[liberationtech] The Google cookie that came out of nowhere
carlo von lynX
lynX at time.to.get.psyced.org
Tue Apr 28 00:50:55 PDT 2015
Juicy content from Ashkan Soltani further below.
On Sun, Apr 26, 2015 at 01:26:29PM -0700, Al Billings wrote:
> If you're the kind of person paranoid about safebrowing pings and similar, yeah, you should pull the tinfoil hat tighter and block all things.
What I said in the original posting:
"I was told it even lets Google have the cookie it uses to
identify you, so even if you use Tor, the five eyes immediately
know it is you. I didn't bother to check however."
I wonder if you read that part. Should that part be accurate, then
safebrowsing is among the top vectors for mass correlation of IP
numbers (or Tor circuits) to specific browsers and human beings.
The others being font and jquery includes, search engine utilization
and maybe a few +1 buttons here and there.
We discussed this topic back in 2014, May 12th to be exact.
safebrowsing could be offered in a distributed anonymous way,
instead it is being done in a way that it de-anonymizes people to
the fie eyes.
Some weeks later I accidently met Ashkan Soltani who told me he
already dissected the issue in pre-Snowden days. Looks like it
hardly got traction - since noone knew the implications:
http://ashkansoltani.org/2012/02/25/cookies-from-nowhere/
http://blogs.wsj.com/digits/2012/02/28/the-google-cookie-that-seems-to-come-out-of-nowhere/
It is actually quite incredible that Google has been flying under
the radar of general interest since Ashkan's story came out, given
the immense implication for mass surveillance.
P.S. I don't think you have the necessary competence to tell *anyone*
about tinfoil hats and would like to ask you to contribute to this
mailing list less frequently and more thoughtfully. Thank you.
More information about the liberationtech
mailing list