Google trackers are built into a number of official Russian electronic resources.

Google is not what it seems
J. Assange

I anticipate the text with a quote from the notorious comrade J. Assange, who once published the book “ When Google Met WikiLeaks ”, which describes some facts and peculiarities of this company’s close cooperation with the US government / special services.

The article conducted an express analysis of a number of official Russian resources for the presence of third-party foreign trackers, taking into account the fact that in the modern world it is not necessary for some resources to use software that can “catch” information about Russian users and their behavior and a priori transfer them to “ overseas "server.

The March article by Adbins Surveillance on the Public Sector Web from Cookiebot confirms that more than 89% of the websites of EU governments (belgium.be, gov.bg, gov.uk, etc.) contain third-party trackers, of which 82% - from Google. Many EU resources related to health issues and the processing of personal, fairly confidential and sensitive issues (pregnancy, cancer, AIDS, mental illness ...) also contain many trackers, which contradicts not only moral standards, but also the EU law on personal data processing GDPR (this allows third-party companies to conclude that this or that user probably has certain problems or secrets that he thinks he keeps in secret).

There is an ancient story about how the store found out about the pregnancy of a schoolgirl user on the basis of indirect signs of its activity on the Internet and sent her the appropriate promotional coupons that her dad took out and started a scandal in the store. Since then, technology has gone a step further, as they say.

In general, foreign companies, including comrades from Google, dominate not only in the EU, but throughout the world. This is proven by the article "Tracking the Trackers: Analysing the global tracking landscape with GhostRank", which analyzed the domination of various trackers in the world based on studying 144 million web pages of resources from 12 countries, including Russia. Also, trackers are on 77.4 percent of the pages studied and allow you to track the user's activity, get some data about him and save his actions. At the same time, the overwhelming number of trackers is of foreign origin.

In this regard, I was interested in "... and what do we have?" And I decided to carry out, as I wrote above, an express analysis of some official Russian resources for the presence of third-party trackers, believing that it is not worthy for state resources to use software, especially foreign, that can "catch" information about the Russians-users and the features of their behavior and a priori transfer them to the “foreign” servers.

To do this, installed a number of browser extensions: - Ghostery, uBlock Origin - for Chrome, Privacy Badger, Lightbeam - for Firefox, allowing you to inform about the presence of certain trackers on the sites I visit. In this case, using Lightbeam, you can see graphically how the visited resources are related to each other by the “third” party. For example, an example of communication of the resources listed below.

Addresses of some state resources from here . The sites of the Kremlin , the Government , the FSB , the SVR , the Ministry of Internal Affairs, the traffic police, the Ministry of Defense , the Rosgvardia , the Emergencies Ministry , the State Services , the Ministry of Communications , the Ministry of Foreign Affairs , the Ministry of Energy , Rostelecom and Roskomnadzor were investigated .

I specifically note that this analysis does not involve any active actions on the site, the extensions passively analyze the information that my browser exchanges with the site and notes the facts of the presence of a “third party” tracker — the sites do not break this software.

To organize information about trackers, I compiled a table indicating their presence on the studied resources (the data is simplified and “brushed” (for example, yandex.ru and not mc.yandex.ru), who needs more information can be checked with extensions and other software).
At the same time, there is a different set of trackers on different pages of the site, which makes their description difficult.

The purpose of the article is not a detailed description of the facts of the existence of each type of tracker on each resource (this is the task for the whole study a la Cookiebot), but an assessment of how things are in presenting data on state resources to foreign third parties.
The table lists the main trackers found on the resource (on start pages or other main pages, and there may be more of them, but they belong to the same owner). Also remind you that doubleclick = google

Resource	Russian	Overseas
Kremlin
Government	yandex.ru mail.ru
FSB
SVR
MIA	yandex.ru sputnik.ru	twitter.com
Traffic police	sputnik.ru	google.com (hidden recapcha)
Defense ministry	yandex.ru mail.ru rambler.ru	google-analytics.com googletagmamanger.com
Rosguard	yandex.ru sputnik.ru	cloudflare
MES	yandex.ru mail.ru rambler.ru	doubleclick.net google.com
State services	yandex.ru
Ministry of Communications	yandex.ru sputnik.ru
Mead	yandex.ru
Ministry of Energy	yandex.ru sputnik.ru
Rostelecom	yandex.ru mail.ru	google.com Twitter, Facebook
Roskomnadzor	yandex.ru sputnik.ru

In order not to appear unfounded, I will describe what the Defense Ministry’s website, for example, sends to Google about a user who logs in to calculate the payments by an online calculator on the site’s page (some fields were converted from a formalized form to a readable one)

www.google-analytics.com utmwv=5.7.2   utms=6  ,      utmn=2140646854   utmhn=mil.ru  utmcs=UTF-8  utmsr=1920x1080   utmvp=1900x962   utmsc=24-bit   utmul=ru-ru  utmdt=          ...  ,     utmhid=818112135   utmp=/files/files/calc/    utmht=13.04.2019 @ 13:30:13 /  utmac=UA-22580751-2   utmcc=__utma%3D261091234.889931234.1543171234.1543171234.1554661234.2%3B%2B__utmz%3D261091234.1543171234.1.1.utmcsr ……  Google-,   ,   ,    ,       utmu=qAAAAAAAAAAAAAAAAAAAAAEE~

Theoretically, Google due to the fact that the site of our Ministry of Defense has its tracker, is able to bind the visitor's id of this site to other data available on this id (what other resources does it visit, what interests it, what does google, what email address on gmail , if there are correspondence texts, etc.). This is about the "foreign trackers."

About collecting user data is interesting and is described in some detail in the Google Data Collection article .

Thanks to the mail.ru tracker, the same Ministry of Emergency Situations already knows the mailbox on the mail.ru domain of the person who visited the website of the Ministry of Emergency Situations, without asking, if you visited your mail before.

Mpop name
Content 3001305176a4f5483561246431b434566545876b164541: my-user-email@mail.ru:

Overall, the situation is not so bad. The main thing is that there is no Kremlin, and Roskomnadzor did not disappoint. The main state resources do not use trackers or use Russian production from mail.ru, sputnik and Yandex.

As for the resources on which foreign trackers are found - surprised. On the one hand, there are constant statements that information security is extremely important and some figures bring it to paranoia by blocking everything that is not, on the other hand, the "enemy" code is on official resources. Just in case, the Ministry of Defense of some other countries checked (this is faster than searching for an analogue of the foreign counterparts of the Ministry of Emergency Situations) for the presence of Russian trackers.

A country	Trackers
USA	google analytics, gstatic, addthis, and others.
Great Britain	google analytics
Germany	no trackers
Poland	googletagmananger, gstatic, cloudflare
Turkey	twitter
Ukraine	google analytics doubleclick
Georgia	google analytics doubleclick
Belorussia	googletagmananger, bitrix, yandex
Kazakhstan	googletagmananger, yadro.ru
China	no trackers

In this regard, I was visited by a muse - the idea that this is the ground for the compilation of "IT-psychological" portraits of states, because:

The West uses exclusively its trackers;
Georgia and Ukraine - use trackers from Google;
Germany, in view of discipline in all respects (ordnung und disziplin), including information security, like China, does not contain trackers;
The CIS (like us) does not disdain both Russian and American trackers (except for Ukraine and Georgia, which prefers only the western and gets rid of everything Russian).

In the place of the administrators of our resources, I would still remove the excess, following the example of the Kremlin, the SVR and the FSB, etc. And Yandex is enough for analytics attendance, etc.

Examples of information collected by some trackers

Google Analytics (uses 75% of websites in the world) - the address and name of a visited web resource page, information about the browser and device, current location (by IP), language layout, data on user behavior on the web resource;

DoubleClick (uses 1.6 million sites in the world) - similarly, but defines a unique device by switching over contextual advertising to another resource.

Yandex - metric (web browser) - address and name of the visited web resource page, information about the browser and device, current location (by IP), language layout, data on user behavior on the web resource (including mouse movements, pages). </ cut />

You can check the security of your visitors, Wikileaks, EFF and others regarding the placement of third-party trackers.

Answer

Respectfully Yours. There are no trackers

Source: https://habr.com/ru/post/448410/

All Articles

Google trackers are built into a number of official Russian electronic resources.

More articles: