I've also noticed the quality of DuckDuckGo search results has been steadily improving, especially over the past year. I would encourage anyone who tried it and went back to another search engine to consider giving DuckDuckGo another shot--you may be pleasantly surprised!
I just read Gabriel's post, and I pretty much agree (and do) with what he says. Due to these shared believes I've been using DDG quite a bit, I even deleted the Google search app from my phone, and instead been using DDG's iOS app as my default mobile search engine.
However, every time I use DDG it hurts a bit. The quality of the results are very far behind from that of Google's. I many times end up doing a Google search in incognito mode because DDG just doesn't cut it. I hope DDG improves, because I haven't seen that improvement during the past year.
I found DDG commonly does worse than Google on long natural-language questions, especially ones that are mainly made up of common words, and also seems to have more trouble than Google with automatically splitting queries into relevant noun phrases (like if a query included "vegetarian restaurant new york", I expect Google more reliably to decompose that into (vegetarian restaurant) (new york) than DDG).
But I'll keep an eye out and actually write down particular queries where I see these phenomena, and send them along.
Or something like "movie with andre the giant". Google gets Princess Bride as result #2. DDG doesn't have a direct link to that in the first batch. I think Google handles ambiguity better (what users are searching for when they don't know how to express it). Of course, Google tends to overdo this too such that simple keyword searches ain't what they used to be.
Google also apparently entirely eliminated the verbatim search mode (some time after making double quotes no longer perform a verbatim search). People now complain that there is no documented way to perform verbatim searches with Google.
At least from Australia, you can still perform a verbatim search by clicking "search tools", "all results", then changing the option to "verbatim". I still sometimes forget I can do this and wonder why Google is ignoring several of my qualifying terms. The deprecation of the plus symbol and double quotes for coercion is the single biggest piece of vandalism I've seen Google commit on their interface in over fifteen largely restrained years.
Aha, that exists in the U.S. too; thanks for the tip. I think I heard a complaint that the current implementation doesn't truly always do a verbatim search, but I tried a couple of experiments and so far it did appear to have the behavior I expected (at least when putting the entire search term in quotes).
I agree with your chagrin at the loss of the plus symbol.
I find the auto-correct to be over-zealous. If DDG decides that what I've entered is a typo, It will only show me results for the "corrected" word, so I'll have to quote uncommonly searched words. This usually happens when the search is similar to another one that is much more common.
It is, because sometimes DDG is so sure you made a typo, they don't bother to mention it and just search the correction. Try searching "president ovama". The first one or two pages of results are almost exactly the same as the results for "president obama", with no mention of the correction. I know this is sort of a contrived example, but you get the point.
As far as I can tell, Google will always tell you when it thinks you made a mistake, and provide a link to search for your exact query.
My biggest pain point with DuckDuckGo, is locality. I search for "hdmi cable" on DuckDuckGo and it gives me links to products that are sold in BestBuy and Walmart... They don't exist here in the UK. It also gives me links to Amazon.COM and Ebay.COM...
I do the same search on Google and it gives me links to Currys, Tesco, Argos and Maplin (all UK shops/sites). And it links me to Amazon.CO.UK and Ebay.CO.UK.
I don't use DuckDuckGo for searching for products which I want to buy, because this is always what happens.
I suspect DuckDuckGo is a much better search experience for people inside the US than outside.
EDIT: Ooh. I've just noticed that if I set my region to "UK" in DuckDuckGo the results suddenly become far more relevant. Why isn't this set by default? Not only am I coming from a UK IP address, but my browser is sending "Accept-Language: en-gb"
Huge fan of DDG, but overseas speed is a problem for me. I find DDG amazing in the States, but when I'm in Australia the extra tiny bit of latency can be frustrating (in the most First World Problem kind of way, of course).
I'll frequently run the searches from within DDG as !g or !scholar searches (my most frequent variants).
Lack of date-bounded search is a frequent reason to resort to Google. Special collections (Scholar, Books, News) others.
I'm actually relying far more on DDG image search than even a few months ago -- the results are getting good. Also the instant answers, which are getting good.
There have been a few times in recent past where DDG searches have turned up empty (or unsatisfactory results) while Google's nailed it. Actually went hunting for an example and got lost which is why this comment is so late. Couldn't find the example though I'll try to remember to submit it when I do.
I'm just curious if when you say incognito mode that you are using Chrome? I am assuming that changing the default search engine from Google avoids sending partially typed searches to Google, and the privacy policy seems to state that limited personally identifying data is still transmitted but I'm still somehow a bit wary of chrome. Is it fairly substantiated that other than having a different search engine and not signing in, that chrome behaves in a trustworthy fashion? There is still the odd translation suggestion and double click definition that I suppose would also have to be turned off. (From their privacy policy they claim no identifying data is sent along with these requests but the IP alone is an obvious identifier)
While also not as good as google from a result standpoint I have been using ixquick.com for several years now and have seen a steady improvement in it's results as well.
Actually, I've noticed that DGG is way overdoing guessing. More often than not I get results that are only similar to the search query in some way instead of actually what I'm looking for. This has been getting worse over time for me.
Both DDG and Google hatefully over-guess. I understand their motivation -- people typing natural-language queries with smartphone-level typos and expecting to get answers -- but as someone long used to simple keyword queries, I wish I could have the old system back. Programmers trying to make computers "smart" seem not to understand that unless they're almost flawless, users will just have more trouble trying to work around the "smartness" to tell the computers what they actually want.
Of course, because DDG can't build a profile of you, it would have to resort to some guessing.
For example, if you search for "python", it would have to guess whether you are a programmer, or a biologist, in order to present the most relevant results. And of course, Google already has all this information...
...not that kind of guessing. Obviously. That's not "similar to the search query", that's just different meanings of words/phrases. I didn't say anything about that, but it looks like you didn't read past the first sentence anyway.
Seriously, quoting that is a reasonable solution. Given the comparative popularity of the two, it seems statistically likely that most people actually wanted a 323i. Having said that, I note that Google doesn't show 323i results for 723i, so... hm.
I do think explaining the substitution that was done and linking to the exact search (ie, how Google does it) would be a good feature though.
No. If the search engine thinks I meant something else, it's supposed to ask "did you mean [something else]?" and not guess that I'm incapable of writing 4 characters correctly and serve me the wrong results.
I've had this question for awhile ... What is the advantage to using DuckDuckGo, with respect to privacy? All I've found is that they say privacy is important and that they don't track users. But I see no way for them to prove that. So you still have to trust them not to spy on you. Perhaps on the whole that is better than alternatives. "Google is definitely spying on me" versus "DuckDuckGo might be spying on me". Is that the only difference, or am I missing something?
If that's the only difference, isn't Google-over-Tor a better option? Known privacy with world-class search results?
They set and read no cookies. You can test this yourself.
They set etags on static assets, and those theoretically could be used to track you as an identifiable visitor.
How else would they track you? By IP address? That would make any kind of tracking useless -- how would you deal with trying to track 100,000 connections from behind NAT, individually, other than cookies or etags?
There's browser fingerprinting, but I don't see any evidence of that either.
> If that's the only difference, isn't Google-over-Tor a better option?
No, DDG is better because they don't limit or captcha you over Tor.
Also, brand names do matter. If DDG has staked their reputation on privacy, it's a safer bet. It would be difficult for them to be monetizing personal data when it's their stated policy not to. You'd have to hope the people you're selling this data to keep their mouths shut and so do DDG (ex)employees.
I've been using it for a while too now and my verdict is that i can't remove google from the second row in my search bar but i find the results of ddg to be good enough to use as my first choice.
80% searches work flawlessly on ddg, and for the remaining part you learn which kind of searches that will work and which ones doesn't. Many times i know in advance that this particular query will probably not work here but on google it will and i'll just append !g to the search to go straight to google.
What i find mostly interesting is that I have re-learned to use multiple different search engines, you know like we all did back before in the days, and that it actually helps me find more relevant information. Not only because the quality of Google has dropped significantly the past 5 years but even when google delivers a pretty solid result i check DDG after and i might find an even more relevant result, or an opposing story in a political topic etc. We all learn to check your information sources, this includes your search engine!
I just put DDG as my default address bar search, and taught myself a bunch of !bang commands, since for much of the stuff I'm looking for I already know what site I want to end up any way (!w, !wnl, !yt, !gi, !wayback, etc).
In the mean time for general searches, I either use DDG's results or slap on a pre-emptive !g on a hunch, randomly or just-in-case. My idea behind this is that, as DDG's results become better, I'll habitually start using !g less and less.
And indeed, DDG's results have become better, and indeed I have been using the !g command less and less.
Google Search with !g is slowly becoming "just another one among the predefined !bang commands", a command I will append after my searches when I specifically desire to find out what Google has to say about a certain query. Though in comparison I hardly ever use !y and !b (Yahoo and Bing, respectively), mostly because I have no clue in what vague sense those results would be better (with DDG vs Google, I sort of have a feeling when asking for something really mundane and stupid, Google always hits the spot exactly, DDG sometimes misinterprets--though less so lately).
For image searching I really use !yi, !bi and !gi pretty much randomly. They all give quite different results, but as far as I've been able to determine, none of them are of particularly better quality than the others. Yahoo Image Search has a nice integration with Flickr though, so I tend to use it more when my target may be found between high-ish resolution photography.
I already named !wayback, anyone got any other cool !bang commands they use often? For instance, any good documentation searches for JS/DOM/HTML/CSS etc? I tried !mdn but I don't like their search result pages. Same for !python, if I do "!python itertools", I want to be taken straight to the itertools module documentation, not a results page of all python docs that contains the term "itertools".
I don't want to sound too pessimistic and I agree with the sentiment of the article, but I think people need to come to terms with that there isn't really a choice to be made here. Just like you suddenly isn't going to change the at least decade old path of the NSA, you aren't suddenly going to change the fundamentals of the Internet. The choices that affects us now has to a large extent already been made and we are living with the consequences.
I'm also surprised that people are not more skeptical of anything coming out of the white house with Obama's name on it.
Obama has proven himself to be a warmonger with loose ethics unwilling to prosecute torture and also fully interested in continuing the surveillance state, killing Americans without due process, prosecuting whistle-blowers, and protecting the status quo above the constitution and civil rights.
I'm curious if data privacy & protection will ever emerge from its little corner where a few passionate folks worry about it while the masses blithely ignore how their personal data is used and abused.
Couple of other related items just from today indicate this _may_ be taking on steam but we've seen this kind of blip before just to see it fade.
1. Helping Prove Mr. Weinberg's going (CEO of DuckDuckGo) is an article on how heath web sites share your search queries with 3rd parties found at http://motherboard.vice.com/read/looking-up-symptoms-online-... Nice to know that WebMD et al are sharing your _assumed_ private searched for whatever itch you might have with others.
2. Symantec published results of their European survey on the topic of Data Privacy found at http://www.symantec.com/content/en/us/about/presskits/b-stat... Not sure I believe a survey where the respondents claim to read the terms of service 25% of the time.... My guess would have been .25% of the time.
"...health web sites share your search queries with 3rd parties..."
For anyone looking for health information (in English), I recommend the NHS website. (Start your search from there rather than Google if you're worried about being tracked). It may not be the best-looking website, but the info is written by medical professionals and there are no commercial interests since the NHS is funded by the UK taxpayer.
They have an A-Z of conditions, a symptom checker, videos and much more. (I presume this is all available to anyone outside the UK)
Unfortunately This falls into the same trap as the US CDC site in the parents linked article.
The NHS site you linked makes requests to google analytics, webtrends and cloudfront. The point in the parents article applies here equally, since what i'm searching will still be analyzed by Google at the very least.
I'm not sure how identifiable this information is though, but definitely important to be aware of
People are willing to trade personally-identifiable information for a Snickers bar.* Until and unless that changes, privacy doesn't have sufficient value to change the status quo very much.
It won't change. There's no way the average person is going to spend the kind of time and effort it would take to fight the pervasive privacy violations we're seeing now. Even if they all say they want better privacy, there's only so much stuff a person can keep up with / so many hours in a day. The market doesn't cater to what we want, it caters to what we have time to understand and the willpower to act on and, outside that very slim set of things, what is most profitable (e.g. selling our data).
Coordination problems. Coordination problems as far as the eye can see.
Trading for a snickers bar is the default. How can I stop the default and who gets to decide what my punishment is if I do?
Let's say google offers some kind of privacy plan, which is 100% outside of their interests. Do you think they'll give me honest pricing if I opted out of all their tracking? Lets say they actually make $15 off me annually via tracking. What would they charge me to not be spied on? It sure as hell won't be $15.
The problem is we're not being offered a fair value in the beginning when we get into a relationship with these companies. Cloud providers are throwing snickers bars at me and not offering to stop. When I do say I don't want them, I'm hit with punitive pricing. Look at AT&T's gigapower charge to not be spied on. Its like $40 a month. Sorry, but I doubt anyone is making $40 a month from someone like me who almost never clicks on ads and whose information can't be that valuable. If advertisers are paying AT&T $40 a month to see how long I'm on reddit, then the whole system is well... fucked.
It seems to me that cloud providers and ISPs want their cake and to eat it to. They're double-dipping. I'm still paying somehow, even if its indirectly. I bought $100 worth of apps and movie rentals last quarter via my android device. They sure as hell weren't free. Not only am I subject to market pricing on these items, not to mention my hefty phone bill, I also am being spied on? Where exactly is the 'free' where the products monetize themselves via app store purchases and rentals? VUDU and On Demand charge the exact same amount for these rentals.
This narrative that customers won't pay for things is asinine. We're constantly paying for things.
I think we should have a law where any service which is supported by advertising / data selling also have a paid opt-out feature. If I want to pay Google $100/year for email without ads or trackers, I should be able to do that.
Sure, pricing will probably be set way too high by the companies at first, but even making that explicit tradeoff and the option to purchase will help show consumers that privacy IS valuable.
I would like to see a experiment where the test subject are informed that the information will be sold afterward. Are people then willing to trade personally-identifiable information for a Snickers bar?
Addition parameters that would be interesting: Inform that the information is worth more/less than the Snickers bar, or inform that "the government" will have free access to the information.
> Are people then willing to trade personally-identifiable information for a Snickers bar?
Not as cheap as a Snickers, but I once had a CS professor do a straw poll of the class for this experiment. Back in the day the most evident tracking was through customer loyalty cards at grocery stores. He asked the class: how much money do you save per visit using your loyalty card? $10? And would you instead pay $10 each time to not be tracked?
Perhaps not surprisingly, in 2007 a room full of undergrads would take the discount.
Why is someone else's poor choice regarding privacy a justification for abandoning the fight for privacy?
There's always a subset of people who don't care. There was a time when women didn't have the right to vote, and although I wasn't around during that time, I'm sure there was a subset of women who didn't care. Their apathy is not a justification for withholding that right from the rest.
But this is the case in many social issues that are eventually "won". Only a couple of years ago the vast majority of people in the US firmly believed marijuana should remain illegal and that number has dropped enough to change many state laws. How about gay, women or minority rights. All of them were strongly opposed by the masses.
Only a couple of years ago the vast majority of people in the US firmly believed marijuana should remain illegal
Really? In my circles, even when I lived in "red" states, the attitude was more like it's a damn shame it's illegal, and too bad there isn't a prayer of it changing.
How about gay, women or minority rights. All of them were strongly opposed by the masses.
In the 1st and 3rd case, of course, because the subject group was a minority. In the case of women, things only changed when enough of the subject group started to demand change. In the case of privacy, the subject group isn't distinct from the masses, it is everyone. So yes, it's a problem for progress until everyone gets more clued in. (It will happen, when enough bad stuff has happened.)
If there's one thing that the outrage around the Snowden leaks showed us, it's that people do care. But they just aren't all geeks or programmers or crypto experts, they're welders and baristas and waitresses and cab drivers.
They want privacy too, but one could argue that we've failed to educate them about how to use existing tools and failed to make those tools simple enough that they're usable by the average Joe.
The myth of "partially anonymize" data is infuriating. As an academic exercise I've begun to pore over Privacy Policies for web new services I find, specifically how my account info will be used with third parties.
No new consumer oriented web product in their right mind would advertise "we monetize your data with third parties", but they all include language in their Privacy Policies about sharing "partially anonymize" data. It might make you feel safe and sound when it comes to Company X protecting your identity, but marketers and other organizations don't look at data points in a vacuum, everything is in aggregate, and your aggregate profile represents you to the highest degree of certainty.
"As an academic exercise I've begun to pour over Privacy Policies for web new services"
This is something I've been thinking of doing. I don't suppose you've shared these anywhere online by any chance? I always thought that would make a good site - somewhere where you can look up certain services' privacy policies in layman's terms. I suspect a good one already exists.
I upvoted you, but I also enjoy seeing these kinds of mistakes which either get me to imagine new metaphors, and/or (like in this case) get me to learn about real-world things.
Turns out that pour-over is a coffee brewing method:
http://coffee.wikia.com/wiki/Pour-Over_Filtration_Brewing
Exactly. There is no such thing as "anonymized data", there is only "not enough context" and "I need more computing power!". It's important to understand what one is up against when fighting for privacy.
Incidentally, that's part of the reason why I'm having this feeling, that the future is a choice - "privacy or progress, pick one". Because if you really, really care about privacy and anonymity, the sheer amount of otherwise very useful data you'd have to forbid processing and sharing of is staggering. Take for instance shopping. Should we prevent retailers from collecting transactions data? Should we prevent them from installing CCTVs to deter theft? If neither, then how we're going to prevent them from correlating those two sets to keep a profile on you?
(yes, I know retailers now use credit card data and club cards for that - but say one or both data sets will become unavailable - then they'll start looking for alternatives)
It's a serious question. I don't see reducing data collection as a viable strategy, and I'm not sure if we can present entities from sharing data sets with each other. I'd like to know what could be the long-term privacy perserving strategy that doesn't require us to roll back the computer age.
Yeah it's tricky because online consumer tracking is just the evolution of a methodology which has been in place for a long time (like supermarket club cards you mentioned). Working in marketing gives you a sense of just how pervasive it is, what tricks are at one's disposal, and I think an individual company should be allowed to know how consumers use and value a their products, but being able to sell that information to a third-party is where the line needs to be drawn.
I don't know if Congress is the solution (http://thehill.com/policy/technology/215457-big-data-lobbyis...), I don't believe any branch of the US government has enough of an understanding with tech issues to pass effective regulation. I hope to be proven wrong though.
The most realistic way, in my opinion, to achieve some degree of reform is by encouraging businesses at a grassroots level to just simply not engage in these kinds of practices. That's an even tougher sell to many businesses than getting Congress to pass a law, but I'm heartened by companies like DuckDuckGo who build a product around the idea of "user privacy above all else". I think if that idea becomes popular enough and new businesses become noble enough to stick to their principals on issues of privacy (vs selling out to make $$) we might have an effective solution.
> I don't believe any branch of the US government has enough of an understanding with tech issues to pass effective regulation. I hope to be proven wrong though.
For what it's worth, members of Congress lack in-depth understanding of most things they legislate. Nobody can know that much about so many topics, almost anything under the Sun (and for NASA legislation, beyond thhe Sun too).
Perhaps we need an IT regulator, who develops expertise. That's how many industries are regulated.
The annoying thing is that, even if we prevent them from harvesting data on us, there's nothing to prevent them from convincing our friends/parents/coworkers from sharing that information on our behalves.
Except for the lack of data. Don't share things you consider private (and that are indeed private and not just things you don't want to expose but can't really do so, like your own face) with those who you don't trust. This is the most secure approach among all possibilities.
So, consider "Hey, tomorrow is angersock's 34th birthday! We're organizing a surprise party in his hometown of jonestown!".
Now, they've given away my age, birthdate, and where I was born. That's the sort of information that, while private and something I don't give away, they know and give away without thinking.
Who is it you don't want to have that information?
The government already knows (it's part of your SSN information), and any private company that cares will just make you give that info to them as part of the cost of service. You'll do it too, because you don't want to be unable to drive or have a mortgage.
I know about those entities, though--and I know that, in the case of private companies, they're probably going to share it (and we can make laws to that effect).
My original point is that those protections won't apply when just crawling through friends and acquaintances mentioning things.
EDIT:
For another example, consider "Thank God, my friend angersock had a car accident today but only scratched the bumper". That's something I don't want as public knowledge, and that my insurance provider could (theoretically) use to raise my rates.
Also, revealing your birthdate to the general public could help people convince your bank they're you, or bust a pseudonym that you had been trying to keep separate from your legal name.
There is a possibility to share statistical analysis of data privately. This is the subfield of computer science known as differential privacy, and I bet companies just looking for trend data (not specific targeting) would be able to benefit from user data without compromising user privacy.
In other words, there are good and bad ways to use user data, some of the good ones are provably private, and we shouldn't rule out all data sharing as inherently evil.
They define the mathematical guarantees on privacy, which are computational guarantees against a polynomial-time adversary trying to distinguish between the analyses of two databases that differ in a single record. I.e., nobody can reasonably tell whether your information is included in the analysis.
I am not particularly looking for a debate today; but this seems to be a disagreement of terms when using the word "provable". Just because a polynomial time algorithm can not be constructed to distinguish a single record does not mean private information can not be derived.
I still would prefer a choice in the matter - a required small check box that says "record my data" or "do not record my data" XOR "erase my data". The term 'reasonably' has a very different meaning to me (assuming many unknowns in the future) over the long term.
It is either that, or people should literally stop making such a hard line distinguishing person A from person B. If the data is going to be used to make an inference from the collective to the individual, and it doesn't matter whether my data is included or not, well, shrug and thumbs up. It really depends on the context of the application. Does it determine whether my imaginary future children get to go to college or not?
The problem with data and private organizations is that we do not know what the data analysis is being used for, and as private citizens we do not have any control over how that data is mathematically reasoned about and qualitatively assessed aside from forging the data itself it (garbage in, garbage out).
They define what they mean by the word private, and then prove their mechanisms satisfy that definition. It's not a disagreement about the word "provable," it's that you don't agree that their definition of privacy is a good definition of privacy. That's fine, but your reason seems suspicious. If they could determine any information about you, then such an algorithm would fail if your data were not collected in the first place. Being able to derive private information implies the ability to distinguish.
And I misspoke about polynomial time adversaries. Reading closer it looks like an information theoretic guarantee.
Again, you are disagreeing with their chosen definition for a word you prefer to think of in a different way. Maybe you should study the issue instead of griping about how lame their version is. What does accessible mean? Who is the owner of a piece of data? For example, just because of our interaction here, I could probably get a pretty good estimate of your occupation, age, and gender. Is that "accessing" something? If so, does that mean speaking is enough to break privacy? Do you "own" your age and gender? If this conversation is enough for me to determine your age and gender, do you own this conversation?
Definitions of words matter when people skim text as to determine how they communicate their opinions, form their opinions, and take action, including writing legislation.
If I was actually typing out the opinions of my spouse word for word: whose age combined with my own is divisible by 3, how would that change your view?
Yours is mathematically nonsensical. You either have discrete containers that denote privacy relations between information and parties or you do not have it at all. Privacy does not exist on a gradient on a computer. You can not calculate the percentage of how private something is. If it is marked 'private information' and that information is released to a party not under the user / group / role term that is supposed to have access to that category of information, then that information ceases to be private.
You're discussing a different problem. You're using "private" in a legal sense. As in "it's either legal or it's not". Passing privacy laws is certainly a good idea and is what the DDG post is advocating. j2kun was bringing up another solution to privacy which was cryptographic rather than legal. Cryptographers generally use "private" in a "is it physically possible for a bad actor to decrypt this" sense. In which case, there's always a possibility that bad actor can access it. It's just a question of "how likely?" (any encryption requiring a deciphering-technique which takes more than polynomial-time to crack is considered good-enough).
In order for the data to be of any use, someone (be it the user or a trusted friend) has to be able to decrypt it. But if you (or your friend) can decrypt it, a hacker can also decrypt it. Hopefully, the hacker will find it more difficult without knowing the key. But the one in a million chance that he'll crack it on the first try exists by necessity.Even titanium breaks under stress.
In the pathological case that there's zero possibility (not even epsilon), the whole business of encryption is rendered moot because the rightful user himself cannot access the data! This means one of two things: the data is corrupt; or the data has been deleted entirely.
Okay, but those ad hominem attacks won't stop some people from training their machines better than implementations of these algorithms can manage the complexities between data kinds and data object noise.
If you think privacy is "power over what others perceive", then you are being selfish and short-sighted in a way that prevents mutual privacy, and is thus generally untenable.
>we shouldn't rule out all data sharing as inherently evil.
I agree. However, that's going to be the knee-jerk reaction for a while precisely because huge entities like Google, NSA, AT&T, Verizon, etc have been doing that data sharing while doing an abysmal job of notifying users about what was happening. Eventually I think we'll settle into a happy medium, but we're in the pushback phase at the moment.
That's all fine, but there is zero evidence that any company is doing that.
Furthermore, even if a company was using differential privacy to anonymize data between the collection and the processing step, there is no way to prove that the data is being handled appropriately before and during the collection step. Also, there is no way for a company to prove that they continue to handle data appropriately over time.
These tools are super useful for releasing data sets to the public from a trusted source (such as a healthcare provider assisting researchers by releasing cancer data), but that's not what we're talking about here.
It's not a false dichotomy: most of the time data collection and analysis does not preserve privacy. In all cases, you can't guarantee that.
You also didn't respond to this:
> Furthermore, even if a company was using differential privacy to anonymize data between the collection and the processing step, there is no way to prove that the data is being handled appropriately before and during the collection step. Also, there is no way for a company to prove that they continue to handle data appropriately over time.
Any company using shroudbase can choose to stop using shroudbase at any time, or accidentally introduce a bug into their collection method, or start also saving the data in MySQL at collection time.
Tools like that are useful to distribute data from trusted to non-trusted parties. You still have to trust the analytics and advertising companies doing the collection.
You also can't prove that someone won't poison your soup before, during, or after it was prepared from raw ingredients. But you don't claim either to avoid all soup or die. This is because you can give very good guarantees that if the correct process is followed then that won't happen. This is pretty much how we get by in all areas of life. Trust is a default and it has to be for society to function. If we can back up that trust by provably good protocols, then one must be malicious in order to break the system.
They have large monetary incentives to cut corners when it comes to QA and picking a distributor. One big thing stopping them is oversight, which is perfectly reasonable to impose on data collection policies. But what do you need to do so? Proof that the imposed policies give a good guarantee.
And there are indeed a few solutions that actually grant you partial relief from the pains of online tracking. First, switch your search engine, email and other major services where your personal information is heavily tracked to good private alternatives. Second, add EFF’s HTTPS Everywhere plugin to your browser, which will encrypt web site connections where possible. Third, add EFF’s Privacy Badger plugin to your browser, which blocks third-party trackers. These three simple changes will pretty seamlessly and significantly reduce your digital footprint.
Since this is a quote from the article, I feel this is an appropriate space to ask: does anyone have a page explaining how these various privacy extensions interact/overlap with each other? I tend to install (or at least try out) pretty much every popular one at some point or another, and I'm hoping to reduce redundancies. Alot of these tools show up on recommended "Get These If You're Serious About Privacy" lists without indicating what exactly each extension does or how it might interact with another extension. These include:
At this point, I've "slimmed" down to just HTTPS Everywhere and uBlock, although I'm debating adding Privacy Badger. However, their own page mentions that it's "based on ABP code" [0], so my thought is that uBlock is probably also taking care of it.
Is that sufficient? Is there any danger in installing Privacy Badger and uBlock, for instance, if they serve the same function? Will they step on each other's toes?
There is a chance that some extensions will interfere with each other. For instance, Ghostery mentions this on their options page:
Warning! When combined with other cookie monitoring addons such as Beef Taco, Cookie Monster, and Google Opt-Out, this feature can cause unresponsive script errors. If you experience this error, please try disabling this feature or conflicting addons.
That kind of problem used to happen with DOS TSRs (the equivalent of multitasking extensions or daemon processes). It's funny to think that the reason for browser extension incompatibilities is kind of analogous to the reason for TSR incompatibilities: both of them will hook function calls in the system whose functionality they're extending, and make assumptions about how they can alter, act on, or cancel the function call without breaking things, and whether or how it needs to be passed along afterwards. If only one extension is loaded, these assumptions aren't stressed very much, but when several are loaded the assumptions can conflict.
(That analogy isn't perfect because the TSRs also had an issue about patching the interrupt descriptor table, which is where the system looks up the location of an interrupt handler; one common problem was that if TSRs weren't unloaded in the same order in which they were loaded, the table could be "restored" with values that were not actually current, which I don't think is a problem that has an equivalent for browser extensions!)
I have personally found that a hosts file can reduce the need for a bunch of those addons - it can block not only ads, but also many forms of tracking. I've found it very refreshing when surfing the web.
I've thought of using hosts file vs. plugins but have never really made the switch. I'm a bit concerned that I'll run into cases like a website is broken due to a hosts file setting, and I can't easily bypass it like I can with a plugin. Do you ever run into situations like this?
The only breakage I have ever noticed is the occasional site which has about 30 or so "broken image" placeholders surrounding the content. Otherwise, I don't even notice its presence.
I've found sites that put ads in front of video sometimes break with privacy blockers (anything from news sites to comedycentral.com). I assume there's some code that won't load the content if it can't load the ad. Fair enough -- I'm not actively targetting the ads (something needs to pay for the content), but my privacy blocker gets them sometimes.
For those sites, opening up the site in incognito mode (which is by default sandboxed from any plugins) fixes them. A hostfile blacklist would require far more work to fix the jank.
A related question: If someone with expertise or data could compare the effectiveness of tracker-blocking solutions, such as Ghostery and Disconnect, it would be helpful.
Try RequestPolicy. It blocks all requests to domains other than the host's, unless you whitelist them. It comes with optional whitelists you can use for popular sites.
On one hand, it's cumbersome, requiring you to whitelist some requests and reload when you visit a new webpage (most sites require a CDN at least). On the other, it's easy to use and good security.
The "based on ABP code" apply only For the Chromium/Chrome version
"For the Firefox version of Privacy Badger, we also eschewed the ABP engine in favor of something we wrote ourselves. Don't get me wrong, ABP is a great tool and we learned a lot from its code - but we wanted something as lean and performant as possible....."
AFAIK the only way to do tracking is some combination of images and JS. All these 'blocking' plugins are redundant when those two seemingly elephants in the room are disabled.
Honestly, I kind of prefer the new AT&T solution where they charge you ~$30 more to do nothing with your data. If paranoid people want this, then by all means, let them pay for it.
You trust them? How do you know this just makes you more suspicious and gives them more of an illogical basis for placing you under increased surveillance.
Sure I trust them. The moment it's discovered that they've failed to hold up their end of the bargain, they're out $30 x some significant percentage of the users of that service per month. That's not chump change (to say nothing of the potential class action lawsuit for utterly failing to hold up a contract while continuing to charge customers for the services stipulated in said contract).
We assume that we are entitled to some sort of protection because we've paid for a service, but that didn't stop these companies from unlawfully participating or turning a blind eye to unwarranted and unrestrained violations of privacy. If you believe some court centered process will protect you from abuse you are sadly mistaken. Of course it is no issue until the fascists come after you....
* Should privacy only be available to people who can afford $360/yr?
* What good is confidentiality on AT&T, when everyone else still is tracking you (websites, cellular provider, electric utility, car manufacturer, CCTV operators, etc.).
* Should privacy require you to pay every one of those businesses $360/year?
Also, AT&T easily could buy the the information they are forgoing from a third party, and for much less than $360/year/customer.
Is it really paranoïa when this is already the case ?
Google's entire business is based around getting your data and selling it to advertisers. More and more startups and companies offer a "free" service in exchange for your personal data which they sell back. Hekl, half of HN probably already works in a startup whose business model is exactly that.
You have absolutely no say in how your data gets used. You also have no guarantee that AT&T actually respect your choice. Sorry for not being OK with my personal information getting passed through fifty servers around the world for various advertising companies.
In the case of AT&T it's even worse because they have a monopoly on the medium: you don't get to choose where your data passes through when calling someone. At least Internet allows people to run µMatrix, RequestPolicy and others, limiting the amount that gets sent through.
The fight for privacy has to start at universities. At Georgia Tech, the faculty are routinely involved in unwarranted surveillance and testing out their fundamentally flawed ideas to sell off to the national security apparatus. Such tests I would classify as being human experimentation with a critical need for more transparency with the public. Without a broad education that contains humanities, arts, and ethics we won't get the technical solutions we need that address core societal issues. Instead we have an cancerous culture in engineering that threatens our position among other first world countries. Not all engineers have the same commitment to ethics and unfortunately the most unethical don't have the proper economic incentives for respecting human rights, liberty, and dignity. It's time to take a stand for privacy, against the exploitation of technology, and against unethical human experimentation. Georgia Tech's campus is a good place to start...
They psychologically torture and harass people to produce false confessions or force people to do things against their will. Think what happened to Aaron Swartz, but on crack... Chicago, I'm sure is no different... http://www.theguardian.com/us-news/2015/feb/24/chicago-polic...
University is the last place for privacy conscious programmers.
Colleges use Google Apps (including e-mails), the student body (for the most part) all want to work for Google/Facebook/etc, college culture encourages social media (plenty of clubs almost exclusively do their planning and events on FB) and students look up to the founders of the aforementioned companies, or other non-privacy conscious tech people.
Sometimes I think privacy is bound to die because of nuclear bombs. What stops a country sneaking bombs into another? We need total knowledge of what's in the city. But maybe I'm wrong, I haven't thought it through.
Choose what? To live like Stallman? Even his data leaks all over the place. Absolute privacy, like all absolutes, is a sandcastle in the path of an incoming tide. I am all for encrypted comm but metadata is almost as bad and virtually unavoidable. Why was no one creeped out that Starfleet always knows where every crew member is at all times?
Starfleet personal are in some sort of military organization and are constantly exposed to some sort of danger. Not to mention, on a space ship managed by some kind of artificial intelligence. It makes sense the Federation would keep tabs on them.
I'm curious how DuckDuckGo makes money. They don't charge us for search results, and they don't use our information to target ads. How do they make money to run their operations?
Clever Marketing gig from DDG's CEO Weinberg (as recommended in his book 'Traction').
The post makes sense, DDG makes sense, good timing, ok no news to most of us but a good way to get people again talking about DDG.
Considering that DDG is 'just' a Yandex whitelabel (before Bing) with some extra features, especially the no tracking, it's surprising how big it got with Weinberg's Marketing hacks. Congrats!
Obama's natural inclination is to never to "regulate" the power of government, but to regulate industry. Government's intrusion of our privacy is the much bigger problem, but Obama just says "look over there at those big internet companies, forget about the NSA, CIA, IRS and other numerous government agencies and unaccountable bureaucrats that want to snoop into and control your private lives. Forget that the government has the guns that can force you. I'll throw the boogey-strawman of "big internet" to appease you"
I believe that prudent compartmentalization is the best way to control tracking and reclaim privacy. Each compartment comprises interests, relationships and activities that you want observers to track and interrelate. For compartments where privacy is essential, it's best to use pseudonyms, and to avoid cross-linking with public compartments.
Compartments are isolated in VMs, with separate network connectivity using nested chains of VPNs, JonDonym and Tor. Particularly sensitive compartments are isolated in separate computers. It's prudent to avoid cross-compartment sharing of USB drives.
This is incredibly hard to do well and takes a great deal of discipline. Unless you're a Belgacom or Gemalto sysadmin, the consequences of cross-contamination aren't grave. It's easy enough to burn an identity and create a new one.
Each compartment comprises interests, relationships and activities that you want observers to track and interrelate.
Excellent! There are a lot of historical precedents for technology enabling intermediation! Such intermediation comes with power, which does need to be tempered with some regulation. (The minimum possible, due to regulatory capture, of course.)
Pretty much all technologies have facets where markets break down and require some form of corrective regulation to make things work the way we want them to.
No! Nooooooo! Say it isn't so! The market is a magical infallible oracle of laissez-faire goodness! (That snidely said, the market is absolutely a marvellous thing in precisely the contexts where situations are so complex that centralized control is hopeless and only massively distributed decision making can hope to keep up. Again, context is everything.)
In which category do you think the question of how privacy should be managed between websites and their customers, across all kind of business models, all types of customers, and all sorts of data fit? A complex situation that needs context aware distributed decision, or a problem simple enough that regulation can unambiguously help?
Of course, there are actually a great number of questions, not just one. One of the biggest problems is that there is not enough knowledge in general society yet for markets to work well enough wrt privacy. One thing that lawmakers should be keenly aware of, is that broadly written regulations can be helpful at first, but then become burdensome in a mature market or in the face of technological change.
Fascinating, wake me up when this ethereal bill appears and offers protections for the privacy of all humans regardless of nationality, and not just some humans.
Privacy is not achievable. It's much better to build a world where we can all live happy /without/ privacy.
This requires an attitude adjustment and significant tolerance because everything is public.
Want to know if your bank treats customers good or bad? Look it up. Want to know if the issuer bets against a mortgage backed security? Audit the numbers. Want to cheat on your taxes? Tough luck!
The thing is, we only have two options:
1. Only spooks and marketers and those who pay, know.
I don't think we are at a privacy crossroad. I think the fork was taken some time ago and now it's just a matter of how fast and reckless we go, and just who is going to be doing the driving.
165 comments
[ 3.1 ms ] story [ 236 ms ] threadHowever, every time I use DDG it hurts a bit. The quality of the results are very far behind from that of Google's. I many times end up doing a Google search in incognito mode because DDG just doesn't cut it. I hope DDG improves, because I haven't seen that improvement during the past year.
But I'll keep an eye out and actually write down particular queries where I see these phenomena, and send them along.
https://duckduckgo.com/?q=vegetarian+restaurant+new+york
I agree with your chagrin at the loss of the plus symbol.
As far as I can tell, Google will always tell you when it thinks you made a mistake, and provide a link to search for your exact query.
I do the same search on Google and it gives me links to Currys, Tesco, Argos and Maplin (all UK shops/sites). And it links me to Amazon.CO.UK and Ebay.CO.UK.
I don't use DuckDuckGo for searching for products which I want to buy, because this is always what happens.
I suspect DuckDuckGo is a much better search experience for people inside the US than outside.
EDIT: Ooh. I've just noticed that if I set my region to "UK" in DuckDuckGo the results suddenly become far more relevant. Why isn't this set by default? Not only am I coming from a UK IP address, but my browser is sending "Accept-Language: en-gb"
Lack of date-bounded search is a frequent reason to resort to Google. Special collections (Scholar, Books, News) others.
I'm actually relying far more on DDG image search than even a few months ago -- the results are getting good. Also the instant answers, which are getting good.
There have been a few times in recent past where DDG searches have turned up empty (or unsatisfactory results) while Google's nailed it. Actually went hunting for an example and got lost which is why this comment is so late. Couldn't find the example though I'll try to remember to submit it when I do.
The sample is only searches where DDG fails; inevitably, every other search engine will provide better results.
(That doesn't mean DDG is better or worse than Google; it only means that this methodology doesn't provide infromation on that topic.)
(But yes, it is a skewed sample.)
They claim to be "the world's most private search engine: https://ixquick.com/eng/protect-privacy.html?
For example, if you search for "python", it would have to guess whether you are a programmer, or a biologist, in order to present the most relevant results. And of course, Google already has all this information...
Example of what I meant: https://duckduckgo.com/?q=BMW+723i
Seriously, quoting that is a reasonable solution. Given the comparative popularity of the two, it seems statistically likely that most people actually wanted a 323i. Having said that, I note that Google doesn't show 323i results for 723i, so... hm.
I do think explaining the substitution that was done and linking to the exact search (ie, how Google does it) would be a good feature though.
That's over-guessing.
If that's the only difference, isn't Google-over-Tor a better option? Known privacy with world-class search results?
They set and read no cookies. You can test this yourself.
They set etags on static assets, and those theoretically could be used to track you as an identifiable visitor.
How else would they track you? By IP address? That would make any kind of tracking useless -- how would you deal with trying to track 100,000 connections from behind NAT, individually, other than cookies or etags?
There's browser fingerprinting, but I don't see any evidence of that either.
No, DDG is better because they don't limit or captcha you over Tor.
Also, brand names do matter. If DDG has staked their reputation on privacy, it's a safer bet. It would be difficult for them to be monetizing personal data when it's their stated policy not to. You'd have to hope the people you're selling this data to keep their mouths shut and so do DDG (ex)employees.
80% searches work flawlessly on ddg, and for the remaining part you learn which kind of searches that will work and which ones doesn't. Many times i know in advance that this particular query will probably not work here but on google it will and i'll just append !g to the search to go straight to google.
What i find mostly interesting is that I have re-learned to use multiple different search engines, you know like we all did back before in the days, and that it actually helps me find more relevant information. Not only because the quality of Google has dropped significantly the past 5 years but even when google delivers a pretty solid result i check DDG after and i might find an even more relevant result, or an opposing story in a political topic etc. We all learn to check your information sources, this includes your search engine!
In the mean time for general searches, I either use DDG's results or slap on a pre-emptive !g on a hunch, randomly or just-in-case. My idea behind this is that, as DDG's results become better, I'll habitually start using !g less and less.
And indeed, DDG's results have become better, and indeed I have been using the !g command less and less.
Google Search with !g is slowly becoming "just another one among the predefined !bang commands", a command I will append after my searches when I specifically desire to find out what Google has to say about a certain query. Though in comparison I hardly ever use !y and !b (Yahoo and Bing, respectively), mostly because I have no clue in what vague sense those results would be better (with DDG vs Google, I sort of have a feeling when asking for something really mundane and stupid, Google always hits the spot exactly, DDG sometimes misinterprets--though less so lately).
For image searching I really use !yi, !bi and !gi pretty much randomly. They all give quite different results, but as far as I've been able to determine, none of them are of particularly better quality than the others. Yahoo Image Search has a nice integration with Flickr though, so I tend to use it more when my target may be found between high-ish resolution photography.
I already named !wayback, anyone got any other cool !bang commands they use often? For instance, any good documentation searches for JS/DOM/HTML/CSS etc? I tried !mdn but I don't like their search result pages. Same for !python, if I do "!python itertools", I want to be taken straight to the itertools module documentation, not a results page of all python docs that contains the term "itertools".
Obama has proven himself to be a warmonger with loose ethics unwilling to prosecute torture and also fully interested in continuing the surveillance state, killing Americans without due process, prosecuting whistle-blowers, and protecting the status quo above the constitution and civil rights.
Couple of other related items just from today indicate this _may_ be taking on steam but we've seen this kind of blip before just to see it fade.
1. Helping Prove Mr. Weinberg's going (CEO of DuckDuckGo) is an article on how heath web sites share your search queries with 3rd parties found at http://motherboard.vice.com/read/looking-up-symptoms-online-... Nice to know that WebMD et al are sharing your _assumed_ private searched for whatever itch you might have with others.
2. Symantec published results of their European survey on the topic of Data Privacy found at http://www.symantec.com/content/en/us/about/presskits/b-stat... Not sure I believe a survey where the respondents claim to read the terms of service 25% of the time.... My guess would have been .25% of the time.
For anyone looking for health information (in English), I recommend the NHS website. (Start your search from there rather than Google if you're worried about being tracked). It may not be the best-looking website, but the info is written by medical professionals and there are no commercial interests since the NHS is funded by the UK taxpayer.
They have an A-Z of conditions, a symptom checker, videos and much more. (I presume this is all available to anyone outside the UK)
http://www.nhs.uk
The NHS site you linked makes requests to google analytics, webtrends and cloudfront. The point in the parents article applies here equally, since what i'm searching will still be analyzed by Google at the very least.
I'm not sure how identifiable this information is though, but definitely important to be aware of
*Really, they'll even trade it for intangible gold. http://candycrushgametactics.com/get-free-gold-bars-in-candy...
Coordination problems. Coordination problems as far as the eye can see.
Let's say google offers some kind of privacy plan, which is 100% outside of their interests. Do you think they'll give me honest pricing if I opted out of all their tracking? Lets say they actually make $15 off me annually via tracking. What would they charge me to not be spied on? It sure as hell won't be $15.
The problem is we're not being offered a fair value in the beginning when we get into a relationship with these companies. Cloud providers are throwing snickers bars at me and not offering to stop. When I do say I don't want them, I'm hit with punitive pricing. Look at AT&T's gigapower charge to not be spied on. Its like $40 a month. Sorry, but I doubt anyone is making $40 a month from someone like me who almost never clicks on ads and whose information can't be that valuable. If advertisers are paying AT&T $40 a month to see how long I'm on reddit, then the whole system is well... fucked.
It seems to me that cloud providers and ISPs want their cake and to eat it to. They're double-dipping. I'm still paying somehow, even if its indirectly. I bought $100 worth of apps and movie rentals last quarter via my android device. They sure as hell weren't free. Not only am I subject to market pricing on these items, not to mention my hefty phone bill, I also am being spied on? Where exactly is the 'free' where the products monetize themselves via app store purchases and rentals? VUDU and On Demand charge the exact same amount for these rentals.
This narrative that customers won't pay for things is asinine. We're constantly paying for things.
Sure, pricing will probably be set way too high by the companies at first, but even making that explicit tradeoff and the option to purchase will help show consumers that privacy IS valuable.
Addition parameters that would be interesting: Inform that the information is worth more/less than the Snickers bar, or inform that "the government" will have free access to the information.
Not as cheap as a Snickers, but I once had a CS professor do a straw poll of the class for this experiment. Back in the day the most evident tracking was through customer loyalty cards at grocery stores. He asked the class: how much money do you save per visit using your loyalty card? $10? And would you instead pay $10 each time to not be tracked?
Perhaps not surprisingly, in 2007 a room full of undergrads would take the discount.
There's always a subset of people who don't care. There was a time when women didn't have the right to vote, and although I wasn't around during that time, I'm sure there was a subset of women who didn't care. Their apathy is not a justification for withholding that right from the rest.
The problem is when it's the seeming majority who don't care.
Really? In my circles, even when I lived in "red" states, the attitude was more like it's a damn shame it's illegal, and too bad there isn't a prayer of it changing.
How about gay, women or minority rights. All of them were strongly opposed by the masses.
In the 1st and 3rd case, of course, because the subject group was a minority. In the case of women, things only changed when enough of the subject group started to demand change. In the case of privacy, the subject group isn't distinct from the masses, it is everyone. So yes, it's a problem for progress until everyone gets more clued in. (It will happen, when enough bad stuff has happened.)
They want privacy too, but one could argue that we've failed to educate them about how to use existing tools and failed to make those tools simple enough that they're usable by the average Joe.
No new consumer oriented web product in their right mind would advertise "we monetize your data with third parties", but they all include language in their Privacy Policies about sharing "partially anonymize" data. It might make you feel safe and sound when it comes to Company X protecting your identity, but marketers and other organizations don't look at data points in a vacuum, everything is in aggregate, and your aggregate profile represents you to the highest degree of certainty.
This is something I've been thinking of doing. I don't suppose you've shared these anywhere online by any chance? I always thought that would make a good site - somewhere where you can look up certain services' privacy policies in layman's terms. I suspect a good one already exists.
Incidentally, that's part of the reason why I'm having this feeling, that the future is a choice - "privacy or progress, pick one". Because if you really, really care about privacy and anonymity, the sheer amount of otherwise very useful data you'd have to forbid processing and sharing of is staggering. Take for instance shopping. Should we prevent retailers from collecting transactions data? Should we prevent them from installing CCTVs to deter theft? If neither, then how we're going to prevent them from correlating those two sets to keep a profile on you?
(yes, I know retailers now use credit card data and club cards for that - but say one or both data sets will become unavailable - then they'll start looking for alternatives)
It's a serious question. I don't see reducing data collection as a viable strategy, and I'm not sure if we can present entities from sharing data sets with each other. I'd like to know what could be the long-term privacy perserving strategy that doesn't require us to roll back the computer age.
I don't know if Congress is the solution (http://thehill.com/policy/technology/215457-big-data-lobbyis...), I don't believe any branch of the US government has enough of an understanding with tech issues to pass effective regulation. I hope to be proven wrong though.
The most realistic way, in my opinion, to achieve some degree of reform is by encouraging businesses at a grassroots level to just simply not engage in these kinds of practices. That's an even tougher sell to many businesses than getting Congress to pass a law, but I'm heartened by companies like DuckDuckGo who build a product around the idea of "user privacy above all else". I think if that idea becomes popular enough and new businesses become noble enough to stick to their principals on issues of privacy (vs selling out to make $$) we might have an effective solution.
For what it's worth, members of Congress lack in-depth understanding of most things they legislate. Nobody can know that much about so many topics, almost anything under the Sun (and for NASA legislation, beyond thhe Sun too).
Perhaps we need an IT regulator, who develops expertise. That's how many industries are regulated.
Now, they've given away my age, birthdate, and where I was born. That's the sort of information that, while private and something I don't give away, they know and give away without thinking.
The government already knows (it's part of your SSN information), and any private company that cares will just make you give that info to them as part of the cost of service. You'll do it too, because you don't want to be unable to drive or have a mortgage.
My original point is that those protections won't apply when just crawling through friends and acquaintances mentioning things.
EDIT:
For another example, consider "Thank God, my friend angersock had a car accident today but only scratched the bumper". That's something I don't want as public knowledge, and that my insurance provider could (theoretically) use to raise my rates.
In other words, there are good and bad ways to use user data, some of the good ones are provably private, and we shouldn't rule out all data sharing as inherently evil.
citation?
They define the mathematical guarantees on privacy, which are computational guarantees against a polynomial-time adversary trying to distinguish between the analyses of two databases that differ in a single record. I.e., nobody can reasonably tell whether your information is included in the analysis.
I still would prefer a choice in the matter - a required small check box that says "record my data" or "do not record my data" XOR "erase my data". The term 'reasonably' has a very different meaning to me (assuming many unknowns in the future) over the long term.
It is either that, or people should literally stop making such a hard line distinguishing person A from person B. If the data is going to be used to make an inference from the collective to the individual, and it doesn't matter whether my data is included or not, well, shrug and thumbs up. It really depends on the context of the application. Does it determine whether my imaginary future children get to go to college or not?
The problem with data and private organizations is that we do not know what the data analysis is being used for, and as private citizens we do not have any control over how that data is mathematically reasoned about and qualitatively assessed aside from forging the data itself it (garbage in, garbage out).
And I misspoke about polynomial time adversaries. Reading closer it looks like an information theoretic guarantee.
I prefer to avoid living my life in a fishbowl.
> provably private
This does not have a mathematics definition. Private means not accessible to anyone aside from the owner. That is something that is provably private.
> information theoretic guarantee
This sounds like hand waving to get rid of actual concerns.
If I was actually typing out the opinions of my spouse word for word: whose age combined with my own is divisible by 3, how would that change your view?
In order for the data to be of any use, someone (be it the user or a trusted friend) has to be able to decrypt it. But if you (or your friend) can decrypt it, a hacker can also decrypt it. Hopefully, the hacker will find it more difficult without knowing the key. But the one in a million chance that he'll crack it on the first try exists by necessity.Even titanium breaks under stress.
In the pathological case that there's zero possibility (not even epsilon), the whole business of encryption is rendered moot because the rightful user himself cannot access the data! This means one of two things: the data is corrupt; or the data has been deleted entirely.
http://en.m.wikipedia.org/wiki/Information_flow_%28informati...
I agree. However, that's going to be the knee-jerk reaction for a while precisely because huge entities like Google, NSA, AT&T, Verizon, etc have been doing that data sharing while doing an abysmal job of notifying users about what was happening. Eventually I think we'll settle into a happy medium, but we're in the pushback phase at the moment.
Furthermore, even if a company was using differential privacy to anonymize data between the collection and the processing step, there is no way to prove that the data is being handled appropriately before and during the collection step. Also, there is no way for a company to prove that they continue to handle data appropriately over time.
These tools are super useful for releasing data sets to the public from a trusted source (such as a healthcare provider assisting researchers by releasing cancer data), but that's not what we're talking about here.
LeapYear Innovations [1] looks like they have some clients who care about differential privacy. [2]
[1]: http://www.leapyearinnovations.com/
[2]: http://www.leapyearinnovations.com/shroudbase
You also didn't respond to this:
> Furthermore, even if a company was using differential privacy to anonymize data between the collection and the processing step, there is no way to prove that the data is being handled appropriately before and during the collection step. Also, there is no way for a company to prove that they continue to handle data appropriately over time.
Any company using shroudbase can choose to stop using shroudbase at any time, or accidentally introduce a bug into their collection method, or start also saving the data in MySQL at collection time.
Tools like that are useful to distribute data from trusted to non-trusted parties. You still have to trust the analytics and advertising companies doing the collection.
Since this is a quote from the article, I feel this is an appropriate space to ask: does anyone have a page explaining how these various privacy extensions interact/overlap with each other? I tend to install (or at least try out) pretty much every popular one at some point or another, and I'm hoping to reduce redundancies. Alot of these tools show up on recommended "Get These If You're Serious About Privacy" lists without indicating what exactly each extension does or how it might interact with another extension. These include:
- Adblock Plus - Ghostery - Disconnect - HTTPS Everywhere - EFF Privacy Badger - uBlock - NoScript
At this point, I've "slimmed" down to just HTTPS Everywhere and uBlock, although I'm debating adding Privacy Badger. However, their own page mentions that it's "based on ABP code" [0], so my thought is that uBlock is probably also taking care of it.
Is that sufficient? Is there any danger in installing Privacy Badger and uBlock, for instance, if they serve the same function? Will they step on each other's toes?
Some kind of comparison chart would be useful.
[0] - https://www.eff.org/privacybadger#how_is_it_different
Warning! When combined with other cookie monitoring addons such as Beef Taco, Cookie Monster, and Google Opt-Out, this feature can cause unresponsive script errors. If you experience this error, please try disabling this feature or conflicting addons.
(That analogy isn't perfect because the TSRs also had an issue about patching the interrupt descriptor table, which is where the system looks up the location of an interrupt handler; one common problem was that if TSRs weren't unloaded in the same order in which they were loaded, the table could be "restored" with values that were not actually current, which I don't think is a problem that has an equivalent for browser extensions!)
For reference, I use: http://someonewhocares.org/hosts/
For those sites, opening up the site in incognito mode (which is by default sandboxed from any plugins) fixes them. A hostfile blacklist would require far more work to fix the jank.
On one hand, it's cumbersome, requiring you to whitelist some requests and reload when you visit a new webpage (most sites require a CDN at least). On the other, it's easy to use and good security.
[0] http://requestpolicycontinued.github.io
"For the Firefox version of Privacy Badger, we also eschewed the ABP engine in favor of something we wrote ourselves. Don't get me wrong, ABP is a great tool and we learned a lot from its code - but we wanted something as lean and performant as possible....."
https://news.ycombinator.com/item?id=7686396
also ublock makes ABP, Ghostery & Disconnect redundant. https://github.com/gorhill/uBlock/wiki/%C2%B5Block-and-other...
* What good is confidentiality on AT&T, when everyone else still is tracking you (websites, cellular provider, electric utility, car manufacturer, CCTV operators, etc.).
* Should privacy require you to pay every one of those businesses $360/year?
Also, AT&T easily could buy the the information they are forgoing from a third party, and for much less than $360/year/customer.
Is it really paranoïa when this is already the case ?
Google's entire business is based around getting your data and selling it to advertisers. More and more startups and companies offer a "free" service in exchange for your personal data which they sell back. Hekl, half of HN probably already works in a startup whose business model is exactly that.
You have absolutely no say in how your data gets used. You also have no guarantee that AT&T actually respect your choice. Sorry for not being OK with my personal information getting passed through fifty servers around the world for various advertising companies.
In the case of AT&T it's even worse because they have a monopoly on the medium: you don't get to choose where your data passes through when calling someone. At least Internet allows people to run µMatrix, RequestPolicy and others, limiting the amount that gets sent through.
Colleges use Google Apps (including e-mails), the student body (for the most part) all want to work for Google/Facebook/etc, college culture encourages social media (plenty of clubs almost exclusively do their planning and events on FB) and students look up to the founders of the aforementioned companies, or other non-privacy conscious tech people.
Referral programs (Amazon)
and VC funding
AFAIK
The post makes sense, DDG makes sense, good timing, ok no news to most of us but a good way to get people again talking about DDG.
Considering that DDG is 'just' a Yandex whitelabel (before Bing) with some extra features, especially the no tracking, it's surprising how big it got with Weinberg's Marketing hacks. Congrats!
Any day now President Obama is going to propose a new privacy bill of rights that will give you much more control over your personal information.
http://www.politico.com/story/2015/01/online-privacy-bill-wh...
Compartments are isolated in VMs, with separate network connectivity using nested chains of VPNs, JonDonym and Tor. Particularly sensitive compartments are isolated in separate computers. It's prudent to avoid cross-compartment sharing of USB drives.
Excellent! There are a lot of historical precedents for technology enabling intermediation! Such intermediation comes with power, which does need to be tempered with some regulation. (The minimum possible, due to regulatory capture, of course.)
No! Nooooooo! Say it isn't so! The market is a magical infallible oracle of laissez-faire goodness! (That snidely said, the market is absolutely a marvellous thing in precisely the contexts where situations are so complex that centralized control is hopeless and only massively distributed decision making can hope to keep up. Again, context is everything.)
This requires an attitude adjustment and significant tolerance because everything is public.
Want to know if your bank treats customers good or bad? Look it up. Want to know if the issuer bets against a mortgage backed security? Audit the numbers. Want to cheat on your taxes? Tough luck!
The thing is, we only have two options:
1. Only spooks and marketers and those who pay, know.
2. We all know.
http://mind.ucsd.edu/syllabi/98-99/logic/falsedichotomy.html