Questioning Google's Privacy Reform 134
JagsLive makes note of a story questioning whether Google's recent commitment to anonymize IP logs faster is really as good as it sounds. We discussed their announcement a few days ago. CNet's Chris Soghoian takes a closer look:
"While the company hasn't said how it de-identifies the cookies, it has revealed in public statements that its IP anonymization technique consists of chopping off the last 8 bits of a user's IP address. As an example, an IP address of a home user could be 173.192.103.121. After 18 months, Google chops this down to 173.192.103.XXX. Since each octet (the numbers between each period of an IP) can contain values from 1-255, Google's anonymization technique allows a user, at most, to hide among 254 other computers. ... Google has now revealed that it will change "some" of the bits of the IP address after 9 months, but less than the eight bits that it masks after the full 18 months. Thus, instead of Google's customers being able to hide among 254 other Internet users, perhaps they'll be able to hide among 64, or 127 other possible IP addresses. By itself, this is a laughable level of anonymity. However, it gets worse."
Well (Score:5, Insightful)
Do all those whining about this anonymize their own server logs? Because I sure don't.... they are doing this to keep the mob away, that's it.
Who cares about the IP? (Score:5, Insightful)
Everyone makes it much easier than matching IP addresses... As the article discusses, many people use Google logins for e-mail and other services. This is a much more reliable way to track all of your information.
What I'd like to see is some significant differentiation between logged-in and logged-out states and the level of anonymity that is provided in each case.
But really, if you're voluntarily storing your stuff on someone else's server with the known understanding that they're parsing it for ad matching, what kind of privacy expectations do you really have?
--
Hey code monkey... learn electronics! Powerful microcontroller kits for the digital generation. [nerdkits.com]
Why does Google risk customer relations? (Score:4, Insightful)
In the internet age, companies' luck can change quite quickly. Please Google, just get rid of those logs quickly and completely..
Re:Uh huh, yeah, whatever. (Score:1, Insightful)
Tor is not a solution either (Score:5, Insightful)
except, of course, that with Tor, the egress routers can (and probably do) look at your unencrypted communications, which often can be traced back to you, too.
If you want reasonable anonymity, you need to buy VPN access from a source using a non-traceable payment method. And, of course, they can still correlate your online activity on various sites. A single unencrypted Yahoo Mail or GMail session will unlock your entire usage history.
Re:Uh huh, yeah, whatever. (Score:3, Insightful)
I'm appalled that anyone expects privacy at all (Score:3, Insightful)
Sure-- it's a great thing. But Google and Yahoo and myriads of other online sites live and die for your IP address, so that they may serve you better-- after running you through great behemoths of analyticals. Anonymizing after such a time serves no one's real privacy interest. Anonymizers have the ability to help you peruse privately, but even those are becoming easier to predict-- making anonymizing increasingly difficult. It's best to start your own botnet if you really want to be anonymous these days and this is just what a few good anonymizers do. Face it folks, Google's not trying at all and is financially compelled not to do so.
Re:Well (Score:2, Insightful)
I'm shocked. Terrified in fact. If your site, with all the traffic you see, is keeping logs then we should just completely give up on trying to get Google to improve it's privacy policy and make you priority numero uno. After all, what Google knows about the web and it's users can probably be stored on one cylinder of one plater of the tiniest server in your data centre which extends to every horizon.
sorry; which site?
P.S. if you RTFA, you might find out that Google, whilst maybe not particularly well known to you, is actually quite a big search engine.
Do no evil, unless you can fool the public? (Score:1, Insightful)
Do no evil, unless you can fool the public?
Google has been getting away with identity murder for years and years. For anyone that finds this whole thing 'new' or 'odd' needs to slap themselves and research the marketing company that is Google.
They don't provide services or features, they sell identity information and ads.
The services and online features are just the bait in the trap.
"Google, making Microsoft look non-Evil for years."
Re:Well (Score:5, Insightful)
Do all those whining about this anonymize their own server logs? Because I sure don't.... they are doing this to keep the mob away, that's it.
What do our server logs have to do with Google's?
The principle may be the same, but the scale is so vastly different that the practical consequences cannot be plausibly compared to one another.
Subpoenaing logs for IP 123.456.789 from Google is not the same as getting logs from icanhascheezburger.
Re:Well (Score:5, Insightful)
yea, also i don't think the author of this article understands statistics.
if Google changes random bits in the IP address even before they remove the last byte at 18 months, that would already make guessing the original IP address near impossible since you don't know which bits were changed.
if they only changed 1 bit in the entire address, then there would be 32 possibilities, but if they changed 1 bit in each octet, then there would be 4096 possibilities. if they changed 2 bits in each octet, there would be 61,4656 possibilities. if they changed a random number of bits in each IP address, then the possibilities grow even larger. and this isn't a login password or encryption scheme. there's no way to brute-force the original IP address from the anonymized IP address even if only a single bit was changed.
this is just more unwarranted alarmism. google has stated that they are working on developing a method of anonymization that would protect user privacy while retaining the useful characteristics of their log data. frankly, as long as they're not giving up user data to 3rd parties anonymization is a non-issue.
Re:Why does Google risk customer relations? (Score:0, Insightful)
See that is what geeks and nerds aren't able to understand. The 90's are gone. This is the digital age. Internet life is not restricted to the same pathetic mom's basement dwellers. Nowadays, it is much more important to the Big Corps to learn what the bully that used to beat your nerd arse at school wants, than what you want. The bully got 1000 expensive devices connected to the Internet and doesn't care about this privacy BS, he just wants access to Facebook and MySpace to call his million hoes to drop by his flat for some cuddling and party.
So, privacy is a concern for you and your 3 nerd long life friends, and Google really doesn't care about your pathetic WoW virtual life or your Sarah Palin porn...
Re:Well (Score:4, Insightful)
I didn't see any mention of random bits being changed in the article.
Re:Well (Score:5, Insightful)
That's kind of the point. We want to make an informed decision about the costs here.
Without hearing about "this bullshit", you cannot make an informed decision. Imperfect information damages capitalism; and the more imperfect the information, the more damage is done.
There's also another aspect. Just about everybody wants everything to be better than it is now. This is a way this could be better. So we ask for it to be better. The argument can be paraphrased as:
A: Good enough is good enough
B: Yes, but better would be better.
Re:Well (Score:3, Insightful)
I didn't see any mention of random bits being changed in the article.
Not to mention that, IMHO, 'anonymizing data' is not the same as 'making the data anonymous'.
Anonymizing data = preventing it from being personally identifiable
Anonymous data = scrubbed of all context
http://www.answers.com/anonymous [answers.com]
3. Having no distinctive character or recognition factor
You can anonymize data and still retain geographic and/or demographic data.
Re:Well (Score:3, Insightful)
+1 Insightful, cuts right to the heart of the matter.
As Google's presence on the Internet becomes more and more significant, specific details on how their operations can affect us become more important.
I2P will never get out of beta. (Score:3, Insightful)
The problem is that to enter I2P you need an i2p gateway to connect to. It's like TOR but reversed: TOR nodes let you get from the anonymous net to the outside world... I2P gateways let you get from the outside world to the anonymous net. So what happens when these addresses get banned?
No matter how you look at it, if it ever gets popular it will be declared illegal by governments for supporting "terrorism or other illegal activities" (such as p2p, doh) and they'll come out with "if you have nothing to hide...".
My conclusion is that I2P will *ALWAYS* be in "beta" and therefore it will never be announced to the world. And because of that, not many people will cooperate and try to install their own i2p nodes. The result: A VERY VERY slow anonymized network.
Re:Minor correction (Score:3, Insightful)
Re:What have you done with Slashdot? (Score:1, Insightful)
Well... if you want to get technical about the number of possible anonymous addresses you need to keep in mind that Network Address Translation(NAT) and Protocol Address Translation (PAT) will multiply this number significantly. Assuming that Google only keeps the IP address and not the rest of the TCP header.
If your getting internet access from a major ISP and you didn't spend the extra $20 to get a 'static' or 'internet visible' IP address, your likely behind PAT.
I'm sure someone will correct me if I'm wrong.
--Magus Sartori