Thursday, August 24, 2006

Why TrackMeNot is a waste of time

In the wake of vast privacy breaches from AOL, and the possibility of others from Google, Yahoo and other search engines, some well-meaning coders created a Firefox extension called TrackMeNot.

TrackMeNot sounds like a good idea: while you browse the Internet, it runs in the background sending fake search requests to the major search engines, hiding your actual searches in a sea of fake ones. From the TrackMeNot website:

It hides users' actual search trails in a cloud of 'ghost' queries, significantly increasing the difficulty of aggregating such data into accurate or identifying user profiles.

Bruce Scheier explains why it is a waste of time. So does BoingBoing.

As it stands now, TMN is pointless. Any serious dataminer can easily separate the fake queries from the real ones. But even if the technical flaws in it were solved, it doesn't "hide" your searches at all -- it just gives the bad guys/authorities more reason to investigate you, which makes it not just pointless but counter-productive. The only way this tool could be genuinely useful would be if enough people used it that dataminers decided that all search data was suspect -- and that would require a large percentage, maybe even a majority, of Internet users to use it. And that isn't going to happen without an unholy army of virus-born 'bots, millions upon millions of computer trojans and viruses, firing off fake search requests from innocent third parties' computers. But that would be Wrong.

No comments: