. The scary fact is many have discovered how to pull the "super cookie" and can now use it to their advantage against you.

Long story short. Drop Verizon or VPN up.


----------



## Dylan (Jan 15, 2015)

Steven F said:


> I just checked from my Samsung Galaxy S5 Verizon cell phone and I am not being tracked, according to the link provided in the article above. So, I mean, what percentage of people are being tracked?


I'm on Verizon and it says I'm not being tracked either.


----------



## tonyg (Jan 15, 2015)

Another Verizon user and the link on the website states that I'm not being tracked.

What that means I'm not sure:

Did Turn and Verizon find a way to circumvent the check?

Did Verizon cut this program?


----------



## dcdan (Jan 15, 2015)

Wouldn't SSL prevent this?


----------



## TruvisT (Jan 15, 2015)

tonyg said:


> Another Verizon user and the link on the website states that I'm not being tracked.
> 
> What that means I'm not sure:
> 
> ...


Highly doubt they cut the program. The money they make from your meta data... more likely they changed the system up?

SSL will protect(at least for now). Remember, when you connect through their routers, that is where the injection is taking place. So you are safe via Wi-Fi and other connections as far as I know.

You can turn off marketing setting but I do not know if that fully disabled the special tracking ID or not.


----------



## willie (Jan 15, 2015)

Thing is Verizon won't connect to phones that you don't get from them, and with phones you do get from them, they control the software and keep reinstalling their malware with OTA updates.  The only Verizon internet product I think of using is a mifi hot spot, so I'd connect my laptop to a VPN through it, not letting them touch either the internet traffic or the laptop software.  But really, I've gotten along fine so far without always-on mobile internet.  I have a Verizon voice-only dumb phone that I keep powered off almost all the time.  I turn it on if I want to call someone or if I expect to receive a call on it.


----------

