Marlinspike has introduced several tools
that help people concerned about privacy avoid giving up personal information.
GoogleSharing, a Firefox add-on, acts as an anonymizing proxy service and is
designed to evade Google analytics and prevent Google from tracking searches.
I’ve gotten tired of Road Runner’s DNS redirection/hijacking service which I opt out of yet it keeps coming back. I decided to do some DNS benchmarking, comparing my assigned ISP name servers against publicly provided DNS such as Google. The results were very surprising. It turns out I have less latency and hops reaching some of the publicly available DNS servers instead of those provided by my ISP (the servers actually resolve lookups faster).
If public DNS is faster, configure your machine for hardcoded DNS (not to pickup from DHCP).
Coincidentally, Symantec has just released their own version of a public DNS that provides malware filtering. You can read The H article here. Symantec’s “secure” DNS servers are 22.214.171.124 and 126.96.36.199
According to this H article, Google is beginning to beta a new feature of providing SSL for their standard web search service. As one commenter noted, Google is still collecting the same information from your searches but this will limit 3rd parties from eavesdropping on your search queries. Remember SSL doesn’t guarantee absolute privacy as there’s Moxie Marlinspike’s work, chance of CA intermediaries, and your employer loading their own trusted CA’s into your corporate devices.
Anyways…back on track….
It’s not the easiest task comparing privacy policies even if you limit your search to the big players (google, yahoo, bing, baidu, ask, altavista). Besides Scroogle which is a Google proxy — returning scrubbed results cookie free, most of the large search engines are very similar with their policies. They all store some type of tracking cookie and say they can use this to target specific advertisements towards you and or share with third parties. HOWEVER, all is not lost, I did come across the Ask.com AskEraser. Navigate over to Ask.com and in the top right corner you’ll see “AskEraser On | Off” turn this guy and check your cookies for yourself….it does make a difference…
When enabled, AskEraser will completely delete your search queries and data from Ask.com servers, including: your IP address, User ID and Session ID cookies, as well as the complete text of your search query–all within a matter of hours,
We’ll have to take Ask’s word that they’re actually removing our search data from their servers unless someone has a better idea? Raid one of their NOCs on a Friday night hoping to bribe the night security guard with a pizza and a hooker? (maybe the pizza and a mountain dew would be enough)
Google hacking has been around for a while but unfortunately it is still very relevant. Basically because the Google crawler is so powerful you can use this to your advantage to discover sensitive data. You can find password files as well as locating vulnerable versions of web servers, forum software, etc….