Slashdot Mirror

← Back to Stories (view on slashdot.org)

If You're Not Paranoid About Your Privacy, You're Crazy (theatlantic.com)

Posted by samzenpus on from the stop-listening dept.

Muad'Dave writes: Here's an interesting article at The Atlantic about the prevalence of surveillance and the recent uptick in 'deja-vu' moments where devices seemingly hear your conversations and then attempt to market to you. From the article: "One night the previous summer, I’d driven to meet a friend at an art gallery in Hollywood, my first visit to a gallery in years. The next morning, in my inbox, several spam e-mails urged me to invest in art. That was an easy one to figure out: I’d typed the name of the gallery into Google Maps. Another simple one to trace was the stream of invitations to drug and alcohol rehab centers that I’d been getting ever since I’d consulted an online calendar of Los Angeles–area Alcoholics Anonymous meetings. Since membership in AA is supposed to be confidential, these emails irked me. Their presumptuous, heart-to-heart tone bugged me too. Was I tired of my misery and hopelessness? Hadn’t I caused my loved ones enough pain? Some of these disconcerting prompts were harder to explain. For example, the appearance on my Facebook page, under the heading “People You May Know,” of a California musician whom I’d bumped into six or seven times at AA meetings in a private home. In accordance with AA custom, he had never told me his last name nor inquired about mine. And as far as I knew, we had just one friend in common, a notably solitary older novelist who avoided computers altogether. I did some research in an online technology forum and learned that by entering my number into his smartphone’s address book (compiling phone lists to use in times of trouble is an AA ritual), the musician had probably triggered the program that placed his full name and photo on my page."

8 of 373 comments (clear)

  1. Re:Some basic rules by Altrag · · Score: 4, Informative

    The fallacy here is that we're all low-value targets. Those ads you're avoiding are costing something tenths or hundredths of a penny. They really don't give a crap if a handful of people ignore them or try to game it or whatever.

    All this shit is based on scale. If they advertise to 1,000,000 people and only 0.1% even pay any attention, that's still 1,000 people viewing their products and likely 10 or 20 that buy something -- which more than recoups the cost of those 999,000 "wasted" ads.

    Tack on to that the fact that your connections and other such metadata are just as important as your browsing history. If they notice you've been looking at cars for example, they might send ads to your wife with more "girly" models or something.

    You can go ahead and do everything in your power to reduce the visible impact to yourself (adblock and such) but don't mistake that for being immune to the disease -- you're only hiding the most obvious results of the data collection, not stopping the collection itself.

    The only way to avoid all of these privacy breaches is stop using technology. Of any kind. No bank cards, no credit cards, no grocery store discount cards, no accounts on any websites. Hell probably don't even want an internet connection since that IP address is traceable in theory. Perhaps if you take a laptop with you and only use free public wifi and remember to re-image the device between usages so there's no possibility of leftover tracking data.. then maybe you can do something in near-complete privacy. Oh. And you probably shouldn't have any friends either in case they decide to post something about you on their wall/blog/whatever.

  2. Re:Okay, So Why Should I Be Paranoid? by Anonymous Coward · · Score: 5, Informative

    in my country, my sexuality is a death sentence. So yes, I have quite a lot to hide.

  3. Re:Alcoholics Anonymous by Curunir_wolf · · Score: 3, Informative

    Anyway, the AA meetings are "secret." Not so much searches.

    Umm... no, not secret. At all. Anonymous. Which is much different. I assume the author was referring to this online calendar of AA meetings in the L.A. area which is, yes, public.

    --
    "Somebody has to do something. It's just incredibly pathetic it has to be us."
    --- Jerry Garcia
  4. AdBlock warned me the site uses targeted ads by AndyKron · · Score: 3, Informative

    I clicked on the link, and AdBlock warned me the site uses targeted ads. LOL. Or maybe not LOL.

  5. Re: Okay, So Why Should I Be Paranoid? by Etcetera · · Score: 1, Informative

    We shouldn't have to pay anything for privacy. You're not thinking clearly because of how far our society has gone down the road of routine invasion. Privacy used to be normal, and people had to pay to be known, typically for business but also socially - remember classifieds?

    If privacy was normal, it was due to lack of mass broadcasting and data processing, and the existence of a strong social fabric among those who DID have access to you if they wanted to. (Apartment neighbors, etc.)

    Technology ruined the first part. And now everyone's your neighbor on the internet, rendering the second part irrelevant.

    --
    Hire a Linux system administrator, systems engineer,
  6. Re:Your device is p0wned by Anonymous Coward · · Score: 2, Informative

    BS. You have no idea how cookie works, nor what those cookies contain, nor how tracking cookies actually works.

    Cookies are only retrievable from the originating website. And some of critical cookies are https-only. Embedding iframe into some sites doesn't allow some random websites or ads to get google.com cookies or facebook.com cookies. What it means, is that those ads embedded in various web pages through iframe (that originate from the same ads network) get the same cookie from your browser whenever those iframes are loaded, along with usual HTTP headers (like referrer, user agent) and ip address, hence they can record what they get from iframe requests - when the same cookie (i.e. you) shows up in some other sites, the same ads network will get the same cookie (with referrer), hence they know those sites the browser with that cookie has visited.

    Obviously, this does not mean your search traffic will somehow magically leak to those advertisers. Nor this means all your browsing history will suddenly be available to ads network. There's no straight way to extract email address. The only way, would be for ads network to somehow learn the email address associated with the browser session somehow in the past. But there's no way for ads network to just find out your "email address" unless you've told them in the past (e.g. sign up for sweepstake, etc).

  7. Poison the Well by Anonymous Coward · · Score: 2, Informative

    Whenever I read one of these articles about how tiny fragments of information are gathered and assembled into a personal profile I'm struck by how much is based on so little. They make a lot of assumptions about the veracity of these little details that they collect. Thins makes me wonder if active and deliberated injection of miss information could serve as an effective defense mechanism.

    If course, you'd have to be sure that the false picture you paint is a favorable one. And that the resulting ad targeting will come in a fairly innocuous form. You are going to get blasted with ads regardless of what you do.. Do you want them to be relevant (attention getting, so you are constantly telling yourself, "No, no, no") or completely irrelevant to you (more annoying, but soon more easily ignored).

    Perhaps a browser plugin could be developed that does occasional random searches in the background. Or maybe something that clicks on random ads in a hidden browser session (just make sure you have damn good sandboxing, given the propensity for drive-by browser exploits to lurk behind ad-bait.) Similar things could be done with random email and text messages between users of a misinfo application. I've often thought it would be fun to make a browser plugin that connects to a peer-to-peer network and swaps tracking cookies with other browsers. You'd have to make sure to exchange only cookies from domains know to be associated with tracking and advertising, and not anything that may have login of other confidential data. This would have to be done carefully; but I think it could be done.

    The effects would be hilarious. When you op-out of tracking you merely deny them some of the data (and maybe flag yourself as a different kind of datapoint...). But if you intentionally poison the well in a way that is difficult to distinguish from legitimate data then you increase expenses while significantly decreasing value of the whole system, as well as sow doubt one whatever remains after their attempts to filter out interference.

    Limiting your exposure by trying to limit what information can be learned about you will only go so far. You will never eliminate all of it. After you reduce it by 95% there is still a hellofalot that can be gleaned from the remaining 5%. But if that 5% can't be disentangled from 95% bogus information then it would be a real thorn-in-the-side of those trying to build consumer profiles of every member of the population. I think that this is the new frontier in privacy protection. Get a few Cryptonomicon-minded people thinking about this and imagine what they could come up with.

    (Posted as AC for obvious reasons.)

  8. Re: Okay, So Why Should I Be Paranoid? by rioki · · Score: 3, Informative

    If privacy was normal

    Unless you lived in a village, where probably everybody know almost everything. Somethings just where not talked about in the open.