Online privacy

Messages
2,247
Just wondering how much people concern themselves with online priavcy?

I've moved away from Chrome (alternate between Brave & Firefox), search via Duck Duck Go, currently experimenting with a "secure" email provider and my friends and family think I'm mad! I dont consider myself paranoid - just dont like the idea of being tracked and targetted with adverts. Oh I have more than one ad-blocker externsion too :rolleyes:

Would struggle to move away from Google full time. Youtube is fab! Maps and photos are very good at what they do.
 
Likewise, I moved away from Chrome (largely since our exit from the EU has meant that our data has been moved to the US ... to be sliced, diced, sold and profitted upon) to Firefox. Chromium (the open source de-googled Chrome) would be a viable alternative but as soon as you sign into google, it's as good as "googled" again. I reserve Chromium as a lesser of two evils when using google services - I quite agree, Maps is excellent, Photos is really good and I do really enjoy a good number of things on YouTube now.

It's not paranoid. It's a matter of ownership. Our data is our data. Big data is collecting absolutely everything that we do whether they can use it or not. At some point they will be able to ... and the metadata connections will tell them more about you than you know. As with other areas of your life, use precautions!

Browsers are not the only thing spying on us ...

Once away from google, indeed, at the moment DuckDuckGo seems like a good search engine.

I use 1.1.1.1 as my DNS provider and have applied DNS over HTTPs on Firefox. I think I can do this on Chromium, too, but I've not looked. There are apps for iOS and Android, both of which I use - they are more like a VPN on those devices.

For mail, go into your settings and check IMAP is over SSL/TLS (port 993) and SMTP over SSL/TLS (port 465) rather than STARTTLS, although you've no choice if you use a Microsoft address for email (like Outlook, Hotmail, Live, etc) which uses STARTTLS.

My domain/hosting provider is based in Germany and that is where data is at rest. On my hosting, I've installed NextCloud and configured the at rest encryption. Basically, iCloud, but mine. If that's beyond you, look to something like disroot.org (based in the Netherlands) who have a NextCloud provision at cloud.disroot.org. NextCloud integrates well with macOS, Linux, ChromeOS, iOS and Android. I don't use Windows, so can't comment there.

If I feel especially paranoid, I have tor to fall back on. It's a dead easy install for Linux and macOS (via brew), and just sits there as a proxy service on port 9050. So, you can either set a "location" on macOS to use that proxy or install a proxy extension on Firefox or Chrom/ium and switch to it when you feel the need. Some folks say tor is compromised. If you're using it for privacy (against ISPs, trackers and big data) it'll do a sound job. If you want total anonymity to engage in criminal activity without consequence, I gather it's not all it's cracked up to be.

gpg is dead in the water, I think. Firefox Send is good to send encryted files to other folks without the need for a degree in Computer Science. If you just want to sign your emails then an S/MIME certificate can be had for free from Actalis. While on Firefox services, their Monitor service is useful for notifying you of any of your details found in big data leaks.

Finally, passwords. Don't save them in Chrome. Firefox can save your passwords and you can use Lockwise to integrate that functionality into your mobile phone. That, or use your own password manager. I use a self-hosted BitWarden. BitWarden online is probably okay. It's a LastPass clone. LastPass (parent company) was sold to a private equity company recently, so consider all your passwords as private property now. Get off LastPass, fast! If you do leave, once you've deleted all your passwords and requested your account be closed ... answer that you've forgotton your password. If you give them your password at this stage, they can decrypt your passwords at will later.

For me, I think that's a reasonable set of mitifations without going full Snowden and running TAILS off a microSD card, although I do have an installation of TAILS on a microSD card!

Now I've raised you one Snowden we should talk about how we invited the NSA into our daily lives to listen to everything that we say and do ... Alexa, Siri, Cortana (ha!) and Google Assistant. Get shot of them! They're a gimmick at best and of no actual or real value. If you have such a device in your home, you're handing your life over to big data at best, the NSA/GCHQ at worst. You can get webcam covers for laptops and so on. On my iMac, I've physically unplugged the camera and microphone when I last had it open. I use an external DAC which can input if I want to, or use a headset when I do need to talk through my computer. Of course, your phone is always listening ...

Sooner or later, I'll have to buy a modern TV which no doubt has all manner of spying facilities. Just search for Samsung and what it rats out on you. You can install your own home router and something like piHole, but you're at the mercy of everyone else's mitigations when you leave your home, so best secure your actual devices - your laptops, phones and so on.

The main advice is to not trust. Even if you can turn off the tracking and advertising IDs in, say, a FireStick ... I bet it's still tracking and tracing. Back to my first point about data moving out of the EU and so big data physically moving it to the US. It's all about whether they can (legally) use it. They're all illegally using it, of course, and when caught out they're fined less than they made on it. Win, win! For them ...

Take precautions!

Firefox, DuckDuckGo, Bitwarden, 1.1.1.1 and Nextcloud as a starter for 10 ...
 
Last edited:
At a more entry level, I have picked up some great tips and insight from the Mozilla and Duck Duck Go blogs and newsletters. Well worth signing up to.
 
i don't think we'll ever be 100% free from programmes watching our key logging or plain old cookies for that matter.
Remember the internet & the world wide web are two entirely different things. The internet is really just a life catalogue for research however the world wide web which was donated to the world by the americans when they got a better system is a completely different ball game. why did America give us it free ?. The world runs by corporate organisations, selling selling selling and unfortunately our governments are run the same.
you will never stop people prying in to your private life as the very people prying built your system. however they are not interested in the £50 in your bank account. It's the deviant criminals that you need to stop and much of them can't be bothered with an individual either. but you are right you need to try protect yourself. but like everything else in life if they want in they'll get in
 
Didn't realise that DNS over HTTPS was already in Firefox. Enabled!

Agree with much of what @pjgh said, though I haven't gone quite as far as they have. If you want an easy way to use Tor, Tor Browser is pretty good but doesn't protect any other traffic outside the browser
 
I am happy with Chrome and Google, maybe an ignorant fool but I just can't be bothered with Tor, VPN and what not

edit: tested DuckDuckGo years ago and was not happy with the result but just added it to Chrome to give it another go and it is looking snappier than before
 
Last edited:
I don't really bother too much but am interested to hear from you all what the risks are apart from knowing my shopping / browsing history? What is the actual harm physically or financially, or is it just a case of you wanting privacy from someone up on high?

Most of us have mobile phones which are listening all the time and I have Alexa devices all over the house no doubt listening to everything. I looked at shaving soaps on the English shaving co yesterday, went on another PC to go on facebook and there straight away was a sponsored ad from ESC with pictures of the soaps I'd been looking at.
 
Didn't realise that DNS over HTTPS was already in Firefox. Enabled!

Agree with much of what @pjgh said, though I haven't gone quite as far as they have. If you want an easy way to use Tor, Tor Browser is pretty good but doesn't protect any other traffic outside the browser

It was touted as new for 74, but I had the setting enabled in 73.

Duh! Of course ... Tor Browser. Good tip!
 
I don't really bother too much but am interested to hear from you all what the risks are apart from knowing my shopping / browsing history? What is the actual harm physically or financially, or is it just a case of you wanting privacy from someone up on high?

Most of us have mobile phones which are listening all the time and I have Alexa devices all over the house no doubt listening to everything. I looked at shaving soaps on the English shaving co yesterday, went on another PC to go on facebook and there straight away was a sponsored ad from ESC with pictures of the soaps I'd been looking at.

I'm equally torn on the matter ...

On the one hand, so what? Absolutely. Our store loyalty cards give the supermarkets a means of directing us to spend more (usually on the things we want) which is no bad thing in many respects. Likewise, our browsing history fingerprinting us so that meaningful adverts rather than rubbish. I've often been shown something quite curveball that I'd not thought of and been pleased to pursue.

On the other hand, everything you browse (on computer or phone), everything you say (captured by Alexa or your phone), everywhere you go (CCTV camera, even the mesh of Nest and Ring cameras with facial recognition), everyone you meet (proximity by phones), it all goes together and makes a much bigger picture that may at some time be used against you ... especially when it's in the hands of big data who sort, sift and sell. It could be your health insurer buying and refuse you because you've used soap with some ingredient that a future earth deems to be bad or that you participated in the 'What are you drinking tonight?' thread and the number crunchers tallied up the levels on that whisky bottle through various photographs to determine an amount of drinking that is different to the figure you wrote down. The data will be trusted, not you.

If our data is to be kept and used, we should be the controllers of that - what, how and when. GDPR went a long way to addressing that. I considered it a step in the right direction and one which should have been a stepping stone for more ...

Until then, anything I can do to reduce my expose is a good thing.

Yes, my data will be collected without my permission and it will be used without my knowledge in ways that will affect me, but where I can reduce what may be the vital links between pieces of metadata, all the better.
 
On the flip of all this, something I'm aware of but have not looked into ...

There are tools and services that can be used to build up completely false/fake data that skews and collection. Fake cookies, fake history, injecting fake locations.

Anyone got any direct experience of those?
 
I don't really bother too much but am interested to hear from you all what the risks are apart from knowing my shopping / browsing history? What is the actual harm physically or financially, or is it just a case of you wanting privacy from someone up on high?

Most of us have mobile phones which are listening all the time and I have Alexa devices all over the house no doubt listening to everything. I looked at shaving soaps on the English shaving co yesterday, went on another PC to go on facebook and there straight away was a sponsored ad from ESC with pictures of the soaps I'd been looking at.

On a different Forum a while back I participated in a thread discussing the 'Drone attacks' at Gatwick airport. Later on I was getting drone advertisements popping up. I was a wee bit surprised at that considering I hadn't googled drones or anything, just participated in the thread.
 
One that caught me recently ...

Someone in the street asked me if I knew where the Midland Hotel was. I kinda did but couldn't quite put my finger on it. I apologised and walked off. A couple of minutes later I thought, "Duh! Use the phone" (in fact, why didn't she?) ... anyway. I opened google maps and typed 'm' (just 'm') and the first result was 'Midland Hotel'.

In terms of what's on my phone, I have Siri turned off, I don't have google Assistant installed and google Maps does not have access to my microphone, nor does google Translate ... nor Messenger ... in fact, just Skype and Shazam.

Another instance ...

We were discussing (not googling) winter tyres at work. Yep! Next time I get on a browser, there's adverts for winter tyres.

They're listening!!!

Both of these were before the end of January, which is when I applied the majority of the mitigations I mentioned above. I still believe the phone is the weak point. Even if you turn all that stuff off ... it is still listening, they're still collecting and they're still acting upon information collected.

While we're on big data and in another thread discussing the key issue of the day, where is big data in all this? They know where everyone is, so when folks are confirmed as having COVID-19, surely big data can figure out everyone who has been in contact with them over the last period, who they've been in contact with ... and get ahead of this.

... or is that the big conspiracy theory? The "vaccine" will be a tracker implant for everyone on the planet. We had similar murmerings back in 2009 with Swine Flu, but the internet, mobile phone sophistication and big data was nowhere near what it is today.
 
One that caught me recently ...

Someone in the street asked me if I knew where the Midland Hotel was. I kinda did but couldn't quite put my finger on it. I apologised and walked off. A couple of minutes later I thought, "Duh! Use the phone" (in fact, why didn't she?) ... anyway. I opened google maps and typed 'm' (just 'm') and the first result was 'Midland Hotel'.

In terms of what's on my phone, I have Siri turned off, I don't have google Assistant installed and google Maps does not have access to my microphone, nor does google Translate ... nor Messenger ... in fact, just Skype and Shazam.

Did you have Location turned on or was it in an area that you're normally in? If it was nearby, would be higher up the list of suggestions.

On a different note, quick hack that I forgot to mention earlier. If you don't want or have a webcam privacy cover, I've been using little pieces of post-it notes for years. Simple, cheap and easily replaceable, with the bonus that they don't prevent your laptop lid from closing completely.
 
One that caught me recently ...

Someone in the street asked me if I knew where the Midland Hotel was. I kinda did but couldn't quite put my finger on it. I apologised and walked off. A couple of minutes later I thought, "Duh! Use the phone" (in fact, why didn't she?) ... anyway. I opened google maps and typed 'm' (just 'm') and the first result was 'Midland Hotel'.

In terms of what's on my phone, I have Siri turned off, I don't have google Assistant installed and google Maps does not have access to my microphone, nor does google Translate ... nor Messenger ... in fact, just Skype and Shazam.

Another instance ...

We were discussing (not googling) winter tyres at work. Yep! Next time I get on a browser, there's adverts for winter tyres.

They're listening!!!

Both of these were before the end of January, which is when I applied the majority of the mitigations I mentioned above. I still believe the phone is the weak point. Even if you turn all that stuff off ... it is still listening, they're still collecting and they're still acting upon information collected.

While we're on big data and in another thread discussing the key issue of the day, where is big data in all this? They know where everyone is, so when folks are confirmed as having COVID-19, surely big data can figure out everyone who has been in contact with them over the last period, who they've been in contact with ... and get ahead of this.

... or is that the big conspiracy theory? The "vaccine" will be a tracker implant for everyone on the planet. We had similar murmerings back in 2009 with Swine Flu, but the internet, mobile phone sophistication and big data was nowhere near what it is today.

Some interesting thoughts on Google Maps, Paul.........

 
Last edited:
Back
Top Bottom