Privacy is at risk more than ever before. Our research and development team recently stumbled onto something which puts the AOL search debacle to shame. The discovery we’ll describe should serve as a serious and urgent warning. If Google searches are not conducted through a VPN or Tor, you are running the risk that those searches are made public and linked to your IP address.
It’s well known that many companies track netizens across the web. Such tracking has become an enormous internet industry, resulting in massive amounts of personal data being mined and then sold or used in retargeting. In general, most people have been unconcerned with this tracking, as it has been kept very low key and, thus, out of view from most of society.
However, we’ve just discovered something which serves as living proof that our privacy is in serious jeopardy. At least one website has been identified which makes your search traffic publicly available to the internet in its entirety, including Google’s web crawlers. This is not some rogue company, but instead, a website tracking service which is used in a wide variety of internet sectors.
DISCLAIMER: We will not name or link the website as we truly believe doing so will potentially damage the lives of many people. We will, however, provide screenshots to exemplify the harm that can be caused.
This particular website tracks URLs, referring URLs, and Google search queries for each site on which it is enabled. Then, it creates pages which list each of the search queries or referrers along with the visitor’s IP address. Google then indexes these pages, making it simple for anyone to search for an IP and connect it to a specific website visit or a search query.
Shown below is an example of some of the privacy violations this has caused. Most people will agree that, while some of these searches are harmless, some were definitely conducted with the expectation of privacy. While viewing this image, imagine you did a google search of your IP address, and these records appeared. Then, imagine someone else did a google search of your IP address. As Lil Flip said, “Game over.”
Search engine queries and referring URLs are listed. This can be used to show what you were looking for or what sites you visited.
A common misconception is that the solution is to attack or attempt to shut down the tracking site in question. However, this is only one site. There could be many more that operate the same way, operating under many different jurisdictions. Furthermore, there are countless other tracking sites that have the exact same data but have not made it public. But just because it isn’t public today, doesn’t mean it won’t be public tomorrow. Hackers could break in and release the data, or it could be sold en masse to other companies whose motives are unknown.
Shutting down one site does not protect anyone. Even using your browser’s private or incognito mode will not hide your IP. The only way to protect yourself is to be truly private by making your IP address invisible to these tracking sites in the first place. So next time you Google, please, use a VPN.