A Consuming Experience

Thoughts on my experiences as a consumer of products, services, people (well maybe not that last one...), from reviews to raves, rants and random thoughts - concentrating on technology, gadgets, software, product usability, consumer issues, customer service. Including some introductory guides and tips on various subjects (like blogging!) which stumped me until I figured them out. And the occasional ever so slightly naughty observation.

Deutsch | Español | Français | Italiano | Português | 日本語 | 한국어 | 汉语

Add this blog to Del.icio.us, Digg or Furl | Create Watchlist for this blog

Add this blog to my Technorati Favorites!

Privacy, anonymity and your name on the Net

Sunday, July 01, 2007
Deutsch | Español | Français | Italiano | Português | 日本語 | 한국어 | 汉语
Add this post to Del.icio.us, Digg or Furl | Create Watchlist

Concern about the risk that people can find out more about you than you'd like them to know, just by doing a simple search on your name via search engines like Google, is clearly become increasingly topical.

I've explained at length before why I blog anonymously, or rather pseudonymously (as I do go to geek events etc, I just hide or ask to be mosaiced out when they take photos), and why I don't ever blog about my day job (I've also linked before to some resources for anonymity and privacy in blogging, for anyone interested).

I'm not going to rehearse again all the news about people being turned down for jobs after potential employers discovered unsavory or at least potentially negative info about them on the Net, and the like.

I'm just writing this post for two reasons.

First, to reassure T, who contacted me to ask me to delete forever a comment they made on a post of mine. They tried to delete it but, because they'd given their full real name when posting it, their name was still visible in the comments section even though they had managed to delete the text in the comment body. They said to me, when asking me as blog administrator to delete their comment forever, that "Not that these comments are bad or anything, but I'm trying to minimize the number of instances my name comes up when [your name is searched via Google - I don't want to get done for using that word as a verb even when quoting someone else!] (especially now in the day and age where employers will [search for your name on Google])." T, I deleted your comment virtually the day you contacted me. I just hadn't got around to responding to you, until now.

Obviously, the fact that someone is worried enough to go around deleting comments they've made, and contact blog owners to delete them for good, even when the comments were perfectly innocuous, is at least anectodal evidence that people generally are becoming more conscious of the issues. (And yes, I've finally got round to joining Facebook which I think has hit critical mass recently as I've suddenly been getting invites under all my identities, but yes I'm still using this pseudonym.)

Second, I wanted to draw attention to an excellent article in the Financial Times (subscriber-only access, sadly) by one of my favourite journalists of all time, Lucy Kellaway, on precisely this subject.

She makes the interesting points that "Soon the teenagers who are blogging in their millions about their drunken exploits will join the job market and companies refusing to take them will find it hard to find any recruits at all... Eventually companies will calm down because they will have no choice. In a decade most new hires will have something embarrassing about them on the web, but so too will the new generation of HR managers...

A more unexpected effect of mass [searching for names on Google (oooh, slap on the wrist from Google, Lucy!)] is that it could make executives’ private lives more private. Any chief executive who has a gay lover or irregular sex life is currently treated to a wave of mock shock when such details come out. When we can see photos of almost everyone misbehaving in the past we’ll stop the pretend outrage over the present..."

I wish! Call me a pessimist...

UPDATE (should have included this earlier): A book deal I guess is another possible positive side effect of blogging, though one which I suspect won't apply to the vast majority of us. I'm sure by now most people will have heard about Catherine Sanderson, a British woman, separated with a small daughter, who blogged about her life and loves as an expatriate in Paris working as a secretary for a British firm. She blogged pseudonymously as La Petite Anglaise, finding a huge readership as a kind of "Bridget Jones in Paris". She never named her employers, accountancy firm Dixon Wilson, or even it seems their line of work, but she did post two pics of herself on her blog.

Her employers sacked her in mid 2006 for "gross misconduct", claiming she brought them into disrepute, as the photos of her could have been identified and thus led to them being identified - they alleged (quoting from the Telegraph) "that she had wasted time by blogging from work, that a passage about meeting a lover in a hotel implied that she might have lied about her whereabouts on two half days, and that she had risked sullying the company's reputation by writing about her work." Well, good for her (and bloggers everywhere), she took the brave step of suing them for wrongful dismissal - and not only did she win a year's salary from them in March 2007 (here's another, slightly different, report from the Telegraph), but she also landed herself a 6-figure 2-book deal with Penguin. I think I'd be quite happy to blog under my real identity if anyone were to offer me the same, but somehow I doubt my blog is racy enough! (though I can do racy...). Hmmm, maybe I should be blogging about rather different subjects...

(I believe the above quoted extracts from the Financial Times and Telegraph articles were short enough to be fair dealing and that therefore there should be no copyright issues, but if anyone involved has a problem with that please let me know and I'll delete them.)

Labels: ,

| View blog reactions | Links to this post | Post a comment or view 5 comment(s) | Subscribe to Post Comments [Atom] | Subscribe to all comments on all posts

Editing JPEG photos, thumbnails and your privacy - edited out bits may still be visible

Friday, June 08, 2007
Deutsch | Español | Français | Italiano | Português | 日本語 | 한국어 | 汉语
Add this post to Del.icio.us, Digg or Furl | Create Watchlist

Many know this, but some don't, so I thought it worth a reminder. If you crop a JPEG image, typically a photo taken with a digital camera, in order to cut out part of the photo (e.g. people who don't want their photo on a website), or you obscure or edit it to try to hide someone's identity, be warned that there's a gotcha. Sometimes the original photograph can still be recovered from the JPG, in its full unedited unexpurgated glory.

Now I don't really know the ins and outs of how it works and I haven't researched it fully, but it seems that JPGs often contain what's known as EXIF metadata, including a small thumbnail copy of the original image. If you edit a JPEG file using photo editing or graphics software, sometimes the original thumbnail is still preserved and saved along with the edited final image - and can be extracted from it.

This "bug" became well known in 2003 when Cat Schwartz posted JPEGs on her blog of just her face, after cropping out bits from the original photo. Unfortunately in the original full photos she was, well, mostly unclad, and someone managed to recover the thumbnails of the naked versions from the published edited photos (there are pics of the original versions around on the Net but I'm not going to link to them, yep I can be a spoilsport sometimes).

You can check out some real life examples of extracted thumbnails which reveal the person's face or body, even after they were mosaiced out or tweaked - which can even reveal e.g. two entire people who had been cropped out. For a fuller low down and other example pics showing originals and extracted thumbnails side by side, see Hutta on embedded thumbnails (I was tempted to ask, is that like in Hutta the Jab? But I won't...).

So the tip is, from a privacy and security point of view, if you want to protect your identity (or someone else's) by editing a JPG photo, you need to be very careful that a thumbnail of the original photo isn't still embedded in it, before you upload, publish or email the edited pic. I gather (but haven't tested it) that you can use EXIF editing software to get rid of the thumbnail, and that Adobe Photoshop's Save for Web function also strips out EXIF data automatically.

Again I've not tested this myself but I'm told by a reliable source that Blogger, in Old Blogger at least, removes EXIF data when you upload a picture file. Picasa Web, to which New Blogger images are now uploaded, probably preserves EXIF data on uploading, but I don't know if that would include the original thumbnail. Anyone know, or care to do more research on this?? JPGs may be better than PNGs or GIFs if you use Blogger, in terms of speed of loading for your users, but obviously you need to be careful about the "hidden thumbnail" possibility if it's important that only the edited image can be seen by visitors.

(This post was triggered by Robert Castelo's recent uploading of photos of the May 2007 Drupal event to Flickr, including ones with anonymous me in them (why I blog anonymously). I'd said it was OK to include the pics of me as long as he blurred out my face, and in fact he mosaiced out all of me, but it then occurred to me to wonder about the edited versions. No dodgy embedded thumbnails there, though, before anyone tries to look - thanks Robert! My secret identity is still safe, phew. And you can forget about trying to see more of the anonymous model in the Lara Croft "lookalike" pic, so there!)

Labels: ,

| View blog reactions | Links to this post | Post a comment or view 0 comment(s) | Subscribe to Post Comments [Atom] | Subscribe to all comments on all posts

Spyjax: websites can see your visited sites; browser history, and how to protect your privacy

Wednesday, June 06, 2007
Deutsch | Español | Français | Italiano | Português | 日本語 | 한국어 | 汉语
Add this post to Del.icio.us, Digg or Furl | Create Watchlist

A site can tell which other webpages or websites (from a pre-defined list) you've visited, just by including some script on the webpage you're viewing to look at the colour of links to them - using Spyjax.

Check out what the widget below displays:

Yep, that's a list of which ones of the top 10,000 sites on the Web you've been to (including Kirk's blog and Zo's blog, if you've been there before you came here - it's not in the top 10k, not yet, but you can add your own custom URLs to check so I added his as I know he won't mind - and you can even check the top 12 Google results for any search too, in this case whether you've done a search on Google for "Gmail alias" and visited any of the top 8 results). But no, I'm not going to insert the code in my sidebar or my blog generally, as I don't want to spy on my visitors like that! I've just added the script to this one post, so you can see it in action.

It's clever. When you've visited a site, as you know the link to the site will change colour in your web browser. The Spyjax script checks for visited links by injecting a list of links and then looking at their color - I quote: "All a website has to do to see what pages you’ve been to is place a list of links on the page [you're currently viewing] and examine the color of those links. Ajax can be used to retrieve a list of links to test and also send the results back to the server without the user ever knowing." (More on the a:visited pseudo-class in CSS.)

But strictly it doesn't spy on your full browser history - it just checks whether you've visited certain specified URLs, though given the power of scripting it can check against a list of thousands of URLs in just seconds.

The full code is on the Spyjax site.

Anyone can spy on their visitors by signing up for a free Spyjax account and putting the code in their blog (and then they can view reports, manually add URLs of their own choice to check, even add the top 8 results for any Google search with optionally 4 ads - which seems to be static, it's the top 8 results at the time you add a search to check, it doesn't seem to do a fresh search at the time of the visit). Plus, as you saw above there's code to display a widget to show the list of sites visited by a particular visitor too. Or else a site can just take the code and adapt it for their own use.

From a privacy / security viewpoint, this trick isn't good news; for marketers and nosy parkers, obviously it is. The Spyjax script by default only shows which domains you've visited rather than the exact pages, and only shows aggregated anonymous info - but it would be possible for a site to test for specific pages, and sites where you have to log in could well couple your "visited links" history with your login details to see whether you've been to certain specific URLs.

So how do you protect the privacy of your visited links?

The Spyjax site says the only sure way is to turn off Javascript, which of course stops you from benefiting from helpful uses of Javascript / Ajax on sites. I'd rather not do that.

So how else can you defend yourself against visited links spying? Stepping back a bit, there seem to be 3 basic ways to protect the privacy of your visited links:
  • don't save your visited links history
  • delete your visited links history, or
  • don't let websites check your visited links history.
However there's a gotcha to note: your history of visited links is not the same as your history of visited pages. So, depending on the browser, turning off storage of visited pages does not necessarily stop it storing (and revealing to Spyjax) your history of visited links. And deleting your history of visited pages from time to time will not necessarily delete your history of visited links either. As well as letting you delete your history wholesale, browsers let you view your history and then delete selected individual pages or sites from your history - however, again this may or may not delete your visited links history for those pages or sites.

Another gotcha: be warned before you try to set your browser to store 0 sites in your history that (1) it may not hide your visited links, as mentioned above, plus (2) it may delete your entire history in the process.

Different browsers deal differently with the saving or deletion of your history. Here's a table showing what I found after some initial testing of Internet Explorer, Opera and Firefox (I don't have a Mac so couldn't test Safari); if anyone has had different experiences I'd be grateful to hear about it:

BrowserSet "remember history" to 0After setting "remember history" to 0Deleting visited pages historyDelete just links history?
Internet Explorer 7Clears historyVisited links not savedDeletes visited links historyNo
Firefox 2Does NOT clear history until restart
Visited links not savedDeletes visited links historyNo
Opera 9Clears historyVisited links STILL savedDoes NOT delete visited links historyYes but best to restart
SafariSpyjax doesn't work??

Here's some more info, browser by browser.
This browser offers the best (finest) level of user control - but, you have to exercise it. In Opera 9.21, I found that deleting a site from the history panel manually doesn't delete it from the visited links history. Spyjax could still check that it had been visited.

Telling Opera to remember 0 history i.e. changing remembered addresses from say 500 to 0, clears your existing history - but only stops it from saving the visited pages history, not the visited links history.

The only surefire way with Opera is to delete the visited links history specifically, but fortunately it lets you do just that (though I found that sometimes even that didn't work, I had to delete visited links history, then close and restart Opera). It's the only popular browser that enables such selectivity:

Internet Explorer
You can delete your history in Internet Explorer (in IE 7 Tools, Internet Options, under Browsing History select Delete):

And also you can limit the number of days IE should keep your visited pages in history (in IE 7 Tools, Internet Options, under Browsing History select Settings, see the History section).

Killing or not saving history of visited pages deals with visited links history too. But you can't selectively delete just visited links history, unlike with Opera.
I don't have a Mac, but reportedly Spyjax doesn't work in Safari, which is good news for Mac users' privacy. Can anyone confirm further?
Telling Fox to remember 0 days of visited pages doesn't automatically kill your existing history until a restart of Firefox (so you may have to manually delete that, or individual items from that, if you want to).

But disabling saving of history (Tools, Options) does seem to stop it from saving the history of visited links. And deleting the history, or individual items from the history, also seems to delete the visited links history for those pages too. So that's good.

Even better, with Firefox you can get the free Stanford SafeHistory extension (how to install Firefox extensions - was on Greasemonkey, but applies generally). This "protects your privacy by silently defending against visited-link-based tracking techniques. It allows offsite visited links to be marked only if the browser's history database contains a record of the link being followed from the current site." or, as per the description on the Mozilla site (though the software is more uptodate on the SafeHistory site):
Restricts the marking of visited links on the basis of the originating document, defending against web privacy attacks that remote sites can use to determine your browser history at other sites. A link on a.com pointing at b.com will only be marked visited if you previously visited the b.com page with a referrer in the domain of a.com. On-site links work normally. Checks cookie settings (allow, originating site only, deny) to determine your desired privacy level (segmented by origin, don't mark links visited in offsite frames, or never mark links visited).

Once you install it, you can access SafeHistory from the Privacy pane of your Tools, Options - although it's just one extra box to tick:

You can't selectively delete or not save just visted links history, but with SafeHistory you shouldn't need to.


Different browsers offer different levels of control as to the saving and deletion of your browsing history. As I mentioned earlier, to defend yourself in this context there seem to be 3 possible ways:
  • don't save your visited links history
  • delete your visited links history, or
  • don't let websites check your visited links history.
Choosing not to save your visited links history, just your visited links history, isn't currently possible with the most popular browsers (I'm not including Safari as I don't know much about it, sorry). You have to disable saving the history of visited pages too. That's pretty drastic. I use my history of visited pages all the time, and I don't want to lose access to it.

Of course you could turn off history saving altogether, and try to find your previously visited pages when you need to via something like Google Desktop Search (free with the Google Pack of Google-recommended software - ). Desktop search software automatically indexes webpages you visit and saves a searchable index on your computer separately from your browser history. But I've not found GDS to be reliable or consistent in capturing sites I visit via my main browser, Firefox.

Furthermore, in Opera 9 turning off remembering the history of visited pages won't help at all, because Opera still remembers your visited links history (that's just how Opera is) - so Spyjax can still spy on you.

Is deleting visited links history an option? In IE and Firefox you can't do that without deleting your entire history, or at least your "visited pages" history for the particular page or site. Plus, you have to remember to do the deletion periodically, and even with automatic calendar reminders or the like it's a bit of a pain. Opera does let you delete only your visited links history while preserving your history of visited pages, but that sometimes needs a restart of Opera to work for sure, and again you have to remember to clear out the visited links from time to time; and it's all too easy to forget or stop bothering.

What about not letting websites check your visited links history via Spyjax or similar? You could turn off Javascript in your browser altogether. But again that's pretty drastic.

My personal preferred solution is to use Firefox and the free extension SafeHistory to block other sites from checking your visited links. So, yet again, my favourite browser wins out. (If you don't already have Firefox - ).

(Via sl0wdjin's Clipmark)

Labels: , , ,

| View blog reactions | Links to this post | Post a comment or view 2 comment(s) | Subscribe to Post Comments [Atom] | Subscribe to all comments on all posts

Googlepages.com files aren't private!

Thursday, April 19, 2007
Deutsch | Español | Français | Italiano | Português | 日本語 | 한국어 | 汉语
Add this post to Del.icio.us, Digg or Furl | Create Watchlist

Did you know that generally anyone can see all webpages, photos and other files on googlepages.com sites, even files not linked to from any webpages? All they need to know is your base URL i.e. yoursitename.googlepages.com, and they can sneak a look under your kilt.

Anyone with a Gmail account can have free webspace on Googlepages.com via Google Page Creator (which is itself at pages.google.com though it's also accessible via www.googlepages.com). I wouldn't be surprised if lots of people use it to store files (like pics) which they mean to keep private to themselves, or to those to whom they've chosen to reveal the direct URL of the picture or whatever it is they've uploaded. Well, those files are in fact open for anyone to access, if they know how.

How come people can view all files on Pages Creator sites? Because for every single GPC site, Google automatically creates and updates a basic sitemap, an XML file which lists all the files on that site (yes, even files you've uploaded separately yourself and not created or edited using Google's Page Creator webpage editor). Anyone can view that sitemap just by going to a standard URL: yoursitename.googlepages.com/sitemap.xml.

How can people know your sitename? Because by default, when you get a GPC account, it uses your Gmail username or login for your Googlepages site name. You can create other sitenames but I bet most people will generally use the original one, especially as it wasn't possible to get alternative site names when GPC was first launched; you had to use your Gmail user name, which wasn't necessarily good for privacy, but if you wanted Google webspace then you were stuck with it. So if someone knows your Gmail user name, they can view any files you have on GPC using your Gmail ID as your site name.

How to view any Googlepages.com files

Now, that sitemap.xml is pretty ugly and user-unfriendly to view in a web browser. Which is not surprising, as Web browsers are not generally set up to optimise viewing of XML files.

Fortunately, or maybe not so fortunately for some, Gilles Rasigade has produced GPExplorer (or Google Pages Explorer), a clever Google Gadget which clearly displays the files on any Googlepages.com site by making use of its sitemap.xml file. It's aimed at people wanting to manage their own Google Pages, but can of course be used to look at all the files on any site whose main Googlepages URL you know.

For instance, in Firefox just enter any Googlepages URL in full (including the .googlepages.com) the form box below, which makes use of GPExplorer, and hit Take a peek! to see the site's files (in a new window or tab), e.g. improbulus.googlepages.com:

(Note I said Firefox, because this doesn't work in Internet Explorer, not even IE7, no surprise (). Works fine in Opera 9.20. Sorry, no idea about Safari. You'd have thought that with IE7 Microsoft would finally have caught on that it's not necessarily a good thing to insist on doing things differently from every other browser in the universe, but nope. And it still doesn't support stuff one would hope it would by now, like :before, but - again, nope.)

As you can see, GPExplorer brings up a list of the files on the site, on the left; all you then have to do is click on a filename in the list to view the contents of the file on the right (if it's a webpage or image):

And of course you can rightclick a link on the left to open it in a new tab, etc.

If you want, it can show you the files from more than one GPC site, which you can then switch between easily. Just enter the URLs of the different sites but separate them with a | (no spaces) - e.g. improbulus.googlepages.com|phydeauxredux.googlepages.com:

Bottom line - how to protect your privacy?

If you're worried about the privacy or security of certain web pages, images or other files, don't store them on Googlepages.com, or you could be exposing your privates to anyone who wants to take a peek. Best to upload them somewhere else (even a Gmail account using GSpace aka Gmail Space, for instance).

Different, unguessable sitename?

If you have to keep your private files on GPC, don't use your Gmail email user name, maybe get yourself another sitename and use that. But even though you could make up a long obscure name and not give the URL to anyone, don't forget that nothing is ever truly 100% secure and if anyone is really determined they could e.g. get robots to try different combos of random characters fast. Unlikely that they'd do that and hit on your particular site, but you never know.

Hide your site?

It would be good if Google offered an option to turn off the automatic sitemap creation for those who want it (or allowed you to upload your own sitemap overriding theirs), perhaps. At the moment, I don't think that's possible.

Now you can hide your site (e.g. to reduce publicising your Gmail address) via site settings:

Hiding your GPC site is meant to hide it from web search engines and stop them crawling and indexing your site. But it also blocks access to your site's automatic sitemap.xml file. Some people may want to use this option.

However, one problem is that, as far as I can see, hiding your site also blocks, within seconds, all general Web browser access to all your site files, yes even those you want to remain public, even those whose direct URLs are known. If I try to go to the direct URL of a file I've uploaded to GPC after I've hidden the site, then I just get a "File not found" 404 error. Even when I'm logged in to Page Creator.

You can still login to Page Creator and access and edit your site from there etc - but it seems to me that if you've hidden the site, the only use then for Google Pages is just to upload and download files (i.e. as a sort of file host), and if you want to share certain files with a limited circle so that they can download the files too, they can't unless you give them your GPC login and password, which isn't generally a good idea especially as it'll give them access to your Gmail account email and your Google Account too.

So hiding your site is a bit of a blunt instrument. There's also a problem with Internet Explorer (at least IE7), in that if you tick Hide this site and then leave that page, when you go back to Site Settings you may find that it hasn't "taken" and the box has unticked itself, so you may have to do it several times and keep checking to see that it's worked. No surprise, again.

(Discovered by the inimitable Kirk, but of course.)

Labels: , ,

| View blog reactions | Links to this post | Post a comment or view 2 comment(s) | Subscribe to Post Comments [Atom] | Subscribe to all comments on all posts

UK Caller ID number codes

Saturday, April 07, 2007
Deutsch | Español | Français | Italiano | Português | 日本語 | 한국어 | 汉语
Add this post to Del.icio.us, Digg or Furl | Create Watchlist

I'm always forgetting the number codes to dial on my phone in relation to CLI or CLID (caller line identity or caller line identification) e.g. to stop withholding my phone number.

I'm very protective of my privacy so I've got my phone company to withhold my phone number automatically for all calls I make from my fixed line home phone, and one of the first things I do on getting a new mobile phone is to set it up similarly to block the sending of my cellphone number.

But sometimes I have to call friends who don't answer or automatically reject calls from anyone who's withheld their number, so I need to un-withhold my number just for those calls.

So just for ease of reference:
  • 141 - dial before a telephone number to withhold your number (if it's not automatically withheld by arrangement with your phone network or through mobile phone setup) from the person receiving the call
  • 1470 - dial before a phone number to send your number to the person you're calling (if they have caller ID on their phone), even if your number is usually automatically withheld
  • 1471 - dial to check the number of the last person who called that phone (free in the UK for BT fixed lines). Alternative: *27# (undocumented but works for me - from the uk-telecom FAQ)
  • 14713 - dial to return the call of the last person who called your phone (for a fee). Alternative: *28#

Labels: , ,

| View blog reactions | Links to this post | Post a comment or view 0 comment(s) | Subscribe to Post Comments [Atom] | Subscribe to all comments on all posts