It pains me to hear intelligent people talk about being "tracked" as something "bad" a priori. While there are certainly plenty of examples of abuse of knowledge, I tend to think of most "tracking" not as "stalking" but as "relationship building." Let me explain...
Google is a service provider that I frequent, just like my coffee roaster or my stock broker or whatever. Over time, service providers develop a relationship with their customers based on knowledge of that customer. This knowledge helps inform how they provide and improve their service. My coffee roaster knows what kinds of coffee I like and makes appropriate recommendations when new beans arrive. My stock broker knows what kinds of risks I like to take and gives appropriate investment direction.
Ok, so I don't really have a stock broker but... My point is: I appreciate that google is aware enough to know that when I search for "hash salt" I'm not talking about potatoes. DDG shows me recipes and first.
The problem (as with most things that are hot-button issues) is that the most talked about thing - "tracking" - is a red herring. The REAL issue is accountability. True information lockdown rarely benefits anyone, but openness without accountability is useless and downright dangerous.
Suggesting people flee one provider's services and head to other providers who are not concretely more accountable (just because they "say so" doesn't make it true) is simply being petty. We should instead be spending out breath advocating for greater accountability in the system as a whole.
And quite likely, he is not paranoidily avoiding Google, but partly experimenting as he is running one of the very few companies that are directly trying to compete with Google in search.
- Safari/iOS will let Apple know you're in a market for a house
- Safari will let Apple know you like Ethiopain coffee
- Also it will probably allow them to track your searches
- Along with Calendar sync and maps Apple knows both where you are currently and where you'll be next
While not all of his eggs are in one basket, there's an awful lot of them providing an awful lot of "tracking" information to one entity.
Sure, if he's experimenting with replacing Google's services that's a valid reason.
What do you mean? Can you be more explicit?
iAd is a mobile advertising platform developed by Apple Inc. for its iPhone, iPod Touch, and iPad line of mobile devices allowing third-party developers to directly embed advertisements into their applications. Announced on April 8, 2010, iAd is part of Apple's iOS 4, originally slated for release on June 21, 2010, the actual date was changed to July 1, 2010.
Also iAds have quite strict requirements as to what kind of identifying information they receive from the device.
Google/Android doesn't have any qualms about giving every bit of information they can get to the advertisers, that's the main source of income for Google. Also, 3rd party cookies will not be turned off by default in any Google product ever.
Websites such as real estate websites are basically just ads, yet it still offers a service (namely discovery). trailers for movies are also ads but I still like watching them.
There's a lot of disgusting/misleading behaviour in advertising, but it's not strictly an Us vs. Them proposition.
When you are a visitor to a website, it's whether you are a customer vs product proposition.
To further this analogy, what if you went to the onsite barista and when you ordered your coffee the barista told you that you're allergic to one of the seasonings. That's helpful and relevant and I think this is where most people start panicking but if the Dr has a Lot of accountability which is what the top comment is suggesting is the main concern, then you will know that the Dr isn't sharing full medical history but rather just what is relevant, your allergies. This is convenient, and in my imaginary scenario just saved the person from a lot of trouble. Also in this imaginary scenario the patient opted-into this sharing of knowledge.
I know this may not be a popular opinion, please share why instead of down voting me. I'm eager to learn and a down vote won't help me :P
Even if Google does say that some app is firewalled, the implied follow up is "...until customers stop caring" or "...until the law allows us to use it". Everything they do is intended to facilitate advertising, even if not yet.
It's really creepy, even though it's obvious and trivial.
It's also counter productive - I haven't used 4OD for ages precisely because of that creep factor. Even though I knew they were doing it before the ad.
"Anything any company does is in the end goal to make money" is basically this argument. "Anything a university does is to get grants".
You're reducing the agency of people who work there and their personal objectives to nothing. Google has many different projects which aren't just about pushing ads . How are driverless cars selling ads? The cost of Google Fiber largely outweighs the advertising revenue. etc.
In the hypothetical doctor's office with attached coffee bar to which I was responding, we can see how it would be money-making but there's no good reason to assume that there would be a misappropriation of personal data between the two parts of the business. In Google's case it's the opposite: by default everything they do is oriented toward collecting and using data, as personal as possible. Sensible people would assume that if Google hasn't yet used the driverless car to find a way to better target advertising, they've got top minds thinking about how to do it.
If they were to flip a switch and turn Gmail-mined data into a dating site, or something, users would leave en masse. And good luck trying to entice new users with an expectation that their information would be misused.
I've always just used my real name online - so instead of having an email address like email@example.com, I just used my name. It's a little less embarrassing when you have to give it to people, and I sort of got over those sorts of email addresses in grade 5.
Sure, that means people can link what I write online, but it's hardly worse than if they just searched for my nickname, and did some legwork. And really, what am I writing online that is so private and secretive that I need to firewall it from my actual identity? I wouldn't be having such discussions on a public forum online - I'd do it offline. If
Now, sure, if I was living under a oppressive regime, and had to get data out - but let's be honest, as a percentage, how many of us HNers fall into this category?
And even then, would you really be doing it on YouTube? YouTube is a bastion of stupid (but funny) cat videos, parody videos, movie trailers and music covers.
I'm fairly sure a whistleblower would be using something a little more appropriate, and where privacy was actually a feature.
And quite frankly, considering the awful quality if YouTube comments, I'd applaud any attempts to make people even slightly accountable for the awful and often hateful c*ap they write on YouTube comments.
> I've always just used my real name online - so instead of having an email address like firstname.lastname@example.org, I just used my name. It's a little less embarrassing when you have to give it to people, and I sort of got over those sorts of email addresses in grade 5.
You can't see the value of email@example.com and firstname.lastname@example.org for someone to blog about the widgets their company makes and also about the best places to buy clothes?
> sure, if I was living under a oppressive regime, and had to get data out
People are beaten every day in the US for being gay or trans or whatever. Sometimes murdered. Often discriminated against. While I feel Brandon Eich's opposition to gay marriage is abhorrent I kind of feel sorry for him being kick out of a job for it.
> And really, what am I writing online that is so private and secretive that I need to firewall it from my actual identity? I wouldn't be having such discussions on a public forum online - I'd do it offline.
There are so many reasons people might want to talk about something in a public forum but not want to tie it to their identity. At least, they may start wanting to keep it private before they reveal their identity. Why deny them that choice? But here's a list:-
- battered women
- battered men
- victims of sexual abuse
- members of the glbt community, especially if they're preparing to disclose to family members etc.
- people with "embarrassing" diseases.
- people who face stigma - being religious or not religious in a not religious or religious area; having severe and enduring mental health problems, etc.
This is just a partial list! There are very many more!
> And quite frankly, considering the awful quality if YouTube comments, I'd applaud any attempts to make people even slightly accountable for the awful and often hateful c*ap they write on YouTube comments.
Have you read comments under newspaper articles recently? Real names, horrible comments.
Improving comment quality is important. So far it seems that you need to set expectations and have some kind of moderation. This can work even with anonymity. See, for example, early /R9K/ (at least when they had the robot image) for an example of not terrible commenting without real names. But some people really strongly prefer real names - http://meatballwiki.org/wiki/UseRealNames
However, this appears orthogonal to the issue of whether YouTube (a public forum) requires posters to use their actual name, and not a fake name.
I mean, think about it - is a public forum the sort of place that you would want to be posting private content you don't want linked to you?
If I was an oppressed person, and wanted to talk to somebody - friends, family, counsellor - there are other mediums available. I mean, gosh, I could meet up in person? Or I could pick up a telephone? (Assuming my enemies weren't the NSA.) I could write them a letter? I could send them an encrypted email. The list goes on.
What benefit do I possibly gain from publicly outing myself on a public forum, fake name or not? Why not use a private forum?
If I was an oppressed person, and I wanted to vent in my own community - there are private gated ways I could do this. There are real life meetups. We could meet in a coffee shop. There are private discussion forums, where you control the servers. There are Usenet groups etc.
I really don't get people's obsession with posting everything publicly by default. It's like people posting every time they do a poo on their Twitter feed - why?
Or let's look at one of your examples - people with embarrassing diseases. Is this where people with symptoms refuse to see a doctor, but would rather post on a online forum, so that anybody can chime in with their opinion? Have you seen some of the idiocy that's spouted in these forums? shakes head. Dude, go see your doctor, seriously. Firstly, it's guaranteed to be confidential, and secondly, this is somebody you're paying for their professional opinion, as opposed to some guy in their mum's basement having watched too many episodes of House M.D., and posting under the alias Dr_John_Hopkin_MD.
Or say you were filing a victim's report. The police aren't exactly going to say to you - oh, you need to file a police report? Gosh, you should do it in a...YouTube comment! You will go into a police station, and fill in a paper report.
The world would be a better place if people learnt to live a little less online, and didn't default to public-view on everything.
I don't see how this is related
If it's public, it's public. Eventually, it will probably be linked back to you.
If they want to talk among their communiti
So, "subversive", against the status quo ideas, should only be limited to my neighbor? So that there is not enough exposure and they just die out? How cute.
Nice, loaded example. Strange you didn't use "I'm a naive idiot" as an email example, to "explain" why using your real name would be better. ..And, btw: Sexy asian chick? Pics or it didn't happen.
"And really, what am I writing online that is so private and secretive that I need to firewall it from my actual identity?"
You may be boring, unimaginative, and a herd follower, but that doesn't mean everybody else is.
Yes, I am boring - I'm not afraid to admit it.
I am just another of the 6 billion or so souls floating in this rock in space. I don't think of myself as a special snowflake, or as some secret government operative, or somebody who's smarter than all the plebs around me. And I sleep perfectly fine knowing that =). You use the word herd follower as if it's some kind of grave insult?
I'm not an anarchist, nor am I V from V for Vendetta. Ergo, my argument, I don't really have any issues with people seeing what I post online, since most of it's just banal rubbish. You're not going to get any national secrets from reading all of my online postings.
I have friends who are paranoid with security/privacy - and I respect them for that, I just don't understand it. I'm more likely to be the target of an online spammer or phishing attack, than a government agent trying to see if I am against the Party.
However, _if_ I were an anarchist, do you really think I'd be posting my secret plans to overthrow the US government on a YouTube comment?
This is precisely my point, everybody seems to be making a mountain out of a molehill. Who cares if Google makes you actually identify yourself when you comment on the 50 billionth cat video.
The pendulum swings both ways, and this is the reason why all of this should be opt-in.
It's like arguing in favor of a monarchy just because the current ruler is just, competent and benevolent; while ignoring the possibility that the next ruler will be violent and vicious.
Your monarchy analogy doesn't work either because, in a monarchy, you don't have the choice of leaving it other than leaving the country. With Google, and every other internet company (they all track you), you can leave on a whim.
I never said that there was certainty that it would. Only that it is possible. You can't hand-wave away possibilities with "it's not currently happening now."
I, like you, also get a daily email notice of what google is actually doing and planning, every morning. Larry also, sometimes, attaches sexy pics of himself. /sarc
That is just another term (and a significantly creepier one) for the same thing, for those people who don't want that kind of relationship. A good rule of thumb would be to assume that people who "don't want to be tracked" have already considered the fact that tracking may help the company in question improve its service to them -- after all, this is frequently given as the justification for tracking.
From this viewpoint ("I don't want that kind of relationship, and am prepared to live with the associated service degradation"), it is logical to switch to services for which your envisaged greater accountability isn't necessary.
Incidentally, I have issues with DDG simply because it will return Android programming results from 2011 in preference to those from 2014, despite the entire state of play having changed in those three years, because it was a really good result in 2011 -- or because it simply doesn't seem to index as much of the Web. These are just anecdotes, but in my personal experience the "relationship" I have with Google search isn't a very large part of why it's good.
Myself, i've long used Google and hadn't cared at all what information they collect about me. Rather, i openly give them information. Sure, if the world turns to hell and suddenly the government is at my door because Google "knew too much" then the naysayers can laugh at me all they like.. Then again, the world has turned to hell already, so is it really a time to laugh?
In the mean time, i want to give Google my info, because "Google Now" is a great example of a service attempting to predict my needs. Keeping up to date with my life, and giving me information i want, without having to even ask for it. I don't want dumb computers, i want intelligent meaningful interactions, tailored to my life. And i can't get that by being a black box.
I interact on my terms, or not at all.
Your logic here villainizes a behavior simply because it benefits someone else.
Let's say that every day you stop at Starbucks and order a cappuccino. The people who work at there recognize that you always show up at 8:10am and order the same thing so they begin to make sure it is ready for you every day so you don't have to wait. Did you give them explicit permission to notice your habits? No. Does their behavior benefit them? Yes, they keep you satisfied and paying obscene amounts of money for coffee on a daily basis. It's mutually beneficial. Now an employee of Starbucks could potentially give information about your daily routine to someone else who was looking for you (say to the police for whatever reason) but you don't hear anyone lamenting the presence of eyeballs in the heads of baristas as massive privacy invasions.
I believe what you are really getting at is that these companies like Google and others can - and have at times - abuse the information they have available. This is exactly my point: what's needed is greater accountability.
Tracking is a tool.
It can be used for good and for bad. It has been used for good or bad. A healthy debate about the pros and cons and discussing choices one has with their tools/tech is vital to this.
Tracking is an aspect of privacy, but it is not the entirety of it.
No, tracking helps to provide you with better services, full stop. Since you use an adblocker, tracking isn't making anyone money at all. Your personal information is worth exactly $0.00 on its own.
No. Tracking is about allowing advertisers to better target people that they want to advertise to. A side-effect is providing you with 'better' services.
Those two are NOT exclusive. Targetted advertising only works because you the user find it more useful.
And, no, it's not about better ads, it's about better services. The vast, VAST majority of tracking is never used in targetted ads. Targetted advertising is a very wide net, not hyper-focused.
That's the reason I always come back to google and search logged in. Almost all my searches are computer or more generally electronic related. On other search engines I get useless results.
I'm fine with relationship building. Google can give me better search results based on other activity they observe; I'm perfectly fine with that. They're simply trying to better their product for the user.
What I'm not fine with is the fact that Google is an advertising company. We're not the end-users, we're the product. Intuition says Google is selling the valuable information they collect to third-party advertisers. This means that our valuable information is being leaked to third parties I'm not sure I can trust.
At the core of it, I only want to give my information out to parties I trust. I don't care if it's valuable information or not, I just want to be in control. I don't want my info being sold to some advertising company -- after all, I'll only buy their product after I build a relationship with Google and they can provide the most relevant links.
In this case your intuition has failed you.
Even for less reputable companies, it seems you're right: it makes more sense to sell ads for a keyword rather than to make the advertisers sort through a mass of data. Is that the case?
If someone came up to me and said "I'll give you 5 dollars if you give me the names, email addresses, phone numbers, and personal vulnerabilities of all your friends", agreeing to that would be considered a massive breach of trust and a horrible act. On the web it seems like standard procedure.
I will give you that tracking isn't innately bad, but it is an act of trust, and the question is: do you trust google?
This is too myopic of a question. Do you trust Apple? Do you trust Microsoft? Do you trust ____? There are arbitrarily many of these questions to ask.
What really needs to be asked is: how can we establish levels of trust in companies and services that handle our digital information that approaches the level of trust we have in our direct, inter-personal connections?
Not ratting on your friend is trust established through close social connections. Trusting Google to not sell you out is a level of trust established... how?
It's trust from potential destruction. If Google was obviously using your email contents to sell you out, then people would stop using the service. It's like how people don't want to give out their email address to certain organisations out of fear of spam and phishing.
Google can't exist without that trust, so they're incentivised to act in a trustworthy manner.
Ironically, exactly because of the intense scrutiny they face with every small decision they make, I have a lot more faith in Google's inability to be evil than just about any other player. I certainly can't spend the time to verify that all the other players I might give my data to are honest and well intentioned will always stay that way. But at least with Google I have pretty good faith that others are going to do that for me.
Sometimes I wonder if the critics of Google's privacy realise they may be having the opposite effect they intend in this way ...
Google is accountable. The problem is that they are accountable to advertisers, currently to the tune of about $55 billion per year.
For consumers to hold Google accountable, they have to fight against their addiction to free web content and services, and start directly paying for what they consume. It's important to note that "Google is free!" is an outright lie, and in fact we are paying more for Google through advertising than if we just paid straight up.
> We should instead be spending our breath advocating for greater accountability in the system as a whole.
The best way to do that is to advocate against ad-supported websites and services, and to advocate (and invent if missing) honest ways to get necessary revenue.
 I avoid the term "monetization" which to me is a word invented to make it easier to be dishonest.
[EDIT] Sigh. As usual, either Google or advertising apologists are downvoting without supplying a reason. Upton Sinclair said, "It is difficult to get a man to understand something when his salary depends upon his not understanding it." Too many people here have a salary dependent on advertising, or an identity dependent on Google fanboyism.
I like this. I mean, not gonna lie I love free stuff as much as the next guy but most services that offer to remove ads for a subscription (Spotify/Pandora for example) I pay for.
Even journalism - support your local NPR!
None of your post give any single proof, just some grandiloquent claims.
[Too many people here have a salary dependent on advertising, or an identity dependent on Google fanboyism.]
Tinfoil too much?
It's obvious from your comment history that you're a Google fanboy. And an Amazon fanboy. And an Apple hater. Good luck with that.
No, you don't. A claim it is not a fact or proof.
> It's obvious from your comment history that you're a Google fanboy. And an Amazon fanboy. And an Apple hater. Good luck with that.
Well, perhaps it is obvious to people like you, that only have a black and white world and everything not agreeing with you is because a paid shill or a hater.
Good luck with that
"Relationships" are built by two people, not by one person being followed around the entire interney by a multibillion dollar international conglomerate.
Not to accuse you of anything, but I would imagine that this is what most stalkers think, as well.
Really? For that exact query, I get the Wikipedia page for "Salt (Cryptography)", "How to Hash Passwords", and "Salt the Hash - Security tutorial"... you get the idea.
AFAIK, the stuff you're seeing at the top is their 'zero click' information, which Google never provided (until after DDG added it and promoted it as a selling point). That's a little hit-or-miss, sure, but the actual search results of DDG are generally just as relevant.
I've been using DDG as my primary search engine for years now - I still resort to "!g" searches sometimes, but I have to do it far less than I used to.
This is, ultimately, a nuanced point. It's a bit difficult to contrive a situation where the discrepancies are extremely stark in a single case, but over time and with consistent use (especially something like Google search which i use literally hundreds of times each day) the differences add up to make a pretty pronounced impact.
By letting Google collect enormous amounts of data about you, you are letting them have power over you. It can be used for pushing you to buy stuff against your rational will or for killing you, if say at any point you decide to not fully cooperate with a future totalitarian government.
You may have heard it, but humans have this shit called "intelligence". It's some times used to predict future outcomes. (Yeah, I didn't believe this shit neither, the first time I heard about it. But please, do look it up online.)
With your permission, you give us more information about you, about your friends, and we can improve the quality of our searches. We don’t need you to type at all. We know where you are. We know where you’ve been. We can more or less know what you’re thinking about - Eric Schmidt, Executive Chairman of Google.
That's the issue here.
You are very naive. Nature hates a power vacuum. Accountability, requires being able to enforce, if the other party is not accountable. Otherwise, it's just a matter of time before you are being used in some, or many, ways. The asymmetry of power between Joe Doe, you, and a huge multi national, assures that you can't enforce, and so you can't keep the other party accountable.
"Like most people, I don't like to be tracked"
"tracking is, a priori, something bad, even when it's open and part of a relationship in which you appreciate the other party remembering certain things about you"
Looking at the underlying business model is more effective. I am confident that DDG is going to respect my privacy, because that's what their whole business is built on! Similarly, I would be shocked if Apple turned around and started selling my data to advertisers, because I am their customer and I am the one paying them.
One way to advocate for greater accountability across the board is to advocate against the "free through advertising" business model:
1. It's a lie. It's not free. https://news.ycombinator.com/item?id=7485773
2. It undermines free-market mechanisms by having the paying customer be other than the consumer. And as fidotron points out, it also has the same effects as dumping against any non-advertising business model.
What is the underlying business model of Apple? Make products that consumers are willing to pay for. DDG's underlying business model seems to rely on sales kick-backs and minimal advertising. Not perfect, but not as bad as Google's.
And how do those companies stack up against Google when it comes to security? It's one thing to protect the data against snooping by the provider, it's anoter to protect it from everyone else. Google is pretty solid, often on the cutting edge (PFS, certificate pinning).
An example: where you walk in public is public information, but for most of human history, no one has had the capability to keep a database of that information and query it retroactively. Your location information is therefore less private now than it was before, because that information used to be impossible to reference meaningfully.
The same concept goes for email, calendars, contact graphs, etc. Using providers that don't have, or consciously avoid the capability to aggregate, analyze, and query it improves your privacy. Google is not one of those providers.
They are the one company that has the ability to really push for user privacy, it's a route Google cannot follow - it would hurt their core business (advertising) too much.
On the other hand, Google needs their users to trust them. If they walk away from Google services, Google loses.
If Apple on the other hand, loses an iCloud customer, their lock-in is reduced, but probably the user will continue to use their Apple devices.
In the end, paid services are probably the best for users who want privacy, etc. Losing trust immediately results in a loss of income. But since the user is paying, they don't have to use and link user data for advertisement or sell the data to third parties.
Google has dominance in search, webmail, maps, and a very strong mobile presence with Android.
Even if you don't trust Google, it's hard to avoid using their services - they're so good, they have few competitors worthy of note (e.g. Apple Maps or Bing).
I'm going to assume then that you don't visit strip clubs, bars, 'adult book' stores, the house of your drug dealer, the house of your secret lover, a proctologists office, an OBGYN, an abortion clinic, or a million other places. You may not visit these places, but many others do, and having that information publicly available could be devastating to families, careers, entire lives.
On the other end of the spectrum, say you happen to be in the general vicinity of multiple burglaries at the time these crimes are believed to have happened. You're arrested and have to prove your own innocence.
Or maybe someone who wants to do you harm looks at your data for patterns, and goes to the right place at the right time to rob, extort, harass, rape, even murder you.
In general, I think having your location information public is a terrifying prospect.
Perfect way to set up someone you don't like.
The undated documents show that federal agents are trained to "recreate" the
investigative trail to effectively cover up where the information
originated, a practice that some experts say violates a defendant's
Constitutional right to a fair trial. If defendants don't know how an
investigation began, they cannot know to ask to review potential sources of
exculpatory evidence - information that could reveal entrapment, mistakes or
biased witnesses. 
Although these cases rarely involve national security issues, documents
reviewed by Reuters show that law enforcement agents have been directed to
conceal how such investigations truly begin - not only from defense lawyers
but also sometimes from prosecutors and judges. 
You know that guy that used to scare your wife/daughter with his stalking? Well he just happens to have a government job and may be in a position to abuse the knowledge that he has access to for personal gains.
Many of these excesses have been driven by "limiting the size of government" by defunding local governments and relying on private information brokers (license plate readers, etc), rather than passing better laws.
I asked because I was curious about what sorts of unique threats are presented by, for example, a database of location data. So far I haven't seen any that aren't already present via far simpler means.
The point is not that the world will end if we give away our location data, only that doing so has a non-zero cost.
Cell phones are like cars, they are very useful but also have their downsides (cell phones reduce privacy, cars kill people). I have a cell phone and a car because I made a decision that the cost was worth the benefit. I did not need to delude myself into thinking there was no cost nor did I need to pretend that the cost was inevitable.
That isn't what he said. He said that if the government is going to forge information, then the availability of location information is not necessary nor useful for that task.
the house of your drug dealer - being in someone's house in circumstantial at best. By your logic they would also have to arrest the drug dealer's mailman, maid, meter reader, etc.
burglaries - again, circumstantial.
Someone who wants to do me harm doesn't need a database full of comprehensive location information. They'd only have to find out where I live and wait for me there.
Nobody is saying you need to unplug your machine from the internet, but just that because something doesn't impact you today, might not be true tomorrow. If you decide to run for office in 10 years, for example, you can bet your location data will become relevant (and it's not that far-fetched that the other party will try to obtain that data - reference the IRS email scandal).
The point is to minimize the aggregation of your data, to limit the impact it will have on your life once it leaks. After all, you never know who will get a hold of all your data once a company goes out of business (fir example).
I prefer to take the "hope for the best, prepare for the worst" approach: if something bad were to happen, I would have a better chance of not being impacted.
If an insane genocidal dictatorship comes to power, you will be impacted, unless you're on the side of the dictators.
Hence the point of this thread: don't expose more information than you need to.
Edit: just as I typed this, the top story details the perils of data theft, exactly the point I'm trying to get across here: https://www.nikcub.com/posts/notes-on-the-celebrity-data-the...
Regardless, if you're an average adult in the US, "weekdays between 9 and 5" is a fairly reasonable assumption of when you won't be home. No giant database needed.
Have you been speeding in the past few years? A lot? Have you done anything private? Seen doctors/specialists about private medical issues? Have you had an abusive spouse or stalker in your life? I bet they'd love the data.
Google doesn't issue speeding tickets. If the government were to issue a ticket for every single instance of speeding and even 1% of them contested it, the system would be so clogged with paperwork that it would grind to a complete halt.
Personally, no I haven't been to the doctor. People go to doctors, though. That's not a big secret. Are you personally on the lookout for every single person who visits a doctor so you can...make fun of them, I guess? Do you imagine other people are?
An abusive spouse/stalker already knows where you live. If they're that motivated and want to find you, they'll wait outside your house. Hiding the information is not a solution to that problem, those people need to be arrested and incarcerated.
I think you need to read up on the 'domestic terrorism' cases in the USA and how NSA investigations actually proceed. One fun instance was Clapper giving presentations on a network of possible terrorists all linked together. The link was a pizza place.
Sadly, that's not outside the realm of possibility, but that information alone is practically worthless in determining if someone is a terrorist. "Regularly meets with the same people in the same restaurant" describes almost the entire young, single adult population.
It was enough for the guys supposedly in charge of protecting us to waste a lot of time staring at graphs. And the 'threat matrix' is full of even more shit than that; I refer you to "Secret without Reason and Costly without Accomplishment: Questioning the National Security Agency’s Metadata Program", Mueller & Stewart 2014 http://politicalscience.osu.edu/faculty/jmueller/NSAshane3.p... for that and other sorry details of 'the war on terror'. Seeing the sausage made is never pretty.
> In that case does it flag every single group of high school friends who regularly get pizza after school, or every group of co-workers who hit up the same happy hour a couple times a week?
No, I'm sure some racial and religious profiling was part of the special top-secret sauce which selected that particular pizza joint...
1) The computer never lies and the false positive rate is 0%. So if you walked past a shop that sells weed grow lights enough times, you'll be on a list and some night at 2am they'll smash open your door, shoot your dog, and throw a grenade into your babies crib. This is "OK" because it usually only happens to poor minorities and the computer never lies and there is no such thing as a false positive. Even just street crime is an issue.
2) Times change. Being on a list as living as a Jew in Germany in 1923 not a huge problem. In 1943 being on that old list is not so good. Walk past a mosque on a daily basis in '90 no big deal, in '10 maybe not so good when they look at the historical records to Keep Us Safe From Terror (tm). Its almost unpredictable who we'll be punishing / torturing in a couple decades. Probably not reasonably well off white men, but everyone else is either nervous or ignorantly not nervous.
Another thing: Imagine someone would get HD video of your room while you slept in it. I can't imagine what use it would be but I absolutely would not like to be filmed like that.
Why would advertisters spend money for a profile of you? Answer: they don't. This market just doesn't exist. It's fabricated. It's a fantasy to pretend your trivial existence is worth big bucks. It isn't.
Advertisers do not want your information. They want your money. Google uses your information to try and match you up with relevant advertisers. This is how ad networks work, a form of online dating basically. Your information does not go to the advertiser. Your information on its own is not worth anything.
> Maybe tell insurance companies that you frequently do high risk activities. Sell the information that you were at the beach when you took a sick day. This list could go on and on.
Who would spend money on this and how the hell would that market ever come into existence, much less in secret, such that everyone does freak the hell out?
Do you think Google sends employees out to secret hotel rooms with members of random stores to swap dirty secrets about you or something? Remember, advertisers are places you go to buy things. Not evil supervillans.
That kind of thing could never happen in the West... right? I hate to bring in Nazi Germany, but imagine how much more effective they could have been at rounding up people if they had access to Google's tracking data.
Full Disclosure: I am not actively avoiding any tracking, but I think about possible abuses a lot.
Harmful to someone, and it's different for different people at different times. Also, a piece of information that may be benign today could be harmful tomorrow with a change in the political environment.
Maybe you visited a specialist, or were on the same floor as a specialist, and got extra attention from your health insurance as a result.
Maybe you were standing near someone being investigated, making you a person of interest and therefor subject to prosecutorial bullying.
Maybe you're trying to overthrow a government and would like to do it in safety for as long as possible.
Maybe you just like your privacy.
Standing near someone - same argument as above.
In the rare case that you are actively involved in overthrowing a corrupt government, then yes, it is important to keep yourself hidden from that government. But privacy in general does nothing to prevent the corrupt government from coming to power in the first place. If anything we need less privacy - for the government.
People don't "just like" things for no reason. I think it's worth examining why we like privacy and what needs it fulfills, and what other ways we might be able to fulfill those needs. It seems to me that digital information is just too easy to distribute for us to have any hope of containing it. We are better off assuming any available information is going to be made public and finding the best way to proceed from there.
Should we stop people from using cars, because vehicles are used by drunk drivers?
You'r argument would be a valid analogy if I were suggesting that we make it illegal to tell anyone your location (or any other "private" information). I am only pointing out that privacy is valuable and we should count the cost if and when we give it up.
You are asking your question from a position of luck (that you, in particular, can afford to be an open book) and mostly at the wrong level. It's not about how it will affect you, it's about how it will affect him/her, and us.
Improving your privacy helps people who have legitimate things to hide avoid unwarranted suspicion, and it also makes our society better.
Secrets are sometimes bad, but are far more often good -- allowing us to have functional foreign relations, strong individual rights, and the ability to communicate freely about ideas central to our republic. No good will ever come of the ability to Google: "people unlikely to toe the line".
But, as far as most of the criticisms posted here, they're really unfounded. If you want to be a purist about privacy, you really have to just quit using technology. It's not realistic. Yes, you can be an idealist and try to run your own email server, etc. but it's really about balancing tradeoffs. I also use Apple maps and iCloud and dropbox and Evernote and... many other services we should give just as much scrutiny to as Google.
I don't see my choices as being about riding a high-horse, it's about a diversified portfolio of services that helps me avoid total lock-in. The day that google heavily oversteps with the G+ product strategy or twitter completely goes to shit, I've got a series of alternative services that can pick up the slack.
I don't really see it as a question of if Google will screw up with people's data, it's a question of when.
Doesn't that sound bit too pessimistic? Of course it does. You already trusted Google, why trust another company and risk your data?
What if, from the 10 companies you trust your data with, 2 of the go rogue and use your data against you? OR what if they get hacked, and lose everything? That's what I fear more than giving too much data to Google. I'd rather trust one super reliable guy (Google), than trusting 5 (Self hosting) maybe trust-able, 3 shady guys, and 2 unreliable guys. But that's just me, I make sure all my accounts have 2 step auth.
Exactly. It's not realistic because it's a strawman, and a disingenuous one at that.
No one really wants to be a "purist" about privacy. Indeed, the only way to live a 100% private life is to have a cabin on some uncharted island and never leave it.
Rational people, on the other hand, realize that there are certain privacy costs to living in modern society. They simply want to make informed decisions about which benefits to trade off those costs for.
What the author advises against is giving all your information to one company, i.e. Google. This holds especially true since said company's core business is serving you advertisements and generally controlling your Internet experience (using the "personal filter bubble" described in the article) using the information it has about you. Instead, he is suggesting that people spread their information across multiple service providers so that no single one of them can compile it to get a wholesome picture of who you are. The point is not to avoid giving your personal information (although the less you have to give, the better). The point is to avoid putting all of it in the hands of one company.
Maps: ... / Apple for directions on mobile
Phone OS: iOS
And then talks about data not given to one company.
Really, is it just a strange joke?
By the way, I think iAds pertains to Apple, not to Google.
What is the real difference? One is better at doing it than the other?
Google's whole business revolves around showing you targeted ads. Apple's business is to sell you iDevices. Apple will not target you to the point where it's invasive and creepy (although I'd argue even the smallest amount of tracking is invasive, but I've been trying to look at this from Gabriel Weinberg's point of view) because Apple can not do anything to harm its main source of income. Google's job is to track you and they legally (and sometimes illegaly) do everything they can to be successful in their business. They can not hurt their main source of income by being invasive, because being invasive is their business.
For the record, I'm not saying Apple is any better than Google or vice versa. As I said, I've been trying to play the devil's advocate.
If you look at EFFF, Google has had your back longer with lobbywork before the EFF report came out ( https://www.eff.org/who-has-your-back-2013 ) as soon as that got popular last year, all of them upgraded their lobbywork (Apple)
Yes, now they all have 5 stars, but the EFF report first came out in 2011 without them knowing ( https://www.eff.org/who-has-your-back-2011 )... But there was a lot of hype about it last year, so they had to improve their "score-card".
It sure took Apple long enough though :)
>I don't like to be tracked.
>Phone OS: iOS, etc
But now I think it is serious, if not highly deluded.
Apple makes little to no money by invading your privacy. They've already made money once you bought their hardware. Which is why they will be a much better champion of your privacy.
However, companies like Google and Facebook make almost 100% of their revenue by knowing every detail they possibly can about your life. That's why they try to commoditize hardware and place all the value in your personal information.
They certainly do. And since I cannot audit any of their upper layer code for any of their products, I cannot have any faith that they don't.
At least with Android, I can get my own spin on AOSP like Paranoid Android.
And I guess you can opt out of the Google tracking ecosystem even on "Android" hardware
I recently migrated to Fastmail, and I was pleasantly surprised by how easy it was. Fastmail automatically imports your emails from Gmail, and it took me so little time that I kicked myself for not doing it before.
> Calendar: iCloud
For those of us who don't use both OS X and iOS, this isn't feasible. Fortunately, though, Fastmail also provides a calendar service. It synchronizes with Google Calendar in case you still need to use Google (e.g. for work), and it was also a seamless switch.
As for a client, I was very surprised by this, but I've actually found that the latest version of Mozilla Lightning is the best calendar interface. Fastmail's is okay, but still in beta (it's less than a year old). Setting up Lightning to sync with Fastmail's calendar took just a minute, and I actually like the interface more than I liked Google Calendar's.
Thunderbird is an okay mail client (not a terrible interface, but not a great one), but even if you don't use Thunderbird for mail, I would recommend trying out Lightning for calendaring.
 It's okay for viewing events in the week view, but there are a lot of UI quirks and bugs that catch up with you after daily use - this one is the most pernicious, but there are a number that are simply annoying as well: http://arstechnica.com/security/2014/01/how-google-calendar-... 
 Since I know people will ask - I consider this a UI issue because it's fairly easy to imagine a minor UI improvement that would indicate this unexpected result of Quick Add (and others) before clicking "Add" without sacrificing this functionality in case it is desired.
owncloud, owncloud, owncloud!
It has CalDAV, CardDAV, and files support. There's even a rudimentary (though scary) online editor with support for openoffice. I use two-factor with owncloud, and happily share files, too. And... it supports an encrypted backend!.
Now, if you're happy to host your own mail, you can also look at adding RoundCube.
This can solve the Calendar/Contacts/Email/Filesharing main case. Works across Windws/Mac/Linux, even mobile... which in my case is Android. It's not amazing, but it's pretty fantastic.
Just clone it, install the dependencies via composer and you’re good to go. It’s just an IMAP client at the moment, but multi-account and when the IMAP server is on the same origin as ownCloud it’s quite fast. Feedback very welcome!
A few ones to check:
What are you using for the two-factor?
Full caveat though: I never have a single device with both my tokens, and synced password database - just in case memory dumps of phones/tablets become valid. So, I dump my password database to my tablet, whereas I sync my authy tokens between two phones.
Disclosure: I'm a major contributor.
* Search engine: http://www.seeks-project.info/, https://github.com/asciimoo/searx
* Maps: https://github.com/MapBBCode/share.mapbbcode.org/, https://github.com/Project-OSRM/osrm-backend/ (routing, hard to setup)
* Mail: https://roundcube.net, http://rainloop.net, https://www.mailpile.is/ (the hard part is getting the mail server right)
* Media: https://github.com/sebsauvage/minigalnano (FTP/SSH upload only), http://mediagoblin.org/
See something missing?
Having your own server is definetely a good solution, it just needs experience and comes at a certain price, even if it stays reasonnable. But most people just don't want to be bothered with maintaining the box (hosting payment, security updates, domain name renewal, SSL ceritificate renewal and so on).
However, it is a fantastic way of learning by yourself!
As for calendar, I've heard good things about https://fruux.com/ although I haven't tried that myself yet. (And apparently Fastmail does calendar too--again, haven't tried.)
I find that it integrates really well with Gmail. I've had experience before where invites from different email providers don't play well, but FastMail sending invite to Gmail works just fine.
Edit: Fruux implements CalDAV, but there are disappointingly few apps that support it. I'm stuck with Apple's Reminders. The only decent CalDAV client, 2Do, does not implement CalDAV/WebDAV correctly (they don't support "207 Multistatus"), and will not work with Fruux. When I contacted them, they expressed no interest in fixing the problem.
Oh btw, fastmail also has CalDav (Calendar only; no Tasks) and It's been working well for me too.
I have trained it with tens of thousands of emails, but it keeps letting obvious stuff through. On the other hand, I have had zero problems with false positives, which used to be a huge problem back when I was using Gmail.
Ads that follow you has absolutely nothing to do with Google services. These are retargeting companies using their cookies to track you. They use ad exchanges, so even that is not principally Google.
But... DuckDuckGo just doesn't compete on search results. I changed to it as my default search engine, but I ended up going to Google most of the time.
And switching away from Android... I tried to move to Windows 8 / Phone, but the ecosystem is a joke. Desktop apps don't work well on their small tablet form factor, and the Metro apps are laughably terrible. Microsoft can't even prevent total scams, like $9 fake Netflix and HBO. And they ignore reports about them.
What changed is that I have retired (except for some mentoring and writing). Now, I would like the tech side of my life to be as simple as possible in order to free up my time for other activities. So for right now I am massively using Google services but I am considering, depending on how much I like the iPhone 6, just living in Apple's little walled garden. I trust both Apple and Google to generally do the right things.
I still advise friends and family to run Adblock software, and to be generally prudent privacy and security wise. But for me personally privacy issues are not as important as they once were.
(Almost) nobody can escape the tracking, as long as fingerprinting remains possible: https://panopticlick.eff.org/
Google's/Facebook's/Twitter's JS scripts are literally on every site. Fingerprinting allows them to increase their ROI since it builds more precise profiles on you. The advertising industry is happy and the government is happy. So forget about them not fingerprinting you.
And suddenly the best information they can get is your HTTP accept string.
Benefits over Vimeo: FOSS, deployable on your own servers, pro-privacy, also supports audio and images.
I helped make it, so take this with a grain of salt.
thanks but no thanks
0 - http://skimfeed.com/
each story is an aggregation of multiple sources
This Page Cannot Be Displayed
Based on your corporate access policies, this web site ( http://www.gabrielweinberg.com/blog/2014/09/what-i-use-instead-of-google-services.html ) has been blocked because it has been determined by Web Reputation Filters to be a security threat to your computer or the corporate network. This web site has been associated with malware/spyware.
Threat Type: othermalware
Threat Reason: IP address is either verified as a bot or has misconfigured DNS.
If you have questions, please contact your corporate network administrator and provide the codes shown below.
Notification codes: (1, MALWARE, othermalware, IP address is either verified as a bot or has misconfigured DNS., BLOCK-MALWARE, 0x037419bb, 1409690418.913, AAAEOQAAAAAAAAAAJf8ACP8AAAD/AAAAAAAAAAAAAAE=, http://www.gabrielweinberg.com/blog/2014/09/what-i-use-instead-of-google-services.html)
"Fwd/Rev DNS Match" is said by SenderBase to be "Unknown" (this is odd). Checking on my laptop:
$ dig +short www.gabrielweinberg.com
$ dig +short -x 184.108.40.206
It is on the Verizon FiOS network, which has a number of poor reputation hosts:
The site appears within the CBL too, which gives some details: IP Address 220.127.116.11 is listed in the CBL. It appears to be infected with a spam sending trojan, proxy or some other form of botnet.
It was last detected at 2014-09-03 06:00 GMT (+/- 30 minutes), approximately 4 hours ago.
This IP address is infected with, or is NATting for a machine infected with "Gameover Zeus" or "GOZ" - previously it has been referred to as "ZeusV3" or "p2pzeus". GOZ is a version of the ZeuS malware that uses peer-to-peer (P2P) command and control mechanisms.
(Disclaimer: I work for FastMail. But seriously, it sounds like we might be just what you're looking for).
So what are we left with? Trying as hard as possible to use online services for work (assuming that's your bread and butter) and to be in the real world for leisure, etc. Not always possible, and less possible as the years go on, but a lot better than thinking one (popular) online service will be a safe haven from another.
Terms and Conditions May Apply
Actually, I think even some privacy-conscious folks might learn a thing or two from it as well. I know I did. :)
Anyone got a recommendation.
EtherPad and EtherCalc for open source.
Have you had that problem and weren't able to get by it? I've had IP changes over the years and while it's taken a small bit of work to get the new IP accepted (in some places most places don't seem to care) I'd say it's hardly a show stopper. Of course all the email deliverability people selling products and services in that market want to make you believe you'd be a fool to roll your own.
Of course if you get a VPS with some IP address that someone used to spam sure you have a problem. The idea is to do your homework and not have any of the obvious problems. (You can run the IP by the blackholes to see most issues.)
Also (not a comment directed at you by the way) I love the way a forum such as HN where people spend all sorts of time doing things just for fun seems to have a problem with the "work" involved in doing something that actually has value or might take a bit of work in order to solve a problem that they have.
The downvotes seem to indicate a reaction such as "wow what a stupid idea why would you run your own mail server hey you can just use fastmail that's what we all use".
You have to worry about spam, but, well... that's sort of a constant nowadays. My current solution is to use Thunderbird to filter everything on my primary machine and it's Good Enough. If you want webmail YMMV, though.
Honestly, if you're just one or two mailboxes, it's not that big a deal to maintain. And I've been Joe-jobbed, so it's not like I haven't been exposed to some fury. Still not that big a deal.
Do you have anything in particular you'd like to offer to back that up? Have you ever done this? (I do and have done since the mid 90's on various equipment and I'm no Eric Raymond exactly either). We're not talking about running the mail server on a commercial ISP or a company with 20,000 employees. Just running a mail server to take care of your own mail.
If walking away from Google means switching to Apple, then it's a no-go for me. I'll rather have Microsoft ( fyi. i'm mainly a c# developer, but also python, RoR and nodejs )
I would recommend, I think this distribution doesn't have the popularity it deserves.
(have just checked out MyKolab, they seem pretty awesome, although alas too expensive for me right now.)