A common explanation I get from people with poor digital hygiene is that they do not see how it is affecting them. Making the imperceptible perceptible is a great concept for more innovations.
I have sent the kids in my house logs for their devices from the DNS blocker I have running on our network, but it was too much for them to digest. Perhaps I should work on a visualization tool of all the data that shows impacts of their data leakage and puts it in a video format they can consume. It sounds like a lot of work to build.
I'm an adult who understands tracking tech and in particular Google's level of tracking quite well (I used to work on AdWords), and I'm one of these people -- tracking doesn't seem to negatively impact my quality of life at all but it keeps the many free services I value greatly running.
Visual or audio representations of the amount of data they're collecting are hardly an argument for why it's bad, as the logic goes "see, they're collecting a lot of data about your browsing... ...and that's bad" but it doesn't fill in the logical leap in the middle. You are going to be a lot more persuasive if you can fill that in instead of making fancy graphs.
Most adults' eyes glaze over when looking at access logs, so I couldn't imagine kids being interested. (Maybe your kids are grown, but the visual from first read didn't come across that way).
Charts and graphs are the only way people not interested in data can even remotely become interested. If it's good enough for FPOTUS, then it should be a compelling enough reason to complete your idea.
What I have noticed from reading comments on the subject of online privacy on HN and for the past 15 years is that many commenters believe that a prerequisite for change is that computer users must care. Not only that but they must also take action.
The commenters are all people who either (a) care for their own online privacy and/or (b) are actively engaged in profitting from others' disregard for online privacy. There is no one commenting who does not care, obviously.
Certainly, if the people who do not care joined the people who do care, and they each took unilaterla action to protect their privacy, and this was actually effective, then that is one possible path to change. Admittedly, it seems rather far-fetched.
Another path to change is regulation.
For example, when I consider the history of telecommunications, I recall federal regulation to protect customer privacy before the internet despite that there were few people actually had reason to care about the issue let alone took action on it. Many of us have living relatives who can recall the "party lines" they once used. Customers accepted the high probability of eavesdropping.
But eventually judicial decisions and later federal legislation in 1968 gave telecom customers certain privacy protections. It did not matter whether all customers cared about privacy or not. Nor did it require all of them to take action.
The thing is, even good digital hygiene is not enough.
Via CCPA requests, I have learned that every data broker I've queried has a very extensive dossier on my life.
In one instance, a data point could only have one source. A print shop in San Diego that printed up some business cards with a gag job title in 2000-- that gag job title showed up at LexisNexis.
Maybe you could make a game out of it. The one with the least amount of request each (or whatever metric works) gets rewarded in some way and give them a dashboard to check progress.
Not sure what negative side effects that could cause though, but i see some positives like using less social media, or learning how to cheat the system in clever ways.
any body remember the spinning cube of doom?
it was a visualization for your packet sniffer. you could use it to characterize attacks. perhaps we need something like that but for outbound data.
Maybe you could log the same things that trackers do and creep them out by it somehow. Kids especially have a harder time truly comprehending things that don’t come with some emotional weight.
Not to make excuses for Google, but is this an entirely accurate portrayal?
Like, I've been working on a web project that doesn't contain any analytics, but which stores and retrieves JSON data in Google Firebase. I imagine if I opened my website with this tool, I would hear lots of noise.
But, I just can't imagine how Google could do anything useful (to them) with my random JSON blobs.
> But I can't imagine Google would know how to do anything useful (to them) with my random JSON blobs.
They're not interested in the blobs, but in the people accessing them. Their whole suite of "free" developer tools (google analytics, google fonts, firebase, ...) are just a means to get information about what people do online.
Even without any app opened, my manjaro installation seems to ping detectportal.firefox.com which is hosted in google ip address which trigger the noise. With firefox open, the noise got worse. I think firefox sync servers might be located on GCP. But then I tried pinging my GCP server and it didn't trigger the noise.
I consider myself very privacy conscious, bordering on the paranoid. I use FOSS as much as possible, avoid FAANG, and remove surveillance from my life wherever I can.
This tool shocked me. It exposes in a visceral way just how prevalent Google is, and does a better job getting that idea across than every video, article, post or comment I've consumed on the topic.
As a counter point (and you're not wrong, this is just my take)...
I consider myself privacy and security and convenience conscious, not at all paranoid yet as I don't expect I have aroused the interest of a State power (touch wood). I use what most people use and prefer less friction over philosophically and/or ethically pure services. This tool made me shrug. Sure, yea, that's not an unexpected frequency, I guess. I haven't personally seen any disaster come from data shared to be sold or used for advertising. Mostly all I get advertized are things I've already bought (rolls eyes) or things I've said out loud (scowls). The hit rate for something I've been "told" to buy is like 0.001% The last hit was Dan Ariely's IRRATIONAL Game. Pretty cool, no? https://irrationalgame.com/
I replaced the "teller" program part also with shell script, so that one would give you the clicking without the need to compile:
sudo tcpdump -n -l dst host 8.8.8.8 $(for a in $(curl -s https://raw.githubusercontent.com/berthubert/googerteller/main/goog-prefixes.txt); do echo or dst net $a; done) | while read; do paplay /usr/share/sounds/freedesktop/stereo/dialog-information.oga; done
Quite enlightening to have that running while browsing...
I prefer it how it is, very simple and effective, also I can actually gauge how much brave vs chrome etc. Obviously browser in my case will be heavier on google calls. But interesting to remember I have google drive floating around which I havent used in years.
This would make a great plugin, and could be expanded to other companies: Your computer makes a noise when it tells Google what you're doing. It makes another noise when it tells Facebook what you're doing.
I got it running now and it's incredible how much of my interaction is being immediately reported. Having taken some steps before to block analytics, it's still going off like Geiger counter in the Zone.
I always find it amazing when speaker is utilized to 'visualize' occasional events.
This is absolutely epic and terrifying. Just moving my mouse makes it play the noise. It's not too dissimilar to a Geiger counter, it's most radioactive when you do a google search!
sudo tcpdump -i en0 -n -l dst host 8.8.8.8 $(for a in $(curl -s https://raw.githubusercontent.com/berthubert/googerteller/main/goog-prefixes.txt); do echo or dst net $a; done) | while read; do tput bel; done
other option is to clone the repo but pipe the output to the terminal bell instead - probably not as good as the OPs solution but has a similar effect :)
sudo tcpdump -n -l dst net 192.0.2.1/32 $(for a in $(cat goog-prefixes.txt); do echo or dst net $a; done) | xargs -I {} bash -c "tput bel"
EDIT: it's definitely not as good as the OPs solution as the bells sometimes get skipped when there are lots of packets.
as if I wasn't already paranoid enough... this makes me more so... I was afraid it was going to read me what google learns, but hearing the pops makes me realize just how much I'm producing for Google every second.
[+] [-] kornhole|3 years ago|reply
I have sent the kids in my house logs for their devices from the DNS blocker I have running on our network, but it was too much for them to digest. Perhaps I should work on a visualization tool of all the data that shows impacts of their data leakage and puts it in a video format they can consume. It sounds like a lot of work to build.
[+] [-] kylevedder|3 years ago|reply
I'm an adult who understands tracking tech and in particular Google's level of tracking quite well (I used to work on AdWords), and I'm one of these people -- tracking doesn't seem to negatively impact my quality of life at all but it keeps the many free services I value greatly running.
Visual or audio representations of the amount of data they're collecting are hardly an argument for why it's bad, as the logic goes "see, they're collecting a lot of data about your browsing... ...and that's bad" but it doesn't fill in the logical leap in the middle. You are going to be a lot more persuasive if you can fill that in instead of making fancy graphs.
[+] [-] dylan604|3 years ago|reply
Charts and graphs are the only way people not interested in data can even remotely become interested. If it's good enough for FPOTUS, then it should be a compelling enough reason to complete your idea.
[+] [-] 1vuio0pswjnm7|3 years ago|reply
The commenters are all people who either (a) care for their own online privacy and/or (b) are actively engaged in profitting from others' disregard for online privacy. There is no one commenting who does not care, obviously.
Certainly, if the people who do not care joined the people who do care, and they each took unilaterla action to protect their privacy, and this was actually effective, then that is one possible path to change. Admittedly, it seems rather far-fetched.
Another path to change is regulation.
For example, when I consider the history of telecommunications, I recall federal regulation to protect customer privacy before the internet despite that there were few people actually had reason to care about the issue let alone took action on it. Many of us have living relatives who can recall the "party lines" they once used. Customers accepted the high probability of eavesdropping.
But eventually judicial decisions and later federal legislation in 1968 gave telecom customers certain privacy protections. It did not matter whether all customers cared about privacy or not. Nor did it require all of them to take action.
https://www.newyorker.com/culture/culture-desk/the-bootlegge...
It took forty years to get from Olmstead to Berger. That is longer then the public www has existed.
[+] [-] sillystuff|3 years ago|reply
The thing is, even good digital hygiene is not enough.
Via CCPA requests, I have learned that every data broker I've queried has a very extensive dossier on my life.
In one instance, a data point could only have one source. A print shop in San Diego that printed up some business cards with a gag job title in 2000-- that gag job title showed up at LexisNexis.
[+] [-] nom|3 years ago|reply
Not sure what negative side effects that could cause though, but i see some positives like using less social media, or learning how to cheat the system in clever ways.
[+] [-] somat|3 years ago|reply
found it.
https://www.nersc.gov/news-publications/nersc-news/nersc-cen...
https://www.youtube.com/watch?v=2pgE6WiNvkA&t=107s
[+] [-] surfpel|3 years ago|reply
[+] [-] discardedrefuse|3 years ago|reply
[+] [-] ctchocula|3 years ago|reply
[+] [-] Wowfunhappy|3 years ago|reply
Like, I've been working on a web project that doesn't contain any analytics, but which stores and retrieves JSON data in Google Firebase. I imagine if I opened my website with this tool, I would hear lots of noise.
But, I just can't imagine how Google could do anything useful (to them) with my random JSON blobs.
[+] [-] akie|3 years ago|reply
They're not interested in the blobs, but in the people accessing them. Their whole suite of "free" developer tools (google analytics, google fonts, firebase, ...) are just a means to get information about what people do online.
[+] [-] neurostimulant|3 years ago|reply
[+] [-] handity|3 years ago|reply
This tool shocked me. It exposes in a visceral way just how prevalent Google is, and does a better job getting that idea across than every video, article, post or comment I've consumed on the topic.
[+] [-] kleer001|3 years ago|reply
I consider myself privacy and security and convenience conscious, not at all paranoid yet as I don't expect I have aroused the interest of a State power (touch wood). I use what most people use and prefer less friction over philosophically and/or ethically pure services. This tool made me shrug. Sure, yea, that's not an unexpected frequency, I guess. I haven't personally seen any disaster come from data shared to be sold or used for advertising. Mostly all I get advertized are things I've already bought (rolls eyes) or things I've said out loud (scowls). The hit rate for something I've been "told" to buy is like 0.001% The last hit was Dan Ariely's IRRATIONAL Game. Pretty cool, no? https://irrationalgame.com/
[+] [-] nousermane|3 years ago|reply
[+] [-] jnsaff2|3 years ago|reply
[+] [-] MarcScott|3 years ago|reply
[+] [-] sippeangelo|3 years ago|reply
[+] [-] su2|3 years ago|reply
I replaced the "teller" program part also with shell script, so that one would give you the clicking without the need to compile:
Quite enlightening to have that running while browsing...[+] [-] bertman|3 years ago|reply
[+] [-] huhtenberg|3 years ago|reply
[+] [-] bilekas|3 years ago|reply
I prefer it how it is, very simple and effective, also I can actually gauge how much brave vs chrome etc. Obviously browser in my case will be heavier on google calls. But interesting to remember I have google drive floating around which I havent used in years.
[+] [-] pessimizer|3 years ago|reply
[+] [-] tclancy|3 years ago|reply
[+] [-] throwaway2016a|3 years ago|reply
[+] [-] brookritz|3 years ago|reply
[+] [-] jmiskovic|3 years ago|reply
I always find it amazing when speaker is utilized to 'visualize' occasional events.
[+] [-] soheil|3 years ago|reply
[+] [-] jonas-w|3 years ago|reply
I tried going on google and then bam geiger counter mode activated. But i seem to have blocked enough to not have it go off every second.
[+] [-] p1mrx|3 years ago|reply
[+] [-] soheil|3 years ago|reply
[+] [-] kleer001|3 years ago|reply
[+] [-] Kim_Bruning|3 years ago|reply
[+] [-] cs02rm0|3 years ago|reply
[+] [-] weystrom|3 years ago|reply
[+] [-] viraptor|3 years ago|reply
[+] [-] djhworld|3 years ago|reply
[+] [-] paulwilsondev|3 years ago|reply
[+] [-] felipelalli|3 years ago|reply
[+] [-] thimkerbell|3 years ago|reply
[+] [-] tehsauce|3 years ago|reply
[+] [-] abledon|3 years ago|reply
[+] [-] ColinWright|3 years ago|reply