This nifty little tool "periodically issues randomized search-queries to popular search engines, e.g., AOL, Yahoo!, Google, and MSN." (via Infoworld) Now, who will be first to make this illegal or against TOS? The search companies, or the government?!…
This nifty little tool “periodically issues randomized search-queries to popular search engines, e.g., AOL, Yahoo!, Google, and MSN.” (via Infoworld)
Now, who will be first to make this illegal or against TOS? The search companies, or the government?!
John, you probably did not notice but it is your blog where such a tool was proposed.
Already against Google’s TOS: “You may not send automated queries of any sort to Google’s system without express permission in advance from Google.”
John,
Have you seen http://www.lostinthecrowd.org/ done by the good folks over at UnSpam? (Also responsible for Project Honeypot)
-david
Note this is already covered by the laws that would apply to denial-of-service attacks. Eric.
Another tool to aid our enemy who uses the internet to communicate and research. It’s fitting the authors are from NYU.
I refuse to download it as anyone who does may be instantly suspect. After all what do you need to hide?
To the second commentator Ken Chan.
Google search page is so clean that it does not even have any “terms of services” or a similar link or any indication of it there. I am not a lawyer but I think there is a small chance that their terms of services are not applicable to me, if search is the only product I use from them.
Their terms of services are burried under “About Google” link. Is it necessary for me to try to know about the company whose product I use? If not then technically, in the process of using their search, they never indicated to me that they have some terms of services. So no possibility arises for me to read it and accept it by using their product. They may very well have said in the terms of services that if I use their search engine, they will send me a million dollars bill in the mail! And hide the link somewhere in “About Google” page.
It’s a stupid idea on so many levels:
1) The implementation sucks. It’s got a relativly small word-list that it uses for “random” queries, so they are trivial to filter out.
2) No one cares about all the queries you do – it’s the few strange ones people look at. Everyone heard about the AOL user who searched for “how to get away with murder”, but you didn’t hear about him searching for a good steak resturant. Exactly how would a set random search terms have saved him?
3) The attractiveness of this idea is because people think of the queries they don’t want people to find as “a needle in a haystack” type thing – if they obscure them with lots of other data then that will make it impossible to find. That is obvisouly not true – finding a particular query of interest with modern processing tools is trivial.
4) This tool will make any personalization that the search engine is doing not reflect your actual interests.
I think this tool is actually dangerous. It will give people a (very) false sense of security, when if they really want to have privacy they need to use other approaches.
As to Ken’s comment: it will be interesting to see whether courts follow
1) Ticketmaster v. Tickets.com (mere posting terms on a homepage does not create enforceable contract)
or
2) Register.com v. Verio (terms of use posted on home page created enforceable contract)
But as John states, the Google homepage now may be “too clean” to be subject to the Verio rule….I don’t see even a link to “terms of use” on it.
Nick, I agree that the implementation sucks. But about the second point if it is a good implementation that it can confuse somebody that a wierd query is entered by the person or by a program, therefore make it hard to short list those kinds.
Ideally a perfect implementation has to be based on not intelligent programs but on anonymous Peer-to-peer. For an example you forward your query to two random peers. And each one of them forward it to two more with less than 50 percent probability, say 49%. This way all by fast mixing properties of P2P networks, all the profiles Google would have will look the same.
I removed this extension 2 weeks ago;
After analyse some of the log files, I see problems with the limited terms that the tool use, and the main problem is that don´t follow the semantic patterns of the user, even with infinite words, if the tool don´t follow the user semantic pattern , (like a signature) it will very easy to find the user actual search terms. It could be compare with a radio signal: We can interfere with white noise, even with a radar pulse (random signals), but at the end it should be possible to clean the original signal finding the non random patterns (Frequency, codification etc).
The only good think from my point of view is to know how the ramdom words will be able to affect the monthly Search terms stats.
the current version does dynamically update the search terms for each user as it goes, though not sure how much of the frequency-to-noise issue this addresses.. -e
TrackMeNot has been upgraded in response to some of these criticisms, including the use of a dynamic, evolving word list unique to each client. More here:
http://mrl.nyu.edu/~dhowe/TrackMeNot/
If I posted “”You may not send automated queries of any sort to Helen Nissenbaum’s website without express permission in advance from Helen Nissenbaum,” and one of Google’s indexing spiders (or any other search company’s for that matter) happen to connect to my site — I wonder — any chance that would be illegal?
There are other legal way of making it legit.
like signing up for google API and using it to access Google, I think you can run 20,000 queries a day with a free API key.