Home Depot does this in a way that consumes my whole upload bandwidth, dragging down the entire connection (moved and haven't gotten around to reintegrating the proper router with tc(8)). As a result, I've moved towards using Lowes to spec things out, even though it's a 45 minute drive and their products are of generally inferior quality. Good job, surveillance parasites - you're starting to kill your hosts!
(I'm sure Lowes is or will be doing something similar, as faux-competition duopolies tend to move in lockstep. But the outright callous boneheaded execution still amazes me).
To be fair, FullStory spends a lot of time in their onboarding, UI and docs encouraging you to check and double check that anything sensitive is excluded. They broadcast this message so clearly that it's obvious that they take privacy seriously (or, about as seriously as any over-the-shoulder-peeking service could), and they strongly encourage their users to adopt the same stance.
This article makes it seem like their defaults are the only exclusion settings possible, which is very far from the truth.
I feel like FullStory is being blamed for trying to provide some minimal default exclusion settings at all. I assume the same holds for competing services.
I'm not saying that this means the core premise of this is wrong: there's many things to dislike about session recording services. But the article goes on and on about a few defaults, instead of focusing on the dangers of the core concept and loses the argument that way IMO.
Yes, the on boarding for FullStory is excellent and they go out of their way to help you try to get it right. Odds are you'll end up doing a better job at protecting privacy in FullStory than in your own log files, but YMMV.
Does anyone know if ublock origin blocks this kind of stuff? Yet another reason to never disable it. I'm starting to realize it's a lot more than an ad blocker, but more like a firewall to protect the client against malicious sites with crypto miners, trackers and this stuff...
Hi, one of the authors here. We discuss this in the last section of the post. uBlock Origin uses lists to determine which requests to block. We tested the two largest, EasyList and EasyPrivacy, and both fail to block scripts from FullStory, Smartlook, and UserReplay.
uMatrix stops everything 3rd party from loading by default, but makes it easy to whitelist as you go. It makes browsing extra work for most sites (it adds the step of having to eduguess what you need to enable for the site to function properly - very, very few do so when third parties are blocked) but I find it's worth it.
+1 for highlighting the privacy concerns, but -1 for blaming the software for not having strong enough defaults.
As someone who has integrated FullStory into a production site, I spent several days doing a careful audit of our forms and redacting fields from being tracked. FullStory has an excellent, universal account setting to automatically redact fields based on any CSS selector, so it's very, very easy to tell it to remove any sensitive information - or even all form fields! - if that's what the website publisher desires. Out of the box I found that it correctly blocked credit card fields and passwords correctly, and we were able to add additional fields that are sensitive.
Again, rightly so that a website publisher may want more information than you desire, but they could also store your info in plaintext in the database, making it easy for hackers to exfiltrate as well. Yes, this is another vector, but hardly the easiest one.
Read the article. Noob Q. Surely not ALL the browser tabs are vulnerable to the getting recorded? In other words only the tabs that are connected to websites that contain these recording JS scripts are vunerable, correct?
Correct. I think there's a caveat if the two different tabs render two different documents but on the same domain, interactions on each could be recorded by either tab.
It blocks scripts for analytics, social sharing, etc. and gives a simple UI for reenabling any (in those situations when someone wrote their JavaScript such that button presses fail if Google Analytics is not loaded -- which is not nice).
DAMMIT. Once again the question that immediately come to mind is "Why the FUCK do browsers facilitate this shit?"
C'mon you stupid web devs on HN tell me again all your excuses to need these capabilities. Sorry to generalize to all those of you who don't do this, but many of you still want those capabilities that have opened the door. And those browser devs... It's like they compete to sell out the users by adding "features".
Ok, here's a real example of how fullstory can help provide a better product. Bug reporting. A user gets a JS error on the page, but say my application is pretty complex, and the state machine I've built can't handle a particular state. Well, I can easily walk through the recording of what the user had done and reproduce the issue.
I can actually hop on a call with this user and walk them through how to do something, while looking at what page and what inputs they have filled in. This takes frustrating back and forth of "What do you see now?" that happens without this tool.
Say I want to influence user decisions by offering subtle cues to push them towards something that will be overall beneficial for them. By watching certain key users we can know what frustrates them (erratic mouse movements, long time searching for features etc) and what things they grok easily.
The article totally washes over a super important feature of fullstory, excluding elements[0]. When you include a simple class name or specifically selecting what you'd like to exclude.
> but many of you still want those capabilities that have opened the door
Rest assured the majority of (web) developers does not like this crap a bit. Most of the pressure to add hundreds of analytics toolkits, trackers or these snoopers come from marketing - they (or worse, the C-level execs) get convinced that they need to integrate tool XYZ to "stay competitive" or "improve their customer retention" or whatever buzzword goes today, and the devs at the bottom of the chain are left to implement it.
Browsers became a way to deliver general-purpose applications over the Internet rather than just structured documents. Once they did, then all of the features that are being maliciously used here have very useful applications like responding to mouse input.
It's not "the browsers" it's primarly the culture of including "whatever" on the pages one maintains. It's so easy as it typically doesn't affect negatively those who decide to do so.
[+] [-] mindslight|8 years ago|reply
(I'm sure Lowes is or will be doing something similar, as faux-competition duopolies tend to move in lockstep. But the outright callous boneheaded execution still amazes me).
[+] [-] skrebbel|8 years ago|reply
This article makes it seem like their defaults are the only exclusion settings possible, which is very far from the truth.
I feel like FullStory is being blamed for trying to provide some minimal default exclusion settings at all. I assume the same holds for competing services.
I'm not saying that this means the core premise of this is wrong: there's many things to dislike about session recording services. But the article goes on and on about a few defaults, instead of focusing on the dangers of the core concept and loses the argument that way IMO.
[+] [-] kevinconroy|8 years ago|reply
[+] [-] seiferteric|8 years ago|reply
[+] [-] englehardt|8 years ago|reply
[+] [-] GrinningFool|8 years ago|reply
[+] [-] JoshMnem|8 years ago|reply
[+] [-] kevinconroy|8 years ago|reply
As someone who has integrated FullStory into a production site, I spent several days doing a careful audit of our forms and redacting fields from being tracked. FullStory has an excellent, universal account setting to automatically redact fields based on any CSS selector, so it's very, very easy to tell it to remove any sensitive information - or even all form fields! - if that's what the website publisher desires. Out of the box I found that it correctly blocked credit card fields and passwords correctly, and we were able to add additional fields that are sensitive.
Again, rightly so that a website publisher may want more information than you desire, but they could also store your info in plaintext in the database, making it easy for hackers to exfiltrate as well. Yes, this is another vector, but hardly the easiest one.
[+] [-] joosters|8 years ago|reply
The default, as the article suggests, should be to redact all fields, then let the company opt-in the fields that they really mean to record.
[+] [-] maxerickson|8 years ago|reply
[+] [-] kevinconroy|8 years ago|reply
[+] [-] itissid|8 years ago|reply
[+] [-] scarmig|8 years ago|reply
[+] [-] tzahola|8 years ago|reply
[+] [-] drewda|8 years ago|reply
It blocks scripts for analytics, social sharing, etc. and gives a simple UI for reenabling any (in those situations when someone wrote their JavaScript such that button presses fail if Google Analytics is not loaded -- which is not nice).
[+] [-] inetknght|8 years ago|reply
[+] [-] servilio|8 years ago|reply
[+] [-] unknown|8 years ago|reply
[deleted]
[+] [-] unknown|8 years ago|reply
[deleted]
[+] [-] jlgaddis|8 years ago|reply
[+] [-] phkahler|8 years ago|reply
C'mon you stupid web devs on HN tell me again all your excuses to need these capabilities. Sorry to generalize to all those of you who don't do this, but many of you still want those capabilities that have opened the door. And those browser devs... It's like they compete to sell out the users by adding "features".
[+] [-] Myztiq|8 years ago|reply
I can actually hop on a call with this user and walk them through how to do something, while looking at what page and what inputs they have filled in. This takes frustrating back and forth of "What do you see now?" that happens without this tool.
Say I want to influence user decisions by offering subtle cues to push them towards something that will be overall beneficial for them. By watching certain key users we can know what frustrates them (erratic mouse movements, long time searching for features etc) and what things they grok easily.
The article totally washes over a super important feature of fullstory, excluding elements[0]. When you include a simple class name or specifically selecting what you'd like to exclude.
[0] http://help.fullstory.com/technical-questions/exclude-elemen...
[+] [-] mschuster91|8 years ago|reply
Rest assured the majority of (web) developers does not like this crap a bit. Most of the pressure to add hundreds of analytics toolkits, trackers or these snoopers come from marketing - they (or worse, the C-level execs) get convinced that they need to integrate tool XYZ to "stay competitive" or "improve their customer retention" or whatever buzzword goes today, and the devs at the bottom of the chain are left to implement it.
[+] [-] ggg9990|8 years ago|reply
[+] [-] eadmund|8 years ago|reply
Because their developers were too busy wondering if they could to wonder if they should.
The modern web is like Moria: we've delved too deeply, and have awaken a slumbering horror.
[+] [-] acqq|8 years ago|reply
And it's typically not a decision of one person.
[+] [-] unknown|8 years ago|reply
[deleted]
[+] [-] throwawaymaroon|8 years ago|reply
[deleted]