Paul_J
Member
Registered: 6th Jun 02
Location: London
User status: Offline
|
Probably quite ignorant of me...
but I didn't realise google kept logs of your (IP) searches.
Ok so an IP address could change, so doesn't 100% link it to you, but then again, surely the ISP has logs of what IP address was assigned to you on a day or time, and thus using the information from the log of your IP, what you searched for and time and date of the search, if they combined with the ISP, surely google could pin point exactly who searched for that item?
I'm just pondering over this, as surely if you were constantly typing 'Terrorism / bomb making equipment / etc' - and were blatently going to be a potential risk, it could be tracked back to you?? This would breach people's privacy's, and I know google wouldn't do this, but still it is possible?
Also you think about every time you use google to search for porn or the nude pics of the Gemma Atkinson (or whoever) lol! there's logs of that being stored on their server that could (in theory) be traced back to you  
Maybe I'll think twice next time before I search for something in google
Can anyone confirm / clear any of this up (as I probably am way off the mark) - also anyone know of any other site's that store loads of information about you? - I'm not talking about site's you've signed up for, obviously facebook or corsasport will contain your details if you signed up - but what about sites that you just visit or use  anyone know any bad examples?
|
Ian
Site Administrator
Registered: 28th Aug 99
Location: Liverpool
User status: Offline
|
We have more than just information provided by sign-up.
http://www.corsasport.co.uk/board/viewthread.php?tid=313027
You are quite right, the information very much relates to you.
|
Paul_J
Member
Registered: 6th Jun 02
Location: London
User status: Offline
|
I just watch a interesting video on youtube about facebook's privacy!
The fact that Firstly they pretty much say they can use any information provided to them as they please...
but also the fact that several of the main investors into facebook originally have links into the CIA and other companies that'd benefit from information on people.
What about cookies ian? what are you a site owner allowed to track with cookies?
Like could you essentially give me a cookie which identifies me on your server's database (obviously ideal for logging me in)... Then have a completely seperate site (unrelated to CS), that also could have a database that'd recognise the cookie as being me (irrelevant on the new site I've never used before) ... but could allow you to say for instance target adverts or content depending on what you stored on my information of me from the 1st site???
Is that even legally allowed? Or as long as the privacy policy covers it? it's fine?
I'm currently studying all about privacy polices (or kinda will be soon) and previously found the whole subject fairly boring, thinking it was just some jargon on the bottom of websites... but now I'm starting to understand what they mean / how it all works and the potential implications!!
|
Paul_J
Member
Registered: 6th Jun 02
Location: London
User status: Offline
|
Also (am I right in the fact that an IP address CAN be related to you (your PC?) - given the time and date of the log?) ... or am I off the mark with that?
You obviously have experience of banning people / logging IP addresses or whatever? how do you know who one person is compared to another?
|
Ian
Site Administrator
Registered: 28th Aug 99
Location: Liverpool
User status: Offline
|
Cookies generally aren't shared because a browser won't supply it to another site on a different domain. That is why you even if you log in to corsasport.co.uk then go to c20xe.co.uk for example you are not logged in. So far as the browser is concerned it's a different web site so it'll never supply what could be (and often is) sensitive information.
Also of note is the fact that cookies can only hold what you have supplied. There's no magic to it. We have username, password and date of last login, but that is all either supplied or derived from your previous behaviour and as I say, none of it is available outside of the original domain which set it.
Information which you supply is also logged although this isn't stored in cookies, this is just logged in the database for various reasons. The most popular use of CS logs is linking up account activity with previous bans etc. so as not to render bans too trivial to get around. We also do performance monitoring and that type of thing. Also helps for general account administration if people forget passwords etc. we can verify that people who are emailing are actually the account owners from history of email addresses etc. Its only actually "used" by Tim or I though - we've no reason to publish it. The closest that gets is when I post summary information, facts and figures etc. which by then is anonymous and as it doesn't directly relate to a living individual it no longer falls under the jurisdiction of DPA.
IP can be traced to your computer either directly if you have a static IP or indirectly if you have a dynamic IP and are able to combine with the log of who was assigned which IP and when. This information is generally held by ISPs who won't generally release it unless there's a fantastic reason to do so.
Simple abuse isn't enough as they've DPA obligations to maintain privacy. What generally happens is that cases are referred to ISPs who then deal internally, ie. cut people off etc. A complainant would generally not ever be party to the detail of an investigation or indeed result of such a case.
The next stage up which would yeild further information is if the matter becomes criminal at which time the police can make what is known as a section 29 request under DPA. This basically means that the consent condition is waived in order to prevent or detect crime or to apprehend or prosecute offenders.
[Edited on 18-11-2007 by Ian]
|
Paul_J
Member
Registered: 6th Jun 02
Location: London
User status: Offline
|
What about if the two website's are very closely linked Ian?
For example, Youtube.com and Google.com are two seperate domains.
But both will store their own information on the users, what they view, etc.
It's been proven that youtube video's actually store information on how much of a video you actually watch (before you change or close), how long it takes you to watch this etc! The interesting thing is, these messages are not going to youtube, but are links to google (probably because the video's are stored on google servers?) - but where does the privacy fall across them??
Also? If Google store information on my IP's searches... Can they then use this in their application such as 'Google ads' on other websites... Or can they use information potentially gathered by google ads (i.e. what site's your IP were at, when you requested the ad) - to give you further ads or anything else?
|
Nath
Member
Registered: 3rd Apr 02
Location: MK
User status: Offline
|
The FBI have used Facebook and MySpace to trap paedo's.
|
AndyKent
Member
Registered: 3rd Sep 05
User status: Offline
|
Cookies are only called from the top-level domain. So if you are on CS, only CS cookies are called regardless of page content, cookies are loaded into memory before the page is downloaded.
I doubt there is nothing to stop Youtube and Google sharing information user I guess, but most of it is little use anyway. They can only store what you type and where you click, and if the police/courts wanted information on you, they could always make two seperate requests to Youtube and Google seperately if they wanted to.
|
Paul_J
Member
Registered: 6th Jun 02
Location: London
User status: Offline
|
Ok Apk but what about...
(just an example)...
On google, I search for certain item's... say mainly electrical goods...
Google is storing my search queries of say 'TV', 'LCD', 'Xbox', 'Electrical Equipment', 'Computer', 'Ram', etc... To my IP (well while the ISP has it assigned to me)...
If on that same IP (before it changes) I then go view other sites that happen to have google ads on them, surely when the request goes from my browser to google ads to fetch the content for the adverts pane, it'll be using my IP address and thus it coud be possible to match the IP address to the info on search queries and deliver adverts that are more likely to be clicked by me ?? 
Though, I think google ads, could be logging the advert requests relative to an Ip...
So If I go on 5 sites that have google ads.
Say www.Computerparts.com
www.dabs.com
www.Xbox360.com
www.overclockers.com
or whatever...
There'll be logs in the google ads system saying 'IP whatever, requested this advert, on this URL (website) at this time / date.'
That is almost like a big brother record, i.e. tracking my usage of the internet. Say google ads were on every website, that log they had would effectively be logging everyone's usage like a tracking device...
Not to mention, they could use the information about what sites you are visiting (relative to you IP) to show more relavent adverts / sponsered links on google???
|
Ash_EP3
Member
Registered: 15th May 07
Location: Melksham, Wiltshire
User status: Offline
|
Google is a mean machine, good for hacking and finding information of pretty much any kind!
I wouldn't worry about what logs they keep your ISP keeps a log of EVERY single page you look at!
|
RS6
Member
Registered: 5th Nov 03
Location: with MJ
User status: Offline
|
yeah i read that that on google as well
http://proxify.com/ then go to google but its limited until you pay
|
Ian
Site Administrator
Registered: 28th Aug 99
Location: Liverpool
User status: Offline
|
Paul, what you are suggesting is pretty much true. The only minor problem for web sites is the issue with dynamic IPs as we discussed earlier but that aside, all information which can be gathered can be shared.
Googles empire is built around targetting adverts effectively, so yes, they do whatever they can.
|
Ash_EP3
Member
Registered: 15th May 07
Location: Melksham, Wiltshire
User status: Offline
|
quote:
Originally posted by Ian
Paul, what you are suggesting is pretty much true. The only minor problem for web sites is the issue with dynamic IPs as we discussed earlier but that aside, all information which can be gathered can be shared.
Googles empire is built around targetting adverts effectively, so yes, they do whatever they can.
I was told that Google use spiders (spider bots) which just go straight through your firewall if you allow it to... they look at your Cache and take the URL address with a small amount of information (description) and add that to their own database (Cache)
They are sneaky badgers tbh! 
|
AndyKent
Member
Registered: 3rd Sep 05
User status: Offline
|
False, a 'spider' crawls the web looking at all the pages it can find and indexes them for the engines use. They can't get through firewalls unless completely unsecure, and if its that unsecure the last thing you should be worrying about are spiders.
|
Ash_EP3
Member
Registered: 15th May 07
Location: Melksham, Wiltshire
User status: Offline
|
ah, but unless you're firewall has told google to "fcuk off" then it WILL take your information....
Had a lecture on it @ college mate  (hence why google is used for hacking)...
A business will want to keep it's data secure, and they will think so by having a firewall....
but like I said unless you tell google to leave your shit alone it will just take your info....
go into google and type Filetype: "XLS" for example and then a keyname (Weapons for example) and it will probs take you to a link of a company which sells/deals with weapons....
[Edited on 19-11-2007 by S214_UPP]
|
AndyKent
Member
Registered: 3rd Sep 05
User status: Offline
|
If you're firewall is that badly set up then yes, something might come through, but for most, its not a problem.
Certainly a business will have things professionally set up and all those kind of things will be ironed out soon enough.
|
Ian
Site Administrator
Registered: 28th Aug 99
Location: Liverpool
User status: Offline
|
The only time Google will rank your page is if it's on the web somewhere.
Nothing at all to do with firewalls in that context as you wouldn't ordinarily firewall out content you were serving.
It's also not cache. These are proper files on proper web servers with proper web addresses.
It just so happens that the web server is badly set up and contains files which the companies probably didn't want indexing. Entirely the fault of the people administering the web server.
Lecture was slightly incorrect unfortunately. These are misconfigured servers which happen to have been indexed.
Also, the syntax is filetype:xls and the search term is nothing to do with what the company sells. The search term is a word or phrase inside that file, ie. if you want to search for weapons you search for a model number and you get the price list.
ie.
Netgear DG834GT appears in 29 Excel sheets -
http://www.google.co.uk/search?hl=en&safe=off&q=filetype%3Axls+dg834gt
[Edited on 19-11-2007 by Ian]
|
Marc
Member
Registered: 11th Aug 02
Location: York
User status: Offline
|
People best watch what they're browsing for then
|
Ash_EP3
Member
Registered: 15th May 07
Location: Melksham, Wiltshire
User status: Offline
|
Johnny@Ihackstuff.com FTW!
|
