Who Knows Where I’ve Been?

March 27, 2011 § Leave a comment

Fraction of top 100,000 webpages which contain elements from each networkJust how much of our behavior online is being tracked, collated, and data-mined has been a subject of some public debate recently. The Department of Commerce, at the urging of consumer privacy advocates like the Electronic Frontier Foundation, has been discussing requiring advertisers to honor consumer opt-outs. Meanwhile, Google and a host of other large advertising networks have pushed a cookie-based opt-out mechanism (which advertising networks would voluntarily comply with), Internet Explorer 9 has implemented a more aggressive third-party resource filter, and Firefox has announced a plan for a different, also-voluntary opt-out mechanism that is distinct from the cookie-based approach supported by Google and others. The industry seems likely to accept some voluntary limits. Yet little empirical data quantifying the extent of behavioral tracking exists.

In July of last year, The Wall Street Journal published a survey of the prevalence of behavioral tracking networks among the top fifty websites, called What They Know. (A subsequent piece explored the privacy implications of popular smartphone apps.) The Journal‘s manual approach yielded deep insight into the data gathered–including a detailed view of the privacy and data-retention policies of the most prevalent networks–but it also limited the data gathered to a very small subset of the entire World Wide Web.

In a more scalable way, I have attempted to gather data to answer the question of just how much of all online behavior is visible to a handful of advertising networks.

« Read the rest of this entry »


Is Skype Safe?

February 18, 2011 § 1 Comment

This question is interesting for two reasons. First, practically speaking, Skype is probably the most popular VoIP application in the world. As someone who occasionally uses Skype on public wifi networks, I want to know how likely it is that anyone in the vicinity was listening in on my conversation. Second, Skype serves as an archetype of the proprietary network protocol, and a test case for how much we should trust the claims of software vendors.


“Safe” is a vague term, and there are a number of distinct concerns one might have about the safety of Skype (or anything else). Does running Skype put my computer at risk ¬†of compromise? Are my Skype conversations safe from the eyes of the guy sitting next to me at the coffee shop? What about other Skype users? What about Skype or the NSA? For the purposes of this discussion, I am primarily interested in the question of privacy, not the question of vulnerabilities that lead to compromise.

« Read the rest of this entry »