Who knows more about the citizens in their own country, Kim Jong-Il or Google?

Content

Privacy

"We are all subject in the United States to the Patriot Act, and it is possible that all that information could be made available to the authorities."
- Eric Schmidt, Google CEO

Frequently Asked Questions

  • Why not use Anonymizer or any other anonymizing proxy service?
  • Aren't one-hop proxies insecure?
  • So wait, you're giving my cookies to someone else?
  • But I'm sending you my cookies?
  • Why don't you proxy things like GMail or Google Checkout?
  • So I can't use GMail or Google Checkout when I have GoogleSharing enabled?
  • Why doesn't GoogleSharing proxy traffic for localized domains such as google.fr?
  • What other services don't you proxy?
  • What do you log? What information do you collect from me?
  • Why should I trust you?
  • How can I support your efforts?
  • How do I contact you?

    • Why not use Anonymizer or any other anonymizing proxy service?

    General purpose anonymizing proxies are designed for something else.

    1. Most will mask your IP address, but not the identifying information in your HTTP headers. Google will still know who you are based on your Cookies, User Agent, etc...
    2. If the proxy does attempt to anonymize HTTP headers, they will do it by completely stripping cookies from your request. Google does not like this, and will tag you as a SPAM bot (how convient for them to do), which will force you to type in a CAPTCHA every time you issue a Google search, and will prevent you from issuing Maps requests at all.
    3. These types of proxies can be slow. It's not necessary to proxy all of your internet traffic if you're just trying to protect yourself from Google. Since GoogleSharing only proxies Google traffic, our bandwidth needs are much lower and thus our performance is much greater.

    Aren't one-hop proxies insecure? Shouldn't I use Tor?

    It depends on what you're trying to achieve. GoogleSharing is not designed as a system for provably strong anonymity in the face of an adversary that is simultaneously monitoring all communication across the internet. GoogleSharing is designed to provide a level of anonymity that prevents Google from building a profile on your day-to-day activity.

    If you need directions to your Top-Secret rendevouz point, and it's critical for you to prevent intelligence agencies from later determining who requested those directions, use Tor. But Tor is so slow as to be unusable for proxying every single one of your day-to-day non-critical requests, and that's where GoogleSharing comes in.

    So wait, you're giving my cookies to someone else?

    The cookies passed between the GoogleSharing identities do not originate from the users, but are rather assigned "fresh" from Google. Thus, you don't need to worry about your login credentials or any other identifying information showing up in someone else's request.

    But I'm sending you my cookies?

    No, your Google cookies are actually filtered by the GoogleSharing Firefox Addon before your request is transmitted to the proxy. So there should be no chance of any login credentials leaking from your browser.

    Why don't you proxy things like GMail or Google Checkout?

    There is no way to anonymize these services, and it requires cookies that are pegged to your browser. If you log into your GMail account, it is obviously you. Naturally, we recommend switching to something other than GMail or Checkout, but if you must use things like GMail or Google Checkout, it should work seamlessly for you with GoogleSharing enabled — that traffic just won't go through GoogleSharing.

    So I can't use GMail or Google Checkout when I have GoogleSharing enabled?

    You can use them, the traffic just won't be transmitted through the GoogleSharing proxy, and thus will not be anonymized.

    Why doesn't GoogleSharing proxy traffic for localized domains like google.fr?

    The hardest thing about running a service like GoogleSharing is avoiding Google's abuse heuristics. Google doesn't work well through things like Tor because when you start stripping cookies and HTTP headers from your requests, Google tags your client as a spam bot and starts requiring you to enter CAPTCHAs. GoogleSharing thrives by being indistinguishable from a large corporate NAT, but if a bunch of clients behind a US IP address all started making requests for localized Google pages throughout the world, that would look strange.

    The good news is that when you're using GoogleSharing and type google.com, you shouldn't be automatically directed to google.xx

    What other services don't you proxy?

    By default, the GoogleSharing plugin will proxy traffic for all Google services that don't require you to be logged in. It does not proxy Chat, GMail, Checkout, Sites, Docs, Photos, Calendar, Reader, or Health. Again, you can continue to use these services with GoogleSharing enabled if you must — that traffic will just go directly to Google instead of passing through GoogleSharing.

    What do you log? What information do you collect from me?

    Nothing.

    Why should I trust you?

    The only thing that we have is our reputations, which we feel are fairly strong in this area. However, we have also made the GoogleSharing proxy code available, and you can easily change the GoogleSharing proxy settings in the Firefox Addon. So if you don't trust us, hopefully you can find someone that you do trust, or run a GoogleSharing proxy yourself. Also remember that immediately sensitive information like login credentials or cookies are never transmitted through a GoogleSharing proxy.

    How can I support your efforts?

    How do I contact you?

    You can email: moxie@thoughtcrime.org