Kicking the Google Habit

August 25, 2009 at 18:08 | Posted in Life, Privacy/Security | 2 Comments
Tags: , , , ,

With my current move towards using totally free (as in speech) software, joining the FSF (Free Software Foundation), and all the things that are driving these decisions, I find myself questioning my use of Google.

Now, before people write me off as an anti-Google nut-bar, let me clarify my position. I do not think that Google is evil or trying to take over the world. I do think that Google has become a behemoth and despite the wonderful ethos of it’s founders it is now a publicly traded company and that means answerable to the shareholders and thus the bottom line. People shouldn’t fool themselves. Google is profit driven, not peace and goodwill driven. I have watched as their privacy policies on new services have become increasingly invasive. I have seen them use their very successful model of offering “Free” services to get a large user base that they can mine. I have watched as they add ever more services to broaden the scope and breadth of their data mining capabilities.

Due to the above I, like others, have become increasingly concerned about the concentration of data. Consider if you will, what Google can learn about a person using their services:

  • What you Read → Google Books, Google news, Google Reader, Google Scholar, Google Groups
  • Who you talk to → Google Talk, Google Groups, Gmail, Okurt, Google sites, Google Docs
  • What you say,write,create → Blogger.com, YouTube.com, Google Sites, Google Groups, Google Talk
  • Where you spend you money → Google finances, Google checkout, Google product Search.
  • What you are interested in → Google search, Google Alerts, Google Bookmarks, Google WebHistory

As you can see from the list above Google could quickly build a fairly complete dossier on anyone using their services. Add to this the fact that the above list doesn’t take into account Google tracking and analytic services (which operate on thousands of non-Google sites) which I am sure benefit from people that use a Google account and fail to logout before they go browsing the web.

If a person sat and really thought about it they might well end up feeling a little paranoid and they might be right to feel that way.

As for me, I do not think that Google has any vested interest in me other than trying to get advertising in front of me (good luck guys 🙂 ). I have long ago blocked google adsense, google-analytics, and other google tracking and advertising systems that google runs. I use Scroogle or ixQuick for my searches to keep my privacy. On the rare occasions I watched YouTube videos I did so without going to the YouTube site when possible. I was working to protect my privacy.

But then I slipped and got a gmail account just to “check it out” at first. It became my main account over time. (it really is one of the nicest webmails out there). I rationalized that since I used POP access and regularly completely flushed the account, that I wasn’t giving away too much. None of the “Free” webmails are truly free. They all advertise and I suspect that most track and collect information on the people using them.

The problem was that Gmail was my gateway service, to get it I had to set up a Google account and that led to me using other Google services. I soon found myself using Google Reader. I have 2 laptops and it was nice to be able to read my morning headlines from either. Then I found myself using Google talk. Not a lot. Just as the service that my Microblog updates flowed in through… But you can see the trend starting.

Luckily due to this recent push in my life to be “Free” as in speech and due to my normally abnormal (for this day and age) attachment to my privacy, I woke up and realized “Egad”. Here I am just giving my information away. It is truly interesting to see how “just checking out Gmail” had started to turn into giving away all my privacy.

Now, due to who and how I am I’d never have used all of Google’s services. The thought of using Google Docs is anathema to me. I’ve been around since the early days of the Internet so I prefer to actually read the Usenet (Google Groups is mostly just a front-end for the Usenet) directly. And other services just don’t appeal to me. Where they got me, and in truth might have continued to pull me in further is with new services (Gmail was new when I signed up). I’m sure that when Wave comes out the “techie” part of me will want to go and check it out. This time however I think the “sorry, no, that’s my privacy we’re talking about..” side will win.

I have now taken steps to correct my slip. I’m quickly phasing out Gmail. I’ll phase out Google Talk also. I have moved my RSS feeds off of Google reader and into a feed reader on my laptops. I’ve moved my Microblog updates to come in on my Jabber account thus depriving Google of that stream of information. It feels good. I’m well on my way to kicking the Google habit. My goal is to be 100% Google free before the end of the year. I hope to nuke my Google account in less then 3 month. (I have to make sure I didn’t miss changing my e-mail some place so that nothing breaks on me).

I’d like to challenge others to try and do the same. I know that many people will not feel inclined to completely remove Google from their lives.. But take a few moments and think about just how much information you’re streaming through Google. Then think about how you can go about reducing that. Perhaps start by dropping the services that feel like they are giving away too much personal information first and go from there.

I’ll write more on this journey as it evolves, It will be interesting to try to be 100% Google free.

Another great article about why you might want to be Google Free can be found here

All About WebBugs

October 14, 2008 at 12:03 | Posted in Privacy/Security | 1 Comment
Tags: , , , , , , , , , ,

What is a WebBug anyway?

A webbug or web beacon, pixel tags, tracking bugs, etc are tiny 1×1 pixel images (gif, jpg, png, tif, etc) (and increasingly Flash objects) that companies put into websites or e-mails to track where, when, and by whom they are viewed. On most modern computer screens a single pixel is very hard to see. Even if that weren’t the case 99% of the time these images are transparent so even if you have fantastic eyes you wont see them.

Isn’t this just done by evil hackers/Spammers?

There is a growing trend for large online companies to use these bug/tags to track people. This is partly due to the fact that browsers have gotten better at letting people block older ways of tracking you (cookies, ad banners, etc). So it is the next step in an ongoing techie arms race. Good techies trying to protect your privacy/anonymity. Corporate techies trying to track you so people can make money off of you, or off of people that will pay to know what you are interested in.

A prime example of this is Yahoo’s decision to start using webbugs.

Should I be scared?

Web tracking is nothing new, this is just the next step in the dance. So, being scared is probably over reacting a wee bit. You are perfectly justified in feeling concerned, annoyed, pissed off, righteously indignant, or just plain peeved. Privacy is a right and these folks are dancing around that as best they can.

What can I do?

Unfortunately there isn’t one simple, install this program and it will all go away, type thing you can do. However, this does not mean that there isn’t anything you can do. There are some definite steps you can take to protect your privacy and I’ll cover them briefly here.

E-mail:

I’ll start with e-mail as it is probably one of the easier things to protect from webbuggery. First set your e-mail client to never touch remote/online images. This alone will stop many webbugs in their tracks. If there is such an option consider setting your mail client not to render HTML at all. (this might be a bit drastic for most people). Definitely disable Java, JavaScript, VBScript, etc in e-mails. In this day and age having a scripting language active in your e-mail client is tantamount to leaving your keys in your car with the doors open.

Other things you might want to consider:

Digitally signing all e-mails you send (makes them tamper proof).

Sending mail in text only format (yeah, I know, no smilies.. but safer).

Digitally encrypt all e-mails so they can’t be viewed “in transit”

How to make Browsing safer:

Unfortunately since browsing means loading pictures, blocking webbugs while browsing takes a bit more work. Basically you need a system to block the undesirables. There are many options out there but all take at least some work to set up. One of the easiest is the Adblock Plus extension to the Firefox browser. It makes blocking undesirable elements in a webpage quite easy. The problem is that the webbugs are impossible to see so you have to use the “tools -> page info -> media” function of the browser to locate what elements are 1×1 pixel in size and then block them. Not all 1×1 pixel things are bugs. luckily the bugs are often easy to spot as they will come from a source outside the page you are viewing, or will have a fairly obvious hint in the URL like “adserver.”, “adscript.”, “track”, etc. Adblock Plus also offers free filter subscriptions which it will use to get block lists that have been generated specifically for it. The “ABP Tracking Filter (by rick752)” under miscellanious does a good job on blocking many of these webbugs

This is a bit of a pain in the posterior but once it is done you are pretty good to go. You will still want to check from time to time to make sure that there are not any new ones.

The same approach can be used if you have a router that supports a block list. Just keep adding the nasties to the list and soon you’ll be browsing much more safely. The one drawback to this approach is that some webpages try to use Java/Javascript to load up the ads/webbugs. Having them blocked at the router can sometimes make the page stall while Java tries to get the offending material but can’t reach it.

Other options exist such as Privoxy which is a software proxy that will clean a lot of this stuff up for you. My problem with a solution like this is that although Privoxy is very good at what it does I can’t be sure it’s catching everything I want it to.

The best approach, and the one I use, is a combination of the above. Things that don’t block well at the router I block with Adblock Plus and NoScript. I use Privoxy (and Tor) if I am going some place I am unsure about and definitely wouldn’t want tracking/spamming me.

In the end the decision of what to do about this issues is up to you. It’s your privacy, It’s your choice. Sadly many people feel their privacy isn’t worth the effort it takes to set these filters up.  The things I have talked about here is not a complete list of the options to protect ones privacy. Unfortunately going into all the options would make this document far too long and probably make it classify as a good sleep aid for most people.

Included below are some links for further reading on the subject. Enjoy.

Yahoo’s “Web Beacons”

Privoxy

Tor

Firefox

Adblock Plus

Peer Guardian

GnuPG – e-mail signing/encrypting

WebBug Articles:

http://www.leave-me-alone.com/webbugs.htm

http://www.spywareinfo.com/articles/webbugs/

http://www.securityspace.com/s_survey/data/man.200609/webbug.html

What a night

April 7, 2008 at 23:24 | Posted in Privacy/Security, Tech | Comments Off on What a night
Tags: , , , , , , , , , ,

Fist there is news of a bot-net bigger then storm dubbed Kraken which you can read more about here, here and here

And Then, there is info filtering out. albeit a little after the fact about Phorm, which if it work as described here would be a major threat to the average users privacy and even to those that used cookie blockers as it hijacks white listed cookies.

Guess it is time for someone to start working on a Phorm stripper add-on for Firefox that would identify the hijacked cookies and strip the Phorm tag off of them.

It is late so I have not had a chance to look into to this as deeply as I’d like to. I’ll write more on it in the coming days.

Create a free website or blog at WordPress.com.
Entries and comments feeds.

%d bloggers like this: