How to Avoid Leaving Tracks Around the Internet(nytimes.com)
nytimes.com
How to Avoid Leaving Tracks Around the Internet
https://www.nytimes.com/2019/10/04/smarter-living/10-tips-internet-privacy-crowdwise.html
107 comments
I would suggest Privacy Badger nowadays (as a complement to the irreplaceable uBlock origin).
Does Privacy Badger do something that uBlock Origin does not?
Instead of having built in lists, it dynamically tries to track the trackers and block domains/cookies it thinks are trying to track you.
They have different purposes. Privacy Badger is not there to block all ads; it exists to block trackers.
For websites I like, I turn off uBlock Origin but leave Privacy Badger enabled.
For websites I like, I turn off uBlock Origin but leave Privacy Badger enabled.
Have you been able to compare that with latest Firefox's native tracker blocker?
So far to me that's been pretty good to the point I stopped using Privacy Badger (which I agree is pretty good too!).
So far to me that's been pretty good to the point I stopped using Privacy Badger (which I agree is pretty good too!).
Not really. uBo devs recommend having only one blocker in place to reduce chances of issues/breakage occurring.
Been wondering this for a while even though I have both installed
Consider using Privacy Possum instead of Privacy Badger. It's a bit more thorough.
Add to that Cookie Autodelete and uMatrix
> We need to stop treating knowledge of public data like this as some sort of identity metric.
And one step further, such public data should not be used by corporations / governments to validate (or inform much, beyond "details") the identity of someone. It's just too unreliable and can't be verified.
Maybe PGP or similar, hashed from some source biometric data, to allow multiple 'IDs' over a lifetime but 100% verifiable.
And one step further, such public data should not be used by corporations / governments to validate (or inform much, beyond "details") the identity of someone. It's just too unreliable and can't be verified.
Maybe PGP or similar, hashed from some source biometric data, to allow multiple 'IDs' over a lifetime but 100% verifiable.
After Apple destroyed safari extensions and forced everyone to use declarative net requests, there are few options. I’m pretty sure Ghostery is now unable to perform the analytics or data collection from previous versions. KaBlock and others are worth trying. There are few options, so I’ve settled on Ghostery for safari on macOS
> We need to stop treating knowledge of public data like this as some sort of identity metric.
I love how it's easier to steal my identity than to intercept my encrypted web traffic.
Society really could do with a cryptographically sane method of authentication - think an PKI-type verification but in replacement for '100 points of id' / Social Security Number / Tax File Number etc.
Surely the cost of implementation wouldn't outweigh the cost of identity theft and other types of fraud which can occur due to the current flawed system?
Maybe the costs are/would be paid for by different parties, but indirectly we all pay for them through insurance premiums and taxes which cover the (preventable) financial damage anyway.
I love how it's easier to steal my identity than to intercept my encrypted web traffic.
Society really could do with a cryptographically sane method of authentication - think an PKI-type verification but in replacement for '100 points of id' / Social Security Number / Tax File Number etc.
Surely the cost of implementation wouldn't outweigh the cost of identity theft and other types of fraud which can occur due to the current flawed system?
Maybe the costs are/would be paid for by different parties, but indirectly we all pay for them through insurance premiums and taxes which cover the (preventable) financial damage anyway.
The omission of "Disable third party cookies" is fairly shocking. From my understanding, it might be the single most effective thing you can reduce tracking. Whenever I get the chance, I recommend the following pieces of Internet hygiene to anyone and everyone I can:
* Disable 3rd party cookies
* uBlock Origin
* Privacy Badger
* HTTPS Everywhere
These things are all dead simple and will significantly reduce your trackability. Of course they are far from comprehensive or perfect, but it's the Internet equivalent of washing your hands after you go to the bathroom.
* Disable 3rd party cookies
* uBlock Origin
* Privacy Badger
* HTTPS Everywhere
These things are all dead simple and will significantly reduce your trackability. Of course they are far from comprehensive or perfect, but it's the Internet equivalent of washing your hands after you go to the bathroom.
Won’t disabling third-party cookies render certain payment gateways unusable? While such advice may be very welcome among savvy computer users who know when they should temporarily turn third-party cookies back on, the NYT is unlikely to give advice that will break online shopping for large numbers of people.
I've had 3p cookies disabled for years and never experienced an issue with payments. But, it may be that I don't pay for things as often as others. My recommendations will slightly break some things like embedded Twitter posts but it's rare that I experience a site being functionally impacted in ways I care about.
I don't think I've ever run into an issue with a payment gateway. The one major site I've had issues with has been playstation.com. Sony seems to use a bunch of different domains for managing its various PSN websites, and I've never found the right set of rules in uMatrix without also enabling third-party cookies.
With the latest macOS it is no longer possible to install uBlock Origin in Safari. Do you have a different recommendation that works with Catalina?
Firefox w/ uBlock Origin
you're limited to what Apple has allowed you to have. Search app store for content blockers. This "story" [1] by Apple contains most popular, and I've used Ka-Block! and Ghostery Lite. I would go with either or both.
[1] https://apps.apple.com/us/story/id1377753262
[1] https://apps.apple.com/us/story/id1377753262
-Use a private cloud, so that your data is in your control.
We've actually developed a self-hosted private cloud solution as a substitute to Dropbox for exactly these reasons. Basically a private Dropbox at home (no complicated installation and no server needed)
We're currently in beta, could interest a few in this thread! https://www.duple.io/en/
The point is to have a product that works just like a Dropbox, as simple and straightforward, but that is actually private with no one interfering, playing, accessing or reading your data.
We've actually developed a self-hosted private cloud solution as a substitute to Dropbox for exactly these reasons. Basically a private Dropbox at home (no complicated installation and no server needed)
We're currently in beta, could interest a few in this thread! https://www.duple.io/en/
The point is to have a product that works just like a Dropbox, as simple and straightforward, but that is actually private with no one interfering, playing, accessing or reading your data.
Somehow I don't understand how you say Syncthing's disadvantage in comparison is that it's a P2P system[1], but at the same time your website says duple doesn't need a server.
Maybe I've misunderstood, but this sounds just like Syncthing with an always-on client - except for the file versioning, that sounds like an interesting feature to me.
[1] https://blog.duple.io/what-is-the-point-of-duple/
Maybe I've misunderstood, but this sounds just like Syncthing with an always-on client - except for the file versioning, that sounds like an interesting feature to me.
[1] https://blog.duple.io/what-is-the-point-of-duple/
Agreed.
I've been using SyncThing for over 4 years and while it has a few rough edges (synced/shared/global file ignore would be great) still it's been fully reliable and a generally great user experience. So if you're trying to cater to existing SyncThing users don't mince words to make it appear that something which you claim is a negative with SyncThing doesn't exist in your product - which it clearly does.
SyncThing has a huge advantage: years of trust. They have been around since 2013 and continue to crank out features and builds consistently. Duple hasn't been around for one year at the time of this writing. Beyond that it's clear from the Duple site that it's main goal is to take my data and file replication hostage via licensing fees. I'm curious how or why I'd donate before I've even installed the Beta (based on your click flow to even reach the downloads page)? No thanks.
Also, let's clarify something Duple has wrong...
Duple states: "Syncthing is P2P, so you get the disadvantages along with it e.g. all your devices need to be turned on at the same time. If not, you get a desynchronisation between your devices and create conflict." - This is wrong. You do not need all your devices on at the same time with SyncThing. Yes, it is true that it's good to have a device with a consistent state, however it's not required. The second part of the statement is FUD. When conflicts happen it's generally around odd permissions or file updates with regard to versioning. This was more problematic in versions prior to 1.0. At this point in time I haven't run into this issue other than because of disparate problems caused by file permissions which SyncThing does a great job preserving.
Duple also states SyncThing has no IOS support and yet, itself, has neither IOS or Android. Or Windows... Or an open source repo of what I'm supposedly using.
In my mind Duple doesn't compete with SyncThing and, really, never will. But here's the thing... Don't pretend to compete where you don't. SyncThing users aren't looking for Duple. You'd do yourself a better service to take that verbiage out because all it did for me was give me the impression that Duple is lying about competitors that they simply didn't take the time to understand. That leaves a bad impression in my mind.
I've been using SyncThing for over 4 years and while it has a few rough edges (synced/shared/global file ignore would be great) still it's been fully reliable and a generally great user experience. So if you're trying to cater to existing SyncThing users don't mince words to make it appear that something which you claim is a negative with SyncThing doesn't exist in your product - which it clearly does.
SyncThing has a huge advantage: years of trust. They have been around since 2013 and continue to crank out features and builds consistently. Duple hasn't been around for one year at the time of this writing. Beyond that it's clear from the Duple site that it's main goal is to take my data and file replication hostage via licensing fees. I'm curious how or why I'd donate before I've even installed the Beta (based on your click flow to even reach the downloads page)? No thanks.
Also, let's clarify something Duple has wrong...
Duple states: "Syncthing is P2P, so you get the disadvantages along with it e.g. all your devices need to be turned on at the same time. If not, you get a desynchronisation between your devices and create conflict." - This is wrong. You do not need all your devices on at the same time with SyncThing. Yes, it is true that it's good to have a device with a consistent state, however it's not required. The second part of the statement is FUD. When conflicts happen it's generally around odd permissions or file updates with regard to versioning. This was more problematic in versions prior to 1.0. At this point in time I haven't run into this issue other than because of disparate problems caused by file permissions which SyncThing does a great job preserving.
Duple also states SyncThing has no IOS support and yet, itself, has neither IOS or Android. Or Windows... Or an open source repo of what I'm supposedly using.
In my mind Duple doesn't compete with SyncThing and, really, never will. But here's the thing... Don't pretend to compete where you don't. SyncThing users aren't looking for Duple. You'd do yourself a better service to take that verbiage out because all it did for me was give me the impression that Duple is lying about competitors that they simply didn't take the time to understand. That leaves a bad impression in my mind.
I know this is a late reply,but maybe you'll see it.
Regarding the synced/shared/global file ignore, there's an imperfect but usable work-around:
You can use #include statements in your .stignore, so you can include another file that contains the global ignore list, then sync that file. You have to set up the .stignore with the include statement for all of your devices/folders, but after that, it's essentially a global ignore list.
Hope that helps.
Regarding the synced/shared/global file ignore, there's an imperfect but usable work-around:
You can use #include statements in your .stignore, so you can include another file that contains the global ignore list, then sync that file. You have to set up the .stignore with the include statement for all of your devices/folders, but after that, it's essentially a global ignore list.
Hope that helps.
I'm sure what they mean by all devices needing to be on and connected, is that if only one device is connected, there will be nothing to sync to. So if I take some photos while on vacation, but my desktop at home is asleep, then I can't sync my photos to it. So if I lose my phone before then, I'm sunk.
Of course this is fixed by simply having the desktop on all the time, which would then make it similar to a client server setup.
Of course this is fixed by simply having the desktop on all the time, which would then make it similar to a client server setup.
Well, they don't say that so it doesn't really matter what they mean. And they imply that by not having a device on all the time it is the cause for synchronization issues which is completely incorrect.
If I take photos on vacation and throw them in a sync'd folder the next time both devices are online they will resolve the new file delta between that shared folder. That doesn't imply I always need one or the other device online. The more devices syncing the less likely it is that only one would be online at a time, but again there's no requirement there for an always on device.
Anyway... SyncThing is fantastic for users who are willing to invest some time learning how the software works. Every paid for product seems to cater to the "it just works" mentality thereby sacrificing control to me, the user, to handle situations that can't be handled by overly simplified, cloud-first, lock the user into our licensing model solutions. And don't get me wrong, those are fine for many people. For users who want more control via more responsibility - then SyncThing is great. But I don't like how they are spreading FUD about it just to get some name association.
If I take photos on vacation and throw them in a sync'd folder the next time both devices are online they will resolve the new file delta between that shared folder. That doesn't imply I always need one or the other device online. The more devices syncing the less likely it is that only one would be online at a time, but again there's no requirement there for an always on device.
Anyway... SyncThing is fantastic for users who are willing to invest some time learning how the software works. Every paid for product seems to cater to the "it just works" mentality thereby sacrificing control to me, the user, to handle situations that can't be handled by overly simplified, cloud-first, lock the user into our licensing model solutions. And don't get me wrong, those are fine for many people. For users who want more control via more responsibility - then SyncThing is great. But I don't like how they are spreading FUD about it just to get some name association.
Syncthing does file versioning, although a bit noobishly. It just keeps n copies of the old file in a hidden folder with DATE_MODIFED appended to each copy.
You know, ipfs helps a lot with this. If I can pay for someone to mirror whatever I host on my ipfs and tie it to some account it would be neat.
Good luck on your product. Seems promising. But I didn't like how your site loaded slowly (just a subjective feedback)
Good luck on your product. Seems promising. But I didn't like how your site loaded slowly (just a subjective feedback)
How implemented E2E encryption?
Where is link to github with ALL code?
Where is link to github with ALL code?
OK, it's not horrible advice.
But there's no mention of Tor, which is arguably the best available way to "avoid leaving tracks around the Internet". And better yet, using Whonix, which prevents leaks around Tor.
Using multiple email addresses is good. But if you're sloppy about browser hardening, they'll all get linked.
More generally, there's compartmentalization. Not just multiple email addresses, but multiple VMs, connecting through different VPNs, and/or Tor instances. Modern machines can run several Linux VMs, and switching among them is as easy as switching among app windows.
So basically you can present online as many different personas. Even if everything that each persona does gets linked, it won't get linked to other personas. If you're careful, anyway.
But there's no mention of Tor, which is arguably the best available way to "avoid leaving tracks around the Internet". And better yet, using Whonix, which prevents leaks around Tor.
Using multiple email addresses is good. But if you're sloppy about browser hardening, they'll all get linked.
More generally, there's compartmentalization. Not just multiple email addresses, but multiple VMs, connecting through different VPNs, and/or Tor instances. Modern machines can run several Linux VMs, and switching among them is as easy as switching among app windows.
So basically you can present online as many different personas. Even if everything that each persona does gets linked, it won't get linked to other personas. If you're careful, anyway.
> More generally, there's compartmentalization. Not just multiple email addresses, but multiple VMs, connecting through different VPNs, and/or Tor instances. Modern machines can run several Linux VMs, and switching among them is as easy as switching among app windows.
Shout out to https://www.qubes-os.org/ Qubes OS, an Open Source research implementation of this concept on the OS level. BYO OPSEC.
Shout out to https://www.qubes-os.org/ Qubes OS, an Open Source research implementation of this concept on the OS level. BYO OPSEC.
Yeah, love Qubes too.
The learning curve for that is steeper than for VirtualBox, however. As is, with absolutely no doubt, the security level. In that it uses a hardened version of the Xen hypervisor. That also means tighter hardware requirements, however.
The learning curve for that is steeper than for VirtualBox, however. As is, with absolutely no doubt, the security level. In that it uses a hardened version of the Xen hypervisor. That also means tighter hardware requirements, however.
I agree fully. I would be really interested in generalizing their security model amongst more (probably inadequate) hardware. We can dream :)
Some years ago, after reading beta-level posts about Qubes, I implemented as best I could in VirtualBox. I used pfSense VMs as VPN gateways, and Linux VMs for workspace.
While I was at it, I used multiple pfSense VMs to create nested VPN chains. Sort of like Tor circuits, but static (so much less anonymous) but also much faster.
Then Whonix came along. And it works very well with nested VPN chains.
While I was at it, I used multiple pfSense VMs to create nested VPN chains. Sort of like Tor circuits, but static (so much less anonymous) but also much faster.
Then Whonix came along. And it works very well with nested VPN chains.
Oh the irony. Reading this article requires me to give away my e-mail address...
I was able to read the article by opening it on a browser I rarely use. But even then, an email ask isn't "tracking", and you can always use a throwaway account if you want. As the article itself suggests, use a different email for each service you sign up for.
The NYT is a content website in a sea of content websites. Getting you on their email list is valuable in the way that getting you to install their app is valuable; they can send you notifications and a few free articles that can maybe upsell you into a subscription.
They have no choice but to do this because we still think text and pictures on the internet should be free. We've come around to paying for music and videos, but it still seems too much of a hurdle for traditional news outlets.
The NYT is a content website in a sea of content websites. Getting you on their email list is valuable in the way that getting you to install their app is valuable; they can send you notifications and a few free articles that can maybe upsell you into a subscription.
They have no choice but to do this because we still think text and pictures on the internet should be free. We've come around to paying for music and videos, but it still seems too much of a hurdle for traditional news outlets.
Or click the "Reader Mode" in Firefox? (YMMV).
Yes, if you do it fast enough, before the paywall loads.
Install uMatrix and block all 3rd party JavaScript. It breaks functionality in some sites that embed social networks' widgets, but other than that works like a charm. As a bonus sites load at least 30% faster.
I use uMatrix lazy style - if go to page and it works without changes I use it - if it breaks but I need to use it allow all - if it breaks but I don't care that much close the tab.
Exactly my experience, going on 3 to 4 years now. Spend the time to learn uMatrix. It's an incredible investment into yourself and your web experience. I barely browse on mobile anymore since I don't have uMatrix, although Brave does allow blocking scripts and some stuff quite easily. Highly recommend Brave on mobile.
I have Firefox and uMatrix on mobile. It is not a s seamless as desktop but bearable.
Nice, thanks for the tip! I'll have to give it a try
You can do that in uBlock Origin too.
This is bare minimum
> Apple’s privacy website reveals many examples: You don’t sign into Apple Maps or Safari (Apple’s web browser), so your searches and trips aren’t linked to you.
Not linked... in a way visible to you.
Not linked... in a way visible to you.
> Avoid unnecessary web tracking
Google is just one of 100+ ad networks that show you personalized ads. You can turn off ads personalization from Google or any of the other participating ad networks here at http://optout.aboutads.info/
Source: https://adssettings.google.com
Google is just one of 100+ ad networks that show you personalized ads. You can turn off ads personalization from Google or any of the other participating ad networks here at http://optout.aboutads.info/
Source: https://adssettings.google.com
Just because they no longer show you personalised ads doesn't mean they have stopped tracking you...
In fact I’d argue it means they have to track you. And telling them your preference gives them another data point on you.
As others have said, there's a huge difference between "not showing you personalized ads" and "not tracking you".
But I really wanted to opine about the optout.aboutads.info link. I suppose that using that can't hurt, but I didn't find it to be particularly helpful. I gave up on it entirely quite a while back.
But I really wanted to opine about the optout.aboutads.info link. I suppose that using that can't hurt, but I didn't find it to be particularly helpful. I gave up on it entirely quite a while back.
Yeah
Evil corporation never lies to you
Evil corporation never lies to you
Step 1 - do not create a free account or logging to read The Times
> Nearby patrons, using their phones or laptops, can easily see everything you’re sending or receiving — email and website contents, for example — using free “sniffer” programs.
Is the author assuming the absence of https encryption here, or is there some widely available exploit I don't know about?
Is the author assuming the absence of https encryption here, or is there some widely available exploit I don't know about?
mitm for weak https exists
All "antiviruses" use it
All "antiviruses" use it
Thanks for the effort, but this link does not work. The host is not responding.
Edit: sorry, my bad, cloudflare 1.1.1.1 resolves it as 127.0.0.5. Someone ought to check that out...
Edit2: apparently this is a deep rabbit hole: https://community.cloudflare.com/t/archive-is-error-1001/182...
Edit: sorry, my bad, cloudflare 1.1.1.1 resolves it as 127.0.0.5. Someone ought to check that out...
Edit2: apparently this is a deep rabbit hole: https://community.cloudflare.com/t/archive-is-error-1001/182...
What about fingerprinting? Fingerprinting allows to track browser even in private mode or if you anonymize your IP address. You should disable WebGL right now because it is absolutely unnecessary, almost never used and its only purpose is to collect information about your video card.
I had to clear my NY Times cookies to read the article. The irony.
> A few more suggestions:
> “Create a different email address for every service you use,” wrote Matt McHenry. “Then you can tell which one has shared your info, and create filters to silence them if necessary.”
Obligatory mention - for gmail you can suffix your email address with a service name by using +, e.g., [email protected] will be delivered to [email protected]. So if a service leaks your data or sells your email, you’ll know who to blame.
Although the article recommends not to use gmail, it’s a neat trick if you’re stuck with it.
"Forget password" becomes unusable though, since you’ll probably forget what suffix you used for each service.
> “Create a different email address for every service you use,” wrote Matt McHenry. “Then you can tell which one has shared your info, and create filters to silence them if necessary.”
Obligatory mention - for gmail you can suffix your email address with a service name by using +, e.g., [email protected] will be delivered to [email protected]. So if a service leaks your data or sells your email, you’ll know who to blame.
Although the article recommends not to use gmail, it’s a neat trick if you’re stuck with it.
"Forget password" becomes unusable though, since you’ll probably forget what suffix you used for each service.
Oh companies have become smarter about it! Even the scammers I suspect! Many won’t accept + in the email address and I think now it’s well known enough that most scammers will run a regex to detect and remove the + sign.
Useful workaround is to have unique aliases on a domain name you control. Can’t get around that with a minute of work!
Useful workaround is to have unique aliases on a domain name you control. Can’t get around that with a minute of work!
fastmail supports a variation of this:
if my email is [email protected], then I can use [email protected], or better [email protected] (or [email protected]). It seems like it'd be a little less obvious to scammers.
I have been using this system for about a year, and it works great. I generally use the pattern [email protected]. However, I have found from time to time that I never get account signup/confirmation emails to these addresses. It seems like they're being silently rejected. Does anyone know if there's some kind of email validation service that might be filtering these?
I guess I could use a hash of the domain (eg [email protected]) to make my strategy less visible, but that feels like I'm probably overthinking it.
I guess I could use a hash of the domain (eg [email protected]) to make my strategy less visible, but that feels like I'm probably overthinking it.
Shout-out to my new mail provider Migadu [0] whose model is “pay for the number of emails you send, not the number of mailboxes you have”. This opens up all sorts of interesting opportunities.
Not affiliated, just a happy customer.
[0]: https://www.migadu.com/en/index.html
Not affiliated, just a happy customer.
[0]: https://www.migadu.com/en/index.html
With fastmail you can just make a alias. My address is [email protected] and in the settings you can make a alias where you can just use something like [email protected]
https://i.imgur.com/UWoU4NA.png
https://i.imgur.com/UWoU4NA.png
Fastmail also lets you use wildcards and catchall addresses, giving you infinite email addresses whenever you need them, with no way to tell what “base address” they resolve to internally.
For example, my Twitter address might be [email protected], my Google address [email protected] and so on. All of those go straight to my inbox unless I decide to set up individual filters for them.
The downside is that I can’t easily migrate to a service that doesn’t support this.
For example, my Twitter address might be [email protected], my Google address [email protected] and so on. All of those go straight to my inbox unless I decide to set up individual filters for them.
The downside is that I can’t easily migrate to a service that doesn’t support this.
Yes, it’s a great feature! They also have many non-fastmail.com domains available on the basic plan.
I use <random>@mydomain.com. My password manager remembers which I used.
Well, another problem is that if you reuse email addresses, then a social engineering attacker has an easy starting place across all services.
>since you’ll probably forget what suffix you used for each service
You can put that in a safe wallet. OneDrive provides that now
You can put that in a safe wallet. OneDrive provides that now
Or set up a mail server and add as many aliases as you with, one for each service.
Outlook.com supports this as well, and so does Fastmail.
"." works the same way.
Not the same way. The dot would be filtered out, but the part after the dot won't get removed, so [email protected] is equivalent to [email protected].
Ah, you're right of course. I was too quick to reply. Sorry.
An article about how to not leave tracks on the internet, requires me to sign up to read the said article, magnificent.
CVS receipt coupons are based upon previous purchases + like 15% randomization in related categories (or maybe just random promotions they have going).
My CVS coupons are nearly always for an antacid, nicotine cessation, or allergy medicine - then I usually get a few extra coupons for something that surprises me like beauty products or facial cleanser.
There’s nothing Google involved with the CVS coupons, I’d bet money on that.
My CVS coupons are nearly always for an antacid, nicotine cessation, or allergy medicine - then I usually get a few extra coupons for something that surprises me like beauty products or facial cleanser.
There’s nothing Google involved with the CVS coupons, I’d bet money on that.
I don’t know how one would know short of a leak if Facebook’s track_ip_addresses.php, but is there any sense of how IPv6 is being aggregated by trackers to track identity?
We have a /48 at home using IPv6 privacy extensions for the full address but that isn’t a useful component of a strategy if I’m being identified by the /48 rather than the full 128-bit address.
We have a /48 at home using IPv6 privacy extensions for the full address but that isn’t a useful component of a strategy if I’m being identified by the /48 rather than the full 128-bit address.
they forgot the best tip nowadays which is:
* declare you are from EU even if you are not
then any provider is damned scared of messing with your privacy
* declare you are from EU even if you are not
then any provider is damned scared of messing with your privacy
[deleted]
Unreadable . Does it mention E2E? It's way past time for tech to get serious about E2E , ignoring warnings and pleas from greedy governments. People have a right to communicate without being constantly surveilled, and it's the most serious track they leave.
I find this:
> Log in or create a free New York Times account to continue reading in private mode."
quite ironic :)
> Log in or create a free New York Times account to continue reading in private mode."
quite ironic :)
For a public cloud replacement, try
https://ba.net/privatecloudoffice
I'm not familiar with a survey of how many know these things (and the good suggestions made here).
My suspicion is that few know, and fewer are doing it.
An important goal? Help those who care enough become aware enough to take action.
My suspicion is that few know, and fewer are doing it.
An important goal? Help those who care enough become aware enough to take action.
https://www.torproject.org/download/ is the best
That what looks like when someone gives advises when know nothing about industry and tech
And that is not even funny
And that is not even funny
No mention of using encrypted DNS. Or did I miss it?
well, we can't blame it on their head of cyber security.
Can you expand on this?
NY times recently fired/made redundant their head of cyber security
https://news.ycombinator.com/item?id=21329453
Is this the level of technical competency needed to work at the New York Times? How much do they pay?
Well, they just made their director of infosec redundant, so it seems the answer is yes.
https://twitter.com/runasand/status/1186775481615605760?s=20
https://twitter.com/runasand/status/1186775481615605760?s=20
if you look up some info on this writer, I think you'll find
competency was not considered
Hey now, there's no need to attack the author like this.
this is not a technical position managing security. most tech writers at major news institutions are likely not tested with technical interviews - they are writers with domain knowledge, and there is nothing inherently wrong with that.
archie2(1)
[deleted]
I think there are different categories of "tracks". One category is marketing tracks, which include cookies, browser profiling, tracking scripts, etc. This is the one most discussion on HN is aimed at and most people find personally offensive but aren't materially harmed by. The second is legal tracks, which is exposure to harm from legal authorities for activities such as piracy, political activism, and various types of forbidden speech under different legal/national regimes. The third type is personal tracks, which I categorize as the ability for private individuals or groups to connect your online presence to your real self. That is the one I'm most concerned with, as internet users seem almost entirely unconcerned about it but it has far more potential to harm you than Google knowing your sexual fetishes. Nobody cares that they're exposing their real name and face to millions of people and it only takes one lunatic who decides your activities or opinions are worth trying to ruin your life to cause you a world of hurt.
I’m not sure I can recommend Ghostery, as their business model is a bit suspicious: https://en.wikipedia.org/wiki/Ghostery#Criticism
> Using websites whose addresses begin with https are also safe; they, too, encrypt their data before it’s sent to your browser (and vice versa).
Safe from your public Wi-Fi operator. Not from the company with a tracking script on the page.
> You don’t sign into Apple Maps or Safari (Apple’s web browser)
You sign into the OS, though.
> You never want to tell Facebook where you were born and your date of birth. That’s 98 percent of someone stealing your identity!
I can literally Google this information. We need to stop treating knowledge of public data like this as some sort of identity metric.