|
This is mostly for anybody from the UK: Councils, Privacy and Google
This is mostly for anybody from the UK
I do realize that this doesn't really belong on this forum but as it is something that should concern everybody living in the UK at the very least, I thought I do raise the issue here. Councils, Privacy and Google In the current economic climate in the UK (and elsewhere of course), there is a quickly growing and worrying trend to incorporate numerous services that Google offers to webmasters. Where I live it started by utilizing googleapis.com (Google Code) (you may find that where you live they use yahooapis.com Yahoo! Developer Network instead), a service that provides webmasters with free API's (Application Program Interfaces, for details about what API's are and what they are used for, read the Wiki article here: Application programming interface - Wikipedia, the free encyclopedia), next followed google-analytics.com, a service that offers website analysis tools for webmasters, information on what you did where, how long you stayed on a certain page, etc. and I am sure, since Councils are driven to save money, more will follow. After all, the number of domains that Google uses is huge. This then raises a number of severe privacy issue. 1. Most Councils offer a link like 'Where I live' to give accurate information about services rendered there, ie. waste collection. To do this, you will usually be required to enter your postcode and for convenience this will be encrypted (if you are lucky) and stored in a cookie. This cookie identifies where you live, not roughly but it'll point directly to your front door and guess where that cookie is created? On one of Googles servers. 2. More and more connections these days come with a static IP address, Sky, Virgin and all other cable providers will assign you a permanent IP address. Basically a unique address on the web, so that servers know who requested a page and where to send it to. This is of course also required in setting the cookie I mentioned under 1. 3. The combination of IP address and cookie(s), there are usually several of them, then is an explosive mixture that allows you to be tracked, in fact you provider can even assign a name to you, after all, by law they are obliged to keep track of your movements anyway. Though I don't think Google is powerful enough to access those data (yet), postcode in combination with IP is quite sufficient to build a profile of exactly where you live, where you surf to, how long you spend on any given website, which pages you look at and more. 4. This information gathering (data mining in webspeak) is, via the cookies and you IP then sent to the USA, we ought to be aware that their privacy legislation can be a bit lax to say the least. 5. What is worse, unbeknownst to the vast majority of internet users, Google also uses so called tracking cookies, cookies designed to track your movements not merely across a single sit but across a multitude of domains. Are you beginning to feel just a tad paranoid? Well, you should be. To sum it up: In order to save on operating costs running their websites, Councils across the UK are breaching and intruding into your privacy, providing a commercial American giant corporation with all the details they could ever ask for and as I discovered here, had not even had the decency to alter their privacy statements. A few weeks ago I complained to my local Council about this, I will post my letter here later, and requested full disclosure of any data shared with Google, this was done in a Freedom of Information Act request. I have not received this information yet. They did reply yesterday to inform me that they had altered their privacy statement to accomodate their, in my opinion, wrongdoing. I will post a copy of there too in a subequent post. What can and should you do? There are a few things to ensure your privacy is at least guaranteed to a certain extent by following a few simple rules. 1. Surf the internet using a stable FireFox version, not a beta and most certainly not Internet Explorer (did you know that IE sends any request for a webpage you make to Alexa.com?). 2. Once you have FF, install NoScript. NoScript is a powerful tool that allows you to actually see ALL the sites that are opened in the background on any given page (you'll be amazed, believe me, when you see who else is listening in to your surfing). 3. Set up FF to only accept cookies from a Whitelist (a list of domains you trust and be sparse when you create that list). 4. Blacklist anything that remotely starts with google*.* and forbid any scripts of theirs from being executed. You can always temporarily allow a forbidden site but only ever temporarily and don't forget to withdraw that right as soon as you are done surfing a page. 5. This may prove diffcult but whenever you can, avoid google as a search engine full stop but then don't just move to yahoo, they are just as bad. Try https://ixquick.com instead, they are publicly funded and will never store your IP. Also, as you may have noticed, you can use a secure HTTPS connection to their server. 6. If you can't stay away from google, don't click the links they offer to open a website but rather copy the link, create a new tab or window and paste the link. This way, the referrer will always be from about:blank (oh, I nearly forgot, set your initial browser page to be a blank page). 7. Should you be familiar with the process, you might want to go through a web based proxy server. All you page requests will then be addressed to the IP of that server and not the one at your home. Only the proxy will know where the data eventually ends up, so be careful who you trust. I am fully aware that this is an incomplete list of how to secure your privacy, maybe someone on the forum has more to add to this but it is a start and do make sure that you check out your local Council for any breaches of its own privacy statement, complain till you are blue in the face and let others know about what our Councils are up to. I recently discovered a website, unfortunately I lost the link and I could kick myself over it, where UK Council webmasters discussed and bragged about how easy it was to implement all the wonderful offerings that Google makes and that leads me to believe that there may be grim times ahead for us in Britain, and of course elsewhere in the world. People used to be paranoid about what information Microsoft might be collecting about its users, they even went so far and tried to break the company up. Let me tell you, Microsoft is nothing compared to Google, nothing, they can't even begin to imagine what their vision of our future is. Google has and/or we have allowed them to, become so powerful, these days they are in a position to decide whos business thrives and who goes down the drain. Unless you show up on the first say 5 pages in the search results, you might as well not exist. Every time you complete a Captcha, you are giving Google more ability to OCR books, even ones that they have no right to digitize on the first place. You may soon find that history may be written by Google, not the people that made history. Besides, our Governments are helpless and without the background knowledge about this, so where does that leave your local Council? Sorry but I felt that this needed addressing. It may not be directly related to this site but the impact is such, that we all ought to be aware of it. After all, your real name, your nicknames, all stored and with that nice little IP address with it. If you were to ask google the right questions, you might not get that next job you've just applied for. And if that is not something to worry about, I don't know what is. Invitation: I would like to invite anybody with any insight into these security/privacy issues to share the knowledge with the community. |
This is the letter I sent to our local Council
This email complaint was triggered by discovering that our local Council had apparently signed-up with googleapis.com and google-analytics.com, thereby transferring information such as IP addresses, etc. to the United States.
Anybody here that knows more about the legal situation? No guesswork, just plain fact and if available, any weblinks relating to this. Quote:
We do need to fight back, not just sit back. |
This is the reply received yesterday regarding the above contact I made with them. This is not the outcome of my Freedom of Information Act request, that is still pending.
Quote:
|
Hoverfly, most of your post is pretty dead on and everyone, everywhere (not only in the UK) hopefully should be aware of that.
I don't have time right now to go thru the details of that post but I will eventually. But that said, there is one wonderful file that exist on all OS, called "host" that can fix most, if not all, of those issues. Find that file and manage it. Make sure you have that line first (it should already be there). This defines your own personal machine on the big net: 127.0.0.1 localhost Then, add this line below for any site you don't want. An example: 127.0.0.1 WhatEverTheFuckYouD'ontWant.com Want to know more? Check this site: Blocking Unwanted Parasites with a Hosts File This site even offers a pre-configured host file with a lot of the bad sites already mapped. Simply replace yours with theirs. Remember the old saying "There is no place like home"? Nowadays, you could say "There is no place like 127.0.0.1". That IP address is your PC's home on the net. Re-routing anything from the net to it will simply annihilate it. |
See, I told you I'd probably forgotten something. Thanks for adding this to the thread, everybody should be able to edit that file or, as you say, get the preconfigured one.
Much appreaciated your contribution. |
WOW! that was an eye opener!
THANKS! :) |
Yes, and thanks to Jo's contribution it became even more valuable, thanks again for adding to my forgetfulness.
Spreading just a little awareness of how to at least try and keep you safe in this wonderful digital world can be quite a daunting task and the issues raised here barely scratch the surface but I am pleased if it is of some little help. Always remember... There's someone watching you. ALWAYS |
TD: People used to get paranoid about Bill Gates and his cronies taking over the world, I think it is high time to change that old tune and worry more, a lot more about Google, Apple, Amazon and Facebook.
Long gone are the days when Google was a search engine, Apple a manufacturer of consumer electronics, Amazon a mere retailer and Facebook a social network. These days it is more of a case of them having expanded into every little nook and cranny, businesswise, that can possibly imagine. So much so in fact, that soon, there will be little internet trafic that doesn't have to go through one of their servers for just that extra bit of filtering. As I said in my original post, Google already has the power over who makes it in business and who doesn't, just by their placement in search results. I am not saying they are doing it but as we all know and history teaches us, if it can be done.... |
TD I am sure they've seen it all.
|
Quote:
Most people don't know or realize it but their never was any privacy on the net. From the very beginning, the second you're connected, you're traceable and trackable. This is normal too as it comes from the technology that connects it all. If you want a specific page, the server needs to know where to send it for you to see it. But nowadays, it goes far beyond that. Those companies you mentioned and many others are actually embedding even more sophisticated ways to track you, store this data and share it with others. If these initiatives were up front and honest, telling you they are doing that and asking you before hand if you want to participate, I'd have no qualm about it. The problem is that not only they don't tell you, but they actually hide these tracking devices as much as they can and it is almost impossible to detect/stop/circumvent them. This goes even further than the net. Just look at iPhones who 'phone home' back to Apple where your current location gets stored in a database. If you don't believe all this, have a look at PrivacyChoice - Making privacy easier. It will give you some hints. If you are using Firefox and want to be flaberghasted by a visual representation of who is tracking you, go there https://secure.toolness.com/xpi/collusion.html, install the addon, let it run while you do your usual surfing and you'll be amazed. Happy surfing, and beware, especially those 'Like' buttons. |
Thanks Jo, I knew I could tempt you to share some more with us. LOL
Yes, the IP address, your unique identifier on the web. Not that it is possible to do without, at least there is nothing that comes to mind. The iEverything these days. Oh, just in case anybody is wondering if switching any mobile will help? Sorry, it doesn't. The only time a mobile device really shuts up is when you either take the battery out or smash the thing up. Mind you, as close as I am to the sea, I wonder what they would make of me throwing it into the ocean? |
Quote:
I posted a few things so far. Hopefully, they might help some people. But at the same time, I realize most people don't really know how it works and what can happen. While I won't pretend to know it all, after 25 years earning a living in the computer technology industry I sure learned a few basic things/facts and I'd like to share some of them. Disclaimer: This is a long post. I can only hope the system can take it. And if you don't care about your privacy, don't bother reading it. First and foremost, there are no possibilities of real PRIVACY on the net. Face it. I'm sorry to blow that whistle on you if you weren't aware of it, but that's how it is... But don't get paranoid either. Not everyone is after you personally. Yet, in a somewhat impersonal way, well, they are pretty much all after you... Why is there no privacy possible on the net? For a very simple reason that I mentioned in a previous post: Quote:
And if you move/change phone number, you need to advise them. - Reality check: While these (phone number/address) may seem somewhat private to you (hey, they do refer directly to you, and you only give them to whom you want to right?) these are actually stored in databases with pretty much all the organizations you deal with and also in the rather easy to access phone book, be it printed or on the net (just try searching your name/phone number/address on the net. You'll be amazed at what you can find that is publicly available. Hell, you'll even find a view of your house on Google Street. But be aware your searches will be indexed and stored somewhere.). - End of Reality check So, as I said earlier, face it. There is no real world privacy as you need to divulge contact information at least to some people/organizations. I mean, to be totally anonymous in the real world, you'd have no phone, no address, no bills, not even a birth record. In such a case, you would not exist and you sure would not be reading this. :) Now, there is a very subtle difference between the real world and the virtual world of the net. Even if you were homeless, had no phone or anything else traceable in the real world, the very second you'd connect to the virtual world, with whatever device you want, you'd get assigned an address (called an IP address). You don't even have a choice. That is how it works, pretty much as turning a light on by flipping the switch or starting your car by putting the key in the ignition and turning it. You do it, it happens. Period. Simple enough I hope. So here you are with that nifty so called virtual IP address that allows you to communicate with the rest of the virtual world. And that IP address gets logged pretty much everywhere you'll go on that beautiful virtual world. Herein lies the lack of anonymity that most people might think they have. IP addresses have been logged on servers since the very beginning of the internet, even before it became mainstream in the early 1990's. A little sidetrack... Quote:
Yet, that been said, whatever IP you get does gets logged everywhere you go. And that is only the beginning... More and more organizations try (and succeed) to track IP addresses movements on the net. Quote:
communication technologies. Another popular quote from an American series also apply here: "Trust no one". And the "one" here is not so much an individual than a corporation. Here is an outstanding example: Mark Zuckerberg, the creator of Facebook: Facebook's Zuckerberg Says The Age of Privacy is Over At least he is being up front about this, contrarily to most other sites. Yet, that does not mean he is right or that I agree with him. Just check these: facebook privacy issues - Google Search That might open your eyes on a certain number of things. My pet peeve is that all these nifty corporations (insert whatever names you feel like here) are actually gathering data about us in all manner they can and they are using this data for their own profit while we, end users of their products, have no say about that. In my mind, this is just plainly morally wrong. Have a look at these: online privacy issues - Google Search You'll find many places you're dealing with in there. And they all do it. Now that I got you paranoid, you're probably going to try to find some smart way to bypass all this. Pretty much like using a PO address instead of your actual mail post address. Quote:
Services like these can be full of deceptions: privacy tools - Google Search And so called anonymizer tools are not reliable. Even The Onion Router (known as TOR) is not perfect: Tor (anonymity network) - Wikipedia, the free encyclopedia Quote:
|
Jo, thank you very much for this magnificent post and I do stand corrected on a number of issues. Much appreciated and well worth anybodies time.
|
My pleasure. Hopefully it will help some people.
|
Let's hope so, the thread did have 184 views as of today, so let's hope that wasn't just us. LOL
|
Quote:
They say in their privacy policy that: Quote:
I'll dig further into it when I have more time. But that little part lowers expectations a lot... |
Quote:
It is not a standard search engine like Google or Bing. Rather, it is a meta-search engine. The difference is that a meta-search engine returns results from many other standard search engines. The advantage of a meta-search engine is you get the aggregated best results from a bunch of engines. However, usually, there is a performance penalty using a meta-search engine as it queries and waits for the other engines instead of searching it's own databases. But surprisingly enough, this is not the case with ixquick. It feels as fast and responsive as Google or any other standard search engine. One other thing I like from ixquick is that they offer a SSL option for searching. SSL, while not the panacea to all privacy issues, sure is a nice feature. For those who don't know, SSL is a secure encrypted transmission protocol encapsulated within the standard HTML protocol used for transmitting web pages. That little padlock icon you get when you go to your banking site or when buying something online, that is SSL protecting your data. SSL stands for Secure Socket Layer. And a layer it is indeed, a supplemental layer protecting you. Of course, like any other security measures, there are ways to circumvent SSL. But any additional security layer can only be good. I strongly suggest you use that feature. It won't slow you down and will add to your privacy since the data is encrypted. This way, no one can know what your searching for and the results you get and use. Just for these 2 reasons, it would be worth switching to ixquick. But there is another one. They claim that they do not record your IP address (see my previous post for more info about that) and that they do not use cookies. The second claim is true. I verified it personally. Unfortunately, I have no way to verify the first. But I'm inclined to believe it is true. And this comes down as the utmost privacy you can get on the net. So a GREAT feature it is. Just remember though, as soon as you click one of the results, you're out of SSL and that site you're now visiting will record and track you IP like everywhere else. The only privacy you get is on the search itself. As Tinydick4u said, I think it's pretty secure and ixquick is now my default search engine. Give it a shot: https://us2.ixquick.com/. This is the SSL encrypted version. If you want to add it to your browsers, got there with each of your browsers: ixquick browser plugin @hoverfly: thanks for the excellent reference. |
I am pleased that this was of help. I've been using their SSL search for a good while and as Jo said, never noticed any delay that wasn't down to my rather rotten connection.
|
| All times are GMT. The time now is 02:28 AM. |
(c) Ninja Dollars