By Dave Peyton, Tribune Media Services
Cookies. Until recently, the word conjured only pleasant images. Grandma's kitchen. Mom's loving homemade gifts to her children. Christmas goodies.
Today, the word can bring a chill to computer users, especially those who believe that cookies are all evil and the bane of those who want to protect their privacy while online.
The dark side of computer cookies came to light again recently when it was reported that the National Security Agency had been placing cookies on the computers of users who visited the government Web site in spite of rules banning the practice.
When it was discovered that the NSA site was placing cookies on visitors' computers, the practice was stopped, according to government officials.
Most computer users have heard of cookies but many have the wrong impression about them. First and foremost, cookies are not programs. They are simple text files that can be placed on your computer when you visit a Web site.
Cookies can be helpful
Despite what you hear, most cookies are for the convenience of the user. For example, if you go to a Web site where a name and password are required, the host computer may put a cookie on your computer that remembers that information. Thus, when you return to that site, you won't have to re-enter the information.
Cookies can't take control of your computer and send personal and private information to someone else. There are computer viruses that will do that, but cookies can't perform that task.
What can cookies do that you might not want them to do? They can store information about where you have been and what you have done on the Internet and make that information available to a Web site the next time you visit. This is apparently what the cookie installed by the NSA Web site allowed. Sinister? Perhaps, but remember such cookies do not have the capability of providing your most personal information such as financial status, bank account numbers and the like.
Cookie basics
It behooves anyone who surfs the Internet to learn about cookies, what they can and can't do and even how to control and delete them.
The best place to go to learn about cookies is Cookie Central at http://www.cookiecentral.com. This site focuses on cookies, the good and the bad. It provides basic information about what cookies are and what they aren't. It provides the latest news about cookies, a list of frequently asked questions about the text files and a guide to finding what cookies may be on your computer and how to eliminate them if you want to.
Microsoft address the issue of cookies at http://www.microsoft.com/info/cookies.mspx . There's information on this site about the purpose of cookies, how a cookie helps you, how to control which cookies you accept and how to see the cookies you have accepted.
If you find either of these site a little too technical, you might want to check out the files about cookies on How Stuff Works. This file explains cookies in simple terms and can be found at http://www.howstuffworks.com/cookie.
***
Are you tired of calling phone numbers only to have a computer answer? Have you begun to wonder whether there are any human beings in charge of answering phones? Paul English might be able to help with his IVR (interactive voice response) cheat sheet at http://www.paulenglish.com/ivr/. English provides more than 250 phone numbers and what buttons to push to get around the seemingly unending menus to get you to a real person on the other end of the line quickly.
***
Donors Choose at http://donorschoose.org is a place to find school projects that need financial support. Teachers list project that need support and, if you want to help, you can make a donation. The site allows you to find out how much has already been given to the project and how needy the school is. Teachers who want to list project can request assistance and if that request is approved, it will be posted on the site.
***
Slip-ups. We all have them at times, but when they appear in movies, on TV or in books, they may become the topic of commentary at http://www.slipups.com. This site chronicles amusing accidental bloopers or mistakes that weren't caught in the editing process and appear to the viewing public. They can range from inconsistencies in movies and TV programs to errors in books. The site has collected more than 14,000 slip-ups to date and new ones are added periodically.
Monday, January 23, 2006
IE Beta Code Leaks onto Net
Images and code from the latest build of Microsoft’s Internet Explorer 7 browser show up on web sites.
Images and programming code from the latest beta test version of Microsoft’s upcoming Internet Explorer 7 browser have already emerged on the Internet, apparently in leaks from developers.
Images show the tabbed interface that IE will borrow from competing browsers such as Opera, Mozilla Firefox, and Netscape. Several of the images are of Chinese web sites and include Chinese characters, perhaps giving an indication of the source of the leaks.
Sites such as ActiveWin.com, JCXP.net, and Addict3D.org have been featuring images of the Beta 2 version of the browser and discussions of its merits.
Some sites even had links to places on the Net where the code could be downloaded. Microsoft asked at least one site, JCXP, to remove the links, but not before perhaps thousands of users had already downloaded the beta code.
Some users who downloaded the file had trouble getting the software to properly validate on their systems, however. The build also required them to delete their previous version of IE.
‘Part of the issue they have is they need to get the code out to as many people as possible.’ -Michael Cherry,
Directions on Microsoft
The Redmond software giant has said it plans to open the Beta 2 preview to the general public sometime this quarter, but has given many developers an early taste so they can modify their existing applications to run more smoothly with IE7 and take advantage of its new features.
Shares of Microsoft closed down $0.06 to $26.35 in recent trading Monday.
RSS Made Really Simpler
The new browser includes an easy way to subscribe to RSS (really simple syndication) feeds just by clicking on a prompt that appears in a window within IE. The browser then adds the feed to the user’s “favorites” menu.
The software also includes a Quick Tabs feature that displays the contents of several web pages within a single IE window. By clicking on one of the thumbnail images, users can expand the web page to the full window.
The leaking of the screen shots at least serves to publicize the upcoming release and may not be that much of a setback for Microsoft after all.
“Part of the issue they have is they need to get the code out to as many people as possible,” said Michael Cherry, lead analyst for Windows and mobile at the research firm Directions on Microsoft.
He isn’t sure how accurate some of the screen shots are. “You don’t know if it’s an internal build to test as a prototype or the next beta they were going to release to the public anyway,” he said.
The company said it intends to share more information about IE as it gets closer to the date of release this quarter of the next official beta version, but cautions users not to run the leaked code.
“Microsoft encourages customers interested in testing a pre-release version of IE for Windows XP to wait until the code is available from Microsoft,” said a statement from the company. “Microsoft continues to build on the Internet Explorer 7 features delivered at beta 1. However, at this time, we have nothing to announce in regards to features or timing of this build. “
However, Microsoft has been keeping a blog that informs the public at large, as well as developers, about new features in IE.
Erasing History
For example, the company said earlier this month that it is enabling users to easily flush the history of previous web sites they’ve visited from the browser. This used to be a somewhat laborious task with earlier versions of IE.
The “Tools” menu will now have a “Delete Browsing History” feature that will be able to erase temporary Internet files, cookies, history, form data, and passwords, according to a posting on Microsoft’s IEBlog by Uche Enuha, a program manager working on the user experience team.
“Back in IE6, you would have to spend a lot of time looking through various places on your computer to get rid of all the relevant information and possibly still miss some critical information,” he wrote.
“Now with the ‘Delete Browsing History’ feature, we are giving every person the ability to clear all their browsing information from one location with a click of a button and the peace of mind that the job was done right,” he added.
Microsoft would probably like to have some peace of mind that its programming code won’t be leaked all over the Internet.
Meanwhile the company has been developing the next version of its Windows operating system, Vista, along with IE7. Both are expected to ship later this year. Microsoft has been enhancing Vista’s security features as well. In the latest build, developers have discovered that Microsoft provided a two-way firewall.
Images and programming code from the latest beta test version of Microsoft’s upcoming Internet Explorer 7 browser have already emerged on the Internet, apparently in leaks from developers.
Images show the tabbed interface that IE will borrow from competing browsers such as Opera, Mozilla Firefox, and Netscape. Several of the images are of Chinese web sites and include Chinese characters, perhaps giving an indication of the source of the leaks.
Sites such as ActiveWin.com, JCXP.net, and Addict3D.org have been featuring images of the Beta 2 version of the browser and discussions of its merits.
Some sites even had links to places on the Net where the code could be downloaded. Microsoft asked at least one site, JCXP, to remove the links, but not before perhaps thousands of users had already downloaded the beta code.
Some users who downloaded the file had trouble getting the software to properly validate on their systems, however. The build also required them to delete their previous version of IE.
‘Part of the issue they have is they need to get the code out to as many people as possible.’ -Michael Cherry,
Directions on Microsoft
The Redmond software giant has said it plans to open the Beta 2 preview to the general public sometime this quarter, but has given many developers an early taste so they can modify their existing applications to run more smoothly with IE7 and take advantage of its new features.
Shares of Microsoft closed down $0.06 to $26.35 in recent trading Monday.
RSS Made Really Simpler
The new browser includes an easy way to subscribe to RSS (really simple syndication) feeds just by clicking on a prompt that appears in a window within IE. The browser then adds the feed to the user’s “favorites” menu.
The software also includes a Quick Tabs feature that displays the contents of several web pages within a single IE window. By clicking on one of the thumbnail images, users can expand the web page to the full window.
The leaking of the screen shots at least serves to publicize the upcoming release and may not be that much of a setback for Microsoft after all.
“Part of the issue they have is they need to get the code out to as many people as possible,” said Michael Cherry, lead analyst for Windows and mobile at the research firm Directions on Microsoft.
He isn’t sure how accurate some of the screen shots are. “You don’t know if it’s an internal build to test as a prototype or the next beta they were going to release to the public anyway,” he said.
The company said it intends to share more information about IE as it gets closer to the date of release this quarter of the next official beta version, but cautions users not to run the leaked code.
“Microsoft encourages customers interested in testing a pre-release version of IE for Windows XP to wait until the code is available from Microsoft,” said a statement from the company. “Microsoft continues to build on the Internet Explorer 7 features delivered at beta 1. However, at this time, we have nothing to announce in regards to features or timing of this build. “
However, Microsoft has been keeping a blog that informs the public at large, as well as developers, about new features in IE.
Erasing History
For example, the company said earlier this month that it is enabling users to easily flush the history of previous web sites they’ve visited from the browser. This used to be a somewhat laborious task with earlier versions of IE.
The “Tools” menu will now have a “Delete Browsing History” feature that will be able to erase temporary Internet files, cookies, history, form data, and passwords, according to a posting on Microsoft’s IEBlog by Uche Enuha, a program manager working on the user experience team.
“Back in IE6, you would have to spend a lot of time looking through various places on your computer to get rid of all the relevant information and possibly still miss some critical information,” he wrote.
“Now with the ‘Delete Browsing History’ feature, we are giving every person the ability to clear all their browsing information from one location with a click of a button and the peace of mind that the job was done right,” he added.
Microsoft would probably like to have some peace of mind that its programming code won’t be leaked all over the Internet.
Meanwhile the company has been developing the next version of its Windows operating system, Vista, along with IE7. Both are expected to ship later this year. Microsoft has been enhancing Vista’s security features as well. In the latest build, developers have discovered that Microsoft provided a two-way firewall.
Sunday, January 22, 2006
Crushing Cookies
That Snoop
Q. How can I disable and delete Web browser cookies that track my surfing habits?
A. Cookies are small bits of text that a Web server gives your computer's Web browser when you visit certain sites. With this text in your browser's cookie file, the Web site can identify you the next time you visit and present you with customized greetings or personalized settings.
Some types of cookies, usually referred to as "tracking cookies," are used by third-party advertisers when you visit a site. The cookies retain information about your Web surfing habits that can be taken into account in presenting advertising geared to your perceived interests.
You can usually set your Web browser to reject cookies from Web sites other than the one you chose to visit. In Internet Explorer 6, for example, you can find these settings under the Tools menu, in the Internet Options box. Click the General tab, then on Delete Cookies to get rid of existing cookies.
Next, click on the Privacy tab in the Internet Options box and then on the Advanced button. Check the box next to "Override automatic cookie handling" and click on the Block option under "Third-party Cookies" before clicking on the O.K. button. Many antispyware programs will also delete tracking cookies from your computer.
Q. How can I disable and delete Web browser cookies that track my surfing habits?
A. Cookies are small bits of text that a Web server gives your computer's Web browser when you visit certain sites. With this text in your browser's cookie file, the Web site can identify you the next time you visit and present you with customized greetings or personalized settings.
Some types of cookies, usually referred to as "tracking cookies," are used by third-party advertisers when you visit a site. The cookies retain information about your Web surfing habits that can be taken into account in presenting advertising geared to your perceived interests.
You can usually set your Web browser to reject cookies from Web sites other than the one you chose to visit. In Internet Explorer 6, for example, you can find these settings under the Tools menu, in the Internet Options box. Click the General tab, then on Delete Cookies to get rid of existing cookies.
Next, click on the Privacy tab in the Internet Options box and then on the Advanced button. Check the box next to "Override automatic cookie handling" and click on the Block option under "Third-party Cookies" before clicking on the O.K. button. Many antispyware programs will also delete tracking cookies from your computer.
Deleting cookies won't control spyware, adware
Q: Why clutter a computer with adware and spyware? Each evening before shutting down, I delete all the cookies stored in my browser. I use a firewall and anti-virus software. This procedure takes less time than using those two products. Granted, it takes away acceptable cookies, but they are replaced.
A: Hi, Tom. Deleting the cookies doesn't do a thing when it comes to spyware and adware. So you're not protecting your computer.
Besides, cookies got a bad rap years ago when they first came on the scene. I wish controlling spyware and adware were as simple as deleting cookies. But you need to use a special program, as is true with fighting hackers and viruses, to tackle the problem.
I consistently recommend one of two free programs: SpyBot Search & Destroy or Ad-Aware. You can download either at download.com.
Now, more about cookies: Some hacker and porno sites can be dangerous when it comes to cookies. If you stay away from places like that, cookies from most mainstream sites should not be a concern.
A cookie is a tiny text file that lets a Web site identify you on your next visit. So the cookie makes it possible to — for instance — customize the opening page at weather.com to give you the temperature in your old hometown each time you log on. Once you've customized the site, the cookie lets the Weather Channel site pull up the correct page just for you.
Q: Having heard and read the admonitions to be careful about what to do to avoid e-mail spam, I wonder whether there is there a list or source that does enumerate those specific spots on the screen on which not to click in order not to expose the e-mail address to a spammer?
A: Fred, it isn't a case of finding the right spots on the screen. Clicking or not clicking on some spot won't make any difference. However, there are ways to at least minimize the amount of spam you get. I once did a series of stories about spam and created this list of tips:
• Avoid listing your e-mail address on Web pages. Spammers use software that harvests addresses.
• If you must use your e-mail address on the Web, avoid using the @ symbol — it's what spamming software looks for. Type an address this way — bill(at)spamstory.com — on a Web page.
• Get a free e-mail account at Yahoo (yahoo.com) or Hotmail (hotmail.com). Use it to order merchandise or leave public comments. You'll still get spam, but most of it will arrive at the free e-mail account.
• Never answer a spam e-mail. Don't order, don't write to complain, don't use the link that offers to remove your name from mailings. Answering proves the e-mail account is active and may generate more spam.
• If you participate in online contests or fill in registration forms on the Web, use your free e-mail account.
• If your Internet provider offers free anti-spam software or services, use them.
• Don't check that box: When you sign up at a Web page, look for text toward the end of the form that says something like: "Yes, I want to be contacted by select third parties concerning products I might be interested in." If the box has already been checked, remove the check mark.
• If you receive a spam offer that sounds too good to be true, it almost certainly is
A: Hi, Tom. Deleting the cookies doesn't do a thing when it comes to spyware and adware. So you're not protecting your computer.
Besides, cookies got a bad rap years ago when they first came on the scene. I wish controlling spyware and adware were as simple as deleting cookies. But you need to use a special program, as is true with fighting hackers and viruses, to tackle the problem.
I consistently recommend one of two free programs: SpyBot Search & Destroy or Ad-Aware. You can download either at download.com.
Now, more about cookies: Some hacker and porno sites can be dangerous when it comes to cookies. If you stay away from places like that, cookies from most mainstream sites should not be a concern.
A cookie is a tiny text file that lets a Web site identify you on your next visit. So the cookie makes it possible to — for instance — customize the opening page at weather.com to give you the temperature in your old hometown each time you log on. Once you've customized the site, the cookie lets the Weather Channel site pull up the correct page just for you.
Q: Having heard and read the admonitions to be careful about what to do to avoid e-mail spam, I wonder whether there is there a list or source that does enumerate those specific spots on the screen on which not to click in order not to expose the e-mail address to a spammer?
A: Fred, it isn't a case of finding the right spots on the screen. Clicking or not clicking on some spot won't make any difference. However, there are ways to at least minimize the amount of spam you get. I once did a series of stories about spam and created this list of tips:
• Avoid listing your e-mail address on Web pages. Spammers use software that harvests addresses.
• If you must use your e-mail address on the Web, avoid using the @ symbol — it's what spamming software looks for. Type an address this way — bill(at)spamstory.com — on a Web page.
• Get a free e-mail account at Yahoo (yahoo.com) or Hotmail (hotmail.com). Use it to order merchandise or leave public comments. You'll still get spam, but most of it will arrive at the free e-mail account.
• Never answer a spam e-mail. Don't order, don't write to complain, don't use the link that offers to remove your name from mailings. Answering proves the e-mail account is active and may generate more spam.
• If you participate in online contests or fill in registration forms on the Web, use your free e-mail account.
• If your Internet provider offers free anti-spam software or services, use them.
• Don't check that box: When you sign up at a Web page, look for text toward the end of the form that says something like: "Yes, I want to be contacted by select third parties concerning products I might be interested in." If the box has already been checked, remove the check mark.
• If you receive a spam offer that sounds too good to be true, it almost certainly is
Monday, January 16, 2006
The browser and the ballot box
If we want to preserve our civil liberties in the networked world, then we have to assert them, argues technology commentator Bill Thompson.
US concerns over adult material are behind the Google request
On the surface it might seem that it has been a good month for those of us who care about civil liberties and our freedom to go about our daily business unobserved.
Google has gained some credit for refusing a request from the Justice Department of the US government to hand over a vast list of website addresses and search terms, especially since it seems that other search engines complied.
And in the House of Lords peers forced through amendments to the Identity Cards Bill that could make it much more difficult for the government to go ahead with its plans to create a national identity database that will track our every interaction with the state.
As ever things are a lot more complicated and much less reassuring when you dig a little deeper.
Data requests
The Justice Department wanted to create a vast database of search terms and websites so that it could do its own research on whether children are likely to come across the euphemistically-described adult material while they are searching the web.
The information would be used to support a legal appeal over the constitutionality of the Child Online Protection Act, a law passed in 1998 which required all commercial distributors of "material harmful to minors" to protect their sites from access by minors.
Both Google and the UK government are powerful interests who can't see why they should not be trusted, refuse to imagine the consequences if that trust was breached, and see commercial or political advantage in doing what they want
Google defies US over data
It was struck down by the courts, but the government is appealing, and wants to use search records from Yahoo, Google, Microsoft and America Online to show that the law would be effective and not restrict other forms of speech.
Google's reticence is heartening, especially since the company stores so much information about everyone who searches its site. If the US government gets into the habit of just asking for vast tranches of data when it feels like it, then we should all be worried.
However I would not put out the flags yet. For one thing, this very public fight hides the fact that search engines and ISPs are generally willing to hand over data to law enforcement agencies in pursuit of investigations.
Sometimes they don't have a choice. Under the Patriot Act the FBI can issue so-called national security letters to force ISPs to hand over personal data, and they are forbidden to tell anyone that they are doing so.
For all I know, the records of my searches on MSN are even now being pored over by a CIA analyst looking for evidence of untoward behaviour.
Life in the open
While I'm worried about search engines and what they know, I'm far more concerned about the records that the UK government proposes to keep.
Google keeps track of every search term
Although most of the discussion around the Identity Cards Bill focuses on the cards which we'll be carrying around with us, the bill is really about creating the National Identity Register, a massive, comprehensive database that tracks every one of us throughout our lives.
It will store a vast amount of detailed information, including "particulars of every occasion on which information contained in the individual's entry has been provided to a person" and "particulars of every person to whom such information has been provided on such an occasion".
That means that the government will know, if it cares to look, about every time my identity is verified, not just when I'm claiming benefit or seeking NHS treatment but also when I sign up with a health club or enter a particularly paranoid company office or even, perhaps, turn up at my child's school for a meeting.
And of course it won't generally have to ask for access to that data, since it will be running the Register and has rejected proposals for an independent commissioner to prevent improper use of the information.
While the Lords may have voted for restrictions, it is likely that the government will use their Commons majority to overturn the amendments and go forward with the bill as planned.
Implicit bargain
In his recent book, Search, John Battelle, one of the founders of Wired magazine and a respected figure in the world of new media, pointed out just how much trust we are placing in online companies.
"As we move our data to the servers at Amazon.com, Hotmail.com, Yahoo.com, and Gmail.com, we are making an implicit bargain, one that the public at large is either entirely content with, or, more likely, one that most have not taken much to heart," he wrote.
"That bargain is this: we trust you to not do evil things with our information. We trust that you will keep it secure, free from unlawful government or private search and seizure, and under our control at all times."
It is worth asking why these databases are there in the first place, why Google feels the need to record every search term or why, as it seems, it will also be logging your account details every time you watch a video bought from its online video store.
Both Google and the UK government are powerful interests who can't see why they should not be trusted, refuse to imagine the consequences if that trust was breached, and see commercial or political advantage in doing what they want.
When it comes to search engines, we can do something about asserting our right to privacy. It would be nice to avoid them, but search is as much part of our daily existence now as reading, a core part of what it means to be literate in the connected world.
It means we have to learn how to search wisely, remember to delete cookies and anonymise requests and look after ourselves online.
And when it comes to the government, it is not too late to let MPs know that the proposals are flawed, dangerous and almost certainly vastly more expensive than claimed.
It may be time, whether through the browser or the ballot box, to remind the private and public creators of these vast databases of the continuing importance of individual freedom.
US concerns over adult material are behind the Google request
On the surface it might seem that it has been a good month for those of us who care about civil liberties and our freedom to go about our daily business unobserved.
Google has gained some credit for refusing a request from the Justice Department of the US government to hand over a vast list of website addresses and search terms, especially since it seems that other search engines complied.
And in the House of Lords peers forced through amendments to the Identity Cards Bill that could make it much more difficult for the government to go ahead with its plans to create a national identity database that will track our every interaction with the state.
As ever things are a lot more complicated and much less reassuring when you dig a little deeper.
Data requests
The Justice Department wanted to create a vast database of search terms and websites so that it could do its own research on whether children are likely to come across the euphemistically-described adult material while they are searching the web.
The information would be used to support a legal appeal over the constitutionality of the Child Online Protection Act, a law passed in 1998 which required all commercial distributors of "material harmful to minors" to protect their sites from access by minors.
Both Google and the UK government are powerful interests who can't see why they should not be trusted, refuse to imagine the consequences if that trust was breached, and see commercial or political advantage in doing what they want
Google defies US over data
It was struck down by the courts, but the government is appealing, and wants to use search records from Yahoo, Google, Microsoft and America Online to show that the law would be effective and not restrict other forms of speech.
Google's reticence is heartening, especially since the company stores so much information about everyone who searches its site. If the US government gets into the habit of just asking for vast tranches of data when it feels like it, then we should all be worried.
However I would not put out the flags yet. For one thing, this very public fight hides the fact that search engines and ISPs are generally willing to hand over data to law enforcement agencies in pursuit of investigations.
Sometimes they don't have a choice. Under the Patriot Act the FBI can issue so-called national security letters to force ISPs to hand over personal data, and they are forbidden to tell anyone that they are doing so.
For all I know, the records of my searches on MSN are even now being pored over by a CIA analyst looking for evidence of untoward behaviour.
Life in the open
While I'm worried about search engines and what they know, I'm far more concerned about the records that the UK government proposes to keep.
Google keeps track of every search term
Although most of the discussion around the Identity Cards Bill focuses on the cards which we'll be carrying around with us, the bill is really about creating the National Identity Register, a massive, comprehensive database that tracks every one of us throughout our lives.
It will store a vast amount of detailed information, including "particulars of every occasion on which information contained in the individual's entry has been provided to a person" and "particulars of every person to whom such information has been provided on such an occasion".
That means that the government will know, if it cares to look, about every time my identity is verified, not just when I'm claiming benefit or seeking NHS treatment but also when I sign up with a health club or enter a particularly paranoid company office or even, perhaps, turn up at my child's school for a meeting.
And of course it won't generally have to ask for access to that data, since it will be running the Register and has rejected proposals for an independent commissioner to prevent improper use of the information.
While the Lords may have voted for restrictions, it is likely that the government will use their Commons majority to overturn the amendments and go forward with the bill as planned.
Implicit bargain
In his recent book, Search, John Battelle, one of the founders of Wired magazine and a respected figure in the world of new media, pointed out just how much trust we are placing in online companies.
"As we move our data to the servers at Amazon.com, Hotmail.com, Yahoo.com, and Gmail.com, we are making an implicit bargain, one that the public at large is either entirely content with, or, more likely, one that most have not taken much to heart," he wrote.
"That bargain is this: we trust you to not do evil things with our information. We trust that you will keep it secure, free from unlawful government or private search and seizure, and under our control at all times."
It is worth asking why these databases are there in the first place, why Google feels the need to record every search term or why, as it seems, it will also be logging your account details every time you watch a video bought from its online video store.
Both Google and the UK government are powerful interests who can't see why they should not be trusted, refuse to imagine the consequences if that trust was breached, and see commercial or political advantage in doing what they want.
When it comes to search engines, we can do something about asserting our right to privacy. It would be nice to avoid them, but search is as much part of our daily existence now as reading, a core part of what it means to be literate in the connected world.
It means we have to learn how to search wisely, remember to delete cookies and anonymise requests and look after ourselves online.
And when it comes to the government, it is not too late to let MPs know that the proposals are flawed, dangerous and almost certainly vastly more expensive than claimed.
It may be time, whether through the browser or the ballot box, to remind the private and public creators of these vast databases of the continuing importance of individual freedom.
Wednesday, January 11, 2006
How to Foil Search Engine Snoops
On Thursday, The Mercury News reported that the Justice Department has subpoenaed search-engine records in its defense of the Child Online Protection Act, or COPA. Google, whose corporate credo famously includes the admonishment "Don't Be Evil," is fighting the request for a week's worth of search engine queries. Other search engines have already complied.
The government isn't asking for search engine users' identifying data -- at least not yet. But for those worried about what companies or federal investigators might do with such records in the future, here's a primer on how search logs work, and how to avoid being writ large within them.
Why do search engines save logs of search terms?
Search companies use logs and data-mining techniques to tune their engines and deliver focused advertising, as well to create cool features such as Google Zeitgeist. They also use them to help with local searches and return more relevant, personalized search results.
How does a search engine tie a search to a user?
If you have never logged in to search engine's site, or a partner service like Google's Gmail offering, the company probably doesn't know your name. But it connects your searches through a cookie, which has a unique identifying number. Using its cookies, Google will remember all searches from your browser. It might also link searches by a user's IP address.
How long do cookies last?
It varies. Yahoo sets a cookie that expires in June 2006. A new cookie from Google expires in 2036.
What if you sign in to a service?
If you sign in on Google's personalized homepage or Yahoo's homepage, the companies can then correlate your search history with any other information, such as your name, that you give them.
Why should anyone worry about the government requesting search logs or bother to disguise their search history?
Some people simply don't like the idea of their search history being tied to their personal lives. Others don't know what the information could be used for, but worry that the search companies could find surprising uses for that data that may invade privacy in the future.
For example, if you use Google's Gmail and web optimizing software, the company could correlate everyone you've e-mailed, all the websites you've visited after a search and even all the words you misspell in queries.
What's the first thing people should do who worry about their search history?
Cookie management helps. Those who want to avoid a permanent record should delete their cookies at least once a week. Other options might be to obliterate certain cookies when a browser is closed and avoid logging in to other services, such as web mail, offered by a search engine.
How do you do that with your browser?
In Firefox, you can go into the privacy preference dialog and open Cookies. From there you can remove your search engine cookies and click the box that says: "Don't allow sites that set removed cookies to set future cookies."
In Safari, try the free and versatile PithHelmet plug-in. You can let some cookies in temporarily, decide that some can last longer or prohibit some sites, including third-party advertisers, from setting cookies at all.
While Internet Explorer's tools are not quite as flexible, you can manage your cookies through the Tools menu by following these instructions.
Have search histories ever been used to prosecute someone?
Robert Petrick was convicted in November 2005 of murdering his wife, in part based on evidence that he had googled the words "neck," "snap" and "break." But police obtained his search history from an examination of his computer, not from Google.
Can I see mine?
Usually, no. But if you want to trace your own Google search histories and see trends, and you don't mind if the company uses the information to personalize search results, you can sign up for Google's beta search history service.
Could search histories be used in civil cases?
Certainly. Google may well be fighting the government simply on principle -- or, as court papers suggest, to keep outsiders from using Google's proprietary database for free. But a business case can also be made that if users knew the company regularly turned over their records wholesale to the government, they might curtail their use of the site.
A related question is whether Google or any other search engine would fight a subpoena from a divorce attorney, or protest a more focused subpoena from local police who want information on someone they say is making methamphetamines.
What if I want more anonymity than simply deleting my cookie when I'm searching?
If you are doing any search you wouldn't print on a T-shirt, consider using Tor, The Onion Router. An EFF-sponsored service, Tor helps anonymize your web traffic by bouncing it between volunteer servers. It masks the origins and makes it easier to evade filters, such as those installed by schools or repressive regimes.
The service has its drawbacks. While it can be very useful for a journalist in China, data services can be slower or have greater latency due to the extra stops the data makes, and a general dearth of servers.
Is Tor perfectly anonymous?
No. Computers leak data. Tor, combined with the Privoxy proxy server (which comes bundled with Tor), reduces some of that leakage, but still isn't foolproof. But when used with Firefox, Tor and Privoxy can provide a mostly-anonymous web browsing experience.
Are there other options?
Anonymizer offers a limited free browsing service and sells software, both of which are supposed to protect your anonymity, but have had serious performance issues. There are other proxy servers on the internet, but you have to judge for yourself whether you trust them, and some websites actively block anonymous browsing.
The government isn't asking for search engine users' identifying data -- at least not yet. But for those worried about what companies or federal investigators might do with such records in the future, here's a primer on how search logs work, and how to avoid being writ large within them.
Why do search engines save logs of search terms?
Search companies use logs and data-mining techniques to tune their engines and deliver focused advertising, as well to create cool features such as Google Zeitgeist. They also use them to help with local searches and return more relevant, personalized search results.
How does a search engine tie a search to a user?
If you have never logged in to search engine's site, or a partner service like Google's Gmail offering, the company probably doesn't know your name. But it connects your searches through a cookie, which has a unique identifying number. Using its cookies, Google will remember all searches from your browser. It might also link searches by a user's IP address.
How long do cookies last?
It varies. Yahoo sets a cookie that expires in June 2006. A new cookie from Google expires in 2036.
What if you sign in to a service?
If you sign in on Google's personalized homepage or Yahoo's homepage, the companies can then correlate your search history with any other information, such as your name, that you give them.
Why should anyone worry about the government requesting search logs or bother to disguise their search history?
Some people simply don't like the idea of their search history being tied to their personal lives. Others don't know what the information could be used for, but worry that the search companies could find surprising uses for that data that may invade privacy in the future.
For example, if you use Google's Gmail and web optimizing software, the company could correlate everyone you've e-mailed, all the websites you've visited after a search and even all the words you misspell in queries.
What's the first thing people should do who worry about their search history?
Cookie management helps. Those who want to avoid a permanent record should delete their cookies at least once a week. Other options might be to obliterate certain cookies when a browser is closed and avoid logging in to other services, such as web mail, offered by a search engine.
How do you do that with your browser?
In Firefox, you can go into the privacy preference dialog and open Cookies. From there you can remove your search engine cookies and click the box that says: "Don't allow sites that set removed cookies to set future cookies."
In Safari, try the free and versatile PithHelmet plug-in. You can let some cookies in temporarily, decide that some can last longer or prohibit some sites, including third-party advertisers, from setting cookies at all.
While Internet Explorer's tools are not quite as flexible, you can manage your cookies through the Tools menu by following these instructions.
Have search histories ever been used to prosecute someone?
Robert Petrick was convicted in November 2005 of murdering his wife, in part based on evidence that he had googled the words "neck," "snap" and "break." But police obtained his search history from an examination of his computer, not from Google.
Can I see mine?
Usually, no. But if you want to trace your own Google search histories and see trends, and you don't mind if the company uses the information to personalize search results, you can sign up for Google's beta search history service.
Could search histories be used in civil cases?
Certainly. Google may well be fighting the government simply on principle -- or, as court papers suggest, to keep outsiders from using Google's proprietary database for free. But a business case can also be made that if users knew the company regularly turned over their records wholesale to the government, they might curtail their use of the site.
A related question is whether Google or any other search engine would fight a subpoena from a divorce attorney, or protest a more focused subpoena from local police who want information on someone they say is making methamphetamines.
What if I want more anonymity than simply deleting my cookie when I'm searching?
If you are doing any search you wouldn't print on a T-shirt, consider using Tor, The Onion Router. An EFF-sponsored service, Tor helps anonymize your web traffic by bouncing it between volunteer servers. It masks the origins and makes it easier to evade filters, such as those installed by schools or repressive regimes.
The service has its drawbacks. While it can be very useful for a journalist in China, data services can be slower or have greater latency due to the extra stops the data makes, and a general dearth of servers.
Is Tor perfectly anonymous?
No. Computers leak data. Tor, combined with the Privoxy proxy server (which comes bundled with Tor), reduces some of that leakage, but still isn't foolproof. But when used with Firefox, Tor and Privoxy can provide a mostly-anonymous web browsing experience.
Are there other options?
Anonymizer offers a limited free browsing service and sells software, both of which are supposed to protect your anonymity, but have had serious performance issues. There are other proxy servers on the internet, but you have to judge for yourself whether you trust them, and some websites actively block anonymous browsing.
Tuesday, January 10, 2006
Cookie Deletion: More Good News BY Pete Lerma
You could call me a Pollyanna for saying it, but I remain convinced the results of the cookie deletion trend are not all bad. Several months ago, I wrote a column based on a conversation I had with Young-Bean Song, director of the Atlas Institute. The conversation was prompted by a JupiterResearch report that indicated Internet users were deleting cookies at an alarming rate. At the time, Atlas published a report suggesting things weren't as dire as JupiterResearch had suggested. It occurred to me if people were deleting cookies, our standard ways of measuring were actually underreporting actual campaign performance.
Recently, JupiterResearch issued another report indicating more people are deleting their cookies than ever before. JupiterResearch now reports "over 48 million Internet users are running anti-spyware applications that delete third-party tracking cookies. And nearly 38 million are using aggressive anti-spyware applications that remove nearly 75 percent of tracking cookies."
Cookies are important to our businesses. But the people we work so hard to place and track have become increasingly fed up with spyware, its impact on their computer systems' performance, and its negative effect on their overall Internet experience. So they're taking action, which is compromising the integrity of cookie-based tracking.
As I had talked with Young the last time, I thought it only fair to talk with Eric Peterson, the JupiterResearch analyst covering the issue this time. Peterson has unfairly been painted as the bad guy for bringing the matter to the public's attention. Clearly, publishers, tracking technology companies, and agencies don't want to hear about the inaccuracies in our long-held measurement practices. But he isn't trying to bring down our industry as much as he's alerting us to a serious issue that can be overcome with a little work. Peterson proved to be an incredible resource in helping me to further understand the trend. Below, an excerpt from our conversation.
Lerma: What is the big picture trend? Will cookies go away?
Peterson: At this point we have no other feasible way to track Web site user behavior. People have suggested Flash local shared objects (essentially a "persistent cookie"), but those run the risk of additional consumer fallout. So cookie tracking will not likely go away.
Lerma: Do you think consumers could be educated to a point where they wouldn't delete cookies?
Peterson: I moderate a discussion at Yahoo! [Groups] about Web site analytics with 1,500 participants and there has been a debate raging about risks, benefits, and the value associated with cookies. These are well-informed, savvy Internet users. How can we expect consumers to understand?
Lerma: What do you recommend marketers do about this trend? How can we continue tracking the effectiveness of our online campaigns?
Peterson: My guidance is don't panic. But also, don't stick your head in the sand either. Marketers should work with site publishers and technology vendors and push them to assess the impact of cookie deletion on campaigns. At that point, it becomes a statistical issue, and the variable will differ from site to site. But once you know what that variable is, you can apply that to your performance metrics. The key is not to ignore it.... You know what happens to the ostrich with its head in the sand, right? The lion always comes along and eats it. Don't be that ostrich.
Thanks, Eric. The truth is that cookie deletion is an important issue, and it will take a significant amount of work to more accurately track the effectiveness of our online efforts. I would encourage you to become as informed as you can about this topic so you can form your own opinion and get involved. As always, we hold the future of the industry in our own hands.
Recently, JupiterResearch issued another report indicating more people are deleting their cookies than ever before. JupiterResearch now reports "over 48 million Internet users are running anti-spyware applications that delete third-party tracking cookies. And nearly 38 million are using aggressive anti-spyware applications that remove nearly 75 percent of tracking cookies."
Cookies are important to our businesses. But the people we work so hard to place and track have become increasingly fed up with spyware, its impact on their computer systems' performance, and its negative effect on their overall Internet experience. So they're taking action, which is compromising the integrity of cookie-based tracking.
As I had talked with Young the last time, I thought it only fair to talk with Eric Peterson, the JupiterResearch analyst covering the issue this time. Peterson has unfairly been painted as the bad guy for bringing the matter to the public's attention. Clearly, publishers, tracking technology companies, and agencies don't want to hear about the inaccuracies in our long-held measurement practices. But he isn't trying to bring down our industry as much as he's alerting us to a serious issue that can be overcome with a little work. Peterson proved to be an incredible resource in helping me to further understand the trend. Below, an excerpt from our conversation.
Lerma: What is the big picture trend? Will cookies go away?
Peterson: At this point we have no other feasible way to track Web site user behavior. People have suggested Flash local shared objects (essentially a "persistent cookie"), but those run the risk of additional consumer fallout. So cookie tracking will not likely go away.
Lerma: Do you think consumers could be educated to a point where they wouldn't delete cookies?
Peterson: I moderate a discussion at Yahoo! [Groups] about Web site analytics with 1,500 participants and there has been a debate raging about risks, benefits, and the value associated with cookies. These are well-informed, savvy Internet users. How can we expect consumers to understand?
Lerma: What do you recommend marketers do about this trend? How can we continue tracking the effectiveness of our online campaigns?
Peterson: My guidance is don't panic. But also, don't stick your head in the sand either. Marketers should work with site publishers and technology vendors and push them to assess the impact of cookie deletion on campaigns. At that point, it becomes a statistical issue, and the variable will differ from site to site. But once you know what that variable is, you can apply that to your performance metrics. The key is not to ignore it.... You know what happens to the ostrich with its head in the sand, right? The lion always comes along and eats it. Don't be that ostrich.
Thanks, Eric. The truth is that cookie deletion is an important issue, and it will take a significant amount of work to more accurately track the effectiveness of our online efforts. I would encourage you to become as informed as you can about this topic so you can form your own opinion and get involved. As always, we hold the future of the industry in our own hands.
Friday, January 6, 2006
That Snoop
Q. How can I disable and delete Web browser cookies that track my surfing habits?
A. Cookies are small bits of text that a Web server gives your computer's Web browser when you visit certain sites. With this text in your browser's cookie file, the Web site can identify you the next time you visit and present you with customized greetings or personalized settings.
Some types of cookies, usually referred to as "tracking cookies," are used by third-party advertisers when you visit a site. The cookies retain information about your Web surfing habits that can be taken into account in presenting advertising geared to your perceived interests.
You can usually set your Web browser to reject cookies from Web sites other than the one you chose to visit. In Internet Explorer 6, for example, you can find these settings under the Tools menu, in the Internet Options box. Click the General tab, then on Delete Cookies to get rid of existing cookies.
Next, click on the Privacy tab in the Internet Options box and then on the Advanced button. Check the box next to "Override automatic cookie handling" and click on the Block option under "Third-party Cookies" before clicking on the O.K. button. Many antispyware programs will also delete tracking cookies from your computer.
A. Cookies are small bits of text that a Web server gives your computer's Web browser when you visit certain sites. With this text in your browser's cookie file, the Web site can identify you the next time you visit and present you with customized greetings or personalized settings.
Some types of cookies, usually referred to as "tracking cookies," are used by third-party advertisers when you visit a site. The cookies retain information about your Web surfing habits that can be taken into account in presenting advertising geared to your perceived interests.
You can usually set your Web browser to reject cookies from Web sites other than the one you chose to visit. In Internet Explorer 6, for example, you can find these settings under the Tools menu, in the Internet Options box. Click the General tab, then on Delete Cookies to get rid of existing cookies.
Next, click on the Privacy tab in the Internet Options box and then on the Advanced button. Check the box next to "Override automatic cookie handling" and click on the Block option under "Third-party Cookies" before clicking on the O.K. button. Many antispyware programs will also delete tracking cookies from your computer.
Subscribe to:
Posts (Atom)