Sensationalist reporting on

January 18th, 2006

People have been making headlines out of the new ping attribute implemented in Firefox Trunk which I wrote about a week ago. Slashdot calls it spyware and says:

The Mozilla Team has quietly enabled a new feature in Firefox that parses ‘ping‘ attributes to anchor tags in HTML. Now links can have a ‘ping’ attribute that contains a list of servers to notify when you click on a link. Although link tracking has been done using redirects and Javascript, this new "feature" allows notification of an unlimited and uncontrollable number of servers for every click, and it is not noticeable without examining the source code for a link before clicking it.

Calling it spyware is a bit over the top but it sure makes a good headline.

Digg writes "New Surveillance Tool Silently Enabled in Firefox":

The Mozilla Team has silently turned on a new feature in Forefox called "<a ping>" that will allow Web site operators to silently conduct surveillance on Firefox users’ browsing activity. This new "feature" will cause Firefox to notify any server, or a whole list of servers, when you click a link. 

AJAX is worse for privacy

An "web 2.0" application using XmlHttpRequest/AJAX can phone home with details of what you have written in forms or parts of your password before you’ve even finished typing it in. If you type in half of your Amazon password on another site before realizing your mistake it could already be too late. What you typed in could have already been sent home using AJAX.

People are already doing it

It is common practice for websites to link to external websites through a redirection URL. For example, most adverts you see will not link directly to the advertiser’s website but through a page on Google’s website or whoever sells the advert space.

This has several problems:

  • It slows down the user because they have to wait for Google’s page to load up before they can reach their destination page.
  • Websites use all kinds of ugly hacks - Javascript, Images to track which links visitors are clicking on but to hide the fact from the user.

HTML 5’s a ping attribute gives web developers another way - a way to clean up their code, a way for user agents to expose the fact that they other websites will be notified. Web Developers can finally be up front about the fact they track clicks and it speeds up and improves experience on the web.

Silently Enabled?

All this FUD about silently enabling <a ping> is rubbish. It was discussed publicly on Bugzilla and anyone who reads The Burning Edge will have seen the new feature announced.

Secondly, how on earth does an article which misspells Firefox get on the front page of Digg? 

  • Uncategorized
  • Comments(0)
  1. Firefox 2.0 implements
  2. Firefox 2.0 now has Safe Browsing
  3. Google using nofollow on Katrina charity website links
  4. Clicking Logos
  5. Creating Microsummaries (How to & Evo)

Trackback URI | Comments RSS

Leave a Reply