NSA Uses Google Cookies To Pinpoint Targets For Hacking

Hugh Pickens DOT Com writes "For years, privacy advocates have raised concerns about the use of commercial tracking tools to identify and target consumers with advertisements. The online ad industry has said its practices are innocuous and benefit consumers by serving them ads that are more likely to be of interest to them. Now the Washington Post reports that the NSA secretly piggybacks on the tools that enable Internet advertisers to track consumers, using 'cookies' and location data to pinpoint targets for government hacking and to bolster surveillance. The agency uses a part of a Google-specific tracking mechanism known as the 'PREF' cookie to single out an individual's communications among the sea of Internet data in order to send out software that can hack that person's computer. 'On a macro level, "we need to track everyone everywhere for advertising" translates into "the government being able to track everyone everywhere,"' says Chris Hoofnagle. 'It's hard to avoid.' Documents reviewed by the Post indicate cookie information is among the data NSA can obtain with a Foreign Intelligence Surveillance Act order. Google declined to comment for the article, but chief executive Larry Page joined the leaders of other technology companies earlier this week in calling for an end to bulk collection of user data and for new limits on court-approved surveillance requests."

Now 2 good reasons not to allow cookie tracking

[mrspoonsi]

The EU is right on this one...

Re:Now 2 good reasons not to allow cookie tracking

[erikkemperman]

The EU is right on this one...

I'm not so sure about that. I am afraid this is one of those deals where the compromise (require the user be presented with an opt-out) turns out to be worse than either of the proposed "pure" alternatives (do not regulate tracking at all, vs disallow all tracking, period).

Because what happens is a site says: either allow my cookies or I will not, or not fully, serve you. And because the average user is basically an idiot -- as is true for any large group of people, and in many instances of course it includes myself -- they go for it.

Tracking not reduced for all a but a tiny minority of paranoids and actual baddies, and the ad companies can now say they do it with user's consent.

This PREF cookie is an especially nasty piece of work, seeing how it rides on the very Safe Browsing system that Google "generously" facilitates to protect against online malware. Check the link in TFS.

Re:Now 2 good reasons not to allow cookie tracking

This PREF cookie is an especially nasty piece of work, seeing how it rides on the very Safe Browsing system that Google "generously" facilitates to protect against online malware. Check the link in TFS.

That's it! All Firefox users should disable browser.safebrowsing.enabled on about:config... unless this whole story is a trick to get us to disable safe browsing to make us easier to hack... I'm so confused!

Re:Now 2 good reasons not to allow cookie tracking

They should do this also if they value their HDD's integrity. When Firefox upgrades those databases it leads to an unsavory amount of disk access because apparently operations can't be done in memory, and have to be flashed to disk and read back a million times.

Re:Now 2 good reasons not to allow cookie tracking

It's actually worse. I run Firefox with Cookie Monster, so I already block cookies. That used to work fine, but now I find myself having to accept cookies just to get rid of the stupid 'we use cookies!' banners.

Re:Now 2 good reasons not to allow cookie tracking

No, the EU horrendously dropped the ball on this one.
Rather than enact a simple bill that simply says ‘do not track people’, they wrote up a complicated anti-cookie document that requires everyone to officially agree to the cookies. At least before the law we could argue that the cookies were put there against our will.
Meanwhile, non-cookie-based tracking continues apace.

Re:Now 2 good reasons not to allow cookie tracking

Funny post, but those banners are ignoreable just like ads.

Re:Now 2 good reasons not to allow cookie tracking

[DarkOx]

The most sensible solution is to allow only sessions cookies. I know everyone loves their "keep me logged in button" but simple solution is to have browsers silently convert all cookie requests to session cookies no matter what the server or script asks for.

This should do be the default, as it breaks very few sites and existing web applications other than you have to logon every time. Users should have to manually go white list domains that are allowed persistent storage.

Browsers need to stop providing useragents, they need to start sending strings like
"traditional HTML 5.0 ready browser" or "touchscreen HTML 5.0 browser" instead.

The default behavior should be to only send a referer header when the request is to a page on the same domain as the one already being displayed.

As much as I hate to advocate it because its a waste of everyone's network resources, the same approach needs to be applied to document caching. There are to many possibilities for script based timing analysis attacks and server side request analysis that will enable tracking with the cache enabled.

Implement those changes and you will an WWW that still mostly works without alot of changes to existing sites but is decidedly less trackable.

Re:Now 2 good reasons not to allow cookie tracking

Even if your session cookies are different once you start doing enough distinctive stuff (log in, unique search) they will know who you are and can track you.

Re:Now 2 good reasons not to allow cookie tracking

we had a solution to this 15 years ago. since we ourselves loved
to hack everything, we weren't confident that users wouldn't edit
their own cookies, and iirc there was some concern about proxies
over-caching, so we encrypted them. actually, the good info
wasn't even in the encrypted cookie. it was on the servers. the
cookie was just index into a table. and there was enough salt,
and a time stamp, so the cookie changed on each access to our
site.

there's nothing wrong with cookies per ce, if these cookies are
trackable, then google is being lazy.

Re:Now 2 good reasons not to allow cookie tracking

Try Self-Destructing Cookies. It doesn't give you those problems, and there's basically nothing to using it. You can even install it on the browsers of non-technical family and friends.

Re:Now 2 good reasons not to allow cookie tracking

[daem0n1x]

Advertisers or spies?

I'm not sure which kind of psychopaths I'm more afraid of being tracked by...

Re:Now 2 good reasons not to allow cookie tracking

They could still track you during your session.

Re:Now 2 good reasons not to allow cookie tracking

[citizenr]

Cookie tracking is old school and ineffective. Nowadays you fingerprint users.

OWASP AppSec EU 2013: Web Fingerprinting: How, Who, and Why?
https://www.youtube.com/watch?v=aSfh0efL7rs

Re:Now 2 good reasons not to allow cookie tracking

Why block cookies?

Allowing third-party cookies, of course, is a bad idea. But blocking first-party cookies is stupid. Oh, no! Cookies can track you! This is terrible news! Unless, by "news", you mean something we haven't known about for nearly the last 20 years.

News flash! (There goes that "news" word again, being all sarcastic.) Firefox lets you wipe your cookies after every browsing session, and it's a built-in feature that has been there for years. Just go to the options/preferences dialog, to the Privacy tab, and make sure "Clear history when Firefox closes" is checked. Next to that option, there is a "Settings..." button, which, when clicked, brings up another dialog to let you be more specific about what kinds of history are cleared when you close Firefox. The "Cookies" option does what it says on the tin.

Now, close and reopen Firefox. Go to Google's homepage. You now have a PREF cookie. You can see it if you have the web developer toolbar add-on installed and use View Cookie Information from it. You will be able to see the unique value from the PREF cookie. Now close and reopen Firefox again. Go to Google's homepage again. View Cookie Information again. The PREF cookie's value has changed. You aren't (to Google or anyone else's knowledge) the same person you were 30 seconds before, at least not from this PREF cookie's point of view.

Beware, though. While the PREF cookie isn't quite the monster TFA/TFS makes it out to be, there are other ways of tracking you. Try out Panopticlick and you'll see just how your exact browsing setup can be tracked. It's difficult to get a good read with Panopticlick, though. Very high numbers mean you're not unique and can't be easily tracked because you blend in with a large crowd. Very low numbers mean you're extremely unique and your browser is likely discarding that profile immediately after you end the session. Numbers in the middle (wherever that is) mean you probably are trackable.

Re:Now 2 good reasons not to allow cookie tracking

[aces_of_clubs]

Spy Vs Spy ... MAD isn't it ?

Calling for?

Just do it, you moron. You don't need to ask anyone, you can just stop the bulk collection of user data.

Re:Calling for?

[Travis+Mansbridge]

Not if the NSA/FBI can legally backdoor in ways they don't know about.

Re:Calling for?

[erikkemperman]

Exactly. "It's hard to avoid" says Chris Hoofnagle. Right. It would kill Google's business model, sure, but it isn't technically more difficult to not track everyone everywhere everywhen.

Re:Calling for?

Exactly. "It's hard to avoid" says Chris Hoofnagle. Right. It would kill Google's business model, sure, but it isn't technically more difficult to not track everyone everywhere everywhen.

I think you meant: "everywho everywhere everywhen". ;-)

Re:Calling for?

But he doesn't want the end of bulk collection of user data. He just doesn't want the government competing with him anymore. It's making his business look bad.

Re:Calling for?

[Desler]

And this article is amusing in light of the fact that Slashdot has been using Google Analytics and other tools that are feeding this data to Google.

Re:Calling for?

It's not just ways they don't know about ...

Given what has been revealed over time about the legal leverage applied to these tech execs, I suspect that Google 'just stopping' this bulk collection would literally land Larry and Sergei in jail for violating agreements that they have already signed (same as signed by MS, Yahoo, etc.) which forbid them from doing anything that might reveal that they have even been contacted by the NSA/FBI. So they have to play this careful game ...

Re:Calling for?

They're not against the bulk collection of data by _corporations_ only the bulk collection of data by _governments_.

In other words, the spies at Google, Apple, Facebook, Twitter, Microsoft, Yahoo, and other advert-viewers-as-a-service companies are banding together to try to get the laws changed so that the NSA stops horning in on their action and riling up the public.

Use Google-like monopolies to your advantage

[Rosco+P.+Coltrane]

Big data monopolies like Google are the stuff of nightmare for privacy-minded individuals.

But there's a silver lining to that particular cloud: as the most important player in the field, they're the most visible target for abuse of all kinds. Which means that you have a better chance of dodging the abuse if you simply don't put yourself in the center of the target, by not using any Google product.

Kind of like when Windows had the lion's share of the OS market, and you could avoid most viruses by running another OS, not because the other OS was more secure, but because virus writers had a better return on investment writing viruses for Windows and left your fringe OS alone.

Re:Use Google-like monopolies to your advantage

Big data monopolies like Google are the stuff of nightmare for privacy-minded individuals.

But there's a silver lining to that particular cloud: as the most important player in the field, they're the most visible target for abuse of all kinds. Which means that you have a better chance of dodging the abuse if you simply don't put yourself in the center of the target, by not using any Google product.

Kind of like when Windows had the lion's share of the OS market, and you could avoid most viruses by running another OS, not because the other OS was more secure, but because virus writers had a better return on investment writing viruses for Windows and left your fringe OS alone.

The only problem with that theory is the one who is actively avoiding Google, Apple, Facebook, Twitter, AOL, Microsoft, LinkedIn, and Yahoo becomes a person of interest because you've now just become an outlier.

Sitting at home running OpenBSD behind three layers of crypto and Tor proxies? Gee, that doesn't look suspicious.

You would almost be better off shoving yourself somewhere in the herd. Statistical algorithms tweaked to perfection will find you otherwise.

Re:Use Google-like monopolies to your advantage

[lister+king+of+smeg]

Big data monopolies like Google are the stuff of nightmare for privacy-minded individuals.

But there's a silver lining to that particular cloud: as the most important player in the field, they're the most visible target for abuse of all kinds. Which means that you have a better chance of dodging the abuse if you simply don't put yourself in the center of the target, by not using any Google product.

Kind of like when Windows had the lion's share of the OS market, and you could avoid most viruses by running another OS, not because the other OS was more secure, but because virus writers had a better return on investment writing viruses for Windows and left your fringe OS alone.

Simply not using Google products won't protect you from this as it is using scripts embedded in web pages. Google analytics Gstatic and Googleadservices just to name a few present here on slashdot embeded and reporting back to Google and by extension the NSA.

To block them you need to either completely block javascript which will break many if not modern web pages or learn to use ghostery, request policy, AND OR noscript, oh and https everywhere. then block everything by default and whitelist and temporarily allow as needed to make the pages viewable.

Re:Use Google-like monopolies to your advantage

Kind of like when Windows had the lion's share of the OS market, and you could avoid most viruses by running another OS, not because the other OS was more secure, but because virus writers had a better return on investment writing viruses for Windows and left your fringe OS alone.

MS has been caught doing the same things, if not far worse then Google, you are right about monopoly companies, or closed software/hardware companies getting away with this type of user abuse. But don't think MS isn't also in the back pockets of spying agencies getting away with the same stuff. Most if not all have nothing but ill will, they can come out with PR statements and a naive notions that there companies are "advancing" mankind but few can see past this.

I question if the "3rd Party Cookies", being disabled does anything to limit or just about cut out any of these spying cookies that advertisers insist on jamming in everyone's eye, no doubt there will be /. users/readers that work for these leeches who will come out bashing everyone that is against this type of advertising.

Re:Use Google-like monopolies to your advantage

Nonsense.
False data leads them in circles. Register your computer and email on someone famous and dead, like say, Bush Cheney, then go wherever you want. Pull their legs, and send outrageous messages on SMS so these people look like left wing ,greenie, racist, porn hooked, tax cheating drug sniffing activists. It is a right pain having 3 computers, one never connected to the internet, but this is what happens. A 5% false positve rate will really hamper unconstitutional brown-nosing.
Wonder what would happen if you added to your google contact list the FBI's / Interpols most watned 100 list ending with .gmail or .whatever. Make sure the 101'st name is your local congrescritter's. Oh, it was someone you did not like who left their terminal/session open. Excellent!

Re:Use Google-like monopolies to your advantage

so I got ghostery noscript https everywhere. I hooked up some VPN.

to hell with cryptography, there should be laws protecting my privacy and protecting me even if I don't encrypt anything.
 

Re:Use Google-like monopolies to your advantage

[ArsenneLupin]

Simply not using Google products won't protect you from this as it is using scripts embedded in web pages.

Then don't use these scripts either. And if this breaks the web site, complain loudly to the webmaster (outlining the privacy issues, if needed).

Or at least don't accept cookies from these scripts. Often these scripts still run fine (for the visitor), even with google cookies blocked. (stuff like google analytics will break, but that's actually a feature...)

Re:Use Google-like monopolies to your advantage

[erikkemperman]

Sitting at home running OpenBSD behind three layers of crypto and Tor proxies? Gee, that doesn't look suspicious.

Which is why, in addition and in isolation, I run an unpatched Windows XP box on which, every now and then, I emulate an average person and use IE6 to download, uh, nature documentaries from sites so dodgy I have to click past a gazillion warnings even on that leaky browser!

Re:Use Google-like monopolies to your advantage

[nullchar]

You can easily run ghostery, request policy, refcontrol, noscript, https everywhere, cookie monster, and BetterPrivacy all at the same time.

How does anyone browse without these? I setup all of those, except request policy and noscript, for every user I help. They're nearly all passive.

Re:Use Google-like monopolies to your advantage

[aliquis]

Yeah. That's why.

("I only searched for global thermonuclear war to trick you into thinking I was interesting! Seriously!")

Re:Use Google-like monopolies to your advantage

[Desler]

Which means that you have a better chance of dodging the abuse if you simply don't put yourself in the center of the target, by not using any Google product.

Both extremely wrong and naive. Tons and tons of websites are still reporting back your data about you to Google through their analytics tools. Google is still getting plenty of your data without ever visiting a single one of their products. No different than Facebook being able to aggregate data about people who have never been members simply through the people that person knows posting info about them.

Re:Use Google-like monopolies to your advantage

Google analytics Gstatic and Googleadservices just to name a few present here on slashdot embeded and reporting back to Google and by extension the NSA.

To block them you need to either completely block javascript which will break many if not modern web pages

Fortunately for Slashdotters the Slashdot javascript is broken even if you load all of it, so blocking some of it isn't a big deal.

Re:Use Google-like monopolies to your advantage

[TheGratefulNet]

capitalism is not compatible with user privacy. or, so it would seem. we reverve Business (capital B since its akin to God, capital G) to the highest level and if it Helps Business(tm) then its Good For America(tm).

I hate that shit! its a horribly failed system.

but if you try to suggest changes or alternate systems they call you names. or worse.

increase privacy and the business weenies will cry. and they ALWAYS get their way, these days.

Re:Use Google-like monopolies to your advantage

[TheGratefulNet]

on mobile, you have to be rooted to run a lot of adblockers and such.

the first time I ran a non-rooted android phone and saw what everyone else sees on the web, I was kind of shocked. after years of filtering (noscript, etc) at home, I had forgotton how BAD things had gotton on the dirty wide web.

on systems you can control, its fine. on phones - which a lot are not easily rootable - you have much less control.

Re:Use Google-like monopolies to your advantage

How does anyone browse without these?

Some pages are completely unusable without these. Not everyone has a 1 Gb/s connection and waiting ages to load all that JavaScript makes applets look fast in comparison.

Re:Use Google-like monopolies to your advantage

Adblock and Ghostery work on Firefox mobile. Also a bunch of privacy oriented add-ons that are mobile-only, like adding back a quit button that cleans cookies, stored data, etc., setting the user agent, and so on. It's not the snappiest of mobile browsers, but you can view a clean(er) web on android, too.

Re:Use Google-like monopolies to your advantage

On Opera Mobile, you can use a content blocker file (urlfilter.ini) generated elsewhere to block unwanted content. The downside is that you cannot generate or modify one on the device - you have to use an existing one. You can find plenty online or use the one from your desktop browser if you use Opera on your desktop.

Search for "URL Filter File" on the opera:config page.

Re:Use Google-like monopolies to your advantage

[cold+fjord]

There was less personal privacy in pretty much all spheres of life under communist rule, before you even begin considering personal liberty, and the economic system was a failure to boot.

The Collapse of Communist Economic Theory - APRIL 01, 1961

Factory managers in Russia are examined once a year on political theory. To hold his job, a manager must qualify anew every year in "Dialectical and Historical Materialism," and in "The History of the Communist Party." His compulsory reading list includes 64 official textbooks, plus 93 selections from Lenin, 11 from Engles, 24 from Marx, 13 from Stalin, 14 from Khrushchev, and one from Mao Tse-tung. It is easy to imagine what happens to Russian production when every factory manager is occupied with these predetermined studies as the prime vehicle of his bureaucratic advancement.

Every factory manager has but one aim in life—to make this month’s production quota. His entire career, and all his incentive bonuses, are based on annual quota accomplishment. On this score, another reputable American economist reported: "The incentive system also encourages falsification of records, the hoarding of labor and supplies, and numerous unusual activities such as working employees on a Sunday and giving them a day off in the following month"

This general pattern of phony quota-making has resulted in a broad panorama of totally unreliable production statistics from every sector of the Bolshevik economy.

Russian labor is regimented in a measure which kills all striving for excellence. Trained workers are in short supply in every line of production, and in-plant incentives often are discouraged by meticulously designed production norms delivered by Gosplan, Moscow, for every factory operation.

Communist China is still in business, so to speak, despite the pervasive surveillance of its police state. Why?

China's rising GDP and economic miracle (Follow link to see graph)

The seeds of China's rapid economic growth since the 1990s were first planted back in 1978 when the Communist Party started to introduce capitalist market principles, initially in the agricultural sector.

There is an open question about how long Europe will be able to continue under its current arrangements. They are facing long term problems with their economies, social policy, and demographics. European governments have been shown to engage in spying as well.

The US government substantially worsened the housing bubble by one set of actions, and slowed the recovery by others. Politics prevented reforms that could have stopped the government intervention leading to the first problem, and is directly resulting in the second.

Re:Use Google-like monopolies to your advantage

There are laws. The US government just thinks it's exempt from them.

Re:Use Google-like monopolies to your advantage

[Sir_Eptishous]

The problem is there is no balance with privacy or "consumer" rights. Every year that goes by the larger corporations call more and more of the shots. Just look at what they want with their free trade agreements like the TPP, etc; Your average citizen gets shite upon daily by the corporations, and we are so used to it no one cares or notices anymore. People complain about the government, yet if you look behind the curtain, it is the corporations that really run the show.

I would wager that the world will be completely run by corporations in the next 30-50 years or so.

Yet, with all the advances in robotics, etc putting more and more people out of work, how will the corporations, using our current pseudo-capitalist system, remain afloat? That is the real question moving forward. Once unemployment hits 15-20% or higher I foresee Martial Law kicking in to control the millions of unemployed. Controlling the population will be easy with all these tracking systems in place. That is why this(the tracking) is taking place, to give them the control they need when they need it.

Right now we are all "skating" in the new United Police States of America.

However, there is a conundrum: With less consumers and tighter control of the populous, that would mean lower profits. I think right now they are brainstorming on this, trying to find a way to keep the new Police State in effect while keeping the revenue flowing, sort of like China. What a conundrum.

Even though we "hide" behind our slashdot aliases, I'm sure the Corpse(ahem...) NSA knows exactly who we all are on here...

Re:Use Google-like monopolies to your advantage

[Nerdfest]

On Android, you can use the AdAway application from F-Droid.org unrooted. It uses a proxy and work pretty well.

Re:Use Google-like monopolies to your advantage

[tlhIngan]

Big data monopolies like Google are the stuff of nightmare for privacy-minded individuals.

But there's a silver lining to that particular cloud: as the most important player in the field, they're the most visible target for abuse of all kinds. Which means that you have a better chance of dodging the abuse if you simply don't put yourself in the center of the target, by not using any Google product.

You DO realize it's pretty much impossible to avoid Google, right?

You may think to avoid direct Google-owned services like Google Search, Mail, YouTube, Picasa, etc. etc. etc., but what about all the other Google owned stuff? Like how Google owns something like 98% of online advertising (through DoubleClick and many other ad companies they own, but don't link directly to). Or sites that use Google Analytics, Google Ad Services, Google User APIs, Google Tag Services?

And it's no better on mobile - Google owns the big guy on the block, AdMob (probably through a bunch of payments to Apple to create iAds so the DoJ and others will allow the purchase of AdMob by Google (competition! iAds is worthy!) - which to be honest, I don't see as often as AdMob ads). Funny how iAds is barely used (only on iOS apps), while AdMob is in-app ads, mobile web browsing ads, and other such things.

Re:Use Google-like monopolies to your advantage

[kelk1]

On Android, you can use the AdAway application from F-Droid.org unrooted. It uses a proxy and work pretty well.

From both the app website (http://sufficientlysecure.org/index.php/adaway/) and F-Droid (https://f-droid.org/repository/browse/?fdid=org.adaway), this statement seems incorrect.

"Requires root: Yes. The hosts files is located in /system which is normally read-only."

Re:Use Google-like monopolies to your advantage

[mrchaotica]

Are all of those actually necessary, or do they overlap enough that one or more is redundant?

Re:Use Google-like monopolies to your advantage

[ISoldat53]

I wonder if there is an IP issue here? Can Google sue the NSA over using their techniques?

Re:Use Google-like monopolies to your advantage

[gitano_dbs]

Adblock plus for android does the same. On unrooted phones need to manually add localhost as proxie. On rooted phones nothing. Blocks ads on almost all apps, not only Firefox. https://adblockplus.org/en/android-install

Re:Use Google-like monopolies to your advantage

[Nerdfest]

AdBlock Plus, not AdAway. AdAway does require root. AdBlock Plus does not (but contains what some might consider "anti-features").

Re:Use Google-like monopolies to your advantage

Actually free market is a better incentive to spy IMHO. Massive resources are being put to use that a nation state would never have on its own. It doesn't matter if a company goes bankrupt as its assets/database will be sold. The power of greed is at work here. This is the exact shortcoming of communism
                                      "The incentive system also encourages falsification of records, the hoarding of labor and supplies, and numerous unusual activities such as working employees on a Sunday and giving them a day off in the following month"
Communism increases noise in the signal to noise ratio.

Re:Use Google-like monopolies to your advantage

[lister+king+of+smeg]

Are all of those actually necessary, or do they overlap enough that one or more is redundant?

In my experience each will miss something that another catches although yes there is a lot of overlap between some

Re:Use Google-like monopolies to your advantage

As others have said....

You all asked for a free Internet. And y'all got it. Free as it's upsides and downsides. From that, let the whining resume.

Re:Use Google-like monopolies to your advantage

My monthly bill suggests otherwise.

Re:Use Google-like monopolies to your advantage

[swillden]

Simply not using Google products won't protect you from this as it is using scripts embedded in web pages. Google analytics Gstatic and Googleadservices just to name a few

Google provides tools to opt out of Analytics and Ads tracking, which will suppress these cookies.

See http://google.com/privacy/tools, the bottom two entries.

Re:Use Google-like monopolies to your advantage

[amber_of_luxor]

If the United States calculated the unemployment rate today, the same way they did in 1960, the unemployment rate would be over 25%.

If the United States stays on its current track, by 2050, 70% of the population will be permanently unemployed. A further 21% of the population will spend more than half of their life unemployed.

Re:Use Google-like monopolies to your advantage

[lister+king+of+smeg]

I went and looked at those you listed the first one only controlled what the share with advertisers and web-masters no with the government or internally. the second is to a web browser plug-in that they claim is to block google analytics but if I can not trust their scripts how can I trust their plugin?

Re:Use Google-like monopolies to your advantage

[swillden]

I went and looked at those you listed the first one only controlled what the share with advertisers and web-masters no with the government or internally.

Note the two opt out links at the bottom of the Ads Preference Manager page. Those shut off tracking of you for targeted advertising purposes, across Google properties, and/or across the web.

This article is about the government exploiting the cookies Google uses for targeted advertising. By turning those off, there's nothing for the government to track.

the second is to a web browser plug-in that they claim is to block google analytics but if I can not trust their scripts how can I trust their plugin?

What makes you think Google's "scripts" are untrustworthy? (Scare quotes because I don't know what scripts you're talking about; this is about cookies.)

Oh I love how they pander...

A CEO of one of the most successful US Corporations in the entire world wants to put an end to data gathering, and doesn't somehow fucking get that their company exists only because they are in the business of data gathering.

Oh, I love how they pander to us while continuing to shake hands with the devil. You act like they're going to turn away one of their largest customers.

Don't get me wrong, businesses like Google almost have to take this stance "against" the enemy of the People, else they risk losing other portions of their customer base. I simply don't like being lied to by them any more than I like being lied to by my own government.

In the end, nothing will change. Nothing. The US government won't allow it. You're a fool to think otherwise.

Re:Oh I love how they pander...

You are a sheep. You like being tracked, otherwise you wouldn't use Google.
I stopped using Google a year ago. I block several Google domains. I use add-ons that destroy all cookies. What do you do about it?

Re:Oh I love how they pander...

You are a sheep. You like being tracked, otherwise you wouldn't use Google.
I stopped using Google a year ago. I block several Google domains. I use add-ons that destroy all cookies. What do you do about it?

What do I do about it?

Make my life convenient, use it when necessary, don't divulge personal information, and sit back and laugh LOUDLY at those who think they're avoiding tracking or assume they're not using Google products/networks/data centers/partners.

Thanks for the chuckle this morning Mr. Outlier. I needed that.

Re:Oh I love how they pander...

[quixote9]

[Google] doesn't somehow fucking get that their company exists only because they are in the business of data gathering.
Exactly. Now that it's all out there, now -- gee whiz! -- they want it to stop. (Note: then turn off the tracking on your own damn servers. See? Simple.)
The time to stop it was years ago, when some man of wealth and taste first suggested it in a meeting.

Re:Oh I love how they pander...

[recharged95]

you're right on the 1st part,

But the agency is not a customer of Google. Just that a free Internet is what it is....
There's a saying in the spy business: if I can see you, you can see me (intel 101). ... transparency is built into all the communication protocols and the agency is just exploiting it, and with the opt-in nature of the 'net, ANY advertising company can do the same without being a Google customer. ANY. And ad companies love selling data....

Google is spinning PR that the problem is the gov't agencies and not their, nor the Internet companies, entire business model.

One does have to ask: do we blame the playas.... or the game?

Re:Oh I love how they pander...

In the end, nothing will change. Nothing. The US government won't allow it. You're a fool to think otherwise.

Not quite true. Many will die and suffer. Probably the majority unjustly so. But I'm sure some of traitors that enabled these vast civil rights violations will suffer, be tortured and die.

It's not quite enough to bring back a sense of hope for the future of humanity, for that I rely on faith in God. But the thought keeps me a bit warmer as a sleep at night.

Google == NSA

not a surprise, these people are giving each other foot jobs under the table

Re:Google == NSA

[Mister+Liberty]

I see you're modded troll.

Guess the kids here don't like the comment, which most of the time means it comes closes to the factual truth.

Here's an alternative: https://startpage.com/

Funny that Google complains

[yacc143]

Personally, the collection of privacy relevant information by private companies like Google is way more scary than what a government fools around with.

And don't come, it's voluntary. It's anything but, considering how many sites include elements from Google/Facebook/... (e.g. ads or like buttons), and they DO track you even if you are not a registered user. And the end user tools to customize browser behavior (to suppress unwanted elements of a webpage) are mostly non-available on mobile platforms

Worse, as is the "fundamental law" of privacy & data collection, any data collected will be abused. (Classical example, when the truck toll system in Germany was introduced, it was only allowed by the data privacy commissioner because it's absolutely illegal to use the data for anything but tolling. Couple years later, new government, and immediately "let's use the toll data for law enforcement" is a nice idea in the back rooms.)

So Google might be collecting "anonymous" data about person X, not knowing who X is, but that does not mean that the identity of X cannot be revealed later on, or be known by a third party.

Worse, anonymizing data (removing the parts that identify the user and potentially replacing them by a random id) is way harder, e.g. an interested adversary can usually reconstruct the identities, sometimes even trivially.

Re:Funny that Google complains

Personally, I think if you find google more scary than the NSA, that you are a complete idiot, or NSA.

Re:Funny that Google complains

Can't he be both?

Re:Funny that Google complains

I don't think you get his point. If the NSA tracks everybody and there is a hero like Snowden around, people will go "bad government!" In a wonderful alternate universe something may even be done about it (you need the right political climate - see post-Watergate/Vietnam era). However, if Google (or almost anything but a spy agency) tracks you, people, if they are even aware of the issue, will say "tut, tut, they should respect our privacy more". Nevertheless people won't get that upset, or insist on action, because they figure Google (or whatever) tracks you for the purpose of selling targeted advertising and the like. That is the primary reason they track you, and they would probably be very happy if the NSA never bothered them again.

However (and I think this was the GP's point), once somebody, anybody, collects some data on you, then that data can be accessed and used for other purposes. It's especially easy to get that data if you have law enforcement powers, or have the help of a corrupt secret court busy wiping its ass with the 4th Amendment in the name of "national security". He mentioned the truck example. Here in the US (at least NY state) the EZ-Pass electronic toll collection system was initially created with the insistence that the record of what toll stations you passed through would only be used for toll collection purposes. How long do you think that lasted? It didn't even take "national security" to break that one. You had divorce lawyers and whatnot subpoenaing the info - and getting it!

That's why I admired librarians, who responded to the provision of the PATRIOT act that every government clown be allowed to access your library records, by simply deleting the data as soon as you returned a book. Not collecting, or at least not keeping in this case, is the only way to keep it from being abused. There is no such thing as safe data.

Re:Funny that Google complains

[Anne_Nonymous]

X is Donald R. Ladelhoffer of Altoona, Pennsylvania.

Re:Funny that Google complains

Keep in mind, in the US system, third party doctrine also means that a warrant is not technically required to obtain information you voluntarily give to another.

It's part of the reason metadata collection is considered legit.

It also means that anything you type into any webpage that you don't own ... is considered given to another for all practical purposes. Oh...how's that web mail client working for you?

Idea: Build the biggest choke point possible.

[VortexCortex]

I've said it once, and I'll say it again: We gave you a decentralized network capable of self-healing in the face of thermonuclear war -- Packets routed around cities moments after they've vanished. Then you took the Internet, and built centralized data silos with it like fools. There is no such thing as a client and server, there are only peers that wear those hats. From here you look silly with them glued firmly in place.

There's no reason not to have your own recommendation engine in your own home. There's no reason to send personal messages and pictures to a third party just so your friends and family can see them too. As I've said: You will decentralize services, or the web will die by the folly. It may yet be too late. It would be wise to plan on a re-beginning.

Repent. The end is incredibly fucking nigh!

Re:Idea: Build the biggest choke point possible.

[Sockatume]

There's no reason not to have your own recommendation engine in your own home.

Apart from the obvious design advantages to centralising it. A recommendation engine, of all things, benefits enormously from being a shared resource. Communications, less so. There is nothing saying that you have to make that same trade-offs. That's the internet's other strength: heterogeneity.

When you assume something only happened because 99% of people are stupid, check again. There is usually a more informative explanation, especially when your criticisms can be applied to something like the majority of the world's scientific computing resources which are indeed centralised.

As expected

I'd say this is to be expected after all the revelations. Why leave a gold mine like Google cookies unused when the whole point is to end all privacy?
This might cause Google to gather less data or give users the option to remove online profiles they have on you.
Altough that seems unlikely, because lets face it Google does not care about privacy, they only care about customers not trusting their service anymore.

Im just waiting...

[gmuslera]

till some hacker group uses NSA backdoors to cause mayhem in in US computers. Cookies are more or less harmless, as most of the privacy you lost with them is already lost by some other NSA program. But the NSA (and associated groups) backdoors are a bit more versatile, they are prepared to go into offensive mode, and probably a lot of US citizens have them installed (I don't think it is limited to just Tor, or social networks users).

And yes, they can cause mayhem in non-US computers, but how you know that it wasn't intended to happen by the NSA or some related company? The bombs are already in place.

D'oh...

[ArsenneLupin]

(n/t)

Who uses Google anymore?

...I kid, I kid. But seriously, maybe the question should be WHY does anyone use Google anymore?

Re:Who uses Google anymore?

Because Google is no worse than its competitors, just a little more ironic with their "do no evil" slogan.

Re:Who uses Google anymore?

[SuricouRaven]

Because:
1. Who else will you use? The other major search providers are just as evil when it comes to tracking.
2. Their algorithms are the best around. A few competitors come close - Bing will do when you're just looking for commonly available information. But when you're hunting the obscure, on a purely technological level, Google just do it best.

Re:Who uses Google anymore?

[Desler]

You don't need to use Google to be tracked by them. Did you not notice the Google Analytics and Google AdWords scripts that Slashdot runs?

Re:Who uses Google anymore?

Why, no. No I didn't.

Using Opera, add the following items in your ad blocker:
*/ad.*
*/pagead*
*doubleclick.net*
*google-analytics.com*
*googleadservices.com*

Re:Who uses Google anymore?

Actually, you bring up a good point. Sites that sell out their visitors to Google really should be shunned. As a web developer who actually cares about privacy, I refuse to use any google service (analyitcs, JS library, fonts, etc.) because I understand how important this is.

Additionally, I think the combination of NoScript, AdBlock and Ghostery, in addition to using Ixquick for search works pretty well. I also clear cache/cookies frequently (ctrl-shift-del). A shame I have to jump through all these hoops, but it is possible.

having no secrets is suspicious behaviour

like a make work job until a real enemy shows up? enemize all of us at once? phewww.

free the innocent stem cells never a better time to trust in momkind our centerpeace

Self destruct cookie

[pmontra]

This firefox plugin deletes the PREF cookie and all the others as soon as you close a tab. This means that it's created again every time with a different value.

I went to youtube and got this (I must split the values with spaces because /. complaints about long strings of letters)
google.com PREF ID=b59d89f696da3efa:FF=0: TM=1386759139:LM=1386759139:S=mRC2qiDMZ3ir_5JK
google.com NID 67=c1dV2B25sq3P2XdfPrBzGx9yb89H089A9yORn8UeoYGlGbjOUIbHPs03t_7JesDo_7NcnT UlDm90BZEpoSPX9A7FmbYORqBl5WwLmUiCzjreycq2wGE1rAMOSuXlFaZg

I closed the tab, waited for the cookie destruction message, went to google.com:
google.com PREF ID=024924c1c44d8beb:U=9b9ed7f900bfc1f0:FF=0: TM=1386758246:LM=1386759139:S=GCtQO6AoyqL-fqze
google.com NID 67=lPuV792TXm6MLVCnzVYUN-U2Q7B-XRd1d5xCYp7DXjvXvKzEjxtn99DTIbvaFFIg9a8uk2 AmkokD1TaYRnXL3iNA9SrPc1hj3611xY66gObS6pCY4jTTMeQpF6YHLJnn

Different. Well, mostly different. That LM=1386759139 in both PREF worries me. I should understand what it is for.

Re:Self destruct cookie

[bruce_the_loon]

If you plug the number into a unix timestamp to GMT converter, it returns Wed, 11 Dec 2013 10:52:19 GMT, so it looks like it is a time stamp, probably LastModified or something.

Re:Self destruct cookie

[pmontra]

I answer myself because I looked for it and found this paper (PDF) titled "An Analysis of Google Logs Retention Policies".

LM is the timestamp of the last modification to the user Google's preference. It can be used to track down the user because we update our preferences at different times. This applies also to non logged in users like me.

Luckily it's easy to reset LM. Just go to google.com, click the menu, turn on or off Safe Search, click again and turn it back to its original value. LM is different.

Obviously Google could store the old and new value and link them into a db ;-)

Re:Self destruct cookie

[pmontra]

Yes, that's it. You posted while I was writing my answer. Check it for more details.

Re:Self destruct cookie

[Mr0bvious]

LM = timestamp of the last preferences change..

Re:Self destruct cookie

$ date -uRd @1386759139
Wed, 11 Dec 2013 10:52:19 +0000

HTH, HAND.

Try again a bit later and see if it changes. TM looks like last login time or something, judging by my own cookies, what's LM timestamp is for, I don't know, but it seems to be somewhat in the future in my case. Expiration? Next update?..

Re:Self destruct cookie

Yes, Self-Destructing Cookies is a great add-on. If you reject all third party cookies there's a lot of stuff you can't use, and saying "accept this cookie, reject than one" is a serious pain. Do you think the average user would endure it, or even know what to do? Self-destructing cookies is easy and painless to use.

Re:Self destruct cookie

Heh. This gives me an idea: what if the plugin added some random fuzz to LM? Would it make data less useful for Google?

Use perhaps some distribution likely to produce plausible data, e.g. a Poisson distribution with its peak on something like "one hour ago".

Re: Self destruct cookie

Care to enlighten us on what stuff can't you use while blocking third party cookies? I've been blocking them for years and have never noticed any side effects...

Re:Self destruct cookie

I'd assume it's not very useful for Google anyways.

There's ~2^24 different values for a timestamp over a year, but they claim >2^30 unique monthly visitors - and I'd assume LM's would be clustered pretty tightly for those (and TM's would be very much correlated with LM, making the combination not very useful as well).

Also, LM seem to change for me even though I didn't change any preferences, so the paper might be wrong/outdated with the explanations.

Re: Self destruct cookie

Examples: posting a comment on blogger/blogspot, being logged in into Disqus. Apparently some browsers make exceptions for Disqus.

Re:Self destruct cookie

[OhHellWithIt]

Interestingly, Firefox's private browsing yields the same values for this cookie as in the regular session. I have wondered just how far the "privacy" went.

Re:Self destruct cookie

[swillden]

Alternatively, the Google-provided Keep My Opt-outs plugin will prevent Google from ever sending you the PREF cookie.

Larry Page objecting?

How can Larry Page object to bulk collection of user data? Isn't that exactly what Google is designed to do?

obligatory privacy tools and recommendations

[nimbius]

if you continue to use google for searches, discontinue this practice immediately and instead use duckduckgo.com
Keep a whitelist of cookies you're willing to accept, and accept them only for the session in which they are generated. this type of limitation can be controlled in Firefox's preferences under privacy. you should routinely delete the whitelist, as a periodic audit of what you need is more expensive than simply rewhitelisting your most visited sites and discarding the one-time stuff you no longer need.

at one time there was a slashdot article on 4 things you can do to increase your privacy as outlined by the EFF, however i cant find it and see no harm in reposting it.
1. use adblock plus
2. use noscript
3. use HTTPS everywhere
4. block any and all cookies, as mentioned above, with strict whitelisting for banks and reputable online merchants.
newer nerds to slashdot may reconsider the virtues of using mutt, cone, or alpine for email as they effectively render tracking pixels and malicious http content an exercise in futility on the part of the sender. RMS uses links/lynx for all of his web browsing, and while that may be a bit extreme for most of us, it certainly cant hurt to use it for opening email links should you be faced with the necessary evil of a questionable URL.

Re:obligatory privacy tools and recommendations

Use Lynx!

Re:obligatory privacy tools and recommendations

I think all of that is solid advice. I would add

5. Use RequestPolicy [1]
6. Do NOT use ghostery or any other proprietary software...

[1] https://addons.mozilla.org/en-US/firefox/addon/requestpolicy/?src=search

Re:obligatory privacy tools and recommendations

I'm sorry to tell you this, but AdBlock Plus is a sell out. Use AdBlock. They don't do this.

Re:obligatory privacy tools and recommendations

Adblock Plus is compromised. Adblock Edge is the Free version. The link you are referring to is not actually EFF hosted, but actually the FSF.

https://prism-break.org/

Is what you're thinking about. It is all the software you can use that limits your trackability.

Re:obligatory privacy tools and recommendations

You left out RequestPolicy', it is a must have, it works even better than AdBlock because by default it blocks anything on the page that isn't on the same domain you're visiting.

You can then select exactly which extra domains can be allowed to load more on page elements.

fairytail heritage addiction epidemic

abuse victims abuse......

Noise generation

[wbr1]

How about someone develop benign virus that spreads easily, then browses everywhere similar to a spider or crawler and resets it's own cookies (and/or built in creds for various data gathering sites), frequently. With a relatively low CPU and network footprint, a big enough botnet doing just this would make just about all data collection pointless, as the SNR would become problematic.

Re:Noise generation

[MHz-Man]

Not exactly what you described, but TrackMeNot is a browser add-on for Firefox & Chrome randomizes Google searches in non-repeating intervals that average a time length you can set. Poisson distribution in time, I believe. This creates a lot of "noise" for anybody tracking you via your searches: https://cs.nyu.edu/trackmenot/

Political and Corporate Outrage is all Theater

[EmagGeek]

The reality is that Government and Corporations are on the same side and none of them want to get rid of the tracking.

Do his stock holders know?

"Larry Page joined the leaders of other technology companies earlier this week in calling for an end to bulk collection of user data"

Isn't that what google does?

H40R3D by the NSA!!!!oneone!

This is what is called journalism from reputable publications these days.

A worthwhile addendum to that law

A worthwhile addendum to that law would be a "like/dislike" button so that you can leave and say why you're leaving (because they won't work without cookies).

A part of the law not noted is that you have to state WHY you put cookies in and you can ONLY use cookies for that purpose. This is why many UK-only sites have a series of "cookies allowed" options.

1) Bare minimum to continue processing. I.e. a cookie for identification for the site.
2) Enhanced utility cookies. I.e. cookies that allow you do do more things. I.e. a one-click-shop
3) Full eXperience. I.e. a "Take all these cookeis from everyone!! They're great!"

but if I get a "We use cookies" and no opton to use the site without them, I leave. But they then don't know how many customers they're losing. A click to say "I don't like them, I'm outahere" lets me say that I'm off.

Keywords: Tracking can NOT be eliminated

[Taco+Cowboy]

... Tracking not reduced for all a but a tiny minority of paranoids and actual baddies ...

We do need to understand this --- tracking can NOT be totally eliminated.

Cookie tracking is but one of the various ways they use to track us. The report @ http://truththeory.com/2013/12/10/how-to-see-what-government-agency-is-spying-on-your-phone/ tells us about another way (they hack the prepaid phones and track the unique IPs).

No matter if you are an idiot or a tin-foil hatter, you gotta understand that there is only so much you can do.

The world we live in a FREE WORLD for the Big Brothers (commercial or otherwise) to do whatever they want with us.

Even if you only use cash / bitcoin to do purchases, they _still_ can find ways to "understand" you.

I may sound like a defeatist, I may sound as if I have given up. I am not.

I am a realist, though.

No matter what step (or steps) I take to minimize my exposure, they know who I am, where I am, with whom I am, my favorite watering hole, the usual kind of food I take, my regular schedule, and so on...

In one of my previous posts (some moons ago) I mentioned that we need to keep alert 24/7, and someone replied that if I keep on doing that I'm going to go bonker.

Perhaps I have already gone bonker, but then, that's what Big Brothers want anyway.

Re:Keywords: Tracking can NOT be eliminated

[ewieling]

Maybe the only way to win is to not play the game (at least as far as the internet and cellular is concerned). They can't track my internet usage if I don't use the internet, they can't track my location if I don't have a cell phone, they can't track my purchases if I use cash. I'm not ready to give up the convinces of modern technology yet, but each day I get closer. I have drastically reduced my trackable activity though. Eliminated almost all online shopping, eliminated almost all debit card usage, and leave my cell phone in one place most of the time and use my it far, far less. Never used social media web sites so no big loss there. Amazon has lost hundreds of dollars of my business. My bank and VISA have lost income from transaction processing fees because I don't use my debit card much anymore.

Re:Keywords: Tracking can NOT be eliminated

[dead_user]

Hate to tell you this, but cash is serialized and can be easily tracked.

Re:Keywords: Tracking can NOT be eliminated

[Stephen+Chadfield]

Don't use paper money.

Re:Keywords: Tracking can NOT be eliminated

[ewieling]

Can you describe a method where some agency like the NSA might do bulk/automated tracking of cash *and* linking that cash back to an individual person and purchase?

Re:Keywords: Tracking can NOT be eliminated

Not to mention every major city has cameras everywhere, locales like california have license plate trackers which record cars. The government collects your DNA whenever you are arrested (but not yet charged). Your movements are tracked from the sky both by satellites and high-resolution camera-equipped drones.

Re:Keywords: Tracking can NOT be eliminated

[Ksevio]

I wouldn't call losing all the great services of Internet/Cellphone/online shopping/social networks because of fear as a win. Many of those make things much more convenient.

Re:Keywords: Tracking can NOT be eliminated

[Ksevio]

Gonna need a lot of quarters for that new car. Also, how's he going to get all these quarters?

Re:Keywords: Tracking can NOT be eliminated

[Sir_Eptishous]

I'm going to go bonker.

Please....
It's bonkers

Re:Keywords: Tracking can NOT be eliminated

[Vitriol+Angst]

They can't track everyone. If you steal what you want, you don't make a purchase. If you use someone else's machine -- they track someone else -- and if you have no relationship and you bounced it through some anonymous service, there are diminishing returns on knowing you. If you know a bit more, you are spoofing MAC addresses and piggy-backing on other users. Or you do nothing electronically related to your nefarious plans.

In short; the NSA knows more about innocent people and clueless miscreants than it does about real bad guys. While collecting this massive amount of data -- they are distracted.

Now, if there goal really isn't security but SOMETHING ELSE -- well, then this should work out just fine for them. If it's security -- it's worse than if they did no tracking at all. If I were up to no good, I certainly wouldn't bother with leaving any legitimate tracks.

Re:Keywords: Tracking can NOT be eliminated

[Vitriol+Angst]

I'm sure there are "bulk scanners" going on -- things we are not aware of like Teller Machines and such that are scanning the serial codes.

I'm fairly sure the have embedded some kind of RFID ribbon in the $100 bill and larger currency. It's not going to track with regular RFID gear, but likely with a specific radio frequency it will give out it's serial number (I mean, that's how I'd do it -- and whatever I COULD do, usually ends up being something that is BEING DONE).

The NSA is not limiting itself based on any laws or ethics -- it is ONLY limited by technology and imagination. There are efforts to legalize everything or couch it as something else -- and wherever there is a gap, there is just propaganda and PR.

Think; what COULD YOU DO -- and it's likely actually being done. Tires that can be scanned through devices in roads. Bills that can give out a serial number over radio frequencies. Hidden garbage packets that get sent out in off-band signals from chips on your computer that are involved in communication. Whatever they can do, they have done. We only need a Snowden to provide evidence.

I've been assuming this since 2000 and I have not been disappointed.

Re:Keywords: Tracking can NOT be eliminated

[ewieling]

I don't expect to be able to purchase a vehicle anonymously. I am not trying entirely prevent the government from knowing where I live -- that is not practical. I signed a lease on my apartment, I get a paycheck, I have utilities in my name, I have a car registered in my name. None of those things allow the government to track where I go and what I do as part of a "surveil the entire country" program.

If the government thinks I'm a "bad guy" and specifically targets me then I'm screwed no matter what I do. Unless I'm the target of a criminal investigation they have no valid reason to know where I go, what I buy, or who I communicate with.

Re:Keywords: Tracking can NOT be eliminated

[SuperRenaissanceMan]

Automobiles are registered at purchase. This is a case where it is pointless to use cash--the sale can't really be obscured.

Re:Keywords: Tracking can NOT be eliminated

[VortexCortex]

Well, the government has proven we can't trust them to abide by the Constitution. Our armies are so powerful they need keep no secrets. Troop deployment, arms caches, etc. can be known in advance (and probably are due to spies anyway), so even any military action we'd perform really needs no secrets; What the pathetic terrorists threat? Falling down in the bathtub is a greater threat. The secrecy and spying infrastructure costs too much. We can't trust them to have it.

If you give a kid a "toy" that's powerful enough to burn down the house and tell them not to, and they set fire to the whole damn world anyway, well, then you ground the kid, take away their toy, and keep them under supervision. Fortunately the NSA isn't a kid, it knows what it's doing, so we need have no remorse in routing out such Stasi-like spying systems. They'd set the world ablaze on purpose. We can't trust them to keep secrets.

The NSA-like spying world wide has harmed the public trust in their governments. What soldier who served to fight against such oppression would serve a government who willingly perpetrates that which they supposedly fight against? The NSA is a threat to national security for all the world nations. We're braver than this. Cars and Cheesburgers kill 400 times more people than a 9/11 scale attack EVERY YEAR, and yet we put our kids in our fast cars to visit fast food restaurants.

The people must regain trust in their governments, not through ignorance, but through knowledge. We need to KNOW we can trust our governments. We need to see everything they are doing. They can't be trusted to keep secrets without abusing them. The people know what's best for themselves, and any argument that says otherwise is incorrectly assuming the decision is best made by those with knowledge who hold the secrets. Informed decisions about our governance can not be made if the government is cloaked in secrecy. This isn't the Constitution I our founders signed up for. This government is actively over exaggerating fears to turn the home of the brave into the cash cows for the military-industrial complex. Just as Eisenhower feared, and warned.

Tracking CAN be eliminated. Consider a mesh network with store and forward. You download that cute cat video directly from the peers around you that emailed you about it instead of having to do all the hops to get it from the source -- Free Co-Location! The internet is a store and forward network, but ISPs want to charge outlandish fees for bigger buffers. Packet radio also exists. Get the FCC to relax anti-packet radio laws on the public use air-waves, and give us a section of unlicensed HAM band, and you'll have your free network akin to the Internet. Like the BBS era's Fidonet it will self assemble and have anonymity inherent -- You route data for your neighbour, your neighbour can spoof packets and say they are routing them for someone else; point to point nodes can be established. You'll join the network by paying a one time fee to buy the hardware and join the web; Bigger the node, faster the connection. Cellular exists. The public citizens need the right to use their own air-waves. There's no reason backing up your encrypted family files off-site to grandma's and your sister's PCs needs go through a 3rd party. The technical limitations don't exist. You see, a government can't have a kill-switch for a publicly operated network, so they simply don't allow one. "Land of the Free", No, we're not it's enough to make a gadget lover cry.

Re:Keywords: Tracking can NOT be eliminated

Two things here alpr and smart electric meters. ALPR is the big one. You could set up a bank of light timers for the other. Chained together mechanical timers could add a bit of pseudo random to the mix.

Re:Keywords: Tracking can NOT be eliminated

If you don't want to be tracked in any way, you cannot buy a car anyway. Oh, and don't even think of working somewhere (or doing anything else where you need your social security number).

Of course as soon as you're hiding too much, you may stand out for exactly that reason, and become a primary surveillance target ...

Re:Keywords: Tracking can NOT be eliminated

[dead_user]

There is a reason the serial number is in a large OCR-friendly font. In two places. In magnetic ink.

Re:Keywords: Tracking can NOT be eliminated

[ewieling]

Are you saying there is no point in using cash?

Re:Keywords: Tracking can NOT be eliminated

[dead_user]

Absolutely not. I am just saying don't assume cash is totally anonymous, because it isn't.
This machine captures the serials of 1200 bills a minute. While it counts, verifies and scans each one.

http://www.cumminsallison.com/us/en/products/currency-handling/jetscan-ifx-i100

Re:Keywords: Tracking can NOT be eliminated

[ewieling]

I don't expect totally anonymous. What I expect is more anonymous than using my debit card.

Re:Keywords: Tracking can NOT be eliminated

its about making money

the next round of billionaires will come from the nsa

Blocking Javascript

> To block them you need to either completely block javascript which will break many if not modern web pages [...]

Well, that's exactly what I do. Blanket ban on Javascript coming from "out there". Only exception: company-internal stuff (because the dorks here are unable to present an interface which works without). For that, I use a separate browser profile.

And there is just one site (no, it ain't Slashdot, that's why I always go Anonymous Coward. I'd be a regular user if there were a cookie-free way to do it! Heck, I'd even help out in developing one) for which I do enable cookies from time to time (deleting them after the editing session).

Whenever a site goes Javascript-only... good riddance.

Yes, it's a bit extreme, and I wouldn't expect Jane User to do likewise, but I'm actually a bit disappointed that so very few geeks do try.

We could make a difference.

1984 wasn't supposed to be a cookbook

[joseph90]

what did they say about absolute power again?

lost patience

I did. Not only with NSA but also with other authorities. I live in Germany so NSA is not that much of concern to me (yes I do know they see my data too but I meant jurisdiction) but we have plenty of our own authorities in Germany. It is however not only lost patience with spying organisations but generally with societal control over state activities, social system failing delivering justice for instance by which I do not mean that hands should be chopped off of thieves in suits but that some common sense should be applied to justice and it should be transparent. I lost patience with fellow citizens too for they are stupid and lazy and do not use any sens or logic but are deceitful liars ready to cut your throat for personal pleasure if benefit is not possible. I think it is time to take things in our own hands. It means of course violence - I do not think it is avoidable as people rarely can use reason if not threatened with violence. I find that to be a sign of times that there is no connection between trigger, reason for action and action itself anymore. In Germany we have highway toll for lorries that is to help state health systems and tax on cigarettes to help pension systems (or other way around). It is the same with security - we will fuck your rights because some rapists who we let go because of our stupidity and who raped a small child but we do it not to protect the child but because we want to have right wing on our side. Our society became too complex and its parts to disconnected from each other to function properly as a society. We have to take responsibility into our hands and do something against the destruction of social cohesion. Of course it is clear to me that we then hand the wrong ones but we do not want to be the only ones that hesitate and think 'why', before going ballistic. Let us sink in holy violence before it is applied to us at any of numerous visible and invisible checkpoints. Better to have them than us on the sharp end of an ax.

Re:Noise generation / digital haystack

[retroworks]

Antiphorm http://www.dslreports.com/forum/r20512864-antiphorm-lite or "cookie camouflage" would be easy and effective at creating a "digital haystack" so big that NSA could not monitor it. But Antiphorm disappeared, and

As if ...

[gstoddart]

For years, privacy advocates have raised concerns about the use of commercial tracking tools to identify and target consumers with advertisements. The online ad industry has said its practices are innocuous and benefit consumers by serving them ads that are more likely to be of interest to them.

No, the advertising industry wants to target ads to us to benefit themselves, and in the process they've made everything we do tracked, monitored, cataloged, and neatly bundled up for sale to someone else.

And since I am not willing to provide them with this, I feel no compunction about blocking cookies, beacons, analytics, and a host of other things.

For website owners who rely on this, too fucking bad. Because your precious content isn't worth trading my privacy for, and I do not give a damn. It's like going to an Italian Restaurant and being told that Vinnie here also needs to get a cut.

I don't believe Google is really interested in stopping collecting user information. They may want to limit what the government can access, and they want to give the appearance of fighting for the consumer. But the big companies like Google who have really made this widespread have a huge financial interest in continuing this practice.

Once you have things like Ghostery and the like installed, and realize just how much crap is on every web page, it's astounding. Hell, right now, on Slashdot I've blocked "Google Analytics", "Google AdWords Converter", a "Scorecard Research" beacon, and whatever the hell "Janrain" is, and something called rpxnow.com -- and Slashdot isn't the "worst" site I've seen. But absolutely none of those sites is entitled to (or is actually receiving) any of my information.

Fuck the lot of them. I've more or less determined the internet is a place where 80% of the big players can't be trusted, so as much as possible, I just deny them the information they want in the first place.

Because, let's face it, doubleclick.com and the like have been douchebags for better part of 15 years. Why would we assume that would ever change?

Re:As if ...

[Sockatume]

Most advertisers seem genuinely convinced that they're doing us a favour with their advertising. I'll let readers speculate as to why that might be.

The funny thing is I actually don't mind market research as a field nearly as much. If a company is looking to understand that I prefer phones that fit in my pocket and cost less than two weeks' wages, and wants to fill that niche, then more power to them. However all they seem to want to do these days is use that information to try to convince me to buy something they've already decided I want.

Re:As if ...

And since I am not willing to provide them with this, I feel no compunction about blocking cookies, beacons, analytics, and a host of other things.

Do you clear your image cache after each session too? Even image checksums can be used as cookies.

I find it especially ironic that, because I'm not accepting cookies and posting as AC, this post will probably not be read by most of slashdot readers on this page.

Re:As if ...

Actually Eric Schmidt has been promoting this very idea. My understanding is that he believes anonymous people should not be heard.

Please show evidence.

"not because the other OS was more secure"

Bollocks.

Windows OS was definitely less secure than Linux. By a long shot.

It was ALSO more prevalent and therefore infection spread easier for that AS WELL.

Your claim requires proof. Because there's fuck all about "it's more prevalent" that disallowes "less secure" from being true too.

The laws need changing/revoking...

[advocate_one]

the problem HERE lies with the National Security Act which allows them to get this data from Google without having to jump through the hoops of having to provide due cause and a proper warrant. National Security Letters should be outlawed...

Re:The laws need changing/revoking...

[Desler]

But if these companies didn't have such huge troves of private user data there would be no need to worry about NSLs, etc. They'd have nothing to give over. He's not against bulk collection of data, etc. He's simply against the government competing against him in the data collection realm.

Re:The laws need changing/revoking...

[Vitriol+Angst]

The Hoops are all electronic and binary; "Default state = request denied."

If (request) then {return:result};

It's not a complicated hoop, but there is at least a virtual one.

Re:The laws need changing/revoking...

[swillden]

But if these companies didn't have such huge troves of private user data there would be no need to worry about NSLs, etc. They'd have nothing to give over. He's not against bulk collection of data, etc. He's simply against the government competing against him in the data collection realm.

There's a big difference. The Google data collection is optional for users (Google even provides tools to make opting out easy), and in their individual control. Government data collection is not (unless we collectively take charge of our governments and stop it).

Re:The laws need changing/revoking...

But if these companies didn't have such huge troves of private user data there would be no need to worry about NSLs, etc. They'd have nothing to give over. He's not against bulk collection of data, etc. He's simply against the government competing against him in the data collection realm.

You are looking at it backwards. People in a free nation should not have to give up technological advancements because of misuse or threat of misuse by the government. The better solution is to limit government, not technology. I shouldn't have to give up cell/smartphone because of government 'dragnets'. I shouldn't have to give up driving because I am being indiscriminately watched and tracked. I shouldn't have to give up using the internet because I fear of being spied on. A free nation is built on a government with limits.

Re:A Site says "I will not (fully) serve you..."

[TaoPhoenix]

"Because what happens is a site says: either allow my cookies or I will not, or not fully, serve you. And because the average user..."

It's worse than that.

I'm somewhere in the middle of the pack. My "user side" skills are certainly a step above newbie. But when the "cookies and friends" are mashed into the loading process for a site from twelve component domains, you can't always just blindly turn them off either! Monster.com comes to mind... there are others.

So then if you're clever sometimes you can custom select which cookies to allow, but already that's losing the war. "I don't think I can stop them all..." - Magneto from X-Men movie 1.

The best I can hope to do is slow the tsunami down into a slow roar. : (

Okay, that's it.

[fullback]

I've had enough of the NSA. I'm going to unplug from the Internet. I'll just yank this cord from my keyb

Re: Okay, that's it.

Thank you candle jack for submitting fullback's post for h

i'll be impressed by page et al...

...when they call "for an end to bulk collection of user data" by private entities as well

WE SHOULD HAVE LISTENED TO APK!

I have come to think as APK as Jesus, and us the pharises. He came to tell us the truth about HOSTS files and we called him a kook. Well, he was, but you can use a hosts file to block the various google analytics and ad servers. So block those domains one way or another. And if you have a website, don't use google analytics. Your access logs give you much of that information without handing over control and information to google.

Persistence

Is there really anyone here who allows their cookies to persist from one session to the next?

Probably holding out for more money?

The cynic in me suggests Google is sending a big "If you want us to keep doing this, we'll need more money" message to the government. I hope I'm wrong, and that google wants to end this regardless of what they get offered.

Re:Noise generation / digital haystack

[ArcadeMan]

But Antiphorm disappeared, and

And so did you, apparently.

Not even an advertising cookie!

[mrbene]

I guess it would have been a less compelling story if it didn't have the anti-advertising bent, and was more along the lines of "NSA uses web analytics cookies to pinpoint users."

Uniquely identifying web browsers by assigning a unique ID into a cookie has been a core behavior of the web analytics industry for over 15 years. You want to know how many unique visitors are coming to your web site? Assign an ID!

If advertising didn't exist, and Google remained the most popular website, the NSA would still have a unique client identifier. They'd also probably have more details, since the main alternative to advertising is subscription, which would require (with current technology) disclosure of actual personal information.

Re:A Site says "I will not (fully) serve you..."

[Greyfox]

Sure, but you can happily accept all cookies and drop them when your browser exits. It's quite easy to configure your browser to do this, and those web sites won't be able to tell the difference. If you're getting a third-party cookie from an advertiser who doesn't require a login, you'll look like a completely different person as far as they're concerned. Getting rid of persistent data from flash may be a little more tricky depending on which browser you use, but that's just that much more reason not to ever browse any web sites that require the use of flash.

Sometimes "-1, Troll" is just a "-1, Troll"

Oh, please.

I see a plenty of "OP is a fag"-like comments disliked by "kids here" and modded troll as well - doesn't mean that /.'s the most popular news resource for LGBT community.

Not completely hypocritical

[alispguru]

He's objecting to the Government asking Google for the bulk data they collect. They can do it three ways:

* Just ask for it, and say "due to the third-party doctrine you have no legal reason to refuse"

* Show up with a National Security Letter, take the data, and say "this is OK due to FISA oversight. BTW, you can't tell anyone about this."

* Copy the data as it passes through the thoroughly suborned telecom infrastructure, without even asking.

Bulk data collection by Google is potentially bad. Bulk data collection by the Government is worse - Google can't arrest me.

No mention of Snowden?

[gumpish]

I guess we're just supposed to assume that any reports like this were made possible by Snowden unless someone says otherwise?

Re:No mention of Snowden?

They are going to do that in the very near future. At that point what Challenge are they talking about. Google pays MS right now for patients that are being used in the android OS. MS is making a mint on it to. Android OS costs google right now. MS will blow the doors off of google.http://indresult.com

AdBlock = Inferior + 'Souled-Out'... apk

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):

---

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

* "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein

(Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see))

---

** "Less is more" = GOOD engineering!

(Vs. slowing down SLOWER usermode browsers layering on MORE in addons which slow them down more: I work w/ what you have in kernelmode, via hosts - A tightly integrated PART of the IP stack itself)

APK

P.S.=> "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

...apk

More and more like China

I guess being owned by China means we need to be run more and more like China. Thanks Obama.

Re:More and more like China

and every president since nixon at least

It's time for a paradigm shift

[SuperCharlie]

While I do appreciate the ongoing releases of how we are tracked, mostly for the less technical crowd to come up to speed, I think it's time to realize that if you are connected to any network with any device, regardless of what "security" measures you take, you will be tracked.

USRP mentioned few time - more interesting.

[citizenr]

USRP
https://www.ettus.com/product

Software Defined Radio used to spoof Cell towers. Looks like NSA is deploying SDRs everywhere. This is more interesting than some google cookie.

What they really want

[phorm]

To block specific versions of data-gathering, because they have alternate ways to do it already, but assume that their competition doesn't have such alternate methods available (or are too small to implement them).

Merci Beaucoup

Thank you very much for your correction.

English is the 5th language that I learned, so, please excuse me for my broken england.

RequestPolicy = Inferior... apk

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):

---

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

* Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts ( A tightly integrated PART of the IP stack itself )

APK

P.S.=> * "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein

** "Less is more" = GOOD engineering!

*** "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

...apk

Ghostery = Inferior "fox in a henhouse"

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):

---

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

* Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts ( A tightly integrated PART of the IP stack itself )

APK

P.S.=> * "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein

** "Less is more" = GOOD engineering!

*** "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

...apk

Ghostery = Inferior "fox in a henhouse"

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):

---

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

* Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts ( A tightly integrated PART of the IP stack itself )

APK

P.S.=> * "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein

** "Less is more" = GOOD engineering!

*** "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

...apk

Ghostery = Inferior "fox in a henhouse"

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):

---

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

* Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts ( A tightly integrated PART of the IP stack itself )

APK

P.S.=> "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein

"Less is more" = GOOD engineering!

"The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

...apk

Ghostery = Inferior "fox in a henhouse"

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):

---

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

* Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts ( A tightly integrated PART of the IP stack itself )

APK

P.S.=> * "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein

** "Less is more" = GOOD engineering!

*** "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

...apk