• Hardening for privacy

    Home » Forums » Newsletter and Homepage topics » Hardening for privacy

    • This topic has 11 replies, 10 voices, and was last updated 3 months ago.

    PRIVACY By Susan Bradley Privacy means different things to different people. At the office, we want to keep our information private from certain indiv
    [See the full post at: Hardening for privacy]

    Susan Bradley Patch Lady/Prudent patcher

    Viewing 6 reply threads
    • #2605984

      Beware AT&T phone customers, Privacy Alert:

      Investigation reveals AT&T and US government have been spying on millions of Americans for years – Documents reveal a secret surveillance program has been mining the call data of US citizens for more than a decade. – By Adamya Sharma – November 26, 2023


      Big Brother is Watching you. George Orwell’s words from the dystopian novel 1984 ring uncomfortably true after reading this recent investigative report published by Wired. The outlet has analyzed leaked police documents, a White House memo, and a letter sent by US Senator Ron Wyden to the Department of Justice (DOJ) to verify the existence of a secret government surveillance program run by the US government and executed by telecom carrier AT&T. According to details of the investigation, federal, state, and local law enforcement authorities have been surveilling millions of US citizens for over a decade under a clandestine and non-descript program called Data Analytical Services (DAS). This program reportedly not only tracks call records of criminals but also their families, friends of their families, and countless other people who are not suspected of any criminal activity.


      A smile is an inexpensive way to change your looks.
    • #2605989
    • #2605995

      You may feel more comfortable purchasing a firewall service such as NextDNS.

      Which is a US, the mother of 5Eyes, company.

    • #2606046

      I found the reference to the EFF Cover Your Tracks to be extremely helpful and enlightening. https://coveryourtracks.eff.org/

      It give a good rundown and analysis of your browser in its tests and both real world and hard coated security and the tradeoffs in usability. One thing I have found is how carefully configuring the browser can drastically cut down on the data for those who are on metered connections, or on older machines (or OS) that cannot handle extensive newer animations and graphical content.

      This was a great issue for all the articles. A+++

    • #2606107

      I always use a two step transition when going from site to site.  I jump to DuckDuckGo first (it’s my home page, just click a single icon in my toolbar).  There I get anonymized, tracking cookies get stripped and I jump to my intended next site just popping in from nowhere.

      The previous site that thought it was tracking me has lost me, the new site I’m visiting sees that they are the first site I’ve visited today, and they don’t know that I’ll be getting a fresh anonymization when I leave their site.  I’m leaving a vapor trail across the internet.

      I’ve made that a habit to the extent that it’s second nature, now.  That, coupled with the adblockers I use, completely eliminates any and all targeted advertising for me.

      Always create a fresh drive image before making system changes/Windows updates; you may need to start over!
      We were all once "Average Users". We all have our own reasons for doing the things that we do with our systems, we don't need anyone's approval, and we don't all have to do the same things.

      5 users thanked author for this post.
      • #2606601

        This is a great middle of the road solution that anyone can make use of.

        Thanks for posting it bbearren.

        Win 8.1 (home & pro) Group B, W10/11 Avoider, Linux Dabbler

      • #2607437

        @bbearren This sounds like a great approach, so if you don’t mind, a couple quick questions to ensure my understanding of your method is correct…

        (1) Are you using the DuckDuckGo browser? If not, which browser are you using? Or is the specific browser irrelevant with respect to your method, since it could be employed with any browser?

        (2) In whichever browser you use, you click the homepage icon in your toolbar, which loads https://duckduckgo.com/

        (3) You then type your seach query into the dialog box at the top of the DuckDuckGo page, hit enter, the resulting links are displayed, and you click on your link of choice, which takes you anoynmously to the site you intend to visit, rather than navigating there directly? Is this what you mean by “jump to my intended site just popping in from nowhere.”?

        I just want to ensure I understand your approach correctly, or if it is in fact more sophisticated whereby you are popping between different tabs within the same browser, or using multiple browsers concurrently. Thanks!

        • #2607461

          3) You then type your seach query into the dialog box

          My take is that he is not doing a search query on duckduckgo, rather just tapping the home key/button that take him to the ddg website, then on to the next site with another bookmark.

          Custom desktop Asus TUF X299 Mark 1 16GB RAM i7-7820X
          Four 27" 1080p screens 2 over 2.
          Laptop Clevo/Sager i7-9750H - 17.3" Full HD 1080p 144Hz, 16GB RAM Win 10 Pro 22H2

    • #2606382

      DNS is much more complicated than most people think. It used to be simpler. Not only are there two new flavors of DNS (DoH and DoT) but DNS can be configured in a dozen different places. Literally a dozen. See the long explanation option here


      In addition to the router, there is your OS (Windows has one setting for Wifi and one for Ethernet), your browser and your VPN. Using DNS for security is a great idea and there are many services that offer assorted flavors of blocking (ads/trackers/malware).

      Get up to speed on router security at RouterSecurity.org and Defensive Computing at DefensiveComputingChecklist.com

      3 users thanked author for this post.
      • #2606753

        And then there’s Oblivious DNS over HTTPS, a new proposed standard by Cloudflare, Apple, and Fastly. Waterfox uses this already, putting it a step ahead of Firefox, its upstream source.

        With Oblivious DoH, not only does the ISP not get to know about the contents of the DNS request (or its reply), as is the case with regular DNS over HTTPS, but the resolver (the DNS host itself) is also unaware of the IP address from which the DNS query originated. It uses an intermediate proxy between the user and the DNS resolver. This proxy is aware that there is a DNS request from your IP, but (like your ISP), it does not know what site is being requested, or what the reply from the DNS resolver was. N0 one except the user who made the request sees the whole picture.

        Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
        XPG Xenia 15, i7-9750H/32GB & GTX1660ti, KDE Neon
        Acer Swift Go 14, i5-1335U/16GB, KDE Neon (and Win 11)

        1 user thanked author for this post.
    • #2606968

      Many people are quick to trade their privacy (and the privacy of others) in the name of saving the world from criminals. Preventing and stopping criminal behavior is an admirable objective, but far too often privacy is sacrificed as a means to “save the world from the bad guys” — which we can see isn’t effective anyways. Instead of backdooring and embracing weakened security algorithms, we need to demand legitimate privacy out of the box. Far too many large corporate organizations are more than happy to sell your right to privacy if it means governments are funneling money to them under the table in exchange for making poor security decisions.

    Viewing 6 reply threads
    Reply To: Hardening for privacy

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: