I’m not going to copy all the data here, you can read it on my blog with all the external original links and news. WOT is quite popular here if I remember correctly and I thought people will be interested in reading this…
I’ve now turned to avast! Online Security as primary rating tool. I really miss saving of existing ratings and comments with avast!, but it has other goodies and at least avast! team is more open when privacy concerns are raised.
Personally I have never used WOT, Avast rating or any other rating tool, except for testing.
As I don’t think user ratings/opinions add anything significant to a good configured security setup.
Almost no user has a clue what he is talking about when it comes to security and things like that.
And since comments are not checked for accuracy, you can say they are worthless.
Maybe so, but I found it to be interesting resource. Individual comments maybe didn’t mean much, but you could often see a trend and then form your own opinion.
Big thing with WOT canvas fingerprinting and selling your profile to the highest bidder.
Is not Ghostery just doing the same and loads of others. Difference they are upfront about it.
Only sin for WOT was they forgot to mention it in their eula. (vanished from their 2011 add-on edition).
Who was there first and no-one reacted? Wasn’t that and isn’t that Big Data-slurper nr. 1, Google,
and who moans about Facebook’s ridiculous ‘polycor’ censorship? Too big to fail?
(without any rules nor even trying to defend their policies).
I know there is a big Russian userbase out there on WOT, and isn’t that again the “Big Evil Empire” now?
RejZor is right however about the 100% insecure tracking there.
100% of the trackers on this site could be protecting you from NSA snooping. Tell mywot.com to fix it.
Identifiers | All Trackers
Insecure Identifiers
Unique IDs about your web browsing habits have been insecurely sent to third parties.
And for my.WOT your also dependant on CloudFlare security (a service that I cannot and won’t trust fully with e2e):
Unique IDs about your web browsing habits have been securely sent to third parties.
And the canvas fingerprinting: CanvasFingerprintBlock
Blocked 1 potential HTML canvas fingerprinting attempt on this page
Prevented a script on -https://www.mywot.com from capturing the following 32px × 32px canvas (via toDataURL):
WOT has now been catched almost red-handedly to do this. But Mike Kuketz says Ghostery is probably into this too and they are known to even ask their extension user permission to do this on installing the extension.
I see that it is a wide-spread issue on mobile platforms, think of AdMob and MoPub collecting location information and device or mobile network information, seems all Avast apps are AdMob driven now.
So I wonder how many of our Google Chrome extension api’s are “kosher” or “hallal” in this respect.
There is a lot of temptation out there for developers and owners of extensions and it is all about big money.
It is the api that is spying on you too. Just install Nirsoft’s WebCookieSniffer and you get an api.mywot.com cookie with authid, a session id cookie and like Kuketz told a language cookie, and all of them are user identifiable. So first thing that happens when I start WebCookieSniffer is an api.mywot.com cookie is being set for all of my existing browsing session.
This is much as what Kuketz describes in a nutshell.
There DrWEb is not involved,Google does this and whenever Google cannot do this,
the extensions are not allowed to be on their platform and are thrown out because of some dreamt-up violation of terms.
So actually we have to get accustomed to this situation going on behind our backs all of the time,
and that there is no escape from this really
Now poor fanboyish WOT is being put into the hall of shame, when almost all and every Google or firefox extension/add-on,
for that matter is into this game in one way or another.
Sad, but it is the situation we have, we can no longer get away from this behavior
or are being asked to fill out CloudFlare captcha’s all the time working tor or orbot to prove wer’e human sheeplings,
as RejZoR always so aptly classifies us as human beings.
Again there is more to it, than we might think at first hand.
But we really should make people aware.
These extensions are a marvellous way of drawing you further into the so-called “Internet Bubble”, like Pokemon Go etc.
With this “Internet Bubble” we mean that, whenever you expose yourself to services that get more and more of your profile,
you risk being more and more “fenced in” by your Internet surfing history and habits.
Google for instance knows exactly how to do this.
They turned it into a real science, and the final conclusion should be that anyone profits from it -but you, as you are the product.
You make think otherwise. You are wrong again.
By getting to know more and more specifics about your Internet profile, they will more and more confront you with what you already think about yourself.
More and more of your own preferences and likings are “mirrored back” to you to get you hooked into that tunnel vision of yourself further.
And so you may loose sight on what is outside, and that may just be what they want you to do.
That way you only pay attention to issues, that they want you to watch out for,
and you might miss what they do not want you to see.
Try to use a search engine that does not profile you like Duch duck go.
Send an old-fashioned card again once in a while.
Read an online e-book.
Oh, … and turn that screen resolution somewhat down at night in the bedroom,
you may sleep better!
Personally, when you have to start going to these degrees to stop something like this you really have to consider why you should keep it. Not to mention, what is to stop them adding more IPs, it could be a constantly moving target.
Also as has been mentioned Google and Mozilla have taken down the WOT add-on.
My idea is to disable the add-on/extension in the browser as long as we haven’t heard anything from the alleged perpetrators.
It is a shame my alter-alias has a Silver Membership there (now I am not gonna tell his name).
@ Asyn: “Wer einmal lügt, dem glaubt man nicht, und wenn er auch die Wahrheit spricht.
Das gilt jetzt auch und vor allem für WOT.”
And they are also into canvas fingerprinting profiling: CanvasFingerprintBlock
Blocked 1 potential HTML canvas fingerprinting attempt on this page
Prevented a script on -https://www.mywot.com from capturing the following 32px × 32px canvas (via toDataURL):
From the WOT privacy policy "SHARING DATA WITH THIRD PARTIES
We do not share any Personal Information collected from you with third parties or any of our partners except in the following events:
Law Requirement: we will share your information, solely to the extent needed to comply with any applicable law, regulation, legal process or governmental request (i.e., to comply with courts injunction, comply with tax authorities, etc.)
Policy Enforcement: we will share your information, solely to the extent needed to enforce our policies (including our policies and agreements), including investigations of potential violations thereof, including without limitations, investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues;
Company’s Rights: we will share your information, solely to the extent needed to establish or exercise our rights to defend against legal claims;
Third Party Rights: we will share your information, solely to the extent needed to prevent harm to the rights, property or safety of us, our users, yourself or any third party; or (vi) for the purpose of collaborating with law enforcement agencies or in case we find it necessary in order to enforce intellectual property or other legal rights.
Affiliated Companies: We may share your data with our parent company, any subsidiaries, joint ventures, or other companies under common control (“Affiliated Companies”) solely if and when applicable or necessary for the purposes described in this Privacy Policy.
Corporate Transaction: We may share Information, including Personal Information, in the event of a corporate transaction (e.g. sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our Affiliated Companies or acquiring company will assume the rights and obligations as described in this Privacy Policy.
If we combine Personal Information with Non-Personal Information, the combined information will be treated as Personal Information for as long as it remains combined."
After reading Asyn’s relpy (#11) I’m removing WOT from Firefox, Chrome and Vivaldi.
