August 8th, 2016: Understanding and Remembrance Day for Severe Myalgic Encephalomyelitis
Jody Smith joins with other ME voices in honor of Understanding and Remembrance Day for Severe Myalgic Encephalomyelitis.
Discuss the article on the Forums.

Looking up symptoms? You're being tracked.

Discussion in 'Other Health News and Research' started by minkeygirl, Sep 22, 2015.

  1. minkeygirl

    minkeygirl But I Look So Good.

    Messages:
    4,678
    Likes:
    4,647
    Left Coast
    Last edited: Sep 22, 2015
    ahimsa, Battery Muncher, Mary and 3 others like this.
  2. sarah darwins

    sarah darwins I told you I was ill

    Messages:
    2,469
    Likes:
    10,483
    Cornwall, UK
    5 years ago, while living Canada, I became convinced by personal experience that private health insurance companies in N America were tapping into this data and adjusting premiums and coverage accordingly. I can't prove it, but we had one heck of a coincidence while my partner was awaiting the results of a cancer biopsy and we were both Googling the condition like mad.

    Good to see in the article that Canada did get on Google's case about this, although the end result was typically useless:

    Oh, they promised. That's alright, then. I'm off out to buy a VW diesel.

    When will regulators learn? Corporations are entirely amoral and their word means nothing.
     
    jimells, Scarecrow, ahmo and 5 others like this.
  3. anciendaze

    anciendaze Senior Member

    Messages:
    1,809
    Likes:
    4,666
    If you use Gmail, you will also discover that automated keyword searches will result in targeted spam. (Or, you and a team of attorneys can go through their terms of service to discover that they told you they were going to do this). Google is not nearly alone. Everyone has learned that customers for free services can also be products sold to other companies. Some of these companies do data mining that is positively frightening, as when Target realized a man's teenage daughter was pregnant before he knew.

    I'm still going through Apple's legalese concerning iOS 9, to see how they handle information.

    However, both these companies stop short of Microsoft which now uses "everything but the squeal" like Chicago stockyards. Here's the relevant section of their recent W10 EULA:

    Attorneys will notice that this is not based on any proof that your data is necessary for these purposes, only that they believe it is. The sections concerning how they sell data are slightly disguised to talk in terms of "sharing" data in ways that are alleged to benefit you. They are exceptionally coy about commercial benefits they gain.

    What data are they talking about? Traffic analysis of W10 behavior indicates this is everything you type and everything you say when a microphone is enabled. They are also interested in everything you click on, or download.

    One might also wonder what "applicable law" means in the People's Republic of China where many devices you use were made. Before you do anything on the Internet it might also be wise to familiarize yourself with applicable law for your ISP, the company hosting the site you are using, and all the companies supplying ads on that site which supply code your browser uses to display that web page. Technically inclined readers might explore such subjects as cross-site scripting, code injection attacks and man-in-the-middle attacks, but the thing most people don't realize is that many of these uses are covered in terms of service so that blocking them technically violates those terms.
     
    Last edited: Sep 23, 2015
    jimells, whodathunkit, PatJ and 2 others like this.
  4. Sushi

    Sushi Senior Member Albuquerque

    Messages:
    14,383
    Likes:
    21,553
    Albuquerque
    This is slightly different but when you look at "Members online now" on the forums page, you will see xx robots. These are mostly search engines. They don't index the Members Only section though.
     
  5. PatJ

    PatJ far and free I gaze

    Messages:
    1,952
    Likes:
    5,249
    Canada
    Then there is the line in the user info popup here on PR (click on the user's avatar) that sometimes says "Last seen..." such as "PatJ was last seen: Viewing forum list, 4 minutes ago" I've wondered why this is viewable by default. Reloading the popup every few seconds would allow for tracking a user as they view forums, individual threads, and other areas of the site. It isn't fine-grained tracking but seems like an invasion of privacy that should be opt-in, not opt-out.

    @Sushi
    I've just checked my account->privacy settings->show your current activity. It doesn't have a check box but the current activity still shows up in my avatar. "Show online status" does have a checkbox because I don't mind someone seeing that I'm online.

    Have you ever checked the forum page access statistics to see if any robots are ignoring that restriction? (Is the restriction in a robots file, or meta-tag in a member's only page?)
     
  6. PatJ

    PatJ far and free I gaze

    Messages:
    1,952
    Likes:
    5,249
    Canada
    uBlock Origin and NoScript are also useful for Firefox users. For me, uBlock has been hassle free, faster, and uses less memory than AdBlock Plus. NoScript requires some tweaking sometimes to get a site to work properly since NoScript blocks all javascript immediately.
     
    natasa778, jimells and whodathunkit like this.
  7. ahmo

    ahmo Senior Member

    Messages:
    4,351
    Likes:
    6,550
    Northcoast NSW, Australia
  8. Sushi

    Sushi Senior Member Albuquerque

    Messages:
    14,383
    Likes:
    21,553
    Albuquerque
    Sorry, I can't answer that one but I'll tag someone who can @wdb. Perhaps it is visible only to you? I can't check for you because, as a moderator, my view of a profile is different from other users..
    I don't know the tech here but from what I understand robots can't access Member's Only sections. But, again, the person I tagged can respond to the tech aspect.
     
  9. whodathunkit

    whodathunkit Senior Member

    Messages:
    1,158
    Likes:
    1,469
    PEOPLE are amoral. A corporation is an inanimate thing very similar to a car or a gun (neither of which drive themselves or pull their own triggers), and thus only has what life the people who work there give it.

    At any rate, if you think the monkeys who work for our various governments aren't up to the same kinds of tricks as the monkeys in private enterprise, then I've got a bridge in Brooklyn I'd like to sell ya.

    Bugger off to any of the aforementioned monkeys who might be reading this. :D

    Seriously, I frequently wonder/worry about who or what might be reading PR and putting together who we are, but then I start really thinking about it and realize it will take more energy than I have to take the steps necessary to stop it, so I make myself not care. Or at least, care less. If you haven't taken steps to hide yourself already at this stage of the game, and hide yourself well, it's probably a moot point. Discussion boards aren't a very good place to hide, anyway.
     
    Art Vandelay likes this.
  10. wdb

    wdb Senior Member

    Messages:
    1,377
    Likes:
    2,957
    London
    Yes you can still see it but to other visitors only says 'last seen x minutes ago'


    You need to log in with a valid user account to see the members only areas, bots do not have user accounts. Bots that that do try to register for an account usually get caught and banned quite quickly.
     
  11. ahimsa

    ahimsa Senior Member

    Messages:
    1,845
    Likes:
    4,276
    I'm no expert but another add-on for browsers that folks might want to consider is Privacy Badger by the EFF. See https://www.eff.org/privacybadger (only supports Firefox and Chrome right now, other browsers planned). It's still an early version and has some bugs.

    The EFF is a non-profit org. that has been around a long time. I first learned about them back in the early 1990s when email spam started being a real problem.

    For those who want a search engine that does not collect data, try https://ixquick.com/

    Edit: I posted before I read the article. I see that they listed Privacy Badger in their article.

    Also, while Wikipedia is not the best medical information on the internet (most folks with ME/cfs will agree), it was nice to read this statement in the article:

    "There is one bright light here—Wikipedia. It was one of the only sites that trafficked in health information that sent no third party requests to corporations."
     
    Last edited: Sep 22, 2015
    jimells and ahmo like this.
  12. ahmo

    ahmo Senior Member

    Messages:
    4,351
    Likes:
    6,550
    Northcoast NSW, Australia
  13. anciendaze

    anciendaze Senior Member

    Messages:
    1,809
    Likes:
    4,666
    On the subject of allegedly private communication being tracked, I've run experiments which might be called "feeding them a barium meal". (Anyone who has had a GI series will remember this part of the experience.) The technique is to restrict information on one subject to a single communications channel. You have to be careful to avoid basing this on searches which you know are being tracked. Having a long memory and a large library of printed material helps in doing this.

    I recently did such an experiment by accident, when discussing very old memories with a new correspondent. One message contained an account of a drug abuser I knew in the 1970s. This promptly generated spam for drug rehab. I live a very unexciting life, and go to great lengths to avoid recreational drugs. I am cautious about things other people don't even consider drugs, like caffeine, and over-the-counter drugs like diphenylhydramine. This greatly narrows the number of communications which might trigger spam concerning drug rehab.

    Other examples of this have been messages containing jokes which no machine is likely to understand. It is far easier to find examples of communications which are being scanned by machines than those which are secure.

    Besides the certainty that Windows 10 is effectively spyware capturing everything you do, and traffic analysis showing that turning off controls on a dozen screens to opt out of this does not reduce the volume of network traffic from your machine, we have problems with what goes on before your data even leaves your home.

    More of us use WiFi than not, simply because of the difficulty of running cables to every place we want to use a computer. Google logs the location of WiFi networks for Google maps unless these use a SSID which opts out by adding the suffix "_nomap". The catch here is that you may opt out, but unless all your neighbors opt out any WiFi device nearby will identify your location, even if you do not allow use of GPS data, as many mobile phones do. Google does not collect WiFI passphrases, so they say. (This could open them to damages in cases where there are security breaches, like the one at Target or Home Depot.)

    Fortunately for attackers, Microsoft has stepped in to fill the gap with "WiFi sense". By default, it collects WiFi passphrases, encrypts them, and squirts them to centralized servers. These servers then dispense them as needed to other Windows systems of your friends. How do they know who you trust? They look for Facebook or Skype friends, or contacts on Outlook.com. Bet you didn't know you agreed to sharing your WiFi with all of these.

    The defense against these charges is that Microsoft does not allow your friends to know the passphrase, only their operating system has the unencrypted form. (I mean has anyone ever heard of a Microsoft operating system being compromised?)

    Weeks ago I started a mental clock to see how long it would take for this practice to generate a newsworthy data breach. I haven't checked today's technical news.

    This bypasses the need to compromise particular brands of wireless routers, like Cisco, which have built-in "backdoors", or home routers which are still set to allow remote administration with the default administrator password. (I'm talking about administration accounts on the router, not the computer connected to it, and not the WiFi password. People get confused. Other people exploit confusion.) Of course, if your router depends on Internet access or a program on your machine for set up, it is pretty easy for the people who do the set up to compromise it. It is also possible for router firmware to be hacked. I typically replace firmware with known good firmware before I use one, except in cases where there is something interesting about the hacked router.

    I have a router in my collection which was diverting search engine queries to a different search engine. I haven't had time to see if it contained code to divert Internet banking to fake sites.

    It's a jungle out there.

    Added: as another example of how monumentally stupid and arrogant default use of "WiFi sense" is, consider the problem with people you have already given your WiFi passphrase to when they visit your home. You can turn off the sharing on your machine, but the passphrase they have will be shared if they don't change the default settings. Your security is at the mercy of the most clueless person on your list of people who visit your house.

    Microsoft also claims that W10 will not allow these "friends" to access the private files of yours which remain an open book for those in Redmond. This sounds similar to a WiFi guest account. The problem is that the restriction is only enforced by W10 software. Anyone who extracts the unencrypted passphrase can have full access, just as you have.

    Perhaps this is a clever plan to sell a new generation of wireless networking devices which will be incompatible with existing hardware and software.
     
    Last edited: Sep 23, 2015
    Sushi and Valentijn like this.
  14. Ecoclimber

    Ecoclimber Senior Member

    Messages:
    989
    Likes:
    2,440
    Being somewhat knowledgeable in the field of cybersecuity, most people will not have the technical expertise to create total anonymity, privacy, security or tracking while on the internet. You are being tracked. Unfortunately the majority of the general population will sacrifice their privacy and security for convenience sake to the dismay of security and privacy experts. The hackers know this, the malware creators know this, advertisers know this, data brokers know this, etc. The bottom line is that your information is being gathered by websites to be sold to third parties which will sell that information to data brokers who in turn will sell your info. to govt. agencies, human resource org., health, medical, life & disability insurance companies and so on..

    They know everything and I mean everything about you. They know where you're going every moment of the day. They know if you are sleeping, sitting, walking through motion sensors on various devices, etc. Sophisticated behavioral mathematical algorithyms can predict where you're going, the person you're meeting, the location, the direction you're taking, the stores you plan to shop in, the products you buy, all gathered from social media sites as well as from other input devices.

    This is an article I was not going to post but here it is:
    WE OWN YOU!

    This isn’t an article about the evils of free to play manipulation to get you to spend money. This is about how we can target you, because we (and our partners) know everything about you. We know where you live, we know your income level, we know your relationships, your favorite sports teams, your political preferences. We know when you go to work, and where you work. We can target an event to start for you when we know you have a long weekend coming up. We own you. More:

    The bottom line for patients is don't be concern so much about this issue. You have a more important issue to focus on and that's your health! Focus on getting better and leave the privacy and security issues to the experts who are working on a solution to counter these issues.

    If you conduct searches use https://duckduckgo.com/ or https://encrypted.google You have to incorporate a whole group of technical tools and a new persona to avoid detection. For those who want more information concerning privacy and security, I recommend these three sites as starters: WildersSecurityForums Privacy Related Topics
    KrebsonSecurity and SecurityNow .

    .
     
    Last edited: Sep 24, 2015
    ahmo likes this.
  15. Snow Leopard

    Snow Leopard Hibernating

    Messages:
    4,615
    Likes:
    12,450
    South Australia
    If the government and corporations know so much about us, why do they provide such crap solutions?

    I use a VPN when on the web...
     
  16. anciendaze

    anciendaze Senior Member

    Messages:
    1,809
    Likes:
    4,666
    By the way, did anyone else notice that relations between the People's Republic of China and Microsoft remain cordial, even while cyberwarfare is a touchy subject at the White House? Notice where Xi Jinping went first?

    Meanwhile, Apple is still cleaning up the mess from a very sophisticated attack via compromised development tools which were posted in China, where the "Great Firewall" ("Golden Shield") slows the transfer of this 3 GB package from Apple. Effects were not limited to China. We don't know exactly who was behind this, and probably never will. (Google pulled out of China over demands for customer data; its replacement, called Baidu, is at the center of the controversy. There is no "smoking gun", and anyone who revealed such would face the wrath of the PRC government.)

    Embarrassing disclosures about the Office of Personnel Management hack continue to appear.

    Security companies are another problem. You might check on the start-up funding for FireEye, which I believe now owns Mandiant, (investigators of the Sony and Anthem hacks,) or the number of former intelligence officers at Kaspersky.

    What you search on the web is effectively public, but what you tell your doctor should not be. What happens in a case like this? We are already deep in a crisis concerning privacy and individual rights, while corporations and governments lay claim to intellectual property as soon as we create it for them. This sounds a lot like Hobbes' "state of nature" or bellum omnium contra omnes.
     
  17. PatJ

    PatJ far and free I gaze

    Messages:
    1,952
    Likes:
    5,249
    Canada
    From that article:
    And if you are a whale, we take Facebook stalking to a whole new level. You spend enough money, we will friend you. Not officially, but with a fake account. Maybe it’s a hot girl who shows too much cleavage? That’s us. We learned as much before friending you, but once you let us in, we have the keys to the kingdom. We will use everything to figure out how to sell to you.

    Some people behave in ways that undermine basic values in society, such as trust. They can make a buck and don't think or care about the ripple effects from their actions. In this example they go straight for the desire many people have to be wanted and to connect with someone. Eventually the deception is revealed and trust is eroded. They encourage elements of distrust and manipulation in society that will eventually come back to burn them just as they have burned others. Some people build good societies by working for the benefit of others and thereby helping themselves as a side effect, while other people tear down good societies by focusing only on themselves and hurting everyone. Short term gain that leads to long term pain.
     
    ahmo likes this.
  18. jimells

    jimells Senior Member

    Messages:
    2,000
    Likes:
    6,111
    northern Maine
    Maybe there are some benefits to using a dialup connection and a laptop with no camera, mic, or wireless.

    I don't believe we know the full story behind the rise of Google and especially Facebook and Twitter. Out of all the thousands of internet startups in the past 20 years, how did these three claw their way to the top so quickly? How did Facebook and Twitter convince every media outlet on the planet to mention these companies on every web page, every broadcast, every newspaper and magazine? I think it's more than coincidental that NSA, FBI, etc. finds these platforms so useful...

    The most dangerous aspect of all the spying is that people are intimidated into silence to avoid government scrutiny, which becomes de facto acceptance of current policies. Personally, I would be disappointed to learn that I don't have an FBI file, but I made the decision to be a political troublemaker a long time ago. Most folks are not in a position to do that, and many people have very good reasons to keep a low profile.

    Here's the Reader's Digest version of the user agreements:

     
    ahmo likes this.

See more popular forum discussions.

Share This Page