Streams

Tech Reporter Julia Angwin on "What They Know"

Thursday, August 19, 2010

Julia Angwin, Pulitzer Prize-winning technology journalist for the Wall Street Journal, discusses her latest series for the newspaper, "What They Know:" an exploration of the information that companies, websites, and even police agencies can collect on you based on your Internet searches.

Guests:

Julia Angwin
News, weather, Radiolab, Brian Lehrer and more.
Get the best of WNYC in your inbox, every morning.

Comments [37]

S Block from NYC

tor does not generally help with identity theft, and tor generally makes the ID theft problem worse.

"https" is the primary defense against ID theft (although that is a somewhat obsolete idea, because hackers spying on the network is less of a problem than hackers spying on your machine, and https does not protect your machine.)

tor "breaks" https, so tor eliminates the encryption that you 1/2way rely on. tor also attracts attention, "hey here's a guy using tor, he has secrets" and many tor relays are also spying machines. they can't necessarily tell where you come from, but they read/record what you send.

For ID theft protection you need to not have any trojans running on your machine, and this means anti-virus software should be up to date. It also means that you should be running Firefox and the Noscript add-on. If you are not savvy enough to figure noscript out or if you find it annoying to run, you cannot be protected against identity theft. If you want to be more secure, you should log into your bank only on a fresh restart of Firefox. You should also stay away from shady sites, which means don't surf for porn, don't download software, etc.

Netbooks are cheap enough, do all your banking from a netbook that you use for nothing else, and follow the rules in the previous paragraph. Use separate email accounts for your banking and only log into them with different passwords than you use on your porn machine. It sounds extreme but it's actually pretty simple, and costs under $300 for good security. If you want to get stronger, hide behind a separate "firewall" router switchbox thinking, an additional $40.

Aug. 20 2010 03:54 PM
PETE from nyc

S block: I am not offended and I admit maybe douche was a little harsh, I will retract it, my apologies... I mostly thought I was being funny

Sometimes on this site, though, you ask a basic question and you get a torrential downpour of condescending group think that is really pouring especially when the conversation is about religion or charter schools.

I am actually aware of the basic concept of Tor. I was more curious if it is a good defense for protecting one's financial and personal info (like address and ss #, and accounts). I am more concerned with id theft not google rifling thru my email. I scantly use email and could care less if amazon matches me to my perfect toaster...

Aug. 19 2010 10:17 PM

So the price of the virtual life is spying by Big Brother - what did you expect? Get off the phones, computers, etc. all day and have a real life!

Aug. 19 2010 04:56 PM
S Block from NYC

sorry, PETEY, don't be a bitter mama's boy, you, the one doing all the wah wah wah. Poking fun at a somebody really smart and knowledgeable by saying "wow, you you think you're so smart" doesn't have quite the sting that you imagine it does.

I seriously didn't mean to offend you: I always use hemorrhoids as a universal example of what a person might wish to keep private, it wasn't directed at you regardless of how close to home it seems to have struck.

You knew little about TOR before, now you know a lot and in a way you won't forget. I'm such douche that I leave you feeling fresh! Mine was a good answer, right on point, explained the simple question and common source of confusion, augmenting my earlier posting showing expertise on an entirely different complex topic. Any other topics I can clear up for you? I know a lot about a lot. Let me show off some more, because I refuse to let your disappointment keep the rest of these good people from getting their answers.

The EFF has a page up that demonstrates how the privacy problem goes well beyond cookies
https://panopticlick.eff.org/
Layer on top of *that* what happens if you actually log into a site, i.e. identify yourself; it will all get tied together. Using tor would just add on "he uses tor".

Oh, that "what's the origin of the term cookies" that she was vague about. A lot of parameters get passed in software that make sense to programmers, like you need to pass the URL, the type of browser, and then if you want relate this server request to some previous request, you need the context. How is the context represented? "It's encoded into a magic cookie", which is just a big number or a big specific sequence. You had to be there, maybe, because all those other parameters are just encodings as well.

Aug. 19 2010 04:52 PM

Are we really surprised? The hidden costs of "free"! Great stuff, thanks!

Aug. 19 2010 04:49 PM
jerry pollio from Houston

Well, are we really surprised? I placed a link of this article on our business blog, www.cmtmarketingblog.net it's that important!
Thank you for sharing this information.

Aug. 19 2010 04:39 PM
PETE from nyc

S Block it was a simple question, you don't need to be a douche about it.

Now look into the mirror and say 100 times "I am so smart, I am so smart.." while your mother brushes your hair you big baby.

Aug. 19 2010 01:50 PM
ericf

it's becoming increasingly apparent and a bit unnerving that advertizers are using data from one site to target ads on another. you're browsing on one site and the banner ad is displaying product shots from a totally different site you visited a week ago.

Aug. 19 2010 12:53 PM
Greg w/ 20 yrs I.T.

Dear Julia Angwin
Awesome reporting.

Your right - Very few of us know of the trackers that impact their lives. I didn't know of flash cookies or beacons.

Can beacons which -- are a live pgm running while your on a web page, and theoretically can see where moving mouse, read contents of page and capture keystrokes -- capable of capturing keystrokes as you enter passwords in financial web sites?

Aug. 19 2010 12:47 PM
DangerWillRobinson

I see a couple of comments referring to the third party cookies Adobe Flash allows to be installed on your computer.

This to me is one of the more insidious uses of tracking technology- you have no idea who is using the data collected from the cookie, or why on earth they really want the data. AND few people know anything about this data collection technique or how to stop it.

I was surprised to find the number of sites that had stored cookies on my computer without my knowledge- even after clearing cookies and cache from my browser.

Steve Jobs had it correct when he stated Adobe Flash had many security holes.

Follow this link to discover exactly what Adobe allows to be stored on your computer without your knowledge.

http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html#118092

Select Global Privacy Settings from the above left side.. and step through the various tabs to discover what exactly is on your computer.

It's also troubling that Adobe does not allow the Flash control panel to be stored directly on your computer. Why Adobe, do you force users who want to know what data you're collecting about them go to your website to retrieve data... that's stored on their local hard drive?

Aug. 19 2010 12:46 PM
ericf

actually i've found that user agreements are more like two pages long and mostly boiler plate. after you've read a few carefully you learn to recognize the boiler plate and zero in the significant differences. it's a skill that takes time to develop and if you're so put off by reading agreements that you never start you'll never develop it. (it may also help to be dyslexic.)

i suspect the cited study was based the time it takes to read an agreement for the first time multiplied by some number of agreements assuming that it would take equally long each time. my experience is that it tends to get faster over time.

of couse it also helps to be judicious about which and how many accounts to open.

IMHO the bigger problem is that we are often confronted with these agreements at worst possible time. that is, when we need something in a hurry. whether reading the agreement takes two minutes or twenty, it can still feel like much too long.

Aug. 19 2010 12:46 PM
Greg w/ 20 yrs I.T.

Dear Julia Angwin
Awesome reporting.

Your right - Very few of us know of the trackers that impact their lives. I didn't know of flash cookies or beacons.

Can beacons which -- are a live pgm running while your on a web page, and theoretically can see where moving mouse, read contents of page and capture keystrokes -- capable of capturing keystrokes as you enter passwords in financial web sites?

Aug. 19 2010 12:46 PM
gregb

Also, as Julia mentioned many ads are actually miniature flash videos, and these videos can also track your behavior. A bit harder to disable, but Adobe has instructions here http://kb2.adobe.com/cps/546/4c68e546.html

Aug. 19 2010 12:43 PM
gregb

Also, as Julia mentioned many ads are actually miniature flash videos, and these videos can also track your behavior. A bit harder to disable, but Adobe has instructions here http://kb2.adobe.com/cps/546/4c68e546.html

Aug. 19 2010 12:41 PM
ma from nj

I am a a plus sized woman and I frequently get ads that show a woman with a large belly that is sticking out of her clothes. I am quite offended by it and would love to be able to contact the maker of the ad and inform them of how offensive it is.

Aug. 19 2010 12:37 PM
gregb

Jeff-

If you don't use explorer it won't collect information about you. Just install firefox and use it as your standard browser. One reason I KEEP explorer on my computer is the unfortunate lack of standards followed by web designers- some web sites (my health care plan, for example) only works properly on Explorer.

Aug. 19 2010 12:36 PM
downtown

CCleaner is a great tool for the removal of unwanted garbage left on the computer.

Aug. 19 2010 12:34 PM
S Block from NYC

TOR does almost nothing for "web surfing privacy". Repeat that over and over.

TOR hides where you are coming from only, it doesn't hide "what you are saying", and if "what you are saying" in the computery sense is "please pass these cookies to a webserver", the advertiser will know that you are the guy with the cookies who listens to wnyc, participates in every discussion of hemorrhoids, browses various anti-itch pages. They simply will not be able to tell that you are sitting in the NYC Chinese consulate.

That's what TOR does, it sends your web connections on a grand tour of other computers before sending them out to the internet.

After TOR has disguised thoroughly where you are sitting, when you log into Netflix looking for your preferred form of porn (see above) you will be completely outed.

TOR btw is also very slow, so I'd suggest using it only when you actually need to hide where you are sitting. It's great for updating Al Qaeda websites, where you want to get your message out, just don't want Predator drones incoming.

Aug. 19 2010 12:34 PM
ss from ny

whats her website???????????????????????????/

Aug. 19 2010 12:32 PM
downtown

Have FLASH cookies been mentioned?
Firefox has some great add-ons that allow easy removal.
Look on under your document settings for the file: Application Data\Macromedia\Flash Player
and you may be surprised.

Aug. 19 2010 12:32 PM
Opal from NYC

I borrow DVDs from the NYPL and I sometimes check my library acct., often to renew. Shortly afterward I get a pop-up from Net-Flix trying to enlist me for their services.
Also somebody invited me to join Facebook and found photos of 3 people in my address. Talk about invasion of privacy.

Aug. 19 2010 12:31 PM
Frank Grimaldi from East Village

What are the sites or companies that will allow you to see some of the info they have obtained?

Aug. 19 2010 12:29 PM
Jonathan from Manhattan

This isn’t all big brother evil and I just can’t get worked up or too concerned over this. This is what we want from media, largely it’s a good thing.

Personally, I wish television had tracking cookies so that when the commercials did come on, they would at least be somewhat more relevant to me, than to have to sit through ads for things I will never, ever buy.

Aug. 19 2010 12:28 PM
Jeff from nyc

Gregb how do you get Explorer off your computer totally?

Aug. 19 2010 12:24 PM
jean from new jersey

Occasionally I delete the cookies from my computer but there are about 8 or so that cannot be deleted despite that about 1000 others can be delieted

Aug. 19 2010 12:23 PM
Morticia from ko

No, for a tenth of a penny they tell someone you like blondes

Aug. 19 2010 12:23 PM
Lopi from ny

Leonard, if you want private info from the govt you have to file a FOIA, here, these co's just get it with no clearances?

Aug. 19 2010 12:22 PM
Gregb

If you want to view the myriad of trackers AND block them, use Firefox as your browser and install the Ghostery add-in. Nabs them all, and you can selectively deactivate each tracker if desired.

Aug. 19 2010 12:20 PM
S Block from NYC

Here is regulation we need, very simple: companies that have information about you should have to share what they know about you with you every so often. For example, it's cheap to send you an email, it's not a burdensome requirement, so they should email the totality of what they know.

How this will help is, once people understand what information is being collected, we can decide what's OK and what's not OK.

And BTW, for all you "pro free market" peeps (and also you anti corporate types, but you are idiots) , remember that "symetric information" is a fundamental assumption of free market microeconomics: the buyer and seller need to share the same information in order to come to fair market price, without condition being met you get market failure, like the lemon market for used cars, or adverse selection for health insurance.

So, mark this a pro-free-market suggestion :P

Aug. 19 2010 12:18 PM
jolie from nyc

Guaranteed this chick won't mention pornography. This is NPR.

Aug. 19 2010 12:14 PM
S. Jobs

Bob from HELP!!!!!!!!!!!!!!!!!!!! How do I clear my Windows Media Player ??????? Aug. 19 2010 12:10 PM]]

...throw the computer out the window and buy a Mac.

Aug. 19 2010 12:14 PM
JJ from we're doomed

This is the creepiest thing ever. "here's a basic idea of our file on you" ?????!!!!!

Aug. 19 2010 12:13 PM
Wiki

Wikipedia logs and tracks your IP address in order to know who has modified a page.

Aug. 19 2010 12:12 PM
Jaime Viñas from NYc

Install a program in your computer called Little Snitch.

You'll be surprised how much is going on in the background without your knowledge while you innocently surf the web.

Aug. 19 2010 12:12 PM
PETE from nyc

I know your guest is not an IT expert per se, but would she suggest using a program like TOR which hides your IP address to remain anonymous. A lot of non profits to prevent tampering from hostile parties like foreign gov'ts.

Aug. 19 2010 12:10 PM
Bob from HELP!!!!!!!!!!!!!!!!!!!!

Can you toss your cookies? Does Google really know everything now?
How do I clear my Windows Media Player ????????

Aug. 19 2010 12:10 PM
JT from NY

One big problem is that user agreements people have to agree to before creating an account are usually 30 pages long, use legal speak and mention privacy in section 22, subsection 4.b. They're basically designed to discourage reading.

We should require privacy to be the first item listed and to be in plain language. Something like "We DO/DO NOT share your personal info." So even if you ignore most of the agreement you at least know the privacy policy.

Aug. 19 2010 10:08 AM

Leave a Comment

Register for your own account so you can vote on comments, save your favorites, and more. Learn more.
Please stay on topic, be civil, and be brief.
Email addresses are never displayed, but they are required to confirm your comments. Names are displayed with all comments. We reserve the right to edit any comments posted on this site. Please read the Comment Guidelines before posting. By leaving a comment, you agree to New York Public Radio's Privacy Policy and Terms Of Use.