Slashdot Mirror
Google to Continue Storing Search Requests
isabotage3 writes "Although he was alarmed by AOL's haphazard release of its subscribers' online search requests, Google Inc. CEO Eric Schmidt said Wednesday the privacy concerns raised by that breach won't change his company's practice of storing the inquiries made by its users."
what does google have to do with any of this? it's somehow news that google somehow is confident that they aren't a bunch of total fuckups like AOL?
my girlfriend's cat could run an ISP better than AOL
Snowden and Manning are heroes.
Everyone knows that Google is really a front for the NSA. Think about it, massive quantities of data, searches
that can be corealated and traced back to individual users, gmail storing and 'indexing' all your mail, it's
the governments wet dream.
Just wait until Windows-Live services take off , and G-Drive as well. Why not have all your data ready for inspection
by the nice people at the NSA.
'scuse me, there's a knock on the door, the folks from the black pizza van prolly wanna ask for directions.
The biggest difference is that the majority of the AOL searches were done well users were logged into AOL. Thus it will be a bit harder to trace what people search for back to themselves if they are not logged in but not impossible. Here is to hoping Google has a better lockdown policy compaired to AOL.
If the government ever does hunt for people guilty of something by searching people's searches, they are going to get a lot of false positives. There is always more people interested in, for example, bombs, than there are bombers.
"When the going gets weird, the weird turn pro" -- HST
"I know this one guy who asked me to cancel his account last week, and a couple days later his mom found out about his lesbian penguin grits fetish. Now, I'm not threatening you, or anything. I'm a reasonable guy. I'm just sayin', you might want to give that some more thought, Mr. cheating-on-wife-on-the-down-low..."
I, for one, don't mind all that much if Google saves my search inquiries, just so long as they keep the information private and (hopefully) anonymous. Google has also had a pretty damn good track record at doing just that.. Comparing them to AOL isn't even apples and oranges.. More like apples and live grenades...
"We may face a scorched and lifeless earth, but they're accountable to their shareholders first."
Have your browser reject cookies from Google. You won't be able to use Gmail or orkut or some other services, but Web search, video search, etc. will work. Unless they drill into your connection to find your MAC address, or always search from the same IP, you're reasonably okay.
"We are reasonably satisfied ... that this sort of thing would not happen at Google, although you can never say never," Schmidt said during an appearance at a major search engine conference in San Jose.
.. you could if you didnt store them.
Well
Storing every single search performed by every person in the world across a whole epoch could pretty much give you the pulse of the world.
Watching as news spreads and worries and concerns grow or when good news occurs or even just good publicity, there are millions of people all adding entries into the real hitchhikers guide.
Google will be almost certain of knowing the current number one chart hit at any location on Earth at any time simply by the concentration of searches for that artist/song, it could follow gun culture or tv plotlines or anything flowing into its servers.
In the right hands, this could become an amazing asset for the whole world. I believe the current owners of google are primed to achieve such a feat.
I however wonder what will happen when Page and Brin are gone or are sidestepped by the government.
liqbase
Anyone have any actual suggestions for what to use instead of google though? What about a server to interrogate google for results, without disclosing ur IP. (ie, it's IP will be logged, not urs - simmilar to a proxy, but more active.)?
What is...?
A search proxy will prevent establishign ip and user identity with search terms and tracking of results clicked on. Get hip to it. Alot of services exist. This is my fav http://www.blackboxsearch.com/
No, they don't have to when they redirect through someone who does keep records. I just went there and did a search and when I clicked on a link it redirected me through http://www23.overture.com/d/sr/?xargs= with a bunch of arguments and tried to set a cookie and then transparently redirected me to the original link as if nothing happened. It looks like there is a lot of information passed in the URL to overture.com. Just what is overture.com? Hmmm, take a look:
http://www.overture.com/
I think I'll stick with Google thank you.
I have it on good authority that AOL saves not only your searches[...]
You don't need good authority for that. An obviousness helmet is all you need.
The difference here is that Google makes its living on an (ever increasing) income of advertisement money, whereas AOL's business model revolves around steady income from their (albeit dwindling number of) subscribers. Google want their data kept private more than you want that particular data kept private (and this is the crucial point in all privacy discussion on Google) in order to keep their core business model intact. All the while AOL are willing to put the exact same data for sale to the highest bidder, since it isn't strictly relevant to their core business model.
My spoon is too big.
This is to be expected, and Google is right. Of course they won't stop storing all this information about us. Sure, it can be used for all kinds of evil purposes (but they don't do evil, right?), it could be misused, as in the recnt AOL example, or it could be used for all kinds of good things, such as having a search engine that knows what I want before I have time to enter my query.
Simpy
Every search engine logs your queries. This is the way it is. If they tell you they don't log the queries, they're lying. The difference is that they don't make it available. In a previous life I worked with several search companies you've heard of on various search related technologies, and they *never* released query logs. Even cleansed the data were kept close to the chest. Queries are going to be logged with the IP address of the user. Some engines will track click-throughs on the results as well. That data is invaluable to a search engine.
AOL's faux pas here was attaching personal information to the queries themselves: once that per-user identifier was attached all bets were off.
If you are interested in working with query data, and do not work for a search company, you are shit out of luck, because you can't otherwise get this data. All of the research published on queries was done by Alta Vista, Google, Yahoo, Lycos, MSN... research on spelling correction of search queries is done by the same groups: they're the only ones with access to that data, until this AOL release (or older releases from other companies.)
Having this data is a boon for researchers, but a net loss for people.
Fact: Google has a Beta Search History feature. It's an opt-in thing, but, it's quite handy. Stores all the searches you make. Really handy if you want to find something you found a year ago. I think Google knows what its doing and how to preserve, protect, and defend its users. Otherwise, I don't think they'd risk offering the service. Now, if only our elected officials could preserve, protect, and defend that little nagging thing called the United States Constitution... and stop nosing in our searches!
Perhaps the solution to this problem is not to keep the data private, but to create a database that is meaningless. During idle time (nighttime, classtime, etc) a computer could run an automated search routine that would create search queries from perhaps, names from yellowpages.com, or topics from /. This would bury legitimate search data in a mountain of meaningless data, making the database virtually useless.
Of course, it would have the same effect if for every legit search one performs via google he/she then performs three or four bogus searches. Wonder what law that would violate.
In FireFox 1.5.x
e r=13273w er=13285
Edit -> Preferences -> Privacy Tab -> Cookies -> Exceptions
Then add the Google domains you wish to block/allow. This will result in many random cookies being generated by Google for each search done (as they will think you are a new comer each time). Personally I white-list all my cookies, only allowing the sites I trust to set cookies, which are then automatically cleared when I close FireFox.
Also do not use GMail via the web interface, it is possible to use GMail via an email client residing on your computer.
http://mail.google.com/support/bin/answer.py?answ
http://gmail.google.com/support/bin/answer.py?ans
From there you can use your choice of email Encryption/Steganography as you see fit.
You can only be controlled, if you allow it.
You can only be surveyed, if you are unaware of or ignore it.
It's your choice.
Dear Mr. Schmidt,
... that this sort of thing would not happen at Google."
You say you are "alarmed" at what happened at AOL and say "it wasn't a good idea." But please explain what makes you "reasonably satisfied
Are there serious policies in place protecting individual privacy? Is it something actively on the mind of every employee who loads a big pile of search data onto their laptop for some work project? Are there standard tools for scrubbing indentifying information?
I'd like to give Google the benefit of the doubt here, but this is just too important to me.
They cleared that out. They said they'll keep them until they fall off the backup roll. What do you expect, that they nuke them from orbit the second you delete them ?
Slashdot anagrams to "Sad Sloth"
Why bother when the FireFox extension CustomiseGoogle contains an anonymise cookie option, this will ensure that google works as you expect, but ensures that the cookie they use to corellate your searches with your gmail with your google maps searches (your house for one) with your price shopping with your groups searches with your images searches is changed every now and again. No loss of functionality, complete maintenance of privacy.
Orationem pulchram non habens, scribo ista linea in lingua Latina
Although he was alarmed by Slashdot's haphazard release of its users' online replies, CEO CmdrTaco said Wednesday the privacy concerns raised by that breach won't change his website's practice of storing posts made by it's users.
... that this sort of thing would not happen at Slashdot, although you can never say never," CmdrTaco said during an appearance at a major website conference in Walla Walla, WA.
"We are reasonably satisfied
The security breakdown, disclosed earlier this week, publicly exposed about 19 million replies made by over 1 million Slashdot posters during the three months ended in May. OSTG's Slashdot intended to release the data exclusively to spammers and government spooks, but the information somehow surfaced on the Internet and was widely ignored.
The lapse provided a glaring example of how the information that people post on the website can provide a window into their embarrassing, or even potentially incriminating _ wishes and desires. The replies leaked by Slashdot included condemnations of the current government as well an infatuation with Natalie Portman and hot grits.
Go not unto/. for advice, for you will be told both yea and nay (but have nothing to do with the question)
While no doubt many people are clambering to speak to the evils of storing search queries, it's a very useful process, and blindingly obvious that Google would keep doing it. And we're not just talking about advertising. Advertising is just a section sliced out of a very complex structure approximating the character of a user. Google has shown a consistent goal of trying to categorize and understand all the information on the web. Why would they pass on an opportunity to build a persistent model of a user? With a nice AI, you could dramatically increase the relevance of a user's queries by looking at their past records and keeping a profile.
While I am well-aware of the potential dangers of trading anonymity and privacy for a little convenience, it may well be worth it in the long run. Those concerned about governmental influence aren't seeing the big picture. If the government is determined, they'll just look at a higher level. Ask the ISP to parse the input to Google (unless you're connecting to Google over an encrypted channel? I wasn't aware any such thing existed, outside of proxying). Or simply get Google to pass along the IPs of anyone making a hot-list query, no storage required.
If your theory is different from practice, then your theory is wrong.
On a somewhat related note: i'm interested in the way Google set up their registration for Gmail. You have to be "invited" by someone else. This means that if they saved all the links between people, which i'm sure they did, they could see the network of people all around the world. They could see how many steps any person is separated from another.
Like someone said a few posts aboove, all the saved searches do amount to a very interesting sample of peoples minds. In the same way, Gmail registration data will be an interesting sample of human networking.
Waiting for you by the bridge
"Google want their data kept private more than you want that particular data kept private (and this is the crucial point in all privacy discussion on Google) in order to keep their core business model intact."
But what happens when Google isn't at $370+ / share anymore, and they're not the internet hotness they are now? I wonder what happens when companies like that begin to fade away. Will they leverage their only remaining asset to float a sinking boat? If so... -poof- trillions of search and email records end up in shadier hands. Scary thought.
They won't say how they respond, or how many such requests and subpoenas they receive. And that's enough for me to assume the worst. Eventually, if they're complying, citations will start to leak into court records--but since those are behind sites not generally indexed by search engines, it'll take an involved lawyer or a layman who happens to read the docs on the case throwing a flag.
I too have felt the cold finger of injustice.
What information could Google release/lose/etc if the data was not protected? According to their privacy policy Google records the following information in their server logs:
i ght=c4171#c4171
Here is an example of a typical log entry where the search is for "cars", followed by a breakdown of its parts:
* 123.45.67.89 - 25/Mar/2003 10:15:32 - http://www.google.com/search?q=cars - Firefox 1.0.7; Windows NT 5.1 - 740674ce2123e969
* 123.45.67.89 is the Internet Protocol address assigned to the user by the user's ISP; depending on the user's service, a different address may be assigned to the user by their service provider each time they connect to the Internet;
* 25/Mar/2003 10:15:32 is the date and time of the query;
* http://www.google.com/search?q=cars is the requested URL, including the search query;
Firefox 1.0.7; Windows NT 5.1 is the browser and operating system being used; and
* 740674ce2123a969 is the unique cookie ID assigned to this particular computer the first time it visited Google. (Cookies can be deleted by users. If the user has deleted the cookie from the computer since the last time s/he visited Google, then it will be the unique cookie ID assigned to the user the next time s/he visits Google from that particular computer).
See http://www.omninerd.com/2006/01/25/news/489?highl