Google Has Quietly Dropped Ban On Personally Identifiable Web Tracking

Fudge Factor 3000 writes: Google has quietly changed its privacy policy to allow it to associate web tracking, which is supposed to remain anonymous, with personally identifiable user data. This completely reneges its promise to keep a wall between ad tracking and personally identifiable user data, further eroding one's anonymity on the internet. Google's priorities are clear. All they care about is monetizing user information to rake in the big dollars from ad revenue. Think twice before you purchase the premium priced Google Pixel. Google is getting added value from you as its product without giving you part of the revenue it is generating through tracking through lower prices. The crossed-out section in its privacy policy, which discusses the separation of information as mentioned above, has been followed with this statement: "Depending on your account settings, your activity on other sites and apps may be associated with your personal information in order to improve Google's services and the ads delivered by Google." ProPublica reports: "The change is enabled by default for new Google accounts. Existing users were prompted to opt-in to the change this summer. The practical result of the change is that the DoubleClick ads that follow people around on the web may now be customized to them based on your name and other information Google knows about you. It also means that Google could now, if it wished to, build a complete portrait of a user by name, based on everything they write in email, every website they visit and the searches they conduct. The move is a sea change for Google and a further blow to the online ad industry's longstanding contention that web tracking is mostly anonymous. In recent years, Facebook, offline data brokers and others have increasingly sought to combine their troves of web tracking data with people's real names. But until this summer, Google held the line." You can choose to opt in or out of the personalized ads here.

Who to blame?

Still the Google engineers who volunteer to implement these things in exchange for good payment and conditions, and excuse themselves as only following their employer's orders.

Most mass anything is the result of willing engineers. We should never forget this, or we end up being the problem.

Re:Who to blame?

They were only following orders.

Re: Who to blame?

I see no difference between a Google employee and a Nazi death camp guard.

Re:Who to blame?

You forget that that rule only applies to people on the losing end of a war or uprising. Yeah. That's humanity for you, no double standards in sight at all.

Re:Who to blame?

[Travis+Mansbridge]

If these employees didn't follow orders, they'd be fired and replaced with employees who do. If a company fails to take actions that result in a higher bottom line, they may eventually fail altogether and be replaced by a company that does. The true root of this problem is capitalism, as it creates a survival-of-the-fittest scenario where the only measure of fitness is wealth. Obviously socialism and communism have their problems too. In my view, only socially-regulated capitalism can save us (too bad we don't have Bernie).

Re:Who to blame?

Its not like google employees are desperate for a job. It isn't a choice between working for google or putting their family out on the street. Save your compassion for contract janitorial services people that clean the floors at google. The highly paid engineers are going to be fine.

Re:Who to blame?

[Bing+Tsher+E]

Yes, the 'true root' of the problem is 'capitalism' but individual employees within a company can still be held accountable and scorned by the community as a whole for their practices at the workplace.

Bernie's not going to save us. We'll have to save ourselves.

I am in the process of ditching my gmail account. There are commercial email providers where you can pay $30 for an account where you're not a farm animal in their field.

Re:Who to blame?

It's been a long upheld legal principle that "just following orders" is NOT an excuse.

Not that this is equivalent to war crimes, but the idea applies to even lesser things. Google's engineers are complicit and cannot be absolved of responsibility by "just following orders", any more than Volkswagen's or anybody else's can. Mistakes are one thing, but intentional actions are another. Intent matters in the eyes of the law.

Re:Who to blame?

[thsths]

For what? For a news article on slashdot for something that happened "this summer"? I guess it is a slow new day. There you have it, the culprit remains abstract.

Re:Who to blame?

[lhowaf]

It is entirely possible that Google management didn't approach the engineering staff with a plan to build a Death Star or Soul Sucker. The very core of their business is to collect data. The decision to use some of that data for evil/greedy purposes doesn't require additional capability - just additional restraint. [not affiliated with Alphabet/Google]

Re: Who to blame?

Can you suggest some? I will do the same.

Re:Who to blame?

There will be more than zero engineers involved in the linking of billions of pseudonymous records with personally identifiable records that have been previously been kept carefully separate.

Re: Who to blame?

[93+Escort+Wagon]

I see no difference between a Google employee and a Nazi death camp guard.

Well, then, you're an idiot.

Re: Who to blame?

I see no difference between an idiot and a Nazi death camp guard.

Re: Who to blame?

Wouldn't capitalism allow other options. You don't have to use Google.

Re:Who to blame?

So we should form a union so we can refuse to do unethical things as a block, with the threat of real consequences for companies that try to make people act unethically, rather than the status quo where you'll just get replaced by a less ethical employee with no for anyone but yourself.

(PS I'm actually pro union, but just wanted to be clear what you were asking)

Re: Who to blame?

Unionizing is against the Code of Engineering Ethics and would only make ethical decisions more difficult.

Re: Who to blame?

[Potor]

swoosh ...

Re:Who to blame?

[AHuxley]

A policy of "Do no privacy"

Re: Who to blame?

Which is not what the article talk about. It's about newly collected data for new users that don't opt-out or old users that opted-in ...

comply

I assume some people might actually want to share their information for assimilation purposes. The question is whether it defaults to opt-in or opt-out.

Re:comply

The big issue here is that folks with gmail accounts that predate this were under the assumptions about how the data is being used and now they have to either accept the new terms or go through the incredible hassle of changing addresses.

This is a massive expansion of what they had been doing and there needs to be some sort of legal action taken against them as this isn't something that people have a reasonable option of opting out of. Between Google's products and the ones they bought when they were allowed to illegally purchase Doubleclick, there's very little chance of people actually avoiding being in these databases and very little choice once you're in there of getting out. The only choices you have require you to already have an account.

Re:comply

Never register you real name when you activate a phone. Don't use gmail. Put eggs in different baskets. Use a Raspberry PI as a file server; don't use the G-storage.

Look up who "gogol" was.

These chaps are part of the 1% and they want to put digital shackles around your neck.

Thank but no thank you

[Artem+S.+Tashkinov]

I knew this day would be coming a long time ago so there's a very elegant solution to this madness.

1) Use a separate IMAP/POP3 client (thunderbird is nice) to fetch your mail from Gmail
2) Make your Firefox clean your session data on exit (cookies, web cache, offline website data - that's enough)
3) Adbock+/Ublock Origin with anti tracking and anti social lists for good measure

This still leaves your IP address unprotected but if you're concerned enough, use a provide which generates random IP addresses or VPN.

Re: Thank but no thank you

Just block all google IP addresses at you firewall. Oh, and hit any Google employee hard in the face if you meet one.

Re: Thank but no thank you

[Artem+S.+Tashkinov]

Countless websites on the internet totally break if you block google IPs.

Re:Thank but no thank you

Could you please explain the advantages of using desktop mail client over webmail from a security point of view?

Re:Thank but no thank you

[Artem+S.+Tashkinov]

Numerous: 1) You can set thunderbird to only show text by default (so no HTML/JS/etc madness, no ads, no nothing, except what's absolutely necessary) 2) Your cookies are not shared with your web browser 3) Less chance to enter your Google password somewhere where it doesn't belong (various scam websites/DNS injection/etc) Oh, and make sure you use OAuth authentication in Thunderbird - but at least the first initial connection must be made with real Google servers ;-) It will protect you against rogue SSL certificates/MITM attacks.

Re: Thank but no thank you

[jader3rd]

Countless websites on the internet totally break if you block google IPs.

True, but only in good ways.

Re: Thank but no thank you

[Khyber]

Which totally defeats the intended ability to keep network traffic flowing no matter what.

So it's safe to say Google has effectively broken the internet.

Re: Thank but no thank you

Arguably, then, they are already broken.

Re: Thank but no thank you

[Bing+Tsher+E]

In the same way that a cowboy 'breaks' an untamed horse.

Re:Thank but no thank you

[Bing+Tsher+E]

You can also set your email client to delete the mail from the email server as soon as it's transferred to your local mail client. Your 'inbox' folder is on your own equipment and mail only sits on the public server long enough for your client to retrieve it.

Re: Thank but no thank you

How will that help? They'll just get the data from the other end

Re:Thank but no thank you

[Burz]

Using a POP3 client doesn't change the fact that Google is scanning your emails and associating the content with you in their advertising system.

Re:Thank but no thank you

This still leaves your IP address unprotected but if you're concerned enough, use a provide which generates random IP addresses or VPN.

You could ask your internet provider about their dynamic IP packages (if they have any) and if you can switch to them.

Re: Thank but no thank you

No, I don't believe that auto-delete-after-transfer prevents Google from retaining the email. Slashdot has previously reported on a legal case in which the defendant was charged based on deleted emails recovered (years later?) by the provider. That may or may not have been Google, sorry I don't remember better details.

Also, even if the email really is permanently removed from existence, I would expect that any data (tracking, customization) was wrung from it before deletion. Why wouldn't they?

Re:Thank but no thank you

[wbr1]

Step one is useless. Whether you use an IMAP client or not, if its a google account, all inbound and outbound messages touch their servers, with id and authentication information. I use Gmail, but if you consider your data precious, using a mail client buys you no protection from the provider snooping. The only thing that can protect you is encryption or rolling your own server.

Re:Thank but no thank you

[hcs_$reboot]

Ghostery might be a good option if you disable the 2 Sharing options.

Re:Thank but no thank you

I see. Thanks!

Re: Thank but no thank you

All the good internet services don't need g-shit.

Folks, the internet works without Zuckerberg, Brin and so on. They are megalomaniacs who believe they must create the biggest shitpile ever created. Then they will end up in history books, which is the very reason for their existence.

They are the same type of people who megalomaniize in New York and Hollywood.

Actually all their work is a massively complicated and dangerous way to achieve this. But in their circles you must be a mega shitlord to be "respected".

Re: Thank but no thank you

Yep, to summarize. My pile of shit is bigger than yours.

Re:Thank but no thank you

[93+Escort+Wagon]

You can also set your email client to delete the mail from the email server as soon as it's transferred to your local mail client. Your 'inbox' folder is on your own equipment and mail only sits on the public server long enough for your client to retrieve it.

But then you're trusting that "delete" actually removes the item rather than just sets a flag indicating the item should no longer be shown to you. My experience with Google calendars (which I've detailed on Slashdot before) lead me to believe that the latter is - or at a minimum was at one time - true.

Re:Thank but no thank you

[93+Escort+Wagon]

That reminds me - I sorta promised swillden I'd test that to see if it's still happening. I guess I should really go do that...

Re:Thank but no thank you

A residential ISP can give out a "dynamic" IP but with no real schedule (that I know of) for when it changes. It could take years.

Re:Thank but no thank you

I knew this day would be coming a long time ago so there's a very elegant solution to this madness.

1) Use a separate IMAP/POP3 client (thunderbird is nice) to fetch your mail from Gmail
2) Make your Firefox clean your session data on exit (cookies, web cache, offline website data - that's enough)
3) Adbock+/Ublock Origin with anti tracking and anti social lists for good measure

This still leaves your IP address unprotected but if you're concerned enough, use a provide which generates random IP addresses or VPN.

It's a start. Still doesn't take care of super-cookies or browser fingerprinting though. Then again I don't know of any reasonable method for defeating browser fingerprinting (I did try an add-on that randomly switched your browser ID string and other things but it made web surfing unpredicatable and unpleasant).

Re:Thank but no thank you

[Malc]

Are you sure they're not using browser/device fingerprinting?
https://panopticlick.eff.org/

Re: Thank but no thank you

Yes they do, so?

My life is just as happy and good without those sites in it. If a website doesn't show correctly, or at all, due to blocking external scripts, the close button is right there on the tab for the clicking.

Or are you just sharing with us that you are angry at yourself with the fact you personally have decided giving up your privacy and personal information in exchange for viewing such websites is worth it to you?

Value of things is very much for you to define for yourself, and fair enough if that's the case.

But the misplaced anger many people have at their own values can be a bit hypocritical to blame on others.

Re: Thank but no thank you

[John.Banister]

For uMatrix, I let it block
doubleclick.net
google-analytics.com
googlesyndication.com
googleadservices.com

but have the following rules to permit Google stuff so pages work:
* accounts.google.com frame allow
* ajax.googleapis.com * allow
* apis.google.com * allow
* apis.google.com frame allow
* chart.googleapis.com * allow
* content.googleapis.com * allow
* content.googleapis.com frame allow
* fonts.googleapis.com * allow
* google.com * allow
* googlecommerce.com * allow
* googletagmanager.com * allow
* googletagservices.com * allow
* googleusercontent.com * allow
* googlevideo.com * allow
* gstatic.com * allow
* maps.googleapis.com * allow
* www.google.com frame allow
* www.googlecommerce.com frame allow
* www.googletagmanager.com * inherit
* www.googletagservices.com * inherit
* www.youtube.com frame allow
* youtube.com * allow
* ytimg.com * allow

Re: Thank but no thank you

[PJ6]

Countless websites on the internet totally break if you block google IPs.

I was evaluating game development platforms and couldn't install Unity because it required a connection to Google analytics, which is one of the many things I block at the hosts level.

That's right. I couldn't get passed the install without an active connection to Google analytics.

I concluded Unity wasn't as serious development platform.

Re:Thank but no thank you

Here, armchair hacker: shut the fuck up and educate yourself; https://panopticlick.eff.org/

Before saving the world as 1-2-3 prove you can save yourself from your own hubris and ignorance.

Re:Thank but no thank you

[DerpQuake]

Isn't Google just going to scan through your mail before you download it? Even if your email ID isn't matching you name, I'd imagine most people are still easily identified by mail content.

Not enough people care

[rmdingler]

By and large, this opens up a larger revenue stream for Google with very little backlash from their users.

It will be cussed and discussed on a few noble forums and everyone else will go on with their Facebook world, surrendering personal privacy for access to social media and the Google search engine.

Re:Not enough people care

By and large, this opens up a larger revenue stream for Google with very little backlash from their users.

It will be cussed and discussed on a few noble forums and everyone else will go on with their Facebook world, surrendering personal privacy for access to social media and the Google search engine.

Keep that in mind every time you log into Slashdot.

We live in an age where connecting points A1 - Z1,000,000 is easy to do. And with every business monetizing their users' data, privacy on the web is nonexistent. Why do you think just about every website out there wants you to create an account even though it's functionally unnecessary?

And I'd like to point out that just think what Google would have done if Google Glass took off.

This "Don't do Evil" lasts only long enough for their revenues to grow. When a business' revenues stagnate, they MUST do things to increase it and when the major holders' interests stagnate, they change their tune. They all become hypocrites in the end.

And remember, Google is an advertising company and their game is to target the ads - that's why folks pay through the nose for it. And to target those adds, they must collect YOUR information.

Re:Not enough people care

[rmdingler]

Keep that in mind every time you log into Slashdot. Et tu /.?

While I suppose this is an argument for submitting anonymous content, I only run the risk of being hung for my own posting foolishness, while you could easily be mistaken for another coward.

Re:Not enough people care

If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged.
- Cardinal Richelieu

I'd say you're done. ACs are a bit tougher, unless you want to go full Hitler and hang all ACs indiscriminately.

Re:Not enough people care

Did he say that as a warning to free men or as instructions to kings?

Re:Not enough people care

[Falos]

Laws are for commoners. The only "flex" proles see is the law flexing wider to scoop deeper, flexing wide enough to trigger from any six lines, should Our Betters so decide.

The flex for the wealthy, of course, is like when Google generously flexes away their takedown rules every time Time Warner accidentally demands their own websites shitlisted.

Re:Not enough people care

[Rick+Schumann]

'Not enough people care' because they've been indoctrinated and brainwashed by corporations and to a certain extent the government to believe that sharing your entire life with the world is normal and proper, and that not sharing every bloody thing with complete strangers is selfish and may be indicative of some sort of criminal activity or mental illness. Of course this is utter and complete bullshit, at around a certain age every child starts wanting privacy, and this is a perfectly natural and healthy part of their development. I hold out the hope that our natural, normal, healthy tendencies as a species will eventually win out against this unnatural, unhealthy programming that has been imposed upon some people. In the meantime we should continue to positivley reinforce that privacy is valuable and precious and needs to be protected and encouraged, and that the depredations of companies like Google and so many others, as well as our own government, needs to be discouraged and legislated against, and that not using your real name online, and not using 'services' (in quotes because I dispute, on philosophical grounds, how something can be a 'service' when it's really being such a disservice to you) that require your legal name, will provide some protection for your privacy.

Re:Not enough people care

[SeattleLawGuy]

Keep that in mind every time you log into Slashdot. Et tu /.?

While I suppose this is an argument for submitting anonymous content, I only run the risk of being hung for my own posting foolishness, while you could easily be mistaken for another coward.

Fifteen domains, including Google, are asking to run javascript on this page of slashdot.

"Anonymous" is not a thing.

Re:Not enough people care

[Malc]

I've been regularly getting the prompt from Google about their privacy settings that they show when you try to run a search. Every browser on a myriad of machines and VMs. This pop-up is really irritating because it takes some time to go through all the different options and install their opt-out plugin, etc. I'm sure they made this as onerous as possible to discourage people form opting out. My solution? I've stopped using Google for web searches. Really f****** annoying that I still have to go to their sites because my cheap-arsed employer uses Gmail for our corporate email etc.

Re:Not enough people care

[rmdingler]

On the one hand:

Onerous as possible.

On the other hand, the challenging nature of it certainly increased the resulting quality of the cull.

The best choice ?

[Thanatiel]

It looks like the best choice is to get non-targeted ads that will be dropped by the various ad-blockers.

Re:The best choice ?

Either that or use extensions to pollute the data available to the point where it's completely worthless.

The worst thing is that targeting to the page somebody is visiting is much more effective. I don't think I've ever clicked on an ad that wasn't targeted to the page I was visiting. Even then, I rarely click on ads, but every once in a long while I will click on one when it's what i'm looking for and targeted ads are great at figuring out what I don't need.

Just Admitting the Obvious

Anyone with even an ounce of cynicism has believed Google -- and everybody else -- was doing this same thing anyway. At least now they are officially on the record with it. Maybe it will finally catalyze some privacy legislation with teeth.

The data economy.

Why people are so stupid to understand that selling the user's data is the only working business model for free Internet services. User's data is the only asset they hold.

It is so naive to assume that they would not sell anything for which there would be demand.

Re:The data economy.

Advertising is worth money and does not absolutely require the gathering of anyone's personal information.

Re:The data economy.

[Artem+S.+Tashkinov]

free Internet services

Google is number one ad selling platform on the Internet. They are also number one search engine with no competitors in sight (bing is pretty useless for anything peculiar/professional/serious, yandex' cache is very small, baidu is only meant for Chinese). They are raking in cash even without selling users' data.

It's the "greed" economy, not "data" economy.

Re:The data economy.

[Rob+Y.]

Well, there *is* a difference between selling targeted ads based on the users' data vs selling the data - which Google still does not do. But I'll grant you this, the imperative of a public company is to keep the stock price growing - profit is almost beside the point, except as reflected in the stock price. That means that Google needs to constantly find new sources of revenue. I wish they'd get serious about building up their cloud hosting business and their corporate hosted application business. I doubt that their new Pixel hardware business is going to be a huge revenue generator.

In essence, Google needs a new business model to complement their old one. Otherwise, they've gone as far as they can with targeted advertising, and while I still don't think they're selling my info, I'd still prefer it to be stored anonymously than explicitly tied to my personal account - if only because of the threat of a data breach.

Re:The data economy.

[phantomfive]

I think many people understand it, they just don't care. They'd rather give up that info than pay.

Re:The data economy.

[thsths]

Yes, and how much are users paying for the top search engine?

Exactly. If you are not paying for it, chances are that you are the product.

Re:The data economy.

Exchange is an illusion. Money that can be seized, will be seized. See: Inserting adverts on paid cable television subscriptions.

They'll do it. You can blame users all day, they'll still do it. Model nothing, there's money for the taking and we'll take it, bitch.

Re: The data economy.

Yep, banner ads failed. So user data is harvested and fed into Databases to find out what consumers are buying and interested it. It's part of the feedback loop needed for capitalism to work. Beofore the internet, cameras would watch customers shopping habits in the store. Companies want an edge on their competitors and customer data can provide that.

Re:The data economy.

[iampiti]

You're right, it's the only business model if you don't pay. I'd be willing to pay (for at least some things) if I could be reasonably sure that means they don't sell my data. Alas, neither Google nor most web services that are usuarlly financed by ads and data have that option

I'll wait and see

I'll wait and see until the dust settles and the "I knew it" paranoiacs get out of the way.

However, I'm kind of sceptical about this kind of "the world is falling" article, since such an act would be particularly out of tune, considering google is already under intensifying scrutiny from all kinds of (not always reasonable) angles. Doing something like this, which would draw immense amounts of fire, particularly in the EU, doesn't just seem tone-deaf but outright stupid.

Re:I'll wait and see

[KozmoStevnNaut]

I feel the same way. There are tons of these doom-and-gloom type articles, and 99.9% turn out to be bullshit.

DuckDuckGo

https://duckduckgo.com/ Because search doesn't have to track

Re:DuckDuckGo

[Artem+S.+Tashkinov]

And then you land on a website which has AdSense/Google Analytics/Google something else. Oh, and then they have countless social embeds (facebook/twitter/youtube/etc) spying on you as well.

Yeah, this will totally work.

Re:DuckDuckGo

https://duckduckgo.com/ Because people will believe anything...

Re:DuckDuckGo

True but you can block all that. Blocking analytic s does not break the web.

Re:DuckDuckGo

Thank you for your concern, but I'm already a user of Disconnect, Request Policy, Cookie-Monster and uMatrix among other things. I'm sure they know a lot about me even so, but I'm not about to run naked in the streets screaming that they sky is falling anyway until we get a clearer picture than some alarmist trying to stir up slashdot is providing.

Re:DuckDuckGo

[Bing+Tsher+E]

My Noscript blocks Google Analytics. It's surprising how many sites have links to it for no known purpose.

Re:DuckDuckGo

[thsths]

What do you mean, Google Analytics has no known purpose? Google wants to know which websites your are visiting, the website maintainer wants to know who visits the web page and how. It is a perfect win-win situation (or win-win-lose).

Complacency Broken

[organgtool]

This is enough to break my complacency of using Google products. I already just finished uploading my files to a cloud server that I'm hosting as an alternative to Google Drive. Does anyone have any recommendations for Chromium-based browsers with optimized privacy and security such as SRWare Iron or Comodo Dragon? How about privacy-based secure e-mail services such as ProtonMail? My last steps will be to switch over to DuckDuckGo for default search and find a custom Android ROM that is frequently updated and allows lots of visual customization.

Re:Complacency Broken

SRWare Iron and Comodo Dragon claim to be privacy oriented, secure browsers. Unfortunately, they are closed sourced piles of garbage that have old bugs that have already been fixed in Chrome. Can't trust them if they refuse to release the source, now can you?

Re:Complacency Broken

[heilbron]

... Does anyone have any recommendations for Chromium-based browsers with optimized privacy and security such as SRWare Iron or Comodo Dragon? How about privacy-based secure e-mail services such as ProtonMail?

For those of you interested in data privacy and security but wanting a mainstream browser engine:
https://iridiumbrowser.de/
It is based on Chromium but maintained by a group of German companies mainly making a business out of services around Open Source.

Re:Complacency Broken

[hairyfeet]

I use Comodo Dragon, its pretty nice actually, I use Comodo' servers with it and combined with privacy badger it keeps the nasties and trackers at bay.

Re:Complacency Broken

[AHuxley]

Anything in the USA falls under a NSL or PRISM like collection. For privacy-based secure e-mail services create your own one time pad. You won't get anonymity on any email product but the message will stay private.
Don't create the plain text message on network facing computer and then encode.
Other than that flood the privacy breaking brands with all the disinformation, random news, fiction, fun and unrelated creativity possible.
Use their platforms to present any creative message or new product range or endeavour in as much fictional plain text as possible.
If the US brands want to collect all day, everyday and now want real details, create something great for them.

"Don't be evil"

[DNS-and-BIND]

Well, it seems that Google is only going to become more and more evil from now on. It was a good ride while it lasted. We got more than most companies, a solid ten years of good service. But now, the new crop of executives is in place and to them, "don't be evil" sounds like the stupidest motto ever. The old internet culture of sharing and open source and being trustworthy...well it just has no place in today's Google. The new breed just doesn't get it, or understand why it's important. It can be enforced, for a while. I'm sure it will live on in certain Google divisions, but as a principle it's dead as Dillinger.

I've used Gmail.com as my primary "real name email" for doing hotel reservations and such, anything that requires my real name. Obviously this has to come to a halt. Where should I migrate my real name email to? Is there any trustworthy email provider? Or, a provider in some oddball country that doesn't give a crap about spying on me? As I think the days of free email are behind us, I don't mind paying say, $5/month or something.

Re:"Don't be evil"

> But now, the new crop of executives is in place and to them, "don't be evil" sounds like the stupidest motto ever.

They've revised the motto as well, to "Don't NOT be evil." >:)

Re:"Don't be evil"

[Khyber]

I would have thought someone with your username and low UID would know how to run your own fucking mail server by now...

Re: "Don't be evil"

I use fastmail, you pay money, they provide email. Nice simple relationship

Re:"Don't be evil"

Don't have real name email. Generate wild card incoming email to come to you so you can give hotelname@myserver.net. Then you can trace which companies spam or sell your details and change who you do business with accordingly.

If scummy behaviour has no downside, you'll end up dealing with scum every day.

Re: "Don't be evil"

pobox is another good one. Cheap, good, reliable, does not sell or give away your data. https://www.pobox.com/

These days using gmail for anything other than throw-aways is foolish. Get a real provider.

Re:"Don't be evil"

Don't, be evil!

Re: "Don't be evil"

Leave the old chap alone, he's busy trying to migrate to ip6.

Re: "Don't be evil"

Use Startpage as your search. Use Startmail as your email.

Re:"Don't be evil"

"don't be evil" quit being applicable at least 8-10 years ago. where the fuck have you been?

Re:"Don't be evil"

[wbr1]

You can get Google Apps email fro 5 a month. /sarcasm

Re: "Don't be evil"

FastMail will hand EVERYTHING over they have on you to ANY female that asks them. There's a reason I'm a FORMER FastMail customer.

Re:"Don't be evil"

[DNS-and-BIND]

Six digits is a low number now? *boggle* Yeah, I don't run my own mail server because I got out of the computer industry. Today, if I need IT services done, I fucking hire someone and let them deal with the grief. Never again will I be paged at 3am because the fucking server is down.

Re:"Don't be evil"

[Xylantiel]

It's called the race to the bottom. The "don't be evil" motto was based on the idea that users would not just offer up their personal information without some proof that it would not be misused. It turns out this was not true. People will upload their most personal information (and that of their closest friends and even their children, which is even worse) for what amounts to services worth less than $100 a year. It's sickening.

For personal email might suggest hover.com. But I think there are many service that will provide email service that is not being data-mined for an amount any smartphone user would barely notice in their yearly budget.

Re:"Don't be evil"

[Trogre]

Attitudes like that are precisely the reason we are having this conversation now.

Let someone else deal with your data and just assume they're trustworthy.

Re:"Don't be evil"

[__rze__]

I for one use https://mailbox.org/ , a privacy-oriented 1eur/mo service, with encryptable inbox, various security and privacy features, throw-away emails, cloud storage, etc Been using it for 6 months now, excellent service and no complaints. Together with https://ovpn.se/ and a variety of adblockers / private browsing, it is pretty nice :D

Do no evil?

[sinij]

Do no evil? Must have been some other company named Google that promised that.

Re: Do no evil?

I think it's pretty clear they are doing evil now.

Re:Do no evil?

Do no evil? Must have been some other company named Google that promised that.

When you are evil, denying it is standard practice.

Re:Do no evil?

[ArtemaOne]

Yeah, I know Google never said that. They did, however, say Don't be evil. An person (entity) who is not evil can do evil. It's then just personal judgment of whether an evil act or two makes an entity evil or not.

We don't get anything in return from Google ?

"Google is getting added value from you as its product without giving you part of the revenue it is generating through tracking through lower prices."

WTF ? without giving you part of the revenue ???

How many Google products people are using without having to pay for them ?? Where would they get the money from if it's not from ads....

Re: We don't get anything in return from Google ?

The phone isn't free. It is premium priced. They could at least subsidize it to give you back the ad revenue they would generate from mining the data on the phone!

Alternatives for email?

[Kohath]

What are the good, secure alternatives to gmail and yahoo mail? And no, I'm not going to setup my own server.

Re: Alternatives for email?

I bought my own domain name and have mail mail hosted on names pro. Just an example, I don't work for them but have no experience with others as I haven't had any problems yet.
I use a mail client on my computer to get my mail, but if you're desperate you can access a Web based login to check your mail.

Re:Alternatives for email?

[freeze128]

It doesn't have to be a huge global company. Check your area for local ISPs. They may offer email at a reasonable monthly rate.

Re:Alternatives for email?

You don't need to set up your own server. Just get a domain and a decent web host. I pay $9/month for website hosting and email. You then have your own front door on the Internet. Your own email. Your own image hosting service. You can set up a website or not. But be sure to check out the details. Some hosts don't fully provide email. Some subcontract it. In general, if you're paying less than about $8-10/month for hosting you can't expect any more than being able to put up a webpage.

Re:Alternatives for email?

[Mister+Transistor]

I have had great luck with email hosting by 1and1. They are huge and based outside the USA, which is a plus these days too.

Re:Alternatives for email?

[lgw]

Outlook.com is fine. MS may intend to harvest your personal data in some way, but they're not competent at it, so no harm done.

Re:Alternatives for email?

Problem is, you get spam on custom domains and most hosters don't filter for you, especially if you use catch-alls. I really wish there were a better solution.

Re:Alternatives for email?

gmx.com
vivaldi.net
safe-mail.net

Willing accomplices and quiet endorsement

[sjbe]

Throw Google under the bus not the poor folks just trying to feed their families.

"Poor folks just trying to feed their families"? These are well paid engineers with options. Anyone talented enough to get a job at Google is talented enough to secure employment elsewhere. They are willing accomplices to this action and pretending otherwise is disingenuous. Evidently these engineers lack a moral compass and their word means nothing. If they had a problem with this action they could easily have spoken up and taken action but they took the easy path and did nothing.

Pretty sure you'd scream bloody murder if you employer's actions were layer at your feet - douche!

My employer's actions are routinely laid at my feet and rightfully so. I am responsible for my actions at my employer as well as those who work for me. Companies are comprised of people who commit these actions and when these actions injure others there should be some accountability. If I have an ethical problem with what management at my company is doing or if I was wrongly accused of something I was not responsible for you can be quite certain I would either leave or take appropriate action to defend myself. But if I'm quiet about something then effectively I am endorsing it.

Re:Willing accomplices and quiet endorsement

I take it you don't "support the troops"?

Re:Willing accomplices and quiet endorsement

[ArtemaOne]

This is the classic argument from Clerks about the employees who were on the Death Star.

Re:Willing accomplices and quiet endorsement

[Dread_ed]

"They are willing accomplices to this action and pretending otherwise is disingenuous. Evidently these engineers lack a moral compass and their word means nothing. If they had a problem with this action they could easily have spoken up and taken action but they took the easy path and did nothing.

Even worse, they may believe that their actions are "for the greater good" and are therefore exempt from the normal routine of morality checks. Based on what I have seen from Google it appears this is part of their culture, the "Google way." Their constant interaction with and ease of access to high level political officeholders is incredibly concerning.

C.S. Lewis said it best: ...a tyranny sincerely exercised for the good of its victims may be the most oppressive. It would be better to live under of robber barons than under omnipotent moral busybodies. The robber barons cruelty may sometimes sleep, his cupidity may at some points be satiated; but those who torment us for their own good will torment us without end for they do so with the approval of their own conscience.

One can only hope that Google is just a bunch of crooks willing to sell us all out for a dollar or two. However, if they view themselves as our overlords of change, ushering us into their vision of a gilded future for our own benefit, well, were all fucked.

Re:Willing accomplices and quiet endorsement

Speaking of willing accomplices, how about a statement from noted Google apologist and asshole Shawn Willden to explain what a wonderful development this is?

It's time for an Android alternative

[Nocturrne]

Android and all google services are nothing more than a huge surveillance system. We need to fork Android and make open source mobile phones asap.

Re:It's time for an Android alternative

[hyades1]

I knew nothing about Android until I bought a tablet last week. I was hugely unimpressed with the level of blatant surveillance, and started looking for an alternative.

I don't know enough about it yet to tell you for sure, but I think Cyanogenmod might be just the fork you're looking for.

Re:It's time for an Android alternative

[Bing+Tsher+E]

You can use off-the-shelf Android hardware without ever logging into Google on it. There are alternative app stores out there, including the big one Amazon hosts.

I am sure there is still plenty of Google survellience you are subjected to, but significantly less if you never, ever, log onto Google from your Android device.

Re:It's time for an Android alternative

[hairyfeet]

Cyanogen is all but dead friend. I know I'll get shit but you want a tablet YOU control? Get one of those Windows 10 tablets, nice thing about those is since its a desktop OS you can run something like ShutUp10 and run a nice light third party firewall to make sure nothing gets out that YOU don't approve of. You can also replace all the default apps with any programs you normally use on a desktop, replace the browser with Pale Moon or Comodo Dragon, replace the trial of office 365 with LibreOffice, etc.They have them starting at $47 on Amazon for the 7 inch models but personally I'd spend a little more and get one of the 2GB models because you can never have too much RAM.

I'm just glad I hung onto my little netbook, I can run any OS from BSD to XP on it, was easily upgraded to 8GB of RAM, thanks to the AMD APU I can use it as a 1080P HTPC and even after 5 years I still get nearly 3 and a half hours on a battery. Now I just need to get off my behind and upgrade the HDD with an SSD, its a bit of a PITA to do with one of those EEEs but I've seen vids of the performance gains you get on one when you do it so its worth the hassle.

Re:It's time for an Android alternative

If you think you can run *any* firewall on a Windows 10 computer that will block Microsoft phoning home you are living in cloud cuckoo land.

Good thing

[JustAnotherOldGuy]

Good thing they're not being evil about it. *cough*

Blow google ads away the most efficient way

APK Hosts File Engine 9.0++ SR-4 32/64-bit https://www.google.com/search?...

Ads rob speed, security (malvertising) & privacy (tracking).

Hosts add speed (hardcodes/adblocks), security (bad sites/poisoned dns), reliability (dns down), & anonymity (dns requestlogs/trackers) natively.

Works vs. caps & PUSH ads.

Avg. page = big as Doom http://www.theregister.co.uk/2... & ads = 40% of it.

Hosts != ClarityRay blockable (vs. souled-out to admen inferior wasteful redundant slow usermode addons)

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus (slows you) + less security issues/complexity.

Compliments firewalls (blocking less used IP addys vs. hosts blocking more used domains) & DNS (lightens dns load).

Gets data via 10 security sites.

APK

P.S. - Safe https://www.virustotal.com/en/... (Verified by Malwarebytes' S. Burn "seen the code & it's safe" http://forum.hosts-file.net/vi... )

AdBlock = inferior + 'souled-out' vs. hosts

Adblock can't do (or do as well) 16 things hosts do 4 speed, security & reliability:

1.) Protect vs. bad sites (past ads)
2.) Protect vs. fastflux botnet C&C servers
3.) Protect vs. dynamic dns botnet C&C servers
4.) Protect vs. DGA botnet C&C servers
5.) Protect vs. downed DNS (reliability)
6.) Protect vs. DNS redirect poisoned/downed dns
7.) Protect vs. trackers
8.) Protect vs. spam payloads
9.) Protect vs. phish payloads
10.) Protect vs. caps
11.) Get past dns blocks
12.) Keep off dns request logs
13.) Speed up 2 ways (adblocks & hardcodes)
14.) Work on anything webbound multiplatform.
15.) Ez data edit
16.) Block ads more efficiently in cpu/ram/I-O use

APK

P.S.=> Ab+ does less vs. hosts less efficiently (a 128-151mb memory hog http://cdn.ghacks.net/wp-conte...)

ClarityRay defeats it

Ab+'s bribed not to work by default http://www.businessinsider.com...

AdBlock's SLOWER: http://superuser.com/questions...

UBlock = inferior + inefficient vs. hosts

UBlock can't do these as well as (or @ all) hosts do 4 speed, security, & reliability:

1.) Protect vs. bad sites (past ads)
2.) Protect vs. fastflux botnet C&C's
3.) Protect vs. dyndns botnet C&C's
4.) Protect vs. DGA botnet C&C's
5.) Protect vs. downed DNS (reliability)
6.) Protect vs. DNS poisoned dns
7.) Protect vs. trackers
8.) Protect vs. spam payloads
9.) Protect vs. phish payloads
10.) Protect vs. caps
11.) Get past dns blocks
12.) Keep off dns request logs
13.) Speed up 2 ways (adblocks/hardcodes)
14.) Work on anything webbound multiplatform.
15.) Ez data edit
16.) Block ads more efficiently in cpu/ram/I-O use
17.) UBlock now uses hosts (no DNS benefits vs. dns issues) - poor imitation = "sincerest form of flattery"

Hosts = native vs. illogically "Bolting on 'MoAr'" & not ClarityRay blockable like addons.

APK

P.S.=> Hosts (1st resolver) do MORE w/ less in fast kernelmode & before slow usermode addons

Hosts ~3mb vs. UBlock = 64MB -> http://cdn.ghacks.net/wp-conte...

Google Home & Google Now

[Josuah]

Isn't associating non-Google app and web site activity with Google information sort of necessary in order for Google Now and Google Home to work properly?

Hosts = more efficient & capable vs. addons

APK Hosts File Engine 9.0++ SR-4 32/64-bit https://www.google.com/search?...

Ads rob speed, security (malvertising) & privacy (tracking).

Hosts add speed (hardcodes/adblocks), security (bad sites/poisoned dns), reliability (dns down), & anonymity (dns requestlogs/trackers) natively.

Works vs. caps & PUSH ads.

Avg. page = big as Doom http://www.theregister.co.uk/2... & ads = 40% of it.

Hosts != ClarityRay blockable (vs. souled-out to admen inferior wasteful redundant slow usermode addons)

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus (slows you) + less security issues/complexity.

Compliments firewalls (blocking less used IP addys vs. hosts blocking more used domains) & DNS (lightens dns load).

Gets data via 10 security sites.

APK

P.S. - Safe https://www.virustotal.com/en/... (Verified by Malwarebytes' S. Burn "seen the code & it's safe" http://forum.hosts-file.net/vi... )

Business as usual

Why does anyone trust this company? Seriously, why?

remember

when you use Google, you are product, not customer.

Ghostery = 'souled-out' & inferior vs. hosts

Can ghostery do 16 things hosts do for speed, security, & reliability:

1.) Protect vs. malicious sites (past ads)
2.) Protect vs. fastflux botnet C&C's
3.) Protect vs. dynamic dns botnet C&C's
4.) Protect vs. DGA botnet C&C'ss
5.) Protect vs. downed DNS (reliability)
6.) Protect vs. DNS redirect poisoned/downed dns
7.) Protect vs. trackers
8.) Protect vs. spam payloads
9.) Protect vs. phish payloads
10.) Protect vs. caps
11.) Get past dns blocks
12.) Keep off dns request logs
13.) Speed up 2 ways (adblocks & hardcodes)
14.) Work on anything webbound multiplatform.
15.) Ez data edit
16.) Block ads more efficiently in cpu/ram/I-O use

* ANSWER ="NO" OR as well vs. hosts (natively vs. illogically inefficiently "Bolting on 'MoAr'").

APK

P.S.=> Addons do less vs. hosts & less efficiently - hosts do MORE w/ less + start w/ IP stack before REDUNDANT inefficient addons BEGIN to work!

Ghostery (Advertiser owned) "Fox guards henhouse" -> http://en.wikipedia.org/wiki/G...

Terrible post, this change was in no way "quiet"

"Existing users were prompted to opt-in to the change this summer."

I remember opting in this summer. The prompt I got was very clear about this change. There was nothing "quiet" about it. What idiot wrote this post?

You people need to calm down, it's not like they're giving your personal information to advertisers, they're just using them in their machine learning models to show fewer irrelevant ads. It's a small price to pay for my free search, gmail, docs, and calendar, and it's hardly evil. Facebook and all of Google's other competitors have already been doing this for years. I don't care what signals they use to choose my ads, as long as it doesn't include my private health records. I ignore all of the ads anyway.

For the record, doesn't affect "G Suite" (yet)

My company uses "G Suite", née Google Apps for Work, and I just verified that that these options are disabled for my G Suite account and can't be enabled. I don't think they'll every be explicitly enabled because of the stink the universities raised about this (UC-Berkeley students actually sued them) but I'm sure Google is looking for any justifiable way around it.

all about moble

[jmccue]

I doubt Google cares much about non-moble systems, why ? Because smartphones have GPS, are locked down and on all the time. Google can then determine were you are going, what stores, malls, events and sell that data for targeted adverts. It may even be possible to determine were you live. Also,I thought I read somewhere that some stores even track where you are walking and what shelves you linger at. This type of data is very valuable to Google.

All one gets from a desktop or laptop is approx where you are when you are now when the device is turned on, not how you got there and what you could be seeing

Re:all about moble

[iampiti]

Well, they already know where you live and they even tell you. The Google app in Android phones tells you where it thinks you live and work by analyzing where you spend most of the time.

Re:Ghostery = 'souled-out' & inferior vs. host

[hcs_$reboot]

On this very wiki page

Ghostery blocks sites from gathering personal information.
But it does have an opt-in feature GhostRank that can be checked to "support" them

so, don't check it ! (or uncheck it)

This is only a problem ...

[Qbertino]

... because we - the FOSS experts - are sitting on our hands and asses.

It takes a dedicated small crew of developers just a few weeks to develop a full-stack replacement of the E-Mail protocol and service, daemons and end user clients included. Fully encrypted, signed and 100% anonymised by default, with a distributed meta DNS to handle routing.

Likewise replacing the web can't be that hard either. Sure there is rendering, but remove 2 decades worth of document markup and build a working alternative, removing all the downfalls using the very same meta-dns described above and the web is history.

I actually think we will tackle this problem if it get's bad enough.
Replace DNS, E-Mail and the Web with modern encrypted distributed services and the web will start going the way of the dodo.

Privacy Badger

[seven+of+five]

https://www.eff.org/privacybad... Better than nothing...

Re:Privacy Badger

[Mal-2]

Privacy Badger will not be working with Pale Moon 27 because its underlying SDK is being removed from the code.

How Do You Know ?

Maybe Google and FB have a nice side business in selling user data to NSA ? All nicely covert, of course.

Fantastic

[easyTree]

Maybe google can finally serve me a relevant ad *before* I've bought the product...

Failing that; they could just email me and I'd tell them what I want to see ads about.

Quietly?

[The+Raven]

There was a big notice on my Google account, asking me permission to use my web browsing habits to server ads. I'm not sure how an Opt-In feature that interrupted my login to ask me specifically can, in any way, be described as 'quiet'.

Blocking

I do not use a google account, run firefox with adblock, UAControl, uBlock Origin, Ghostery, and Referrer Control. What data can google use? Just the IP, but they only have that on google search pages, etc. All other page trackers are blocked.

Immaterial... apk

See subject: Ghostery's inferior in abilities & efficiency (hosts = kernelmode, addons = usermode) https://tech.slashdot.org/comm... that I illustrated point-by-point there!

Ghostery's a SLOWER overheads ridden (messagepassing alone let alone memory use) usermode addon (hosts operate 1,000's of times faster due to more cpu servicing as a kernelmode component (used by the IP stack itself way, Way, WAY BEFORE addons even BEGIN to operate)).

APK

P.S.=> Just facts... ones you cannot validly technically overcome apparently (don't feel bad - nobody here EVER has in the list shown)... apk

Re:Immaterial... apk

Technical BS when Ghostery works with zero maintenance, and zero required knowledge limiting audience able to use it.

Ghostery does less, uses more... apk

See subject: ... & is usermode slower + needless redundancy vs. hosts! It's all I really have to say other than Occam's Razor is satisfied by hosts also!

(In that the simplest solution (design & function especially) is usually the best answer. Hosts are on grounds no one can touch validly technically in my original posts' list).

That "technical bs" is what makes hosts more versatile providing more speed, security, reliability & anonymity to users!

* Hosts require no knowledge & folks have it already natively + my program automates all of what hosts creation enhancement + customization entails in an easy to use GUI so, your point's moot there too.

APK

P.S.=> Hosts, unlike browser addons, are not adding on more bulk that does less yet uses more & is redundant - addons, are, as well as grossly inferior on many grounds vs. hosts files, unquestionably... apk