How Do I Keep My Privacy While Using Google? 533
Posted
by
Soulskill
from the encrypt-your-search-terms dept.
from the encrypt-your-search-terms dept.
hubert.lepicki writes "I use Google all the time. I keep two GMail tabs open when I'm online (one is private, another is a corporate account), I use Google search, and recently I switched to the Chromium browser. Google's services are fast, easy to use and usually reliable. At the same time, I know Google is tracking everything I do; I can see it in search results or their ads on web pages, which tend to match my interests. After the recent post by Mozilla's community director suggesting Bing has a better privacy policy (a response to questionable comments from Google CEO Eric Schmidt), I started to... 'google' ways of keeping my private data safe while browsing and using Google services. The results weren't very helpful, so I ask you, Slashdotters: how do I stay anonymous to Google while using their services?"
Ideas (Score:5, Interesting)
TrackMeNot (Score:5, Interesting)
Look up the TrackMeNot Firefox extension. It spams Google and the other search engines with randomly generated but plausible search queries, so there's no real way that any of these companies can build a profile on you. If you browse with ads, however, prepare for some really bizarre ones.
Easy. (Score:3, Interesting)
Block Javascript, block all Google cookies, have no Google accounts. Occasionally permit scripts and cookies for long enough to look at a map (oh, and also block all advertising with Privoxy).
Works for me, but I don't think I'm quite Google's idea of an ideal user (that's *user*, not *customer*).
You Don't (Score:5, Interesting)
If you are logged into gmail you cannot possibly retain your privacy.
Short of deleting all google cookies and changing your ip after using gmail you cannot retain your privacy.
Re:Ideas (Score:5, Interesting)
This is like a steer asking, "how can I keep getting this free food and board without being taken to the slaughter house later?"
To Google, you are the product. They are selling advertising. More specifically, they are selling your attention to marketers. Giving you privacy is contradictory to the entire purpose of their existence. They give you nice, fast, free stuff to keep you hooked in to their services and to keep collecting more data so that they can sell more advertising.
There is no privacy using Google services. There never will be. They will keep encroaching into your private info as far as you let them.
Re:If you asked me... (Score:3, Interesting)
What exactly are these illegal actions you're talking about? Using other people's WiFi? Sneaking onto other people's computers? I'm honestly curious as to what you meant.
Its the cost of admission... (Score:4, Interesting)
Re:Ideas (Score:3, Interesting)
Yeah, but that's not really going to be reliable, is it ? For them, I mean. Do they have their intelligence into IP address space allocation so far advanced that they'll be able to tell the difference between an individually held IP address and one that's doin' a whole lot a nattin' ?
I get cross gmail account ads (Score:5, Interesting)
As with a comment above, "if you have nothing to hide", I don't have anything to hide. But it is somewhat unsettling.
Re:If you asked me... (Score:2, Interesting)
Re:Tor? (Score:4, Interesting)
Except for the fact that most Tor nodes are trojaned DoD machines, with all sorts of data->disk logging features. Or not. But how could you tell?
Re:You don't (Score:5, Interesting)
Re:Ideas (Score:3, Interesting)
If I were a paranoid person I wouldn't bother with the installing, formatting and reinstalling. I'd just use a livecd
Re:Truth is, there is no privacy anywhere. (Score:3, Interesting)
They have to log everything
No. No they don't. If they do log it, then they may have to release it to a court or whatever, but I can say quite definitely that logging is not (yet) mandatory.
ipv6 (Score:1, Interesting)
If all google services run on ipv6 now, just use a tunnel broker. If you have a public ip address, get a tunnelbroker.net account; you can create and tear down tunnels on demand. Otherwise, use gogo6.com and its client, or even better, log in anonymously. Both ways will hide your real ipv4 ip behind the tunnel broker service, and also give you paranoid IP hopping capability.
Also, rfc4941 "privacy extensions" produce an ipv6 address with a randomized suffix, and the system can prefer this addres when making outgoing connections. It's enabled on vista and above by default. This should confuse IP tracking code that is unaware of this feature.
Re:Ideas (Score:2, Interesting)
it won't work on my main machine that has FF3.5, and i love that extension, so i still have FF3.0 on my secondary machine, and i don't upgrade that machine to 3.5, just so i can keep using Customize Google.
Re:Ideas (Score:5, Interesting)
Yes, I've thought about this problem and I've also read about TrackMeNot. Unfortunatly, TrackMeNot has some serious flaws:
1. It randomizes search terms instead of following believable search patterns. Example 'search stream': Shoes, virus protection, Hannah Montana, flamethrower "do it yourself", Hawaii, spark plugs, military surplus, speaker system, Exhaust Flame Thrower Kits... It's pretty easy to see what's real and what's fake.
2. People tend to use search engines in bursts. When I last used TrackMeNot it sent off search queries at regular intervals. The decoy queries would be easy to filter out.
3. Nobody would really be willing to let queries like "donkey sex" or "how to kill the president" get fired off by the software. For true privacy, those would be the most important terms to make the list, so that if someone really *did* search for those, he could just say that it was the software making automatic requests.
I had an idea to fix this:
1. The software would have to monitor your search engine usage and match your searching bursts and searching frequency. Those things can't be hardwired into the software or else algorithms would so some fingerprint-matching on your search queries.
The next part is a little fuzzy:
2a. For every 'search burst' you make, the software can ananomously post the search terms to a central server that other clients read and use as decoys. The problem is filtering out truly private data such as address and names.
2b. If not that, maybe the software can just go loose on the web and look up possible related search terms to search for.
Of course, I'm thinking beyond simple privacy against advertisers. More like legal protection.
Re:Ideas (Score:3, Interesting)
Re:Ideas (Score:1, Interesting)
http://www.optimizegoogle.com/ is updated and better.
Re:Ideas NOT IP -- proxy servers (Score:5, Interesting)
Re:Use multiple browsers (Score:3, Interesting)
And if google were to do something similar, they will have to charge you for googling without tracking you. And lower the price to, free, if you agree to be data-mined.
PS: on second thought charging for 'privacy guaranteed' service indeed seems nice, I wish one of the search provider comes up with such a service.
Here's what I do... (Score:5, Interesting)
1) Use different browser profiles for different web applications.
If you start firefox with these options: -no-remote -ProfileManager it will allow you to run multiple copies simultaneously, each with a separate profile (different set of cookies, different set of plugins, different skins, different bookmarks, different histories, etc).
I create a specific profile for each major web app - I have one for IMDB, one for google searches, one for google mail, one for google voice, etc. And one for generic browsing.
Each profile has a couple of add-ons:
Adblock Plus [mozilla.org] - general catch-all to block things like doubleclick and the million other trackers
CookieSafe Lite [mozilla.org] - for fine-grained control of what sites can set cookies
NoScript [mozilla.org] - for fine-grained control of what sites can use javascript and flash
Redirect Cleaner [mozilla.org] - for removing those "bounce links" that a lot of sites use to track you when you follow a URL off their site, with the cleaner you go directly to the destination URL
RefControl [mozilla.org] - for clearing out or rewriting the referrer URL - prevents sites from knowing where you came from when you clicked a URL to their site, sometimes helpful in accessing poorly 'restricted' content
Targetted Advertising Cookie Opt-Out [mozilla.org] - sets special cookies that sites may choose to obey to say "don't profile me" since these TACOs are not unique-per-user, I figure it can't hurt although it probably doesn't do anything
User Agent Switcher [mozilla.org] - Lets your browser identify itself as a different browser - this is very important
Ghostery [mozilla.org] - Informational Only - tells you what tracking sites may be tracking you on any given page (does not block them, and you get false alarms on sites where NoScript blocks javascript, but it is still good for situational awareness)
Better Privacy [mozilla.org] - Blocks new stealth "super cookies" in Flash and DOM Storage Objects. VERY IMPORTANT
Using the above plugins, I do the following in each profile:
1) Set NoScript to only allow javascript from the one website the profile is intended for - and block flash as much as possible regardless due to cross-profile flash cookies
2) Set CookieSafe that same way and then only for per-session cookies
3) Block and/or auto-delete Flash and DOM Storage cookies with Better Privacy - note flash cookies tend to be shared across all profiles because they go in a folder under "Documents & Settings" on MS Windows and ~/.macromedia/ on Linux. I am still looking at ways to force each profile to use a different directory for flash cookies - until then, block flash as much as possible and auto-delete cookies frequently
4) Set the User Agent to be different in each profile - this gives the appearance of multiple users behind a firewall which is key
5) Load a different theme or skin for each profile to make it easy to visually distinguish between windows so you don't accidentally start browsing the web from your gmail window or vice-versa
All that is a little bit of a pain to set up, an hour or two total. But once in place, I think it is a reasonable compromise for reducing the risk of having your personally identifiable information gleaned in services like Google Mail from being automatically cross-referenced with your browsing habits. I am considering taking it a step further with FoxyProxy [mozilla.org] configurations to use
Re:Ideas (Score:5, Interesting)
Careful with TrackMeNot - I used it for awhile, and Google started blocking my real searches, returning an error screen that indicated my searches may not be legitimate. They clearly know when you are using it (who sends in dozens of searches every hour of the day?), and may consider it a violation of their TOS. I don't know about you guys, but if they decided to shut down my account it would be pretty devastating - I backup a lot of information and important e-mails only on gmail.
Re:Ideas NOT IP -- proxy servers (Score:3, Interesting)
Surely they could see that you're coming from a residential connection and compensate.
Re:Wrong Problem (Score:1, Interesting)
That's why I'm surprised we haven't moved to https everywhere. Even https://google.com/ doesn't really do what you'd expect.
Re:You don't (Score:4, Interesting)
Actually, no. There really is little to no middle ground in this. The internet, by its nature, is an open platform. When you are on the internet, you are going to be leaving traces, unless you go to extreme measures not to; be those traces on google computers, or in the logs of hotgoatsex.com. Of course you probably could figure out a way to use some complex series of multi-level encrypted proxies, bouncing around the world before getting to what you want, but to be honest, that's the type behavior and time investment I would expect from either a real tin-foil-hat freak, or a bot-net owner. (Tor does not count, for technical reasons that have been mentioned numerous times already)
You say that the only Google service you use is their engine. That must mean that you block every single ad tracking cookie, all the Google APIs, Google Analytics, and the loads of useful services they offer. Services, I would like to remind you, are used in more and more sites, because they give site owners important data. All this, because of a view that you, and specifically you are interesting enough to follow. Of course I do not know anything about you, but I find it quite unlikely that you show up as anything more than a tiny blip on the radar, unless you make a habit of talking about making bombs, killing presidents, or other stupid stuff such as that.
Granted, perhaps you really do take all these steps. However, let's be frank. If the government wanted to learn something about you, they would just go to your friendly neighborhood telecom oligopoly. The ISPs, after all, have long proven themselves more than ready to give out whatever data they have, for pennies per request. They already have the ready made infrastructure to track every single byte you, or anyone, send out. Google, on the other hand, does have their little "do no evil" mantra that they try to follow as much as a huge corporation can. As such, they are much more likely to demand a full warrant before sharing what they know. After all, this knowledge is their lifeblood, it would pay to keep it as secret as they can.
Regarding the idea of the slashdot fallacy that you keep pushing around, perhaps I could bring up such novel concepts as a Metaphor [wikipedia.org], Sarcasm [wikipedia.org], and even Exaggeration [wikipedia.org]. I believe those might be pertinent to the example at hand. I'm sure you can figure out that no one REALLY thinks you need to pack your bags, and move to South America. Instead, they are trying to convey the idea that by going this far out of your way to ensure what illusion of privacy you chose to maintain (Which, considering you chose to post on a message board on the internet really is not that much), you are likely missing out on some of the features that make the internet the amazingly useful tool that it is. You could almost say that you are "living in the jungle." So, yes, you could continue practicing exposing the sarcastic musings of the slashdot population, but I would argue that if this is what you were after, your time may be better spent on a debater's forum. I'm sure you could even find a few that do not use anything google yet.
Now please, don't take this as an argument for why you should use google. If you have concerns, then it is entirely within your right to try to ensure your privacy as much as you can. Instead, I am trying to illustrate that this illusion of privacy that you maintain is most likely just that, an illusion. At most, you are ensuring that one of the myriad of third parties that potentially has access to your info has a bit less than they would otherwise. Of course, I may be wrong, and you really might be an internet ninja. In that case, congratulations, you have successfully hidden data that no one would really care about anyway. Unfortunately, in doing so you probably raised some flags somewhere, and may now be significantly higher on the "to track" list than many others.
Re:Ideas (Score:3, Interesting)
Open two different browsers, say Chrome and Firefox. Use one to log in to your email, but nothing else. In the other, never log in to Google services. It certainly doesn't solve the whole problem, but it is trivially easy and has no serious drawbacks.
Same IP address at the same time...
Forgive me if I'm misunderstanding something about the nature of networking, but isn't anyone behind a NAT gateway or proxy going to be coming from the "same IP address at the same time"? I do believe that's one of the reasons they came up with cookies in the first place, to differentiate multiple users originating from the same IP address.
So, as the grandparent suggests, if you use one web browser for Google queries and either reject all cookies in that browser or at the very least never log in to any Google service in that browser, your Google searching will be semi-anonymous even though you are simultaneously logged in to a Gmail account in another browser from the same machine.
On the other hand, unless you do automatically reject all cookies in your "anonymous" browser, the moment that you accidentally log into any Google service everything that it has been tracking for your unknown "anonymous" user during that browser session will immediately be attached to your real profile, rendering your attempt to escape tracking moot.
Truly anonymized long-term web browsing is extremely difficult due to all the different methods they have for attempting to identify you despite your best efforts. It's made worse by the amazing level of cooperation and information sharing that goes on throughout the web. Once one web site or advertising server figures out who you are, they are happy to pass that information along to help target everyone else's efforts to sell you things. Of course each link in the chain only passes on a little bit of "not personally identifiable" information, but the end result is that the online ecosystem aggregates so much information that it becomes impossible to NOT identify exactly who you are, where you've been, what you've purchased, what you've ever searched for, etc.
In short, to the original poster, good luck.
Re:Not exactly what you want, but (Score:3, Interesting)
You missed a lot of other google owned ad tracking services & blocked the sites he wants to use. There are a huge list of google ad servers. Grab the hosts file from: http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] they keep that updated & it'll block some of the other ad & spy stuff too.
Also make sure 'Web History' isn't enabled on your google accounts (my account page), or when you're logged out (top right corner of search results).
You have to give up some privacy as the cost of using their services, but it's quite easy to block some of their tracking.
Re:You don't (Score:3, Interesting)
If anyone has studied history, they'd realize that they're 1 person in the billions who have existed, and only a very, VERY small fraction of people throughout the entire history of the world have had their privacy infringed in the manner the poster is talking about. The general rule, historically speaking, is that nobody gives a crap what you're searching for and you probably think you're more important in the grand scheme of things than you really are.
Re:Ideas NOT IP -- proxy servers (Score:1, Interesting)
The way to do it, is of course with a Linux Laptop and Aircrack. Also change your MAC address.
Do it from an Internet hotspot far away enough from your domicile. Avoid any cameras. As an extra, you can also use anonymous HTTPS proxies and the Onion Router network amongst other techniques.
The government should stop snooping around and do what it is supposed to do. To protect and serve.
Re:Ideas (Score:3, Interesting)
I run my own email server for privacy and educational reasons. Spamhaus has gotten into bed with big companies and they tell everyone to ignore all email from anyone using a cable modem. You're on the public block list not because you sent spam, but because of your IP.