Slashdot Mirror
Deja News Privacy Questioned
theGEEK writes "An
internet 'watchdog' discovered
that Deja News is
actually logging their users e-mail traffic." Is
this related to the recent thing about them tracking every
click through redirector scripts? Personally I'm not threatened,
but I'm not a privacy nut either. What do you think?
You know, I don't know too many people who would be even the slightest bit concerned about this. I know people who, when I try to talk about the P-III ID debacle, say, "So? How would that affect me?" Well, I personally don't give a flying f**k how it's going to affect you, but because you don't care, it's going to go on, and that will affect me and that's what bugs the $h!t out of me.
Those of us who actually are concerned about their privacy are a dying breed. I feel like when I'm an old man, I'm going to be constantly saying things like "Back in my days, we didn't have browsers that tracked everything you did and uploaded your bookmark list to the software company so they could send us targeted advertising and to the FBI every night so they could make sure you're not looking at anything 'illegal' or 'obscene'! Our operating systems didn't take inventories of our hard drives and send them back to Microsoft and the SPA to make sure we're not using any software that we're not supposed to. We didn't have EMail clients that CC'd everything we sent to the software company so they could send targeted advertising to everyone we talk to and to the NSA so they could make sure you're not talking about doing anything 'wrong' to anyone in government. We didn't have tracer implants that the police track 24 hours a day 7 days a week to 'make sure we're safe', but you know, since nobody cared about privacy, when all those things happened and nobody complained, the rest of us were forced to comply and we didn't like it!"
I worked there and it doesn't surprise me. They have, in common I suspect with many "internet" companies a rather contemptuous attitude towards their customers. They regard them, at least some of the time, a only a resource to be exploited, like some sort of human strip mine. I don't think this was malicious, just careless and born of an attitude that doesn't care.
But now the bigger issue: Privacy. What no one seems to think of is that allowing extensive anonymity on one's system does not a privacy policy make. These are two almost totally separate things. If you want privacy, you should be using PGP or GPG or some other form of encryption technology. If you want anonymity, go to the Anonymizer folks. (Although even they blur the line between the two.)
Privacy is a good thing. If I only want one person to be able to read an email intended for them, I'll bug them into getting and using PGP or something similarly strong. I hope that such people would bug me in return. It's also pretty hard to abuse someone's privacy. Invade it, yes. But cracking a PGP-encrypted message tends to be quite difficult and as long as you have good password policies, it's just that much more difficult.
Anonymity is also pretty good, to an extent. There are some times when you need to say something that would get you in trouble. (I'm talking more than the kind of stuff that gets you flamed; I mean the kind of stuff that'll get you fired from your job or something equally undesirable.) There needs to be that option. It is also very easy to abuse anonymity as is seen every day, over and over again, by spammers and flamers and trolls and their ilk on USENET and many other public "forum"-ish places. That is what needs to be controlled and I don't blame companies like Deja News who need to cover their asses so they can avoid being sued for doing any sort of logging. (Now, if they wanted your private PGP key and password, that's something entirely different and I won't go into that. Key escrow sucks, bigtime. (Okay, so I lied. But I won't get into it any further than that. (Unless you provoke me.)))
Get it straight, folks:
- Privacy != Anonymity
Mmmkay?Anonymity != Privacy
If you choose to use DejaNews for anything, any information you provide to them is thiers. Accept it. You are responsible for your own privacy, they are prefectly justified in tracking every link you click on. It's a FREE SERVICE. If you don't like it, don't use it.
(And I AM a privacy nut)
FedEx, UPS, USPS only know what they need to know to perform their service. What DejaNews is doing is more like the paper boy going through your mailbox.
Most of the comments here are about keeping logs of mail that goes through their servers. IMHO, that's normal and expected, nobody should have a complaint there. (If you do, use a remailer)
The problem is that they have a link for the sender's email address. One might expect it to be a simple mailto: but it is not. It is a link to a CGI on their server which logs the information, and then redirects to an actual mailto.
In other words, they go out of their way, and add load to their already busy server in order to log that you decided to email the user. That happens even if the email does NOT go through their servers.
Personally, I doubt very much that they would add all that load to their server in order to NOT use the information gathered. I sure wouldn't.
Unlike a mail log, this IS a violation of privacy for the simple reason that they are collecting user information beyond what is customary, and they are not informing the user. As a side note, most ISPs DO inform the customer that their email is not to be considered private and that it may (read will) be logged.
Shoot, the sysadmin can even delete all your files if he wants to. "What was your username again? *clickety-click*". But he doesn't. Logfiles aren't necessarily a privacy invasion; it's only a privacy invasion if inappropriate use is made of those logfiles. Using them to track down a spammer would be appropriate use. Using them to sell info to advertising companies would be inappropriate use.
BTW, by using the pronoun "he" for sysadmins I do not mean to imply that all sysadmins are male. It's just more convenient to use the generic "he".
-----
The real meaning of the GNU GPL:
"The Source will be with you... Always."
| Why is nobody up in arms with UPS/USPS/FedEx?
...
| They can also track your packages. They know
| your address. They know what you have sent and
| where it is going.
| Its amazing how in one light, this tracking is
| a paid for feature, while in another light..
| its an invasion of privacy.
The only issue of merit here is consent, really. Nobody's up in arms over UPS and Fed Ex because their tracking *is* a feature. We pay for it because it does something useful for us - namely, allowing us to know if package Y we sent to customer X was delivered. We know about this tracking up front, and - as you say - it's an advertised feature.
It's people tracking covertly that gets privacy advocates up in arms - especially if they lie about it (which is what the ZD article seems to be implying - whether it's true or not I have no idea, as I don't use Deja for anything other than searching usenet). If it's upfront, well, that's just the price of the service.
Just so long as Deja doesn't start selling "1000000 GOOD EMAIL ADDRESSES"
-- Rick
I just thought of something.
... and missing.
If people had all the privacy that they aparently so desire, we would be reduced to anarchy.
There would be no logs of who did what. No records of finger prints. Nothing.
Keeping records is what people do. Must be some DNA thing or something (which we are also trying to record) HEY ROB... You better delete all the comments 1.342 seconds after they are posted or you may be keeping illegal logs!
::sigh:: Tiz a sad society when we have children shooting each other, and all some worry about is that an IP was logged with an e-mail.
(i dont feel like previewing.. hope this looks good)
---------------------------------------
The art of flying is throwing yourself at the ground...
log files have been around since the dawn of computers. The e-mail tracking does not surprise or even worry me. This is how it was and how it will be.
:)
... and missing.
Why is nobody up in arms with UPS/USPS/FedEx? They can also track your packages. They know your address. They know what you have sent and where it is going.
Its amazing how in one light, this tracking is a paid for feature, while in another light.. its an invasion of privacy.
As for taking an inventory of ones computer and sending it without said uses authorization, that is an invasion of privacy.
WWW tracking... hmmm, thats an interesting one. If the tracking is done from the server side (which would be practically impossable), I dont believe this is a problem. But if its a client side 'feature' that is enabled without the user knowing, that is where the problem starts.
Its not that I dont value my privacy, I just do not see it threatened by this. If netscape starts tracking url's... I'll switch browsers. If MS starts keeping track of my HD, I'll switch OS's (well, bad example for me, I run linux
0 1 --- just my 2 bits
paul
---------------------------------------
The art of flying is throwing yourself at the ground...
This is so stupid. According to everything I read on that ZD page,they know what email was sent and to whom AND they (oh my gosh) know the IP's too!
/var/log/maillog and tell you the EXACT same info. Hell, I can even tell you when people are checking their mail.
... and missing.
Lets see, I am currently in charge of the e-mail server at work. I can go into
Does this mean I'm collecting email addresses because I keep a log file of the traffic on my server? I even back up the server to tape so I must be archiving this info for my evil plan to send e-mail to everyone on the planet.
The bottom line is... Who gives a shit. Its a log file. People are becoming WAY to sensitive about this kind of stuff.
The smallest company to the largest corperation should have backups of their data. If this includes log files of when email was sent.. so-be it.
Hmmm, I also have root on the mail server which gives me the ability to read the email too. Why havent I seen a news-flash on the admins ability to read e-mail that is not their own?
I'll just file this one under FUD
---------------------------------------
The art of flying is throwing yourself at the ground...
They put redirects on the email addresses, but they can't track the actual mail being sent - that's between you and your mail server, not DejaNews.
I'm not clear on what commercially valid use could be made of this information - I can see how they want to know, in the aggregate, what URLs their users visit, but I can't see any commercial merit in knowing who I write to. Perhaps someone from DejaNews can respond to this.
Of course if you're concerned about this, there is an easy fix - don't click on the email link. The email address is easily visible in the message headers, and you can bring up a new email window and cut/paste or type in the address yourself. The link is just a convenience for lazy people - such as myself, and - probably - most of us.
D
----
Since I have been doing this crazy online thing (1982) it has been absolutely positively known, and I believe impossible for a company to assert otherwise, that electronic mail is viewable by the administrator of the system. Now perhaps outgoing mail might be less available to a particular admin but the fact is that the information is sitting on someones computer... FURTHERMORE since folks don't seem to get it, I will repeat something I used to say on IRC back in 1993... EVERYTHING I SAY IS EASILY MONITORED BY ANYONE WHO GIVES A DAMN. There are too many access points to monitor any given persons communications. Thats why we needed PGP and why the battle for encryption is so important. The issue of merely logging sendmail or otherwise is trivial. It is my mailserver. I definately want to know what is going on with it. Personally I don't read my users mail, but sometimes they ASK me to check something that is wrong with their mail. Sometimes they DON'T want that 6meg file that some idiot sent them which is beating on their poor windows ppp session. So as an administrator, the fact is that I got ROOT for a reason. How I USE the information I have access to is what is important. If Dejanews is doing something with the info they are collecting that is counter to the wellbeing of those who are using their services then by all means make a fuss, and tell people. But if what they are doing is collecting data to analyze for the purposes generally suspected, that of usage monitoring, security, optimization, well who the hell cares.
The fact is that one cannot technically prove anything based on logs. Those logs can be forged, or tampered with. There is no verification that the person who sent the email was represented appropriately, or that the person recieving the email ever truly did. Email is still a format that has not been defined well officially. Until we see official signatures and other methods, we are in a zone where the legality of an email message is dependent on many things that can't be controled by the user or admin...
I have spoken to friends about this, people who handle the email of law firms and security traders... The lawfirms try to clear the email off the systems because of discovery (if they deleted the message then a subpoena doesn't matter). The ones with the brokerages have to back up every email sent in or out, because THEY are required to have all communications documented by the the SEC...
So go figure. And truly, free email accounts cost you nothing and while they don't cost MUCH for the server, they do cost something. It is easy enough for a person to get a tcp/ip connection, and hook up a linux box to have their own mail server. Then log all you want or don't want...
Blah...
------
This message is under surveilance by the NSA. If you are reading this message you will be contacted by the NSA. The code word is 'excuse me'... If someone contacts you with this information, you submit immediately to a fullcavity strip search...
Thank you for your cooperation.
Since "mailto" is a "special purpose" type of tag that may have new features added to its specification at some point in the future, the programmer may have provided the redirection link as a modular layer of abstraction that would allow for changing the way addresses are handled.
For instance, if the user is a DejaMail customer, it might load the DejaNews "compose" page instead of telling your browser to send mail. Or perhaps it could add a Refers-To-Article: header or something to the email, but only if the browser could handle it.
Who cares, really? I went to DejaNews and wanted to email someone. I just copy-and-pasted their email address after I looked at my browser's status line and realized it wasn't a mailto: link.
- exactly
what's going on.Go to DejaNews and look at a Usenet posting. Next to the Author's name, you'll see that DejaNews was nice enough to provide a link with the authors email address so that with a simple click you can email the author. Fair enough, that's helpful (and something I expect). The problem is, it's NOT a simple mailto:foo@bar.com link. It links back to DejaNews. DejaNews sees this, and says to itself, "Hey, Joe Blow just clicked on a link to email foo@bar.com." Then it redirects to something link mailto:foo@bar.com, which causes your mail client to pop up, all ready to email to foo@bar.com. At this point, DejaNews is out of the picture (you're sending email to foo@ on your PC using your mail client and your IPS' SMTP server). But DejaNews has already made a note that you at least clicked on the link to email them (you could change your mind and cancel and DejaNews wouldn't know the difference). The point here is that DejaNews doesn't have to do it this way. They could've simply put the link to the person's email directly on the page (which would've been much simpler), in which case they would have no way of knowing if you clicked it. They're specifically going out of their way to make note of the fact that you clicked on the link to email someone. Someone, somewhere, made a deliberate, conscious decision to go to the extra trouble of logging this. It's not some incidental log.
Randy Weems
rweems@home.com
There seem to be a lot of people out there (especially sys admins), who are saying, "This is no big deal. Everyone store logs, etc." Hello. Excuse me...you're not getting it. Lets all be clear here on exactly what's going on.
Go to DejaNews and look at a Usenet posting. Next to the Author's name, you'll see that DejaNews was nice enough to provide a link with the authors email address so that with a simple click you can email the author. Fair enough, that's helpful (and something I expect). The problem is, it's NOT a simple mailto:foo@bar.com link. It links back to DejaNews. DejaNews sees this, and says to itself, "Hey, Joe Blow just clicked on a link to email foo@bar.com." Then it redirects to something link mailto:foo@bar.com, which causes your mail client to pop up, all ready to email to foo@bar.com. At this point, DejaNews is out of the picture (you're sending email to foo@ on your PC using your mail client and your IPS' SMTP server). But DejaNews has already made a note that you at least clicked on the link to email them (you could change your mind and cancel and DejaNews wouldn't know the difference). The point here is that DejaNews doesn't have to do it this way. They could've simply put the link to the person's email directly on the page (which would've been much simpler), in which case they would have no way of knowing if you clicked it. They're specifically going out of their way to make note of the fact that you clicked on the link to email someone. Someone, somewhere, made a deliberate, conscious decision to go to the extra trouble of logging this. It's not some incidental log.
Realistically, I do think it's that big of deal. But this is not the simple sendmail log that all the I-love-to-jump-to-conclusions idiots who've only skimmed the story without actually understanding it are claiming it is.
Randy Weems
reems@nospam.hotmail.com
Alright, so dejanews knows which ip address sent an e-mail to whom. Well, Rob right here on slashdot can know precisely at what time of the day i visited his site. Microsoft can have a detailed log of their visitors. Logging is something that any sensible sysadmin does. Someone who manages a service as important as dejanews' or any other site needs some info. It could be to improve performance in certain areas, or to show some people who work with ties (people with big salaries who decide where the money goes) that the thing they're paying for is worth it. They need to show advertisers (their main source of revenue) that their investment is not worthless.
It is true however that such info could have some use. But such things should remain confidential to the company and not be publiczed such as on zdnet. This stuff has been going on for more than a yer now, and it didn't bother anyone, even if they didn't know it. Why should they start today?
True. Maybe Dejanews should have said somewhere in the fine print that they were doing this (and actually, maybe they do). But don't say that because they log who you e-mail to infringes your privacy. Please...
Maan
bsat@iprolink.ch
(I hope you don't mind that I log the e-mails I receive. Do you really wanna see this kind of disclaimers on sites...)
They could be doing it for all the big brother reasons people are suggesting, but they are probably also doing it for accountability reasons. We run a free email provider, and we keep the typical sendmail logs that everyone else does. Why? Because we have a responsibility to the Internet public to stop abuse of our systems (and subsequently other systems). The most common use here is spam. In the rare event that someone sends out a "spam" (which by many supposed anti-spam activists has been expanded to the mean email from anyone you don't know), we need to do what we can to stop that person. The only way we can do this is by checking the IP they sent the mail from. If someone is doing someing illegal, like child pornography, law enforcement will request logs. These are really the only reason for having them. We dont have reports on all our users, we dont use logs for demographic targetting, but keeping this information is essential to keeping the Internet a usable environment. My personal opinion is that the anonyminity the Internet used to provide was an anomaly, not a right. You should be willing to accept the consequences of your actions.
This is not the greatest sig in the world, this is just a tribute.
if tracking your habits gives them a valid
excuse to give you a free email account, stop
complaining.
This is only true if you are informed up front of that aspect of the deal. Since they did not -- since in fact their privacy policy said otherwise -- your admonition is way out of line.
--
Some keywords for the NSA in the Lord of the Rings universe: One Ring bind find Sauron quest Nazgul freedom
Although I do worry about online privacy, I think
it is unfair to single out DejaNews like this. By
default Sendmail logs the sender and recipient of
every piece of email it handles, and Sendmail is on
something like 90% of all computers that handle
Internet email. This information has valid uses,
such as tracking down spammers, and identifying
misconfigured mail servers and clients.
The problem is that the information is collected regardless of whether the user has an email account with DejaNews or not. The idea is that if you click on a link in an article you retrieved from DejaNews, you are not sent to the link you see on the screen. Instead you are sent to a script on the DejaNews site that records whatever statistics they keep and then redirects you to the link you thought you were following. So, in other words, if the highlighted link reads:
http://mailto:rlink@indiana.edu
The actual link is:
http://x12.dejanews.com/jump/mailto:rlink@india
Now, this is easy enough to avoid by simply cutting and pasting the displayed URL into your browser's location field, but the point is that most users would not think to do this because there is no indication that the link is anything other than what it appears to be. Regardless of what you think about privacy, collecting this information covertly is, at best, underhanded.
While we're on the topic, several other people have replied comparing this practice to sendmail's logging. I think this analogy is flawed. Sendmail records logs of local activity; these logs are necessary to administer the local mail server. DejaNews, on the other hand has no legitimate reason to keep this information, since the mail is not going through their server. Moreover, if my local administrator misuses the information in the system logs he is accountable under the terms of service that I agreed to when I got my account. No such accountability exists with DejaNews, since I have never made any formal agreement. I find this troubling.
Finally, some people have said that they don't really need privacy, since they don't care if people know who they send mail to. They are welcome to make that choice, but many people do have legitimate reasons for wanting to keep their correspondence private. The burden should not be on them to prove their need for privacy; instead let those who want us to waive our privacy show some compelling reason why we should.
-r