Sections

 What's at stake
 Blocking your info


Quick links

 Contents
 Questions

What Websites Can Learn About You
 

What's at Stake

When you visit a web site, the owner of the site can install a little tag on your computer, called a "cookie," that allows him to identify you when you return. This isn't such a bad thing as it stands; all the web site owner knows about you is whether or not you've visited before. But cookies can also be abused by web owners. Without going into detail, it is possible for web site owners to use cookies to see what other web sites you've visited, and even information you've entered into those sites. Whenever you type anything into a web site, whether it be a question into a search engine or an address for a purchase, that information may be stored in a cookie and, in turn, seen by any other web site you visit. Secure information is never stored in cookies, like credit card numbers for example. But any non-secure information can, and very well may be.

Other than cookies, web site owners have one other tool to learn about you. Whenever you're on the Internet, your computer gets its own address. The Internet works a lot like the real world: if you want to send real mail to someone, you use his mailing address that tells you where in the country he lives; on the Internet it's very similar. Your Internet address says a little about where you are, because it says from where you're coming. If you're an AOL user, your Internet address ends in (aol.com). If you're a Harvard student, it ends in (harvard.edu). If you're a MediaOne customer, it might end in (cinci.oh.mediaone.net), which shows that you're in Cincinnati, Ohio. But Internet addresses aren't really used by web site owners, because they don't usually convey much information. If your Internet address is (ah17642.aol.com), that tells the web site owner absolutely nothing about you except that you're one of 10 million AOL users. And on top of that, most people's Internet addresses change each time they connect to the Internet. So the address can't even be used to identify you the next time you visit; your address probably changed. You can learn more about how addresses are used and why they are necessary in the How an Anonymous Hub Works article.

So in total, you have to worry about cookies and Internet addresses. Internet addresses don't pose much of a problem really. Cookies, on the other hand, contain information about what web sites you've visited and anything you've typed into those web sites. To be safe, you should assume that every web site in the world knows about all the other sites you've surfed, and everything you've typed in. And if you're not happy with that, you'll have to turn cookies off. This is described in the next section.

Blocking your Information

When you send a request to a web site, it may respond with a request for a cookie. The cookie will be placed in your next request. If you wish to prevent web sites (and intermediaries, like your ISP) from seeing your personal information, you need to block the transmission of cookies.

This may sound simple--some browsers let you turn cookies off entirely, or block certain sites--but in actuality it's much more complicated. If you turn cookies off entirely, some sites will cease to work. They need some information about you to perform properly--online e-mail sites are a good example. You can't turn off all cookies without running into problems. On the other hand, you can't block certain sites easily either. Most privacy violations are generated by sites you may not even know you visit. The images on CNN.com, for example, may come from a totally different web site that's tracking you. This is done often with ads, to watch you on multiple web sites. If you block CNN.com, you aren't blocking the advertisers who put the images on CNN.com, so your personal information is being sent out anyway, even if you only visit CNN.com.

To help stop this, GhostSurf gives you a list of all the sites that request information from your computer (for more information, see GhostBlock). You can block all the sites you don't trust, and selectively unblock sites you trust. GhostSurf will then filter all your outgoing web traffic to make sure it does not contain any personal information. These features are available in the GhostBlock window.