rc3.org

Strong opinions, weakly held

Your vulnerable search history

How valuable is your search history? How would you feel if somebody else could see everything you’ve searched for in the past few months? One Google user was surprised when their search history wound up in someone else’s account. In this case, the problem was user error:

A couple of months ago, l was pitching our product to a VC in a coffee house in Palo Alto. He wanted to compare LeapTag to Google Personalized Search, so he logged in to his Google account from my laptop. We had a nice discussion.

A week ago, I received an email from him asking me if the following searches were ones I made recently, and he included a list of searches.

My jaw dropped! Those were all searches I made a mere half an hour earlier – two months after our meeting.

I realized that he had never logged out of my laptop, and that all the searches, personal and professional, that I had done for the last two months using my laptop were now part of his search history. He had access to all of it – as if it were his. Now who owns what?

My search history is of little value to me. On the other hand, I expect my search history to be private. Time to go fiddle with my browser settings and my Google account settings to reflect those priorities.

You should read Nelson Minar on this topic as well. He explains how to turn off your search history (with Google).

7 Comments

  1. Doesn’t seem to have rolled out in England yet. But it is if course horrendous in its privacy implications.

    The other thing I hate is getting a dropdown list of other people’s searches as I type into the Firefox search box. Really frustrating.

  2. That is totally easy to turn off. Right click on the Firefox search box Turn off “Show Suggestions”

  3. This isn’t an issue specific to Google, if you log yourself into any web based service on someone else’s computer, and don’t log yourself out afterwards, you’re asking for trouble.

    Pull the same dumb stunt with your Amazon account, and you’ve given someone access to see what items you’ve looked at recently. Try it with your webmail account!

    This is just another convenience/risk tradeoff with software as a service. Many services (including most webmail services I’ve used) are careful to require you to re-enter your password before showing more sensitive data.

    But there is plenty of data that users would not consider important enough to have to jump that hoop every time, but that they would be uncomfortable giving away access to. Consider most customizable “home pages” like My Yahoo and Google’s home page. Most users don’t want to enter a password to their home page every time they start their browser, but what kinds of things do they put on there?

  4. I love Google’s search history even if the implications are iffy. At least I can see what info they have on me. I’d rather it be a client-side thing but I doubt that such things exist.

    As pointed out already the bigger lesson is to have other folks log into a guest account to use your computer. Web services are too sticky to share browsers, especially on your PC where you’re less diligent about it.

  5. Thanks for posting this. It chafes my scrote to have the default be “on”; for that reason if for no other, I’m gonna delete my history and pause it.

  6. You can also install the CustomizeGoogle firefox extension, and turn on ‘anonymize google cookie’ if you don’t want google tieing your searches to your gmail id. I have my doubts about whether it actually works, they could just attach your searches to your IP address. If you want to become an anonymous freak about your privacy, you can install the above extension and the TorButton extension.

Leave a Reply

Your email address will not be published.

*

© 2016 rc3.org

Theme by Anders NorenUp ↑