Patch Lady – a little paranoia goes a long way

Topic

New Reply

While I’m a user of Facebook, the recent data leakages and sharing of data concerns me.  Thus we’re starting to see more transparency in what went wro
[See the full post at: Patch Lady – a little paranoia goes a long way]

Susan Bradley Patch Lady

8 users thanked author for this post.

JohnW, Cascadian, flackcatcher, woody, AJNorth, JDeC, Elly, Microfix

Reply | Quote

Replies

It is amazing and quite frustrating to watch this latest facebook scandal (just one of many) finally wake up the public to the scummy practices of facebook when myself (never had a profile) and so many others have been warning friends and family for years. So we’re in a catch-22 where people now feel trapped within their creepy walled garden with no viable alternative because they’ve fed the beast that has grown to consume all other alternatives. If you’re still on facebook then you’re not paying attention; profiles need to be deleted en masse because zuck cares only for his own privacy and certainly not yours.

2 users thanked author for this post.

HiFlyer, BobbyB

Reply | Quote

T said:
So we’re in a catch-22 where people now feel trapped within their creepy walled garden with no viable alternative because they’ve fed the beast that has grown to consume all other alternatives.

The above is also descriptive of the Microsoft-WinOS walled garden, hence sites like AskWoody exist to soothe the frayed nerves of those who feel unable to move to an alternative platform.

As for social media, there do exist non-centralized, open-source, non-commercial, privacy-conscious & advert-free platforms that are not controlled by a single authority (unlike Facebook). Examples include Mastodon & Diaspora.

But the problem is that almost everyone else is on Facebook, & most of the masses do not really see a need to move, even if some do feel somewhat concerned about Facebook’s practices.

Furthermore, the various government departments worldwide tend to use Facebook as their main point of public outreach, while many non-governmental organizations & social activist groups use Facebook as their only point of public outreach.

And interestingly enough, the governments of certain self-claimed “Smart Nations” even use Facebook Workplace for internal (intra & cross-agency) communications. Doesn’t sound very smart at all.

2 users thanked author for this post.

HiFlyer, AlexEiffel

Reply | Quote

I am curious: what is Facebook useful for?

I am not a member, and get my news from reputable newspapers, journals and Web sites that do serious reporting on issues of importance on politics, science, the economy and society at large.

For music and interesting videos, there is YouTube and such, all for free. (Nicer to watch with an ad blocker on.) For general entertainment: Netflix, Amazon.

For communicating with others, on both professional and personal matters, I do quite a bit of email or use the ‘phone. I am known well enough in my own line of business that don’t need to keep the world continuously appraised about my career and my personal achievements.

Don’t much care if people I don’t know like me or not.

I am in a couple of old-fashioned bulletin-board style professional sites, and also in a couple of useful, informative places, including Woody’s.

Yet, I sometimes wonder what I might be missing by not being in Facebook…

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

3 users thanked author for this post.

HiFlyer, GoneToPlaid, GoTheSaints

Reply | Quote

What is it actually useful for? I would say wasting time and maybe buying some used items. I rarely talk to anyone and never talk to those old friends that I haven’t seen in ages. Maybe this is just my Facebook, but there is so much negativity that I don’t enjoy scrolling through to see what everyone doing because they are usually complaining about something.

Personally, I would say that you aren’t missing much but that is just my opinion. You would have to join and find out for yourself 😀

3 users thanked author for this post.

HiFlyer, GoTheSaints, OscarCP

Reply | Quote

+1

Real “friends” are those that catch up with you face to face or contact you via phone to have a real conversation. And not just to have your face in some inconsequential list showing how “popular” they perceive themselves to be.

2 users thanked author for this post.

Bill C., pruntytech

Reply | Quote

Yet, I sometimes wonder what I might be missing by not being in Facebook…

You most likely have not missed anything.

6 users thanked author for this post.

Microfix, HiFlyer, pruntytech, MrJimPhelps, OscarCP, BobbyB

Reply | Quote

It seems my kids post their stuff to Facebook. So if I want to know what’s happening with the grandkids, I’m forced to use Facebook. Oh well…

Cheers!!
Willie McClure
“We are trying to build a gentler, kinder society, and if we all pitch in just a little bit, we are going to get there.” Alex Trebek

3 users thanked author for this post.

HiFlyer, Elly, Cascadian

Reply | Quote

Willie – your kids, and/or grandkids are SOOO behind the times!

My grandkids have moved on from FB because their parents have started using it.  Snapchat seems to be what they use now.

I suspect we are now well past “Peak Zuck”.

Dell E5570 Latitude, Intel Core i5 6440@2.60 GHz, 8.00 GB - Win 10 Pro

1 user thanked author for this post.

HiFlyer

Reply | Quote

ScotchJohn wrote:

Willie – your kids, and/or grandkids are SOOO behind the times!

My grandkids have moved on from FB because their parents have started using it. Snapchat seems to be what they use now.

ScotchJohn – your grandkids are SOOO behind the times!

Snapchat was last week. This week it’s Instagram! 🙂

Reply | Quote

OscarCP said:
For communicating with others, on both professional and personal matters, I do quite a bit of email or use the ‘phone.

I once came across a Facebook user (born in the early 1990s) whose opinion of email is literally “Yawn“. The same person also said that the only way to contact me is via Facebook, so I must maintain a Facebook account (!).

I have also encountered strangers (ranging from those in their 30s-60s, to 16-year-old teens) who after a short chitchat, asked me for my Facebook “address”, so they can “add” me. To their trophy list of thousands of “friends”, I suppose.

Ultimately, what is most disturbing about this whole phenomenon is that the overwhelming majority are happily sequestered within the Facebook “Garden in a Ghetto”.

So much so that people without a Facebook account (or an active Facebook presence) are regarded with suspicion, as well as treated like tech idiots by exisitng/potential employers & organizations alike.

Ironically, it is the IT-savvy who try to avoid Facebook wherever possible.

1 user thanked author for this post.

OscarCP

Reply | Quote

In my humble opinion, Facebook is for those who suffer from:

— ADD and ADHD.

— Delusional Disorder.

— Those with a compelling need to always be at the center of attention.

I don’t fit any of the above categories. Thus Facebook is useless to me, and for the very same reasons which you mentioned. Personally, I don’t feel that I am missing a thing by not being all over the place on Facebook. And I am far less likely to be hit by a car while crossing the street, since I never cross a street while staring down at my cell phone. I see people crossing the street, with their eyes staring down at their cell phone and either reading or typing away while being completely oblivious to everything around them, literally every single day. Reality is everything in the real world which is around you — not whatever electronic c**p you are reading on sites such as Facebook on your cellphone. Illegal drugs are used to escape reality. Facebook is an electronic drug which people use to escape reality.

 

2 users thanked author for this post.

Bill C., Cascadian

Reply | Quote

And from your last line, circle back to the start of your comment. Many people inside the ‘normal’ range of behavior start using social media. Then develop your three disorders as a result of the dopamine feedback loop inherent in the system; designed into the interface.

2 users thanked author for this post.

HiFlyer, Elly

Reply | Quote

Actually, Facebook is also for those who have a lot of time on their hands which needs to be frittered away.

Flipping the coin the other way, Facebook is for those who want to dispatch trolls to post outrageous things, to get everyone’s blood boiling and as a result posting their opinions about everything, so that those people can then gather all sorts of personal information about those posting that they have freely shared in their posts.

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

Reply | Quote

Thankfully I don’t do or have done social media and I’m not smart enough to own a ‘Smart’ phone 😉

Footnote 6th April: Check this news out Facebook Dynamites it’s own API’s (The Register)

Keeping IT Lean, Clean and Mean!

4 users thanked author for this post.

GoneToPlaid, Ascaris, BobbyB, OscarCP

Reply | Quote

Same here, except that I do use a smartphone. I use my smartphone for only five things: phone calls, reading emails, text messages, occasionally taking some pictures or videos, and for navigation. Other than these five things, my smartphone is otherwise useless to me since I prefer direct telephone conversations, in-person meetings, and fluent emails. The latter one can only be easily done on an actual computer.

3 users thanked author for this post.

Bill C., SueW, Cybertooth

Reply | Quote

Microfix said:
Thankfully I don’t do or have done social media and I’m not smart enough to own a ‘Smart’ phone

Gee … I’d never even owned a smartphone. For the past 5 years or so, I don’t even have a mobile number, so there is no way I can be tracked via this channel.

Not long ago, a retail pharmacist asked for my mobile number to key into the pharmacy’s customer database. When I said I have no mobile number, her expression darkened — & she looked as if she was considering to call the cops !

Ironically, back in 2006-08 when almost nobody owned a smartphone, I had to use a bunch of GPS-enabled HP smartphones (powered by Windows Phone mobile OS) several times weekly over a period of 2-3 years for work purposes, because I supplied content for an outdoor e-learning trail applications that HP (which sponsored the smartphones) was developing for the organization that I worked at.

Back then, smartphone applications weren’t known as “apps”, but were instead identified by their individual names. None of them ever required an internet connection to function, & they didn’t collect info on users. Furthermore, there were certainly no invasive social media apps like Facebook.

And as a sign of those times, the whole bunch of smartphones could be charged in an open-plan office which was also easily accessible to walk-in members of the public — & nobody ever worried about the phones being stolen.

Reason being that everyone was accustomed to tiny candy-bar, flip or slider dumb/feature phones, while those HP touchscreen smartphones — comparable in size but heavier than early iPhones — looked geeky, uncool & extremely battery-hungry by comparison.

2 users thanked author for this post.

HiFlyer, Elly

Reply | Quote

Thanks for the analysis Susan.

Having checked it out though, Office 365 Home doesn’t qualify for Office advanced email protection. Guess I’ll need to pay more.

 

Edited: spelling mistake.

Dell Inspiron 7580 i7 16GB Win 10 pro 22H2 (19045.2728), Microsoft 365 Version 2302 (16130.20332)

Reply | Quote

Patch Lady,

Not about Facebook this time (although, maybe, about paranoia), but since we are both here…

Your Master Patch List did have, a few weeks ago, entries on E11 and the security rollup and security only for March, among other things, but they are not there anymore. Why is that?

Apologies for asking, but I am still getting used to your List.

 

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

The listing it now on the April releases, the March info is linked at the top.

Susan Bradley Patch Lady

1 user thanked author for this post.

OscarCP

Reply | Quote

well, personally i dont share much of facebook, so I don’t think they have information of me other than my face and name.

Just someone who don't want Windows to mess with its computer.

Reply | Quote

Zaphyrus wrote:

well, personally i dont share much of facebook, so I don’t think they have information of me other than my face and name.

If they have your face and name, they have everything they can get with your face and name… which is nearly everything.

If they have any kind of persistent ID, meaning that they know that what you did today and what you did yesterday and the day before (and so on) is all one person, they can tie your actions over time together and establish quite a profile on you.  You don’t have to share anything on Facebook— as long as you carry the tracking cookies it assigns when you sign in or even visit a web site that has the “like this on Facebook” button on it, you’re being watched, tracked, analyzed.  Facebook knows every site you’ve been to that has a “like this on Facebook” button, for one, even if you’ve never actually hit the button.

This kind of sneaky tracking is what they do– they’re very good at it, and the technology permits them far more tracking and surveillance than people even realize.  With facial recognition software and a photo in your profile, Facebook can connect you to any photo anyone may have posted that have your face in it, and if they’ve tagged that photo with your ID, all the better.

The persistent ID is the key.  They want to know it’s you each time you sign in (even if they never get your real name), so they can add your new data to the growing ball of foil.  If they can get your name, that’s huge– talk about a persistent ID!  They can cross reference that with anything you’ve used your actual name for, like living your actual life.  With all of the tracking data they have, they can figure out which “John Smith” you are, so to speak.  That’s the ultimate persistent ID.

It takes some effort to prevent Facebook and Google from tracking you, even if you never use their services.  I have facebook.com and facebook.net completely blocked in NoScript and uBlock Origin; their tracking scripts are never permitted to run in my browser.  Even though I have no Facebook profile, nearly every site of importance has that blasted “like this on Facebook” button, and that sets (and allows Facebook to read the contents of) the tracking cookie each time you see it, even though you are not on Facebook.com.

I have an addon that deletes all cookies 15 seconds after the tab or browser window that set them is closed.  It’s enough time to quickly undelete tab and go back if I don’t want to really end the session, or for using a dummy Google ID to sign into Disqus or something (if the deletion happens instantly, the remote signin never works), but it’s fast enough to put a stop to most of the tracking.  You can also set third-party cookies to be rejected, which stops the Facebook cookies from being set when you are visiting any non-Facebook site… though that carries the possibility of some things malfunctioning when the cookie is rejected.  Personally, I want those things to malfunction, but not everyone agrees.

If you want to trade your personal info for the “free stuff” that Facebook and Google offer, that is your prerogative, but be aware of how pervasive the tracking is if you’re not employing countermeasures.  If you just use a browser with default settings and no addons,  you are being tracked, and you would probably be shocked at what they’ve learned about you.

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
XPG Xenia 15, i7-9750H/16GB & GTX1660ti, KDE Neon

8 users thanked author for this post.

Bill C., Cascadian, T, SueW, MrBrian, GoneToPlaid, OscarCP, AlexEiffel

Reply | Quote

Zaphyrus said:
well, personally i dont share much of facebook, so I don’t think they have information of me other than my face and name.

If your account is one of those 87++ million affected, Cambridge Analytica has  your email address & any phone numbers that you associated with your Facebook account.

It scraped the info via Facebook’s API that allowed Facebook members & third-parties** to search for Facebook users by their email address or phone number. Facebook only disabled this API on 04 Apr 2018.

** Apart from Cambridge Analytica, known & unknown third parties include: app developers, government surveillance, threat actors, advertisers, random passers-by, etc. So a LOT of strangers have your email address &  phone number(s).

https://newsroom.fb.com/news/2018/04/restricting-data-access
Until today, people could enter another person’s phone number or email address into Facebook search to help find them.  […]

However, malicious actors have also abused these features to scrape public profile information by submitting phone numbers or email addresses they already have through search and account recovery.

Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in this way. So we have now disabled this feature. We’re also making changes to account recovery to reduce the risk of scraping as well.

1 user thanked author for this post.

MrBrian

Reply | Quote

Why is everyone so worried about Cambridge Analytica having your data? You should be a lot more worried about all of the other entities which have collected your data every time you have logged onto Facebook and done anything which they have been collecting data from, collection which went on quietly, happily in the background, that no one who was anyone was a bit worried about, UNTIL CAMBRIDGE ANALYTICA DID WHAT EVERYONE ELSE HAS BEEN DOING SINCE THE BEGINNING OF FACEBOOK!

Is anyone even a bit skeptical about this whole campaign of professed horror at what Cambridge Analytica has done, when there has been complete silence about all of the other data collection? And NO ONE who is anyone is a bit concerned about FACEBOOK having all of your data and can sell or give it to anyone they want to!

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

2 users thanked author for this post.

Bill C., Elly

Reply | Quote

Absolutely right! In 2012, electoral research was the ‘new tech’ and ‘wave of the future’ thing. In 2016, folks are ‘shocked, shocked, that FB, etc., allowed electoral research that was violating privacy and collected individual data,’ but we will all give the quizzes, games, advertisers, etc. (smartphone, smart TV, and OS makers, and lets not forget digital assistants!) a pass.

Privacy is like a can of dental floss, easy to pull out of the can, but very, very hard to put back into the can.

FB, etc., are great for conducting research and background queries. After all, most of the info is right from the source.

HR departments no longer ask job applicants outright about a FaceBook account, instead it is phrased as experience with social media as a job skill.

Reply | Quote

For the ultimate in privacy protection against Facebook:

1. Don’t open a FB account. If you have one, close or delete it. And more importantly,
2. Add FB to your uBlock Origin list, or put facebook.com in your hosts file.

Step 2 will help even if you can’t do anything about Step 1. Facebook can’t track you if your computer is not allowed to communicate with FB’s servers.

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

1 user thanked author for this post.

GoneToPlaid

Reply | Quote

Cybertooth said:
Don’t open a FB account. If you have one, close or delete it.

If one has previously used one’s Facebook account to interact with another Facebook user, group, page or app, it is not sufficient to simply delete one’s own Facebook account.

For instance, all messages/chats with another Facebook user remain in that user’s account, & all these are available to that user, Facebook itself, as well as third parties (eg. advertisers**, hackers, governments who request user info from Facebook).

** Facebook users are known to have encountered related adverts popping up online, soon after they discussed an uncommon topic via Facebook chat/messaging, & nowhere else.

To wipe out one’s Facebook data, everyone else (user, group, page, app) has to delete their Facebook accounts as well. (And this is assuming that Facebook also removes the associated data on their backup servers.)

Furthermore, Whatsapp, Instagram, Occulus VR, etc. are owned by Facebook, & any info & content shared on those acquired platforms are supplied to the Facebook parent as well. So besides deleting one’s own Whatsapp/Instagram/etc. etc. accounts, all other Whatsapp/Instagram/etc. users that one has ever interacted with need to delete their accounts too. (List of Facebook’s acquisiions)

If it all sounds like Mission Impossible, that’s because it is.

1 user thanked author for this post.

HiFlyer

Reply | Quote

anonymous wrote:

If it all sounds like Mission Impossible, that’s because it is.

I don’t think even Jim Phelps could solve this one!

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

Reply | Quote

I will step out of character to admit that Facebook can serve as a real community during disasters, weather events, etc.  I saw that recently when, though not active on Facebook, I went online and read numerous posts by friends and relatives of those working on cleaning up a big train wreck in our area–the kind of thing where the official pronouncements reveal little.  When the girlfriend of the track supervisor wishes that the cleanup was done so he could come home and get some sleep, that means something to me.

I remain a skeptic, if an open-minded one.

 

3 users thanked author for this post.

HiFlyer, Elly, SueW

Reply | Quote

Why worry about Facebook when you can just read the W10 EULA. Use W10 and you basically agree to let Microsoft do most anything they want on your system without further permission.

6 users thanked author for this post.

johnf, HiFlyer, Elly, Jan K., BobbyB, Bill C.

Reply | Quote

As @ wdburt1 says, Facebook has been useful locally… I’m sure data has been harvested, but the community being able to come together to identify problems, and help each other is invaluable. They (local community) have taken small town values of neighbor helping neighbor to the internet, in a good way. The so-called local news services miss all of it…

Then, too, is it just my family, or does this happen in other families, too? We are spread across four countries, on two continents, with four generations. FB is useful, although over time, people have learned to use it to alert others to connect, rather than connecting through FB itself. People do value privacy… no matter what the current tech trend is.

There is an opening for a more private and secure methods of networking for family and friends and communities.

Non-techy Win 10 Pro and Linux Mint experimenter

2 users thanked author for this post.

HiFlyer, Cascadian

Reply | Quote

Elly wrote: “There is an opening for a more private and secure methods of networking for family and friends and communities.”

(1) Email.

(2) Email list.

(3) Bulletin board or Web site.

(4) Local radio station (low power, not owned and operated by some large conglomerate that carries mostly non-local news.)

These are not quite as convenient, and cool, as using the services offered by Facebook and similar companies, but they are known to work. But, leaving (1) aside, provided: (a) there are people willing to set up and run them, that (b) can be trusted, and (c) are prepared to do it either for free or for little money, same as at Woody’s, relying on some “polite” ads and voluntary contributions.

 

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

I’m a privacy ‘paranoid’. 😉

Don’t own a smart phone, just an older flip-phone. Smart phones are a nightmare to lock down securely and I just don’t need to be constantly connected like an e-addict. For me, phones are for making and receiving calls. Of course, I’m retired, so have no professional need.

I’ve been on a computer privacy jag for a long time, spend most of my online time via a non-logging VPN and its non-logging DNS. I recently added Cloudflare and Quad9 DNS servers for when I’m not on VPN.

I use Firefox with many privacy modifications in ‘about:config’, plus numerous privacy add-ons to prevent tracking and fingerprinting, e.g., NoScript, uBlock Origin, Privacy Badger, Header Editor, Decentraleyes, Cookie AutoDelete, Smart Referer, Storage Razor, Canvas Blocker and CSS Exfil Protection. I’ve got them set up now so they work together on all but a few financial sites – where I simply restart in Safe Mode. I have Firefox set to delete all cookies on closure and to never accept third party cookies. I also run CCleaner – not the registry cleaner part – at the end of every day and have it set to clear all cookies other than a few whitelisted ones.

I do use Facebook to keep up with family and close friends. It’s a blessing mixed in with a lot of curse! My account is locked down to every extent allowed by Facebook privacy settings. I have the Apps Platform turned off, for sure.

All Facebook scripts and cookies are blocked until I sign in. I always close all other tabs before signing in and then temporarily allow the necessary FB scripts/cookies in NoScript and uBlock. After signing out, I revoke temporary permissions and then clear cookies/tracking via Cookie AutoDelete and Storage Razor.

This all may seem like ‘overkill’ but it’s become habitual and I can click through these privacy steps pretty darn quickly as I’m online.

I’ve also avoided as much MS telemetry as possible, side-stepped the GWX fiasco and am in Group B with plans to transistion to Goup L(inux).  Currently dual booting Linux Mint.

I will share the details of my life, habits, likes and friendships on my own terms, thank you very much!

(Yes, even with the ‘paranoid’ steps I take, no doubt the Big Data vacuums still know too much about me….)

Win10 Pro x64 22H2, Win10 Home 22H2, Linux Mint + a cat with 'tortitude'.

9 users thanked author for this post.

Morty, HiFlyer, GoneToPlaid, SueW, wdburt1, AlexEiffel, Cascadian, Ascaris, Elly

Reply | Quote

P.S. – I also give the Google ‘octopus’ a similar treatment. Duck-Duck-Go serves my needs. Google scripts and cookies are blocked except in specific circumstances.

Win10 Pro x64 22H2, Win10 Home 22H2, Linux Mint + a cat with 'tortitude'.

3 users thanked author for this post.

HiFlyer, Bill C., Elly

Reply | Quote

Steven S. said:
I’ve been on a computer privacy jag for a long time, spend most of my online time via a non-logging VPN and its non-logging DNS. I recently added Cloudflare and Quad9 DNS servers for when I’m not on VPN.

1) Cloudflare DNS appears to log DNS query data, as well as associated IP addresses. And DNS query data is shared with APNIC Labs.

https://www.theregister.co.uk/2018/04/03/cloudflare_dns_privacy
Ironically for a project predicated on privacy, Cloudflare is sharing DNS query data with APNIC Labs, a part of Asian registry APNIC, in exchange for the use of its 1.1.1.1 network address.

Cloudflare CTO John Graham-Cumming got in touch to clarify that while APNIC will have access to DNS query data, it will not have access to logs of IP addresses of people sending in those queries.

2) Quad9 (based in USA) “store details of the DNS records queried, timestamp, and the city, state, and country from where the query came“.
https://quad9.net/faq/#What_does_Quad9_log/store_about_the_DNS_queries

If you want totally non-logging free DNS servers, check out the following:

• FreeDNS (Austria)
• DNS.WATCH (Germany)
• UncensoredDNS (Denmark)

3 users thanked author for this post.

HiFlyer, GoneToPlaid, Steve S.

Reply | Quote

Thanks for the links. I’ll dig further – as all our assumptions are subject to review and modification!

I’ve tried all three of the DNS servers you mention and find them to be 5 or 6 times slower than Cloudflare and Quad9 from where I am. Since I probably spend 90% of my online activity through a VPN using their DNS servers (also pretty slow), I may just decide to accept the slowness of one of the servers you mention. It’s all a trade-off, unfortunately. Again, thanks for the links.

Win10 Pro x64 22H2, Win10 Home 22H2, Linux Mint + a cat with 'tortitude'.

Reply | Quote

The information they don’t have can’t be abused.

But what worries me even more is this: What about information in your dossier that’s just plain wrong? What could go wrong with that is downright scary.

In this day and age you almost can’t get anything done without having to do and agree to some cloud-oriented things.

-Noel

3 users thanked author for this post.

OscarCP, AlexEiffel, Cascadian

Reply | Quote

I’d really only be concerned about the false data when it comes to government, which of course has anything Facebook, Google, et al, may have, if it wants it.  Otherwise, it seems like the more “noise” in the profile they’ve assembled on a given person renders it less useful.  Now, if it’s mistakes in my credit history or the like, that’s a whole lot different than Facebook thinking I have an obsession with can openers or something like that.

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
XPG Xenia 15, i7-9750H/16GB & GTX1660ti, KDE Neon

Reply | Quote

From what I’ve read above, it sounds as though Facebook has a dossier on me and tracks me even though I don’t have a Facebook account. All that’s required for them to get information about me is that I visit one or more websites that have the facebook button on it – even if I don’t click on the button.

Are my statements correct? I’m not a lawyer, but that sounds like a gross misrepresentation on the part of Facebook – in other words, they’re committing fraud.

Reply | Quote

Not acting as a lawyer, but no, not really.

Yes, I do believe that Facebook burns cycles tracking nameless profiles based on nothing more than harvested information and matching to already established patterns. So they don’t know DrBonzo, but they know a person that acts an awful lot like DrBonzo. And if at some point you drop an identifiable data point, they’ll be happy to update that profile and link all other similar profiles to the newly identified one.

But that is not committing fraud on you. You consent to the website that you choose to use. They have a preexisting agreement with Facebook to share information. It’s all very businesslike. It gives websites income, even if they are a paid website. They just get paid a little more from another source. It’s okay. I hear Facebook can afford it.

1 user thanked author for this post.

OscarCP

Reply | Quote

If you have Firefox or Waterfox or Pale Moon, not sure about other browsers, just install Privacy Badger, it blocks their tracking beacons, so no more worries.

If you haven’t all ready, install a good adblocker, like AdBlock Plus, Bluehell firewall and Decentraleyes. All these and Privacy Badger are set and forget, no fiddling around, and you will notice a difference, faster loading times, and your privacy will be much better.

Reply | Quote

Rule 5: Stay aware of the latest trend. I am a fan of several sites to keep me aware of trending security issues.

Linux Security offers a daily updated list of news and issues as well. Highly recommended!

Although it has the L-word in it’s name, it’s not really Linux orientated…

…
Re. that facebook… every time I see a mention of “facebook stolen data”, my skin crawls… I watched the UK parliamentary hearing of Christopher Wylie live on BBC and he clearly stated, data was paid for. Not stolen.

And if you search a little bit of that Steve Bannon/Alexander Nix construction called Cambridge Analytica, your skin for sure shoud be creeping as well… here’s a tiny bit for a starter…

Reply | Quote

The Internet is not different than the street… and if you don’t watch your six… That simple.

Reply | Quote

“Watch your six o’clock? Good idea… but wait: how about all those CCTV cameras pointing this way (hard to see them, sort of hidden, you might say), like that one up there, and there, and there, and there, and there, and there, and there?”

“Maybe you are paranoid.”

“Maybe someone is.”

 

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

From Susan’s post:
For example you can check if you liked any posts created by the Internet Research Agency and posted to Facebook.

The Facebook Help Center page that the above link leads to only shows: “This feature isn’t available in your location right now.”  (Screenshot)

That’s not very transparent, is it ?

Reply | Quote

Cambridge Analytica has become the “boogey man” here. But the real boogey man in this story is Facebook itself. As everyone above has said, Facebook has been vacuuming up everyone’s data since the beginning of Facebook. They then sell that data, and make a fortune doing so.

Please forgive me if the following is considered a ‘rant’:
As far as what Cambridge Analytica did, Facebook sold their ENTIRE database to the Obama campaign when he ran for re-election. And people applauded the Obama campaign for doing something so brilliant as getting the Facebook database. So why is little tiny Cambridge Analytica the fall guy here, when the Obama campaign did so much more than Cambridge Analytica?
* end of rant.

This whole Cambridge Analytica “scandal” is a head-fake, a distraction from the real scandal of Facebook grabbing everyone’s data and then selling it for a huge amount of money. Ever wonder why Mark Zuckerberg is so rich, when you don’t have to pay anything to use Facebook? He is selling your personal data, which you so willing post on Facebook. And that’s why there are so many “trolls” on Facebook who “stir up the pot” — Facebook wants everyone to react with their opinions on the issues of the day, so that they can develop ever more complete and accurate profiles of all of the users who reacted to what the “troll” posted. Whatever FB is paying the troll is a pittance compared to what they earn from the personal data that is generated by what the troll posted.

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

3 users thanked author for this post.

HiFlyer, GoneToPlaid, Cybertooth

Reply | Quote

Didn’t Cambridge Analytica brag about interfering in elections all over the globe with a 100% success rate? They’ve done a lot of that stuff. Don’t be fooled, though! This is ALL Russia’s fault! :p At least, that’s the propaganda on the MSM 24/7.

As for Facebook, I used to use it for some games there, but haven’t done that in years. I still have an account, but no picture and I don’t log in with it to comment anywhere anymore and haven’t in years. I don’t “Like” anything there and thing that whole system is a farce. I never really understood social media TBH. Not FB, myspace, twitter or any of that stuff. I always sign out and rarely ever go there at all anymore. I suppose I could just delete it, but I figure I might need it one day, so I just leave it dormant. I’m more grateful every day that I never got on the social media train. It’s become quite perilous IMO.

1 user thanked author for this post.

OscarCP

Reply | Quote

In high school I was peer pressured to get Facebook (in fact one of my friends used my email address to create a FB account which I promptly shut down… so I can’t use my primary email address on my FB account anymore… which *might* be a good thing). These days I still use Facebook, but not very intensively; most of my friends are on Facebook and we use Messenger to communicate with each other. I don’t go on the site very often, mostly when I’m bored and just want something to look at for a minute or so, and I’m pretty good at not opening it. Recently I replaced the Facebook and Messenger apps on my phone with their Lite versions, and I highly recommend doing so because their apps are just poorly designed, are gigantic memory and storage hogs, and constantly run in the background because Facebook thinks its apps must always be running so it can deliver you notifications as soon as they come in (without regard to the battery they’re murdering). Honestly, those apps are more than sufficient for what I do with Facebook on my phone, which is, frankly, not much.

These days, every major company seems to be involved in some privacy breaching scandal. Facebook, Google, and Microsoft all has had fingers angrily pointed at them for not caring about user privacy. Switching, though, is not as easy as you might think. Sure, if you’re a hermit with no friends, switching is a breeze. I can’t just leave Facebook because all of my friends are there. I can’t just switch from Microsoft because of all the programs I use that only work on Windows. I can’t just switch from Google because of all the stuff I already have on there. The solution to this problem is not as simple as one might hope it to be, and in fact may not be feasible for the vast majority of people.

Reply | Quote

anonymous wrote:

In high school I was peer pressured to get Facebook

How times have changed.  When I was in high school in the mid to late 80s, I was bullied for using computers, and one of the things I did with mine was to use QuantumLink (AOL before it was called AOL, only for Commodore 64s), which was its on proprietary walled garden service that people used to exchange information and socialize– a lot like what people use Facebook for now, only now the peer pressure apparently goes the other way.  None of the “cool” kids would have been caught dead using Q-Link or BBSs back then!

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
XPG Xenia 15, i7-9750H/16GB & GTX1660ti, KDE Neon

1 user thanked author for this post.

Elly

Reply | Quote

I was cool and I used BBSs!

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

Reply | Quote

Regarding privacy and data leakage:

All good info.  I didn’t even know about those two Facebook pages, so thanks for the tip!

One thing that I make sure NEVER to do is use my Facebook credentials to log into another site.  So that should make cross-linking or sharing of user data more difficult.  Plus I always log out of Facebook whenever I am not using it (same as with any other online account).

I also delete 3rd party cookies daily, as well as limit trackers with essential browser privacy extensions.

Regarding Rule #4 and malware:

I also recommend VirusTotal, and I check every executable I download with them before I click to run.  A simple free utility that adds this VirusTotal check to your right-click context menu in Windows explorer is HashMyFiles by NirSoft.  http://www.nirsoft.net/utils/hash_my_files.html

Never run an unknown file again without a thorough scan by many of the worlds best anti-malware scanners!  🙂

Windows 10 Pro 22H2

Reply | Quote

VirusTotal! would that be the online virus/ malware checker that Google aquired a few years back? (2012)

Edit: Found it.. Data Snooping Giant buys VirusTotal

Keeping IT Lean, Clean and Mean!

Reply | Quote

Old news!

Fyi: This service was recommended by Susan Bradley in the OP, and could be very useful for many users.  🙂

I understand some gut reaction to Google.  That is to be expected, and respected…

But not really sure how this is even an issue?  You can use the VirusTotal service anonymously.  And the first thing that you upload is just a hash of the file, to see if it is already on the database.  If it is, you get an immediate score. Done.  No data shared with them, other than your IP address, and the file that you want to test.

Else you upload the file to be scanned and added to the database.  Get score.  Done.

Since you are only submitting executable files, and no personal info, don’t see how this could even come a tiny bit close to being a privacy or security risk?  There are real problems out there, so no point in making up stuff to worry about!

Windows 10 Pro 22H2

Reply | Quote

NOW some people are worried about Facebook? this has been known for at least 10 years, and have been used for multiple elections. This is simply a case of “interest over principles,” since Silicon is generally politically ONE WAY.

https://twitter.com/GetWPD/status/895645837405147136

The fact that most people don’t even tweak what’s available at install shows how out of touch techies like US are.

Reply | Quote

I have never had a Facebook account. I have never had an account on any social media platform. I have seen various warnings over the years about being involved on those kinds of sites, about what others can learn or assume about you. Am very glad now that I never participated in any of that.

What does worry me is talk that Facebook and other sites hold information about you even if you never did participate. And whether you did or not, that some of it might be completely false, and that some of it might have been generated by their own analysis that you must like this, or not like that, and so on. How do you even find out if that kind of info about you exists out there?

I think that the solution is not letting Facebook or Google or any other of these kinds of sites hold data about you without your explicit approval, and if they want to sell any data you permit them to hold, then once again, they get your explicit approval, and maybe even share a percentage of the proceeds with you.

But this whole thing sounds like it is already way beyond out of control. If they don’t get all this fixed, then even current European-style privacy laws might start to seem inadequate.

Reply | Quote

More info on GDPR: Eu GDPR

The EU GDPR is set to be enforced on the 28th May 2018.

Right to be Forgotten
Also known as Data Erasure, the right to be forgotten entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data. The conditions for erasure, as outlined in article 17, include the data no longer being relevant to original purposes for processing, or a data subjects withdrawing consent. It should also be noted that this right requires controllers to compare the subjects’ rights to “the public interest in the availability of the data” when considering such requests.

Just wonder HOW on earth any mere mortal is going to:
1. Find out who has data on them without their consent.
2. Find out whether that data has been shared and by how much.
3. What data is stored (profiled).
4. Whether is will work outside the EU.
5. Has it actually been removed and deleted.
etc..the list goes on!

This in itself will create a digital oceans..

Keeping IT Lean, Clean and Mean!

2 users thanked author for this post.

HiFlyer, Cascadian

Reply | Quote

It is an interesting, unintended, side effect. If I follow your point. The only way for an oversight body to verify that all data that should be deleted, actually has been deleted; is if they have a thorough list of all the data you request to be deleted. Please assemble all of your personal data into one condensed list, so that we may better serve you.

Tangentially, I was reminded of the term Streisand Effect. And found again a humorous result of that effect. If you do a Wikipedia search for ‘strei’, right after the village in Romania comes the Streisand Effect. The effect is more widely known than celebrity herself.

Reply | Quote

Just wonder HOW on earth any mere mortal is going to:
1. Find out who has data on them without their consent.
2. Find out whether that data has been shared and by how much.
3. What data is stored (profiled).
4. Whether is will work outside the EU.
5. Has it actually been removed and deleted.
etc..the list goes on!

Anyone storing your data must first inform you and then get your consent…

Should they not comply or otherwise violate the upcoming rules, they must be prepared to meet up in court. Based on previous court decisions, they must also be prepared to dig deep in their pockets…

Interesting times ahead…

Reply | Quote

How will you take them to court, if you don’t even know who has your data?

The only kind of “consent” most sites have gotten from me is buried in the 50,000 word EULA that you have to “agree” to in order to use their product or website. No reasonable person would call that “consent”; only lawyers who argue about the meaning of the word “is” would call that “consent”.

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

Reply | Quote

Agreements are designed to protect the manufacturer, not the user.

Carpe Diem {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1778 x64 i5-9400 RAM16GB HDD Firefox114.0b8 MicrosoftDefender

Reply | Quote

Anon #181866 said:
What does worry me is talk that Facebook and other sites hold information about you even if you never did participate. And whether you did or not, that some of it might be completely false, and that some of it might have been generated by their own analysis that you must like this, or not like that, and so on. How do you even find out if that kind of info about you exists out there?

You could perform a search for your name & other bits of personal info, & see what comes up. But most personal dossiers are likely only available upon request by paid requesters. Afterall, profit is the primary purpose of collecting all that info in the first place. (You are the product that is being sold to whoever is willing to pay.)

And if you have a Facebook account (even an inactive, non-participatory one), you can check what Cambridge Analytica thinks of you by using its infamous ‘Apply Magic Sauce‘ API — assuming that you are desperate enough to click on its link.

The Psychometrics Centre, University of Cambridge (25 Jul 2016):
https://www.facebook.com/cambridge.psychometrics/posts/1407373665945901

APPLY MAGIC SAUCE UPDATE
We are excited to announce a host of new features on our free Apply Magic Sauce demo, which predicts your psychological profile from Facebook Likes and text. […] Try it out at  http://applymagicsauce.com/demo.html

These updates are part of our commitment to empowering citizens to look into the ‘black box’ of big data analytics. We hope you enjoy trying them and better understanding what your online behaviour might reveal about you. Let us know what you think !

As for your very valid concern about inaccurate info being generated from one’s digital footprints, the following might be of interest. The first 2 articles are about Cambridge Analytica’s ‘Apply Magic Sauce‘.

1. Decoding Our Digital Footprints on Facebook is a Flawed Science (Financial Times premium content – 28 Mar 2018) — free-to-read reprint

When a friend whose intelligence I consider to be well above average took the test, she fared no better than I did. She was treated to an offensive message: “People with a similar digital footprint to you tend to have an average level of intelligence. Of course there’s still a chance you are smarter than the average person, but merely thinking that you are will unfortunately not change our prediction.”

2. How a Data Mining Giant Got Me Wrong (Reuters – 29 Mar 2018)

3. Google Thinks I’m Dead. I know otherwise. (New York Times – 16 Dec 2017)

4. Just the Facts? This Dossier Goes Further (New York Times – 04 Oct 2014)

I was not much troubled by the factual errors in my profile. As people who regularly check their credit reports well know, companies often collect incorrect information — and even correct data can quickly become out of date.

But I was uncomfortable with instances in the profile that speculated on my personal motives or feelings. These assumptions were often off base, yet had the potential to affect my reputation.

The dossier, for instance, contained a cropped photograph of the back of my head and neck. Under the picture was a note, tagged “NewsBios Observation” to indicate that it was opinion.

“The fact that only the back of her head is showing may be coincidental.” the profile said, “or it may be further evidence that she, a veteran fashion and cosmetics industry reporter, herself has a low self-esteem when it comes to appearances.”

In fact, the original photo, which ran in this newspaper to accompany an article I wrote about unglamorous backstage jobs at New York Fashion Week, showed a larger scene in which I sat on the floor, painting the toenails of a fashion model. I wore a utilitarian black outfit, issued to me by the nail polish company with which I was embedded for the article.

Even so, Mr. Rotbart contended that the profile made a reasonable deduction about my self-esteem — based on the fact that I looked frumpy in the picture and that there were fewer photos of me online than of many other reporters.

[…]

“It points to the gaps in federal regulation,” says Professor Vladeck, a former director of the Federal Trade Commission’s Bureau of Consumer Protection. “Data broker reports can be inaccurate and can be misconstrued in ways that are unflattering to the individual. Yet consequential decisions can be based on them.”

Reply | Quote

I don’t have a facebook account, but I’ve helped several others who do.

For those who do (or help someone) I would hope that you run it in an *isolated browser session (every time, all the time!). And have reviewed _every_ page of the facebook settings.
Allow search engines to index your page? NO!
Allow everyone on facebook to see your posts? NO! (friends of friends should do)
(and on and on… seriously there are a bunch of these settings, someone post them)

Review which “ads” you have “clicked” on weekly and remove them from your profile.
Review which advertisers already have “your info” and have “linked” it to your facebook account. (even though you have never dealt with them)

Anyone care to share a screenshot (properly anonymized) of EVERY page of their facebook settings? (maybe just a few key pages?)

*isolated browser session means no session cookies, persistent cookies, DOMstorage, or flash cookies survive the session or interact with other sessions. (ideally in a separate process — can’t seem to make this work in chrome/firefox)

2 users thanked author for this post.

Elly, Microfix

Reply | Quote

anonymous wrote:

Anyone care to share a screenshot (properly anonymized) of EVERY page of their facebook settings? (maybe just a few key pages?)

Like your thinking, leading to a new topic perhaps..

Keeping IT Lean, Clean and Mean!

Reply | Quote

anonymous wrote:

once came across a Facebook user (born in the early 1990s) whose opinion of email is literally “Yawn“. The same person also said that the only way to contact me is via Facebook, so I must maintain a Facebook account (!).

That’s a very childish attitude.  Not everything meaningful is fun and exciting… being an adult is full of “yawn” moments, and worse.

Email is far better than social media for any kind of communication of substance, where a person may want to write more than a couple of poorly-formed sentences that express exactly nothing.  Social media is for throwaway communications; email is for things that matter.  When I bought my house, I used email to communicate with the various people involved… my realtor, the lender, the title company.  When there was a death in the family, I used email to receive and send necessary documents in .pdf format.  You know… adult things.  They may elicit a “yawn,” but life’s not all taking pictures of your meal at a restaurant and trying to pretend you have the best life ever to impress 200 “friends” you don’t even know.

Email is also decentralized, so it relies on no one corporation or entity to work.  Kiddos like this person we’re talking about don’t realize the importance of that (or of many, many things).   A decentralized system that works universally across networks is huge, and it is a huge improvement over proprietary, walled-garden solutions that preceded it (like CompuServe email, which only worked with other CompuServe customers living in the walled garden as you were).  There were a lot of “Online services” as such that were all walled gardens in the mid 80s through the mid 90s, and while they all had email and chat capabilities within their walls, none of them could talk to people outside of the castle.

Facebook just takes us back in time to that same proprietary walled garden.  While the CompuServe, QuantumLink, GEnie, Prodigy, Delphi, early AOL, etc., were all paid walled gardens (often/usually on a per minute basis that added up quite fast), Facebook is supposedly “free,” but we all know that it really isn’t.  Instead of paying with dollars, you pay with your privacy, which Facebook then turns into dollars.

It reminds me of the “new” thing being pushed as the greatest innovation in computing… the cloud.  It’s not new… it’s an older idea than distributed, decentralized computing with PCs, repackaged and given a new bow and ribbon, but it’s the same old thing that wasn’t good enough when they tried it the first time.  The marketers keep trying to repackage the old and sell it to us as new, time and time again, and given the success of Facebook and “the cloud,” it seems like P.T. Barnum had a point when he (supposedly) said there was a sucker born every minute.

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
XPG Xenia 15, i7-9750H/16GB & GTX1660ti, KDE Neon

5 users thanked author for this post.

HiFlyer, AlexEiffel, Cascadian, Cybertooth, Elly

Reply | Quote

Great points all. Email is definitely a serious medium and it tells you something about the kind of life someone is leading that they would consider email as yawn-worthy.

Just one quibble, maybe. I’ve had a Compuserve account for more than thirty years now, still have it believe it or not, and I don’t remember ever being unable to use it to exchange email with people who didn’t have a Compuserve address. This limitation must have been in place really early on in their existence.

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

Reply | Quote

Cybertooth wrote:

I’ve had a Compuserve account for more than thirty years now, still have it believe it or not, and I don’t remember ever being unable to use it to exchange email with people who didn’t have a Compuserve address. This limitation must have been in place really early on in their existence.

My reference for that statement was the mid-1980s, when I first evaluated the options (as a high school kid who was limited to what I could convince the parents was a good idea) started using QuantumLink.  According to Wikipedia (and its original source),

CompuServe was the first online service to offer Internet connectivity, albeit with limited access, as early as 1989 when it connected its proprietary e-mail service to allow incoming and outgoing messages to be exchanged with Internet-based e-mail addresses.

In practice, that connectivity was still limited.  CompuServe was the first, which meant that at that point, none of the users of any of the other online services could send or receive internet email, and that meant that CompuServe members, despite having internet mail capability, still could not send mail to or receive it from members of any other online service.

The same applied to the users of many or most of the thousands of (non-Fidonet) BBSs around the world that operated on the same principle.  Each system had its own internal email capability, but they were islands, so to speak.  Each email system was centralized and under the authority of whichever service was running it, and they didn’t talk to one another.  A global system that was decentralized, and thus not under the control of any singular entity, but that still allowed universal interconnectivity, was a huge deal when it actually happened.

 

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
XPG Xenia 15, i7-9750H/16GB & GTX1660ti, KDE Neon

1 user thanked author for this post.

Elly

Reply | Quote

You forgot the most important aspect of emails… they are considered being legally binding documents! At least over here.

Facebook, not so much. Though I am legally responsible for content I post there.
Not that I do… but some have been brought to court and convicted for posting hateful, discriminating content, others for sympathizing with terrorist organisations

Reply | Quote

OK, just wow!  The OP topic was “a little paranoia goes a long way”.

The keyword here is “a little”…

Normal precautions are good, and sufficient for most folks with nothing to hide.  If you are a journalist, or someone living in a repressive country, there are measures that you can take to help ensure your safety.

But otherwise, if you really are concerned that anything about you can be collected, maybe you need to just unplug.   🙂

There is no way that you can be online, and remain completely anonymous, without taking extreme measures.

Windows 10 Pro 22H2

Reply | Quote

Having a balanced perspective is good. But most speaking out here are still trying to define where a balanced path is between the two extremes from locked down to zero privacy.

Each of us would be horrified if we prohibited ourselves from leaving the house for groceries, entertainment, employment, or exercise. It would be self imposed imprisonment. At the opposite extreme, we would be similarly horrified if a familiar agent escorted us on each of these outings, every time, as soon as we stepped outside our front door. In real life, in a free society, there are laws to deter such agents whether they are an overly clingy friend, or a harassing private investigator.

But somehow we do not associate the same freedoms, privileges, responsibilities, and taboos when ‘walking around’ on the internet. The difficulty is in identifying the middle path where our own freedom does not interfere with another’s freedom. And making sure that theirs does not profit unfairly from ours.

When I walk out my front door, every person with reasonable eyesight can identify me and follow me, and I am not bothered by that. Until it crosses that line we all recognize but have trouble defining. I drive a car that appeals to me, in part because it is unique and recognizable on sight. Even if it were not, it carries a prominently displayed unique license tag. If I were to try to move about in secret, that itself would stand out as obvious to everyone nearby. Sometimes I even seek out the opportunity to stand in a very large crowd to watch a sporting event; in a stadium that has full rights to use my image for their own business purposes. And I’m okay with that. I even pay for the privilege.

Things that would be immediately seen as unethical in fresh air, are somehow less obvious on the internet. It is that definition of acceptable or improper that we are still struggling with.

5 users thanked author for this post.

HiFlyer, GoneToPlaid, JohnW, OscarCP, Elly

Reply | Quote

The distinction between what is acceptable and what is not must be made, by individuals, based on often incomplete information complemented by instinct, our ancient built-in toolkit of survival skills.
But, for those issues that are common to us all who live in a civilized society, we rely on the law and the judicial institutions that apply them to have such issues decided.
The law is never perfect, but it is perfectible, and there is no better civilized alternative, anyways: “Lex dura, sed lex.”
So laws evolve as society changes, to reflct the changes in the understanding and social consensus of the issues that motivate them.
Part of this process is the one now going on within the European Union, that has been quite often ahead in taking up the challenges of finding and defining, in practical terms, that difficult balance between privacy, public security and the legitimate need to know of individuals and organizations both public and private. Particularly as it applies to these (when measured in the slow path of legal innovation), very recent developments in mass communication made possible by the Internet, the Web riding on it, and powerful computers and algorithms that enable the easy intrusion in the privacy of individuals.
Which brings me to the issue of the day and the reason for Cascadian’s posting.
In this respect, the contents of these two Web pages might be of interest:

https://www.eugdpr.org/

https://en.wikipedia.org/wiki/Data_Protection_Directive

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

2 users thanked author for this post.

HiFlyer, Cascadian

Reply | Quote

That is an excellent analysis, and well said!

I suppose that each of us has different expectations regarding privacy when we set foot online.

From my perspective, when online I expect about the same privacy as I get at a stadium sporting event.  Right or wrong, that is the reality I expect.

Perhaps my expectations have been tempered by a career in corporate IT.

We were always monitored, and warned that any use of company equipment, networks, email, etc., could be observed.  The instant messaging program that we used to communicate between team members was recorded.

The cameras in the hallways and the ceiling of our data centers recorded everything.

And I have read George Orwell long ago.  So I do get it…

But the reality of the powers that be are that if they have the tools, they will use them.  Right or wrong, that is the reality.

Long ago I realized that if you don’t wish to risk something being put on the 6 o’clock news, don’t say or publish it.

All that being said, it is long overdue for modern laws to protect the privacy of citizens.  But in an era of deregulation, I am a bit pessimistic.  Privacy is bad for business…bottom line.

I agree that unrestricted personal data collection and mining is wrong, but you need to take measures to protect yourself, because waiting for big brother to do it for you is likely to take a while…

 

Windows 10 Pro 22H2

1 user thanked author for this post.

Cascadian

Reply | Quote

JohnW wrote:

Normal precautions are good, and sufficient for most folks with nothing to hide. If you are a journalist, or someone living in a repressive country, there are measures that you can take to help ensure your safety.

I don’t think there is anyone with “nothing to hide.”  Would you be content to have everything about you and your life made public?

At some level, we all live in repressive countries.  As the quote commonly attributed to Cardinal Richelieu goes, “If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him.”  It’s never been more true than it is today; there are more arcane laws and prohibitions in every “free” country than Richelieu could have ever imagined, and with the surveillance apparatus that so easily can give those in power far more than six lines, there is reason for every one of us to oppose it at every turn.

Any information gathered by Facebook or Google can be had by the US government just for the asking, and I would be surprised if any other country in which those entities operate would be any different.  They can’t receive information that Facebook and Google don’t have in the first place, though, and that’s the key here.

I don’t want to go into any more detail than this since this isn’t in the rants forum, but this “nothing to hide” thing always appears whenever people start talking about the (on-topic) nuts and bolts of opposing mass surveillance, so it has to be addressed.  There is a case to be made for abstaining from the internet completely, but I’m not taking it that far personally.  Others may disagree, and they’re not irrational for doing so.  It’s about balancing competing interests, and every person has their own comfort level.  For those who want to come down more on the “secure” side than is the norm in this day and age, these are some ways to accomplish that.

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
XPG Xenia 15, i7-9750H/16GB & GTX1660ti, KDE Neon

1 user thanked author for this post.

Elly

Reply | Quote

My point was ‘normal precautions are good enough for most people’.  The nothing to hide part should probably be edited out, as it does distract from the message.

My rules:

1. Only friend people on Facebook that are known in real life.  No ‘fake’ friends.   Never post to ‘public’, only to ‘friends’.  Restrict access to public profile.  (I only use Facebook to stay in touch with family and friends scattered around the country).

2. Do not use Facebook credentials to sign in to any other sites.

3. Don’t ‘like’ or ‘follow’ any businesses on Facebook.

4. Log out of Facebook when not using it.

5. Don’t say or publish anything online that you may regret later.  Engage brain before mouth.

6. Log out of any cloud services when not actively using them, that includes Google, Microsoft, Dropbox, etc.  This includes not signing in to Windows with a MS account.

7. Protect your browser against all trackers with custom settings, extensions, etc., and delete cookies and cache regularly.

8. Use a VPN for all online activity.

I think that covers most of what I consider normal and reasonable.  If that’s not enough, maybe unplugging is the best option!  🙂

Windows 10 Pro 22H2

4 users thanked author for this post.

Bill C., MrJimPhelps, jburk07, Elly

Reply | Quote

It seems a little paranoia isn’t enough:

Facebook login security leak

 

Keeping IT Lean, Clean and Mean!

1 user thanked author for this post.

JohnW

Reply | Quote

Yup.  See my rule #2 above…

Windows 10 Pro 22H2

2 users thanked author for this post.

Bill C., Microfix

Reply | Quote