Table of Contents
Privacy protection
Have you ever wondered why so many web sites offer various services for “free”? Consider social networks. They let you stay in touch with friends, share photos, chat, recommend stuff, etc. Even if you are not involved in a social network, you are probably using one of those cool services around there such as a web feedreader, photo albums, online documents, and so on.
Are they giving you “free” services? This depends on your definition of “free”. Using them doesn't actually cost you money directly. However, these companies do need money to operate. Their source of revenue is derived mostly by advertisers and the more information these companies have (tastes, thoughts, locations, relations, …), the more they can profit from selling it. Yes, that's right: they sell your information.
Too much paranoia? Maybe. However, let's try a test. Visit the link below (it will redirect to doubleclick.net; it will work better if you visit it with a browser/computer used only by yourself with no blockers):
http://www.google.com/ads/preferences/
It probably guessed your demographic information and/or interests. How do they know? They track your internet usage by means of an “HTTP cookie”, which is a small file that some websites leave on your computer when you visit them. While it is not a big issue per se (they can be used to, for example, save your preferences for a website), they can also be used to collect information about you, as shown above.
A cool and informative visualization of the tracking process can be seen here: http://collusion.toolness.org/
Tracking methods
So, it would seem HTTP cookies (as just seen) are the problem. No, it is (was?) the most widely used/known method. There are various other techniques:
- Local Shared Objects
- Like standard cookies, but done with Adobe Flash. Check the Website Privacy Settings panel.
- Zombie cookies
- Yet another cookie type. This one's particular, though. It will be recreated even if the user has deleted it. Actually, it's not just a single cookie, like the HTTP or flash types. Other storage mechanisms will additionally be used (e.g., “HTML5 Storage”, “Silverlight Isolated Storage”, “Web cache|history”, etc. and if the user fails at removing them, they will repopulate the data storage. Read more here: Zombie_cookie.
- Web bugs
- A small or invisible object (like a 1×1 pixel image) is put into a web site or e-mail message which is loaded from a third party. Read the Web Bug FAQ
- Browser fingerprinting
- Your browser can send information that makes could make your system uniquely identifiable. See http://panopticlick.eff.org/XXX More?? XXX
- XXX
Even if you don't care about online privacy, you should be aware of the fact that some of the above techiques can be used to impersonate you. See, for instance, an article about Cookie theft and session hijacking.
So far we have seen some of the hidden risks to your online privacy that don't require you to do something in particular, just that you browse the internet. There are also various activities that are based on the information you explicitly give (though, of course, the methods discussed above still apply): search engines and social networks.
Search engines
Every time you submit a request to a search engine, they will log it and associate it with you. XXX expand XXX. Alternatives: http://duckduckgo.com/, …
Social networks
XXX expand XXX
delete EXIF information
Protect your privacy
So, how to protect your privacy on-line? Some useful suggestions:
- Install an ad- or script-blocker and/or a filtering web-proxy: NoScript and BetterPrivacy (for Firefox), Privoxy.
- Turn off HTML in your mail reader (for web bugs).
Resources
$Id: privacy_protection.html,v 1.3 2011/11/28 16:58:03 jbaber Exp $ Privacy protection - traditional link (using RCS)