Posts

Supercookie Monster Eating Your Privacy for Lunch

, ,

You already know that every word you type on your browser is being tracked and used to profile and deliver highly-relevant advertisements to you (Big Brother Lives in Your Browser). And you know that most websites install “cookies” onto your computer in order to store relevant information about you (account numbers) that make surfing more convenient, and to gather information that allows advertisers to know more about you. You probably even know how to delete them.

But new research has shown that deleting cookies doesn’t always help. A new breed of cookies, called supercookies, can reconstruct all of your profile history even after the cookie has been deleted. MSN.com and Hulu.com just got caught using supercookies to track your surfing habits in stealth mode (you have no way of knowing that it’s happening, and you can’t do anything about it). The Wall Street Journal had this to say about supercookies and history stealing:

Hulu and MSN were installing files known as “supercookies,” which are capable of re-creating users’ profiles after people deleted regular cookies… The spread of advanced tracking techniques shows how quickly data-tracking companies are adapting their techniques… [“history stealing”] peers into people’s Web-browsing histories to see if they previously had visited any of more than 1,500 websites, including ones dealing with fertility problems, menopause and credit repair… Supercookies are stored in different places than regular cookies… | WSJ 8/18/11Supercookies on WSJ for non-subscribers.

So here is the simple scenario of why this matters to you: Your daughter is doing a high-school report for a business class on bankruptcy. In her research, she visits sites like creditrepair.com, poorcredithelp.net, wiki.answers.com/Q/How_do_you_repair_bad_credit, all while being tracked by small pieces of software (cookies and supercookies) that embed themselves on your computer. The software is probably developed by an internet software company like Epic Media Group and installed on the websites above. Let’s say you have set up your security software to delete cookies at the end of each browser session. Your daughter closes out of the session, deleting the cookies that have tracked her history on sites dealing with poor credit. The cookies are deleted.

But the supercookies remain, so that when you log on to a credit card web site to apply for a new card, they know that you (actually it wasn’t you) have been surfing on sites that indicate you might have bad credit. Instead of sending you to a signup page for a credit card with a 15% annual fee, they send you to a page offering a card with a 23% fee. The credit card company has paid for that profile information on you. And you will never know it and you can’t easily delete it.

So what is the solution? That’s just it, there really isn’t one at this point, which is why you should be concerned. Long term, you can contact your congress person and all those other things you won’t probably do to encourage them to pass digital privacy regulations. In the meantime, be careful of where you surf, because you are being watched closely.

_______________________________________

John Sileo is the award-winning author of Privacy Means Profit and a keynote speaker on social media privacy, identity theft prevention and manipulation jujitsu. His clients include the Department of Defense, Blue Cross, Pfizer and Homeland Security. Learn more at www.ThinkLikeASpy.com or contact him directly on 800.258.8076.

Big Brother Lives in Your Browser

The world is spying on you, and you don’t really even know it. A recent investigation by the Wall Street Journal concludes that spying on consumers in order to sell their data is one of the fastest-growing internet businesses. Here is a summary of the most striking findings:

“The Study found that the nation’s 50 top websites on average installed 64 pieces of tracking technology onto the computers of visitors, usually with no warning… the Journal found new tools that scan in real time what people are doing on a Web page, then instantly assess location, income, shopping interests and even medical conditions. These profiles of individuals, constantly refreshed, are bought and sold on stock-market like exchanges.”

The tracking software records and analyzes your browsing patterns. It knows if you’re surfing porn sites, researching bipolar disorder or watching teen movie trailers. With startling accuracy, it interpret’s these patterns and sells the information to websites, sometimes within seconds, that want access to your wallet. What’s the big deal, you ask? Why not let them market to us in highly targeted ways?

That seems reasonable, within limits. According to John Sileo, Identity Theft Expert and author of the newly released book on information survival, Privacy Means Profit, “We are all slowly being boiled like frogs. This month, Big Brother knows which movies I ‘Like’,  what keywords I typed into Google and what books I checked out at the library. Next month they’ll attach our name, address and credit profile to the database so that they can instantly evaluate whether I should be their customer. Because they erode our privacy over time, we don’t notice that we’re being boiled alive!”

According to the Journal, if the tracking software estimates that you are a low income individual, you will likely be shown a higher interest rate credit card when you visit the Capital One website. If you’ve been researching bipolar disorder on Dictionary.com (which downloads 234 tracking programs onto your computer without alerting you), the next insurance website you visit might no longer have a policy that fits you. In another example listed in the article, banks are beginning to consider looking at the credit worthiness of your social networking friends to determine your credit worthiness.

“We can’t just blame this on the businesses that want to market to us,” says Sileo. “They exist to make money and strive to advertise to us in the best way possible. But we don’t have to just sit around and give away all of our precious information.” Sileo recommends a handful of steps we can take to keep our selves out of the hot water, including:

  • Delete the cache of tracking cookies on your computer that share information without your consent
  • Customize the privacy settings in your browser to minimize information leakage and to regularly delete tracking software like cookies
  • Use the “Private Browsing” feature in Safari, Firefox and IE when you don’t want your browsing history stored on your computer
  • Lock down your social networking profiles so that marketing companies can’t skim your personal information
  • Consider using anonymizing software like the Tor Project, Abine or Better Privacy
  • Understand that when you are on the Internet, you are being tracked, and surf accordingly

John Sileo’s identity was used to commit a series of felonies and steal more than $300,000 from his business customers.

His story and how you can avoid the same are detailed in his new book, Privacy Means Profit (Wiley, August 2010).

John speaks professionally to organizations that want to protect their profits against identity theft, social media exposure and corporate espionage. His recent clients include the Department of Defense, FDIC, FTC and Pfizer.

Learn more at ThinkLikeASpy.com.