How to prepare your family to survive and thrive in todays uncertain world

No, The FBI Isn’t Tracking Survivalblog Visitors

So quite a few of you, including my parents, emailed me asking about this “FBI Is Spying On Us” thing that was posted on Survivalblog.

Jim Rawles posted that the FBI was intercepting traffic to his website and dropping tracking cookies to spy on his readers. He believes that the FBI intercepted traffic by redirecting it through a secret data center.

The evidence he cites is pretty loose, but his “Forensic Expert” cites some cookies as well as the name of the script that droops the tracking cookies.

He then suggests that folks start using a VPN to browse “anonymously” to avoid the FBI and other government institutions who may try to eavesdrop on you.

A quick aside about my background … I work at a very large software company in Redmond, WA. I have over twenty years of experience in this sort of thing. I’ve been on the Internet since before the Web even existed. It’s pretty safe to say that I know what I’m talking about.

First … Based on what he posted, Rawles is just flat out wrong. Not maliciously wrong, don’t misunderstand me. But he’s wrong.

The file that he refers to, “foresee-alive.js” is part of a customer service survey application from a company called Foresee. These guys are a huge player in that space. And they’re perfectly benign.

Next, his “Forensic Expert” posts three cookies to look for to see if you are affected by this. The three cookies that he cites are from Google Analytics, which is a web analytics platform that most websites on the Internet use. I use it here too. It tells me where people came from, and when they visited, etc.

The three cookies he cites store the number of visits to that site, when your current visit started, and how you got to that site. In the case that the “Expert” cited, just by looking at the first cookie he provided, I can tell you that he first visited the FBI’s website on March 9 at 02:39 UTC.

Further, he visited ten pages on the FBI’s website during that visit. He arrived through a search on the search engine “Dogpile”

All of this is trivial to figure out. If you want the technical details, this page has some good information.

So What Is A Tracking Cookie?

Plain and simple, it’s a little marker that lets websites do a variety of things. Cookies are generally benign. For example, if you log into a website, it drops a cookie that lets the website know that you are who you say you are.

Tracking cookies aren’t malicious for the most part, and are generally limited to the websites that drop them. Like I said before, you’ll find an analytics tracking cookie from my website on your computer.

The popup that you sometimes see on my site that offers you the three day class? The reason why you see it once every two months is that I drop a tracking cookie on your computer so I know you already saw it.

There’s another minor detail that you need to know about. See, if I drop a cookie on your computer from preparingyourfamily.com, no other websites can read that cookie. Period.

So there’s really nothing to worry about here.

But Wait, There’s More!

Now it’s not particularly difficult to redirect web traffic if one of the following is true:

You have a virus or trojan horse on your computer that redirects web requests through a remote proxy.

Someone redirects web traffic by hijacking the DNS servers that tell your computer how to talk to a web site.

There are other ways to redirect traffic but it’s something that would require the cooperation of every major ISP on the internet, and people would know. Everyone would know.

And IF your traffic was hijacked, then theoretically the FBI (in this case) could slightly modify the webpage that you visit to read the tracking cookie by including a file from the main FBI website.

It IS entirely plausible that some of Rawles’ visitors had a virus on their computer that redirected their web traffic through a tracking server.

But Occam’s Razor Applies

The real question is … if the FBI wanted to track visitors to the Survival Blog (or any other prepper websites), would they REALLY do it with their name? Considering my experience with this sort of thing, I can definitively say no, they wouldn’t.

Or maybe, since the cookies cited are normal tracking cookies, it just means that at some point someone on that computer visited an FBI website.

Don’t panic folks. Think, get informed, and move forward.

I’m open to additional information if it’s shared that shows that folks are being tracked. But based on what Rawles and his “Forensics Expert” shared, nothing bad is going on here.

If there’s interest in learning more about how to browse the Internet safely, let me know and I’ll write something up!

Related Posts Plugin for WordPress, Blogger...

17 Responses to No, The FBI Isn’t Tracking Survivalblog Visitors

  1. Nice Post Rudy…

    “The real question is … if the FBI wanted to track visitors to the Survival Blog (or any other prepper websites), would they REALLY do it with their name?”

    I thought the very same thing when I first read about this. It just didn’t pass the “smell test”. People need to apply a dose of common sense to what they are reading.

    That said, I certainly agree with Mr. Rawles’ comments regarding a VPN. No sense making it easy.

    • The biggest issue I have on the VPN recommendation isn’t about the recommendation itself, but the fact that they provide a false sense of security. Your biggest gap is your computer, which happily identifies itself to anyone that asks.

      A VPN can be a good layer of security in some cases. I have one, but I don’t use it very often.

      • You’re correct about the false sense of security. I guess I would fall into that category of those that believes a VPN would provide a level of anonymity. ….a little knowledge can be a bad thing.

        I would certainly appreciate info regarding browsing safely and as anonymously as possible. Both at the PC level and tablet level.

  2. “If there’s interest in learning more about how to browse the Internet safely, let me know and I’ll write something up!”

    Absolutely! That would be very appreciated.

  3. Thanks Rudy for the objective and substanative analysis on this. When some of us see these things, it is easy to go off the deep end and always think the worst…..Common sense in anything we do is vital.

  4. “Don’t panic folks. Think, get informed, and move forward.”

    Words that more preppers need to hear. Thanks for the sage advice, and, as always, the great information.

    • It’s way too easy to react in panic, especially if it seems plausible at first look … Pause, read, react …

  5. There are a number of browser add-ons you can use to stop tracking and you can also get one called collusion, which will graphically show who’s tracking you. I use several of these because while I never go anywhere really controversial, I don’t like the idea that Facebook, for example, tracks users all over the Interwebs. I also set cookies to be non-automatic, so I can set a cookie at the library, for example, but not at NY Times. (The local library gets rid of their search information in 48 hours, much like the lamented scrgoogle, which is no more; I asked specifically about this because of the Patriot Act requirement for libraries.) Go to lifehacker.com and search for ‘privacy’ and you’ll find a lot of info on this subject.

    HOWEVER, people should be aware that Google keeps information on searches indefinitely. If them dudes at the F.I.B. ever wanted to find out where you’ve been, and you use Google for everything, you’d have laid out your entire search history for the feds to see. An alternative to the aforementioned scrgoogle is duckduckgo, which doesn’t keep your search info forever. If you want to search with Google for pasta recipes, but leave more risque’ or risky things out of Google’s trove of data, save those searches for an alternate search engine.

  6. Thank you for taking the time to debunk paranoid, poorly executed “investigations” like this. I have no doubt that the government is sifting through everything they can find and using every hack they can to see what “persons of interest” are doing, and if others get caught in the sweeping net they get pulled in as well, but to proclaim and badly evaluate the singling out of preppers as a target seems quite a stretch. Although, if they were going to start on the preppers Rawles bunch would be the ones to start with; I’d say that bunch takes the cake. Given the Feds focus on extremists that’s where they’d start, but as you say, it’s unlikely we’d see it. I’d have to know more about the details, but could it be possible that those users were affected by the DNSChanger Trojan and were routed through some of the DNS servers run the FBI set-up to help? Just speculation on my part. http://www.readwriteweb.com/enterprise/2012/03/non-existent-crisis-averted-fb.php

    • Sure, like I said in the post, if you have a trojan on your computer, all bets are off. That’s why you need to be careful about that sort of thing.

      But for the kind of stuff to happen that he describes on a broad scope to happen would require a bunch of technical gymnastics that folks would notice and throw the red flag on. Having run and architected major Internet backbone networks before, I’ve got a pretty good idea on what’s involved, and it isn’t trivial.

  7. “The simplest explanation is the answer”

    Right!!!!!!!!!!!!!!!!!!

    What part of simple relates to NSA spying on the whole world US included? What part of simple relates to the Utah data center storing 1,000 years of our electronic transmissions? What part of simple relates to the IRS targeting thousands of patriots? What part of simple relates to Fast N Furious and the murder of 6,000 Mexicans? What part of simple relates to the FORCED closure of every “conservative owned” GM/Chevy dealer? What part of simple relates to having communists like Alinski and Van Jones in the presidents office and administration. What part of simple relates to The federal government shredding the constitution and destroying our rights?

    Need I go on?