Slashdot Mirror

← Back to Stories (view on slashdot.org)

Questioning Google's Privacy Reform

Posted by Soulskill on from the how-private-is-private? dept.

JagsLive makes note of a story questioning whether Google's recent commitment to anonymize IP logs faster is really as good as it sounds. We discussed their announcement a few days ago. CNet's Chris Soghoian takes a closer look: "While the company hasn't said how it de-identifies the cookies, it has revealed in public statements that its IP anonymization technique consists of chopping off the last 8 bits of a user's IP address. As an example, an IP address of a home user could be 173.192.103.121. After 18 months, Google chops this down to 173.192.103.XXX. Since each octet (the numbers between each period of an IP) can contain values from 1-255, Google's anonymization technique allows a user, at most, to hide among 254 other computers. ... Google has now revealed that it will change "some" of the bits of the IP address after 9 months, but less than the eight bits that it masks after the full 18 months. Thus, instead of Google's customers being able to hide among 254 other Internet users, perhaps they'll be able to hide among 64, or 127 other possible IP addresses. By itself, this is a laughable level of anonymity. However, it gets worse."

9 of 134 comments (clear)

  1. What have you done with Slashdot? by bigtallmofo · · Score: 1, Funny

    OK, I thought it was strange that there was an "Apple is Evil" story about sneakers earlier today. But now there's a "Google may be evil" story! What's next? A story about how "SCO was right about Linux all along"?

    --
    I'm a big tall mofo.
    1. Re:What have you done with Slashdot? by CaptainPatent · · Score: 2, Funny

      Shhhh! don't make them hunt the 256 of you down!

      --
      Well, back to rejecting software patent applications.
    2. Re:What have you done with Slashdot? by bigtallmofo · · Score: 2, Funny

      Shhhh! don't make them hunt the 256 of you down!

      Oh crap! I'm screwed then because I own my entire Class-C netblock! Stupid sexy last octet....

      --
      I'm a big tall mofo.
  2. Re:Minor correction by Anonymous Coward · · Score: 1, Funny

    Fail.

  3. Re:Hide by Anti_Climax · · Score: 5, Funny

    If you're using google services from IPv6, it's even easier to figure out who you are.

    I mean, it's either you or the other guy...

    --
    Even people that believe in pre-destiny look both ways before crossing the street.
  4. Re:Well by Silas+is+back · · Score: 5, Funny

    Subpoenaing logs for IP 123.456.789 from Google is not the same as getting logs from icanhascheezburger.

    I'm not sure whether you're qualified to talk about IPs giving this example IP.

    --
    this sig is useless
  5. Re:It only gets worse by nog_lorp · · Score: 3, Funny

    How are these "revelations"? A massive web-app provider HAS LOGS? No way! They might even do analysis of them for RESEARCH PURPOSES? How dare they! And if they are legally required to disclose them, THEY DO? The evil of it!

  6. Re:Well by dw604 · · Score: 2, Funny

    12.34.56.78

  7. Re:Well by Hal_Porter · · Score: 2, Funny

    That guy is a hacker and terrorist. DDOS him now.

    --
    echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;