|Help / Frequently Asked Questions|
How do I install TrackMeNot?
Back to main page
How do I upgrade to the current version of TrackMeNot?
Can I control the rate at which TMN sends queries?Yes. Go to 'TrackMeNot->Options' and select an average frequency.
Can I choose the search engines that TMN queries?Yes. Go to 'TrackMeNot->Search-Engines' and select one or more search-engines to query.
Can I control the search terms that TMN uses?Yes, but not directly. TMN currently uses RSS feeds to generate its initial set of queries. This listed can be edited, in the options panel ('TrackMeNot->Options->RSS Feeds'), by typing or pasting in new (comma-delimited) entries to the list, then pushing the 'validate' button.
Isn't it easy for search companies (or 3rd-parties) to filter out TMN queries?The answer here is not straightforward; even with dynamically evolving query sets and burst-mode timing, there are data-mining and machine-learning techniques which may well be able to filter TMN queries based on data patterns obtained from actual users. However, with the combination of randomized scheduling and query lengths, inclusion of changing terms from RSS feeds, and evolving query sets, we believe the difficulty for 3rd-parties is significantly increased.
Can TMN effectively hide my identity?To the extent that a third-party tries to identify you through searches alone, TMN can potentially make this more difficult. Much depends on the search query terms included. If third-parties are using other means to identify you, e.g. through IP address, browser fingerprinting, or information from your ISP, TMN will be of little use.
Isn't it a good thing that search companies keep track of my search history?In a perfect world, where search companies and other 3rd-parties could be trusted, such histories would serve all of us well and promise greater functionality to both companies and individual searchers. However, as long as search companies and other trackers unilaterally develop and pursue policies that don't take seriously the interests of individuals, society, and standing political and social values, individuals will have to make a choice between convenience and privacy.
Why is TMN so concerned with keeping control in the hands of individual users; as opposed to other strategies which use 3rd party servers/proxies?The larger intention of TMN is to challenge the current practice of search companies, and other 3rd-parties, of unilaterally setting policies on the collection and use of personal information. We think users should have a say; we think search companies should listen. To level the playing field, we have sought to create a mechanism that places some degree of control back in the hands of users.
Won't software like this make it harder for the government to catch real criminals (or terrorists) who might be using the web for nefarious purposes?We are unaware of any instances in which the analysis of search queries has helped law enforcement or security agencies deter or prosecute criminals or terrorists. Constitutional principles, however, place limits on what the government can and cannot do in such investigations. A targeted search on a particular individual's online activities (once probable cause has been demonstrated) is unlikely to be affected. TMN may, however, make unconstitutional 'fishing expeditions' more difficult, which is consistent with the values of a free society.
Will widespread deployment of TMN eventually 'clog' the search engines it queries?TMN no doubt places some additional load on search engines (though TMN requests are tiny compared with other types of web-traffic -- e.g. images, animations, music, video, etc.). How much and how serious the impact will depend on the number of users and their use patterns. Our intention (and expectation) with TMN is that its effect on search engines will be minimal. Further, universal deployment of TMN is not a goal of the project. Rather, we hope to offer a level of protection to individuals who may feel threatened by the practices of search engines, and to afford such users a small voice in the emerging debate on such practices.
Does TMN ever simulate click-throughs on links that come up from "fake" searches?Yes, TMN selectively "clicks-through" on links returned from its simulated searches.
What kind of guarantees can TMN make regarding privacy protection?We can make no hard guarantees without further evaluation measures; however, we believe that search companies may need to go to considerable trouble to separate user-generated from TMN-generated searches. Further, any such filtering efforts are likely to contain some number of false positives.
If one of the search engines were to come up with a new technical mechanism that could defeat TMN, how would you even know?There have been changes to which we have been able to respond, but there may be current or future mechanisms of which we are unaware and hence not able to respond to.
How random is TMN's random timing mechanism. Isn't it likely that a search engine (using the massive amount of user data they've already collected) could distinguish any randomomized mechanism from real user search behavior?With sufficient time and resources, search companies could likely detect a majority of TMN searches with some certainty. We are continuously improving TMNs timing mechanism to mimic, more closely, real usage patterns. One example of this is 'burst mode' which schedules TMN queries primarily when users are actually searching, thus avoiding 'patterns' in TMN's randomness.
How is this different than a (Distributed) Denial of Service attack or spamware?In providing a way for individual users to assert their privacy rights in web-search, we believe TMN is a legitimate use of network and computing resources. Although we understand that critics may use such rhetoric to cast doubt on our efforts and intentions, we are confident that by all common understandings, TMN is neither DDoSware nor spamware. Here are definitions from Wikipedia.
"a denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to its intended users. Typically the targets are high-profile web servers, and the attack attempts to make the hosted web pages unavailable on the Internet." (Wikipedia, March 29 2007)
"Spamming is the abuse of electronic messaging systems to send unsolicited bulk messages, which are generally undesired." (Wikipedia, March 29 2007)
"Spamdexing is any of various methods to manipulate the relevancy or prominence of resources indexed by a search engine, usually in a manner inconsistent with the purpose of the indexing system." (Wikipedia, March 29 2007)
How have the search engine companies responded to this project?They haven't.
I read Bruce Schneier's review that said TrackMeNot doesn't work; is he right?No. First, his comments targetted the initial alpha release of TMN which is significantly different from the current version. Second, he misconstrues the goals of TMN.
I would love to use TrackMeNot; why doesn't it work with browser X?As an open-source, academic research project, our resources are limited. However we would be happy to collaborate with those interested in developing TMN for other browsers.
I would love to use TrackMeNot in my language; is it supported?We have been working extensively to make TMN easily translatable into more languages. There are currently versions in Danish, German, French, Croatian, Dutch, Portuguese and Chinese. We would be happy to collaborate with anyone wishing to extend TMN to their language!
There are several projects that claim to protect privacy in web search (e.g., Tor, Anonymizer, etc.) Which is most effective? Should I use TMN instead of these others?The use of TMN does not preclude the use of any of these other technologies and the highest degree of protection will likely be obtained with some combination of approaches; i.e., Tor, TMN and manual cookie-management.
Google sends me to a 'sorry' page and tells me that it suspects my machine of being infected with spyware or a virus, and even prompts me for a captcha when I try to search. Did the search engine detect TrackMeNot?This is not a response to TMN in particular. However, some search engines have begun to block (and/or request CAPTCHAs) from IP addresses that issue a high number of queries. If you experience this behavior, we recommend that you configure TrackMeNot with a lower query rate (10 queries per hour appears to work well) and enable 'burst-mode.' This not only alleviates the strain on search engines that TMN might be causing, and allows you to avoid the CAPTCHAs, but also better mimics real human activity.
What is the difference between 'stealth' and 'tab' modes?Stealth mode issues TMN queries in the background of your browser (via XHR requests) at the given average rate you select. You will not see these queries being made unless you click the "Show logs" button in the options. In tab-mode, queries are run in a dedicated browser tab that can be inspected by users. Generally-speaking, we recommend tab-mode as it exactly mimics the format of user-initiated queries, however some users may find the extra tab to be distracting, and may thus prefer to use stealth mode.
What is 'burst mode'?Burst mode sends out batches of queries searches to a specific engine when the user is actively searching on that engine. This mode helps to further reduce the patterns that may form when TMN is working so that search engines do not pick up on TMN's query timing.
How does the query set 'evolve' over time?See "Dynamic Queries" below.
How do I add a new search engine?
What does 'keywords monitored by DHS' mean?The U.S. Department of Homeland Security (DHS) released (see article here) a list phrases they track as potential signs of cirminal or terrorist activity against the U.S. For that reason, TMN uses this list as terms for TMN to avoid. You have the option to change this setting if you prefer.
What if I don't want certain words to ever be searched? What is TMN's 'blacklist' ?The blacklist is a user-provided list of words that will never be searched by TMN.
Can you explain the various options/features that TMN provides?