Recent Improvements to TrackMeNot

For those concerned about the ease at which Web search providers can monitor, capture and profile your search activity, you’ll be pleased to know that some important enhancements have been added to the popular TrackMeNot Firefox extension.

As you might recall, TrackMeNot was developed by Daniel Howe and Helen Nissenbaum to protect against search data profiling by issuing fake queries to popular search-engines: “It hides users’ actual search trails in a cloud of ‘ghost’ queries, significantly increasing the difficulty of aggregating such data into accurate or identifying user profiles.” I like to refer to it as “polluting your data cloud.”

TrackMeNot is now in version 0.5.7, and some of the improvements and new options in the 0.5.x development series include:

  • Realtime Search-Tracking (since 0.5.x)
    TMN now recognizes when a ‘real’ search is being performed by a user and can act on this information in a variety of ways (see below).
  • Dynamic URLs/Header Matching (since 0.5.x)
    TMN now keeps track of where (for each search engine) you’ve last searched and uses that URL to send its queries (i.e., if you start using the Google toolbar rather than the webpage, TMN will update itself to do the same). Similarly, TMN now stores the header information your browser is sending out (browser type, version, OS, etc.) and mimics these in its own queries.
  • New Timing Mechansim (since 0.5.x)
    TMN now monitors the number of queries it has sent for each session and dynamically adjusts its randomizaation to attempt to match the user’s specified frequency. Note: queries sent during ‘bursts’ (when burst-mode is enabled) are not counted in this running average…
  • Burst-Mode (since 0.5.x)
    Rather than sending queries only at randomized intervals, TMN (in burst-mode) recognizes when the user performs a search, then sends a ‘burst’ of queries over the next few moments to simulate actual user behavior.
  • Cookie-Anonymization (since 0.5.x)
    For user searches, TMN ‘hides’ the search-engine’s cookies to further obfuscate search logs. For TMN-generated searches, however, this ‘real’ cookie is used, so that only ‘fake’ queries are associated with a user’s profile. TMN then blocks all incoming cookies for its own searches. For non-searches (i.e., general browsing and/or mail services, etc.), the cookie is sent as usual. To see this behavior, one can use the google or AOL search-history feature. With ‘cookie-anonymization’ disabled, both TMN and user searches will appear in these histories; when this feature is disabled, only TMN searches will appear.

You can download and install TrackMeNot here.

1 comment

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s