How do you manage your google dependence?

Discussion in 'privacy problems' started by Gnikf, Mar 7, 2013.

Thread Status:
Not open for further replies.
  1. Gnikf

    Gnikf Registered Member

    Joined:
    Aug 15, 2012
    Posts:
    40
    ok a lot of people have

    - gmail (they know what you talk about)
    - chrome with synced bookmarks and passwords (they know all the sites you visit and all your passwords and what you search for)
    - android phone (they know where you are and maybe who you speak with)
    and probably bunch of other things

    If you use one account for all it's a bit too much isn't it?

    Now most of their services are really super useful (and free) so if you are not a criminal but just a privacy concerned person, I would still use them, but lets discuss ways to minimize the waterfalls of information you leave.

    So I guess what I'm asking is how do you go about, not giving up most of the cool google services but still having some privacy?
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Your Chrome data, like bookmarks, and especially passwords, is encrypted locally. All they have is a hash of the password.

    The easiest way to avoid Google is to avoid Google. If you think Google is evil, don't use their products.
     
  3. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    FWIW, most people are significantly exposed to Google even when they don't personally use gmail, chrome, and/or android devices. Other potential exposures would include:

    Direct exposures:
    - Search
    - Youtube
    - Maps
    - News
    - Feedburner
    - VirusTotal
    - Etc

    Indirect exposures:
    - Visiting sites that use Google maps
    - Searching at sites that use Google search
    - Clicking on links at sites that use feedburner links
    - Visiting sites that use Google analytics
    - Visiting sites that use Google hosted libraries
    - Visiting sites that are hosted by Google
    - Visiting sites that use Google ads
    - Calling and/or text messaging Android device users(?)
    - Sending email to those who use gmail
    - Sending email to those who use Postini Google Apps platform
    - Using a browser with Google Safe Browsing API based URL checking enabled, particularly if the implementation sends cookies
    - Neighbors that enable WiFi based geolocation and end up reporting your AP's info to Google
    - Etc

    So as you think about Google related privacy issues, be sure to factor in other things and what if any steps you are taking to avoid/minimize the other exposures.
     
    Last edited: Mar 7, 2013
  4. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    Use an alternate search engine, like Ixquick for one. Set it for your URL searches as well. Don't use Google services. Don't allow Google scripts (NoScript)... never are they needed for the functionality I require.

    The only exception for me is that I have a Youtube account. I need to allow google cookies temporarily to sign in. But even then I encrypt the cookie over HTTPS via NoScript cookie management. And I opt-out and anonymize any usage info. in the privacy settings. Back in the day I used the OptimizeGoogle addon before it was abandoned too, which accomplished the same thing.

    I even disable the "safebrowsing" stuff in Firefox's about:config. I can search safely on my own just fine, thank you. I try to avoid connecting to Google servers as much as possible. I also block it in Sandboxie's settings.

    Then there's ABP, of course. And CS Lite as well helps me.
     
  5. jo3blac1

    jo3blac1 Registered Member

    Joined:
    Sep 15, 2012
    Posts:
    739
    Location:
    U.S.
    Search Engine: Bing
    Email: Gmail
    Phone: iPhone with Opera Mini :)
    Browser: Firefox
    Privacy Extensions: NS, ABP, Disconnect Me, Self Destructing Cookies

    I have spread out my dependence. Yes I still use gmail but only for email, I use different providers for everything else. I don't seek to get complete independence from one provider but I for sure don't want one provider to have everything on me.
     
  6. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,709
    There was a time when I was half-convinced by "Google is evil". I had what some people call "tinfoil hat" (be it healthy or otherwise) for a period of time and went all-out to block as much Google as I could. I understand the need over all of these Google concerns.

    It's just that as time passed by, my concerns outgrew me. I figured that I'm already using Google products/services...be it willingly or forced upon me. If I'm going to extensively put in my efforts to so-call "block them", it just felt contradictory and wasn't worth my time.

    I won't argue the obvious...it would be better privacy-wise. The only question is....how much of that is worth it to me? I don't know...it's just that I realized it's no longer my cup of tea. You can call it my enlightenment or my ignorance. Perhaps even laziness! Maybe I'm tired of ito_O

    Nowadays, all I do for managing Google dependence is what I've been doing all along. Nothing specific that's 'anti-Google' anymore...

    Google search - I used to jump about the alternatives (IxQuick, DuckduckGo, you name it, etc) and still do but I find myself going back to Google more often than not so I can't be bothered anymore. Most of my search are done without me being logged in.

    Google ads - mostly blocked because I just find them annoying.
    Gmail - They're not my primary accounts.
    Chrome - Most of the 'privacy issues' are opt-in now.
    Android phone - I use an account specifically for my phone.

    No GPS or location services because I don't have a need for them.

    I won't go into details but that sums up most of it. Google...evil or not I no longer care. There you go...I just joined the devil.
     
  7. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    I assume you are referring to the ability to compile/correlate data and create a profile.

    Well that has been possible for years. Information about anyone can be compiled from a user's:

    --> library card

    --> retail rewards card (shopping history)

    --> telephone records (both landline and cell)

    --> credit cards (purchasing history)

    --> Tax records

    --> Credit history (as seen in the recent breach)

    --> Public records, ie, home mortgage

    ... and more...

    In all of the above, the person's name and address are part of the data.

    At least with the google stuff, all they have (except for the phone) is an IP address, which can change dynamically. Also, doesn't it take a persistent cookie to keep a record of this stuff?

    It seems to me that Facebook and other social media are more pernicious and provide more personal information than most internet services. Most recently:

    Facebook "like" patterns reveal trove of personal information to others, study finds
    http://www.nydailynews.com/news/national/facebook-buttons-reveal-secrets-article-1.1285566

    Not that the google stuff might not be important to someone, but should be considered relatively, it seems to me.


    ----
    rich
     
  8. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
  9. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    IP Addresses can change, but whether they actually do for all readers and if so how frequently are questions each user should try to answer. There is also the question of how large is the pool from which their IP Address will be assigned. That could be much smaller than you think. Cookies, LSOs, unique identifiers stored in other browser storage, "super cookies", etc have been frequently discussed here so no need to go into those. Does anyone here know if Chrome sends any other type of GUID during update checks, SafeBrowsing checks, what have you? Conceptually speaking, a new IP Address starts to become "contaminated" and associated with activity from the old IP Address the moment it is used to send any old unique identifier to Google, or you log into the same Google account, let your Android phone connect out through your WiFi and home IP Address, stuff like that. Browser fingerprinting has also been discussed here numerous times, so presumably we all realize that a "fingerprint" can substitute for a unique identifier. Now think about all the different types of activities, services, website visits, etc that would cause someone's machine to come in contact with Google. Theoretically, Google could factor all of that into the fingerprinting equation.
     
  10. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    I confess to not having given this much thought...

    What can google do with this? Can it connect somehow with your name and address? (the phone, of course will have this)


    ----
    rich
     
  11. SouthPark

    SouthPark Registered Member

    Joined:
    Jun 13, 2012
    Posts:
    260
    Location:
    USA
    What works for me:

    Browser - Chromium (Chrome without the Google branding and "helpful" features) with ABP and Ghostery

    Search - Ixquick

    Maps and Translations - Bing

    E-mail - Yahoo
     
  12. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Google, or someone using its data (maybe plus data from Facebook, Amazon, Twitter, etc) would know all of the meatspace things that you listed plus everything that we reveal online. They can model us ;)

    If we compartmentalize our online activity across multiple identities, we make that synthesis harder and more ambiguous.
     
  13. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    I don't know what you mean by "meatspace things" and "model us."


    ----
    rich
     
  14. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Sorry.

    By "meatspace things", I meant:

    By "model us", I mean that they can construct behavioral models, and use them to predict what we may do, when, with whom, and so on.

    For most of us, it's mostly just about what ads we'll like. But for some, the stakes are far higher.
     
  15. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    OK, thanks. I couldn't find "meatspace" in the dictionary.


    OK, now I understand better what you are getting at.


    ----
    rich
     
  16. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Here's probably more than you wanted to know ;)

    -http://ask.metafilter.com/15851/Origin-of-the-term-meatspace
     
  17. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    If you have 1) the ability to distinguish/recognize entities and the activity, information, etc that pertains to each, you have 2) the ability to link pieces of information together to build up a separate history/profile on each entity. That is the root privacy issue. Why? If "personally identifiable information" (in this post I'm using the term to refer to "traditional" forms such as name and/or street address) have somehow previously been connected to a profile, subsequent information appended to the profile will also be connected to the previously acquired "personally identifiable information". Even *if* "personally identifiable information" has not yet been connected to the profile, there is the possibility that it will be connected to the profile in the future.

    I think Google's visibility into the activities associated with an IP Address would allow it to make better use of IP Address for purposes of 1 and 2 above.

    The are various ways companies can link "personally identifiable information" to profiles. Someone may directly or indirectly give the company such information when making a purchase or signing up for a free service. The company may use an appending service to lookup such information using something they have in hand (email address, possibly IP Address along with a timestamp, other unique identifiers that the company has and the appending service provider also has). The company may enter into a joint marketing agreement with another company and exchange records. The company may be bought out, or may buyout another company, causing records to be merged. The company could engage in datamining of information they receive and/or that which is available on the Internet. If the company in question is an email provider, it could examine email messages sent to its users and extract the sender's name, email address, and sometimes IP Address from a Received: header. If the company in question runs a URL checking service, it could look for those URLs that correspond to posting specific pages at public forums that include a post id in the URL. Then later retrieve that post and extract the nickname of the poster, thus ending up with a nickname (and possibly real name) to go along with the IP Address which submitted the URL for checking. There are lots of possibilities here and surely more than I can think of.
     
  18. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I couldn't help but laugh at the title of this thread. Myself, I don't use any Google services or software. Since Google took it over, I've stopped using VirusTotal. The only time I visit U-tube is via anonymous proxy.

    My firewall, Kerio 2.1.5 lets you specify a custom address group, which can include individual IPs and IP ranges. I've added all of the IP ranges for Google that I know of plus the IP ranges of many other trackers to this group. My first firewall rule blocks access to all those IPs for every installed application.
     
  19. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    @TheWindBringeth

    What you said :thumb:
     
  20. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    Actually, all free email accounts are allowed to read your personal email, and which is probably why Google didn't counter-advertise against Microsoft/Outlook's Scroogled commercials(because pointing the finger back would have only brought more attention to this intrusive practice).

    Well, as far as all the sites you've visted, you might want to try this little program called DNT from Abine. It seems to work pretty good, although every once in a while, the DNT software will inform you that there are a few sites that aren't suppose to function as well without Google's or some other sites' tracking.

    Also, DNT doesn't work if you're using IE's 'Saftey/InPrivate Browsing'(another option) since IPB essentially already functions like DNT.
     
    Last edited: Mar 20, 2013
  21. chiraldude

    chiraldude Registered Member

    Joined:
    Jul 3, 2010
    Posts:
    157
    I understand about all the privacy concerns but I have found Google intrusion into my privacy to be nothing more than a minor annoyance.
    Using Chrome, I search for "stuff" and magically, every website I visit is surrounded by advertisements for exactly the same "stuff".
    Funny thing is that Google has no idea why I search for the things I search for. They just assume that I am the same as all other web surfer dudes.
    They are always wrong! I have either, purchased the item and don't need more, decided it is not what I want, or was just doing research looking for something else.
    At least for now, I am quite unimpressed by Google's tracking technology.
     
Loading...
Thread Status:
Not open for further replies.