According to a TechCrunch story, Citibank is putting a warning message up for users of comment and blog tracking services.


As it turns out, there is a known issue with the coComment plug-in and, though I'm not familiar with the service, it sounds like BlogRovr also has a browser extension.

Since I use MyBlogLog here, I want to re-emphasize that this message above doesn't apply to this service. MyBlogLog works by saving a cookie to your machine under the domain. When you go to a site that has included the MyBlogLog JavaScript, it can interact with that cookie and know who you are. The MyBlogLog tracking script does have some logic for tracking clicks within an IFRAME (to handle Google AdSense clicks). Since Citibank doesn't include the MyBlogLog script on their page, it doesn't interact with the service. When you're here or on any other blog that uses MyBlogLog, the service doesn't even know you were on the Citibank page much less being able to track what you've done there.

When you're using a JavaScript-based service like MyBlogLog or Intense Debate, the code runs in a sandbox with limited rights. On the other hand, if you're installing a browser extension, it has the ability - by design - to interact with every page you use and completely track your usage and what you type. Obviously, it makes sense to exercise caution in what extensions you install.

Anyway, I just wanted to reassure everyone that these kinds of warnings don't apply to the comment and tracking services I'm using here.

blog comments powered by Disqus