Deploying surveillance countermeasures on the web?

The open web depends on my ability to have a permanent address. However, my privacy depends on my ability to hide who I am. At least sometimes.

Margaret Lord: “Oh, dear. Is there no such thing as privacy any more?”
Tracy Lord: “Only in bed, mother, and not always there.”
The Philadelphia Story, 1940

Over the summer I wrote a post lamenting IPv4 address scarcity and how it contributed to a deformed and centralized web, one that is substantially less open than the one we started with. Most of us don’t have permanent registered host addresses so we live our web lives on other people’s property, perpetual renters. We have been thus excluded from the House of Lords – there is no peerage for the landless.

To support the open web I want, I want IPv6 to be adopted quickly, for NAT to die, and for me to get a whole bunch of IP addresses of my very own. In fact, I might even want IP address portability when I switch providers. I might love those addresses so much I never want to lose them. I don’t know, I just thought of it and haven’t considered it carefully, but I might.

Except actually I don’t want think I want that at all. Through the lens of the open, decentralized, democratized web I want all of that. But through the lens of privacy, anonymity and a different framing of freedom I want the complete opposite. I have enough trouble with cookies. If I had a fixed IP address the work of the trackers would be made just that much simpler.

Remember a year or so ago when Facebook had that big privacy kerfuffle over the logout that wasn’t a logout? They said they resolved that, and also promised that they didn’t track people that weren’t users of the service. But I’m not a user (I cancelled my account over three years ago) and yet my computer remains host to a perpetual Facebook cookie infestation.


Recently I was poking around in my browser privacy settings and deleted Facebook’s two cookies. It is a constant source of annoyance to me that their Hadoopy gumshoes, in the form of Like buttons all over the web, are waiting at the end of my driveway to follow me wherever I go anytime I leave the house. Like buttons are the Agent Smiths of the web. I hadn’t even browsed a new page when like magic they reappeared.

Surfing around a bit I figured that my mean page views between cookie delete and cookie set for Facebook was about one page plus a skosh. I mean, it’s immediate. I can’t go anywhere that won’t drop a Facebook cookie on me. The web is Facebook’s panopticon (Although surveillance on the web isn’t an exclusively held activity of Facebook. Google and ComScore and many others are equally adept). And deleting those cookies, especially when they are reset so fast, is pointless. The combination of IP address, browser type, and settings, etc. makes associating an old cookie with a new cookie utterly trivial.

So, I took a look at Safari’s browser settings. Nope, no “block this domain” option. It’s either block everything (blunt instrument useless) or block nothing (plain old useless). I know these options exist in Firefox but I mostly use Safari so I tried creating hosts file entries that will keep anything of mine ever routing to any or domain. I hoped that would prevent them from setting a cookie. It didn’t work and I haven’t bothered to figure out why. My browser won’t route to Facebook anymore but the cookies still appear. Must be a secret cookie setting domain somewhere…

Does IPv6 address abundance offer a way out? What if my future IPv6-based ISP were to do a reverse NAT? One that took my desirable-for-open-web perpetual fixed address and exposed it via a huge randomized pool of visible addresses? That sounds kind of cool. Except I don’t think that will work either. Knowing the pool of addresses you are originating from carries exactly the same amount of information as today’s NAT model.

Just as an aside, why does Facebook bother going through the absurd ritual of asking users to agree to their privacy policy if they are going to track the rest of us just as aggressively? I’m looking at you too Google. I know you index the emails I send to gmail users even though I’ve never agreed to your privacy policy either.

Ok, getting back to the topic. If remaining anonymous online is so damned hard, and all I’m really trying to do is keep Facebook from tracking me, why not just create a personalized disinformation campaign? If Agent Smith is going to sit at the end of my driveway waiting for me, can I send thousands of of digital doppelgängers on faked errands to confuse him? I’ll be like a president with digital body doubles. Maybe I can fill my digital Cherbourg with canvas tanks so that it’s too costly for Facebook to see the truth through the noise. (Three analogies in paragraph. A bit much?).

How much noise would I have to make before my signal becomes useless, buried in costly-to-strip-away noise? Could I script a bunch of browsers to just wander the web all day long generating random cookie hits for Facebook to waste Hadoop cycles on? I can’t make it impossible to decode my behavior, but can I make it too expensive to be worth figuring it out? Or assuming that we can programmatically access our own cookies, could we alter them by swapping them periodically with other similarly annoyed “users” to get something less random and seemingly more real?

I like the sound of a cookie exchange. It sounds like holiday cookies. And the result would be lots of plausible surfing linked to a particular cookie, but no longer meaningful as it wouldn’t be related to a particular user. Never mind though, I can already think of a bunch of reasons it won’t work, but I might give that randomized doppelgänger surf bot a try.

I guess I’m destined to remain fundamentally schizophrenic on this topic. I want a decentralized web where I can freely host my own stuff, on my own gear, so that what I have to say isn’t constrained by someone’s ToS. Also, I want to own my own data so that I can take the piss back out of the pool if I want to. Naturally this requires that I have permanent, known, and addressable place on the web where people can find me. But I’d love to somehow have all that with none of the downside of an identity that is trivially trackable by IP address.

tags: ,