Protecting your privacy from Google with Squid and FoxyProxy

There is no doubt about it; this has definitely been Google’s Privacy Week.

Relevant news:

Privacy International’s open letter to Google
Danny Sullivan defending Google
Matt Cutts defending his employer
Google’s official response (PDF letter)
Google Video flaw exposes user credentials

It’s only human nature to defend ourselves (and those close to us) when we are under public scrutiny. I am not surprised to see Matt or Danny stand behind Google on this matter. I do think it is far more wise and beneficial to look into criticism and determine for ourselves what we can do to remedy it. I am glad to see that Google took this approach on their official response:

After considering the Working Party’s concerns, we are announcing a new policy: to anonymize our search server logs after 18 months, rather than the previously-established period of 18 to 24 months. We believe that we can still address our legitimate interests in security, innovation and anti-fraud efforts with this shorter period … We are considering the Working Party’s concerns regarding cookie expiration periods, and we are exploring ways to redesign cookies and to reduce their expiration without artificially forcing users to re-enter basic preferences such as language preference. We plan to make an announcement about privacy improvements for our cookies in the coming months.

You can take any side you want. But, I feel that none of the people covering this topic has addressed two critical issues: 1) How do you opt-out of data collection by Google or other search engines at will? 2) And, do you want to wait 18 months for your data to be anonymized?

My answer is no. You can anonymize your data with Squid, configured as an anonymous proxy, and using the FoxyProxy Firefox extension. This solution assumes that you have access to a Linux box, where you can install Squid (if it’s not already installed), and you can make the relevant changes to the proxy’s configuration. If you don’t have such access, there is a Windows port or you might search for a good anonymous proxy service. I don’t use any and can’t point you to anyone in particular.

What is an anonymous proxy?

A proxy is basically a server software that intercepts all your traffic before it reaches its destination. Proxies usually do something with your traffic. They can filter it, modify it, block it, cache it, etc. Depending on the Internet Protocol they serve (HTTP, SMTP, etc.) and the protocol used to access them (SOCKS5, HTTP, etc.), there are different types of proxies,. Your web browser comes with all you need to access proxy servers.

If you use a proxy server, the IP address of your proxy is the one that is going to show up on the referrer’s logs of sites you visit. That is unless their scripts read the HTTP server variable: HTTP_X_FORWARDED_FOR. This variable contains the list of proxies you used to get to the current server. Typical proxies pass this information along.

An anonymous proxy server is a proxy server that does not pass HTTP_X_FORWARDED_FOR, and removes all identifiable information from the user, — including requests. JavaScript makes it really difficult to be completely anonymous, so it is often a good idea to turn it off is you don’t need it. Squid is an open source proxy server. You can find the installation instructions here. To make it an anonymous proxy, add the following lines to your squid.conf file, and restart the server:

forwarded_for off
anonymize_headers allow Allow Authorization Cache-Control
anonymize_headers allow Content-Encoding Content-Length
anonymize_headers allow Content-Type Date Expires Host
anonymize_headers allow If-Modified-Since Last-Modified
anonymize_headers allow Location Pragma Accept Charset
anonymize_headers allow Accept-Encoding Accept-Language
anonymize_headers allow Content-Language Mime-Version
anonymize_headers allow Retry-After Title Connection
anonymize_headers allow Proxy-Connection

fake_user_agent Mosaic/0.1 (CP/M; 8-bit)

Now that you have done the hardest part and you have an anonymous proxy server, you need to setup your client to take advantage of this. Since, I use Firefox as my browser, I will use this to illustrate my point.

Why use a FoxyProxy extension, if I can simply setup my own anonymous proxy?

You might only want to enable the proxy while you are using Google and other search engines, and not when you are browsing elsewhere. FoxyProxy is very handy for this. Do the following to use it:

  1. Install FoxyProxy
  2. Add your anonymous proxy via the Add New Proxy button. (Squid port is usually 3128)
  3. On the patterns tab for your proxy, define one wildcard pattern for each search engine. ie.: *.google.com

Now you can surf the web with absolutely certainty that Google, and other search engines will not be able to link your searches to you. For maximum protection, do not login to any Google service while the proxy is on. You might also want to install a few more anonymizing proxies and add them to your FoxyProxy configuration.

Advertisements

1 Response to “Protecting your privacy from Google with Squid and FoxyProxy”



  1. 1 Proxy Templates » Blog Archive » Proxy Servers June 12, 2007 8:20 pm Trackback on June 17, 2007 at 2:35 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s





%d bloggers like this: