Posted by: elmicker
you can turn it off in firefox's about:config if it bothers you that much, just set network.http.sendRefererHeader to 0 (def 2).Except that applies globally.
Posted by: Skibur
It looks like IE10 will have this by default.If it's the DNT header (Do Not Track) you're talking about, that's not the same. The DNT header is incredibly pointless too, since it requires the server-side to check whether it's present, and even then there's still no reason why it can't or won't track you; there's no requirement that the server has to abide by.
Posted by: mneo
I don't think it's worth the trouble. private groups are not accesible by anyone who is not a member, anyway.It's not so much about that, but rather the fact that details that are supposed to be private are, well, not private. And at the very least, the linked site will be able to see where you've been linked from (bungie.net), and find the group the link was posted in (assuming the link was posted in a group and not something like a PM).
In fact, this is the same problem with things like Facebook plugins. If content from Facebook is embedded in a webpage (like this one) and you are signed in [to Facebook] while you visit the page, Facebook can then know that you have visited that specific webpage (down to the URL in your address bar) by associating the referring URL that's generated by loading the embedded object (eg. a Like button or conversation box) with your Facebook profile.
This is, IMO, a major privacy concern that is also not limited to Facebook.