User Tools

Site Tools


privacy_protection

Privacy protection

Have you ever wondered why so many web sites offer various services for “free”? Consider social networks. They let you stay in touch with friends, share photos, chat, recommend stuff, etc. Even if you are not involved in a social network, you are probably using one of those cool services around there such as a web feedreader, photo albums, online documents, and so on.

Are they giving you “free” services? This depends on your definition of “free”. Using them doesn't actually cost you money directly. However, these companies do need money to operate. Their source of revenue is derived mostly by advertisers and the more information these companies have (tastes, thoughts, locations, relations, …), the more they can profit from selling it. Yes, that's right: they sell your information.

Too much paranoia? Maybe. However, let's try a test. Visit the link below (it will redirect to doubleclick.net; it will work better if you visit it with a browser/computer used only by yourself with no blockers):

http://www.google.com/ads/preferences/

It probably guessed your demographic information and/or interests. How do they know? They track your internet usage by means of an “HTTP cookie”, which is a small file that some websites leave on your computer when you visit them. While it is not a big issue per se (they can be used to, for example, save your preferences for a website), they can also be used to collect information about you, as shown above.

A cool and informative visualization of the tracking process can be seen here: http://collusion.toolness.org/

Tracking methods

So, it would seem HTTP cookies (as just seen) are the problem. No, it is (was?) the most widely used/known method. There are various other techniques:

  • Local Shared Objects
  • Zombie cookies
    • Yet another cookie type. This one's particular, though. It will be recreated even if the user has deleted it. Actually, it's not just a single cookie, like the HTTP or flash types. Other storage mechanisms will additionally be used (e.g., “HTML5 Storage”, “Silverlight Isolated Storage”, “Web cache|history”, etc. and if the user fails at removing them, they will repopulate the data storage. Read more here: Zombie_cookie.
  • Web bugs
    • A small or invisible object (like a 1×1 pixel image) is put into a web site or e-mail message which is loaded from a third party. Read the Web Bug FAQ
  • Browser fingerprinting

Even if you don't care about online privacy, you should be aware of the fact that some of the above techiques can be used to impersonate you. See, for instance, an article about Cookie theft and session hijacking.

So far we have seen some of the hidden risks to your online privacy that don't require you to do something in particular, just that you browse the internet. There are also various activities that are based on the information you explicitly give (though, of course, the methods discussed above still apply): search engines and social networks.

Search engines

Every time you submit a request to a search engine, they will log it and associate it with you. XXX expand XXX. Alternatives: http://duckduckgo.com/, …

Social networks

XXX expand XXX

delete EXIF information

Protect your privacy

So, how to protect your privacy on-line? Some useful suggestions:

  • Install an ad- or script-blocker and/or a filtering web-proxy: NoScript and BetterPrivacy (for Firefox), Privoxy.
  • Turn off HTML in your mail reader (for web bugs).

Resources

$Id: privacy_protection.html,v 1.3 2011/11/28 16:58:03 jbaber Exp $ Privacy protection - traditional link (using RCS)

privacy_protection.txt · Last modified: 2024/09/16 06:42 by hc9