Congratulations! We are all under the hood

    A few words for the introduction ...


    For starters, I want to say hello to everyone. Hello, dear readers of Habrahabr! Hello from Belarus. This post has already been published earlier on my blog, but because of the dislike of PS Yandex and others to the ucoz govnosites, it was completely thrown out of the search, all 200 pages, but not about that now. I decided to publish it here, already in my favorite hub

    There is no longer silence, knowing that each of us is closely monitored. What’s there by observation, under total control, as in Soviet times, but then no one hid this.
    My next post will be devoted to control in our calm and peaceful time, where freedom and independence are the most important rights. The request not to stomp my feet, everything that is stated below by me will be confirmed and justified by real facts. “The truth and only the truth, and nothing but the truth!”
    It will now be, of course, about the collection of information and, somewhere, control based on information technology.

    We will not talk about video surveillance devices in public toilets and other crowded places. All these devices, with the exception of those designed for security, are equipped with signs like “for your safety, video surveillance is carried out” and the person knows that he is under control.
    I would like to tell you about hidden surveillance systems and how to control them.
    And pay the most attention to the world wide web. Yes, my dears, the Internet.

    According to recently released information of Akavita in the Republic of Belarus, 3.2 million people use the Internet, this is a third of the country's population. This includes everyone and even those who happen to be online once every six months or less.

    The number of Internet users in Russia is already more than 60 million people. Such data are reported on a blog by the monitoring company Pingdom, citing Internet World Stats.
    The penetration rate of the Internet around the world is 28.7 percent, and now I think more. Thus, every fourth inhabitant of the Earth has access to the Network. I think these figures will make you think about the importance of my post. Imagine every fourth inhabitant of the Earth. Here you can only envy mobile communications with connected half of the inhabitants of the Earth. Everyone uses it for their own purposes, the use of the Internet is so wide that I will have to list all its functions for a long time, but I won’t reach the end.

    This was of interest not only to me, but also to bodies which do not care what the people do and say on the World Wide Web. These bodies exist in every country, only their name changes. I think I did not surprise you with this information. Move on…

    Ways to track a user on the Internet.


    And so let's start modeling the situation. A man pours a cup of coffee or tea, sits down at the monitor of his beloved computer, or picks up his mobile phone, connects to the "minutes", visits the site he is interested in, and waits for a server response. Then everything happens outside of his field of vision.
    A curious chain is being built :
    Tracking, information gathering, espionage, etc. from the side of the browser - further from the side of the provider - and of course, not without the participation of the Internet provider, then everything goes in cycles but in the reverse order. It was about this chain that I wanted to tell you today. Be patient. We are going further.

    1. Spying on the browser side


    Well, on this occasion, you can write books, each browser has its own book. Most recently, I began to wonder about espionage from the browser, but for the first time I managed to collect a lot of interesting information for you.

    The following browsers will fall under my description today:

    - Google Chrome
    - Internet Explorer
    - Opera
    - Firefox


    all right , go ahead ...

    Google Chrome
    How many I have not heard about this creation of Google. He is called the king of espionage. Let's see if this is so.

    We can say with confidence that the transmitted information is divided into two types:

    Information associated with this installed product - its version, date of the last update, frequently used browser functions, etc.

    Personal information - the resources you visit, search queries, programs installed on your computer, version of DirectX, etc. the company itself does not deny this, continuing to assure that no analytical processing is done with this information, but uses it only to develop new functions for its browser. But is there too much information not related to their products?

    And it’s no secret that insurance companies, recruitment agencies and other potential advertisers have shown particular interest in this data for a long time. So far, the chances of getting this information from business representatives are practically nil, which cannot be said about the special services. After all, anti-terrorism laws in the United States already obligate companies whose activities are related to the provision of Internet services to provide data that arouses the interest of the government or special services. Google itself through the courts has so far successfully resisted attempts to declassify its database. However, how much is enough is unknown. And moreover, the very fact of the concentration of such large amounts of information in the hands of one company makes us at least wary.

    Test:
    When installing the browser, GoogleUpdate starts to transfer something to its homeland, and this is not surprising, the company must know where and by whom its brainchild is installed. Let's move on ...

    When using the browser with Russian-language sites, the following picture is seen:
    image

    Summary:
    I used the browser version 14.0.797.0, while the browser is working, the firewall shows the information sent to Western domains. Conclusions do you.

    Internet explorer
    Who does not know Internet Explorer, Internet Explorer knows everything, the brainchild of Microsoft no less famous than the browser. Browser 8 started ringing its own during its installation. In response to the question of why Internet Explorer collects data about users, Microsoft representatives answered that this was due to the need to obtain information about popular functions of the user. But why they do not understand the information about the hard drive, processor and RAM.

    And the well-known feature “recommended sites”, which provides the user with similar sites on the desired topic, is not implemented without transmitting information about lists of entered addresses directly to Microsoft.

    In addition, Internet Explorer 8 collects user information using the SmartScreen tool. This filter is designed to protect against phishing, but after it is activated, data about which sites you visit and how much time you spend on them begin to be transmitted to Microsoft. The corporation does not exclude that in this way information entered by the user when filling out web forms, including passwords, can also be transmitted. And although Microsoft vowed to assure that this data is transmitted exclusively in encrypted form and does not pose any threat of leakage of confidential information, experts still recommend disabling the SmartScreen filter, and use special programs to protect against phishing.

    Test:
    Outgoing traffic scheme when working with Internet Explorer. Particular attention would be paid to System Process. Everywhere USA. So here it is ...
    image

    Bottom line:
    Another spyware browser filled with useful features for the user. Now we see how we have to pay for it.

    Opera
    A popular browser among Runet users from the Norwegian company Opera software. Spying with a bang starts when using Turbo technology. Its essence lies in the following: All traffic between the site and the user is passed through Opera software again. Moreover, no data encryption occurs, which also raises serious doubts about the degree of confidentiality of this type of surfing. By default, this feature is turned off, and if you wish, you can turn it off at any time, which cannot be said about Internet Explorer.

    Test:
    I use the browser version 11.50 s, attention, with Turbo mode turned off. I would like to pay special attention to the Norwegian addresses of sitecheck2.opera.com, the activity of the information sent to which increases with each transition to a new address.
    image

    Bottom line:
    This time, say, I was more pleased to see that the information is no longer going west, but the fact that it does not stay with me overshadows the picture.

    Firefox
    It is in last place in this review, because, in comparison with the programs already mentioned, it shows the least spy curiosity. In general, this browser pleased me very much, during installation it did not send data to my homeland at all, and the only time I suspected it of this was the first time I started the program. Well, what can I say, and he is not without a sin. This is clearly seen from the two addresses.
    image

    Test:
    When working on a network with Firefox, I never noticed the data being sent to any unsolicited server. And it made me very happy. Bravo Mozila, Bravo Firefox.

    To summarizein all of the above, we can observe a different policy for the use of confidential user data, each has its own, but one thing is clear that there is no need for normal browser operation to request used sites each time you switch to a new address. You saw everything with your own eyes, analyze information and draw conclusions only for you.

    2. Collection of information on the side of the Internet provider


    This control is the highest quality and most complete, all Internet traffic passes through providers, not one kilobyte does not pass unnoticed. Based on the decrees of state bodies, providers control outgoing traffic and maintain a database of used resources.

    For example, in my country there is one main Internet provider, to which the rest, smaller ones, are connected, such is the law, there's nothing to be done, a monopoly.
    Here is an extract from Directive No. 60 of the head of state:

    6. Internet service providers are required to identify subscriber devices * when rendering Internet services, to record and store information about subscriber devices, as well as information about Internet services provided.

    * For the purposes of this Decree, a subscriber device is understood to mean a technical device of an Internet services user intended for connection to an telecommunication line in order to provide access to Internet services.


    Here's another: The
    storage of information specified in parts one and two of this paragraph is carried out for one year from the date of provision of Internet services.

    Want to know the principles and methods of regulation? I can open the veil, not such a mystery.

    An Internet passport or ID card has been established for each Internet user. It contains a database of visited resources by a specific user. The binding is carried out to a specific phone, and the phone is a connection point. If binding to a person is not possible, for example, in places of collective use of the Internet, then passport data is taken from the user. In institutions where the Internet is free, internal records of Internet visits are kept, he personally participated in the implementation of automated systems based on the journal “Accounting for Internet Use in the Workplace”. In general, everything has been done so that in the event of an offense in the network, it was possible to find the defendant, for this offense.

    In other countries, I think everything is structured according to this scheme, the only difference is in technology.

    “Not a single state will leave without its control any of the spheres of human life. Now there are various ways to monitor the processes that occur on the Internet and the people who are active there. And in the future, new methods of control will appear. ”

    3. Server-side information gathering


    Everything is simple here. Recording user information, collecting all kinds of statistics about him, ip, along with him your location, monitor resolution, browser and version, and much more. As a site developer myself, I wanted to get as much information as possible about users in order to draw up a portrait of the target audience. And believe me, what I just did not recognize, up to the date of installation of the operating system.

    I would like to pay special attention to social networks. In order to keep up to date, I would like to immediately insert a few quotes:

    Facebook

    Everyone remembers the interview during which Julian Assange said: “Facebook is the most comprehensive database of people, their names, addresses, places of stay, family relationships, relationships and communication with each other. All of this data is accumulated in the United States and is available to US intelligence. ” He added that Facebook, Google, Yahoo! and other US-based Internet giants have dedicated online interfaces designed for use by U.S. intelligence. “This is not about enforcing court orders - they have interfaces designed for intelligence. What if Facebook was created by American intelligence? No, hardly. Just intelligence has the ability to exert political and legal pressure on the company. It’s too expensive for them to give out personal information for each individual request, so they automated the process, ”Assange said openly.
    Facebook itself refutes this information. The conclusions are yours.

    Forbes writes that today, justice uses all modern methods in the fight against criminals. Therefore, justice officials are increasingly turning to social networks and IT companies that store a huge amount of personal data as a source of evidence of the investigation. Telecommunications company Sprint has confirmed that it has a special interface for official requests for information, so it receives millions of such events annually and is forced to put their satisfaction on the conveyor.

    In contact with

    About VKontakte, I won’t write so much, and I’ll prove that I think those who have the brain and logic will understand, for example, the latest innovation “You can become a VKontakte user at the invitation of one of the participants.” Who is a frequent user, he probably knows about it, having confirmed A mobile phone number is easy to determine and the person’s identity and location. Having a Vkotakte user's phone number “by default”, it will not be difficult to organize additional paid services with SMS payment, which can cover almost all user actions. The Mail.Ru Group, which is so well-known to all, went the same way.

    The special services do not need your passport data and place of study, they need your personal characteristics, hobbies, hobbies, favorite films and music, and search queries on the site? Ltd! VKontakte knows more about you than your mother, I think many will agree with me! More recently, after the terrorist attacks in the country, through VKontakte, people who knew the perpetrators of the incident were identified, who, in turn, wrote their description, in general, everything that they know about them. That's it ...

    Thank you for your attention. I hope I have not offended anyone.
    And finally, a joke in the subject:
    image

    Links to the topic: Everyone will listen

    Also popular now: