You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

179 lines
5.5 KiB

<style type="text/css">
.box { border: 1px black solid; padding: 10px; }
#toc span { font-size: 150%; }
.pseudo-link { color: blue; text-decoration: underline; }
</style>
<!--
<div id="toc">
<span>Contents</span>
<ol>
<li><a href=""></a></li>
<li><a href=""></a></li>
<li><a href=""></a></li>
<li><a href=""></a></li>
</ol>
</div>
-->
<h1>Privacy protection</h1>
<p>
Have you ever wondered why so many web sites offer various services for
<q>free</q>? Consider social networks. They let you stay in touch with
friends, share photos, chat, recommend stuff, etc. Even if you are not
involved in a social network, you are probably using one of those cool
services around there such as a web feedreader, photo albums, online
documents, and so on.
</p>
<p>
Are they giving you "free" services? This depends on your definition of
<q>free</q>. Using them doesn't actually cost you money <em>directly</em>.
However, these companies do need money to operate. Their source of
revenue is derived mostly by advertisers and the more
information these companies have (tastes, thoughts, locations, relations, &hellip;),
the more they can profit from selling it. Yes, that's right: they sell
<em>your</em> information.
</p>
<p>
Too much paranoia? Maybe. However, let's try a test. Visit the link below
(it will redirect to doubleclick.net; it will work better if you visit it
with a browser/computer used only by yourself with no blockers):
<p>
<p>
<a href="http://www.google.com/ads/preferences/"
rel="external">http://www.google.com/ads/preferences/</a>
</p>
<p>
It probably guessed your demographic information and/or interests. How do
they know? They track your internet usage by means of an <q>HTTP cookie</q>,
which is a small file that some websites leave on your computer when you
visit them. While it is not a big issue <i>per se</i> (they can be used to,
for example, save your preferences for a website), they can also be used to
collect information about you, as shown above.
</p>
<p>
A cool and informative visualization of the tracking process can be seen
here: <a href="http://collusion.toolness.org/"
rel="external">http://collusion.toolness.org/</a>
</p>
<h2>Tracking methods</h2>
<p>
So, it would seem HTTP cookies (as just seen) are the problem. No, it is
(was?) the most widely used/known method. There are various other
techinques:
</p>
<dl>
<dt>Local Shared Objects</dt>
<dd>Like standard cookies, but done with Adobe Flash. Check the <a
href="http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager06.html"
rel="external">Website Privacy Settings panel</a>.</dd>
<dt>Zombie cookies</dt>
<dd>Yet another cookie type. This one's particular, though. It will be
recreated even if the user has deleted it. Actually, it's not just a
single cookie, like the HTTP or flash types. Other storage mechanisms
will additionally be used (e.g., <q>HTML5 Storage</q>, <q>Silverlight
Isolated Storage</q>, <q>Web cache|history</q>, etc. and if the user
fails at removing them, they will repopulate the data storage. Read
more here: <a href="http://en.wikipedia.org/wiki/Zombie_cookie"
rel="external">http://en.wikipedia.org/wiki/Zombie_cookie</a>.</dd>
<dt>Web bugs</dt>
<dd>A small or invisible object (like a 1x1 pixel image) is put into a web
site or e-mail message which is loaded from a third party. Read the <a
href="http://w2.eff.org/Privacy/Marketing/web_bug.html"
rel="external">Web Bug FAQ</a></dd>
<dt>Browser fingerprinting</dt>
<dd>Your browser can send information that makes could make your system
uniquely identifiable. See <a href="http://panopticlick.eff.org/"
rel="external">http://panopticlick.eff.org/</a></dd>
<dt>XXX More?? XXX</dt>
<dd>XXX</dd>
<!--
<dt></dt>
<dd></dd>
<dt></dt>
<dd></dd>
-->
</dl>
<p>
Even if you don't care about online privacy, you should be aware of the fact
that some of the above techiques can be used to impersonate you. See, for
instance, an article about <a
href="http://en.wikipedia.org/wiki/HTTP_cookie#Cookie_theft_and_session_hijacking"
rel="external">Cookie theft and session hijacking</a>.
</p>
<p>
So far we have seen some of the hidden risks to your online privacy that
don't require you to do something in particular, just that you browse the internet.
There are also various activities that are based on the information you
explicitly give (though, of course, the methods discussed above still
apply): search engines and social networks.
</p>
<h2>Search engines</h2>
<p>
Every time you submit a request to a search engine, they will log it and
associate it with you. XXX expand XXX. Alternatives: <a
href="http://duckduckgo.com/">http://duckduckgo.com/</a>, ...
</p>
<h2>Social networks</h2>
<p>
XXX expand XXX
</p>
delete EXIF information
<h2>Protect your privacy</h2>
<p>
So, how to protect your privacy on-line? Some useful suggestions:
</p>
<ul>
<li>Install an ad- or script-blocker and/or a filtering web-proxy:
<a href="https://addons.mozilla.org/en-US/firefox/addon/noscript/"
rel="external">NoScript</a> and <a
href="https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/"
rel="external">BetterPrivacy</a> (for Firefox), <a
href="http://www.privoxy.org/" rel="external">Privoxy</a>.
</li>
<li>
Turn off HTML in your mail reader (for web bugs).
</li>
</ul>
<h2>Resources</h2>
<ul>
<li><a
href="http://www.eff.org/wp/effs-top-12-ways-protect-your-online-privacy"
rel="external">EFF's Top 12 Ways to Protect Your Online Privacy</a>
</li>
</ul>
<div id="rcs_tag">$Id: privacy_protection.html,v 1.3 2011/11/28 16:58:03 jbaber Exp $</div>