Googling Security: book that opens your eyes to how much you disclose to Google

Greg Conti -- a West Point instructor in computer science and information war -- has taken a long, hard look at the amount of information Internet users explicitly and implicitly disclose to Google and the results, collected in his book Googling Security: How Much Does Google Know About You? are sobering.

Conti enumerates all of Google's (often fantastic) services, describes how compelling they are, and then notes what information you disclose when you use them -- even when you only use them inadvertently (say, when you send email to someone with a Gmail account, or when you load a bookmarked Gmap that's been sent to a group of logged-in Google users, thus tying yourself to those users as part of the same group).

In slow, methodical steps, Conti builds his case: our complacency, Google's capacity for building compelling services, and the inadequacy of our browsers and other tools in alerting us to potential information disclosure have created a situation where Google ends up in possession of an alarming amount of information about us, our beliefs, our movements, our finances, our health, our employment and our social circles.

Conti's explanations are extremely accessible, even when discussing difficult and counter-intuitive subjects like cross-site scripting and cookies. Likewise accessible are his concrete recommendations for staunching the flow of personal information from your computer into Google's records. Finally, Conti does a great job of explaining why people who "have nothing to hide" might still want to keep their information to themselves (the approximate dimensions and characteristics of the body under your clothes aren't a secret -- but you still don't walk around naked in public and you'd resent it if someone forced you to. Private and secret aren't the same thing).

I've given the subject of privacy and Internet use a lot of thought, but even so, Conti's book opened my eyes to potential risks I'd never considered. I'd recommend this to anyone who's worried about what's happening to our ability to control the aggregation of our personal data.

Googling Security: How Much Does Google Know About You?, Slashdot review

57

  1. “…Conti does a great job of explaining why people who “have nothing to hide” might still want to keep their information to themselves…”

    I couldn’t agree more. I just got done (finally) reading Little Brother, so the subject remains awfully fresh in my mind. The bottom line to me is that privacy sustains human sanity. Without it, we lose any individual identities and slide further into the Jell-o mold of conformity. Important or inconsequential, what we know is our own, and it’s our right to keep it private, whether to our benefit or detriment. Obviously, some times are better or worse to share, but privacy should fundamentally be an individual choice.

  2. To a large extent, this isn’t new– anyone living in a small town probably has similar amounts of information about several hundred people. You might know roughly as much about your close friends and family as well.

    How the information is used is the critical point, I think.

  3. #2: the difference is the symmetry or the lack thereof.

    In a village A knows about B, but B knows equally about A.

    However, you don’t know about Google (or any other information retrieval service) as they know about you.

  4. Two options:

    1. Use Firefox with the NoScript add-on. Have Javascript disabled. Refrain from using Google’s services.

    2. Stop caring.

  5. Luckily, I never felt the need for a google account. But this makes me wonder if some email groups are as private as they appear.
    Then there is Yahoo. I wonder how they rate in comparison.

  6. I am fascinated by this idea that technology allows marketers to ‘outsource’ knowledge and awareness away from consumers, instead of people using it to empower themselves. More and more, branding budgets are relying on consumers staying unaware that many of their natural inclinations — like curiosity, or conversation — are being monetized, only they’re not getting a piece of it.

    I wrote chapters about search and community for non-marketers to explore in my new book, Branding Only Works On Cattle, if you’d like to check it out: http://tinyurl.com/69nc9s.

    I’ve also posted a free chapter on applying a videogame model to brand plans, which is at my site: http://tinyurl.com/6n58ja.

  7. A very easy way to reduce some of the information flow from you to Google is to use the great Firefox extension Customize Google. Blocking click tracking, and cookies from Google Analytics, anonymizing Goole cookies, etc. It also gives you a lot of nice settings to make your use of Google services more pleasant.

  8. S y’r prvcy dvct.

    Thn pls xpln t s why y s GGL NLYTCS n YR st.

    Ggl nlytcs:
    – trcks vrybdy vr mllns f wbsts,
    – svs vry mv w mk,
    – blds hg prfl f yr wbsrfng hbts, prfrncs, wht y lk t, tc.,
    – snds VRYTHNG T GGL !

    Y cld smply BY cmprbl tl whch ds NT snd ll r dt t Ggl!

    W d knw tht my cmmnt wll b dltd gn, n fw mnts?

  9. I like ads that are targeted off of my behavior.

    *gasp*

    I have no interest in buying a Ford, so I’m more than happy to not get Ford ads. I am interested in buying concert tickets, so I’m just as pleased to be followed around by concert ticket ads. Even better, I’ve found out about interesting things through targeted Facebook advertising that I otherwise never would have known about.

    We’ve all heard the hysterical slippery slope arguments. The trouble with slippery slope arguments is they’re based on fear, not ration. Just because some people have done one thing doesn’t mean another group will do the same.

  10. Technically speaking, how complex would developting a search equation that uses much of that almost panoptical foucaultvian information for a specific porpuse you wisely mention?

    Aside from ads moneyfactories etc etc.

    Say, pinpointing someone or a group for so called illegal activities, proving someone cheated on her wife, etc etc?

  11. You beat me to it, Whatevah_888!

    People should open their page’s source code and scroll to the very bottom. You’ll see two things:

    – Tracking code for Federated Media, the advertising network that serves BoingBoing’s ads. They save and mine your personal browsing behavior for advertising purposes.

    – Google Analytics code, which Whatevah_888 already noted.

    Mind you, I have no problem with this. It’s just a bit precious to see Cory rant about these practices while he supports them on his own site.

  12. Paraphrasing a friend: Some of the most pro-privacy-rights folks we know — the ones who object to the government knowing anything at all about them — have their entire private lives flowing through their GMail accounts without ever asking about GMail’s security.

    Personally, I trust Google per se to stand by their privacy agreements. But I don’t believe I can trust all their employees, and we have to remember that privacy agreements can be changed at any time — if Google ever gets bought out, for example, all bets are off.

    Then again, some people are comfortable putting huge amounts of personal detail in their blogs, including everything from their sex lives to when their house will be unoccupied… so maybe the concept of privacy was strictly a 20th-century phenomenon and I’m just a reactionary old fart.

  13. I use NoScript and block google analytics.

    Makes my browsing oh so much faster.

    The tracking things are the worst. Before NoScript I had to constantly clean out those damned things. Now, no problems and fast browsing.

    Firefox and NoScript are THE way to fly!

  14. #16- I agree, Cory should answer this. He does a lot of good thinking/writing about privacy, but how about when it affects the bottom line?

    My judgment with Google is that by the time someone wants to use Google’s data to “get me” I’m probably already screwed anyhow.

  15. Little brother was a great book, but didn’t contain enough practical tips!

    Having said that, you might be interested to know that Adobe FLASH is used to track your habits as much if not more than cookies.

    Unique PC identification (and a host of other things) are trivial to do through flash animations, and cookies are last millenium technology at this point.

    Lastly, you can clear your cache and cookies as much as you like – but the SWF/flash cache will still be there. We use it to bust porn surfers all the time.

    If you really want a scare, watch the traffic between your PC and the internet with an analyzer. You’re WAY more easy to identify than you think.

  16. Hold on guys. Mr. Doctorrow is simply pointing us towards the publication of a book by a certain Greg Conti, which he admits has been an eye-opener for him. In other words, the characteristics of his behaviour on the Internet up to this point have not been motivated or influenced by an awareness concerning this particular subject matter.

  17. “Cory’s obviously all bark, no bite. He has no belief in his own principles. Sure, he -says- privacy, but put his back to the wall and he’ll say otherwise!”

    You guys are being kind of rude. Like wolves, or journalists- I’m not sure which is worse. What are you looking for here? Cory to admit that he’s known that he’s compromising information all along, and let out an evil cackle for the forces of DRM and Labor? Or for him to say oh no, I’ll get right on removing ourselves from an association with Federated Media?

    Well then. I propose anyone who has problems with the ad systems fund Cory himself.

    The ad systems won’t go, even with this information, and that’s fine and dandy. The ‘bottom line’ Daephex? Are you insinuating that this has to do with profit?

    I don’t know that the site could -exist- on a free basis without ad systems. In fact, I think it would not. So… what bottom line are we talking about here? What if a compromising privacy by ad systems that pay enough to sponsor the site is painfully necessary?

    Think of it this way. Buying a megaphone from the bad guys is profiting them, a little bit, but if you shout information from that megaphone to make everyone else more aware, well, you’re doing more good than harm.

    If you don’t feel the same way, then take measures to protect yourself from targeted ad systems. They’re not nice. They do harvest information. But you wouldn’t even be thinking about the threat if you hadn’t read it somewhere.

  18. Hmmm. If this Federated Media profiling is so good, how come I get such shitty ads on BoingBoing? Just about every page I get one or even two banners telling me that I am the [blank] visitor to see the lucky banner and I can click to claim or cancel. There’s rarely ever anything else.

    Come on guys, these ads look exactly like classic malware suck-ins that mousetrap you either way and they really cheapen BoingBoing. Not to mention the fact that they flash at me – at least they stop flashing before they trigger my migraine or epilepsy.

  19. from the Moderation Policy:

    Q. Aiiiiiiieeeeeeeeee! Boing Boing has advertising! Doesn’t that mean you’ve become hopelessly corrupt?

    A. You mean, unduly influenced by whatever advertisers are the source of the site’s revenue? Don’t worry about it. Boing Boing’s editorial content is unaffected by its ads.

    Q. But–but–those people are giving them money! How can they not be affected?

    A. (The moderator speaks solo: “In order for the Boingers to be unduly influenced by who advertises on their site, they’d first have to reliably remember who those advertisers are. Trust me: this is not an issue.”)

    Q. But you take ads from Microsoft!!! Aren’t they the root of all evil?

    A. This is rank Manichaeanism. Go lie down with a cool wet cloth on your forehead until you feel better.

  20. I’m not “insinuating” a damn thing. I’m curious about the answer to an honest question.

    For the most part I like BoingBoing, but I’m not 100% ready for the Kool-aid, sorry. I think the moderation is sometimes harsh, and occasionally one-sided. I’ve also run into more than a few hypocritical moments, this seemingly being one of them.

    When you think about it, BB might even be considered in a worse light than Google, which is providing useful services to a huge percentage of net users. BB is popular, but perhaps mostly due to the writers’ charming ability to dress up the fact that they just trade a few days’ worth of link love for your content. Fun, but hardly an amazing innovation.

  21. Takuan, quoting boingboing’s public policy is not an adequate argument against misuse, considering that this topic is about Google’s privacy policy not being an effective safeguard against misuse.

    Though I don’t know him personally, I suspect that Cory’s ideas about privacy and censorship have not entirely overlapped with BoingBoing’s (or more specifically, Happy Mutants LLC) for quite some time.

  22. This offers a good opportunity for me to recommend the googlePrivacy script for Greasemonkey. It basically replaces Google’s cookies with random nonsense whilst (mostly) keeping your preferences intact (for some reason the SafeSearch preference keeps reverting to the medium default). Not a complete solution, but simple, unobtrusive, and it works.

  23. We are trying to get answers to some of the questions that have been asked here. That’ll take a little while.

    Now: we have two options. One is that we can have a measured, reasonable discussion while we wait.

    The other option, which is what will happen if some of you don’t calm down and stop acting like Chicken Little — Whatevah, I’m looking at you, though you’re not the only one I’m keeping an eye on — is that we can temporarily close down this thread until we have more information.

    Oh, and the next person who posts all-caps will have that portion of their comment disemvowelled. That one’s in the moderation guidelines.

  24. Tenn, did you mean to say that Cory has no belief in his own principles, or were you lampooning other commenters?

  25. quite sure she just forgot the quotation marks, but I’ll let the little hellion answer for herself. (that oughta get her attention!)

  26. <>Wll thn. prps nyn wh hs prblms wth th d systms fnd Cry hmslf.

    dn’t thnk tht w’r bjctng t dvrtsng n BngBng. t lst, ‘m crtnly nt. thnk tht nln dvrtsng s fbls: t lts s ccss wndrfl thngs fr fr. Nc!

    Th bjctn s t Cry’s prmtng bk bt th dngrs f shrng nfrmtn wth Ggl whl wllflly shrng r nfrmtn wth Ggl. f tht’s nt hypcrtcl, ‘m ntrstd t knw why. H “rcmmnds ths [bk] t nyn wh’s wrrd bt wht’s hppnng t r blty t cntrl th ggrgtn f r prsnl dt” whl h hlps Ggl ggrgt r prsnl dt.

  27. Thnks fr skng, ntns! Hr r fw ptns fr Cry;

    1) Stp mlgnng nfrmtn shrng prctcs n whch h wllngly prtcpts.

    2) Rmv Ggl’s nlytcs cd nd sbscrb t srvc tht ds nt ggrgt r shr nfrmtn.

    3) Rmv thr trckng cd (Fdrtd Md, trckng/rtrgtng pxls frm thr d ntwrks, tc) tht vlt hs prfssd prvcy crd.

    4) Chng BngBng’s tgln t ” Drctry 1) f Wndrfl Thngs nd 2) Tht Shrs Yr Brwsng Hbts Wth dvrtsng Crprtns.”

    Ths ll bls dwn t qtbl phrs:

    Prctc wht y prch. spclly whn y’r ldng fgr n schl f thght.

  28. where is the proof there is any “willing” participation?

    Everyone deplores parts of the society and economy they belong to. Some of those deplored parts can be walked away from, others not so simply.

    I’m satisfied myself that Cory et al are pointing in the right direction. I appreciate they sound alarms about things I might miss or never know of.

    Since they don’t moralize or claim perfection, they just give information and make recommendations to the best of their knowledge, I see no grounds for what amounts to an accusation of hypocrisy.

    They are practicing what they preach.

  29. <>whr s th prf thr s ny “wllng” prtcptn?

    n thr nstllng Ggl nlytcs cd n BngBng. T d s, n mst sgn p fr n ccnt nd cpy/pst cstm cd nt th pg’s src cd. Tht snds prtty wllng t m.

    <>Snc thy dn’t mrlz r clm prfctn

    thnk tht’s whr w dsgr. dn’t thnk Dvd, Xn, r Mrk mrlz bt CVLB tpcs, bt thnk Cry ds. Lttl Brthr’s mrl ws ths vry tpc. Bcs f tht, hld hm t dffrnt stndrd.

    Mnd y, fl lk ‘m gttng trppd n n f ths nln cnflgrtns. dn’t <>rlly cr t mch. ‘m mr crs t hr wht Cry hs t sy n rspns thn m n nlng hm t th crss.

  30. Hey guys, can we not loose the dogs of war just yet? There’s still a chance of something productive coming from all this.

    Namely, is anyone aware of any ad-networks which have sane privacy policies that include a hard date for deleting any and all data, and/or (unlikely) collect less intrusive information?

  31. Tenn, did you mean to say that Cory has no belief in his own principles, or were you lampooning other commenters?

    The little hellion doth dust herself off and apologize for her failure to properly denote her sarcasm.

    I’d blame the inefficient arena of the printed word, however, I’m quite prone to indistinguishable sarcasm in my verbal conversations as well.

    Which is to say that Cory is the bees’ knees, and certainly not a hypocrite.

  32. JFlex, feel free to write to me and explain why your account should be reinstated.

  33. While we are talking about advertising, is anyone else getting the flashing “lucky” banner ads that say we have won something, and click to claim an unspecified prize?

    Normally when I see an ad like this on the web I dismiss the site as malware infested, quit my browser (force quit if need be) and never go there again. But I want to keep coming to BoingBoing.

    For me, these ads are sometimes breaking up as if they are trying to fit where they can’t fit, e.g. a vertical banner in a horizontal space. It is as if they are not meant to be there.

    Has BoingBoing been pwned, or have I?

    1. I have gotten some scary ads like that. BB isn’t infested with malware yet. Between the Boingers, the tech people and the mods, we keep a pretty close eye on things.

  34. I’m glad I refuse to puzzle out disemvowelled comments (partly because I’m really slow at it), but I wonder if a trash bin thread might be an idea worth considering? You know, toss athe original in the trash, then if somebody REALLY wanted to read what the offender said….

    Just wandering.

  35. I turned off my adblocker, but I’m not getting any of those flashing ads Pam.

    A quotation edit? That would be great. Thanks, Mom. -Scuffs toe in dirt-

    I dunno, Takuan, but there’s always the end.

    I won’t have an opportunity to read this book anytime soon. Wayyy out of my price range, especially during the holiday season. Any idea about e-versions?

  36. I’d like to point out that Conti’s book isn’t about Google Analytics per se; it’s about Google use, period.

    Read on.

    Pam @43, what you’re describing there is a problem. We’re not supposed to get served ads like that. I’ll pass that along right now. Thank you for pointing it out.

    Meanwhile, in re your comment @23, if you’re seeing ads that don’t interest you, most likely it’s because the machiavellian targeting system imagined by some other commenters here doesn’t actually exist.

    Beelzebuddy, what I know is that a lot of major publishers rely on Google Analytics. If this were an immediate security problem, there would be screaming headlines. You know, I know, there aren’t any such headlines. What Conti is talking about is a potential long-term structural problem related to Google use in general: Google Search, Gmail, Google Maps, Google Calendar, and (yes) Google Analytics.

    There’s no particular reason to believe that Google is currently acting in bad faith. If I understand him correctly, what Conti’s saying is that if at some point Google did decide to act in bad faith, this structural problem would put them in a good position to do so. And since none of us want to have to wonder how carefully Google keeps information about our identities separate from information about our behavior, or how long they’re going to hold on to that information, or whether less enlightened people might be running the company in the future … we feel some concern. It’s important, but it’s not an all-caps kind of thing.

    Here’s another thing I know: Federated Media is just using Google Analytics to keep track of basic information. There’s no deeply nuanced scheme — no scheme at all, really — to use that basic data for nefarious purposes. And to the very, very best of my knowledge, no one at FM has time for nefarious purposes. They have a business to run.

    (Did anyone else notice that JFlex’s noise only made sense if you assumed the Boingers, FM, and Google were all simultaneously acting in bad faith in order to pursue a purely speculative long-range project whose unspecified benefits (collect underpants: profit!) could only accrue to Google? Sheesh.)

    Next, Beelzebuddy: please forgive me if what I’m about to demonstrate is something you’ve known for ages.

    Go to this site and read the information.

    Go here and click on “view more details”.

    Go here and start scrolling down.

    See all that information? Your IP address, service provider, geolocation, port, platform, browser, plug-ins, add-ons, site you came in from, etc. etc. etc., all the way down to your screen resolution and font preferences? You leave all that data behind at every page you visit. Some sites log it; others don’t. Some of the sites that do log it tell you that you’re doing so, but you sure can’t count on it.

    Last two questions: 1/1: If there were a bit of software — say, a Firefox plug-in — that was absolutely guaranteed to keep every site, site counter, logging system, etc, from registering your presence, would you use it? 2/2: How much do you love the mainstream media?

    Advertisers won’t buy ad space if they don’t have any idea how many readers will see it. The mainstream media can provide that information to potential ad buyers. I’m not saying that internet users should give up their privacy, but it’s good to be able to keep a rough count of you guys and know approximately where you’re coming from.

  37. Teresa, you say “…we feel some concern. It’s important, but it’s not an all-caps kind of thing”

    I think you “misunderestimate” the issue. You have to consider the following:

    It’s an old story: technology doesn’t evolve linearly, it evolves exponentially (because it’s *increasingly* technology that makes technology evolve). Change in our world is coming at us at increasingly higher speed. This means that you can’t take the past and extrapolate, as tempting as it is. A “tiny issue” today can become a huge problem quickly. And that’s what is about to happen here with Google (and Facebook, etc.) collecting all that data about us. It’s becoming easier and easier to merge all that data and various profiles about us into 1 profile per person (and then to link it to our *real* identities, thanks to services like Facebook et al.).

    Huge chunks of user data has been “lost” before by search engines (I’m not sure which one it was, I believe it was Yahoo) and it was possible to *identify* people based *only* on their search history in that *one* search engine.

    I’m not even saying it’s Google acting in bad faith. They may or may not. But you have to consider that other people are heavily interested in those huge amounts of data, as well. This may include government agencies or simply hackers with economic interests. And both of them can rarely be held accountable for their acts (see for example Bush currently defending telecoms that have been caught illegally snooping on US citizens).

  38. “Here’s another thing I know: Federated Media is just using Google Analytics to keep track of basic information. There’s no deeply nuanced scheme — no scheme at all, really — to use that basic data for nefarious purposes. And to the very, very best of my knowledge, no one at FM has time for nefarious purposes. They have a business to run.”

    The “nefarious” part is the business model itself. Often-times, we as mere peons, are indoctrinated to the fact that “business is evil”. We see it daily: CEO’s receiving large bonuses while the company they manage fails, huge severance packages, and stock holder shenanigans.

    Collecting information in and of itself is relatively harmless. It’s how that information is used. Since Google, et al., have no transparency, people ASSUME that it’s an evil purpose. Since it’s also business, that purpose must be economical in nature. With the rise of economic crimes tied to information (ie, identity theft), people’s fears are not entirely unfounded.

    What you must realize is, that they are fears. And fear is what inspires things like the TSA and Gitmo.

    Back off BB. They’re not “out to get you”, they are out to survive. And in the world of blogs, interwebs, hostings, and bandwith, survival isn’t cheap.

    /rant off

  39. Thanks, Teresa and Anonymous 56 for calm, rational comments.

    Now for somethings not so calm and rational.

    #1, Yahoo and human rights:

    http://www.csmonitor.com/2005/0909/p01s03-woap.html

    Isn’t that a more startling story? This isn’t potential privacy invasion, this actually happened.

    #2, Yahoo, MSN help Chinese Government ID Rioters

    http://observers.france24.com/en/content/20080321-yahoo-msn-used-root-out-tibetan-rioters-china

    Ditto.

    #3, AT&T and illegal surveillance

    http://news.cnet.com/8301-10784_3-6058346-7.html

    Finally, #4, Telecoms’ Anti-Google Think Tank (Precursor Group)

    http://www.portfolio.com/views/blogs/the-tech-observer/2008/12/05/google-blasts-payola-pundit-over-telecom-funded-study

    Which makes me question most anti-Google books and articles the moment I see them. I agree that it’s scary to put personal information out there for ANY company to view, but Google fought hard to protect user information when the Fed tried to take it to see what we’ve been Googling. The company’s motto is, “Don’t Be Evil.” If they flip on that, they will tank because they have set the bar high, and they know it.

Comments are closed.