Defeating Google's Perpetual Search Logging 251
heretic108 writes "Google's policy of storing everyone's search histories forever is causing concern amongst many, especially since Google stores a cookie on everyone's PC expiring in 2038. But at least one user is fighting back. His short and simple guide tells you how to set up any decent web browser so that it routes Google requests through an anonymous proxy, while sending everything else direct to the net for full-speed surfing. Follow these steps and get Google's nose out of your business once and for all."
Hilarious guide, using Tor.... (Score:2, Interesting)
Besides, not one word about JavaScript......
Re:Hilarious guide, using Tor.... (Score:2)
Hey, if this is just a thread to promote software, the Proxomitron [proxomitron.info] can do similar things for you, plus block advertisements, fix formating, ... Works with all browsers that support proxies. Only real problem is that it needs wine or windows.
Advertisement ends. Proles [newspeakdictionary.com] will now resume purchasing.
ARTICLE IS INCORRECT (Score:2, Informative)
IMPORTANT
The settings in the article are wrong, and if you use them you are likely under the mistaken impression you're going through TOR when you're not.
The correct wildcard setting should be something like "*google.*/*" (this is conservative, meaning it'll catch some things that aren't from google.com, but at least the google addr
Re:Hilarious guide, using Tor.... (Score:5, Informative)
That, and who thinks they are fooling anyone by doing this? If you have a Google account for other services like Gmail, then you must allow Google to set a cookie, and you are still identifying yourself. You're also giving up the ability to customize your searches (safesearch, number of results, languages, etc).
Depending on how your cookie settings are set, the only thing Google will know is what you're searching for. If you're really that worried about it, just delete the Google cookie when you're finished for the day/week/month. If all you use is Search, then just blacklist google.com in your cookie settings. That, or you can send all your traffic through an anonymous third party who has no accountability. If you're concerned about absolute privacy with regards to Google, it seems unlikely you'd give the same information to some anonymous others.
Re:Hilarious guide, using Tor.... (Score:3, Informative)
This can be circumvented as follows:
It's true that if you don't accept a cookie from google.com, you can't login into Gmail. I've solved the issue by allowing google.com's cookie, but using google.ro
Re:Hilarious guide, using Tor.... (Score:3, Informative)
Re:Hilarious guide, using Tor.... (Score:2, Troll)
> Google account for other services like Gmail, then you must allow Google to
> set a cookie, and you are still identifying yourself.
An amazing but true fact: some of us do not have Gmail accounts, or use any Google service other than search.
Re:Hilarious guide, using Tor.... (Score:3, Insightful)
How to access your gMail -without- needing Cookies (Score:3, Informative)
provides access via eMail clients, eg, Eudora, OE, etc.
So, using a "real" eMail client, no cookies aer required.
QED
non isp email you can use with a client (Score:2)
gMail is about the only (non-ISP) web mail service that also provides access via eMail clients, eg, Eudora, OE, etc.
I don't know about others, though I think with Hotmail you can use one, Yahoo! allows you to use an email client.
FalconRe:non isp email you can use with a client (Score:2, Informative)
GMail is the only free web mail service that I know of that you can access through any email client.
Re:non isp email you can use with a client (Score:2)
Hotmail can only be used with Outloook Express, and to get POP access with Yahoo mail you have to pay.
GMail is the only free web mail service that I know of that you can access through any email client.
I figured that about Hotmail, I used to use it but that was way before MS bought it. I started using Yahoo! mail when I joined some clubs, now called groups, years ago. But I didn't know you had to be a paying customer.
FalconRe:non isp email you can use with a client (Score:2)
This allows some junk email addresses that can be used as required without needing to log into Hotmail periodically. i set mine to check hotmail every 30 minutes or so and have my dominant email addresses every 5 or 10 minutes.
Just google for it and choose what you wish to know about it with 57,000+ google hits.
Cookie myth (Score:5, Insightful)
Having a dynamic IP does not help if you use your computer regularly to check email, log in to slashdot, or visit your unique collection of news sites: anything that can link your particular IP-of-the-day to your identity.
Re:Cookie myth (Score:3, Informative)
Oh, but there's more. It's not just searches. Just today I noticed that Google is serving css and javascript from www.google.com for third-party sites such as blogs.
So in ot
Re:Hilarious guide, using Tor.... (Score:3, Informative)
Or you could just block cookies (Score:2)
Pffff... (Score:5, Insightful)
Use MSN Search instead! Ha!
Re:Pffff... (Score:5, Informative)
He's absolutely right. Do you honestly beleive that other search engines do not save the searches you type into THEIR server? What just happened with AOL? At least Google is honest about it and made it publicly known that everything is saved, thus giving you the option to not use them if you don't like that.
They're providing a free servivce to you, if you don't want them to know what you're searching for, don't use the service. Or waste time setting up proxies and whatnot. But as has been mentioned, you better proxy everyone, because every web service you use probably saves some information about you.
Personally, I have too many other important things in my life to worry about other than the fact that google saved that search for "hentai porn" last week.
Since you're already on the list... (Score:2, Funny)
Re:Pffff... (Score:5, Insightful)
If you believe that storing the information is in and of itself evil, then you are free to attempt to set up competing services. If you aren't using the information garnered about users to deliver targetted advertising, you are likely going to have to charge a fee as internet search (and the other goodies that Google delivers) are fairly expensive to do. Very few people would be actually willing to pay for internet search when they can get it free (or advertising supported, to be more accurate) from many other places online, so your costs would be distributed among just a few people, meaning the per user fee will be quite high. Or you can simply not use Google, MSN search, Yahoo, etc. Good luck competing in today's society that way.
I haven't seen Google do anything major to break the trust that they have earned (besides going public, which does mean that choices are in some way no longer strictly under their control.) Untill such time as they show otherwise, my experience is that they are more concerned about my privacy than any other data amalgamating corporation out there. I have decided that for me, the benefit gained from using Google is worth the risk that the data gleaned from my use presents. There are going to be people in other fields with other... shall we say interests for whom this does not hold true. I this is the case, be careful what you search for, and assume that anything you search or allow Google to search on your computer if you use Google Desktop or similar can be used against you. Anonymizing proxies and others may help to some extent as long as you are careful not to give any link to yourself through the proxy. And remember, sometimes being TOO paranoid mades you stick out and "THEY" will start watching you simply because "THEY" think you have something to hide... then you have to go VERY deep under cover, which means you no longer have a personal life, only a cause.
Re:Pffff... (Score:2)
The Googlebot awaits you ; )
Re:Pffff... (Score:4, Insightful)
(What meta search engines are and what their URLs are is left as an exercise for the reader)
Re:Pffff... (Score:2)
Aggregate information sure - but if its tied to a specific user its against european law at least.
"They're providing a free servivce to you, if you don't want them to know what you're searching for, don't use the service."
No, if they are being immoral they have no place on the net and can get the hell of - free or not.
Re:Pffff... (Score:3, Interesting)
You have more to fear from slashdot's awesome comment saving system. All the baddie's must do is pay the nominal subscription fee and they have access to every inane comment you have ever posted here.
Re:Pffff... (Score:5, Insightful)
What's with the "Pffff"? Pshaw right back atcha!
Anyway, the topic really isn't Google's right (or desire) to log your searches. It's about anonymizing your Google searches. They've still logged it, just not tied back to you in any way. If they're logging for purposes of statistical analysis, it's no problem for them, is it? Where's the agreement that I have to search under my own identity?
Re:Pffff... (Score:3, Interesting)
Se it up as a distributed.net style program and spread it all over the world. Within a few weeks, the top searches would be on words like "bomb" and "incest" and "child porn". Within a few months, Google's search analasys would be worthless. Not only that, but anyone trying to log the data to find a terrorist would be completely swamped.
This could work for phones too. Set up Sky
Why only Google? (Score:4, Interesting)
RTFS: "for full-speed surfing" (Score:5, Informative)
Re:RTFS: "for full-speed surfing" (Score:3, Interesting)
Easier, but less effective (Score:2)
Re:Easier, but less effective (Score:2)
Re:Why only Google? (Score:2)
At the same time however the article says that your search' you send to google are your business but in fact they really are Google's business.
Re:Why only Google? (Score:2)
Re:Why only Google? (Score:2)
Surfing through a proxy is slower than surfing directly. Surfing through Tor could potentially be much slower, even, because you lose the caching nature of the web's TCP/IP route-finding and because data is constantly being encrypted and decrypted. FoxyProxy (mentioned in the article) provides the ability to selectively use Tor or another proxy based on the URL, which is just the right amount of choice I'd like.
It's annoying, however, that the HOWTO includes the step "Set Firefox so that it only keeps coo
Speed. (Score:2)
Re:Speed. (Score:2)
tracking searchers (Score:2)
Doesn't it seem much easier just to use one of the other half dozen search engines? AllTheWeb and other sites are perfectly valid choices for Google haters.
Not if you're concerned about being tracked, I'd bet most if not all search engines track people. They have to as most of them survive on advertizing and advertizers want to be able to track users or at least get an idea of who is clicking their ads.
FalconRe:tracking searchers (Score:2)
Re:Why only Google? (Score:2, Interesting)
Some folks say that tor browsing is slower but I haven't really noticed that. What I have noticed is that, when I surf slashdot through tor, I bump into the "can't login 'cause this ip is banned" thing much more often. Go figure: tor surfers are also slashdot abusers. :-)
Re:Why only Google? (Score:2)
Re:Why only Google? (Score:2)
Re:Why only Google? (Score:2)
Text before slashdotting (Score:5, Informative)
Abstract
A simple HOWTO for stopping Google from logging your search history.
The Problem
While Google.com is a brilliant search site, and while its proprieters claim to abide by their 'do no evil' motto, there is one practice that threatens to expose you to much evil down the track.
Google places a cookie on every user's computer, timed to expire in 2038. With this cookie, they can track you and log your entire search history. In fact, Google has recently indicated that they won't be deleting people's search histories.
While this cookie may not directly identify you by name, an analysis of your search history over time can definitely help an attacker (or abusive government authority) to identify you personally.
Many people fight back by setting up an anonymous proxy for all their web surfing, but this can slow down their accesses terribly. Such slowness sooner or later drives most people to revert to direct non-anonymous internet access.
A Solution
In summary, the solution is to clear all long-lasting cookies, set your browser to not keep cookies between restarts, and divert all google requests out through an anonymous proxy.
This will protect your privacy as far as google is concerned, but allow you to enjoy full-speed browsing with other sites.
Follow these simple steps:
Get access to an anonymous web proxy. A common favourite is the Tor network
Be using Mozilla Firefox.
Install the FoxyProxy extension for Firefox
Within FoxyProxy configuration, add an entry for your anonymous proxy. Within this proxy, add 2 whitelist wildcard rules, with the patterns:
http://.google.com/* [google.com]
http://google.com/ [google.com]
Clear out all your browser cookies
Set Firefox so that it only keeps cookies till you close Firefox (Edit/Preferences/Privacy/Cookies)
If there are any other sites that may be unduly logging your activity, and don't have a refular log deletion policy, add some entries for these sites into your anonymous proxy matchlist in FoxyProxy.
With these measures in place, all your regular web requests will go out directly to the internet, while all requests for *.google.com will go via the Tor anonymity network. Also, since your cookies are getting deleted every time you close/restart Firefox, then Google will no longer be able to build a history of your web surfing.
I appreciate that for some amongst us, this is like closing the barn door after the horse has bolted. But at least we can arrest the extent of the privacy violation which Google is perpetrating.
Conclusion
The searches you send out to Google are your business. You have the right to prevent Google from accumulating a perpetual history of your web searching. Use that right.
Re:Can't help but ask... (Score:3, Informative)
Re:Can't help but ask... (Score:4, Informative)
There's absolutely no reason to use a plugin for that, Firefox can do this just by itself (as can SeaMonkey, and even Mozilla could do it already). You can either create a blacklist of domains that are only allowed to set session cookies (tools -> options -> privacy -> cookies -> exceptions -> "allow for session" (which downgrades all cookies to being valid for the session only), or a whitelist of domains that are allowed to set cookies ("allow"), while everything else will honor "keep cookies: until I close Firefox".)
(So to put it in other word, Exceptions override any other settings, so you can use it as both whitelist and blacklist, while general settings govern all other sites.)
Re:Can't help but ask... (Score:2)
Re:Text before slashdotting (Score:3, Funny)
I believe the preference is stored in a cookie...
confused? Is it just me, or .... (Score:2)
I'm sort of confused how this is news?
Re:confused? Is it just me, or .... (Score:2)
Re:confused? Is it just me, or .... (Score:2)
Using information you freely gave to the service for the "right" to use that service.
Re:confused? Is it just me, or .... (Score:3, Insightful)
However, Google is an advertisement supported service and they still collect the search queries, even if they are annonomized. So
slow site (Score:5, Funny)
Re:slow site (Score:3, Funny)
Oh goodness (Score:3, Funny)
Heavens to betsy! This is big! How is it no one ever noticed this "cookie" thing before this Slashdot article?
I wonder if any other websites are doing this as well.
Re:Oh goodness (Score:2, Funny)
Then i became obsessed with finding snacks & shiny objects.
Re:Oh goodness (Score:2)
All three browsers are set by default to delete the cookies and browser history, cache when they exit, but two of the browsers take an extra step, they delete the entire ~/.opera and/or ~/.flock.
Firefox retains it, giving the user a choice to restore ~/.mozilla for use next time, even tho
Re:Oh goodness (Score:2)
You watch your mouth, young man! This is a family-friendly site, and we'll just be keeping the strong language to a minimum.
gmail? (Score:4, Insightful)
In the end, the simplest is to stop using google if you feel your privacy is compromised and try to find a company with a better policy.
I tend to trust google enough to keep my search history, so what that they know you search for killing your wife or drowning barbie dolls, let them assess all they want, because you cannot be found guilty of thinking about a crime.
Re:gmail? (Score:2)
Most of us want to keep the goverment out of our bedrooms. I'd like to see them kept out of my searches, too. Unfortunately, there isn't a whole lot that is effective that we can do about it. Aren't Yahoo! searches actually done through google? I thought I read that somewhere, and I don't care enough to loo
Re:gmail? (Score:2, Insightful)
PithHelmet can do this..? (Score:2)
It's possible Google could st
Re:gmail? (Score:5, Interesting)
A group in Canada was arrested for thinking about bombing a Hudson tunnel. A group in Miami was arrested for thinking about bombing buildings in Chicago. Not only didn't they have bombs, they didn't have materials or knowledge of how to put one together. They didn't even have money or connections, just that, as sick as they were, they wanted to perform bombings, at the time of the arrests, they simply didn't have any capacity to carry it out. Given that these were effectively pre-crime, it's not much of a leap as you think.
Re:gmail? (Score:2)
Re:gmail? (Score:2, Informative)
Re:gmail? (Score:2)
Simple Solution (Score:5, Interesting)
Customize Google For Internet Explorer [cg4ie.com]
Customize Google For FireFox [customizegoogle.com]
Both will anonymize your google cookie, click tracking and much more.
Both are free open source projects.
Defeating Google... (Score:2, Insightful)
I wrote a while back about concern's with Google's Desktop search, as it relates to HIPAA regulations, but never thought much about my own right to privacy when using Google's searches. I guess there could be a future version of a Joe McCarthy witch hunt, where the government could supoena Google and force them to release search data.
I bookmarked his site and will implement the methods at my workplace, since Google's responce was less than satisfactory, IMHO. It was along the line of "no patient informa
clusty (Score:5, Informative)
Clusty [clusty.com] has an excellent privacy policy. I'm going to try using them for a while and see if the results are comparable in quality to google's.
And before anyone says that you don't need to worry if you aren't doing anything illegal, try reading up on the history of the FBI. They had a massive file on Einstein, who, e.g., belonged to "communist front" organizations like the the American Crusade to End Lynching. Check out the Wikipedia article on COINTELPRO [wikipedia.org], especially the part about the murder of civil rights activist Viola Liuzzo (by a carload of Klansman with an FBI agent riding along), and the FBI's subsequent smear campaign against Liuzzo.
Re:clusty (Score:2)
Meh. Einstein still did what he was put on this Earth to do, never got sent to any torture sites, and in fact inspired a major government research program. Just saying "the FBI has a massive file on so-and-so" is just FUD, because unless you're somebody important they'll never bother to use it, and even for imporant people like Einstein they never did.
First they came for the Jews... (Score:5, Insightful)
because I was not a Jew.
Then they came for the Communists
and I did not speak out
because I was not a Communist.
Then they came for the trade unionists
and I did not speak out
because I was not a trade unionist.
Then they came for me
and there was no one left
to speak out for me.
- Pastor Martin Niemöller
The lesson? Speak out NOW, while someone else is being persecuted in violation of your Constitutional liberties. Eventually they always get around to coming after YOU.
In Germany, your neighbor typically turned you in because they didn't like you. Not because you were a Jew, a gay, or a commie.
Right now, today, someone you don't like - perhaps someone you don't even realize - can accuse you of being a terrorist - and at the very least there'll be a file on you. Good luck with flying after that... if you're lucky.
God, I hate apathetic people.....
Re:First they came for the Jews... (Score:2)
Re:First they came for the Jews... (Score:3, Insightful)
A) The prosecution who has a small army of attorneys, the entire local police force, and the FBI working diligently to prove you're a hardened criminal
B) Your free-of-charge public defender
Here's a hint. That public defender is already overworked and underpaid.
Given a vastly increased amount of information, unless you have pockets
Re:First they came for the Jews... (Score:2)
Can you still fly? Yeah, that's what I thought.
As far as the Niemoeller quote, I'd like to respond with another quote:
Re:First they came for the Jews... (Score:2)
In this digital age you need to forge my ID and pose as me on some Muslim board, and talk about terrorist deeds.
Or, I need to piss off a rich person with Gov't connections. Etc.
In this age, that is how it is done.
Re:First they came for the Jews... (Score:2)
That's nothing - good luck flying out of the UK at the moment at all.
Re:First they came for the Jews... (Score:4, Funny)
But you don't do anything about it
Summary is misleading (Score:3, Interesting)
No it doesn't. It tells you how to set it up with Firefox and only Firefox via the FoxyProxy extension. That's a far cry from what you're claiming; no instructions for Safari or Opera.
Re:Summary is misleading (Score:2)
Maybe you'd like to contribute some
Re:Summary is misleading (Score:2)
Easier ways to do it (Score:2)
Re:Easier ways to do it (Score:3, Informative)
No need for a Firefox extention (Score:5, Informative)
Place the above in a text file, and set it as the automatic proxy config file for your web browser (for Firefox users, Preferences>General>Connection Settings).
The matching string *http://*.google.*" should be used instead of http://.google.com/* [google.com] as a foreign proxy will cause Google to redirect you to its respected cctld.
A little more ofuscation with that omlette please (Score:2)
signature across any number of proxies? Google has you
in thier database. They got your number. Don't fight it,
they even know what's best for you.
Re:A little more ofuscation with that omlette plea (Score:2)
You don't have to use their services.
> We have not given consent for our emails sent to Gmail for them to be
> analyzed and profiled.
You sent the messages there.
> I think in the future some advanced countries will start to legislate as to
> what these companies can and can't record and what they can do with the
> information.
If any significant fraction of the population actually cared about this sort of stuff they wo
Getting Google's nose out of your business... (Score:3, Funny)
Isn't that overkill? (Score:2)
"Privacy" my ass. (Score:2, Interesting)
So, instead of sending your search results to Google to be recorded, you're sending them to both Google and some unknown third-party?
Explain to me how giving some stranger all your search results will protect your privacy, Slashdot.
Not going to be good (Score:2)
Isn't that what SCO's been saying for the last few years? Whatever amazon plans to do with this (I promise you they DO have plans), probably won't be good for anybody. Best case scenerio, they'll charge up the ass for someone that wants to do something useful with the data. More likely, it'll be used for really intrusive and annoying "services" [aclu.org], or possibly another horrendous secret government-corporation collaboration [eff.org] to "protect" us from "terrorists". W
I have a better solution: Privoxy + Tor + i2p (Score:2)
I've been happily using Privoxy [privoxy.org] + Tor [eff.org] + i2p [i2p.net] together for quite some time now to browse the web, Google and other sites of interest.
I also have 2 transparent Squid proxies in front of my LAN here (on my side) running with squid-prefetch, and they too use the same privoxy and tor and i2p setups for prefetching. This way, duplicate requests from anyone inside my network don't HAVE TO go to the live site, if it already exists in the Squid cache. Since its transparent (done at the router with iptables), the us
All my private information!! (Score:2)
and like the time I searched for my phone number, and social security number, and license plate number, and my street address... all that info is saved in there with my search history too!!
Cookie trading (Score:2)
Can't you just? (Score:2)
But (Score:2)
Proxies still pass queries (Score:2)
Some suggestions... (Score:4, Insightful)
1) Use a different search engine: Google (and most businesses) I'm sure will not care what you say until a critical mass
of users using other search engines (or any other product) lose customers. Of course, since they have not changed their
business model or practices since their inception, I don't think that is really going to happen anytime soon.
2) Execute a technological workaround: However that has the drawback of if (and I say if) Google decides to become nasty,
they just ban you from their system, which they could legally do, since you are violating their company policy (which again forces
you to use another search engine, but this time not by choice).
3) Complain: Perhaps they may listen, perhaps they may not, but as a soverign business unless it affects their revenue stream
(which I don't think will happen, as they happen to be one of the best at execution of both their software and business practices)
I don't personally see their revenue slowing down anytime soon.
Last thing about this subject, it is true there is no such thing as a totally secure system, but Google does a pretty good job at what they
do, why hassle them when nothing has happened (not that it won't), but for now let Google run its ship, and just be happy with the service they
provide.
As one reader said earlier... you could use MSN Search.
Regards,
MBC1977,
(US Marine, College Student, and Good Guy!)
Pollute the history? (Score:2, Insightful)
My way ... (Score:2)
For others
1. Get a "mini" install of your OS of choice in vmware - DSL is damn small. Now that vmware server is free, there if no reason not to snag it.
2. Tar/zip/whatever the contents of the installed directory to a file somewhere. My "mini XP" is less than 400M compressed.
3. Use this install for all activities you feel threaten your privacy/sanity/etc.
4. Once done with said activity, delete the directory and
Not quite so sufficient (Score:3, Informative)
Then keep one window available with the anonymous browser and use it when you want to be private. Keep others around when you want the speed of direct connection.
A9.com = $$ (Score:2)
Of course, they get to correlate your searches and purchasing habits, but they do pay you for it.