Archive for the 'Search Leakage' Category

Motherpipe

Do you want a search engine that does the following:

  • doesn’t keep details on what you are searching for
  • doesn’t store your IP address
  • doesn’t use cookies
  • doesn’t track you
  • doesn’t send your search term to the site you clicked on
  • doesn’t store or share your search history
  • doesn’t share your personal information
  • doesn’t have servers in the U.S.A.
  • doesn’t hide the search results amongst a deluge of ads

Try Motherpipe. It operates privacy oriented search engines at motherpipe.com, motherpipe.co.uk, motherpipe.de and motherpipe.se that don’t do things I don’t want done.

It gets its data from Yahoo!Bing. It offers the search operators “site:” and Boolean operators “AND” and “OR“. It also searches Twitter anonymously.

Searching Google Anonymously While Signed In

I know you still want to use Google without giving away all your personal data. To accomplish this while using Firefox, use the Searchonymous extension. With this, you can stay signed into your Google account while searching and Google won’t know it’s you doing the search. It also gets rid of most of the annoying ads.

If you use Chrome or a browser like Comodo Dragon that is based on Chrome, then you might try Search Disconnect which purports to do the same thing.

Social Search — Pipl.com

I bet you know about Pipl.com. I also bet you don’t know my super secret way of using it.

I have just shown you how to search usernames using three good sites. Now in this limited time offer, I will tell you about the best and most secret username search.

Pipl.com for User Names

Go to Pipl.com and put the suspected username in the field normally reserved for a person’s name, and presto, right before your very own eyes, valid results will appear that may include a lot of other vital information about your subject.

Social Search — checkusernames.com

This searches 160 social network sites for a user name. It is powered by the KnowEm search engine and has the same features of interest to the Investigator as NameChk plus a very interesting feature. It allows you to click on the faded-out links, which indicate that the username is in use, and doing so takes you to the user profile for that username.

How To Hide from Google

Google isn’t a search engine — it’s an advertising engine. Google makes its money from advertising. You may have noticed that the advertisments that appear on your Google search results page is related to what you are searching.

Some of this advertising results from cookies placed on your computer. If you use Gmail, it is even more intrusive as each email is read, and you get ads associated with the content of your email. This is a good business strategy for Google but intrudes upon the user’s privacy. You should shut-off the collection of web history in your Google account. To do this sign into your Google account and then go to http://google.com/history. Once there, click on Remove all Web History and then click on Pause to stop further collection of your web history. There is also a way to rid yourself of the intrusive monitoring of you normal web searching.

Google uses DoubleClick to monitor your web browsing. To eliminate this monitoring go to http://google.com/ads/preferences/plugin and download this small file for each browser that you use. The instalation prceedure will vary with each browser. This file won’t disappear when you use a file wiping program to clearout all the trash web browsing accumulates.

Disconnect from Tracking

A browser extension for Firefox called Disconnect disables tracking by Google, Facebook, and Digg. The same firm provides the Collusion extension for Chrome and Safari that does the same thing.

Disconnect provides more more protection than the Do Not Track feature in the browser. Firefox, Internet Explorer (9 and later versions), and Safari have Do Not Track privacy options that you may enable. However, implementation of Do Not Track is voluntary on the part of the websites you visit. Disconnect and Collusion stops tracking on all sites.

Stealth Search

Stealth Search Engine

When I first looked at this search engine in November 2011, I wasn’t impressed at all — it didn’t even find me!

In April 2012 this is actually looking like a useful search engine. It now uses “Alpha SSL, a secure encryption, which helps prevent sending your search terms to sites you visit. The encryption protects your search from being leaked” and it doesn’t save your search history. The search results have improved because Stealth now uses Bing’s search API, Google’s Ajax API, Yahoo Boss, and does its own crawling. They even found me, at last!

Note:

The version without Java Script does not seem to work properly. A search for my name yields no results while the normal version yields results that I would expect.

September 2012

Sealth seems to have been discontinued.

 

FireFox V.10

The biggest change in V.10 that most Firefox users will see is the smaller number of add-ons marked as incompatible. About 80 percent of all add-ons should now be compatible. Previously, most add-ons would break when Firefox released a major update.

V.10 seems to work much better than any V.9 iteration. No more crashing and the add-ons and extensions work properly. I guess I will be able to stay with Firefox for a while yet.

Extended Support Release

Mozilla also released the enterprise version of Firefox, called ESR (Extended Support Release), which will release updates on a slower cycle (once per year) so that businesses don’t have to worry about their internal tools and security protocols failing. This should help make Firefox more popular in the corporate world.

 

Securing Firefox – Configuration Settings

This is about stopping the dreaded disease, Data Diarrhea. The websites you visit can leave behind a trail of data on your computer and in their server logs. All of this Data Diarrhea can identify the Investigator and this can complicate the problem he is trying to solve. Lax privacy & configuration settings may also leave the Investigator’s computer vulnerable to attack by hackers.

This article describes more advanced methods of customizing Mozilla applications, by editing the configuration files.

about:config entries

about:config is a feature of Mozilla applications which lists application settings (known as preferences) that are read from the profile files prefs.js and user.js, and from application defaults. Many of these preferences are not present in the Options or Preferences dialog. Using about:config is one of several methods of modifying preferences and adding other “hidden” ones.

Editing the user.js and prefs.js files are an alternative method of modifying preferences and recommended for very advanced users only. Unless you need a prefs.js and/or user.js file modified for a specific purpose, you should use about:config instead.

This article refers to the Firefox V. 9 edition of the browser. These entries may have adverse effects on Thunderbird and Mozilla Suite/SeaMonkey and older versions of Firefox. These settings will affect all profiles of the browser.

In Firefox, type about:config in the Location Bar (address bar) and press Enter to display the list of preferences. You may get a warning page next, just click OK and move on.

about:config > browser.display.use_document_fonts > change value to 0

0: Never use document’s fonts
1: Allow documents to specify fonts to use
2: Always use document’s fonts (deprecated)

Don’t let the site access to the fonts on your computer. That grants too much access that can be abused.

about:config > browser.sessionhistory.max_entries > change value to 2

The maximum number of pages in the browser’s session history, i.e. the maximum number of URLs you can traverse purely through the Back/Forward buttons. Default value is 50.  Set it to 2 so that the site you visit can’t see where you have been during your Investigative Internet Research (IIR) assignment.

about:config > dom.storage.enabled > double click to false

dom.storage.enabled is a mechanism allowing web pages to store information with a web browser (similar to cookies) called “client-side session and persistent storage.” Although use of session storage is subject to a user’s cookie preferences, this preference allows it to be disabled entirely.

about:config > geo.enabled > double click to false

True is location aware browsing enabled. Default is true. You want to disable this. See http://www.mozilla.com/en-US/firefox/geolocation/ for details of geolocation in Firefox.

 

Securing Firefox – General Privacy Settings

General Firefox Privacy Settings

The basic privacy settings in general settings, are found in the options bar in Firefox 9.0 (Firefox > Options > Options) or for iOS, Preferences.

  1. Content: Enable block popup windows and disable Javascript when it isn’t needed.
  2. Privacy: Enable the DNT (Do-Not-Track). For History, use custom settings. “Always use private browsing mode” should be enabled. “Remember my browsing history”, “Remember download history” and “Remember search and form history” should be turned off. “Accept cookies from sites”, but un-check “Accept third party cookies” as they aren’t needed often. Location bar: select “Suggest nothing”.
  3. Security: Enable “Warn me when sites try to install add-ons”, “Block reported attack sites” and “Block reported web forgeries”. Under Passwords, disable “Remember passwords for sites” and use a master password.
  4. Advanced – General – System Defaults: Disable “Submit crash reports and performance data”.
  5. Advanced – Network – Offline Storage: Check “Override automatic cache management and limit cache to 0MB space”. Further—you can un-check “Tell me when a website asks to store data for offline storage use”.
  6. Advanced – Encryption: Ensure both “Use SSL 3.0 and Use TLS 1.0″ are enabled. Then click validation > check “When an OCSP server connection fails, treat the certificate as invalid”.

 

 

Security & Privacy Add-ons for Firefox

Firefox is the online researcher’s best friend. No other browser gives so much control to the user as Firefox. It is more customizable than either Google Chrome or Internet Explorer.

Like any browser, you must be aware of what data you are releasing when you visit a Web site. The following add-ons help eliminate two serious security threats that occur when doing Investigative Internet Research (IIR).

BetterPrivacy—This add-on is pretty basic, but a must have. BetterPrivacy deletes flash cookies (LSOs/SuperCookies).

KeyScrambler—Check out Alex Long’s post from Null Byte for information about what KeyScrambler is and how it works.

I have already written about:

  • NoScript— NoScript allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, and guards the “trust boundaries” against cross-site scripting attacks (XSS). Such a preemptive approach prevents exploitation of security vulnerabilities (known and even unknown!). This is a must-have for IIR.
  • HTTPS Everywhere—This is a must-have add-on provided by the Electronic Frontier Foundation. HTTPS Everywhere enables a secure connection on pages that have SSLCertificates.  For example, when you use Google search most people use the unencrypted version. This add-on will force Google to deploy its SSL certificate. The DuckDuckGo (DDG) search engine also uses a version of this.

 

 

Power-Searcher Add-ons for FireFox

WorldIP

This displays the IP address of the page you are visiting and the IP data that you are revealing about yourself. The IP data seems more up-to-date than a whois search.

Ghostery

Ghostery  lets you see who’s tracking your web browsing when you visit a webpage. It looks for third party page elements (3pes) on the web pages you visit. These can be things like social network plugins, advertisements, invisible pixels used for tracking and analytics, etc. Ghostery notifies you that these things are present, and which companies operate them. You can learn more about these companies, and if you wish, choose to block the 3pes they operate.

LongURLPlease

This replaces short urls with the originals, so you can see where links will send you.

 

Stealth Search for Google-free Wednesday

Stealth Search Engine

When I first looked at this search engine on 29 Oct 11, its ‘about’ and ‘privacy policy’ pages looked suspiciously like what was on another search engine’s ‘about’ pages. Worst of all, it didn’t find any results when I searched for my name.  That was in the first days of November 2011, today this thing is working much better and the about pages have been rewritten, but still confusing in places. However, I am not sure I would trust the results or the privacy features yet.

Given the scale of the improvements I have seen in less than one month, this is a search engine I will keep tabs on. For example, in their @UseStealth Twitter feed they say, “we don’t pass info through http refferer”, if this is true, then this will become one of my search tools.  The news search returned good results from an interesting assortment of sources during my tests today. The video search only seems to search Google and YouTube and the image searches return poor results compared to other, larger search engines.

 

Google Verbatim

Google announced the demise of the ‘+’ operator a few weeks ago.  The new Verbatim tool supposedly replaces the ‘+’ search operator to get exact terms users search for.

To switch on the verbatim search tool,  go to “2. More search tools” in the column on the left side of the screen.

Verbatim is not the same as the unary operator ‘+’.  In a unary operation, in a mathematical system, one element is used to yield a single result. Verbatim forces all terms to be searched “verbatim” not just one term. Verbatim searches also switch-off some of the standard corrections. Sometimes this hinders your search. According to SearchEngineLand, Verbatim searches without the following:

  • making automatic spelling corrections
  • personalizing your search by using information such as sites you’ve visited before
  • including synonyms of your search terms (matching “car” when you search [automotive])
  • finding results that match similar terms to those in your query (finding results related to “floral delivery” when you search [flower shops])
  • searching for words with the same stem like “running” when you’ve typed [run]
  • making some of your terms optional, like “circa” in [the scarecrow circa 1963]

If you want to conduct a search where one word is misspelled, but the other is correct, and you also want synonyms, stemming, etc., then you can’t use verbatim unless you put the required word in double quotes.  This will make searching for misspelled names (the “27 Mohammeds problem”) along with other search terms more difficult.

Verbatim may help limit the impact of “personalisation” that makes some searches difficult in Google, but the loss of functionality isn’t worth the gain in my opinion.

If as Google insists, it dropped the + operator because it wasn’t used, then I shall begin worrying about search operators such as intitle, allintitle, ~, *, – and other advanced search features that make Google my first choice.

 

Disabling Geolocation

In a recent article about the DuckDuckGo search engine, I wrote about search leakage.  Many programs leak your location. Internet Explorer does not have a geolocation feature yet, but Firefox and its associated email program do.  Here is how to disable this annoying feature that may reveal that you are investigating a person or  company by your visits to their websites.  It doesn’t take a genius to figure-out that if he defrauded somebody in Toronto that web site visits from someone in Toronto might mean he is being investigated.

To test your browser, first go to this site, then make the changes below and revisit it to see the difference.

Firefox

• Type ‘about:config’ in the address bar without the ‘ ’
• Discard the warning by hitting ‘yes
•Scroll down until you reach ‘geo.enabled’ or you can simply search for ‘geo.enabled
• Doubleclick the item and it will change from its default value ‘True’ to ‘False
• Scroll down until you reach ‘geo.wifi.uri’or you can simply search for ‘geo.wifi.uri
• Rightclick the Value of ‘geo.wifi.uri’ and click ‘Modify
• Type in ‘localhost’ and hit ‘OK’

Thunderbird

• Goto ‘Tools
• Goto ‘Options
• Goto ‘Advanced
• Hit ‘Config Editor’ on the General tab
• Discard the warning by hitting ‘yes
• Scroll down until you reach ‘geo.enabled’ or you can simply search for ‘geo.enabled
• Doubleclick the item and it will change from its default value ‘true’ to ‘false

Search Engine Results

Doing a test search in Bing and Google revealed that turning off the geolocation feature changes the results rather dramatically.  All the search results in my test search went from Canada-centric before turning off the geolocation to U.S.-centric after it was turned off.