Log in

No account? Create an account

Josh-D. S. Davis

Xaminmo / Omnimax / Max Omni / Mad Scientist / Midnight Shadow / Radiation Master

Previous Entry Share Next Entry
(no subject)
Josh 201604 KWP
I've turned off visited link alternate color because of a CSS design issue which allows visited links to be "queried" from websites. Modern systems can scan between 150k and 1m links per minute. Test sites showed me my bank URLs, my social networking sites, etc.

This affects all browsers, but there's info at https://bugzilla.mozilla.org/show_bug.cgi?id=147777

I have plugins, but the one I want is not supported in 3.6, so I simply set:
layout.css.visited_links_enabled = false

I also set browser cache to be purged on exit because the time difference for URL loads also can be harvested.

Finally, I disabled geolocation in the browser because otherwise, a fairly simple query returns my zipcode based on my IP. On the one hand, I'd love to use that for automatic timezone updates, but there's no SW to do that on a non-mobile device. Anyway, any company willing to pay for the geolocation database can do the same thing just by capturing my IP when connecting to their site, but this is a help because many may not do that.

  • 1
What is it that you're afraid will be done with the information about you?

It's allllll my fault. I sent him this link: http://www.metafilter.com/88674/Your-browser-fingerprint-appears-to-be-unique

Result: mini-obsession, Josh-style. ;)

(He's afraid of THEM, and you should be, too.)

Unfortunately, they have already won this round. They took the straight 4-piece Tetris piece and slid it all the way in for a TETRIS (bing beeewwww).

TOR and other net anonymizing stuff helps with this, but TOR is currently seen as BAD BAD BAD by various Agencies in Authority :)

Tetris as a security analogy.

line piece.
Line piece.
Line Piece.

The group of TOR users is so small that using it could also become a substantial bit of identifying information.

I figured by the time this information hits me, it's already too late. I mean, truly, the HTTP headers, info sharing. Truly, all of us online are already associated with several "identities", some of which are merged, some not.


That my porn surfing habits and my legitimate financial habits will be connected in a database somewhere?

I'm not sure. I just don't like being watched.

Though, ultimately, I turned geolocation back on and signed up for all sorts of things in attempt to have a tool that could automatically update my timezone.

In other words, it was more of a mental exploration of privacy than any sort of constant concern.

"but this is a help because many may not do that" - As it turns out, this is so low-cost that Google will do it for you, for free. In fact, it's part of almost every 'traffic analysis' program. There are even Perl modules (coupled with free DBs) that do the same - http://www.linuxjournal.com/article/7856 . Sadly, the reason it's in the browser is that it's cheap-as-in-free so everyone uses it. Also, it's going to be key for mobile phones.

Also, all POTS phones have the same issue, since the local switch has lat/lon info associated with it via the LERG. Tons o' fun at : http://telcodata.us/

As I optimize google ads for close zipcodes (why do I care if I'm not the top ranked ad someplace so far nobody's ever going to come see me in person?), this kind of kills the backbone of my marketing strategy. Print ads usually cost more than my rent, and nobody reads them. I'm working on getting better ranks in natural searches, but that takes forever. And lately, I am getting the best results from word of mouth, except people aren't talking enough to anyone who has money and/or interest.

Good info. Thanks for the heads-up.

  • 1