August 14, 2006

The Anonymous Google Cookie


After the AOL incident, people are concerned again about their online privacy. While Google wasn't involved in the incident, one can't stop wondering what if Google leaked precious records from their database.

Until creating the Google Accounts, the search engine used to rely on an infamous cookie that expires in 2038 ("the end of the world as far as UNIX computers are concerned", as described here). The cookie contains an unique ID useful to identify users between sessions and to save user's preferences. If you delete the cookie, Google recreates it and assigns you a new ID. Despite that, the cookie connected with the (static) IP and other information from Google Toolbar or Google Desktop are a good way to uniquely identify users.

Here's a quote from Google's Privacy FAQ:

Like most Web sites, our servers automatically record the page requests made when users visit our sites. These "server logs" typically include your web request, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser.

Here is an example of a typical log entry where the search is for "cars", followed by a breakdown of its parts:

123.45.67.89 - 25/Mar/2003 10:15:32 - http://www.google.com/search?q=cars - Firefox 1.0.7; Windows NT 5.1 - 740674ce2123e969

* 123.45.67.89 is the Internet Protocol address assigned to the user by the user's ISP; depending on the user's service, a different address may be assigned to the user by their service provider each time they connect to the Internet;
* 25/Mar/2003 10:15:32 is the date and time of the query;
* http://www.google.com/search?q=cars is the requested URL, including the search query;
* Firefox 1.0.7; Windows NT 5.1 is the browser and operating system being used; and
* 740674ce2123a969 is the unique cookie ID assigned to this particular computer the first time it visited Google. (Cookies can be deleted by users. If the user has deleted the cookie from the computer since the last time s/he visited Google, then it will be the unique cookie ID assigned to the user the next time s/he visits Google from that particular computer).

While many people say it's a good idea to use proxies, TOR, or to not use Google anymore to protect your privacy, this site has a more interesting idea: let's change our ID to a value that has an added benefit of allowing us to see one of Google's design experiments (it's from March, but it hasn't been released).

If you drag this bookmarklet [ Anonymize me ] to your toolbar or if add it to your bookmarks, go to google.com, click on it, click OK and then save the preferences. You'll have the same ID as many other people.

Of course, being logged in your Google Account will make this cookie not very useful. A funny tip: after changing the cookie, go to Google Groups (without being logged in) and look at the recently visited groups. You'll have a surprise.

26 comments:

  1. I think that Freenet article is probably quite old.
    Especially after they practically "owned" the DOJ over the search results data.

    Personally i think Google would never release search results unless they were absolutely anonymous and couldn't ID any particular person.
    But with some people, it wouldn't be possible since they search for things relating to them.

    I was quite shocked to see a Digg about AOL users search logs posted up.
    Not in a "oh man, peoples searches are up there", more a "why did those fools even release the data to researches"

    Also, you have to remember that Google have Google Trends.
    That is the whole point in that tool, to peer into cummulative search results of Google users, while maintaining the privacy of users.

    I trust Google anyway.

    Anyone not got this cookie out of interest?

    ReplyDelete
  2. it's very important that google protect its end user gmail on the google email gamil server because they are many kind online fraud going as we speak .

    ReplyDelete
  3. This hidden cookies change my language on homepage every time.
    Thanks for this tip, I`ll delete this hidden cookies right now.

    ReplyDelete
  4. Help URL Google search?q=cars/support system

    ReplyDelete
  5. its terrible how intrusive companys can be

    ReplyDelete
  6. jon randolph carter jr
    thank you! For building the source Build cross-platform application Interface. which needed tbe debugged !

    ReplyDelete
  7. โอเค เพิ่มแท็กเข้าไป

    ReplyDelete
  8. I need help recovering a email Password kayleencammie1@gmail.com

    ReplyDelete
    Replies
    1. Follow-up comments will be sent to anisasa9537@gmail.com

      Delete

Note: Only a member of this blog may post a comment.