Slashdot Mirror
Defeating Google's Perpetual Search Logging
heretic108 writes "Google's policy of storing everyone's search histories forever is causing concern amongst many, especially since Google stores a cookie on everyone's PC expiring in 2038. But at least one user is fighting back. His short and simple guide tells you how to set up any decent web browser so that it routes Google requests through an anonymous proxy, while sending everything else direct to the net for full-speed surfing. Follow these steps and get Google's nose out of your business once and for all."
but still accepts cookies from Google, even if it just for the session.
Besides, not one word about JavaScript......
Use MSN Search instead! Ha!
52 52'23" W 47 32'07" N
If you are going to the trouble of setting up a proxy, why not use it for all of your web traffic? I mean, there are websites out there that collect just as much information as Google does, why do you want them collecting information about you?
Information wants a fueled airplane waiting at the hangar and no one gets hurt.
Protect Your Privacy from Google
Abstract
A simple HOWTO for stopping Google from logging your search history.
The Problem
While Google.com is a brilliant search site, and while its proprieters claim to abide by their 'do no evil' motto, there is one practice that threatens to expose you to much evil down the track.
Google places a cookie on every user's computer, timed to expire in 2038. With this cookie, they can track you and log your entire search history. In fact, Google has recently indicated that they won't be deleting people's search histories.
While this cookie may not directly identify you by name, an analysis of your search history over time can definitely help an attacker (or abusive government authority) to identify you personally.
Many people fight back by setting up an anonymous proxy for all their web surfing, but this can slow down their accesses terribly. Such slowness sooner or later drives most people to revert to direct non-anonymous internet access.
A Solution
In summary, the solution is to clear all long-lasting cookies, set your browser to not keep cookies between restarts, and divert all google requests out through an anonymous proxy.
This will protect your privacy as far as google is concerned, but allow you to enjoy full-speed browsing with other sites.
Follow these simple steps:
Get access to an anonymous web proxy. A common favourite is the Tor network
Be using Mozilla Firefox.
Install the FoxyProxy extension for Firefox
Within FoxyProxy configuration, add an entry for your anonymous proxy. Within this proxy, add 2 whitelist wildcard rules, with the patterns:
http://.google.com/*
http://google.com/
Clear out all your browser cookies
Set Firefox so that it only keeps cookies till you close Firefox (Edit/Preferences/Privacy/Cookies)
If there are any other sites that may be unduly logging your activity, and don't have a refular log deletion policy, add some entries for these sites into your anonymous proxy matchlist in FoxyProxy.
With these measures in place, all your regular web requests will go out directly to the internet, while all requests for *.google.com will go via the Tor anonymity network. Also, since your cookies are getting deleted every time you close/restart Firefox, then Google will no longer be able to build a history of your web surfing.
I appreciate that for some amongst us, this is like closing the barn door after the horse has bolted. But at least we can arrest the extent of the privacy violation which Google is perpetrating.
Conclusion
The searches you send out to Google are your business. You have the right to prevent Google from accumulating a perpetual history of your web searching. Use that right.
Is this a plug for Tor, FireFox, or FoxyProxy?
I'm sort of confused how this is news?
Support NYCountryLawyer RIAA vs People
The site seems to be slow. Anyone got a link to the google cache?
This guy's the limit!
So what you're saying is that if I allow Google to store a cookie on my computer to track the history of all searches I make, they'll... track the history of all searches I make?
Heavens to betsy! This is big! How is it no one ever noticed this "cookie" thing before this Slashdot article?
I wonder if any other websites are doing this as well.
The article doesn't contain instructions on how to set up any browser - it contains instructions on how to set up a proxy for Google in Firefox. Firefox isn't "any decent browser" - it's a very specific browser. [generic rant about the summary here]
If you log into gmail then won't your search be linked anyway? (since mail.google.com would be proxied)
In the end, the simplest is to stop using google if you feel your privacy is compromised and try to find a company with a better policy.
I tend to trust google enough to keep my search history, so what that they know you search for killing your wife or drowning barbie dolls, let them assess all they want, because you cannot be found guilty of thinking about a crime.
liqbase
Use Customize Google:
Customize Google For Internet Explorer
Customize Google For FireFox
Both will anonymize your google cookie, click tracking and much more.
Both are free open source projects.
Omgili - Find out what people are saying.
I wrote a while back about concern's with Google's Desktop search, as it relates to HIPAA regulations, but never thought much about my own right to privacy when using Google's searches. I guess there could be a future version of a Joe McCarthy witch hunt, where the government could supoena Google and force them to release search data.
I bookmarked his site and will implement the methods at my workplace, since Google's responce was less than satisfactory, IMHO. It was along the line of "no patient information would EVER leave our servers!"
Yeah...right
"Let us raise a standard to which the wise and honest can repair" - George Washington
Clusty has an excellent privacy policy. I'm going to try using them for a while and see if the results are comparable in quality to google's.
And before anyone says that you don't need to worry if you aren't doing anything illegal, try reading up on the history of the FBI. They had a massive file on Einstein, who, e.g., belonged to "communist front" organizations like the the American Crusade to End Lynching. Check out the Wikipedia article on COINTELPRO, especially the part about the murder of civil rights activist Viola Liuzzo (by a carload of Klansman with an FBI agent riding along), and the FBI's subsequent smear campaign against Liuzzo.
Find free books.
No it doesn't. It tells you how to set it up with Firefox and only Firefox via the FoxyProxy extension. That's a far cry from what you're claiming; no instructions for Safari or Opera.
Or if you're using FireFox you could just put google.com in the list of Exceptions for Cookies...or just delete the Cookies google sets or... ...what's the point of this?
Place the above in a text file, and set it as the automatic proxy config file for your web browser (for Firefox users, Preferences>General>Connection Settings).
The matching string *http://*.google.*" should be used instead of http://.google.com/* as a foreign proxy will cause Google to redirect you to its respected cctld.
Chocolate chip please :)
i dont care if google stores my search entries on a text file in some harddisk BFD!
google also manages my gmail, and google knows my name :)
hi google :)
Politics is Treachery, Religion is Brainwashing
...then even easier is to simply block cookies from google.com specifically (or if you do want to allow those because of gmail, route all your searches to a country specific google like google.com.au and block cookies from that domain).
I guess there could be a future version of a Joe McCarthy witch hunt, where the government could supoena Google and force them to release search data.
The government tried that already. Google stared them down and won.
Google are able to also track, log and profile a lot of your browsing activities as they can track at sites which that displays google Adsense ads. By linking your cookie to the contents of the page, they can profile you.
Google is the ultimate Big brother tool isn't it?
I found Outpost firewall to have a function to be able to block browsing for specific URLs. Add a block googlesyndication.com and google adverts will not be displayed on any pages you visit. Google will not be able to know what you are browsing.
Gmail protection...
I also run a autoresponder only sent to gmail users as suggested on URL: http://www.epic.org/privacy/gmail/faq.html
Dear Friend
I have received your e-mail, but due to privacy concerns, I don't want to send my response to your Gmail account. Please give me another e-mail address where I can reach you. If you don't have another e-mail address, consider the following free e-mail accounts with generous storage which do not pose the same privacy risks:
* Rediffmail (1GB + no content extraction)
* Walla (1GB + no content extraction)
* Spymac (1GB + no content extraction)
* Aventure-mail (2GB + no content extraction)
For more information on the privacy risks posed by Gmail, see http://www.epic.org/privacy/gmail/faq.html.
Sincerely,
Concerned Citizen
I don't really know how to work it into the procedure that this article uses, but with PithHelmet (for Apple Safari on OS X) you can set up rules for various URLs/domains that includes blocking cookies, resetting them after quit, etc. The best part is that you can base the rules on regexps, and you can set different rules for domains and subdomains. So you could allow a persistent cookie from mail.google.com/mail (or whatever) and have all the other Google cookies reset on quit.
... ultimately it comes down to how paranoid you want to be. If you want to have privacy, you have to give up a certain level of convenience.
It's possible Google could still track your searching using the GMail cookie, I suppose
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
You don't thing google can't follow your personal query
signature across any number of proxies? Google has you
in thier database. They got your number. Don't fight it,
they even know what's best for you.
To be fair to G, it's your nose that is in their business ;)
You can easily avoid Google's privacy invasion by searching through the Ixquick.com metasearcher. Google is among the search engine s that are being queried.
I have my cookies set to expire on exit, except a few I've added to the permanent ones like slashdot. What does google have then? A bunch of random searches from an IP that may or may not be static, that might be a NAT network (for all the know) and if I connect in a new way they'd have lost me completely. Unless you're searching for things that'd redflag you with the NSA immidiately, what harm is there that your IP is showing? This sooo reminds me of the "WARNING: Your computer is broadcasting an IP address" fake security popups.
Live today, because you never know what tomorrow brings
... and use proxies. I've been manually editing cookies for a decade, fuck you doubleclick!
This is genuinely useful.
This uses tor as the proxy, which bounces your (encrypted) traffic through a bunch of other computers, before getting to the site you want, making it practically impossible to track where the original request came from. It adds a ton of latency to the transaction, so while it is okay for lean pages like google, it is slower than 33.6 modem for pages with a bunch of linked content (images, iframes).
It is good that you have a such a view. However google don't give an option to those who don't wish to be profiled. We have not given consent for our emails sent to Gmail for them to be analyzed and profiled. I think in the future some advanced countries will start to legislate as to what these companies can and can't record and what they can do with the information.
So, instead of sending your search results to Google to be recorded, you're sending them to both Google and some unknown third-party?
Explain to me how giving some stranger all your search results will protect your privacy, Slashdot.
"We want to protect our intellectual property."
Isn't that what SCO's been saying for the last few years? Whatever amazon plans to do with this (I promise you they DO have plans), probably won't be good for anybody. Best case scenerio, they'll charge up the ass for someone that wants to do something useful with the data. More likely, it'll be used for really intrusive and annoying "services", or possibly another horrendous secret government-corporation collaboration to "protect" us from "terrorists". Worst, case... nevermind, I don't want to think about it.
Partial Credit: The Engineer's Best friend
"Well, the bridge didn't fall all the way down!"
I've been happily using Privoxy + Tor + i2p together for quite some time now to browse the web, Google and other sites of interest.
I also have 2 transparent Squid proxies in front of my LAN here (on my side) running with squid-prefetch, and they too use the same privoxy and tor and i2p setups for prefetching. This way, duplicate requests from anyone inside my network don't HAVE TO go to the live site, if it already exists in the Squid cache. Since its transparent (done at the router with iptables), the users don't have to configure anything at all on their end.
And I much prefer SwitchProxy over FoxyProxy any day.
I think the most profitable thing for the comming years will violating privacy, and selling the data or the information derived from the data. When you are violated you can't see it or are not aware of it, you con't see any of your assets go. As we can see many people will gladly hand over to all these giant "Santa-in-devil-clothes" companies that give us so many gifts for free. Whilst those that care about about their privacy have to have a PHD in computer science to be able to protect themselves and be very aware. There is a line in between these two groups of people and people should have a very clear option to chose and easily be which ever side of the line they want to be on. Right now to protect yourself against google is not something that most people can do.
How many times have you searched for your own name, just to see if anyone famous/rich has the same name.. or to see what kind of info about you is available.. now your name is in there with your search history!!
and like the time I searched for my phone number, and social security number, and license plate number, and my street address... all that info is saved in there with my search history too!!
Yes, it would be easier to proxy everything, but it reduces your speed to the 56k neighborhood. Most of us aren't paranoid enough to want to take that hit. It's much more effective to proxy only the sites you don't trust.
Maybe someone should set up a web site where people can submit and borrow random cookies. That would cause higgledy-piggledy.
and I did not speak out
because I was not a Jew.
Then they came for the Communists
and I did not speak out
because I was not a Communist.
Then they came for the trade unionists
and I did not speak out
because I was not a trade unionist.
Then they came for me
and there was no one left
to speak out for me.
- Pastor Martin Niemöller
The lesson? Speak out NOW, while someone else is being persecuted in violation of your Constitutional liberties. Eventually they always get around to coming after YOU.
In Germany, your neighbor typically turned you in because they didn't like you. Not because you were a Jew, a gay, or a commie.
Right now, today, someone you don't like - perhaps someone you don't even realize - can accuse you of being a terrorist - and at the very least there'll be a file on you. Good luck with flying after that... if you're lucky.
God, I hate apathetic people.....
--- Grow a pair, liberals... stop letting the Republicans bully you!
Yeah, keep on dreaming that anyone really cares what you are searching for...What, are you going to run for president someday? Just say you searched, but you didn't inhale, er, read...
Strange things are afoot at the Circle-K.
Honestly, I'm not too worried about this. They store information - so what? That's their business. Trafficking information. It's what they do. Considering how honest and forthright Google has always been, and how vehemently it fought against the US Government about turning records over, I'm really not too worried about how Google is handling my saved searches. Really, who is the more wrong, Google for logging searches or the guy sweating that fact as he downloads kiddie porn?
Putting the 33k in G33k.
If you do not use gmail, just block all cookies from the google domain completely. Then you keep getting new userids with every search and the only way they can track is through IP address.
Enjoy
Can't you just set the exception for cookies in firefox to not allow anything from the domain google.com and gmail.com to not allow cookies ever?
But I got nothing to hide from Google or the authorities.
\
Guess what? A proxy server passes on an HTTP connections request headers, including the cookies. All that it Masq's is the IP address. This way you can use a proxy server with websites that require session tracking. This issue isn't about google keeping track of your IP address, it's them tying all your queries to one identifier, using longterm cookies. To protect yourself from this, configure your browser so that it clears your cookies each time you reload it.
There is a real easy solution (for those who have a problem with Google's practices)
1) Use a different search engine: Google (and most businesses) I'm sure will not care what you say until a critical mass
of users using other search engines (or any other product) lose customers. Of course, since they have not changed their
business model or practices since their inception, I don't think that is really going to happen anytime soon.
2) Execute a technological workaround: However that has the drawback of if (and I say if) Google decides to become nasty,
they just ban you from their system, which they could legally do, since you are violating their company policy (which again forces
you to use another search engine, but this time not by choice).
3) Complain: Perhaps they may listen, perhaps they may not, but as a soverign business unless it affects their revenue stream
(which I don't think will happen, as they happen to be one of the best at execution of both their software and business practices)
I don't personally see their revenue slowing down anytime soon.
Last thing about this subject, it is true there is no such thing as a totally secure system, but Google does a pretty good job at what they
do, why hassle them when nothing has happened (not that it won't), but for now let Google run its ship, and just be happy with the service they
provide.
As one reader said earlier... you could use MSN Search.
Regards,
MBC1977,
(US Marine, College Student, and Good Guy!)
Regards,
MBC1977,
There is a much simpler way to do this: Use AltaVista.
With Opera 9 it's fairly simple to stop Google tracking you via cookies:
Displayed are the cookies Google currently has set for you at this domain. You have a number of choices at this point depending on your paranoia level, the most useful ones being:
Caveats
OK, so you're still browsing with your IP visible, but that's never been a 100% reliable way to track a person anyway, even with a static or long-lived IP. You'll need Google cookies to use Google services that require a Google Account so you probably can't realistically stop being tracked if you wish to continue using those services. Previous versions of Opera can do most of the above too but the procedure is different. Tin foil can chafe.
Bold statements demand sources, even from Anonymous Coward.
It's kinda fast, and it supports parts of CSS very well (although other browsers cover other parts better) and I have no idea about the security. So citations instead of stupid fanboyism, and we just may believe you instead of turning away from your favorite browser in disgust over its stupid users.
How about instead releasing a program that thoroughly pollutes the user's search history regularly with so many randomly generated search phrases that it becomes impossible to link anything back to your particular searches?
If you have a computer that can't run the OS of your choice in vmware you can stop reading now.
...
For others
1. Get a "mini" install of your OS of choice in vmware - DSL is damn small. Now that vmware server is free, there if no reason not to snag it.
2. Tar/zip/whatever the contents of the installed directory to a file somewhere. My "mini XP" is less than 400M compressed.
3. Use this install for all activities you feel threaten your privacy/sanity/etc.
4. Once done with said activity, delete the directory and un-whatever_you_used the original.
5. Rinse. Repeat.
I, have learned, through trial and error, that some windows programs just don't behave well if installed on the same computer, or, worse, introduce instability in th OS itself. So, I have several "specialised" vmware images. This way I can be ready to go in a few minutes regardless of the host environment I have to use.(Sometimes you really can't replace a windows install with a Linux one, or the other way around. With my approach all I have to do is plug in my external USB/firewire drive install whatever version of VMWARE is appropriate, and I am using the same environment as I am aways using.)
Yes, there most likely are other ways of doing this, but, it's the way _I_ do it, and works for _me_ every time. Also, I know all about snapshots, I just prefer things this way.
"Consistency is contrary to nature, contrary to life. The only completely consistent people are the dead." A. Huxley
One useful feature of Mozilla is "profiles" You can create alternate user profiles, with their own set of passwords, cookies, history, and proxy. So set up one profile to use your anonymizing proxy and give it a distinctive theme, so that you can be clear about when you are doing anonymous surfing and when you are doing direct surfing.
Then keep one window available with the anonymous browser and use it when you want to be private. Keep others around when you want the speed of direct connection.
Has it been over a year since you last donated to the Electronic Frontier Foundation
Since folks are only just discovering this on Slashdot (which really amazes me), let me take this opportunity to log onto Slashdot (just this time) and give you folks a heads up that you shouldn't relegate your paranoia only to search engines. Many MAJOR news organizations today set cookies that track your visitations and determine which specific stories you read. And they share this information ACROSS NETWORKS to other web service providers. Why? So they can target you with specific advertising that meets your particular interests. It's called "behavioral targeting" and it's quite the rage. I should know. I worked for one of these companies. And believe me, when we worked there, we all learned to ALWAYS DELETE OUR COOKIES at the end of a session. I've had the opportunity to personally peruse the logfiles these companies use. At the moment, I can tell you that figuring out your personal identity at this moment is a major pain in the ass. But given enough "motivation", someone could figure out who you are if you leave your cookies set for sufficiently long periods of time. Do yourself a favor and delete your cookies every single time you start your browser.
That's an abomination.
Of course, they get to correlate your searches and purchasing habits, but they do pay you for it.
Fiat Lux.
> However google don't give an option to those who don't wish to be profiled.
You don't have to use their services.
> We have not given consent for our emails sent to Gmail for them to be
> analyzed and profiled.
You sent the messages there.
> I think in the future some advanced countries will start to legislate as to
> what these companies can and can't record and what they can do with the
> information.
If any significant fraction of the population actually cared about this sort of stuff they would avoid the companies that do it and it would stop.
But you are right. Stupid laws will be enacted.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
gMail is about the only (non-ISP) web mail service that also
;-)
provides access via eMail clients, eg, Eudora, OE, etc.
So, using a "real" eMail client, no cookies aer required.
QED
You know, I bristle a bit whenever someone uses 'free' in this context. If its use is subsidized by the mandatory exchange of anything (if not money, then my search information, my viewing of ads, etc.), then it isn't free. By saying that Google is free, it indicates that what we are providing in this exchange is without value. Google is a multi-billion dollar corporation - this isn't because they are altruistic and give us something for nothing.
" His short and simple guide tells you how to set up any decent web browser so that it routes Google requests through an anonymous proxy, while sending everything else direct to the net for full-speed surfing. Follow these steps and get Google's nose out of your business once and for all.""
Uh, huh. Here's something for all you "freedom loving" geeks to ponder. Why doesn't the parent company of slashdot set up an anonymous proxy for the use of it's members?
Slashdotted. Site 503's on connect: This is Privoxy 3.0.3 on v*o.org (*), port *, enabled Your request for http://www.freenet.org.nz/misc/google-privacy.html could not be fulfilled, because the connection to www.freenet.org.nz (60.234.243.247) could not be established.
Besides, why use a annon proxy? Who knows, it could be a honey pot or someone just running a packet sniffer. Bad idea to use anon proxies. Rather, order a unix shell from a hosting co (mines on a friends 100mbit server), and run a proxy from there. Its fast, and your privacy is protected :)
What the article fails to point out is that you do not need to accept any of Google's cookies, not even for the session. Even with GMail you can access your account via POP3. So...
c =1555e r=13273
In FireFox 1.5.x
Edit -> Preferences -> Privacy Tab -> Cookies -> Exceptions
Then add the Google domains you wish to block/allow. This will result in many random cookies being generated by Google for each search done (as they will think you are a new comer each time). Personally I white-list all my cookies, only allowing the sites I trust to set cookies, which are then automatically cleared when I close FireFox.
Also do not use GMail via the web interface, it is possible to use GMail via an email client residing on your computer.
http://gmail.google.com/support/bin/topic.py?topi
http://mail.google.com/support/bin/answer.py?answ
From there you can use your choice of email Encryption/Steganography as you see fit.
Other interesting Firefox extensions for privacy include:
RefControl: http://www.stardrifter.org/refcontrol/
AdBlock: http://addons.mozilla.org/firefox/10/
User Agent Switcher: https://addons.mozilla.org/firefox/59/
--postmodern
what I've always done is take the following javascript expression and save it as a bookmark: javascript:dRE=/(\.google\.(com?(\...)|..|com))$/; if(!dRE.test(location.host))alert('Sorry, you need to click while viewing a Google page');else{anon='0000000000000000';nowanon='00000 00000000000';C=document.cookie.split('; ');for(i=0;c=C[i];++i)if(/^PREF=/.test(c)){r=c.ind exOf(nowanon)==-1?nowanon:anon;document.cookie=c.r eplace(/ID=\w+:/,'ID='+r+':')+'; domain='+dRE.exec(location.host)[1]+'; path=/;expires=Mon, 01 Jan 2038 00:00:00 GMT';location.reload();}}
Then, whenever I use Google, I click on the javascript bookmark before using the search engine. It's really helped me clear my tracks from the Google server.
This space for rent!
gMail is about the only (non-ISP) web mail service that also provides access via eMail clients, eg, Eudora, OE, etc.
I don't know about others, though I think with Hotmail you can use one, Yahoo! allows you to use an email client.
FalconShould there be a Law?
'Deleting the cookie' does nothing to remove your stored search history crosslinked to your IP address
Having a dynamic IP does not help if you use your computer regularly to check email, log in to slashdot, or visit your unique collection of news sites: anything that can link your particular IP-of-the-day to your identity.
Obama likes poor people so much, he wants to make more of them.
In addition to anonymizing your IP, deleting cookies, etc., you can..
Run a program/plugin that queries google at specified intervals using a word/phrase generating function.
Ideally, the program needs to look as much like you as possible, so it should have the same browser type as you usually use, it should try to run queries at the usual times you do, and at the rate you do (we are not interested overloading search engines, just obfuscating our query history). The word generating function should generate phrases that are as person-realistic as feasable, so having it use the current news, search engine zeitgiest pages, message boards, etc. as a source would be a good starting point.
The idea is to crap up your search history, so your profile becomes worthless for profiling the real you. Someone poring over your history by hand might be able to tell some of the fake queries, but probably not all of them, and it would end up making search history much less valuable.
If the engines respond by trying to force you not to obfuscate your query history somehow, then they will be demonstrating more openly how they view your privacy concerns. Anyway, this technical approach is not really a permanent solution, but rather something to be done in addition to political and legislative approaches.
Doesn't it seem much easier just to use one of the other half dozen search engines? AllTheWeb and other sites are perfectly valid choices for Google haters.
Not if you're concerned about being tracked, I'd bet most if not all search engines track people. They have to as most of them survive on advertizing and advertizers want to be able to track users or at least get an idea of who is clicking their ads.
FalconShould there be a Law?
Or you could just block cookies from Google.com. How hard is that? They can't track you if you block cookies and also have a dynamic IP. I suppose there are only a limited number of IP addresses that you could have with most ISP's, but it will be divided enough to make tracking impossible unless Google teamed up with your ISP, which is doubtful.
That's just a foolish comment.
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
The fact is they will still get the information for each session, so all the searches you make in a row will still be tied together. So whether you use a proxy or not, they will still be able to link successive searches together. Now in any browser(i assume) just add google to your restricted internet sites and set it to restrict cookies from restricted sites. You can do this for all your search engines if they use cookies. My guess is for their data to make sense they have to ignore the ip addresses, because of dynamic ips. Block the cookie and your done.
Try a search engine that does not log your searches. Although that might be hard to find, if you are uncomfortable with google's methods, you don't have to do any proxy magic, you can just try another site, that's the reason competition is good for the user, isn't it?
Copyright infringement is "piracy" in the same way DRM is "consumer rape"
Hellloooo hasn't anyone heard of scroogle.org?
I'm posting this in reply to an unrelated comment, because it seems important enough to have visible near the top. I don't know why this hasn't been mentioned by other comments.
IMPORTANT
The settings in the article are wrong, and if you use them you are likely under the mistaken impression you're going through TOR when you're not.
The correct wildcard setting should be something like "*google.*/*" (this is conservative, meaning it'll catch some things that aren't from google.com, but at least the google addresses will all be TORed).
If you use the settings in the article, then not only will your browser directly access www.google.com, but if you happen to go through an international TOR outlet (like in Germany), which is quite likely, you'll be redirected by Google to "google.de" which your browser will access directly.
To summarize, do not use the settings in that article. You are not necessarily passing through TOR if you do.
to complacent, apathetic curs like you who'd just as soon bend over and take it up the keister.
may your chains set lightly!
It is not, it is a chance for us better educated people to make choices we are happy with.
For all you Google Crack addicts, here are some of the privacy risks that Gmail brings us with their BIG mail boxes.
http://www.epic.org/privacy/gmail/faq.html#1
What privacy risks are presented by Gmail?
a. Non-Subscribers Do Not Consent to "Content Extraction." Subscribers consent to "content extraction" and analysis of their e-mail ("We serve highly relevant ads and other information as part of the service using our unique content-targeting technology," according to the privacy policy). But non-subscribers who are e-mailing a Gmail user have not consented, and indeed may not even be aware that their communications are being analyzed or that a profile may being compiled on him or her. (See 2.3 "Will Google Build Profiles of Subscribers and/or Non-subscribers?")
b. Unlimited Data Retention. While the prospect of never having to delete or file an e-mail is an attractive feature for space-hungry users, the implications of indefinite storage of e-mail communications presents several serious implications. Although Google has is held in high esteem by the public as a good corporate citizen, past performance is no guarantee of future behavior -- especially following Google's IPO when the company will have a legal duty to maximize shareholder wealth. Although Google currently says that they will not record the "concepts" extracted from scanned e-mails, they could decide to do so in the future and thereby create detailed profiles of users. Building such profiles on years of past communication in addition to current communications is made easier if users never delete e-mails. Additionally, communications stored for more than 180 days are exposed to lower protections from law enforcement access; with Gmail, many such e-mails could be made easily available to police.
c. Profiling Across Google Product Line. Google uses cookies to track users (and preserve preference across sessions) on the Google search engine. Gmail also uses cookies. Google's personal information-rich social networking service, Orkut, does as well. Although Google said that it does not cross-reference the cookies, nothing is stopping them from doing so at any time ("It might be really useful for us to know that information. I'd hate to rule anything like that out," said Google co-founder Larry Page). Google retains a powerful ability to create incredibly detailed profiles on users, whether or not they do so today: e-mail addresses and "concept" information about a persons's friends, family and co-workers; the daily search terms typed into Google; and myriad personal information provided to Orkut. The Gmail privacy policy explicitly allows such uses: "Google may share cookie information among its other services for the purpose of providing you a better experience." (See also 2.3 "Will Google Build Profiles of Subscribers and/or Non-subscribers?") Additionally, Google has extremely long cookie expiration dates that preserve the cookie until the year 2038 (see 1.5 What other things has Google been doing that might affect my privacy?)
d. Bad Legal Precedent. In the United States, violations of privacy with respect to the Fourth Amendment are based partly on whether the person had a legitimate expectation of privacy. If a major online e-mail provider such as Google is allowed to monitor private communications -- even in an automated way -- the expectations of e-mail privacy may be eroded. That is, courts may consider the service as evidence of a lack of a reasonable expectation in e-mail. Businesses and government organizations may thus find it easier to legally monitor e-mail communications. These effects are long-term and will undoubtedly outlive Google.
e. Insufficient Privacy Policy. Google can transfer all of the information, including any profiles created, if and when it is
You also (or rather: especially) want to block www.google-analytics.com or more specific the script http://www.google-analytics.com/urchin.js that is used to track you by more and more sites these days.
/. uses it too. Just have a look the end of the source.
And yes,
There are alternatives out there to most of what they offer. Personally I am a Google fan, but I have tried most search engines at one time or another.
I like and mostly use Google myself. Occasionally Google won't return what I'm looking for and when this happens I'll try DMOZ, Teoma, or Mooter. Usually when Google doesn't give me what I'm looking for DMOZ doesn't either however both Teoma and Mooter do. Other tymes when searching I'll immediately start with About. Actually it was Google that led me to use About. I sometimes search for something dealing with photography or archeology and Google led me to About for both of them, it returned results for both from About. About has pretty good sections for both so I'll use it with these searchs.
FalconShould there be a Law?
Don't search using Google.
Problem solved. And no mucking around with cookies required.
How are sites slashdotted when nobody reads TFAs?
About, but not the only. I have a free punkass.com POP3 email account, but there are several other providers that still provide free POP3 & Web Based email,as well. Plus you can always use some program like yahoopops, fetchyahoo or yahoo2mbox to download most any web based email to a POP3 email client.
... its like you are stealing TV!
It might be their business model, but it is not our obligation to make it work.
Why not just set up a fake name, etc., when logging into Google? Only the government can subpoena your IP records from your ISP, and if they do that you're S.O.L. regardless. If you're lucky enough to have a static IP, use one of the domain anonymizer services.
9/11 Eyewitnesses to Explosive WTC Demolition 1 of 2
http://yacy.net/
YaCy - p2p-based distributed Web Search Engine
With yacy there is no central server/company. No one beeing able to censor your search results or to log and sell your private information.
It's still pretty early and the search results are not really comparable to google yet, but as soon as let's say 1.000 peers will be up and running (Your own home dial-up computer could be one of those!) I'm sure that google has not a chance anymore. peer2peer is just superior compared to central servers if it comes to quantity and actuality of search results.
regards,
Jan
they're not going to make money without customers, and if customers demand moral companies by not giving any money to amoral companies, well, they don't have much choice, do they?
Wow.... I think Anonymous Coward actually has a valid point here.
You can even extend the same argument to the music industry. If customers stopped buying CDs then the RIAA lawyers would have no choice but to allow fair use! Genius. Such a simple idea but so effective. Now all we have to do is convince the rest of the world to stop buying CDs...
It can't fail!
I'll probably be modded down for this...
If people want to store your requests, why not give them as much as you can give? We just need an
extension that does pseudo-randomized request flooding (without seriously tying up your browser).
..can you trust the proxy more than google?
Can someone provide link to proxy lists? Are they hard-coded into FoxyProxy or is there a separate download?
The thing you are forgetting about is that Gmail is now available for your own personal domain. Therefore you still run the risk of sending mail to a Gmail account, even if it is not to a gmail.com address.
More info here:
https://www.google.com/hosted
According to Wikipedia, "Conspiracy is an agreement between two or more natural persons to break the law at some time in the future, and, in some cases, with at least one overt act in furtherance of that agreement," and this is illegal in the US. Planning to rob a bank, or planning to sell drugs. While the groups you mentioned were only in the planning stages, they were motivated and trying to learn the skills they needed and obtain the equipment they needed to accomplish their goals.
:), but what about an author who wants to write some thriller involving a terrorist plot, or a journalist wanting to expose some more ineptitude in Homeland Security? They could potentially run afoul of the law.
I think some better examples might be where the police have falsely identified people as terrorists based on their activities. I remember a case around 2000 where some Canadian RPG players were charged with plotting terrorist acts, and really they were just researching to make sure their game session was as realistic as possible. Sure, these were just Rifts munchkins
Yeah, makes me wonder if they do business with the NSA in Acquisition Outreach or Technology Transfer.
Typical Government, the private sector is always building more effecient solutions. Sheesh!
If you are using Gmail, the only way to defeat this would be to not being logged in to Gmail while searching (apart from doing what's mentioned in the article). Logging in to Gmail would allow them to correlate the search request with your Gmail / Google account username which may be worse than correlating it with your IP address and a permanent cookie (due to NAT firewalls being so commonplace). Google should come clear on how they handle this. Do they use a single cookie for Gmail and other Google services (through one's Google account) or explicitly store our Google username in their logs if they find we are logged in to our Google account? They definitely do one of these.
It seems to me that a better approach is to poison the well. Develop a resident program that sits on the client and randomly initiates background searches on random phrases. This would not necessarily be detectable by Google whatsoever, and would end up making their profile of your search history relatively useless. If enough people used such clients, there wouldn't be much value to them maintaining a database of search query history.
Writing a program of this nature is probably very easy to do. Any takers?
You may have seen this on some websites before: an ad for a search engine called Dogpile . I don't know about the logging on Dogpile, but it sure delivers search results.
---For those still on the Google situation, just block cookies from google or get a plugin that blocks Google from getting your search history logged.
Charli
I submitted a comment earlier, and basically argues that it is still *possible* that Google will do something with this information that may be *evil* in the future. Then the post gets deleted. Why? Is /. hosted by Google or something? Is here just a forum to critisize M$ and any bad comments on Google will be deleted???
There are also free search proxies that have been around forever. A search proxy does a more specific job of disabling cookies, and click tracking and you dont need to download any software at all. http://www.blackboxsearch.com/ is a good one and its free.
Its easy and even newbies can use it been around for a while.
http://www.blackboxsearch.com/
It's interesting to see this topic posted now, because this weekend I made the switch to using Google's services exclusively. For the past 5 years, I've been running my own proxy server (Squid) that I used from home and work, content filtering with Dansguardian (2 kids at home), my own private Jabber server (MSN, AIM, and Yahoo transports), my own email server (family domain name registered and hosted), my own webmail page (Squirrelmail), my own calendar page, etc.. It's become increasingly difficult to find the time to keep up with patches, spam filtering, firewall rules, watching for SSH attacks. It used to be fun running my own servers, but now it's just another chore, one that has become less and less appealing. Combine that with the increasing cost of electricity, it's hard to justify the hassle anymore. Therefore, I decided to just dump it all in favor of Google. I created GMail accounts for myself, my wife, and both kids, purchased web/mail hosting, setup mail forwarding to send anything addressed to our old domain to GMail. GAIM now talks to talk.google.com, my Jabber server has been shut down. Google Calendar is much more powerful, and visually appealing, than the calendar app I was using. For a proxy server, I decided I just don't care anymore. The kids are old enough now that I don't need the content filtering provided by Dansguardian.
I know some of you on here are going to bring up Big Brother, the NSA, "whatever spy we're afraid of this week", and that's fine. Maybe I'm suffering from an extreme case of apathy, but I truly just don't care anymore. I fight with security and performance issues all day at work, I just don't have the ambition to do the same at home anymore. I now have a whole new set of integrated tools to use, they look better than the old ones, work better than the old ones, and are just as accessible from anywhere I need to use them.
gMail is about the only (non-ISP) web mail service that also provides access via eMail clients, eg, Eudora, OE, etc.
;-)
;)
FastMail does. At the "Guest" (free) and "Member" (one-time $14.95 fee) levels, it's web and IMAP only, but at higher levels, POP3 is available as well. I'm an Enhanced level user, myself (disclosure: link gives me credit for anyone that signs up through it).
So, using a "real" eMail client, no cookies aer required.
QED
You keep using that TLA.... I do not think it means what you think it means.
-Mike
I'm sorry; I don't know what I was thinking!
If you use Gmail, Google already has all of the information they could ever want from you. They can read your email. Do they even need to see your search history to have you totally pinned down? Doubtful.