Digital Privacy and Traffic Analysis

Traffic analysis can provide key operational data for websites. Large and mature websites have different types of traffic analysis. Analytics is commonly used in the Internet industry to describe traffic analysis, and there are many ways to achieve it: browser side, web page side, network link, server side. Only learn a lot, organize the content of learning, and share with you:

Browser side
For example, your browser has some kind of traffic analysis plug-in installed, then this plug-in may transfer all your browsing data to the database of the analysis company, such as SimilarWeb. If your browser is equipped with a traffic analysis plug-in, then whether you are Access the network through a proxy, VPN, or Tor, and your real IP address, operating system, browser fingerprint, and other information will be collected by the analysis company. Obviously, browser-side traffic analysis has the highest danger level, which is why some totalitarian governments are keen to promote domestic browsers.

Web traffic analysis is usually achieved through cookies and web plugins. Cookies are an essential element of many websites, but every website that requires you to log in requires cookies. It is a temporary mark distributed to you by the website.

For example, if you go to a nightclub street like Lan Kwai Fong at night, every time you enter the nightclub, the nightclub security will put a unique pattern on your arm, so that you go out to eat barbecue or call back, the door security Checking that you have this chapter will let you in directly, rather than letting you buy a new ticket. Cookies are the stamps that your website stamps on your browser, but the website will not stamp the same stamp for every guest like a nightclub, but will give everyone a unique temporary number, so that the website not only knows when you came, Also know that you are Zhang San or Li Si who are not logged in to the website at the same time. Human security can distinguish you from Zhang San Li Si by the appearance and sound, and your appearance sound is unique.

What are the dangers of cookies? Imagine that you played from 9 to 6 in the nightclub street, and you just came home and saw your dad go out for morning exercises. You just planned to come up with the pretend rumors that you were drunk last night at your classmate party. Honest man Liu Shuai, but your dad pulled up your sleeves without a word, revealing more than ten different nightclub chapters on your arm … So, in order to prevent this embarrassment of privacy leaks, you have to use a close The browser that automatically deletes all cookies from the window, your dad can only see the white arms when he pulls up your sleeve.

The nightclub chapter will automatically disappear after a long time, and cookies will also have different validity periods. Some cookies can be stored for a long time so that you do not need to enter your account password every time you open this website. It is convenient, but the problem is privacy. However, some websites set a lifetime for cookies, which will not be recognized after expiration, just like the club chapter, otherwise you can play for free every day after buying a ticket, and the club owner is not dead?

Web plugin
There are many websites that do not require cookies, such as the static pages you are watching now that do not require login at all. But how does a website know how much of its own traffic, including detailed traffic? There are usually two methods of web plugins and server-side.

Web plugins can be javascript or images. Websites use web plugins to analyze traffic for two reasons:

1. Easy to use web plug-ins. For example, Google Analytics can directly provide various analysis data and charts, and deployment is much more convenient than installing analysis software on the server side.

2. Authoritative traffic analysis on your own server is only known to you, what to do if you meet that bragging person? Obviously there are only 1,000 views, which is one million, and third-party plug-ins can directly display your Google Analytics when necessary, such as facing investors or advertisers.

3. Not your own server Now many websites can be set up without your own server. For example, you are watching this on Github Pages. In this case, Github knows my traffic, but I don’t know it myself, so I can only install web plugins to analyze the traffic.

Web page plugins are easy to identify. You just need to right-click on the web page and view the page code to see the plugin. Well you won’t read the code when I didn’t say it. However, there are many browser plug-ins on the market that specifically detect or block web page plug-ins. Common ad blockers or script blockers no script, or tracking plug-in blocker uBlock Origin can tell you which plug-in has problems, or directly Help you shield them. This way, you are invisible to traffic analysis. Cheers ~

The process of opening a website is as follows:

1. Your browser must first ask the DNS server where the server you entered this URL is. The DNS server tells your browser an IP address.

2. Then your browser sends a request to the server with that IP address, and that server sends the web page file to your browser after receiving your request.

3. Your browser renders the received webpage file into the beautiful webpage you see.

Well, the above process is a bit long, but if you read it twice, you will find that there are two “servers” in this process that know what you have visited this website. If you are accessing pornhub, then the DNS server knows where you have asked pornhub’s URL. Although you just asked it how to go to pornhub, it does not mean that you must go to pornhub, but, huh, come on, everyone know 99.99% of the people who asked how pornhub went were gone. The second one who knows that you have visited pornhub is of course pornhub yourself. If you asked for a webpage, can you still rely on it?

However, you trust pornhub very much, because you know that pornhub will never betray you, otherwise who dares to go to it after the news spreads? There is no way around the DNS server.

Are you thinking “I know how pornhub is going this time, and next time I go there, I don’t need to ask the DNS server, so the DNS server doesn’t know how much I have seen.” This is theoretically possible, but it is not realistic for various reasons. Websites popular with people like pornhub have at least tens of thousands of servers and are truly chain stores. Your visit to pornhub is more like looking for Sinopec’s gas station in a big city. The place where you last refueled may now be in a long line, so you have to check which gas station does not have to wait in line before each refueling. In the metaphor of a nightclub, pornhub will ask the waiter to take you to an empty deck every time. So in general, you have to ask the DNS server pornhub every time how to go.

Server-side traffic analysis is unavoidable. The server knows everything you do here. If you change your IP every time and don’t log in, it’s fine. The server can’t recognize you as the same person, but if you log in to your account …

Network link
The Internet is a network. The opening process described above is only at the application level. It seems that only the DNS server and the website server (Pornhub) know this. In fact, in lower-level networks, every data packet you send and receive is relayed through many server-level relays, just like the package is handed over to the courier receiver by the shop owner after you pick it up on Taobao. Pass the pickup station, transfer by truck to the airport or train station, and then by rail or air to your city terminus, and then forward it to the express store in two or three times, and then deliver it to you (or the uncle of the gatekeeper) by the express brother. On hand. Many people in the middle may open your package and take a peek at what good things you have bought. Each link in the middle may record how many things you bought, such as how many items were sent to you this month by a courier store. SMS can count your traffic. The data packet transmission on the Internet is essentially the same as the physical package described above, except that various transit stations are composed of various expensive routers, gateways and other equipment. The entire process takes less time (well, a few orders of magnitude shorter) ).

Therefore, in addition to the DNS server’s ability to perform traffic analysis, there are many links in the network where traffic analysis is possible. By the way, seeing here, you probably understand how the Great Wall of Fire blocked you? One method is like airport security, and when you scan your package with a gun or a bomb, you stop it. The second method, see where your sending address is not allowed (such as the recipient: the Presidential Palace of Taiwan), and the third and cheapest method is when you ask the DNS server pronhub how to go Tell you a wrong address directly (DNS pollution).

Well, back to the topic, in addition to the DNS analysis, your ISP service provider (that is, the company that collects your Internet charges every month, or the organization that gives you Internet use) usually analyzes which websites you visit because you have all Of traffic will pass through the servers it controls. In the metaphor of delivering courier in front, your ISP service provider is specifically responsible for the express delivery store in your area, and your company or organization network is equivalent to the uncle who is responsible for receiving and sending parts.

to sum up
The previous analysis is nothing more than to tell you that not only the website you are logged in to or visit can analyze your activities on the Internet, but whether your activities are recorded and analyzed can not only be found by looking at the source code of a website. There are countless links in the entire network that can be used to analyze and track you, the server has all your information, and there are many links in the network’s intermediate facilities to monitor and review your information flow. When you stare at the abyss, the abyss is staring at you. Protecting privacy starts from your own computer, not just expecting or blaming others.

Recommend two websites, and look no harm in more: to protect your online privacy:

阅后即焚并不一定用 , 替代品不少 (zerobin的主要功能是代码/文字传递,而非阅后即焚)


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.