Why does Google +1 record my mouse movements? [closed]

Why does Google +1 record my mouse movements? [closed]

This is only on pages with a Google +1 box on my website:

It seems to be firing off an event on every mouse move. Anyone know what it is doing? I searched on Google (perhaps I should try Bing for once on this one!) but no one seems to have written about it. Is it recording information about my visitors browsing habits? Is it some sort of CAPTCHA to detect human like behviour?
Example URL, press F12 in chrome, go to timeline and press record, then move your mouse around this page (it plus ones this question, don’t worry):
https://plusone.google.com/u/0/_/+1/button?hl=en-US&jsh=r%3Bgc%2F22224365-adc8a19e#url=https://stackoverflow.com/questions/6667544/google-1-recording-mouse-move&size=tall&count=true&id=I1_1310488711647&parent=https://plusone.google.com/u/0/_/+1/button?hl=en-US&jsh=r%3Bgc%2F22224365-adc8a19e#url=https://stackoverflow.com/questions/6667544/google-1-recording-mouse-move&size=tall&count=true&id=I1_1310488711647
For what it’s worth (I can see this is going to be a popular question), I don’t think there is anything sinister behind it, it might even be a useless artifact/bug, but if it is doing some sort of tracking, well, it seems a little deceptive to me.
Google +1 privacy policy
http://www.google.com/intl/en/privacy/plusone/

Google +1 Button Privacy Policy
June 28, 2011
The Google Privacy Policy describes how we treat personal information
when you use Google’s products and services, including information
provided when you use the Google +1 button. In addition, the following
describes our additional privacy practices specific to your use of the
+1 button.
Information we collect and how it is shared
The Google +1 button is a way for you to share information publicly
with the world. The Google +1 button helps you and others receive
personalized content from Google and our partners. The fact that you
+1’d something will be recorded by Google, along with information about the page you were viewing when you clicked on the +1 button.
Your +1’s may appear to others as an annotation with your profile name
and photo in Google services (such as in search results or on your
Google Profile) or elsewhere on websites and ads on the Internet.
We will record information about your +1 activity in order to provide
you and other users with a better experience on Google services.
In order to use the Google +1 button, you need to have a public Google
Profile visible to the world, which at a minimum includes the name you
chose for the profile. That name will be used across Google services
and in some cases it may replace another name you’ve used when sharing
content under your Google Account. We may display your Google Profile
identity to people who have your email address or other identifying
information.
Use of the collected information
In addition to the above-described uses, the information you provide
to us is used subject to our main Google Privacy Policy.
We may share aggregate statistics related to users’ +1 activity with
the public, our users, and partners, such as publishers, advertisers,
or connected sites. For example, we may tell a publisher that “10% of
the people who +1’d this page are in Tacoma, Washington.”
Your choices
You may view the list of items you have +1’d on the +1 tab on your
Profile. You can remove individual items from that list.
You may opt out of seeing +1 recommendations on third-party websites
(including on ads on third-party sites) from people you know.
We will store data (such as your recent +1’s) locally in your browser.
You may be able to access and clear this information in your browser
settings.
More information
Google adheres to the U.S. Safe Harbor privacy principles. For more
information about the Safe Harbor framework or our registration, see
the Department of Commerce’s website.

Related:  How to get a word under cursor using JavaScript?

Solutions/Answers:

Solution 1:

It appears to be seeding a random number generator with your mouse movements.

The mouse move handler itself does something along the lines of the following:

var b = ((event.X << 16) + event.Y) * (new Date().getTime() % 1000000);
c = c * b % d;
if (previousMouseMoveHandler) previousMouseMoveHandler.call(arguments);

d is (screen.width * screen.width + screen.height) * 1000000, and c is a variable that starts out as 1.

All of this is wrapped in the scope of an anonymous function, which itself is immediately evaluated to return a function that is assigned to a property named “random”. That returned function looks something like this:

var b = c;
b += parseInt(hash.substr(0,20), 16);
hash = MD5(hash);
return b / (d + Math.pow(16, 20));

hash, BTW, is a variable that starts out as the MD5 hash of the page’s cookies, location, the new Date().getTime(), and Math.random().

(Note, of course, that Google may change the script returned at any time and hence invalidate this analysis)

Solution 2:

The actual code that is being executed is derived from the Shindig code found here:

Related:  Failed to execute 'btoa' on 'Window': The string to be encoded contains characters outside of the Latin1 range.

http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/shindig.random/random.js

A secure random number is needed to ensure that the secure postMessage channel created here cannot be compromised by scripts on the page to execute arbitrary actions.

Here’s an article that explains why using Math.random() is bad:

http://baagoe.com/en/RandomMusings/javascript/

Solution 3:

If you can get your script loaded first, you could hook addEventListener and log everyone who is setting addEventListener and see who’s doing it and then, by looking at the relevant code, see what they’re doing.

Put this in place before the Google code loads:

var oldListener = document.addEventListener;
document.addEventListener = function(type, listener, capture) {
    if (type == "mousedown" || type == "mouseup" || type == "mousemove") {
        console.log("type=" + type + " listener=" + listener.toString().slice(0, 80));
    }
    return (oldListener.apply(this, arguments));
}

To see what was listening to window.onmousemove, you’d have to do it afterwards because it’s just a variable assignment, not a function that you can intercept. So sometimes after the initialization code of the page runs, you would do this to log what was hooked up to it:

if (window.onmousemove) {
    console.log(window.onmousemove.toString().slice(0,80));
}

Solution 4:

In the uncluttered code as of Jul 22, you’ll notice the onmousemove is part of the Gb.random class:

Gb.random = function () {
    function a(a) {
        var b = Jb();
        b.update(a);
        return b.ib()
    }
    var b = la.random(),
        c = 1,
        d = (screen[za] * screen[za] + screen[J]) * 1E6,
        e = i.onmousemove || Db();
    i.onmousemove = function (a) {
        if (i.event) a = i.event;
        var b = a.screenX + a.clientX << 16;
        b += a.screenY + a.clientY;
        b *= (new Date)[Ta]() % 1E6;
        c = c * b % d;
        return e[G](i, ka[x][Aa][G](arguments))
    };
    var f = a(k.cookie + "|" + k[B] + "|" + (new Date)[Ta]() + "|" + b);
    return function () {
        var b = c;
        b += ia(f[cb](0, 20), 16);
        f = a(f);
        return b / (d + la.pow(16, 20))
    }
}();

It’s multiplying sum of x and y by 2^16 using bitshift, then adding some other dimensions and multiplying all this by time in milliseconds mod 1000000. This definitely looks like a randomizing algorithm.

Related:  JSON.stringify output to div in pretty print way

I’m not sure why the page would need something like this, perhaps it’s using a cookie, preventing automated +1 clicking? When you click the “+1” the login screen that pops up appears to have a random number appended as the hash, the url ends with “&hl=en-US#RANDOMNUMBER”

Solution 5:

I bet you its “In-Page Analytics” Beta. Making a cursor and click heat-map.

Solution 6:

I think that the paper by Guo and Agichtein from CHI 2010 http://www.mathcs.emory.edu/~qguo3/wip287-guo11.pdf can provide further ideas on why Google is doing that.

Apparently mouse movements is a rough proxy for eye movement and allows people to approximate eye tracking results.