We’re approaching a quarter of a century of putting information at whose fingertips? Yours … or theirs?
BY:
Antonio Greco
Cyber/Data Science Analyst
PROJECT COUNSEL MEDIA
25 August 2022 (Washington, DC) – So I read an interesting article titled “Microsoft Is Now Literally Begging You To Ditch Google Chrome”. The main players in the write ups are giant companies’ Web browsers.
Good piece to read if you are a data monkey and in the data analytics trade, or study/work in platforms or platform capitalism. What I want to highlight is the nice summary in the write up about Google’s basic data harvesting methods, despite all the chatter about “protecting your data!” and all the chatter in the U.S. about “finally we have state legislation to enforce data protection!!” To wit, Google tracks you in one of 4 well-documented ways:
Cookies: Every time you make a search, Google adds a cookie to your browser, and that’s all Google needs to track you.
In-browser tracking: Even if you don’t use Google Search – according to privacy researchers, Chrome can still track your every keystroke even if you just type in data in the address bar without pressing enter.
Fingerprinting: Even if you turn off cookies, Google can fingerprint your device and identify you to start collecting your tiny identifiable data like fonts installed on your device to help figure out who you are – even if you’re connected to a Virtual Private Network (VPN). Yes, a VPN is perfect for internal employees who need to access the office servers (or a section of a server) from anywhere besides the office. In addition to allowing employees to work from home or on the road, VPN connections can also give vendors access to internal resources they need in order to support company operations. But VPNs are insecure because they expose entire networks to threats like malware, DDoS attacks, and spoofing attacks. Once an attacker has breached the network through a compromised device, the entire network can be brought down.
Wi-Fi sniffing: Even if all else fails, Google collects Wi-Fi data with its Google Maps street view cars, and can likely profile you based on your Wi-Fi data alone. A wireless sniffer is a type of packet analyzer. A packet analyzer (also known as a packet sniffer) is a piece of software or hardware designed to intercept data as it is transmitted over a network and decode the data into a format that is readable for humans.
NOTE: if you have attended work-related technology or industry conferences with me, such as 2 that have been in the D.C. Metro area over the last three weeks, and (stupidly) use the hotel wi-fi or even your company VPN, I have showed a few of you how easy it is to track you and/or access your network. This week, using a software called “Mashup”, I showed a conference participant how I mapped him across the event, all around the hotel, and into and across D.C. Easy-peasy. Granted, I use a number of sophisticated cyber attack/tracking software systems, but all of it is off-the-shelf stuff, available to anybody. These conferences always have lots of chatter about “cybersecurity” and “we have your cybersecurity solution!” – but little connection to reality. “The Matrix” is secure 😎.
Yep, the Google. Approaching a quarter century of putting information at whose fingertips? Yours or theirs?