I've always added analytics scripts on websites I worked on. It was second nature for me. Then when I got my own start up, I didn't just add regular analytics but one that tracks mouse movements so you can watch sessions back like a video [0].
I told a friend about my start up and she jumped on it immediately. I opened the tool and watched her interaction. Then I told her "oh so you opened the dev tools" She immediately ended the session. "How did you know? That's creepy". It was the first time I've actually felt like these tools invade privacy.
Yeah, we include it in our terms and condition and privacy page, but I don't think users truly grasp how those tools work. I understand that all analytics tools provide this feature now, but its always creepy to know someone can watch what you are doing.
Nice! It shouted "Bot" when I ran this in the console
for (let i = 0; i < 1000; i++) {
document.querySelector(".button")?.click();
}
pokpokpoktoday at 3:07 AM
I show this in my interface programming class to introduce people to the concept of input events.
Thinking of input as a series of discrete events is an interesting cognitive model that many experienced programmers take for granted!
CSMastermindyesterday at 11:58 PM
This brings me back to the glory days of StumbleUpon. Highly recommend.
Barbingtoday at 1:00 AM
Awesome. Looking for this as an iOS app, since I learned dismissing notifications phones home. (Useful feature for multidevice cloud services but can be creepy, companies learning the notifications we expand or leftswipe away… learning our sleep schedules and preferences and all that in ways we might not have specifically expected in this exact case)
Apps know when we’re on WiFi, when we force quit, have potential to have motion sensor access if opting in…
Not sure the presentation needed for acceptance into the App Store. As a security checkup tool or something…
mrkn1today at 12:05 AM
I made something very similar 2 weeks ago, re the upcoming OpenAI phone.
It was the spring of 1993. UPS dropped a huge package at my door. It was Visual C++ 1.0 in a 50-story-high white box that weighed a ton. I spent the whole day reading manuals and messing with it. When my wife came home that night, I couldn't wait to show her what I finally managed to pull off -- a maximized window that contained a single button that filled the entire space of that window. And the label said "Click Me." My wife clicked that button, and nothing happened.
"What's the point?" she asked.
I said, "You can click it."
"But what's the big deal?" she was baffled.
"You can click it,“ I said.
“That's the big deal."
deletedtoday at 12:56 AM
preinheimeryesterday at 11:47 PM
Heads up: there's audio. It does add something.
maxverseyesterday at 11:41 PM
I enjoyed playing with this. Wild how much it knows.
deletedtoday at 12:40 AM
herpdyderptoday at 12:00 AM
Looks like it got HN’d to death
hspeiseryesterday at 11:43 PM
thats pretty creepy. I find it unnerving that they know exactly where my cursor is.
10000truthsyesterday at 11:52 PM
I'm getting a PR_END_OF_FILE_ERROR when I try to open the page in Firefox on Linux.
Sophiratoday at 1:07 AM
I'm guessing this is supposed to illustrate how tracking is ubiquitous, given what I see in the source code.
In my case, though, after carefully enabling only scripts from the site and the Cloudflare CDN, but not enabling XHR/websockets back to the source page, or any cookies, the only thing that happens for me is:
1. I see a button and an exhortation to click the button.
2. I click the button.
3. The site goes "Subject has clicked the button."
4. The site goes "...".
...and then nothing else happens, no matter where I click or move my mouse. In the background I can see attempted websocket connections, but I'm blocking those so they can't happen.
If the aim of the game is to open people's eyes to the dangers of online tracking, it feels like there should be a reward mechanism if such tracking is blocked!
briandwyesterday at 11:59 PM
Very fun, I enjoyed seeing what it would react to.
jamiek88yesterday at 11:35 PM
Hmmm. Clever and a little spooky!
grumpymuppettoday at 12:28 AM
As a semi-savvy programmer, but with little experience in web-dev, I'm actually a bit ignorant of what a site can measure -- client side -- versus collect server side.
Presumably it's a simple matter to send something back to a server, but I've really never thought about the mechanisms involved.
ProAmyesterday at 11:55 PM
This is a great POC about how you give up privacy just using the web. This data is bought and sold and more and used against you every day
busymom0yesterday at 11:52 PM
I am not sure what I am looking at. It's telling me things which I expect any website to know via basic javascript. What am I missing?