Thanks for the info so far. I'd forgotten the mobile device use case, thanks Roger.
Unpacking the question a bit & differentiating between privacy and security. If I go to www.nastysite.com and use https my interactions would be secure but not necessarily private - the metadata (along with the DNS query) would show that I'd visited www.nastysite.com. The authorities would need to ask the website owner what I'd been doing. If I went to google.com.au, it redirects to https. The authorities would need to ask google what I'd been searching for. Google is quite good at tracking specific computers through technology footprints and working with the authorities and correlating query times they could quite easily find out what queries had come from a specific machine, even if the user hadn't logged on to google. A VPN would help in this case because the authorities would not know what sites I'd visited, at least not from looking at the user computer to VPN node channel. This is all very similar to the data de/re-identification problem in that they are both more difficult than would appear, especially from simplistic explanations.. I'm trying to work my way through understanding both a bit better. Thanks for the help. -- Regards brd Bernard Robertson-Dunn Sydney Australia email: [email protected] web: www.drbrd.com web: www.problemsfirst.com Blog: www.problemsfirst.com/blog _______________________________________________ Link mailing list [email protected] http://mailman.anu.edu.au/mailman/listinfo/link
