• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

Google and Privacy: Our Way, Please

Google has made its privacy stance known. The Register reports, “Google Takes Sole Stand on Privacy, Rejects New Rules for Fear of ‘Authoritarian’ Review.” The company’s solitary “no” vote halted a proposed charter revision at the W3C’s Privacy Interest Group (PING). The proposed revision would have slightly changed the charter to allow for recommendations to be made to groups that set processes, consult reviews, and approve the progression of standards, as well as require considering existing standards alongside new ones, according to PING member and author of the original charter, Nick Doty. The vote had to have been unanimous to pass, and Google says it put its foot down to avoid “unnecessary chaos.” Writer Thomas Claburn reveals:

“As The Register has heard, the issue for Google is that more individuals are participating in PING and there’s been some recent pushback against work in which Google has been involved. In other words, a formerly cordial group has become adversarial. The required context here is that over the past few years, a broad consensus has been building around the need to improve online privacy. Back in 2014, not long after Edward Snowden’s revelations about the scope of online surveillance transformed the privacy debate, the Internet Engineering Task Force published an RFC declaring that pervasive monitoring is an attack on privacy. That concern has become more widespread and has led to legislation like the California Consumer Privacy Act (opposed by Google) and efforts by companies like Apple, Brave, and Mozilla to improve privacy by blocking ad tracking. ‘The strategic problem for Google, with Apple, Brave, Mozilla, Samsung all blocking tracking, is how to preserve their business advantages and share price while appearing to be “pro privacy,”’ said Brendan Eich, CEO of Brave, in a message to The Register.”

In a move some called “privacy gas lighting,” Google proposed a “privacy sandbox,” their plan to change the very way cookies work to preserve privacy without sacrificing advertisers’ tracking ability. Why would they go there before PING got the chance to review other specifications? There are already browser-based privacy protections that need standardization, Eich emphasizes, and the W3C is obliged to do so. Google did not respond the Register’s request for comment.

Cynthia Murrell, October 25, 2019

Emailing Phishing: Yes, It Works

Phishing scams aka spam are arguably the oldest Internet scam. One would think that after almost thirty years with the Internet and email, people would have wised up to phishing scams, but no. People still fall for them and ZDNet has an article that explains why, “Phishing Emails: Here’s Why We Are Still Getting Caught After All These Years.” Here is an interesting fact, phishing emails are actually the first stage in security and data hacks within the past few years.

Google blocks more than 100 million scam emails a day and 68% of the messages are new variations of ones already blocked. What is even more interesting is who the phishing campaigns target. Enterprise users are five times more likely than a regular Gmail user to be targeted, while education users are two times more likely, government workers are three times likely, and non-profits have a 3.8 more likelihood than regular consumers. The scams only last a certain length of time to avoid detection, sometimes they last hours or only a few minutes. The scams mask themselves:

“While bulk phishing campaigns only last for 13 hours, more focused attacks are even more short lived; what Google terms as a ’boutique campaign’ — something aimed at just a few individuals in a company — lasts just seven minutes. In half of all phishing campaigns, the email pretends to have come from the email provider, in a quarter it claims to be from a cloud services provider; after that it’s most likely masquerading as a message from a financial services company or ecommerce site.”

An even scarier fact is that 45% of the Internet does not understand phishing scams. The phishing bad actors play on the naiveté and use psychological tricks, such as urgency and fear, to get people to comply.

People need to wise up and be aware of Internet scams and phishing attacks. Be aware that a reputable company will never ask for your password and always check the email address to see if it appears suspicious. If it has lot of numbers and letters and does not come from the company’s official domain, it is a scam.

Whitney Grace, September 19, 2019

See (at Least Some) of the Data Google Collects About You

This SGT Report headline may not be strictly true, but the write-up is interesting nevertheless. They claim, “Google’s File on You is 10 Times Bigger than Facebook’s—Here’s How to View It.” Keep in mind that SGT Report can publish some interesting and often difficult to verify information.

The article extrapolates its figure from the experience of one developer:

“Curious about just how much of his data Google had, web developer Dylan Curran says he downloaded his Google data file, which is offered by the company in a hub called ‘My Account.’ This hub was created in 2015, along with a tool called ‘My Activity.’ The report issued is similar to the one Facebook delivers to its users upon request. Whether or not these reports are comprehensive is still up in the air, but Curran says his was 5.5 GB, which is almost ten times larger than the one Facebook offered him. The amount and type of data in his file, Mr. Curran says, suggests Google is not only constantly tracking our online movements but may also be monitoring our physical locations.

We noted:

“Curran’s Google report contained an incredible amount documentation on his web activity, going back over a decade. But perhaps more importantly, Google had also been tracking his real-life movements via his smartphone device or tablet. This included fairly random places he’d frequented, many of the foreign countries and cities he visited, the bars and restaurants he went to while in these countries, the amount of time he spent there, and even the path he took to get there and back.”

Though we cannot tell whether this much Google-gathered data is typical, it is true big tech companies gobble up a lot of user data. It is also clear that one should take the promises of Chrome’s “incognito mode” with a grain of salt. Concerned readers may want to navigate to the links the article shares for taking some control over this data: Here Google account holders can turn off location tracking and other features of Google apps; at this link you can set advertising preferences; and this is how to download that Google data file like Curran did.

We are not sure Google is really collecting 10 times more data than Facebook, but how one’s personal data is being collected and used online does warrant attention.

Cynthia Murrell, September 10, 2019

Google Cookies: Dancing Around

In my Google Version 2: The Calculating Predator, I summarized a number of Google innovations which embed tracking. One of the more interesting approaches was for Google to become the Internet; that is, when you run a query, you are accessing the Internet as it exists within Google. (If you want more information, write benkent2020 @ yahoo dot com. I sell a set of “fair copies” of these original books I submitted to a now defunct publisher in Brexitland. There are some minor typos and a dropped graphic or two, but the info is there.)

I wrote the Google monographs in 2003 to 2008.

The tracking functions, the walled garden, the Google version of the Internet — each of these were in place more than 15 years ago. Therefore, any modification of Google’s cookies polices and the associated technology like Ramanathan Guha’s and Alon Halevy’s innovations is a very big job. Given the present state of the Google architecture, I am not sure that the existing crew of 100,000 plus could make such modifications without having many Google services break. “Services”, however, are not what users experience. The services are the internal operations that ensure ads get displayed, the click stream data are collected, the internal components have access to fresh user behavior data, and the public facing outputs like search results, “did you mean”, and even the “I’m feeling lucky” are in line with what Google’s financial demands require. Remember: Ads have to be displayed and users induced to click on them to make the Yahoo-GoTo-Overture inspired system function.

Cookies, including the special DoubleClick variety and the garden variety “expire a long time in the future” type are important to the Google system. If you can’t find content in an index, the reason may be that the site’s content is no longer generating clicks. Indexing becomes more important with each passing day. How does one control costs? Well, those cookies and beacons are helpful. No signals of click love, then less frequent or zero indexing. Thus, indexing costs can be managed which is almost impossible if a spider just follows links, changed content, and new information. Where is an index to the content on “beat sites” like Beatstars.com? Answer: The content is not indexed if our recent test queries are accurate. (I know, “What’s beat content? Not in this write up, gentle reader, not in this write up.)

Against this background I want to call your attention to “Deconstructing Google’s Excuses on Tracking Protection.” The write up is a reasonable analysis of Google saying that it wants to be more respectful of user’s privacy.

DarkCyber thought the summary of cookies was good. Here’s the passage we circled:

Our high-level points are:

1) Cookie blocking does not undermine web privacy. Google’s claim to the contrary is privacy gas lighting.

2) There is little trustworthy evidence on the comparative value of tracking-based advertising.

3) Google has not devised an innovative way to balance privacy and advertising; it is latching onto prior approaches that it previously disclaimed as impractical.

4) Google is attempting a punt to the web standardization process, which will at best result in years of delay.

My concern is that this type of write up does not specifically state what Google is doing. The use of the phrase “gas lighting” and the invocation of Shoshana Zuboff’s The Age of Surveillance Capitalism are very trendy.

Unfortunately, plain talk is needed. With Google search the primary conduit of what is “important”, the game is no longer one of cookies.

Exactly what can a government or a committee do to address more than 15 years of engineering specifically designed to track people, cluster individuals into groups, predict what the majority of those in a statistically valid cluster want, and make sense of individual user behavior cues?

One step may be that writers and analysts adopt a more direct, blunt way of explaining Google/DoubleClick tracking. The reason individuals do not speak out is that there is what I call “Google fright”. It affects news release services. It affects analysts. It affects “real journalists.” It affects Google’s would be government watch dogs.

Who doesn’t want a Google mouse pad or T shirt? Darned few. Fear of Google may be a factor to consider when reading about DarkCyber’s favorite ad supported, Web search system.

Stephen E Arnold, August 28, 2019

A Partial Look: Data Discovery Service for Anyone

F-Secure has made available a Data Discovery Portal. The idea is that a curious person (not anyone on the DarkCyber team but one of our contractors will be beavering away today) can “find out what information you have given to the tech giants over the years.” Pick a social media service — for example, Apple — and this is what you see:

A curious person plugs in the Apple ID information and F-Secure obtains and displays the “data.” If one works through the services for which F-Secure offers this data discovery service, the curious user will have provided some interesting data to F-Secure.

Sound like a good idea? You can try it yourself at this F-Secure link.

F-Secure operates from Finland and was founded in 1988.

Do you trust the Finnish anti virus wizards with your user names and passwords to your social media accounts?

Are the data displayed by F-Secure comprehensive? Filtered? Accurate?

Stephen E Arnold, July 18, 2019

Qwant Pitches Map Privacy

Digital maps are an indispensable tool, especially if you ceaselessly use a GPS.  While digital maps are accurate, fast, and reliable, the also track and store user information.  One semi-logical argument is that if you have nothing to hide, what is the big deal about information being stored.  On the other hand, you should have the right to protect your privacy whether or not you have anything to hide.  Qwant Maps believes in preserving user privacy, so it is an open source and privacy-preserving map tool.  Qwant Maps was created so users have exclusive control over their geolocated data.

Qwant Maps built its tool on OpenStreetMap, a free and collaborative geographical database supported by more than one million voluntary contributors.  OpenStreetMap is not an out-of-the box solution and requires some tech savviness to use it.  Qwant Maps’s team developed a geoparsing engine to make OpenStreetMap more user friendly.

“To overcome these shortcomings and to meet the needs of most of people, Qwant Maps has developed — or participated to the development — its own software components. The will of Qwant Maps is to create a virtuous synergy between Qwant Maps and OpenStreetMap. Thus Qwant Maps uses OpenStreetMap data to generate its own vector tiles, its own base map, its own web APIs. Also Qwant Maps feeds its geoparsing web service as well as its online applications thanks to OpenStreetMap data.”

All of the code for both the Qwant Maps geosparsing tool and OpenStreetMap are open source.  Qwant Maps also uses Mimirsbrunn as its search engine, Kartotherian as a visual rendering tool based on vector tiles, and Idunn is used to highlight all information on the tiles.

Whitney Grace, July 5, 2019

Facebook: Fine and a Reminder of Ozymandius?

I just wanted to document that Facebook will have to pay a fine. Well. allegedly. On the other hand, the rumored penalty evokes the trunkless legs of stone. Ozymandius time in Silicon Valley. For details, navigate to “Facebook Reportedly Fined $5B over Cambridge Analytica Fiasco.” No high flier wants to wear a t shirt with the word “fiasco” stenciled in red. Perhaps if it were paired with the Nike Betsy Ross shoes and “fiasco” spelled “phiasco”, the label could be trendy. The t shirt would collect likes like a hamburger gathers flies at a picnic on a 90 degree day in Mountain View. I noted this statement in the write up:

The FTC approved the settlement in a 3-to-2 vote with Republican commissioners in favor and Democrats opposing, according to Wall Street Journal sources. The arrangement and further details have yet to be confirmed publicly, and any agreement will still have to be reviewed by the Department of Justice.

Yep, some money, just a bit tardy.

Stephen E Arnold, July 13, 2019

Targeting 101: Disabling Google and Finding Software Alternatives

I read “Completely Block Google and Its Services.” If you are concerned about Google’s data policies, you may want to read the article and follow the instructions in the pihole-google.txt file. It appears that there are more than 7,000 services which Google uses to obtain one’s personal information.

Is this a surprise? No, what’s interesting is that disabling items one by one in an Android device is not going to do the job. I particularly liked the listing of DoubleClick add ons. Here’s a sampling of the more than two dozen items:

analytics.txt

firebase.txt

fonts.txt

mail.txt

products.txt

Some readers of DarkCyber may find the DoubleClick patents interesting. An overview of the cookie method appears in “Method and Apparatus for Transaction Tracking Over a Computer Network.” You can locate the document at this link. DoubleClick has other interesting inventions as well. I covered more of these in my 2003 The Google Legacy and the follow-up monograph, Google Version 2. I am not returning to the Museum of Googzilla.

Once Google has been removed from your Android device, you may want to find replacement for the Google Play and Google provided apps. You can find a useful list in “The Complete List of Alternatives to All Google Products.” The “all” makes me nervous because DarkCyber has heard rumors than not even Google has a list which is comprehensive. Like the personnel data the US government once requested, that’s just too difficult. Creating such a list is impossible because once the list has been whipped up, it might leak. Google still tries to be as secretive as possible, but its track record has changed as the firm has aged.

Stephen E Arnold, June 30, 2019

Alexa: Big Brother and Big Sister

The younger generations live their lives online, so it is surprising when one shows concern about privacy. The Guardian’s Comedic journalist Tim Dowling wrote about his son’s total dislike for Amazon’s Alexa in, “Tim Dowling: Two Alexas Have Moved In, And They’re Terrifying.” Smart speakers are Big Brother’s newest tool, because it is always listening.

Dowling was sent two free Alexa’s to review for his column and coerced his son into setting them up in his home. What is even funnier is that they are used Alexas and one of them had googly eyes, so one is “always watching.” The son in question is nineteen years old, but is scared of Alexa. Dowling and his offspring do not like Alexa, because she is listening. At first, it is charming to have questions answered instantaneously, but it quickly turns when they nearly avoid buying an expensive laptop. They do ask Alexa, how many people are spying on them right then, but the speaker did not known the answer. Dowling’s eldest child, however, was quite keen on the speakers and had one tell him the latest football scores (that is soccer for the US).

It got worse for the youngest one when Dowling had to leave him alone in the house with the two Alexas:

“ ‘Walk the dog, feed the cat, don’t say ‘Alexa’, and you’ll be fine,’ I say.

‘Great,’ he says.

Some hours later, I receive an email informing me that I will not be required to write about Alexa after all. A few minutes after that, I receive an apology from the youngest one, telling me he had to unplug both Alexas: they had started talking to each other.”

What do Alexas discuss? They probably ceaselessly ask one another to keep repeating, because they could not quite get what the other is saying. Sure, smart speakers are fun. They are a voice activated Google and radio, but they are always listening. Listening to hear the next command or reporting it to the government.

Whitney Grace, June 2, 2019

Facebook Says Privacy. Tim Cook Explains Privacy

Apple continues to build out its privacy platform. “Apple CEO Tim Cook Slams Peeping Tom Websites for Intruding onto Users’ Privacy, Insists He Doesn’t Want Customers Looking at Their iPhones Too Much and Addresses Concerns That Kids Are Addicted to Devices” presents some of the suggestions and observations likely to find their way into Apple’s marketing of its products and services. (There was no mention of the nagging to sign into Apple’s messaging service or the annoyance of pleading with customers to use the Apple cloud storage service. Intrusive. You betcha.)

In an interview with a US television “real news” reporter, Mr. Cook offered one quite interesting observations; to wit:

Companies that collection people’s data know a lot more about you than someone looking in the window of your home. (Peeping Toms are bad, very bad.)

The article in the Daily Mail linked Mr. Cook’s comments about privacy to one of his previous statements:

Cook previously denounced Facebook and other tech companies for hoarding ‘industrial’ amounts of users’ private data during a privacy conference at the European Parliament in Brussels in October [2018].

How does Mr. Cook some companies’ “hoarding” of data? The answer:

Industrial scale.

One may want to recall that Facebook’s privacy woes have not had a significant impact on the firm’s financial performance. Mr. Cook may be talking privacy, but the reality is that in America, financial performance may be more important in some circles.

Oracle once asserted that in search and retrieval security matters. Oracle’s bet on enterprise search security did not cause competitors much, if any, friction. Apple’s “bet” on privacy will be interesting to observe.

Stephen E Arnold, May 5, 2019

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Fogint
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month November 2024 October 2024 September 2024 August 2024 July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • FOGINT: Security Tools Over Promise & Under Deliver
  • More Googley Human Resource Goodness
  • Point-and-Click Coding: An eGame Boom Booster
  • China Smart, US Dumb: LLMs Bad, MoEs Good
  • Management Brilliance Microsoft Suggests to Customers, “You Did It!”

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org