Culture, Science, Science and Society, etc.

Protecting your Web

What a mad day.  I’ve been happily tweeting/Facebooking/Google Plussing these links today, and figured I should just get it over and point to them in a brief blog post. This post will cover protecting your web browsing habits, tracking who’s tracking you, and how to better encrypt your traffic.

So, yes.  First things first.

Your web history and Google

On March 1st 2012, Google’s new privacy policies kick in. One of the ramifications/impacts of said policy change is that your web browsing history and demographic data will be linked, going forward, to your various google web identity, as represented by your Gmail and YouTube accounts. For some of you, this may be a non-event, in which case I’d STILL urge you to clear your history. For many others, well, I can imagine this may be a source of worry (and perfectly fairly so!).

You can opt out, but it means you have to opt out of Google services altogether.

Alternatively, you can (before March 1st!!) unlink your web history and your Google accounts.  The EFF (Electronic Frontier Foundation) suggests you do this.  As do I. Quoting from this Digital Journal article:

1. Go to the google homepage and sign into your account.

2. Click the dropdown menu next to your name in the upper-right hand corner of your screen.

3. Click accounts settings

4. Find the “Services section”

5. Under “Services” there is a sub-section that reads “View, enable, disable web history.” Click the link next to it that reads: “Go to Web History.”

6. Click on “Remove all Web History.

When you click on “Remove all Web History,” a message appears that says ” Web History is Paused.”

What this means is that while Google will continue gathering and storing information about your web history it will make all data anonymous, that is, Google will not associate your Web History information with your online accounts and will therefore be unable to send you customized search results. Google’s ability to gather personalized information about you by assigning data to your Gmail and YouTube accounts will remain “Paused” till you click “Resume.”

And interestingly: I discovered that my primary Gmail account didn’t have web history turned on, but a number of my secondary/ancillary accounts did, although I certainly don’t remember ever being asked to turn that on!

Collusion and HTTPS Everywhere

Mozilla Firefox has just released an experimental add-on, Collusion, which visualises your web browsing, and how your movements are being tracked by third parties, in real time. Happily, the blurb for the tool states that the information gathered in order to make the visualisation is stored locally, can be deleted by resetting the graph, and is not given away to anyone else. Revolutionary stuff :)

An example - my Collusion visualisation after a very brief period browsing to only a small number of sites. Notice the amount of tracking that's already happened. Click on the image to see in full size.

Finally, HTTPS Everywhere has also just been released. A collaboration between The Tor Project and the Electronic Frontier Foundation, it helps make your browsing more secure by encrypting you communications with many major websites. Says the release:

Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by rewriting all requests to these sites to HTTPS.

So, there you have it.  Three ways to know more about who’s looking at you, while giving away less :)

Enjoy, and safe surfing!

And if you know of any other useful tools, please do add them in the comments!

  • Gold

    For those of you using Google Apps for your Domain it appears that the Web history is controlled by the administrator. Mine was already disabled so I imagine that this was a default setting when I set up the domain. I’ve not looked into whether users have control over this for GAfyD accounts or if it’s totally in the control of the domain administrator.

    Personally this doesn’t actually bother me. But then again, if I’m doing anything I wouldn’t want recorded I start up in Privacy/Incognito mode anyway.