John Sprocket wrote:
hehe. look at it metaphorically (like guest inside establishment) you're head of security at a casino you monitor a specific area full of people/users. you have your normal people you can see and possibly identify if you so care. there's a group of people that walk in and are wearing clothing that is obviously meant to obscure their intentions. would you let them stay in your casino, or would you ask them politely to take off their masks?
Bad analogy. A better one is: Do you ask all people for some form of identification before they can enter your establishment? In effect, the act of visiting a Web site discloses information about the visitor. Even if the person blocks cookies, Javascript, Java, Flash, and all the rest, there is still the IP address. If the IP address is fixed, it is possible to build a profile on that user, or small group of users. Perhaps the person isn't interested in being "profiled." Do you (it's a generic "you") value profiling over having visitors to your site?
One also needs to keep in mind that it's not just the visited Web site collecting information. There are certain governments collecting information that is, as Valdis put it, "none of [their] damned business" to collect. The visitor may be using TOR to inhibit such data collection.
Wired has a good essay by Bruce Schneier called "The Eternal Value of Privacy." I commend it to all:
http://www.wired.com/news/columns/0,70886-0.html -- Hawaiian Astronomical Society: http://www.hawastsoc.org HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/