Questioning Google's Privacy Reform

JagsLive makes note of a story questioning whether Google's recent commitment to anonymize IP logs faster is really as good as it sounds. We discussed their announcement a few days ago. CNet's Chris Soghoian takes a closer look: "While the company hasn't said how it de-identifies the cookies, it has revealed in public statements that its IP anonymization technique consists of chopping off the last 8 bits of a user's IP address. As an example, an IP address of a home user could be 173.192.103.121. After 18 months, Google chops this down to 173.192.103.XXX. Since each octet (the numbers between each period of an IP) can contain values from 1-255, Google's anonymization technique allows a user, at most, to hide among 254 other computers. ... Google has now revealed that it will change "some" of the bits of the IP address after 9 months, but less than the eight bits that it masks after the full 18 months. Thus, instead of Google's customers being able to hide among 254 other Internet users, perhaps they'll be able to hide among 64, or 127 other possible IP addresses. By itself, this is a laughable level of anonymity. However, it gets worse."

Uh huh, yeah, whatever.

[Creepy+Crawler]

Dont trust anybody what they say about your "privacy".

Install Firefox 3, AdBlock+, noscript, and torbutton.

You want complete anonymity, click torbutton (you have to set up tor). You're now damned hidden. No cookie leaks and stuff;.

Re:Uh huh, yeah, whatever.

[SanityInAnarchy]

And you linked to an IP address, why?

http://www.i2p2.de/

The picture sucks, though -- I think I know how it's supposed to work, but looking at that, I have no clue what it's trying to say.

Minor correction

[Duncan+Blackthorne]

A class C subnet is 253 addresses, not 254. Zero and 255 are, last time I checked, reserved.

Re:Minor correction

[Lennie]

And if it's part of a bigger block the 0 and 255 are possible usable, depending on where in the large block they are.

Re:Who cares about the IP?

[TubeSteak]

What I'd like to see is some significant differentiation between logged-in and logged-out states and the level of anonymity that is provided in each case.

There's no difference.
Google sets a tracking cookie.
That cookie gets tied to your current IP.
If you log in, that gets tied to your login name.
Logging out doesn't undo the log entry saying IP 127.0.0.1 = cookie 34kl5j2345 = compumike@gmail.com

The spread of google-analytics makes avoiding their tracking cookie all the harder.

Re:Why does Google risk customer relations?

[tylerni7]

Well first, while I'm sure you aren't the only person looking for a Google substitute, that doesn't mean a significant amount of users are. With the percent of the market that Google already has, a few people going somewhere else won't even make a dent.
That said, at least they are working on the issues rather than just ignoring them completely, as most companies do.

And second, that AOL leak wasn't really a leak. Instead they purposefully released the data for research purposes, thinking that a random, unique ID number for each user would be enough to keep them anonymous. According to this article (well the summary), even if they released search data (which they aren't stupid enough to do) instead of a unique ID number it would be something like 64 or 128 people under one ID number, which makes it impossible to see who searched for what, even if you know what IP block someone has.

Re:What have you done with Slashdot?

[Arimus]

Err???

255.255.255.0 doesn't give 256 host addresses ;)

One for broadcast, one for network so 254 is the number you looking for...