Is online Privacy truly gone?

[JemR]

I would like to be tracked as little as possible but the few times I've messed with privacy apps they seem to have slowed me down a bit.
I would be very interested in light weight privacy apps that don't slow page loading down or bother me unless I look at them, a little multi-colored icon in the corner would be perfect, if it's yellow or red I'd go ahead and and take a look.
Any suggestions?

I may be able to help you somewhat on this bit, part of it maybe? I use WOT (Web of Trust) www.mywot.com. You may well already have tried it/use this it is quite popular. It's a browser extension that rates web sites by using traffic light icons next to search results, from google for example. And also has an icon in the address toolbar which rates the page you are on. Similar to McAfee SiteAdvisor in many ways (also very good). In WOT's case user's help partly compile the ratings from good or bad experiences of sites. If a site is harvesting info, uses (who know) will rate that site low as privacy is one of the four rating criteria. I will now "know" after adding extensions discussed in this tread. You can also type a URL into a search box on their web site front page if you don't want to add the extension and you have concerns about a site. Not sure if the browser extension slows searches down much (must a tiny bit). I find it a useful initial filter for dodgy sites.

 

[EZO]

There seem to be a lot of misconceptions about how online tracking actually works or just how rife and insidious it is. While schemes like running ones computer on a ram disc or inside a virtual machine might wipe the slate clean when you reboot your computer, this does little or nothing to prevent you from being tracked while you are online. This is especially true if you use services such as Yahoo, Facebook, Photobucket, MySpace, eBay and Google products of any kind but it is widespread pretty much wherever you go online. Obviously, if you log on to any of these sites you are being tracked but logging off doesn't necessarily help you. Even dumping your cookies every time you go from site to site may not help and most people wouldn't go to this amount of trouble anyway.

The problem is that the whole business of tracking is cumulative. You are a profile! So even if you manage to dodge tracking periodically, as soon as an ad network or market research or behavioral tracking company figures out it is you then you are being tracked again from where they left off. The trackers are sending data about you to multiple companies and data bases simultaneously. You don't even have to be logged onto a site for it to happen. The schemes and technologies being deployed for tracking purposes are increasing in complexity and number at an astonishing rate. Individual browser fingerprinting, as previously mentioned is only one example of a technology that makes disposing of cookies fruitless. And cookies are only a part of it. Much of it happens in real time. Third-party trackers using beacon technology can match the data they collect about you in real time with other databases containing geolocation, financial, medical and other information in order to expand your profile to predict your age, gender, zip code, income, marital status, parenthood, home ownership, as well as unique interests, purchasing history and ultimately to connect this data to your actual identity. If you visit other websites that work with the same ad networks that control the trackers you picked up on say, Dictionary.com, the original tracking file will take note of the connections. As this continues, your profile will become more and more specific to your interests as well as enriched by any information you willingly share with the participating websites. So, if you're seeing more and more advertisements that seem oddly tailored to you, it's probably not a coincidence.

OK, let's say that I've completely cleared my computer of any cookies, super cookies, web beacons, trackers, history and cache files and go back online fresh as a baby. If I log onto Facebook, check my Gmail, do a Google search...whatever, as soon as a tracking technology discovers I'm back online it says, Hey, There's EZO! And from that point forward I am being tracked again from site to site, with every click, search, sometimes keystrokes, mouse hovers and so on and so forth being recorded to one of many profiles being created about me by numerous tracking and monitoring companies. While most of these outfits speak in vague terms about, "anonymous data in the aggregate", it becomes a trivial matter to identify you personally as these profiles are being built. They want to know who you are and everything about you. That's the whole point!

In some cases using beacon technology (sometimes in concert with cookies), your keystrokes are being logged as you type, believe it or not! A simple demonstration of this is when you type a search in Google or Bing and it starts predicting and feeding you possible search terms as you are still typing. In fact, it starts presenting you with search terms instantaneously as soon as you type a single letter! Think about this! Do you think this technology isn't being used to monitor your keystrokes elsewhere without showing it to you in real time, or not making you aware that it is happening at all? Do you think only Google or Bing use this technique? Incidentally, at least on Google, instant key stroke logging keeps functioning even if you disable cookies, web bugs and beacons and practically everything else! (Edit: you can disable this kind of keystroke logging if you disable Javascript globally in your browser preferences but you would be giving up a lot of other web functionality.) (Edit #2: Apparently, NoScript will block keystroke logging on Bing but not on Google.)

Of course, Google and Yahoo scan and "read" your personal email. You know that don't you? This is in part how they decide what ads to serve up to you. Do you really believe they ignore who you are and only go by the general content of your message? They not only scan your email and know your name and email address because you are a registered member but they are scanning, recording and analyzing the data along with names and email addresses from messages from people you correspond with who are not signed up with Gmail, or Yahoo Mail who may not wish to have their messages scanned and have their names and email addresses recorded into a database. At least it could be said that you agreed to the Terms of Service (TOS) when you signed up for your account but the people you correspond with certainly didn't. You should also be aware that messages sent or received via Gmail type systems contain beacons (web bugs) with unique identifiers that report back that you've opened the message, the date and time you've read it and other details, like if you've forwarded the message and your IP address. Every subsequent time the email message is displayed can also send information back to the sender.

Did you know that if you go to Dictionary.com to look up a word, the site instantly places 234 trackers on your computer? It's true! The top 50 websites in the United States install an average of 64 individual trackers to visitor computers with little to no disclosure. Some websites among the top 50 exceed 100 trackers. The Wall Street Journal published an important series of articles called "What They Know" that would be well worth taking a look at. The WSJ also published a worthwhile blog posting on the same subject with an interactive graphic showing how tracking works and how pervasive it is. I would encourage anyone reading this post who is concerned about this issue to take a look and spend some time with the interactive graphic. This is where I learned how many trackers Dictionary.com places on peoples computers. You will find it HERE. Ironically, this very page at the Wall Street Journal is full of trackers itself but to their journalistic credit, they at least put themselves on the list. (60 trackers)

There are two basic types of trackers, "first-party" trackers, which transfer benign text files to users' computers in order to enable websites to remember user information, such as items they've placed in their shopping cart or field data for forms that have already been filled out. This is how you stay logged into CPF, for example. Then there are "third-party" trackers, which also transfer files to users' computers but these are in order to gather data about much more than just their session on the tracker's site of origin. While first-party trackers are useful to users of individual websites and limited in scope to very particular data, third-party trackers, unlimited in reach, are pushing the boundaries of privacy and ethics online. While the word installation may connote visible, mechanical processes that slow things down or conjure images of slow progress bars in your mind, the actual process of placing trackers on to visitor computers is much faster, nearly instantaneous in fact, and for most users, completely invisible. The fact that it goes unnoticed by the majority of web users and that most people have only a vague sense that something so pervasive and intrusive is happening is what makes it so effective and insidious. The technology is highly complex, especially on the server side and is often proprietary so that it is difficult for even professional observers to understand how it functions.

For the time being, the only defense available is to attempt to prevent being tracked in the first place and this is where the tools mentioned previously in this thread are most valuable.

 

[EZO]

Here is an interesting TED talk presentation by Gary Kovacs, CEO of the Mozilla Corporation where he discusses the explosion of, and his displeasure with, the largely unregulated 39 billion dollar internet behavioral tracking industry.
In the talk, he expresses the idea that it's your right to know what data is being collected about you, by whom and how it affects your online life. He unveils a new experimental Firefox add-on called Collusion that will help do just that using a unique graphical interface. You can download it HERE.

 

[LEDninja]

A lot of websites automatically track what pages you go to. Especially those that need you to log in. Now they are storing that information.

-----

There is a new tracker this year. If you just browse CPF you will find your browser has been tricked into sending out info like this:

https://s-static.ak.facebook.com/co...gment#xd_sig=f16d695b8&&transport=postmessage

http://static.ak.facebook.com/conne...gment#xd_sig=f16d695b8&&transport=postmessage

If you do not want facebook to collect your browsing history stay away from pages that have a 'login with facebook' button. Such as the CPF main page. The 'Like facebook' button does the same thing.
I have 'Fixed Lighting', 'General Flashlight Discussion', 'LED flashlights', 'Cafe' bookmarked. Avoid going in through the CPF main page now.

You can also prevent facebook collecting your info if you turn off 'Enable Javascript' but most websites don't work properly with Javascript disabled.

 

[EZO]

Firstly, nobody's web browser is being "tricked" into doing anything. The pages simply have additional functionality built into them. Also, while most web sites do record and store basic information about your visit as they always have, such as your IP address, web browser info, screen resolution, general location, operating system, where visitors are coming from and going, etc., the real issue here is not that sites are storing anything they haven't before but that you are being tracked....."stalked" is probably a more accurate word, as you go from site to site by independent entities and networks, often in collusion with the specific web sites you are visiting (hence the name of Mozilla's tracker tracking add-on, Collusion). The solution is to disable the harmful, intrusive technologies that allow the tracking to function with as little disruption to your usual web browsing as possible.

There is absolutely no reason to avoid visiting certain pages such as ones with a "like Facebook" button or a "login with Facebook" button. If you use the browser add-ons mentioned previously in this thread you will gain almost complete control over what functionality you will allow on any given web site you visit. So, for example, instead of disabling JavaScript completely in your browser, use NoScript to control which particular scripts you wish to allow or dis-allow. Use Ghostery to prevent various tracker technologies such as web bugs, tags, beacons and certain scripts from functioning and use BetterPrivacy to eliminate Super Cookies. Be careful about how and when you allow cookies to function, perhaps only allowing them on sites you need to log into. Clear your entire browser history, including cookies on a regular basis, at least after each browsing session, at a minimum. Also, use the Ad Block Plus add-on. Another option is Do Not Track Plus. (Be careful about employing too many similar anti-tracking tools at the same time as they can interfere with one another. For example, Do Not Track Plus works fine but has been known to cause problems when used on top of other add-ons such as Ghostery and BetterPrivacy.)

There is another recently introduced privacy tool - TrackerBlock 2.2 from PrivacyChoice.org that provides cookie blocking and deletion, opt out cookies for hundred of companies and HTML 5 Control which shows you which web sites are using HTML 5 to store data on your computer and lets you delete it. I have no experience with this add-on but it is seems worth exploring.

LEDninja - Here is a screenshot of Ghostery at work blocking the Facebook links and scripting that are of concern to you on the CPF main page and another screenshot of additional Facebook plug-ins being blocked elsewhere. Other embedded Facebook and Twitter links and such can be disabled using NoScript.

BTW, CPF engages in perhaps the most minimal tracking it needs for basic functionality and we should thank Greta for that.
Here is the Ghostery menu for THIS page.

 

[EZO]

So far, this thread has primarily revolved around the issue of online tracking by behavioral monitoring firms and ad networks that occurs when you surf the web. There is another important and often overlooked major piece of the internet privacy puzzle that goes hand in hand with ad network profiling and behavioral tracking that has even greater implications and in certain ways more serious threats to your personal privacy. SEARCH!

Every time you use Google or any other search engine to search for a topic online your search query is being recorded and those search terms along with associated key words and other detailed information about you such as your IP address and User agent are transmitted to the web sites you end up visiting as a result of your searching. More importantly, search engines like Google are compiling huge databases of highly detailed profiles on individual users based on your search histories! This is especially true if you are logged into any search based web sites like Yahoo and Google. If you are logged onto Facebook or Gmail or Yahoo, do a search, click a like button, post to Twitter, watch a YouTube video, click a link to purchase a product, view a Google doc or whatever, Google (and Facebook, Yahoo etc.) is compiling a personal dossier about YOU! When you search for something private, you are sharing that private search not only with your search engine, but also with all the sites that you clicked on (for that search). This information can identify you directly along with your location. So when you do that private search, about, say a medical or mental health or financial issue not only can those other sites know your search terms, but they can also know that you searched it. And as explained previously in this thread, even when you log back out, you are still being tracked and monitored unless you take steps to protect your privacy. On many occasions Google has provided individual search profiles to government agencies without due process. Google has received thousands of US Government requests for user data and has complied with 94% of requests.

An important aspect of the loss of search privacy, personal profiling and search relevancy has become known as Search Bubbling aka Filter Bubbling. It has been conclusively shown that different people entering the IDENTICAL SEARCHES in Google are being delivered DIFFERENT RESULTS based on their previous search histories and personal profiles. If you are a Progressive left wing environmental type you are fed related material; if you are a Conservative right wing Christian, you are fed material that Google's algorithms think are what you want to see. If you are of a particular ethnic group or have a particular hobby, enjoy a particular kind of food or literature or music, etc, etc., then that is what you will see. You are being placed in a BUBBLE! This is being foisted on the public in the name of convenience and helpfulness and to sell you products. The problem here is that you are only being offered what you already know. You are not being shown opposing points of view or being offered the opportunity to discover new things or learn of new styles of music or areas of interest you might otherwise benefit from that are outside your realm. In the scheme of things, this is not a good thing and you are giving yourself over to large corporations deciding what information is available to you.

Many folks are not happy about this and are taking steps to do something about it. There are some highly effective alternative search engines that have entered the picture and if your privacy and search freedoms are of concern to you I recommend that you have a look at them out. These new search engines DO NOT record your searches. They DO NOT record your IP address. They DO NOT profile you. They proactively protect your privacy. The result is that when you do a search and click on a link you are not transmitting your search to other websites or to ad networks and your searches will provide more diverse results since you are not being profiled. Check them out!

The privacy protecting search engines are:
DuckDuckGo. Be sure to read their privacy policy page.
Startpage - Their privacy policy page is HERE.
Ixquik - This is the sister page to Startpage

One of the key figures bringing attention to the Filter Bubble phenomenon is Eli Pariser. His interesting and enlightening TED talk on this subject is well worth 9 minutes of your time if these kind of issues are important to you.

 

[eh4]

Great contributions EZO,
Well worth repeated, slow reading with pencil and paper, Thanks.

 

[EZO]

A little review here for the folks who don't like to read longer posts and to make the previously suggested privacy tools (and a few other ones) more readily accessible.........Let's go back to Dictionary.com, one of the previously mentioned sites from the Wall Street Journal tracking exposé. Out of the 234 trackers it installs onto users' machines, only 11 of them are first-party trackers. That leaves 223 third-party trackers, all with unique agendas. When a third-party tracker is downloaded by a computer, it assigns that machine with a unique identification number (something like "4c681zs2873...") stored inside a cookie associated with the web browser being used. So, if you've visited Dictionary.com recently, (or any of thousands of others) it's likely that those trackers are running on your machine right now, gathering data about you by observing your web browsing session—not just the pages you view on Dictionary.com, but all sites you visit with that browser. If the tracker is using a technology called a "beacon," it can even record your keystrokes! This is only ONE of many entities and networks that are probably watching you right now.

Really, think about that for a moment! If a tracker can record every site you visit and the things you type—search queries, instant messages or emails using web-based systems, comments, etc.—it can quickly assemble a very thorough and accurate profile about you. It is worse than just profiling you; they are SPYING on you! These techniques are unethical, potentially illegal, even possibly unconstitutional and downright creepy!

Privacy Tools: Use them!

And be sure to have a look at the excellent privacy protecting search engines that do not track you or record your searches - DuckDuckGo and StartPage.

	Adblock Plus Blocks ads. Firefox | Chrome
	AdBlock Blocks ads. Safari | Chrome | Opera
	AdSweep Blocks ads. Opera | Chrome
	Beef Taco No ad network tracking. Firefox
	Disconnect No tracking from major sites. Chrome | Firefox | Safari

Ghostery No third-party tracking

NoScript Security and Privacy Tools

Do Not Track Plus Stops Secret Tracking of your web browsing

BetterPrivacy No Flash Cookies aka LSOs aka Super Cookies

Mozilla Collusion Allows you to see all the third parties that are tracking your movements across the Web

 

[orbital]

^^^^^^^^^

EZO, I'll go ahead and speak for many people to say Thank you
for all your work on this.

There is nothing,, nothing more unAmerican to me, than our privacy being eroded by special interests groups
& the endlessly overused "for National Security" reasons.

...written by me

 

[Launch Mini]

Here is a "fun" music video from a number of years ago, thought it would be fitting for this post.

http://www.youtube.com/watch?v=7YvAYIJSSZY

Sorry, don't know how to embed it easily

 

[EZO]

Thanks for your nice comments orbital, eh4 and JemR. And thanks orbital for posting about this subject in the first place so I could get on my soapbox about it.
One of this biggest problems with this issue is that most people don't even know it is happening, so my hope is that as more folks do become aware of it and realize the negative long term consequences, perhaps people will start demanding their privacy.

 

[orbital]

+

Everyone who uses Twitter is allowing every keystroke to be collected & shared with a Third Party partner
who then has the right to sell that information.

Trend on you twitts

 

[LloydV]

Thanks for your nice comments orbital, eh4 and JemR. And thanks orbital for posting about this subject in the first place so I could get on my soapbox about it.
One of this biggest problems with this issue is that most people don't even know it is happening, so my hope is that as more folks do become aware of it and realize the negative long term consequences, perhaps people will start demanding their privacy.

that is fundamentally why it's very hard to rein in. there's a lot of users for data miners to track and exploit, which makes it a lucrative undertaking for them. if all (or most) of the users are averse to it, it may be different.

then again, there are probably dozens of people who go online for the first time everyday.

 

[Tim B]

How well to virtual private networks protect you? I mean the kind you subscribe to and use on you home system like VyperVPN or HideMyAss or other similar ones. I know these mainly function to hide your IP address kind of like a proxy server does but how are they effective in other ways or are they not worth the trouble?

 

[Sub_Umbra]

Privacy is a small moving target. Even if our machines are perfect we are all still subject to traffic analysis. I like custom remastered LiveCDs and LiveDVDs from obscure Linux distros. My OSs all run from ram. Any attacker would have to get in but any changes made will only be in ram as the live optical disks are finalized and cannot be changed in any way. When I want to buy on-line I reboot back to a pristine system.

I haven't had an OS installed on any of my personal boxes in years.

 

[smarkum]

what are our options for email if we are a gmail user?

 

[gadget_lover]

I'm the exception. I spent 30 years in the computer field, several of those in data security for a couple of fortune 500 companies.

It is my opinion that for the average person, the tracking is neither nefarious nor damaging. Sometimes it's the only way to do business. Other times it just pays the web site's bills for what you are getting for free.

Like all things, it can be abused. And it will be abused. The question is always whether you get more value than harm from the transaction.

Daniel

 

[blasterman]

True....

In the meantime I'm just glad Derek Jeter isn't having a sex change.

 

[fisk-king]

Great post. Just about 80% of the tools you listed I use for firefox. Another one I would like to add is HTTPS Everywhere from Electronic Frontier Foundation. It can be used for Firefox and Chrome.

If anyone out there would like to up their privacy even more I would suggest researching onion routing (Tor Project) and i2P networking. Alot of individuals in countries where internet is censored (e.g. Iran, Egypt, China etc.) use these networks alot in order to gain access to info their gov't have censored.

A little review here for the folks who don't like to read longer posts and to make the previously suggested privacy tools (and a few other ones) more readily accessible.........Let's go back to Dictionary.com, one of the previously mentioned sites from the Wall Street Journal tracking exposé. Out of the 234 trackers it installs onto users' machines, only 11 of them are first-party trackers. That leaves 223 third-party trackers, all with unique agendas. When a third-party tracker is downloaded by a computer, it assigns that machine with a unique identification number (something like "4c681zs2873...") stored inside a cookie associated with the web browser being used. So, if you've visited Dictionary.com recently, (or any of thousands of others) it's likely that those trackers are running on your machine right now, gathering data about you by observing your web browsing session—not just the pages you view on Dictionary.com, but all sites you visit with that browser. If the tracker is using a technology called a "beacon," it can even record your keystrokes! This is only ONE of many entities and networks that are probably watching you right now.

Really, think about that for a moment! If a tracker can record every site you visit and the things you type—search queries, instant messages or emails using web-based systems, comments, etc.—it can quickly assemble a very thorough and accurate profile about you. It is worse than just profiling you; they are SPYING on you! These techniques are unethical, potentially illegal, even possibly unconstitutional and downright creepy!

Privacy Tools: Use them!

And be sure to have a look at the excellent privacy protecting search engines that do not track you or record your searches - DuckDuckGo and StartPage.

	Adblock Plus Blocks ads. Firefox | Chrome
	AdBlock Blocks ads. Safari | Chrome | Opera
	AdSweep Blocks ads. Opera | Chrome
	Beef Taco No ad network tracking. Firefox
	Disconnect No tracking from major sites. Chrome | Firefox | Safari

Ghostery No third-party tracking

NoScript Security and Privacy Tools

Do Not Track Plus Stops Secret Tracking of your web browsing

BetterPrivacy No Flash Cookies aka LSOs aka Super Cookies

Mozilla Collusion Allows you to see all the third parties that are tracking your movements across the Web

 

[EZO]

I'm the exception. I spent 30 years in the computer field, several of those in data security for a couple of fortune 500 companies.

It is my opinion that for the average person, the tracking is neither nefarious nor damaging. Sometimes it's the only way to do business. Other times it just pays the web site's bills for what you are getting for free.

Like all things, it can be abused. And it will be abused. The question is always whether you get more value than harm from the transaction.

Daniel

I would have to respectfully disagree with your views here. While it is perfectly reasonable to engage in fairly sophisticated, in depth market research, or user tracking to provide a level of service and convenience that is of value to people, what is happening in the now 40 billion dollar online tracking industry is something else entirely and it goes far beyond paying a website's bills or providing value added services into the realm of a ubiquitous surveillance culture on steroids. The depth, breadth and granularity of real time online tracking, profiling and cross referencing of individuals is something most "average persons" would find abhorrent, assuming they even know it is going on at all. While many have no problem having Amazon or eBay track their purchases or product searches and offering suggestions accordingly, or the New York Times or Wall Street Journal monitoring which articles they read or even having Google place one into a "search bubble" offering up results based on what it decides you should be looking at based on your individual profile, many folks would not be happy to learn about the most personal, intimate and private aspects of their lives going into multiple personalized databases and that it is happening without their knowledge or permission. For example, I cannot imagine a scenario where someone typing a search query into Google seeking information about an extremely private and personal medical, psychiatric or sexual condition that they may or may not even have who would be comfortable about or happy to know that such searches are being recorded into a permanent personalized dossier. Out here in the "real" world we have laws concerning wiretapping, letter tampering, the recording of private conversations without the other parties knowledge, etc. but somehow the world online has evolved into a privacy free for all where we have the Googles and Yahoos of the internet scanning every email for content and everything we say and do online is up for grabs to the highest bidders. When every click, mouse-over, search query or even keystroke is used to compile highly detailed personal profiles on individuals into enormous databases it will do more harm than good in the long term while offering little in the name of real "value". The abuse is baked into the cake. Of course, this isn't just being done in the name of corporate profits. Many government agencies around the world are salivating over these technologies and tracking capabilities. The Nazi SS would have loved it.