Slashdot Mirror
How Do I Keep My Privacy While Using Google?
hubert.lepicki writes "I use Google all the time. I keep two GMail tabs open when I'm online (one is private, another is a corporate account), I use Google search, and recently I switched to the Chromium browser. Google's services are fast, easy to use and usually reliable. At the same time, I know Google is tracking everything I do; I can see it in search results or their ads on web pages, which tend to match my interests. After the recent post by Mozilla's community director suggesting Bing has a better privacy policy (a response to questionable comments from Google CEO Eric Schmidt), I started to... 'google' ways of keeping my private data safe while browsing and using Google services. The results weren't very helpful, so I ask you, Slashdotters: how do I stay anonymous to Google while using their services?"
TrackMeNot for Firefox is useful for masking your real search engine queries with randomised search terms. That's a start. Not sure if there's a Chrome equivalent. Is Chrome that much of a necessity? Firefox does the job (though it freezes far too often for me). Otherwise, why not exercise some self-constraint and try products from Yahoo, or even host your own? (First post? :P)
ilovegeorgebush
If you asked me I would say resistance is futile unless you are ready to commit illegal actions.
You could always use anonymous services like scroogle fro searching but if I was a intelligence gathering organization, I would run such "anonymous services" myself so there is a risk that you might be followed even more by using such services.
Hacking into 10 machines and forwarding your connections through all of them might be a solution that will get you into trouble but that can be an efficient way to stay anonymous. But then again, intelligence gathering organizations might set up honey pots that you will end up using and you will bring even more attention to yourself this way.
So anyway:
> how do I stay anonymous to Google while using their services
is a really hard to answer question: There might be solutions for anonymous services like searching but for gmail and all other services that require you to log in, I would say forget it.
Intelligence gathering organizations have come to fully realize the potential of the Internet to track people, in contrast to the situation in the early 90s. Maybe Google CEO knows all about this and that he was just saying; you will be tracked anyway so you may as well be tracked by us ! He kind of screwed up on this because he is now stuck, unable to further explain his point of view, he would have to admit that Google, Bing and many other track you for business and marketing reasons but that they also "share" information with security oriented intelligence gathering organizations.
So in the end, I would choose who I want to be tracked by for marketing purposes and forget about not being tracked for other purposes unless you want to risk getting into trouble. You may be safer just acting as a normal day to day user thus making the amount of traffic play into your advantage in order to stay anonymous.
Everything I write is lies, read between the lines.
Look up the TrackMeNot Firefox extension. It spams Google and the other search engines with randomly generated but plausible search queries, so there's no real way that any of these companies can build a profile on you. If you browse with ads, however, prepare for some really bizarre ones.
...ask google ?!?
Why not use Tor for search queries? Your gmail is obviously a different story, because using Tor wouldn't make much difference for Google. So set Opera or Chrome to use Tor, and you're set for that part.
Seriously.. despite all the controversy it has stirred up.. if you don't have anything to hide.. who cares
It's not that black and white.. but chances are unless you have some very disturbing fetish.. chances are "the stuff you don't want your boss to know" is fairly similar to 10 million other people.. to the point where you are just a tiny blip in a stats bucket. Your just search #234521 for "sex with staplers".
They arn't publishing your search history in the newspaper .. they are using it to increment a counter that you might be interested in office supply ads.
If you are really paranoid though.. use adblock.. route everything through tor.. disable cookies.. and be sure to encrypt your hard-drive with a 20 gazillion bit cypher.
I guess in the end I fail to see what the big deal is.
As long as Google isn't selling my financial data to unscrupulous persons and having me get billed all kinds of money for things I don't want, or creating a dossier on all the weird shit I've searched for and forwarding it to my boss, what's the big deal?
So what if some marketers know everything about what I like to buy or look for? How, in the end, does that really affect my life? Yes, it's a bit creepy sometimes, but it makes no impact on my quality of life.
What *does* freak me out is how my credit card company can ask me to confirm my height and weight when I talk to them on the phone, and when I ask them how the f**k they found out how much I weigh, they tell me that by law they're allowed to download all the information from the Department of Transit and so they know everything that's on my drivers license. THAT's the kind of stuff that I find extremely scary, and that's the kind of thing you can't do anything at all to prevent other than living in a shack in the mountains somewhere.
ìì!
Block Javascript, block all Google cookies, have no Google accounts. Occasionally permit scripts and cookies for long enough to look at a map (oh, and also block all advertising with Privoxy).
Works for me, but I don't think I'm quite Google's idea of an ideal user (that's *user*, not *customer*).
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
If you are logged into gmail you cannot possibly retain your privacy.
Short of deleting all google cookies and changing your ip after using gmail you cannot retain your privacy.
# cat > /etc/hosts ...
> google.com 127.0.0.1
> doubleclick.net 127.0.0.1
> youtube.com 127.0.0.1
> google-analytics.com 127.0.0.1
> #
> EOF
Thanks to 9/11 there arent anywhere on the world you can expect any privacy. Not online, not offline, not your medical records, your purchases, your bills or anything else thats in electronic form are private.
Weather you use Bing, Hotmail, Gmail, Google doesnt matter the least bit since ALL of them logs everything and have to keep it and release it at any governments whim. The differences between them are highly superficial and has zero importance in reality. The terms of service from the different vendors are worth about, not a damn thing. They have to log everything and have to release whatever a court or intelligence agency wants released.
If you dont want it read and scrutinized, dont put it online. Period.
HTTP/1.1 400
I use my butler Jeeves for everything. He arranges my travel, does my bills, and picks up anything I need from the store. He is fast, courteous and usually reliable. At the same time I know that he is aware of everything I do; I can see it in the way he can often provide suggestions which tend to match my interests. Do to some misplaced comments of his, I am now suspicious that he may not respect my privacy. How do I remain anonymous from my butler while still having him provide all the personal services that I am accustomed to?
No one will pay any attention.
It's NOT me! It's the meds! I'm on 1000mg of Fukitol.
Justs Google it....oops!
the person or persons who figure how to get the same value of all these services while protecting users' privacy is going to make a fortune.
IMPORTANT: You have to disable cookies on google to make sure that they can't build a history of all your searches. Otherwise you can be easily pinpointed if you ever search for your own name or that of someone close to you. Preferably also use a dynamic IP address.
It seems to me you have two options. 1) Accept the trade off of having Google uses your information for targeted advertising in exchange for their service. 2) Stop using Google's services.
Use Bing instead of Google search. Switch to Hotmail, Yahoo Mail or use an email client. Use Bing's maps instead of Google Maps. etc. I don't think any of these options really ensure your privacy any better than using Google does but if your fear is of Google specifically (sort of irrational IMO) then these are options.
Personally I don't mind the first option because honestly I'm not that interesting. I don't do anything with Google services that would be very interesting to anyone at Google or an intelligence service. There seems to be very little risk for a decent reward.
I do my searches using clusty.com rather than google, for exactly this reason. In most cases, the search results are exactly the same quality as google's. It doesn't have certain specialized features that google has, e.g., book search and image search.
A simple way of enhancing your privacy is to set your firefox preferences so that it deletes all cookies when you exit the browser, except for cookies from a specified whitelist. Edit : Preferences : privacy. Uncheck "accept third-party cookies." Firefox will: Use custom settings for history. Keep until: I close Firefox. Exceptions: [set your list of exceptions]
But basically, if you completely hitch your wagon to gmail, google docs, etc., then I don't see how you can expect to preserve your privacy from being invaded by google. Google is an advertising company, and their whole business model revolves around selling your eyeballs.
Find free books.
Nothing is free and if you use their services, your privacy, at least in part, is the cost. If the price is too high, go somewhere else.
But you didn't! This is not about whether people are interesting or not. This is about privacy, which seems to be devalued in the public's opinion. 1984 was a cautionary tale, not a guidebook.
or if you do use gmail, encrypt everything you send with an external app, have all your emails forwarded to another non-gmail account.
Running your own email server isn't exactly hard as long as your ISP is willing to change your PTR record and give you a static IP. Well worth it even just for the gains in privacy.
For google search i would use an anonimisng proxy, run a http proxy (bandwidth limited) to muddle your searches in between other people's but you will get the much hated 'sorry, your computer is generating automated queries screen' and will sometimes have to enter a capcha in order to use google search the odd time
I work for a company that supplies a specific unique service(Laboratory Service). I use a work gmail account for testing/backup. My personal email is not gmail. To my surprise after using gmail I starting getting spam to my personal account to do with Lab stuff. And some ads in gmail clearly are oriented to my personal stuff. As far as I know I have never crossed the two and strickly keep personal matters out of Gmail.
As with a comment above, "if you have nothing to hide", I don't have anything to hide. But it is somewhat unsettling.
In post Patriot Act America, the library books scan you.
Here are some addons I use in Firefox that might be of use for some: CookieSafe, permanently ban google in specific from setting cookies (for example): https://addons.mozilla.org/en-US/firefox/addon/2497 Ghostery, See who's tracking your web browsing and block them automaticly. (trackers like google analytics, quantcast, etc) https://addons.mozilla.org/en-US/firefox/addon/9609 Torbutton,Provides a button to securely and easily enable or disable the browser's use of Tor. It is currently the only addon that will safely manage your Tor browsing to prevent IP address leakage, cookie leakage, and general privacy attacks. https://addons.mozilla.org/en-US/firefox/addon/2275
In the other hand, your "privacy" could be the line that separates a world of noise and spam to the real info you need. And Google services, specially when used in integrated form, could be pretty practical
This makes it really clear.
The Google Toilet Service:
http://www.youtube.com/watch?v=hrontojPWEE
If you want privacy don't use services or purchase anything on the Internet.
Never buy anything online.
Never use a service that requires that you get an account.
Even then use anonymizing techniques or services like Tor for those few sites that you do visit via random WiFi connections you find by driving randomly around after purging all the cookies in the browser you are using.
But while you are doing that make sure that you always pay for everything in cash.
Do not use a library card.
Avoid all areas that use video surveillance.
Do not get healthcare or have a medical record.
You really don't have any privacy anywhere anymore. If the info is on a network connected computer somewhere, there is someone you have not authorized that can get access to it and copy it. There may be laws against that, but they won't be enforced... because its way too much effort.
Before networked computers held info of all kinds there was the illusion of privacy, but even then it didn't exist. It was just harder to get at the data.
The internet is a public forum. The only privacy that exists is what you set up with other parties BEFORE you use the Internet.
Facebook is billions of individual "Skinner Boxes." And if you use it you are the pigeon!
For years, I have used one browser (Safari) for nothing but online banking. I now use Chrome for all google related browsing (GMail+Google Apps, Blogger, Reader).
I do all other browsing on Firefox, blocking Google and most other cookies.
This is slightly inconvenient because if someone emails me a link, I need to copy and paste it into Firefox - probably copy/paste links between Chrome and Firefox about 5 to 10 times a day so this is a small overhead.
I usually use Google Search (on Firefox), but I also use Clusty and Bing.
...read the summary.
Tracking HTTP by IP is extremely unreliable for Google and everyone else -- many corporations and other firewalled institutions run big proxy servers and funnel all their requests from that machine.
1) Use different browser profiles for different web applications.
If you start firefox with these options: -no-remote -ProfileManager it will allow you to run multiple copies simultaneously, each with a separate profile (different set of cookies, different set of plugins, different skins, different bookmarks, different histories, etc).
I create a specific profile for each major web app - I have one for IMDB, one for google searches, one for google mail, one for google voice, etc. And one for generic browsing.
Each profile has a couple of add-ons:
Adblock Plus - general catch-all to block things like doubleclick and the million other trackers
CookieSafe Lite - for fine-grained control of what sites can set cookies
NoScript - for fine-grained control of what sites can use javascript and flash
Redirect Cleaner - for removing those "bounce links" that a lot of sites use to track you when you follow a URL off their site, with the cleaner you go directly to the destination URL
RefControl - for clearing out or rewriting the referrer URL - prevents sites from knowing where you came from when you clicked a URL to their site, sometimes helpful in accessing poorly 'restricted' content
Targetted Advertising Cookie Opt-Out - sets special cookies that sites may choose to obey to say "don't profile me" since these TACOs are not unique-per-user, I figure it can't hurt although it probably doesn't do anything
User Agent Switcher - Lets your browser identify itself as a different browser - this is very important
Ghostery - Informational Only - tells you what tracking sites may be tracking you on any given page (does not block them, and you get false alarms on sites where NoScript blocks javascript, but it is still good for situational awareness)
Better Privacy - Blocks new stealth "super cookies" in Flash and DOM Storage Objects. VERY IMPORTANT
Using the above plugins, I do the following in each profile:
1) Set NoScript to only allow javascript from the one website the profile is intended for - and block flash as much as possible regardless due to cross-profile flash cookies
2) Set CookieSafe that same way and then only for per-session cookies
3) Block and/or auto-delete Flash and DOM Storage cookies with Better Privacy - note flash cookies tend to be shared across all profiles because they go in a folder under "Documents & Settings" on MS Windows and ~/.macromedia/ on Linux. I am still looking at ways to force each profile to use a different directory for flash cookies - until then, block flash as much as possible and auto-delete cookies frequently
4) Set the User Agent to be different in each profile - this gives the appearance of multiple users behind a firewall which is key
5) Load a different theme or skin for each profile to make it easy to visually distinguish between windows so you don't accidentally start browsing the web from your gmail window or vice-versa
All that is a little bit of a pain to set up, an hour or two total. But once in place, I think it is a reasonable compromise for reducing the risk of having your personally identifiable information gleaned in services like Google Mail from being automatically cross-referenced with your browsing habits. I am considering taking it a step further with FoxyProxy configurations to use
When information is power, privacy is freedom.
Surely they could see that you're coming from a residential connection and compensate.
Your ISP knows much, much more about you than Google does.
I notice several posts have been made regarding the current Slashdot con census regarding privacy. When some people say that they aren't worried about any privacy issues because they're too insignifant to care about as far as Google's concerned, some others pipe up and comment that in the "old days" of Slashdot, they'd be in the extreme minority, whereas nowadays it's fairly common to see this opinion.
Here's the problem - there IS no privacy on the Internet anymore. Compared to the old days of Slashdot, surveillance and logging has become so commonplace and pervasive, that even if you don't put your particulars on the Internet yourself, someone else might do it themselves. A good example would be a friend who uploads a picture on Facebook which has you tagged, even if you don't use Facebook. Heck, if you don't use it, you may not even know the picture exists until it's brought to your attention. At the very least, it's hard to remain isolated from the privacy issues of the Internet, short of becoming a hermit and avoiding any social contact.
So the reason privacy is being given up, as seen by some people, is because it's frigging tiring to have to check, double-check, workaround and in the end, give-up the fun and useful services and technologies available to us on the Internet, because very little of them respect total privacy. It's also hard to justify such extreme paranoia when it's highly unlikely you'll encounter any actual problems, so long as you use common sense.
In the end, we're all gonna die anyway, so freaking RELAX. Whatever privacy issues you were concerned about won't matter an iota regardless of whether you get buried, cremated or shot out of a canon into the sun.
PS. There's also the tiny fact that you WON'T CONVINCE EVERYONE about the importance of privacy anymore. That boat has sailed, given how much Facebook is used as a benchmark. So don't fret about worried how how you think privacy is becoming extinct. If you want to live in the modern digital age, it already has...
Search engine plug-in for Firefox:
https://addons.mozilla.org/en-US/firefox/addon/12506
Rich And Stupid is not so bad as Working For Rich And Stupid.
Define Privacy for goodness sake! If you are worried about targetted advertising, stay off the damn net. If you care if someone knows your favorite color don't fill in questionairres. The amount of useful information someone - (conspiracy theorists enter your preferred bogeyman here) can deduce from online search queries and your browsing habits is about as significant as the initial letter of your mothers maiden name - jack sh*t - unless they already have a huge amount of collateral information. On the other hand if you are really paranoid you could spend all day building a false web identity... or you could get a life. If you are of interest to 'those people' they can find out what they want to know with minimal effort, so chill and accept the trade-off. Google finds you info and maybe sets you up for advertisers, spooks etc. Is it worth the price - You decide - just like a grown up, you pays your money and takes your chances.
Then configure CookieSafe to "Deny Cookies Globally" (you can easily make exceptions for some sites). BetterPrivacy and TrackMeNot come with suitable defaults.
With this set-up, no cookies will be created. DOM Storage (super-cookies) and flash cookies will be wiped whenever you close your browser. And you will gently spam Google and other search engines with random searches, just in case they do tracking by IP addresses.
You may also want to throw in:
I'm paralysed by choice. I want to use all these products and services this company offers, but they don't want money, they just want to make a record when I use them. Please help.
Yay me!
Some people won't believe you (and it's argued in the replies also), but yes any sort of identification by IP is pretty much useless, and it has been for years. It wasn't so bad for geolocating, but even then it ran into serious problems. Even Google, the behemoth datamining company, would sometimes send me off to google.ca, even though I was happily sitting in the US.
They *CAN* use that information to associate you to a group of users. Some people have mentioned NAT on residential connections. Residential lines sometimes show up at small business sites, so even with some regex matching, it wouldn't identify if it's a single user house, or a 10+ user business. Then again, they can guess based on browser usage.
A long time ago, at a company I worked for, we tried to use IP's as part (not all) of the user identification. It's all fine and dandy, until you find out that some places (namely AOL) are obnoxious about their proxies, and some users have multiple lines. One of my original problem was the users with multiple dialup accounts. They'd get annoyed at the speed with one, and switch.
Even a user with a whole collection of dialup and broadband accounts won't be protected if they're searching for "bad" things. The IP is still identifiable to someone. If the feds start subpoenaing records, it won't matter which line you were on, they're still your line. If you're at work and doing it, don't believe for a second that your employer won't be compelled to hand over every machine in the place if necessary. And, no, stealing a WiFi connection from your neighbor isn't enough to protect you. If you've done something bad enough, and the feds show up, they'll figure out soon enough that grandma wasn't really looking for bomb making materials online, and they'll figure out who the rogue user is attached to her access point.
The larger your organization is, the less likely you'll know they're on to you before there's a nice man with handcuffs and a badge standing at your cube saying "We need to talk. Come with us."
So, the question then becomes, how much are you worried about what you're searching for online, and should you really be doing it? The IP may not be any good for positive identification, but it leads them down the trail right to you.
Serious? Seriousness is well above my pay grade.
Just listen to the radio and riff on random words you hear...
I think my current profile must be for a pro-abortion conservative seeking vegetarian recopies for well aged beef, who is also looking for gun rights for married homosexuals who want to club baby seals to cut down on green house gasses, so that they can drive their Hummers as much as they like to anti-tax Tea Parties where they can dump their toxic CFL bulbs by the eco-friendly re-usable shopping bag-full. And, I may or may not have breast cancer, prostate cancer, alcoholism, feminine hygiene needs and or ED, PE, weight loss or weight gain issues. Surely I can get cures for all of the above cheaper from Canada...
This issue is a bit more complicated than you think.
Thank god for IPv6 ?
I had no part in that, and I resent the accusation.
Religion is regarded by the common people as true, by the wise as false, and by rulers as useful.