Internet Security: Things They Know, We Don’t Know They Know!


At the outset, I must mention that this article is written with majority of non-tech people in mind and people who are new Internet users…

Often while browsing the net, we come across a few incidences that are puzzling and mind boggling.

Let us look at a few examples…

1) Online shopping – The most observed and commonly visible scenario. You are browsing a website (taken for reference.) and soon enough you find that the website knows what you browsed! It recommends some products based on previous searches and even surprisingly, suggests discount on similar items which you intend to buy!

2) Singles in your area – Apart from being actually looking for a matrimonial connection, at times it crops up that you have singles in your area (most of the times it identifies the state, city or the area to be accurate) looking for marriage. How on earth did they know I am a bachelor? Or is it just a fluke?

3) On a shopping website- You come to know that your best buddy “likes” this website and you are surprised to know that the website actually knows you have him as a friend! Even the product they brought or the depth of details to which they can go, just makes you stare at it.

4) Relevant Ads – How does Gmail deliver relevant ads, viz. if you are looking for a job change and pop comes the ad for a firm which you might definitely be interested in.

How many of such daily evidences we get, when we for a second, think that someone is spying on us.

But is the internet really spying on us?


[Image Source]

Internet, the new Sherlock!

While the generalization of the word “spy” would rather be taken in a critic, arbitrary way, the fact is – yes.

The internet as a whole has you under constant radar of browsing activity, behavior on the website Etc. It can actually pinpoint (if desired) to the level of an individual about the manner in which he accessed data, daily internet usage, online shopping behaviors, most googled topics.

How do they do that? Before we start looking into some of the aspects of data-mining, here is a fun activity that you can do by yourself.

  • Go to Mozilla Firefox add-ons page
  • Check for collusion v2.7 ) and download it in the browser, restart.
  • Click on 3-4 random websites that you browse daily, or probably start your work as you would do in your daily chores.
  • In 3-4 minutes, click on the collusion icon from add-on bar (ctrl+/ if the bar is not visible)
  • The beautiful stellar graphic that you would see, is just the amount of sites, parent and mining sites that are keeping a track on your browsing activity.
  • The parent websites are the centers of the graphic that we access. And the other luminous objects are the trackers to that specific website. And yes! They interconnect too!

Here is a Sample collusion analysis chart after I browsed a few random sitesCollusion

PS: the app is in beta version so the above analysis can’t be used for business/practical purposes.

Back to work

There are a few techniques which are used as tracking for the websites, so that on a commercial front, they can observe a user’s behavior and way of browsing.

A news website may conclude that a User on an average scrolls through 30% of pixels for Author A and 35% for author B on the websites articles. It is conclusive that author A can be asked to increase the quality of write-up, or probably can be used as a measure of the part of their appraisals.

Or a shopping website can conclude that a product, even if offered 30% discount and free COD, isn’t selling as the users are just not interested in it anymore.

Many such practically feasible applications are existent when we talk about data mining.

A few methods that can be used for tracking are —

1) Cookies

The friend and foe of an internet user. These are helpful in creating and maintaining user sessions when you login to your email accounts, shopping portals etc., but also are used by trackers and phishing agents to get your identity and use them. Now a days, the cookies are mostly secured by using https protocols, not sharing the cookies with subdomains, using application specific cookies and secure operations with javascripts.

More on the security of cookies here

2) Logging in to a domain

Let’s use an example here, there are various shopping apps which use “sign In using Facebook account” feature. Sounds convenient as you don’t really have to register on the website and remember a clumsy password for each.

And through this, you share your IP Address, your browser identity, timestamp, shopping history and other relevant data with Facebook. The story becomes simple as now Facebook knows you brought something and you “liked” that page, you are the inevitable advertiser to your friends.

Similar stuff can be found out through Google history. ( Unless you have disabled it explicitly, every Google search ever typed by you since the inception of your account is stored here.

3) Flash and JavaScript

Flash has its own set of cookies which are not same as browser cookies and can be used to send additional information. These are not cleared by usual clear cookies option. JavaScript can be written in a way that they can bypass the conventional cookies and send and store additional information which can be used as a tracker. More on it here.

4) We would probably think that taking care of all these methods may secure us from getting tracked. A paper by Electronic frontier foundation suggests that a fingerprinting algorithm for the browsers exists, which sends the bits of information and version details to the websites.

An article on CNET describes that some browsers may send key value formats describing your browser version, OS version, and at times even the way the fonts were installed in the machine. This website – would give an idea of browser fingerprinting and uniqueness of the browser.


The very thought that there are so many (and probably more) methods through which one can track us is spooky and scary, the odds that somebody is actually watching you are very rare.

The BI conclusions of a generic behavior are definitely possible, for example: 20% of IT employees in India google about H1B visa once a month (Inconclusive BI- just taken for reference). But a situation where the websites care that you shopped for a cellphone on the shopping site, and then upgraded your data plan from 2G to 3G is like finding a needle in the haystack.

While I still find the way the internet works as spooky, but if not this, they will find some other way to track us. Welcome to the unknown.

What are you Views?

"Internet Security: Things They Know, We Don't Know They Know!", 5 out of 5 based on 1 ratings.
  1. Altaf Rahman says

    An excellent article.
    Kids just getting to know using gadgets should read articles like these. For the new kids on the block its a three dimensional endless space and they can fly the way they wish. They should atleast be aware that they are pigeons allowed to fly in that space but there are eagles watching them.
    Also for people who are using net for ages, though they know that some kind of spying is there, this article tells the basis in a simple way.
    Just my two paisa :)

    1. Arun Prabhudesai says

      @altaf – The article is actually for everyone who browse the net. Even for someone like me that collusion was such useful extension.

  2. Ankrbde says

    Terrific amount of information in short way and proper way…

  3. Ashwin Sreekumar says

    Really cool article. Its really interesting to know the sheer amount of data internet websites collect about most users. While it’s easy to get a little paranoid and expect an “Enemy of the State” or 2001’s HAL kind of situation, the usage of data is strictly for commercial purposes. For users, the convenience of seeing relevant ads that make more sense to them rather than being bombarded with useless requests or being suggested a product that they didn’t know they needed it but all of a sudden realize they do is a great feat. Its just like an old school video library guy suggesting a really awesome movie to you based on the movies you saw or your neighbour suggesting a new restaurant for you to try but a bit more efficient. The age of privacy died a long time ago with the rise of Google and Facebook. This is the age of selective publicity, where you have the choice of what others can know about you and what companies can keep to themselves.

    1. Siddhesh Joshi says

      Thanks Ashwin,

      The last line that you mentioned, “Selective Publicity” actually sums it up. while we have a very huge data flowing out and produced daily, a large part of data goes down the drains and remains haywire. Making sense of this data, gives us a gist of what exactly the world is upto- though that’s a very exaggerated way to state it. Business Intelligence has a long way ahead, and the output of these systems would definitely be a plus to the ever growing collection of data! Also loved the Video library example! :)

Leave A Reply

Your email address will not be published.

who's online