Persona Tips

Persona

Shortcuts: Check your persona Right now . Make sure you understand what webmasters know about You.
Other related pages: Connection persona , email persona , persona tips , Cookies , anonymizers..

persona

Check your persona Right now .My own persona testing page
Cookiedemo.com - closely read the very top of the page.
central ops browser mirror - also shows your clipboard. (copy some text before trying this web page)
Junk Busters privacy page (their http_referrer test is not accurate).
browser header
Browser Spy - lets you see additional information that is leaked by your browser.
href.com shows what they know about you when you surf there.
problems with "what's related" .
How DNS Look-ups work .If your web browser does not give you away, your DNS might.
DNS .Write-up from an Oreilly & Associates book - EXCELLENT.

Consider the Following Diagram:

A researcher is online and surfing the Internet. This person has a persona of:

The employee's LAN (branch.agency.gov or division.company.com)
dial-up.town.state.isp.com (note that most ISP's name the Modem POP's to include a geographic indication)

The researcher is looking at a webpage (URL1) and clicks on a link which leads to another webpage (URL2). With that simple click, this is some of the information that is now available to the webmaster of URL2:

Remote Host: This is the Persona of your machine or the gateway your requests pass through. The web server MUST have this information in order to send the requested web page to you.
http Referrer: This is the address of the web page you were previously viewing (URL1) My Check your person now page talks about why this can cause a problem for you.

Another concern...
A researcher is online and surfing the Internet. The researcher enters some "search terms" into a search_tool. The researcher then visits the sites listed in the search tool's "hits". Look at the following diagram to see what has just happened:

Thick Red Lines: The Webmaster at searchtool.com knows your “search terms” and persona. For any search tool that you use, what do you know about the organization (and webmaster) who runs that specific search tool?

Double Blue Lines: There is now a very good chance that the webmaster of target.com also knows what search terms you have used to reach them. How is this possible? Searchtool.com displays your "top ten hits" on a search results page which may have a URL such as:

http://searchtool.com/keywords=searchterms

By looking at the referrer URL, the webmaster of target.com can now know exactly which search terms you used to discover his site. In fact, the URL of the search results page often contains all the additional parameters you used to construct your search query. A webmaster can view the exact same search results page as you, to see what other pages were suggested to you, based on your search query.

Here are some example referral URL's taken from my own website statistics. Click on them to see the search results that visitors used to find my site:

http://search.yahoo.com/bin/search?p=ISP+stats ,
http://search.yahoo.com/bin/search?p=russ+haynal ,
http://www.altavista.com/cgi-bin/query?pg=q&kl=XX&q="internet+growth" ,

Some referral URL's are simply links from other public web pages:

http://dir.yahoo.com/Computers_and_Internet/Internet/Maps/Network_Topology/
http://www.blueroom.com/internet/I-BackbonesMaps.htm
http://www.cis.udel.edu/~scoggin/cisc458/resources.htm
http://www.bellsouthcorp.com/issues/telephony/answers.html

You must also be careful on how you name the web pages in your Intranet. Here are examples of intranet pages that link towards my site:

http://doc.uunet.ca:2001/tutorial/ispinfo.html (you can tell why they link to me)
http://www.oen.siemens.de/projects2/p203/pub/links.html (notice the "non-revealing" URL)
http://insidefs.mcln.federal.unisys.com/misc/links/main.htm .

A Manual way to suppress http_referrer...
Is there a way to avoid passing the referrer information along when selecting a web page link? YES - Here are some relatively convenient methods:

Right-click on the link and select "copy link location" This will place the Link's URL into the clipboard. Now you can paste the URL into the browser's location area, and hit the Enter key on the keyboard.
Right-click on the link and select "add bookmark" Now you can select the link from the bookmark listing.
I've also noticed that a referring URL does not seem to be passed along when the referring web page is based on your computer. You may want to take the web page, and "save as" to your hard disk. In the process, you can also rename the page to something generic like: "page.html" This should succeed in hiding the Referring URL, or at least give it a less obvious address like: file:///C|/temp/page.htm
Note: These three previous tips work ONLY if the URL is "direct" to the web site. Be on the lookout for URLs that are "forwarding URLs". In other words, the hyperlink takes you back to the search tool, and then forwards you to the real destination.

To Automatically suppress http_referrer...

Your local firewall may offer this option. Norton security Suite is supposed to offer this feature, as does Zone Alarm Pro (from Zonelabs) Directions for Zone Alarm Pro: Open up Zone Alarm --> Click on "privacy" in the left column --> Click on the "Main" tab along the top --> In the "cookies" section click on "custom" --> in the "3rd Party cookies" section check box "Remove Private Header Information"
In Netscape and Firefox, You can alter your browser using the following steps:
- in the Browser's address bar, type: about:config
- Scroll down to the line called: network.http.sendRefererHeader
- Right-click on the line and select "modify"
- Change the "2" to a "0" (zero) and then click OK.
Disable HTTP_REFERER : This unofficial FAQ describes how to edit the Netscape preference settings to never give a referring URL.

You may also want to see my Privacy Page . to learn about cookies, anonymizers, and securing your computer.