Reconstructing Users' Web Histories From Personalized Search Results

An anonymous reader sends along this excerpt from MIT's Technology Review: "Personalization is a key part of Internet search, providing more relevant results and gaining loyal customers in the process. But new research highlights the privacy risks that this kind of personalization can bring. A team of European researchers, working with a researcher from the University of California, Irvine, found that they were able to hijack Google's personalized search suggestions to reconstruct users' Web search histories (PDF). Google has plugged most of the holes identified in the research, but the researchers say that other personalized services are likely to have similar vulnerabilities."

Reconstructing?

[General+Wesc]

The attack described on the first page of TFA didn't involve any 'reconstruction'. They were able to access the web histories by stealing cookies and using them to access the web histories Google provides. In the second page they talk about using the cookies to view a users' Google Suggest results.

Still, this is relatively unsurprising. If you snoop on my non-https transmissions, yeah, you can get a lot of information that I consider private. It would be nice if everything were https (the EFF has been pushing for all GWS to use https for a while now), but it's not news to me that it's not. The most novel thing here is that because they could access/reconstruct web history by getting my cookies, they didn't need to be watching me when I did my searches--getting my cookie now is as good as sniffing my packets when I was doing criminal activity yesterday.

Re:Reconstructing?

[wdavies]

+1 mod this to 5 and then re-edit the article & title please. This is not the same as the work identifying people from their movie ratings for example.

Re:Reconstructing?

[Simon80]

If you had read the paper you would see that Google asks for a reauth when an attempt is made to access the web history, so instead they choose the most frequent prefixes that are used in searches, and use them to ask google for search suggestions. Reconstruct is a perfectly suitable word to describe this process.

Obvious EU centrism

[Beretta+Vexe]

>>A team of European researchers, working with a researcher from the University of California, Irvine,

Dear /.

Europe isn't a country. The Inria isn't a European research institution, it's only a French institution.

Best regards

Re:Obvious EU centrism

[Jah-Wren+Ryel]

>>A team of European researchers, working with a researcher from the University of California, Irvine,

Europe isn't a country. The Inria isn't a European research institution, it's only a French institution.

I can't tell if you are trolling or if you really did fail basic set theory.

Re:Obvious EU centrism

[Beretta+Vexe]

I can't tell if you are trolling or if you really did fail basic set theory.

I'm just trolling, it's just funny that the only research institution name in the topic is the University of California, when the only researcher form this university started this study in the INRIA ( where he worked before moving to Irvine ).

It's a minor case of US monopolization ;-)

DO NOT WANT

[iYk6]

I was going to come here to post DO NOT WANT! But you beat me to it. So instead, I will post a message saying that I was going to post a message saying DO NOT WANT! Done.

Personalized search is a terrible idea, and can only lead to bad results if it doesn't work, or insulation from variety of it does work. I can't believe anybody would want it.

I assume I am safe with cookies and/or javascript turned off. Without javascript, Google never knows what I clicked on.

Re:DO NOT WANT

[maxwell+demon]

In my experience that's normally only true for the "extra" links it provides (i.e. if directly below the main link, there's links to specific subjects on that site). For example, if you search for Wikipedia, the first hit is the Wikipedia main page, which is a direct link, and below there are links to specific subject areas, which are Google redirection links.

BTW, it shouldn't be too hard to turn them into real links through a Greasemonkey script.

Re:Trackmenot

[maxume]

It still has the flaw that you have to trust them not to make it appear that you are doing things you would never want associated with you.

Of course, trust is largely a social problem, so it isn't surprising that throwing technology at it doesn't help much.

Nicely played

[ksandom]

Foreword: We would really like to acknowledge Google’s positive attitude toward our report and results. Google has been very responsive to our findings and is taking actions to fix them. We are very pleased about it.

I think its great when the people discovering the problem, and the people being alerted about the problem behave so well to each other. (They sent the paper to google a month before releasing the final thing.)

Re:Nicely played

[shoehornjob]

I think its great when the people discovering the problem, and the people being alerted about the problem behave so well to each other. (They sent the paper to google a month before releasing the final thing.)

That only works for Google. You know damn well if they sent that data to Microsoft they would have denied it for several months only to fix it when an exploit was released in the wild.That's how the Redmond spin works

Actually - yes

[Snaller]

You do what it - what you don't want - or what you fear is that someone else will abuse the knowledge (which I think is legitimate )

But personalized means better results for YOU - not worse.