WTF??? Guys, wake up! If it is not open source, it does not protect your privacy. Period. We see how other companies got coerced into breaking privacy for some dollars. The company-driven closed source development is flawed as long as we grant governments this power.
What we need is not yet another startup that tries to make money on our private data (yeah, read Epic's FAQ how they make money). We need a stack of hardware and software you can easily trust. My dream is to use a computer that is produced on an open design by one of hundreds of fabs that would call out a competitor that puts backdoors into the chips to boost their own reputation. My dream is a software stack that is completely signed by tons of trustful developers with the possibility to easily add my signature after bit-reproducibly compiling code I checked. If this comes true, people will identify easier the packages that were developed by companies only and find ways to replace them for a trustworthy stack.
Open source apps distributed via Android market for example are closed source apps compiled by the developer from code he maybe shared and that was possibly modified by google running on video-audio-multi-sensor-bugs with several agencies having a direct wire to them. If you still use windows, your PC is not better than that. Think about it. Thanks to Snowden we can finally talk about these issues without a single person calling us paranoid.
Epic is open source...anyone who wants our source code, just write us!! Sorry we've been struggling to get the product ready and hadn't prepared to release all the code yet but will do it fast. Chromium is a huge code base & we're a small team so we hadn't gotten to it yet.
We don't make any money from anyone's private data or any data (period). We make revenues at this point exclusively from searches you do via our private search engine & always protect your searches' privacy.
I still can't figure out why my browsing data being sold is objectively a bad thing. I don't see how it makes my day-to-day worse in any way. There are plenty of smart people who feel that it's bad, so maybe I'm just missing something, and I'm open to sound logic that convinces me that it's going to make my life worse.
Also, the example they make at the bottom asking the reader to imagine hundreds of people following them around and watching their every move is a bit disingenuous. It's more like a handful of people following millions. At that point in time, you're not much more than a data point.
Some people object to the way the data is used for behavioral ad targeting, because it's "creepy" -- it causes companies to reveal that they know things about you, without making it clear who gave them that information or how they gathered it. This can be surprising, and possibly unsettling.
Personally I'm not terribly bothered by the targeted ads themselves, but I see them as one symptom of a deeper problem. The data being used and sold is not data that I volunteered; much of it is data that is leaked unintentionally as a side effect of technical design of the web and other information systems. (This includes data like "the person who is visiting site A today also visited site B several times last week.") These leaks make it hard to know or control how much we reveal about ourselves (and to whom) when we use these systems.
Even if you aren't concerned with any specific information you may accidentally disclose today, you should still be interested in ways that our software and networks could be designed to give users better knowledge and control over these disclosures, because (a) other people are legitimately concerned about this, and (b) you may have reason to be concerned in the future.
It's about control and regaining control of your browsing habits, namely giving users the capability of opting out of global surveillance networks.
Many advertisers screamed (and are still screaming) bloody murder over Do Not Track settings being on by default, and this is a message to send to them: your screams are irrelevant and you have no right to track me.
I have control of my browsing habits. That's my point - I'm not terribly worried about if companies see what I do, so it doesn't change my behavior. Thus, I don't see how this point shows that tracking makes my life worse.
Are you saying that it is ok to globally disregard privacy, profile users, sell their data/profile without them knowing or getting a part of this profit because it doesn't make your life worse ?
I don't think I said anything about global disregard. I asked why I should personally care. It seems like there are a lot of people trying to tell me I should care, but I did not once say that others should not care.
Well the reasoning is quite simple actually, if you care for freedom then you should care for privacy. Without privacy there's no freedom possible.
Maybe read some of the many posts around about privacy and freedom and rebuttal of the "I don't do anything wrong so I don't have to hide" argument:
you could start with the schneier's blog: https://www.schneier.com/blog/archives/2006/05/the_value_of_...
But let me try to make a point of why you should personally care even though you don't know or understand why. This is a case of closing the barn door after the horse is gone, if you later learn the hard way you should have cared and go the extra step of protecting your data, you couldn't go back and get your data back.
And the sad reality is that if you have to learn this way, it means that history has indeed repeated itself again and you're enjoying living under a tyranny.
Well the reasoning is quite simple actually, if you care for freedom then you should care for privacy.
Sorry, but this sounds like the cr*p touted around by politicians and over zealous "patriots", along the lines of "if you don't support the war then you are not a patriot and therefore must support the terrorists".
Despite what most on HN would like to believe, outside of the tech community most people don't care about their privacy being invaded, and the OP is entitled to his opinion of not caring just as you (and I) are too overly caring. I believe that is the true definition of freedom, to be able to make ones own choice?
And if I am? Everyone has varying degrees of privacy preference. Who's to say that any end of the spectrum is wrong or right? Mine just happens to fall on the more liberal end.
You're right, there is a spectrum of preference. But just because some are ok with it, doesn't mean all of us. Why encapsulate everyone under the same policy of track everything?
On the Do Not Track, I think turning it on by default is a bad idea. It gives companies no incentive to follow it and abide by it. (Yes, they have no reason to abide by it right now either). There is no law that says they have to abide by it, but it seems to me they might be more willing to abide by DNT if those that are tracking conscious were to turn it on, rather than it to be turned on by itself. They wouldn't lose as many people to track if it was opt in instead of opt out.
As i mentioned to another commentor, I don't think we should encapsulate everyone under the same policies nor do I think everyone should feel the same. I believe it's OK for people to want a lot of privacy. However, through this whole NSA discussion, I've seen a large amount of discussion on HN basically saying that anyone who doesn't desire a high level of privacy is wrong or ignorant. That's certainly what Zuider's comment about the possibility of me saying "I'm not doing anything wrong..." asserts. I think it's more ignorant to believe that everyone needs to have the same values and beliefs as you regarding privacy.
> There are plenty of smart people who feel that it's bad
Please do not forget that intelligence isn't all-pervasive in a person. Privacy tends to be a trigger issue for many intelligent people on a forum like Hacker News.
1) I don't agree with this. If I walk into (or around) a Best Buy and they capture my movement on a security camera, are they stealing from me? Technically, they are recording data of my movement. Also, stealing generally infers that the victim is left without the stolen item. That's why we don't call piracy stealing. So, if anything, trackers are 'pirating' my browsing information and possibly reselling it. Truthfully, I wasn't doing anything with that information before, so my life hasn't changed for better or worse because of this. No proof of bad thing here.
2) It is a useful standard. I avoid being nit-picky about the little things, and so I like to make a distinction between things that are worth worrying about. If ~$273 is taken from my bank account over my entire lifetime (based on average lifetime), I'm really not going to worry about it. If data tracking is on the same side of the distinction as taking 1 cent from my bank account, I'm fine with that.
1) we'll take another example, let's say you have your own religious views and those get collected in a database, seemingly no harm done here. Then comes a newly elected government with different religious views who decides people holding the same religious views as yours should wear a distinctive sign to warn the public, then to gather those people in camps, then starts mass killing those people on an industrial scale. This happened before, if it were to happen again in the future you would have no way of hiding facts about you as everything has been collected about you for years.
Wow....you just took web analytics and tracking and somehow morphed it into the holocaust. That's probably the biggest slippery slope argument I've ever seen in my life.
This is obviously an extreme example, but it's valid nonetheless. nazi germany had to build the database (thanks IBM) they needed, a future nazi, fascists or the like government wouldn't have to, those databases already exists in much more details nazi germany would have dreamed of (facebook seems to know you're gay before you do or your family does [1]).
But this nazi example is one everybody can relate to because we're all familiar with it. But if this is too strong we could go a bit further in history and talked about richelieu "If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged." and the current state of us law [2].
That's probably because you don't grasp what can be done with this data, and for how long this data will be around. The bottom line is in the relation between privacy and freedom.
There's a few point to raise here:
how do you object or prevent the sale of your data ?
how much of the money from the sale of your data went to your pockets ?
what control do you have on your sold data over time ?
Then it's not only about you and your life, ever heard of first they came [1]?
I'll ignore your belittling comment and ask you to clarify what exactly you suppose will be done with the data about my browsing habits. I'll return the sentiment, however, and suggest that maybe you don't grasp that there are people who do understand and are not quite as scared as you. I generally don't live my life in fear, regardless of what dangers loom around the corner, known or unknown. This is the second time you've correlated internet browsing tracking to Nazi Germany and the Holocaust. It amazes me that you even use the internet with such enormously exaggerated fears.
I'll go further to suggest that you are unaware that knowledge, intellect, understanding, and the capability to grasp these concepts is in no way correlated with susceptibility to fear and worry.
Because it potentially encourages using the data in a technically wrong way. What I mean by "wrong" has nothing to do with morality. I mean "wrong" as in people who think they can predict behavior will over-interpret the data in a technically incorrect way and try to apply that model causing real harm. That might mean giving insurance companies an excuse to over-interpret health data to increase rates or law makers legislating discriminatory laws based on bad data analysis. It gives scam artists extra ammunition to peddle their crap.
While I agree that many are blowing this out of proportion, there are data analysis tools that can transform a few isolated data points into a complete profile quite quickly.
There are hundreds of companies that track you actually and they sell that data to many, many others. In an average hour of browsing, about 40 will try to track you. What you browse & search is very personal and very revealing - it's dangerous that anyone have that data and use it to determine what prices to charge you for goods, for insurance or whether you should even be offered a policy, or more e.g. searching for "pressure cooker" and "backpacks" led to a visit from six FBI agents to a writer. https://medium.com/something-like-falling/2e7d13e54724 ...there are tons more examples I could provide!
That's ironic since counterterrorism[1] is the supposed primary mission of the NSA surveillance enabled by FISC / PATRIOT Act.
[1] Provided that you think a simple Googling of "backpack" and "pressure cooker" in the days following the Boston Marathon Attack implies a probable link to terrorism.
Thanks for the update to the pressure cooker/backpack article - nevertheless there was a police visit based on his googling which is a bit scary. There are many dangers you could imagine if what you search could be used against you (assuming it's not private).
For example banks and insurance companies want to know everything possible about you. So do potential employers. Profiling people and putting them into categories and calculating their risk profiles makes their position weaker.
For example: Google "lump in the testicles" and browse medical sites. Then wait one week and try to get mortgage or insurance.
Except companies like Mozilla and Google (even Microsoft) don't give that data to those companies, and have no incentive to do so. Indeed, to a company like Google that would be corporate suicide as it would undermine their main source of revenue. Google's money comes from being a middle man, they want to keep their competitive advantage (your data to target ads) secret more than you do.
1) "Google [...] doesn't give that data to those companies". What about selling that data? That's in line with what you call "being a middle man" I think.
2) "[they] have no incentive to do so". They have no incentive in trumpeting that they are doing it. But without having read their ToS, I'm sure they got that covered.
Of course this is pure speculation and I have exactly zero proof that this is the case. I would actually never have believed those claims 6 months ago, but today, I wouldn't be surprised.
So you admit not even having read the ToS, but now you're ready to believe that it happens, despite the fact that (for example) Google has a fairly straightforward privacy policy that enumerates what they use data for: http://www.google.com/policies/privacy/
As the person who originally replied to you mentioned: it'd be political suicide for Google to provide the information they use for their own ad targeting to others, even for a fee, beyond users' explicit consent. It'd also be business suicide, given that it would allow people to cut Google out of the loop, rather than using Google as the advertising platform.
> 1) "Google [...] doesn't give that data to those companies". What about selling that data? That's in line with what you call "being a middle man" I think.
1) Nobody really actually wants to buy that data in the first place. Companies that buy ads just want to sell you shit, they really, really don't care about you in the slightest. Sorry, but your personal information by itself isn't actually worth a damn thing. Hell, if companies were willing to pay for my browsing history I'd sell it to them myself.
2) Why on earth would Google sell one of its advantages? If Google sold data Facebook or Microsoft would buy all of it in a snap and Google would be screwed.
lots of toolbar companies and plugin companies sell your search data to websites like magnetic.com for search re-targetting. So even if they dont sell directly there are still many ways they can get there dirty hands on your data.
What hannibal5 says: Trackers are there after you're off of Google's site(they know whether you've been bad or good, so be good for goodness' sake), and Firefox doesn't need to phone home to Mozilla for your browser to enable others to track you.
In other words, neither Google nor Mozilla has to be involved to track you.
Let me lay out a specific scenario.
It's easy enough for insurance companies (or a 3rd party who's willing to sell that data to an insurance company) to run genuinely informative health sites that have good rankings on Google's SERP, and thus get high clickthrough. Such a site can on clickthrough set a cookie on your client for you, and/or fingerprint your browser (c.f., EFF's panopticlick), and/or use an ETag as a 'cookieless cookie'/browser identifier.
Once they've got a way to identify past behavior for a browser (i.e., look up health concerns for an identifier), they have something to sell to insurers.
Okay, well, clicking on an organic result is a weak signal of health risk / pre-existing condition, all you know is they ended up on a page.
Suppose you, as an insurer, want a stronger signal of whether the person using that browser has a health risk/pre-existing condition. Just put out some AdWords. Here's where Google really helps a website build valuable, saleworthy data.
Search for something:
https://www.google.nl/#q=breast+check
Click adwords ad for breastcancer.org
Opens a page to: http://www.breastcancer.org/symptoms/testing/types/self_exam/bse_steps?gclid=CMC0rI74uLkCFQSS3godSSAA_Q
With this value in the HTTP request's Referer header:
http://www.google.nl/aclk?sa=l&ai=CA_XBGe0qUqOhD4e--QbWkoHoBqzGitEBlN6ongr-x6YMCAAQAVCVu9RFYJGEk4X8F6AB7qeO_wPIAQGqBCBP0MOny_HlmSNBJ-QDgpzV0OqbNNjg7FAjv3nX9hy9u4AH-tdx&sig=AOD64_1DSbXWQm-KpW0fMRFiY3lcjn3kQg&rct=j&q=breast+check&ved=0CCwQ0Qw&adurl=http://www.breastcancer.org/symptoms/testing/types/self_exam/bse_steps.jsp
I was logged into my Google account while I did this.
Google empties the Referer for organic results always (if I've read&remembered correctly, for a few years they scrubbed Referer only for logged-in users, as a privacy boon). But they still leave it for their paying advertisers!
So, if you run breastcancer.org and put out some ads and are selling your data to insurers, you now can link search terms to impressions to clickthroughs to a browser identifier. Then you just need to offer a low-latency service that serves the insurer a list of health conditions for which a particular browser seems to be at-risk for.
Note that all of this works end-to-end, so SSL/TLS doesn't prevent the host serving a clickthrough from sharing data.
The part where your browser is identifiable (uses etags, sends cookies, presents a consistent fingerprint) is the weakest link.
Disclaimer: I have no reason to believe breastcancer.org is anything but altruistic, I just needed to find a medical condition for which there was a clickable AdWords ad and which is expensive to treat.
Is there any evidence that your example could impact somebody today? Sure, it's just a matter of the right (wrong) people connecting the dots... but is anyone currently doing that?
Isn't the fact that such a vulnerability exists reason enough to not allow it to happen? I mean, at that point, you're basically trusting the Bad Guys to not do bad things. Look at internet security circa late 1990's to get an idea of how that works.
Nitroglycerin can be used to make things blow up. It can also be used to help prevent heart attacks. Should we completely ban nitroglycerin simply because it can be used to blow things up? I mean, we're basically trusting people to not use it to blow things up.
Does that really occur? If so, then I'd agree that would be a good reason to be against tracking, but I haven't seen hard evidence to show this happens.
This link has nothing to do with your original scenario of googling for "testicular cancer" and subsequently getting denied for insurance or a mortgage. It's about social media. Social media != anonymized search data.
There is a huge difference between publicly stating for the whole world to see that you have cancer by posting it to Facebook and searching google and browsing webmd and an insurer somehow surfacing that search and browsing intent and then acting on it. You backed up nothing.
This is a nice initiative, but I would like to see the source code of this browser. Without it, I cannot be 100% sure that what Epic devs say is true and it's not an elaborate NSA trick to get our data :). No hard feelings, just in the light of current events as reported by NY Times/Guardian about NSA backdooring popular apps and crypto implementations the paranoid inside me has gotten more active lately.
Source Code coming soon. We've made changes to many chromium files & we're a small team, so haven't had a chance to open source it all in a manageable way. In the meantime, don't hesitate to write us if you want to see any code or know any changes we've made. Or use Wireshark to see requests going in/out! Our philosophy is exactly that -- we don't want you to "trust" us, it should be private by design -- that's how Epic works. So for example, address bar auto-fill is all done locally in your system because we don't believe all your browsing should be passing through anyone's servers.
You guys are using something like git right? You have a tag for the build you created right? Why not just release a read only github account or tarball of the source released with epic to give people audit peace of mind now. Add a bunch of disclaimers saying 'we are not ready yet, please only use this to audit for now, we'll have a proper open sourcing setup soon'.
Great suggestion - thanks! Meant to put that in the faq that all code and changes would be available soon. Will do that very very soon! We haven't slept much the past week so give us a bit of time!!
I can sense your suspicion, but I wouldn't overthink it just yet. I'd imagine there's profanity or something in the git history that needs to be cleaned up before publishing.
That said, I completely agree - before believing this browser to be completely secure, I need to see the source and be able to compile it myself.
...not that I'd necessarily personally do that, but I'd like to know that people have.
Isn't releasing the source code a condition of using the open source Chromium code? Putting your code out should be effortless. Just put it out there; cleaning it up can happen later.
Good thought -- thanks!! Will work on a changelog and making all code available very very soon! In terms of other issues, we and everyone rely on the whole open source community to be watchful over chromium and report any possible "backdoors"! It's a massive codebase and we're still a small team!!
Looks like an attempt at pivoting, jumping of the privacy bandwagon. Doesn't really make a good case that this browser is based on belief of privacy as stated in their faq.
Privacy isn't "free", you're right. Epic supports password saving -- since it's the user's choice, we determined that we could leave it in. Many things can be done in a private way, so for example we have implemented local address bar auto-fill, so you can type "f" and have facebook.com appear but it's not based on your history nor any query to a web server. We will be building in more such services to make using Epic both private and convenient!! Epic does by the way auto-update for Windows though we hope to make it optional in the future for the extremely privacy conscious. For the Mac, it will give you a pop-up when there's an update so it's just about as simple as auto-updating.
Yes you're right spell check surely can be! We'll work on it. Chromium is difficult to work with as something like spell check will be built to be supported as a web service so migrating it to a local service takes a bit of time. Great idea though and something we will work on!
I just checked myself and the identifying info for me was by a huge margin fonts & plugins. User Agent will become far less relevant if Epic gets more adoption and keeps a lock-step updating pattern. Perhaps as use of web fonts becomes more common perhaps it will become more feasible to send just a static list that's the same for all Epic users[1]. I suspect there's a potential cache-enumeration issue that would help tag browsers there, but I'm not sure.
As for plugins, that's a bit more difficult - I wouldn't mind an option to ask if I wanted to let a site enumerate plugins, but you start getting into header games & pointless reloads there if you're not careful.
[1] I force my own fonts for everything, so no UX issues for me. No idea how much of an issue it is for other folks.
It mentions fingerprinting as a threat, but doesn't do anything specific against it. Probably because no one is quite sure how to stop it. From the FAQ:
How does Epic protect against browser fingerprinting?
There is no agreed-upon way to prevent browser fingerprinting or device fingerprinting at this point. There are many fingerprinting techniques which a solution would need to protect against. While we are working on a more thorough solution [...]
I imagine it could send the default plugin/header/user agent of IE/Chrome/Firefox, or random stuff each time...
Epic at present blocks tons of fingerprinting scripts. Comments above seem right to us as well that user-agent doesn't make sense to use from a fingerprinting perspective. Fonts+Plugins do though. We actually do and could've released things to protect against fingerprinting actively right now BUT it wouldn't have been comprehensive or defended against some of the key things we'd imagine a fingerprinter would use e.g. flash fonts call & more. So there's more work to be done - please join our forums and help us come up with more thorough solutions for fingerprinting.
That's probably because its settings are so unique and different from other browsers. And since not many people check that site, you could be the first one.
Search. We earn revenues whenever you make searches via Epic. Note though your searches are always private and sponsored/unsponsored results are only based on your query and rough geo-location. We will base any results on tracking or allow any searches or browsing to be tracked. It's not really required either -- Google tracks you and saves your data to target non-search ads (search ads via your search term can be naturally targeted)!!
I cringe when I read their claim to be "the first-ever privacy-focused browser built on chromium". Iron[1] was first released in 2008 to circumvent privacy issues with chrome.
I wonder if they did a really poor job at researching what already exists and are truly clueless about iron, or if they outright lied for marketing purposes.
Hopefully they're not clueless about privacy and are not lying about features, though I would not bet my privacy on "hopefully" specially when epic browser website lacks an https version and epic browser bears a unique fingerprint on panopticlick.
This is cool and I'm going to use it but I want people make money too, so personally I'd be fine if you took my geographic location and served me ads based on that.
I want to know what's on sale at the nearest grocery store, and I wouldn't be too creeped out if you knew where I was geographically. But maybe that's just me.
Sounds awesome. I'll definitely use this instead of the browser project whose TLS stack is maintained by one of the best known crypto software developers on the Internet, and run by the company that has almost singlehandledly mainstreamed TLS forward secrecy.
Out of interest, has anyone noticed anything outside of the ordinary? My antivirus (Kaspersky) is flagging it as a Trojan. http://i.imgur.com/qTW8zPu.png
Sorry through a third-party proxy service powered by Spotflux. You're right that if it was powered by us, it would be sketchy in terms of a privacy improvement!
I like it, but can you at least add Startpage/Ixquick and DDG as options for search engines? Options are good and people might not use it without having those options.
What we need is not yet another startup that tries to make money on our private data (yeah, read Epic's FAQ how they make money). We need a stack of hardware and software you can easily trust. My dream is to use a computer that is produced on an open design by one of hundreds of fabs that would call out a competitor that puts backdoors into the chips to boost their own reputation. My dream is a software stack that is completely signed by tons of trustful developers with the possibility to easily add my signature after bit-reproducibly compiling code I checked. If this comes true, people will identify easier the packages that were developed by companies only and find ways to replace them for a trustworthy stack.
Open source apps distributed via Android market for example are closed source apps compiled by the developer from code he maybe shared and that was possibly modified by google running on video-audio-multi-sensor-bugs with several agencies having a direct wire to them. If you still use windows, your PC is not better than that. Think about it. Thanks to Snowden we can finally talk about these issues without a single person calling us paranoid.