Please visit the new Mac-Forums Facebook page:
Join Us @ Mac-Forums Facebook Page



Page 1 of 4 1234 LastLast
Results 1 to 15 of 46
  1. #1
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    PGB1's Avatar
    Member Since
    Dec 05, 2008
    Location
    Detroit
    Posts
    535
    Your Mac's Specs
    2007 Mac Book Pro 2.2 Ghz 4 GB RAM SSD OSX 10.11 & 2006 MBP Stuck At 10.6.8
    Rep Power
    12
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    Hi All!

    Basically, my question is how a web site remembers what you did last visit and figures out your name if no personal data is entered & history and cache are cleared.

    The Details-
    While doing my "favorite" task this time of year (comparing health insurance plans), I stopped at Humana's web site and looked at some plans. Later in the session, I stopped at some other vendors' web sites & explored plans from each.

    At the end of the session I did my usual practice in Safari: A) Close All Tabs Except One B) Send that page to my home page, which is "About:Blank" C) Clicked "History" and chose "Clear History". D) Clicked "Develop" and "Empty Cache". E) Closed Safari. If I have been at private sites, such as banking, I'll also open Terminal and type "dscacheutil -flushcache". I did the above steps, without Flushcache after the session when I visited Humana.

    Yikes!! ...
    Days later, I went back to Humana and it said "Welcome Paul. Here are your last viewed plans" (or words to that effect). I was surprised and shocked that they knew me and the stuff I looked at last time.
    (It picked my zip code as the one where the ISP's dish farm is located the first time I visited, but I'd imagine it got that from figuring out where the ip address is entering the internet. Lots of sites seem to do that part.)

    I'm absolutely positive that I cleared history & cache after the first visit. That habit is in my DNA.
    I also know that I did flushcache later that day, after moving around (lots of) money to the checking account so I could pay for health insurance. (An American tradition!) The computer had been restarted several times between Humana visits.

    I don't have accounts with, nor have I ever visited, Facebook, Twitter or any social media sites. The closest I come is that I have A Google account & and Apple ID. Only my phone's Contacts list & e-mail are on Google and I've never used the Apple ID's associated iCloud (or whatever it si called these days). SO Humana didn't use any of these to back-door my information.

    I know that I did not enter any personal information during my Humana visit. Today- many days later- Humana still knows me and what I viewed both times that I visited.

    I'm using Safari 11.1.2, OS X 10.11.6 on a MacBook pro from 2006. The router and modem both have firewalls and my OS X firewall is on.

    I tried looking quite a bit on line for how this invasion of privacy happens, but came up empty.

    Q? ...
    How in the world did Humana not only remember what I viewed, but figure out my name? How can I plug this "leak"?
    The name figuring out isn't so bothering (I think), but how did it re-link this computer to my previous activity?
    This is unsettling stuff, indeed.

    Thanks For Educating me on this interesting mystery.
    Enjoy This Day!
    Paul
    Last edited by PGB1; 11-18-2019 at 09:51 AM.

  2. #2
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    Raz0rEdge's Avatar
    Member Since
    Jul 17, 2009
    Location
    MA
    Posts
    12,169
    Rep Power
    24
    Did you enter your name at any point in time during your research to get access to info that you needed? If so, that information is saved on the server side and any amount of cleaning you do on the client side (the one you control) will not help. Web developers are getting better and better at tracking users who visit their site and especially sites that require you to purchase something. Believe it not, there are statistics that show that if you provide a friendly "face" to the visitor and allow them to pick up where they were before, they are more inclined to purchase something as opposed to having them start from scratch each time.

    You look like you are very serious about your security in which case you should be doing the following two things: 1) Always on a VPN and 2) always using Private/Incognito and whatever else each browser calls it depending on your browser.

    The second part will essentially not allow for much tracking of you and also will kill all extensions (which might not be a desirable thing for you).
    --
    Regards
    ...Ashwin


  3. #3
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    krs's Avatar
    Member Since
    Sep 16, 2008
    Posts
    1,189
    Rep Power
    12
    Quote Originally Posted by PGB1 View Post
    Hi All!

    Basically, my question is how a web site remembers what you did last visit and figures out your name if no personal data is entered & history and cache are cleared.
    Like Ashwin said, none of what you did on the Mac deleted any information that Humana has stored about you from this and also previous visits.
    You probably gave them your name when you checked that site previously, even if it was years ago.
    And I would assume they have one or more cookies set to figure out who you are when you went to that site again.

  4. #4
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    MacInWin's Avatar
    Member Since
    Jan 01, 2009
    Location
    Winchester, VA
    Posts
    7,068
    Your Mac's Specs
    MBP 15" Mid 2015, iPhone 11 Pro, an iMac, plus ATVs, AWatch, MacMini
    Rep Power
    27
    Two words: Google and Cookies. With those two working, it wouldn't be too hard for Humana to know who you are. Google tracks everything, every time you use it, every action you take. Having a Google account is just asking them to follow you around. I have zero Google products on my Mac, my iPhone or any other electronic device. I don't need to be followed by Google.
    Jake

  5. #5
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    PGB1's Avatar
    Member Since
    Dec 05, 2008
    Location
    Detroit
    Posts
    535
    Your Mac's Specs
    2007 Mac Book Pro 2.2 Ghz 4 GB RAM SSD OSX 10.11 & 2006 MBP Stuck At 10.6.8
    Rep Power
    12
    Thanks Ashwin, KRS & Jake for replying with helpful suggestions. I do appreciate your help!
    Sorry for the edit, but Jake replied while I was typing my reply.

    For fun, I went back to Humana. They still know me. I wanted to try on my wife's iPad, but am scared to have spy stuff enter her device.

    I didn't enter my name anywhere on any of the sites that I visited during that session.
    I do not recall being at their site in the past. I certainly would have had no reason to give any personal data to them.

    It's interesting what you said, Jake, about Google. So even though I did not use Google for searching, they can store stuff simply because I have a Google account and this computer knows it? Oy!

    That behavior is too Big Brother for my tastes. And the fact that they will apparently share it with Humana is way beyond my comfort level. (The only reason I have a Google account is because when I got an Android phone I had to have it for the phone to work. I don't know if that's an Android thing, or an AT&T thing.)
    Truthfully, if they are sneaking around when I don't use Google for searching, I'll plan to switch to an iPhone and destroy my Google account.

    I wonder if a privacy search engine, like DuckDuck Go, would be beneficial. I usually use Yahoo for searching because they automatically open every clicked link in a new tab. I'll get used to Command-Click for tabs.

    When I clear History and cache, doesn't one of those clear the cookies?
    If not, is there a way to clear them, or do they keep, at their end, something that ties my IP address to my browsing of the day? If so, I wonder if I could have a rolling ip address- or if that would really goof up the works.

    That is interesting what you said Ashwin about "Friendly Face". I must be a parallel universe kind of guy, since I don't like the idea at all.
    If Humana is callous enough to save stuff about me and figure out my name without my consent, I certainly will not do business with them. Sign up and give a social security number? No Chance!

    Even Amazon and eBay don't remember my searches when I am not logged in after I clear history & caches. They do remember what I looked at if I'm logged in, but I guess that's the Friendly Face that Ashwin mentioned.
    Me? If I see something of interest at eBay or Amazon, instead of logging so so they save it, I'll do File -Save As and save the file for later use. Clicking on the saved file will take me back to the vendor's web site page.

    I used to use Private Browsing often, but many sites complain & won't work. Some don't care. Actually, I'm on Private Browsing now and this site does not seem to mind. Perhaps it is time to start using it again.

    A Ashwin mentioned, I should get in the habit of using Private Browsing. I'll skip the sites that complain unless I have to be there. I'll be sure to subscribe to a VPN, at least for really private things like money stuff and health. I have Opera with VPN, but don't think it's a real one.

    Such Is Life With The Conveniences That Technology Provides!

    Paul
    Last edited by PGB1; 11-18-2019 at 11:21 AM.

  6. #6
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    krs's Avatar
    Member Since
    Sep 16, 2008
    Posts
    1,189
    Rep Power
    12
    Paul -

    When you clear History, you don't necessarily also clear your cookies - depends on the browser.
    Firefox for instance has options when you clear history to clear cookies or not, depending what you select.

    I wouldn't suggest you clear all cookies each time, they can be useful to help with identification where you want it - a banking site for instance.
    Without a cookie being set for them, you would have to go through a verification process (in addition to user name/password) every time you log in there.

    I started to use Brave as my main browser since it blocks tracking and ads - also started using DuckDuckGo as my search engine.

  7. #7
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    MacInWin's Avatar
    Member Since
    Jan 01, 2009
    Location
    Winchester, VA
    Posts
    7,068
    Your Mac's Specs
    MBP 15" Mid 2015, iPhone 11 Pro, an iMac, plus ATVs, AWatch, MacMini
    Rep Power
    27
    Paul, being anonymous on the 'net is practically impossible. Having a Google account and an Android phone is a double whammy. They know where you are and what you are doing, at least on the phone and your Mac. As for Humana knowing your name, they could have gotten that from Google, from your IP, from a cookie, from almost anywhere. If you have ever given them your name, in any form, to any Humana company or doctor, they can connect the dots. Anonymity is not possible without extreme measures, like going off the grid totally and living in the backwoods, never connecting to the 'net, never doing any banking, no credit cards, no loans, no job, never handle money, pay no taxes, never go where there are surveillance cameras. Basically become a hermit living off the land (and don't buy the land, just squat on it). Of course, that is both uncomfortable and illegal, but that's about the only way not to be known and tracked.

    How do you protect yourself? Get a password generator, use huge passwords (mine are currently set for 18 random numbers/letters/characters/case, and I'm contemplating moving to 24 of them) and put a super password on the password keeper. That should keep you safer until quantum computers make all of that obsolete.

    VPNs might help, but some VPN providers track what you are doing on the VPN itself, so that's not a guarantee.

    Sorry to be so pessimistic, but what you seem to want is simply not reasonable achievable today. That's life.
    Jake

  8. #8
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    Raz0rEdge's Avatar
    Member Since
    Jul 17, 2009
    Location
    MA
    Posts
    12,169
    Rep Power
    24
    Along with with what Jake said, understand there there are some VERY smart folks working on being able to track you since data is a huge revenue stream for companies like Google. You want to be anonymous? Then stay off the net. And even then you are not likely safe.

    Want to really freak yourself out and see what kind of information people have been collecting about you? Do nothing more than search for your name in your favorite search engine (or all the popular ones) and just see what happens.
    --
    Regards
    ...Ashwin


  9. #9
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    krs's Avatar
    Member Since
    Sep 16, 2008
    Posts
    1,189
    Rep Power
    12
    Quote Originally Posted by Raz0rEdge View Post
    Do nothing more than search for your name in your favorite search engine (or all the popular ones) and just see what happens.
    I do that for kicks every once in a while.
    I have a very unique name - there is nobody on the globe with the same first and last name - interestingly enough the search results that come up with my name always seem to be quite different. And often they don't actually bring up hits with my name where I entered my name information on the net.
    Last try the google search brought up a bunch of technical patents I received many years ago that I suppose the patent office at some point digitized.

    I think for most of us to be anonymous is already too late.

  10. #10
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    PGB1's Avatar
    Member Since
    Dec 05, 2008
    Location
    Detroit
    Posts
    535
    Your Mac's Specs
    2007 Mac Book Pro 2.2 Ghz 4 GB RAM SSD OSX 10.11 & 2006 MBP Stuck At 10.6.8
    Rep Power
    12
    Crazy Stuff!

    Thanks KRS for mentioning Brave Browser. I'll try it out.
    I do think Safari clears cookies with history since I have to (and don't mind) re-entering my user name & ID when I return to a site, such as this one or a bank. However, who knows how much data is gathered while at the site when cookies are accepted.

    My habit, when I am at any site requiring my name or a user name, is to clear history & cache, then close the browser before going elsewhere. I learned that the hard way by logging out of eBay and going somewhere else. Next time I logged into eBay, they had waiting for me the books that I looked at on Barnes & Noble (without being logging in to B & N).
    I wonder if there are permanent cookies on my computer somewhere that don't get nuked.

    You mentioned Humana getting my name from a doctor or somewhere. That makes perfect sense since many medical places I use probably accept Humana. It amazes me what lengths companies go to in order to get your name so they can act all friendly and sell you something. I never realized it until you all explained. All Humana did was make me uneasy about dealing with them. (As if the other insurance companies are innocent angels...)

    Thanks Jake for the mention of a password generator. That's a very good idea, as long as the master password is safe from hacking.
    I do change passwords frequently for money & health places and use long, goofy ones. For benign sites, like this one, I am lazy about long passwords & changing them.

    You were spot-on right about some VPN browsers tracking, at least as far as Opera. I asked them today and they said they do track where I am located and the sites to which I travel, but not the data I send. They sent me the privacy statement and it explains in good detail what, where, when & why.

    I often work with a paranoid (but fun paranoid) guy who is about as far off the grid as one can get & still live in a city. He works with cash only. Paid by cash. No bank accounts, does not take his social security, won't go to doctors, has a pay-as-you-go phone in a fake name & pays cash everywhere. He's got a fake name on utility accounts and lives in a no lease-no name house rental (common around here). He's got a fake name on driver license & plates. (It's super easy to buy fake ID of any sort here.) Back-of-the-van car insurance & more goofy stuff. And the names are various. He's got a dozen of them. But, he's still on camera everywhere, so what is the point?

    My wife internet searches us once in a while. It's kind of cool.
    Her name is not common, so there are few results. Mine is not too common in the U.S., but is very, very common in Germany, so she gets a zillion search hits for me.
    I once did it and a page showed I am a police officer in Detroit & precinct union steward. I left there in the 1980's, so somehow even pre-internet data gets out there. All I can figure is that it's from a union, pension fund or Blue Cross leak.

    I wonder how many search hits one would get if one's name were Mohammed or Lee (The most common first and surnames on the planet.)

    Technology makes so very many things possible and quite easy, but I learned here today that the cost is privacy. Personally, I like the convenience of technology. When I was in school- even college- there were not yet personal computers, ATM cards or cell phones. How did we survive? Oh yeah- Libraries, cash, pay phones and stores made out of bricks. (And record players, too.)

    And life will go on!

    Thank You All once again for the great education and for some very helpful ideas. I really enjoy learning things on this forum's thousands of pages of helpful information!
    Last edited by PGB1; 11-18-2019 at 08:43 PM. Reason: Someday I'll learn to spel and proper gramer

  11. #11
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    MacInWin's Avatar
    Member Since
    Jan 01, 2009
    Location
    Winchester, VA
    Posts
    7,068
    Your Mac's Specs
    MBP 15" Mid 2015, iPhone 11 Pro, an iMac, plus ATVs, AWatch, MacMini
    Rep Power
    27
    Well, at one time I had a fairly high security clearance which required me to fill in forms that had a ton of personal information. And then the Office of Personnel Management (OPM) was hacked and all that information was stolen. Later, my daughter, who also has a high security clearance, had her data stolen in another breach of the government, the information she had provided about me as her father was stolen. All of this has appeared on the dark web. Fortunately, I'd already changed every password everywhere to block them, although I did get a couple of amusing emails from the bad guys that said, basically, "<<name>> we have your passwords. Here is just one <<password>>. Pay us now in Bitcoin or we will tell the police you have a stash of pornography." I don't have pornography, never been to that kind of site, ever, and the password was one I had already changed. So basically, it was phishing with my personal information.

    My approach now is to have Lifelock at the highest level, including their insurance against theft of identity, long passwords and never use public wifi for any business. I have a secure VPN and change the end points fairly often. I have three monitoring services who keep track of what is going on in the dark web and report to me what they find. My credit cards report to me every transaction, even if the card is present, and block anything outside my immediate location using the card until I tell them it's ok. I do tell them whenever I'm planning travel so that they then allow my travel transactions but block things at home. I still feel at risk, but I think I've done what I could, given where I am. I can't "hide" from the internet, it's a reality of life, but I do try to avoid "volunteering" information to places like Google. Other search engines may not be as good, but I just don't go to Google, ever, and won't voluntarily use any Alphabet product. I'm kind of hoping for a "forget me" law so that I can tell Alphabet to erase everything they have, but I'm not holding my breath on that one. Too many $$$ from Alphabet in Washington to prevent that.

    I don't take the steps you do to delete cache and history because it doesn't really matter. They get your information while you are online, so deleting what makes for convenience is really of little true value for security.
    Jake

  12. #12
    A Web Site Mysteriously Knows Who I Am &amp; Details About My Last Visit. Scary!
    PGB1's Avatar
    Member Since
    Dec 05, 2008
    Location
    Detroit
    Posts
    535
    Your Mac's Specs
    2007 Mac Book Pro 2.2 Ghz 4 GB RAM SSD OSX 10.11 & 2006 MBP Stuck At 10.6.8
    Rep Power
    12
    Hi Jake,
    I am very sad to hear about your & your daughter's identity thefts.
    I'm sure that it was a giant & lengthy project to clear all of that up. You guys must have been quite worried and frustrated by the whole mess. I feel your pain. Sadly, speaking from our experience, the after effects may pop their ugly heads back up every so often & need to be slapped back down.

    Thank You for explaining the steps you have taken and are using to help prevent this from happening again. I appreciate learning them.

    I had my identity stolen some years ago because the local Lowe's store was lazy and had no encryption between the wireless credit card reader and the server. Somehow, just from my credit card, the bad guys got all kinds of information. Eventually several people were caught in the parking lot stealing data. Of course, no prosecution nor restitution. Credit, utilities and even a mortgage were opened in my wife's & my name. We lost some money from bank looting, too. It took about 3 years to get it mostly fixed up- but no refunds.

    The worst at fixing was Detroit Edison electric utility. At one of the many houses where service was established in our name, they could not shut off the power because it was a crack house & the people would shoot at the Edison workers' trucks. (Typical) Of course, the police would not intervene. (Also Typical) The Edison company people had in their records that I was a Detroit police officer & told me to pull the meter myself, as it was too dangerous for them. Yeah, sure! (I left the police department in the 80's & this was the late 90's.)
    It got to the point that Edison meter crew guys would pull the meter, lock the can & cut my service at home every day. My wife told them I was an electrician (I am) and I'd hook it back up when I got home, which I did daily. Eventually they'd pull the meter socket jumpers I put in, not cut the drop, not lock the can & stay for a coffee. They'd leave my socket jumpers for me. Nice folks!

    We still can not establish service with them without posting a security bond. The gas company was worse. (Now they are the same company.) The credit card companies were great & very helpful. Social Security- not so much. Health insurance, also not so helpful, but it was their money getting spent. (Idiots)

    Credit cards still get hijacked every so often for us; from various vendors' transactions. The most consistent was a Home Depot in Detroit that sometimes I have to patronize. Every single time I would shop there, the cashier would 'accidentally' drop my company credit card or wipe it off with a (magic) cloth. (No self readers). And the security guard at the exit check line would need to see the card, too. Then, fake charges abound! Once I was in there with one of my brothers. I pulled out my credit card and he instantly asked "Are you insane?" He knew the routine, It's too bad this happens because most decent people won't carry more than chump change in that neighborhood and I'm sure seniors are heavily targeted when they use their cards. Many would have no idea how to get out of the mess and surely can not afford the loss.

    I sincerely hope you guys never have this occur again. It sounds like you have a great & well thought out battle plan for monitoring & preventing. I saved your post so I can review the steps you took & prevention you have in place.

    Thanks Again & Be Sure To Enjoy This Day!
    Paul

  13. #13
    A Web Site Mysteriously Knows Who I Am &amp; Details About My Last Visit. Scary!
    MacInWin's Avatar
    Member Since
    Jan 01, 2009
    Location
    Winchester, VA
    Posts
    7,068
    Your Mac's Specs
    MBP 15" Mid 2015, iPhone 11 Pro, an iMac, plus ATVs, AWatch, MacMini
    Rep Power
    27
    Paul, that is an amazing story. Fortunately, none of my credit cards or accounts have been attacked as a result of the data loss. I do have the watches in place at the credit bureaus and no new lines of credit can be opened until I give approval, so it would be hard for the data thieves to open lines of credit with my information. I did have one credit card compromised at a local movie theater, but that turned out to be a local skimmer ring who were arrested after a police investigation. Because of the alerts on my credit cards that were in place, the card company contacted me about a pending purchase and I was able to tell them it wasn't me. They sent me a new card overnight with a new number.
    Jake

  14. #14
    A Web Site Mysteriously Knows Who I Am &amp; Details About My Last Visit. Scary!
    chscag's Avatar
    Member Since
    Jan 23, 2008
    Location
    Keller, Texas
    Posts
    59,105
    Your Mac's Specs
    2017 27" iMac, 10.5" iPad Pro, iPhone 7+, iPhone 8, Numerous iPods, Catalina
    Rep Power
    53
    @Jake:

    Yeah, I know the drill about all my government information being stolen. I too had a very high security clearance where I worked, actually in several government jobs that I had. Supposedly OPM gave each of us free credit monitoring and would take care of us. Right. You definity are correct about taking additional steps

  15. #15
    A Web Site Mysteriously Knows Who I Am &amp; Details About My Last Visit. Scary!
    PGB1's Avatar
    Member Since
    Dec 05, 2008
    Location
    Detroit
    Posts
    535
    Your Mac's Specs
    2007 Mac Book Pro 2.2 Ghz 4 GB RAM SSD OSX 10.11 & 2006 MBP Stuck At 10.6.8
    Rep Power
    12
    When one of the credit bureaus had a breech, they gave us free credit monitoring which translated into 5 or 6 junk e-mail and phone calls every day trying to sell us one of their banking, credit or other products. What a sucker I am sometimes!
    I should have skipped that 'generous offer' & just verified my reports were still on lock-down by myself. (They already were on lock-down from the years-ago theft.)

    A funny coincidence-
    Just yesterday I stopped for gas while working in a neighborhood where honest people don't carry much cash, so I used credit. I inserted my credit card & pulled it out when prompted. A skimmer came out with my card! (Guy must have bought his glue at the dollar store.) This is not the first time that's happened. I don't give the skimmer to the attendant, as it is often their doing. The police don't care, so I just smash & recycle. And, I never, ever hand my card to an attendant.

    One would think that working a real job is less effort than being a crook. It's a crazy world we live in- But at least we are here for the good parts!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. A very scary story
    By IWT in forum Schweb's Lounge
    Replies: 4
    Last Post: 07-31-2017, 02:23 PM
  2. This is a scary tale...
    By cptkrf in forum Schweb's Lounge
    Replies: 18
    Last Post: 08-07-2012, 10:00 PM
  3. Scary Wallpaper
    By jmullenberg in forum Schweb's Lounge
    Replies: 0
    Last Post: 10-28-2008, 09:47 PM
  4. Is This Scary - or What?
    By hughvane in forum Schweb's Lounge
    Replies: 6
    Last Post: 10-25-2008, 05:55 PM
  5. G5 mysteriously sleeping
    By zzlaz in forum Apple Desktops
    Replies: 3
    Last Post: 02-03-2005, 09:37 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •