Microsoft’s Hand Caught in ‘Supercookie’ Jar
Microsoft announced today that it has disabled a tracking code used on its websites that apparently could track users as part of a “supercookie” tracking scheme. Supercookies are present even after the user deletes the cookies from their browser.
Apparently, MSN.com, Microsoft.com, and Hulu.com were identified by Stanford researchers as sites that had this super-cookie. It appears that Time Warner’s Flixter.com social networking service and Charter’s portal uses the same super-cookie code.
Hulu.com was found to use code from the Kissmetrics Web traffic tracking firm for persistent tracking and that the site can store tracking code in Adobe Flash files. As far as MSN and Microsoft.com go, Microsoft issued a statement regarding the findings:
“Mr. Mayer identified Microsoft as one among others that had this [supercookie] code, and when he brought his findings to our attention we promptly investigated. We determined that the cookie behavior he observed was occurring under certain circumstances as a result of older code that was used only on our own sites, and was already scheduled to be discontinued. We accelerated this process and quickly disabled this code,” Microsoft stated.
“Microsoft has strong privacy standards that govern the development and deployment of our products and services. We work hard to build privacy into products, and we also engage with government, industry, academia and public interest groups to develop more effective privacy and data protection measures,” Microsoft further explained.Further reading: Microsoft, Security