Gab’s Dissenter receives your entire browsing history; bonus: it can be tied to your unique user ID

I fully support the intent behind Gab’s Dissenter platform. The ability to comment on any website is a wonderful move for free speech. What I can’t get behind is the major privacy problem it poses, a problem which unfortunately is very hard to avoid in any “comment on any site” concept.

Gab’s Dissenter stores and retrieves comments by URL. This requires Dissenter to send EVERY URL YOU VISIT out to the Dissenter platform to check for user comments for that URL, and obviously to submit your own comments as well. Since you’ll probably be logged in to Gab to use Dissenter, these URLs may also be sent with your Gab user ID which easily ties them all together. Regardless of what the Terms of Service may say about their data collection and retention policies, there is the possibility that Gab is effectively collecting and storing your entire browsing history while using the Dissenter extensions or app.

Even if they say that they don’t do this sort of collection and retention, you must choose whether or not to trust them. Consider a similar privacy-protecting service: VPNs. Several VPN service providers that claimed to be “no-log VPNs” (meaning they don’t store any information about your activities on their services) have been caught storing logs once police subpoenaed them for logs and they were forced to comply. It’s even possible for data to be retained in places not specifically meant to retain that data; for example, a server debugging log may contain all user requests made during the time period that the debug data was enabled, and that log is then readable to computer hackers/crackers or to law enforcement through a lawful subpoena.

How far are you willing to trust Gab with the data they necessarily must receive from you to keep their service working? It’s your choice. All I want is for you to make an informed choice, not an ignorant one.

It occurred to me shortly after writing this that there is one other possibility, but it’s not really much better. The only other way to do it without sending the URLs directly would be to hash the URL on the client side and send the hash instead, but unlike passwords, an unsalted hash of a (probably public) URL is fairly easy to come up with. Law enforcement, for example, could easily ask Google to provide a hash list of every URL in their database and it’d take Google less than a day to generate such a list. Even a casual hacker could build a simple web spider that follows URLs and hashes them to build that list. It’d be sort of like copy protection: it protects against completely ignorant users making copies, but hackers and pirates will break the protection easily and do as they please. Likewise, any method to conceal the URLs sent to Gab’s Dissenter would only count as obscuring the URL and could be easily cracked. If you think about it, there’s simply no other way to do it: how else can Dissenter know what comments to store and retrieve?

Leave a Reply

Your email address will not be published. Required fields are marked *