fbpx

How much information does Google have about me?

Our lives have become more integrated online than in any other time in history. We interact with each other online via social mediaemail, and forums; we conduct business via complex, data-driven channels and innovations; and the culture we encounter online is fundamentally linked to that we come across in real life.

As the world’s most popular search engineGoogle has created an enormously popular service – search -  with many peripheral platforms (YouTubeGmailGoogle Maps, etc.) used by hundreds of millions of people.

These services are easy to use, deliver fast and relevant results, and are the primary search destinations for many worldwide.

However, with this ease of use comes privacy concerns, especially in the realm of data storage, search tracking, and use of personal information. Vital concerns about the right to privacy, especially in regards to Google and the amount of information that they track, store, and ultimately use, are becoming increasingly important to many users.

In this article, we’ll go into detail on what kind of information Google tracks about you, how it uses this information, and what you can do to better protect and safeguard your Google searches.

Does Google Track What I Search For? 

Yes, Google definitely tracks all of your search history. If you want to use any of Google’s services, and utilize their personalization of the services that you receive, you must be signed in with a Google account in order for this to happen.

Once you are signed in, Google begins actively tracking

  • What you are searching for
  • How you are searching
  • Your search patterns
  • What ads you’re interested in
  • What you click on
  • What images you view
  • What videos you watch

This is all detailed out in Google’s terms of service, as well as the Google privacy policies.

While these are dense legal documents, it's wise to at least give them a quick look if you are at all concerned about how Google tracks and stores your information.

Does Google Track My Search History Even if I'm Not Signed In?

Every single time we log onto the Internet, we leave traces of our identity via IP addressesMAC addresses, and other unique identifiers. In addition, most web browsers, sites, and applications require the user to opt in to the utilization of cookies – simple software that basically make our web browsing experience more enjoyable, personalized, and efficient.

If you’re not logged into Google, there is still a wide variety of information that you’re making available to Google simply by being online. That includes:

  • Where you are in the world geographically
  • Your IP address
  • Information about the Google services you use and how you might be using them based on your activity patterns
  • What ads you might click on
  • What device you are using
  • Server information
  • Identifying information gleaned from your use of partner services.

This information is used for targeted ad placement and search relevancy. It’s also made available to people who own sites that are tracking data via Google’s statistics tool, Google Analytics; they won’t necessarily be able to drill down and see from what neighborhood you’re accessing their site, but other identifying information (device, browser, time of day, approximate geo, time on site, what content is being accessed) will be available.

What are Examples of Information That Google Collects?

Here are a few examples of what Google collects from users:

  • Information that users give to Google, including personal information such as name, email address, phone number, credit card, and photo
  • Information gleaned from use of Google services, including usage data, personal preferences, emails, photos, videos, browsing history, map searches, spreadsheet and documents, etc.
  • Information from the device you are using to access Google  and Google services, including hardware model, mobile network information (yes, this includes your phone number), even what operating system you might be using
  • Server log information collated from when users are actively using Google services, including search queries, phone information (time and date of calls, types of calls, forwarding numbers, etc.), IP addresses, cookies that are uniquely linked to your web browser or Google account, and device activity information (crashes, what settings are on your hardware, language, etc.)
  • Location information about where you are in the world, including your city, state, neighborhood, and approximate address
  • Peripheral services and apps can also provide what is called a “unique application number” that provides more identifying information to Google when queried
  • Search history, including personal information found in Google services such as YouTube, Google Maps, and Google Images
  • User interactions with other sites and services are also tracked, especially when the user interacts with ads (read Why Are Ads Following Me Around Online? for more on how this works). 

Why Does Google Track So Much Information, and Why?

In order for Google to deliver the amazingly detailed and relevant results that many millions of people have come to rely on, they need a certain amount of data in order to deliver targeted results. For example, if you have a history of searching for videos about training a dog, and you’ve signed into Google (aka, opted in to sharing your data with Google), Google infers that you would like to see targeted results about dog training on all the Google services that you use: this could include Gmail, YouTube, web search, images, etc.

Google’s primary purpose in tracking and storing so much information is to deliver more relevant results to its users, which isn’t necessarily a bad thing. However, growing privacy concerns have motivated many people to carefully monitor their data, including data shared online. 

How to Keep Google From Tracking Your Data

There are three different approaches users can take if they are concerned about Google tracking, saving, and utilizing their data.

Cut everything off: By far the simplest way to disallow your data being tracked by Google is to simply not use any Google services – there are alternative search engines out there that do not track your search history, or collect any of your personal information.

Don’t sign in, but recognize that some relevancy will be lost: People who want to continue using Google without getting tracked can definitely do so, simply by not signing in to their Google accounts. This option is somewhat of a double-edged sword: your information will not be tracked, but your search relevancy could see a decline because of this.

Use Google with caution and common sense: For users who want to continue using Google, don’t want their information to be tracked, but want to take advantage of its competitive search results, there are ways to go about this.

  • Check your Google settings on a regular basis. You, as the user, have complete control over what data you choose to share (or not to share) with Google. You can do this for each service you use with Google, from Gmail to YouTube to general search settings. Click here to update your Google account activity settings. 
  • Check your Google dashboard. Everyone who has an account at Google has what is called a “dashboard”, which is simply a way to see all your Google activity, settings, and profile information in one convenient place. Here’s where you can see what email(s) Google might have, change passwords, see connected applications and sites, view all accounts, manage active devices, manage  your contacts, and much, much more. There’s even an option to have a reminder sent monthly to make sure all your settings are where you want them to be for each individual Google service. Click here to access your Google dashboard.
  • Take power over the ads that you are shown. Did you know that you can review and control the kinds of ads that Google shows you? Most users don’t take advantage of this amazing convenience, but it’s very easy to do. Click here to view, edit, and even opt out of the kinds of ads you see on Google.
  • Do periodic privacy checkups. Not sure which Google services are using what information, how much of your personal information is being shared, or what information Google already has gathered on your search habits? One way to tackle this somewhat overwhelming data is to use the Google Privacy Checker. This simple tool helps users to methodically check exactly what is being shared, and where. For example, you can choose  how much information is shared in your Google+ profile, both publicly and privately. You can edit how much information is available if someone clicks on your YouTube user profile. You can opt out of Google using any publicly shared photos in background images, edit any endorsements of products you might have given in the past, keep all your Google subscriptions (YouTube videos, for example) private, manage your Google Photos settings, and more. You can even personalize your Google experience here, from how you view directions to how your search results are displayed. The user is ultimately in charge of how they experience Google – all the tools are in your hands.  

Overwhelmed? Here’s Where to Start

If this is the first time that you’re learning about how much information Google is actually tracking, storing, and using, you might be a little overwhelmed as to what to do first.

Simply taking the time to educate yourself about what one of the most popular search engines in the world is doing with your online data is a valuable first step.

If you’re looking for a virtual “clean slate”, the best thing to do would simply be to clear your Google search history completely. You can find a detailed step by step on how to accomplish that here: How to Find, Manage, and Delete Your Search History.

Next, decide how much information you are comfortable with giving Google access to. Do you care if all your searches are tracked as long as you get relevant results? Are you okay with giving Google access to your personal information if you receive more targeted access to what you’re looking for? Decide what level of access you are comfortable with, and then use the suggestions in this article to update your Google settings accordingly.

How to Protect Your Privacy and Anonymity Online

For more on how to manage your privacy online, and stop your information from being potentially tracked, we invite you to read the following articles:

Privacy: It's Ultimately Up To You 

Whether or not you’re concerned about the information in your Google searches, profile, and personal dashboards being used to enhance the relevancy of your queries online, it’s always a good idea to make sure that all information shared on any service is within the bounds of personal privacy that you are most comfortable with. While we should certainly keep the platforms and services we use accountable to a common standard of user privacy, the safety and security of our information online is ultimately up to each one of us to determine. 

 Source: This article was published lifewire.com By Wendy Boswell

Categorized in Internet Privacy

Privacy is more important than ever. The Internet may be the best thing since sliced bread, but as we come to rely on it more and more in our daily life we risk exposing our data to attackers. Here at Cloudwards.net we figured we would help out our readers with a thorough online privacy guide that will keep you safe while your browse the world wide web.

We’ll look at the steps you can take to ensure your privacy, whether you’re just browsing or downloading torrents. However, we’re not here to help you hide from three-letter agencies that are actively searching for you: if you’re the next Edward Snowden, you’ll have to take extraordinary measures that are well out of the scope of this article.

With that said, let’s first take a look at the threats the average user will face while on the Internet.

Privacy Under Attack

According to the Pew Research Center, half the U.S. population do not trust the government or social media to protect their data and 64 percent have experienced a major security breach of some description.

It’s not just hackers and scammers that we have to worry about. Governments around the world seem to want to get their hands on citizens’ data, too. Claiming a desire to thwart future terrorist attacks, some politicians want to require corporations to backdoor their software and purposefully weaken or break encryption so that law enforcement can more easily eavesdrop on users.

For example, the FBI wanted Apple to provide them with a backdoor to access encrypted iPhones, a request which Apple, thankfully, declined. As encryption becomes easier to deploy and use, cases like this will continue to crop up in the news until lawmakers learn that all back doors are simply another vector for criminals to attack innocent users — or for ISPs to sell customer data.

The upshot is that your privacy is at risk, whether from politicians or hackers, and it’s futile to rely on corporations or lawmakers to safeguard your private data. Your privacy is your responsibility and you need to grab this bull by the horns yourself if you want your data to stay yours.

Threat Models

A threat model is used to establish what steps to take to keep something secure. Software developers and security researchers use threat modeling when writing software or designing security systems, deploying servers or other hardware. It’s useful for users as well, since security and privacy can seem like a fuzzy gray area for home users.

You need a threat model because there is no single tool to keep your data safe online or to protect your privacy. To begin, ask yourself two basic questions:

  • What do I want to protect?
  • Who am I protecting it from?

Security is situational, meaning someone backing up cat pictures faces very different threats than someone backing up sensitive documents for a business. Do you need to protect those cat pictures? Are they a likely target for attackers? Not really, so you wouldn’t want to expend too much effort on the task.

Documents, on the other hand, are definitely a target for attack. Hackers love to go after them as they contain a wealth of information, so sensitive documents are worth the extra effort it might take to make sure they remain private and secure.

By asking those two questions — what am I protecting, and from whom — we establish a threat model. Ask yourself what the consequences are if you fail to protect something and decide if it’s worth the risk. Even if it might seem like extra work, the tools and tips we provide here will make it easier to keep your data safe and help maintain your privacy.

Common Online Threats

Now that we know what a threat model is and how to establish one that meets your needs, let’s take a look at some of the most common threats online.

Ads and Tracking

Many users find ads to be annoying at the very least and PageFair released a report that shows the use of adblock software to be increasing rapidly. Ad blocking is a good thing as you’re not just making browsing more pleasant, you’re also preventing those ads from tracking you.

Some people don’t mind this, since such data is often used to create targeted advertisements for users. If the idea of your Internet activity being tracked doesn’t bother you then you don’t have to include this in your threat model.

For those who don’t want to be tracked, it’s important to understand how it works. A web browser creates a “fingerprint” that can be used to identify a user with great accuracy. Websites can request specific information from your browser, such as screen resolution, language or installed add-ons.

You can get an idea of how unique your browser fingerprint is at Panopticlick and Am I Unique?. Fingerprinting is hard to prevent, since installing more add-ons or tweaking your browser simply results in a more singular setup than you started with.

There is a way to minimize fingerprinting: use at least two separate browsers.

Let’s say you’re logged into Facebook on Chrome. You leave Facebook, and browse the web for a while. Any page that has a Facebook “like” button automatically reports back to Facebook and you’re still logged in so any pages you visit with a “like” button are tied to your account. You’ll see content and advertisements based on all the tracking data Facebook has accumulated.

By using two browsers — one for Facebook, say, and another for everything else — you keep your activities separate. That way, Facebook and google will have trouble linking your party pics to your WebMD searches. We’ll touch on this more in depth later on in the article, but for now simply decide whether tracking and advertisements are on your threat model.

Public WiFi

WiFi is available almost everywhere these days and many people connect their mobile phone or laptop to the first hotspot that pops up, often without a second thought. However, fake hotspots are easy to set up and often hard for users to distinguish from legitimate ones.

We’ve written in-depth about the dangers of public WiFi and it’s worth reading if you want to stay safe when using it. If you work in public spaces or use public wireless often, you should include it in your threat model; a few simple precautions will cut down the danger of hijacked connections considerably.

A virtual private network is your best bet here, so if you’re not sure what that is we’ll help you get up to speed and understand what a VPN is good for. Using a VPN goes a long way toward protecting you on wireless hotspots, but be sure to follow the basic guidelines below and use a plugin like HTTPS Everywhere, which we covered previously in our list of 99 free tools to protect your privacy.

General Privacy and Security Tips

Maintaining your privacy online requires a continuous effort. You can’t click a button and never worry about it again. By learning a few basic concepts and employing them every day, though, you’ll increase your security and privacy online and eventually it’ll become second nature.

Let’s start with what you can do on your own devices: encryption.

Encrypt Everything

One way to put your privacy at risk is when your computer is lost or stolen. Even if you have password protected it, there are ways to access the data on your hard drive. Stolen or lost devices, in fact, are estimated to contribute to 45 percent of healthcare and 25 percent of bank data breaches, and it’s usually due to unencrypted hard drives.

The major operating systems all include support for full-disk encryption, making it easy to encrypt your entire hard drive. This protects your device in the event it goes missing, but since you simply decrypt it when you login, it makes no real difference in the way you use your device.

Another way of keeping data safe is to not keep it on your hard drive at all, but in the cloud, instead. You can then rely on your cloud provider to handle the encryption of your data and have them keep it safe.

If you go this route, you’re probably best off going with any of our best zero-knowledge cloud services, like Sync.com or pCloud, both of which let you create and maintain control of your own encryption key. Alternatively, you can use a less secure provider and encrypt your files yourself.

In the past, I used TrueCrypt to create encrypted volumes and then stored those encrypted volumes in the cloud. TrueCrypt is no longer supported or considered safe to use, but there are several great TrueCrypt alternatives. I’ve personally moved on to using VeraCrypt.

Using a zero-knowledge service or encrypting your own files is a big responsibility, however, since if you lose your encryption keys or passphrase you’ll have no way to recover the encrypted data. Always keep copies of encryption keys stored someplace safe.

In addition to the files on your computer, consider encrypting text messages stored on your mobile device with user-friendly apps like Signal. Most Android and iOS phones offer system encryption via passcode, which we also recommend taking advantage of.

Anyone with a little spare time and $500 can build a stingray to impersonate a cell tower and intercept text messages. GSM, the protocol used by many mobile phone carriers, is broken and insecure. Given the ease of encrypting text messages and ease of spoofing cell towers, you should strongly consider including your mobile device usage in your privacy threat model.

Finally, we recommend that you consider securing your email. Email is insecure by default, as your messages can pass through many different servers before hitting their destination. Even if those servers use SSL to encrypt the data, there is no guarantee as to the security of each individual server.

Encrypting email is a little more difficult than encrypting text messages, but our email encryption guide provides straightforward instructions and explains essential terminology.

It still might take some time to grasp the basics, but after you send and receive a few encrypted emails, it will become second nature, especially with one of the plugins featured in our guide.

Password Security

The weakest link in information security is almost always the human element. People make mistakes, and when it comes to security one of the most common mistakes is choosing a terrible password and reusing it often.

The media frequently sensationalizes security breaches, always blaming it on hackers while criticizing large corporations for not protecting users. The truth is, corporations can’t be blamed when a someone picks an easily guessed password or falls for a phishing scam.

It’s the easiest avenue for attackers to pursue, preying on unsuspecting users that can’t spot a fake email or use “password123” everywhere they can. We previously covered several high-profile cases involving password fails, which illustrate that very point.

Thankfully, it’s actually not hard to pick a good password. We wrote a guide on choosing astrong password that goes into the logic behind password security and demonstrates how easy it is to pick a nearly unbreakable password.

There are many tools that make strong password creation easier, too, including password managers. Using a password manager requires the user to create and remember a single, lengthy and secure password that unlocks the user’s other passwords. Most password managers have browser plugins and other tools that make using them a seamless experience.

Another tactic you can take to protect yourself against password cracking is two-factor authentication, or 2FA. With 2FA, when logging into an online service from an unfamiliar machine, you’ll be asked enter another piece of information in addition to your normal credentials.

This piece of information is often a security code sent to your mobile device or a security token. This ensures that only you can access this information and is an essential tactic when keeping your data safe.

Use a VPN

We briefly mentioned VPNs earlier when covering public WiFi, but such tools do more than provide protection against digital eavesdropping: VPNs also protect you from marketers and anybody else who might want make use of your browsing data.

We already mentioned ISPs’ Congress-sponsored snooping, but also concerning is that service providers like Verizon and AT&T have been inserting perma-cookies to track users and injecting advertisements into web pages, invading the privacy of users and putting them at risk. Ad networks are often abused by malicious parties, and it’s easy to load malware into an advertisement.

By using a VPN, you can prevent ISP traffic logging and shady practices like those employed by Verizon and AT&T. VPN services can spoof your IP address with one of their own, effectively shielding your device identity and location. The tunnel created by a VPN encrypts traffic coming from your device, too. The net result is that only the VPN provider can see what you’re doing.

That’s why it’s important to find a VPN that doesn’t log traffic. Be especially careful of free VPNproviders. Many profit by actually selling your data to the very sorts of people you think you’re protecting yourself from.

We’ve created a VPN comparison chart that will help you pick a no-log VPN. We also wrote a short guide to VPNs that includes a breakdown of the best VPN providers for 2017.

General Privacy Tips

We’ve covered the basic things you can do to maintain your privacy and security online:

  • Use separate web browsers to compartmentalize your activity and prevent tracking
  • Be wary of public WiFi and use a VPN to stay safe
  • Encrypt everything: your devices, your data, emails and texts
  • Choose strong passwords and never, ever reuse a password
  • Keep a no-log VPN running to prevent traffic monitoring

It might seem like a tall order at first, but you can start by prioritizing and picking just one area to work on. Spend some time thinking about your own privacy needs, what matters to you and what you want to protect. In short, develop your threat model. Then, get to work.

Up next, we’ll look at some common day-to-day online activities (web browsing, chat and torrenting) and offer a few suggestions for how to increase your privacy for each.

Browsing Privately

We spend a good deal of time browsing every day, whether for work or play. In fact, Pew Research reports that 73 percent of Americans say they’re online every day and 21 percent say they’re online “almost constantly.”

The Internet is a lovely place, but it has its dark corners, too, and some less-than-nice people lurk there. We’ve discussed one privacy threat you might face, tracking, and mentioned both phishing and malware in passing.

Phishing is when malicious attackers impersonate a site or service, such as a bank or email provider, in an attempt to trick users into handing over sensitive information. Attackers have become adept at creating realistic pages that might fool all but the most suspicious of users.

Malware is malicious software designed to corrupt your computer. It’s often spread through pop-ups or advertisements, including fake antivirus warnings and updates. Be careful about clicking any such message: chances are someone is trying to scam you and infect your computer. Only update your operating system through the normal channels, like the control panel or app store, or by the package manager if using Linux.

It’s not difficult to avoid phishing sites or malware. By default, both Firefox and Chrome employ Google’s Safe Browsing Service to automatically identify and warn users when a site is known to contain malware and phishing links.

Always look for the SSL icon in the address bar — typically a little padlock — and read the website address to make sure you’re on the right page. Even that’s not a sure thing, though, as malicious sites may use SSL themselves. Always double-check the address, too. A common trick attackers use is to pick a domain with a typo, like “facebok.com” or something similar, hoping that users won’t notice the difference.

Chat

There are many clients for online chat, many of them free, and most users don’t stop to think about their privacy when using them. If you’re content with Facebook Messenger and chat privacy doesn’t factor into your personal threat model, keep doing what you’re doing. If you value your privacy and security, here’s what you can do.

First, you should use Off-the-Record Messaging (OTR) wherever you can. OTR provides encryption and authentication for instant messaging.

The best way to utilize OTR is with the XMPP protocol. XMPP is a free, open and decentralized protocol for instant messaging created in 1999 by Jeremie Miller. Jabber was the first IM technology built atop XMPP, and the popular app WhatsApp initially used a custom version of XMPP before switching to a closed, proprietary protocol.

You’ll need a client, which is simply a program that connects to the XMPP service. A few of the most popular clients that support OTR are:

To start using XMPP, you need to sign up for a public XMPP provider; there’s an excellent list provided by CryptoParty. Signing up is easy and there are plenty of free, public XMPP servers. Once you have an account you can chat with any other user across different XMPP servers.

I won’t get into detail on other chat apps, but we previously touched on some of the concerns regarding apps like WhatsApp and Telegram in another article. The short version: most use private/proprietary protocols, or custom codebases that lack the proven security and reliability of a protocol like XMPP, so it’s impossible to vouch for their security or privacy.

To recap: If you want to chat securely and privately, use a client like Pidgin along with a public XMPP server and the OTR plugin. Any other XMPP user can contact you since most servers are federated, and all of your instant messaging is encrypted and authenticated.

Torrents

The bittorrent protocol relies on each user sharing the file in question with the “swarm,” a term that refers to everyone downloading a particular torrent. Torrent clients will download and upload to other peers, which makes for an excellent, decentralized protocol for file sharing.

It’s also a privacy nightmare. Your IP is broadcast to the swarm and it’s trivial to get the IP address of all users downloading a torrent. Copyright lawyers monitor the most popular torrent sites and files using automated software, sending out millions of notices to ISPs and users, threatening legal action and hefty fines.

There are plenty of legitimate uses for torrents, such as sharing Linux ISOs, but regardless of your intentions the goal of this guide is to help you maintain your privacy. To hide your IP address while torrenting, there are two easy options: Use a VPN or use one of our best cloud torrent services.

We discussed VPNs earlier, but it’s worth mentioning that not all providers are torrent-friendly. Check out our top VPN reviews to find a good provider that allows torrents before you sign up for a VPN service. Speed tests are a crucial part of our reviews, and you’ll want the best speeds possible when downloading torrents with a VPN. Remember to look for a provider that doesn’t log your data, too.

If you don’t want to use a VPN, there’s always cloud torrenting. These clients download the torrents on your behalf, so your IP is never in the swarm, and they cache popular torrents so often times your files are instantly available. Many support streaming on their paid tiers, making this a convenient choice, but keep in mind these providers typically keep logs and would comply with court orders.

I’m not aware of this ever happening, and services like Put.io have been in business for quite some time without issue. For the those who value their privacy, I recommend a torrent-friendly, zero-logging VPN provider for downloading torrents. It may be less convenient, but it’s better for your privacy.

Conclusion

Privacy and security are complex topics and it would take many more pages to cover every aspect. Fortunately, unless you’re on the run from an intelligence agency, users can protect their privacy by following a few basic guidelines and staying aware of trends and threats as technology evolves.

Determine the threats to your privacy: What do you want to protect, and how hard are you willing to work to protect it? Learn about VPNs and pick a reputable provider to keep your traffic secure at home and on public WiFi. Encrypt all of your devices, as well as your texts, emails and other data. Be wary when browsing the web, avoiding common phishing scams and malware.

Put what you’ve learned here into practice slowly, and use it daily. After a while it becomes natural, and you’ll feel better knowing your data is secure. Your privacy is in your hands, and Cloudwards.net is here to help you safeguard it. We hope you enjoyed this article. Feel free to share it on social media and leave feedback in the comments below. Thank you for reading.

 

Source: This article was published cloudwards.net By James Crace

Categorized in Internet Privacy

By Adeniyi Ogunfowoke

With almost everyone relying on the internet to perform tasks, there is barely anything like privacy. All your personal information are readily available to everyone by simply googling your name.

However, you can control the information others have access to online thereby guaranteeing your online privacy by taking certain steps. Jumia Travel, the leading online travel agency shares some of the steps you should take.

Password all your devices

Protect all your devices with passwords and that includes your computers, tablets, smartphones and anything other gadgets with your personal data on them. If it is unsecured by a password, your lost or stolen gadget will become a source of personal information for whoever has it and this can lead to identity theft.

Use two-factor authentication

The two-factor authentication is becoming very popular today. Activating this feature will not give you or any other person immediate access to your accounts. Instead, when you login, you will need to enter a special code that the website texts to your phone. No code, no access.

Do not share too much information on your social media profile

The more information you share online, the easier it’s going to be for someone to get their hands on it. One of such ways to get this information is via social media. So, check your social media profiles and remove information such as date of birth, phone numbers and email addresses. Anyone who wants to contact you should send a Direct Message.

Enable private browsing

If you don’t want anyone with physical access to your computer to see your online activities, you should enable private browsing which is a setting available in all major web browser. Enabling it will automatically delete cookies, browsing history and temporary Internet files after you close the window.

Set up a Google alert for your name

This is one of the easiest ways to keep track of everything someone may be saying about you on the website. With the activation of Google alert, you will be alerted immediately if someone illegally accesses your information.

Pay for transactions with cash

If you do not want to give out your card information online, you should use the cash on delivery option to pay for online transactions. You know some of these websites can sometimes be unreliable.

Keep your computer virus free

If your computer is infected by a virus or malware, hackers will not only have access to your information to steal your identity, but they may lock up your files and ask for a ransome to get them back. You will have to pay if the files are important to you.

Do not rely on search engines

If you don’t like the idea of your search history being used to do business, you can switch your search engines. This is because many of us rely heavily on Google Chrome. So, make it a rule of thumb to switch your search engine.

Adeniyi Ogunfowoke is a PR Associate at Jumia Travel

Source: This article was published businesspost.ng By Dipo Olowookere

Categorized in Internet Privacy

I JUST GOOGLED “alarm dust,” “alibi sweatshirt,” and “sleuth intelligence.” Then I shopped for industrial dehydrators, scanned a Pinterest page for concrete decks, and read something about nuclear war.

The thing is, I’m not in the market for a new dehydrator. Concrete decks aren’t really my style, and I still have no idea what “alarm dust” is. I didn’t visit any of these web sites of my own volition—a website called Internet Noise did, all to obscure my real browsing habits in a fog of fake search history.

Yesterday, the House of Representatives voted to let internet service providers sell your browsing data on the open market. This decision angered a lot of people, including programmer Dan Schultz. After reading about the vote on Twitter at 1 AM, he turned off Zelda and coded this ghost currently opening tabs on my machine.

Internet Noise acts like a browser extension but is really just a website that auto-opens tabs based on random Google searches. Schultz isn’t a hacker but a concerned do-gooder trying to get Americans to understand how much their online privacy is at risk. “I cannot function in civil society in 2017 without an internet connection, and I have to go through an ISP to do that,” he says.

To counter that threat, Schultz wants to make it impossible for ISPs or anyone they’ve sold your data to accurately profile you. The vote yesterday implicitly legalized such tracking by explicitly rescinding rules against it. By muddying your online identity, advertisers can’t accurately target you, and authorities can’t accurately surveil you. To create noise that blocks your signal, Schultz googled “Top 4,000 nouns” and folded the list into his code. When you hit the “Make some noise” button on his site, it harnesses Google’s “I’m Feeling Lucky” button to search those phrases, then opens five tabs based on the results. Every ten seconds it does another search and opens up five more. Within minutes, my entire browser history was a jumble. Internet Noise will keep going until you hit the “STOP THE NOISE!” button. Schultz envisions you running this while you sleep.

This is a snapshot of my browsing history a minute after installing "Internet Noise."This is a snapshot of my browsing history a minute after running Internet Noise.

This signal-jamming offers just one modest example of the larger theory of obfuscation, the idea that if you can’t disappear online at least you can hide yourself in a miasma of noise. Adnauseam.io is a plug-in currently banned by Google that works in a similar way, except instead of just opening pages and jamming your history, it actually clicks on random ads. In the process, it’s directly targeting the ad model that underpins so much of the internet, and it can be pretty effective. I am not building a deck or in the market for a manual regenerative hydrator, but now that Internet Noise search for those things ads for both will likely appear in my Facebook feed, and I’m cool with that. Internet Noise tries to throw them off my trail by creating a fake path to follow. That’s the key to successful signal-jamming: You can’t just generate random sounds. You have to generate a second song.

Risks and Limitations

What if it’s not an advertiser looking at your web data, though, but a spy agency or some other authority drawing conclusions about your browsing? From my test run, someone might conclude something causal between my googling of industrial equipment, chemical companies, nuclear proliferation, sleuth intelligence, and cancer. Sketchy! Schultz himself hasn’t evaluated all 4,000 search words (and the 16,000,000 results their two-word combinations can generate)1 to determine whether they might raise red flags for anyone spying on my habits.

But I can take some comfort in the fact that right now, Schultz’s site isn’t that effective at truly jamming my signal. It’s actually too random. It doesn’t linger on sites very long, nor does it revisit them. In other words, it doesn’t really look human, and smart-enough tracking algorithms likely know that.

“The main problem with these sorts of projects is that they rely on your being able to generate plausible activity more reliably than your adversaries,” says privacy expert Parker Higgins, formerly of the Electronic Frontier Foundation. “That’s a really hard problem.”

Schultz says the main point of Internet Noise for now is to raise awareness, though the open source project has the potential to evolve into a real privacy tool. People have already reached out to fix minor problems and suggest ways to make it more effective. In the meantime, anyone truly concerned about their privacy needs to stay savvy about the technical limitations of the tools they choose, including Internet Noise. “I fear that any of these cool hacks will give people a false sense of security,” says EFF privacy researcher Gennie Gebhart, who is working with her team to create a broad toolkit of how to protect yourself from ISP tracking. “There is no one click that will protect you from all the kinds of tracking.”

Not that privacy-minded programmers will stop trying. Internet Noise may be the first grassroots hack created in direct response to yesterday’s vote. But a sizable collectionof similar tools offers a sobering reminder that companies were already tracking and selling your data. Geeks may not have the political clout to stop such infringements of online freedom, but they do have the advantages of speed and passion. As long as they have keyboards, internet fighters will try to drown out Washington with the roar of their code.

1Updated to include how many different search results the noun combinations could generate.

Source: This article was published wired.com By EMILY DREYFUSS

Categorized in Internet Privacy

Achieving internet privacy is possible but often requires overlapping services

It’s one of the internet’s oft-mentioned 'creepy' moments. A user is served a banner ad in their browser promoting products on a site they visited hours, days or months in the past. It’s as if the ads are following them around from site to site. Most people know that the issue of ad stalking – termed 'remarketing' or 'retargeting' - has something to do with cookies but that’s barely the half of it.

The underlying tracking for all this is provided by the search engine provider, be that Google, Microsoft or Yahoo, or one of a number of programmatic ad platforms most people have never heard of. The ad system notices which sites people are visiting, choosing an opportune moment to 're-market' products from a site they visited at some point based on how receptive it thinks they will be. The promoted site has paid for this privilege of course. Unless that cookie is cleared, the user will every now and then be served the same ad for days or weeks on end.

Is this creepy? Only if you don’t understand what is really going on when you use the internet. As far as advertisers are concerned, if the user has a negative feeling about it then the remarketing has probably not worked.

If it was only advertisers, privacy would be challenging enough but almost every popular free service, including search engines, social media, cloud storage and webmail, now gathers intrusive amounts of personal data as a fundamental part of its business model. User data is simply too valuable to advertisers and profilers not to. The service is free precisely because the user has 'become the product' whose habits and behaviour can be sold on to third parties. Broadband providers, meanwhile, are increasingly required by governments to store the internet usage history of subscribers for reasons justified by national security and policing.

The cost of privacy - dynamic pricing

Disturbingly, this personal tracking can also cost surfers money through a marketing technique called 'dynamic pricing' whereby websites mysteriously offer two users a different bill for an identical product or service. How this is done is never clear but everything from the browser used, the search engine in question the time of day, the buying history of the user or the profile of data suggesting their affluence may come into play. Even the number of searches could raise the price.

This seems to be most common when buying commodity services such as flights, hotel rooms and car rental, all of which are sold through a network of middlemen providers who get to decide the rules without having to tell anyone what these are. Privacy in this context becomes about being treated fairly, something internet providers don't always seem keen to do.

How to browse privately

Achieving privacy requires finding a way to minimise the oversight of internet service providers (IPS) as well as the profiling built into browsers, search engines and websites. It is also important to watch out for DNS name servers used to resolve IP addresses because these are increasingly used as data capture systems.

At any one of these stages, data unique to each user is being logged. This is especially true when using search engines while logged into services such as Google or Facebook. You might not mind that a particular search is logged by the search provider but most people don’t realise how this is connected directly to personal data such as IP address, browser and computer ID not to mention the name and email address for those services.

Put bluntly, the fact that an individual searched for health, job or legal advice is stored indefinitely as part of their personal online profile whether they like it or not.

VPNs

In theory, the traditional way of shielding internet use from ISPs can be achieved using a VPN provider.

A VPN creates an encrypted tunnel from the user’s device and the service provider’s servers which means that any websites visited after that become invisible to the user’s primary ISP. In turn, the user’s IP address is also hidden from those websites. Notice, however, that the VPN provider can still see which sites are being visited and will also know the user’s ISP IP.

Why are some VPNs free? Good question but one answer is that they can perform precisely the same sort of profiling of user behaviour that the ISP does but for commercial rather than legal reasons. In effect, the user has simply swapped the spying of one company, the ISP, for another, the VPN.

Post-Snowden, a growing number advertise themselves as 'no logging' providers, but how far the user is willing to go in this respect needs to be thought about. Wanting to dodge tracking and profiling is one thing, trying to avoid intelligence services quite another because it assumes that there are no weaknesses in the VPN software or even the underlying encryption that have not been publicly exposed.

IPVanish

IPVanish is a well-regarded US-based service offering an unusually wide range of software clients, including for Windows, Mac and Ubuntu Linux, as well as mobile apps for Android, iOS and Windows Phone. There is also a setup routine for DD-WRT and Tomato for those who use open source router firmware. Promoted on the back of speed (useful when in a coffee shop) and global reach as well as security. On that topic, it requires no personal data other than for payment and states that it does not collect or log any user traffic.

Cyberghost

Another multi-platform VPN, Romanian-based Cyberghost goes to some lengths to advertise its security features, its main USP. These include multi-protocol support (OpenVPN, IPSec, L2TP and PPTP), DNS leak prevention, IP sharing (essentially subnetting multiple users on one virtual IP) and IPv6 protection. Provisions around 50 servers for UK users. It also says it doesn’t store user data.

Privacy browsers

All browsers claim to be ‘privacy browsers’ if the services around them are used in specific ways, for example in incognito or privacy mode. As wonderful as Google’s Chrome or Microsoft’s Edge might be their primary purpose, isn't security. The companies that offer them simply have too much to gain from

The companies that offer them simply have too much to gain from a world in which users are tagged, tracked and profiled no matter what their makers say. To Google’s credit, the company doesn’t really hide this fact and does a reasonable job of explaining its privacy settings.

Firefox, by contrast, is by some distance the best of the browser makers simply because it does not depend on the user tracking that helps to fund others. But this becomes moot the minute you log into third-party services, which is why most of the privacy action in the browser space now centres around add-ons.

Epic Privacy Browser

Epic is a Chromium-based browser that takes a minimalistic approach to browsing in order to maximise privacy. It claims that both cookies and trackers are deleted after each session and that all browser searches are proxied through their own servers, meaning that there is no way to connect an IP address to a search. This means your identity is hidden. Epic also provides a fully encrypted connection and users can use its one-button proxying feature that makes quick private browsing easy, although it could slow down your browser.

Tor

This Firefox-based browser that runs on the Tor network can be used with Windows, Mac or Linux PCs. This browser is built on an entire infrastructure of ‘hidden’ relay servers, which means that you can use the internet with your IP and digital identity hidden. Unlike other browsers, Tor is built for privacy only, so it does lack certain security features such as built-in antivirus and anti-malware software.

Dooble

This stripped back Chromium-based browser offers great privacy potential but it may not be the first choice for everyone. Able to run on Windows, Linux and OS X, Dooble offers strict privacy features. It will disable insecure web-based interfaces such as Flash and Javascript, which will make some web pages harder to read. In addition, user content such as bookmarks and browsing history can be encrypted using various passphrases.

See here for a full list of our best secure browsers. 

Privacy search engines

It might seem a bit pointless to worry about a privacy search engine given that this is an inherent quality of the VPN services already discussed but a couple are worth looking out for. The advantage of this approach is that it is free and incredibly simple. Users simply start using a different search engine and aren’t required to buy or install anything.

DuckDuckGo

The best-known example of this is DuckDuckGo. What we like about DuckDuckGo is it protects searches by stopping 'search leakage' by default. This means visited sites will not know what other terms a user searched for and will not be sent a user’s IP address or browser user agent. It also offers an encrypted version that connects to the encrypted versions of major websites, preserving some privacy between the user and the site.

In addition, DuckDuckGo offers a neat password-protected 'cloud save' setting that makes it possible to create search policies and sync these across devices using the search engine.

Oscobo UK search

Launched in late 2015, Oscobo returns UK-specific search results by default (which DuckDuckGo will require a manual setting for). As with DuckDuckGo, the search results are based on Yahoo and Bing although the US outfit also has some of its own spidering. Beyond that, Oscobo does not record IP address or any other user data. According to its founders, no trace of searches made from a computer is left behind. It makes its money from sponsored search returns.

DNS nameservers

Techworld's sister title Computerworld UK recently covered the issue of alternative DNS nameservers, including Norton ConnecSafe, OpenDNS, Comodo Secure DNS, DNS.Watch, VeriSign and, of course, Google.

However, as with any DNS nameserver, there are also privacy concerns because the growing number of free services are really being driven by data gathering. The only way to bypass nameservers completely is to use a VPN provider’s infrastructure. The point of even mentioning them is that using an alternative might be faster than the ISP but come at the expense of less privacy.

DNS.Watch

Available on 84.200.69.80 and 84.200.70.40, DNS.Watch is unique in offering an alternative DNS service without the website logging found on almost every rival. We quote: “We're not interested in shady deals with your data. You own it. We're not a big corporation and don't have to participate in shady deals. We're not running any ad network or anything else where your DNS queries could be of interest for us.”

OpenDNS

Now part of Cisco, the primary is 208.67.220.220 with a backup on 208.67.222.222. Home users can simply adjust their DNS to point at one of the above but OpenDNS also offers the service wrapped up in three further tiers of service, Family Shield, Home, and VIP Home. Each comes with varying levels of filtering and security, parental control and anti-phishing protection.

Privacy utilities

Abine Blur

Blur is an all-in-one desktop and mobile privacy tool that offers a range of privacy features with some adblocking thrown in for good measure. Available in free and Premium versions ($39 a year) on Firefox and Chrome only, principle features include:

- Masked cards: a way of entering a real credit card into the Blur database which then pays merchants without revealing those details. 

- Passwords: similar in operation to password managers such as LastPass and Dashlane without some of the layers of security and sophistication that come with those platforms. When signing up for or encountering a new site Blur offers to save or create a new strong password.

Masked email addresses are another feature, identical in principle to the aliases that can be used with webmail systems such as Gmail.  Bur’s management of these is a bit more involved and we’d question whether it’s worth it to be honest were it not for the single advantage of completely hiding the destination address, including the domain. Some will value this masking as well as the ease of turning addresses on and off and creating new ones. On a Premium subscription, it is also possible to set up more than one destination address.

- Adblocking: with the browser extension installed, Blur will block ad tracking systems without the conflict of interest are inherent in the Acceptable Ads program used by AdBlock Plus and a number of others.  We didn’t test this feature across many sites but it can be easily turned on and off from the toolbar.

- Two-factor authentication: Given the amount of data users are storing in Blur, using two-factor authentication (2FA) is an absolute must. This can be set up using a mobile app such as Google Authenticator, Authy or FreeOTP.

- Backup and Sync:  Another premium feature, this will sync account data across multiple devices in an encrypted state.

- Masked phone: probably only useful in the US where intrusive telemarketing is a problem, this gives users a second phone number to hand to marketers.  Only works in named countries including the UK. Only on Premium.

Overall, Blur represents a lot of features in one desktop/mobile browser extension. Limitations? Not terribly well explained in places and getting the best out of it requires a Premium subscription. Although the tools are well integrated and thought out most of them can be found for less (e.g. LastPass) or free (e.g. adblocking) elsewhere.  The features that can’t are masked phone and masked card numbers/addresses.

Source : This article was published in techworld.com By John E Dunn

Categorized in Internet Privacy

Internet privacy was once again thrust into the limelight recently when President Donald Trump signed a bill that would allow internet service providers to sell your browsing history to third parties like advertisers.

As much as the news rekindled concerns around internet privacy, little has actually changed. The signed bill is generally keeping things as they are. The outrage comes from the fact that the bill is rolling back an Obama-era measure to prevent ISPs from tracking and selling your browsing history, which didn't have time to take effect before he left office.

Still, some of you may be looking for ways to browse the web privately, and one of the most prominent solutions is to use a virtual private network, or VPN, which cloaks your online activity.

Here's what VPNs are, what they do, and what to look out for if you're an average person using the internet.

A VPN essentially hides your internet activity from your internet service provider, which means it has nothing to sell to third parties.

A VPN essentially hides your internet activity from your internet service provider, which means it has nothing to sell to third parties.

If the internet is an open highway, VPNs act like a tunnel that hides your internet traffic. The VPN encrypts your internet traffic into a garbled mess of numbers that can't be deciphered by your ISP or a third party. 

Most VPNs also hide identifying details about your computer from ISPs.

Most VPNs also hide identifying details about your computer from ISPs.

Any device that's connected to your ISP's network has an IP address, which looks like a series of numbers. Many Americans have multiple devices, so ISPs use IP addresses to see which device has accessed which websites and where.

Without an IP address, your devices wouldn't be able to communicate with the websites you want to look at, and you wouldn't be able to browse the internet.

VPN services hide the IP addresses on the devices you use with the VPN and replace them with IP addresses from one of their servers, which can be located anywhere in the world. So if you're in the US but are connected to a VPN server in Europe, ISPs will see the VPN's European server's IP address instead of your device's.

Can't ISPs track my browsing history through the VPN's IP address?

They could if you were the only user on that VPN server. But several users are usually using the same VPN IP address, so they can't determine whether a browsing history belongs to you, specifically. It's like searching for a needle in a stack of needles.

VPN services aren't perfect.

By using a VPN, you're still switching the trust of your privacy from your ISP to your VPN service. With that in mind, you need to make sure the VPN you use is trustworthy and doesn't store logs of your browsing history.

Certain VPN services say they don't log your browsing activity and history while you're connected to their servers. It means ISPs or a third party can't retroactively check your browsing history, even if it could decrypt the VPN's encryption "tunnel," which is unlikely in the first place.

For an extra layer of protection, choose a VPN whose servers are based outside the US. That protects against the possibility of legal entities in the US trying to access your browsing history through court orders.

They can slow down your internet speed.

The "internet" travels incredibly quickly around the world, but it's still bound by the laws of physics.

Since VPN services reroute your internet traffic through one of its servers somewhere around the globe, your internet speed could be slightly reduced.They essentially make your internet traffic take a longer route than it usually would, which means things can take longer to load.

The further away the VPN server is from your location, the longer the distance your internet traffic has to travel, which can end up in slower internet speeds. 

Most free VPN services may not be enough to protect your privacy.

Many free VPN services simply hide your IP address and don't encrypt your data, and it's the encryption part that protects your privacy more thoroughly.

You have to pay extra for privacy.

Paying extra for a premium VPN service on top of your internet bill so you can browse privately isn't very appealing. 

Should you get a VPN?

Should you get a VPN?

By getting a VPN in light of the recent events, you're preventing your ISP from tracking your activity and selling your browsing history to a third party to make more money out of your subscription. 

Some people don't want their browsing history to be seen by ISPs, nor do they want it to be sold to advertisers, even if it isn't tied to you personally. Some ISPs have said they value their customers' privacy and don't track their activity, but some of their language surrounding this subject can be vague.

Secondly, it seems fair to be recompensed for providing, albeit involuntarily, your precious browsing histories, as advertisers covet them to find out what you're interested in and show you targeted ads. If my ISP is making money out of selling my browsing history, I'd expect my monthly internet bill to be reduced, as I'm technically providing my ISP a service by browsing the web and exposing my interests. 

The likelihood of this happening, however, is uncertain and perhaps unlikely considering it's now an ISP's "right" to sell your browsing history to third parties. There's no law out there that forces ISPs to compensate their customers for providing their browsing histories, so don't expect them to anytime soon.

In a way, you can't blame the ISPs.

In a way, you can't blame the ISPs.

ISPs can see which sites you're visiting, anyway, because they can tell what internet traffic is going through which IP address. From their point of view, they might as well make money out of it. There's certainly a market for browsing histories, and after all, a business is in the business of making money.

Still, not everyone is comfortable with having their activity tracked at all — or having to opt out versus opting in — even if they have a squeaky-clean, legal web-browsing history.

 

Author: Antonio Villas-Boas
Source: businessinsider.com

Categorized in Internet Privacy

SAN FRANCISCO — Protecting your Internet activities from collection and sale by marketers is easier said than done, especially after Tuesday’s vote to overturn pending FCC privacy rules for Internet Service Providers.

The move by Congress dismantled rules created by the Federal Communications Commission just six months ago, rules that weren’t slated to go into effect until later this year. President Trump is expected to sign the bill into law soon.

Broadband rules axed by Congress, headed to Trump

The decision, decried by consumer groups and Democrats and lauded by Republicans and telecom companies, sent those worried looking for a fallback plan. One possibility? Wider use of VPNs, which provide private end-to-end Internet connections and are typically used to keep out snoops when using public Wi-Fi.

"Time to start using a VPN at home," Vijaya Gadde, general counsel at Twitter, tweeted after the decision.

But such protection is limited. While VPNs keep broadband providers from seeing the sites users visit, that masking only goes so far — once logged into a website, an operator like Amazon tracks users' activities so it can suggest tailored products.

"All that a VPN does is hide what take place to get from point A to point B. Once you're on the other side, if you have credentials there — think Netflix — it knows who you are," said Matt Stamper, director of security and risk management programs at the consulting company Gartner.

Congress' decision essentially reverts to the status quo. The FCC argued that IPS’s like Comcast and AT&T should not face more stringent privacy rules than online companies such as Facebook and Google, which also collect information about users. Opponents countered that IPS's are different because they have access to users' full web browsing habits and physical addresses.

With the repeal, Internet providers won't be required to notify customers they collect data about or ask permission before collecting, sharing and selling data about what they do online, beyond the initial Terms of Service agreement. Information collected could include websites visited, apps used and physical location.

“Your entire clickstream, basically your life online, has the potentially to become one giant profile,” said Stamper.

That information can then be used to craft highly-targeted ads. This is part of the fundamental business model of many online companies, from e-commerce juggernaut Amazon to search giant Google to social network Facebook. They follow users’ online movements and actions, then use the information to better market to them. Increasingly, broadband providers are also getting into the content and advertising business. For instance, that's a key reason Verizon is buying Yahoo.

While web companies' profiles aren't person-specific, they allow their own products and those of advertisers to minutely target a type of customer, say a 30-year-old woman in the Southwest who likes rock climbing. While individual companies' privacy policies vary and sometimes allow for opt-outs of information sharing, in general websites can sell or share this de-personalized information with partners.

Side-stepping that constant surveillance while trying to use the web in our daily lives is almost unachievable, said Stamper.

“Realistically, unless somebody is extraordinarily well-versed in technology, has a really good understanding of what different sites are doing and how they do it, it’s almost impossible for the average consumer to keep their details private,” he said.

One option is for customers to find the privacy policy of their ISP and specifically opt out of data collection, said Robert Cattanach, a privacy lawyer with the firm of Dorsey & Whitney.

That's easier said than done, said ACLU lawyer Neema Singh Guliani.

"You'll need to go through what in some cases is going to be a long, arduous and frustrating process in understanding what you can do to control the information they gather about you," she said.

Overall, the best course of action for those concerned about what's collected about them is to practice ‘digital privacy hygiene’ by giving as little information as possible when doing things online, to minimize the digital footprint available to companies, said Nuala O’Connor, president and CEO of the Center for Democracy & Technology, a non-profit digital rights group.

“I was asked for my phone number when buying towels recently at a home store. They don’t need my phone number! Just sell me the towels!  Companies need to do a better job about minimizing the data they’re collecting, but in the meantime we can all be stingier about what we give out,” she said.

Long term, the situation could create incentives for companies to offer privacy-for-pay, “tiered pricing models that would effectively make privacy a privilege for those who could afford to pay more for these services every month,” said Fatemeh Khatibloo, a privacy analyst with Forrester.

Source : usatoday.com

Categorized in Internet Privacy

It seems that every day we see stories of companies that have been hacked and frequently millions of passwords, credit card numbers or other key pieces of information make their way out of the computers where they are stored.

It’s clear that the more information we have outside of our homes and on computers that are connected to the Internet, we run the risk of the information getting into the hands of people we don’t want to have it.

We also try to create secure connections between our applications so that prying eyes can’t see our communications.

I can’t say I believe this is working very well. Recent postings by WikiLeaks indicates tour intelligence services may have ways to read encrypted information we believed to be unreadable.

And our government isn’t the only group who has the interest and means to read things we don’t intend them to read.

For my communications, I take the perspective that everything I create digitally is probably readable by someone I don’t want to read it.

When it comes to things I may generally write, it helps me ensure I stay factual and true. This is a good thing.

When it comes to items such as passwords, account numbers and bank information, I try to use things like two-factor authentication to ensure that even if someone has my password, they can’t log in unless they enter a code sent to my mobile phone.

Luckily, the companies that are the biggest targets for these sorts of breaches have very sharp people working to secure their systems and our laws and their policies provide instant relief for things like unauthorized bank withdrawals.

Still, situations like identity theft, where someone pretends to be someone they’re not can be problematic for those affected. Even if someone who has been affected by identity theft loses no money, the time to repair the damage can be daunting and take years to correct.

So how can you protect yourself?

In most cases, try to keep your computers and mobile phones up to the most recent standards. Because this field is changing rapidly, staying current is a very good defense.

When companies offer features such as two-factor authentication, use them.

If you are concerned about communications being private, consider whether it should be sent digitally or perhaps in person. While this is not always possible, it is fair to assume that if your recipient can read something, so can someone else.

Privacy and security are legitimate concerns in today’s world. They have been for generations. We now have more and different ways to communicate and, therefore, need to be cognizant of the risks the new technologies bring.

Stay vigilant, stay honest and stay safe. A little care can go a long way to protecting you.

Mark Mathias is a 35+ year information technology executive, a resident of Westport, Connecticut. His columns can be read on the Internet at blog.mathias.org. He can be contacted at livingwith.

This email address is being protected from spambots. You need JavaScript enabled to view it..

Author : Mark Mathias

Source : http://www.newcanaannewsonline.com/news/article/Living-With-Technology-How-good-is-online-11009880.php 

Categorized in Internet Privacy

Folks online are worrying about a free genealogy site that lets users search for someone by name then provides the year the individual was born, possible relatives and associates and the person's addresses, past and present.

The personal information available on the FamilyTreeNow.com site is taken from free public databases and can be readily found on other search sites, in various forms, many of which charge for the information.

But an alarm was raised after a woman tweeted about it, friends and others shared the post and it went viral, prompting dozens of news stories. FamilyTreeNow.com has not responded to a request for an interview for this story.

Privacy and information experts say that how people manage access to their digitized data will continue to be a challenge because that information never goes away.

"Once information is digitized and posted anywhere on the web, it has virtually become perpetual and eternal," said University of Utah professor Randy Dryer, an expert in media, privacy and information law. "Even if it's removed shortly after it was posted, it's probably either cached on search engines or part of a backup that's maintained or else someone downloaded it. Once something's on the internet, there's permanency to it."

It's also likely impossible to restore privacy that U.S. law never protected.

"Privacy protection in the U.S., in general, is pretty weak," said Brigham Young University law professor Clark Asay, who teaches and writes about information privacy.

"Once information is public, people take it and use it how they like," he said, acknowledging it's a "little more unnerving when information is presented in consolidated form."

'The new oil'

Most people don't understand how much information is being collected. Dryer said personal information is gathered into massive databases regularly "and to a far more pervasive extent than most people realize, either voluntarily or involuntarily." 

Individuals readily provide information to Google, Facebook and other social networks. The sites' privacy policies — which most people opt into without actually reading — explain how they'll use the data. Some will sell it, sometimes in an individually not-identifiable form; some use it to target their advertising at specific consumers. Dryer said he's amazed at the sheer amount of information people provide in online surveys or when they register to win a free iPad.

The issue has been known for a long time. In 2014, Jacob Morgan, a futurist, keynote speaker and author of “The Future of Work," wrote in a column for Forbes that "most of (us) use Facebook, have iPhones, use Twitter, search on Google, and use the hundreds of other tools and platforms that companies have so graciously given us access to. We subscribe to newsletters, buy things online, take quizzes, allow our apps to access third-party websites, enter contests, and register for conferences. Simply loading a web page of any kind tracks some kind of information about you.”

Data that's directly provided allows those who collect it to infer other information, such as political affiliation, Dryer said. And collecting two piles of information that have something in common, like an email address, creates a fuller picture of the individual.

"There's no such thing as free in the online world," he said. "There's no fee to open a Facebook account, but Facebook probably has more information about individuals than any other entity, including the government." He warned that unless folks log out each time they leave the site, it tracks movement elsewhere on the web. "It knows what websites you visited, how long you were there and if you made purchases, not to mention what you like and dislike based on the things you click on while on Facebook."

Advertisers love that kind of information. "Say someone is putting together upscale vacations," Dryer said. "They can go to Facebook and get an ad targeted to everyone with a college education who is older than 15, has no children and earns over $200,000 a year.

"Personal data is the new oil. It has value and people are giving it away all the time, sometimes knowingly and perhaps not."

Risk and reward

Before the internet, people "enjoyed a certain amount of practical anonymity," according to Asay. Someone would have to make more effort to get information because it was not all in one place.

Still, Asay notes, "there are plenty of arguments that privacy concerns are exaggerated. Everyone says they're concerned about privacy, but if you give them 20 cents, they tell you whatever you want. … All the information allows us to do some amazing things." His list of amazing includes creating products that better meet consumer needs and that directly target the right buyer, too.

It's a mixed bag. Data available online makes it easier to find an old friend, but it may also make stalking more simple, as critics claim. And the right data could be a tool for identity theft, among other things. Folks bent on that crime can even employ the kind of online quiz that individuals love. It's important to watch the kind of question being asked. Often, they're remarkably similar to typical security questions.

Already there

FamilyTreeNow isn't particularly special in terms of finding information. I spent 20 minutes looking up names of co-workers on various sites to get a sense of how FamilyTreeNow.com compares to others that mine and then share public information.

FamilyTreeNow couldn't figure out who my husband was but did show that two colleagues use their middle names instead of their first names. As for possible relatives — for them and for me — it batted about 75 percent, similar to lists on other sites including the online white pages, 411.com and Spokeo.

Most of the other sites I noodled names on offer a deeper dive into personal information, including phone numbers, emails and criminal background checks for a fee. The genealogy site only provided a current address, correctly some of the time.

Crafting a careful Google search turned up similar information. When I looked up a friend's husband, I hit a virtual motherlode of data by following a Google search link to another data site I'd never heard of. It provided his current address, exact birthday, marital status, Facebook, Twitter, LinkedIn and Google Plus names, a list of 10 neighbors and their addresses, as well as names, ages and addresses of several relatives. Although more information was reportedly available for a fee, I didn't have to invest a penny to get all that.

Hard to escape the past

The U.S. government has tried to control use of some types of personal information. The Health Insurance Portability and Accountability Act governs the sharing of health information, among other things, and includes patient privacy protections. The Children's Online Privacy Protection Rule is overseen by the Federal Trade Commission with an aim to protect online privacy of children under age 13. It's why kids younger than 13 are not supposed to have a Facebook account, for instance, although the behemoth online media site has no mechanism to verify age.

It's a far cry from protections created in the European Union, which has more rules governing data. "The EU views data as a commodity and says that the individual owns that commodity," Dryer said.

In the EU, unless one provides "affirmative dissent" — yes, please do keep this information — companies and databases cannot collect and use certain data. It applies to all segments of EU society and industry, said Dryer.

Europe also codified a "right to forget." America has not. Some U.S. media outlets are re-examining how to handle their story databases since the advent of search engines that pull up information quickly.

Dryer and Asay point to instances where U.S. newspapers, for example, have been asked to take down old stories. Say a former drug user who was the subject of a story has since cleaned up his life, but whenever a prospective employer searches for the person online, the old story comes up. Asay said news organizations are frequently asked to remove such stories — a controversial request.

"Even newspapers are thinking about the permanency of the internet — and an argument that one should not rewrite history," said Dryer, who noted that when he handled libel cases, "it used to be the only thing they wanted other than money was an apology. Now, more than money, they want the allegedly false story removed from online."

The story doesn't have to be wrong. People want unflattering portrayals to disappear, too. But even if a news organization complied, it doesn't mean the story won't surface, courtesy of previously mentioned data-saving efforts like caches.

That's led to the creation of another industry, Dryer said. People who call themselves "reputation managers" will try to get negative material online removed, or generate positive content so that the negative publicity is repressed. Sometimes it's a matter of creating enough good buzz that when the person's name comes up in an online search, any negative publicity is relegated to the third or fourth page of the search results. With short attention spans, most Americans don't scroll that far.

Source : http://www.deseretnews.com/article/865671757/Why-its-likely-impossible-to-restore-online-privacy.html

Categorized in Internet Privacy

The internet is much more than just the publicly available, Google-able web services most online users frequent – and that’s good for free expression. Companies frequently create private networks to enable employees to use secure corporate servers, for example. And free software allows individuals to create what are called “peer-to-peer” networks, connecting directly from one machine to another.

Unable to be indexed by current search engines, and therefore less visible to the general public, subnetworks like these are often called “darknets,” or collective as the singular “darknet.” These networks typically use software, such as Tor, that anonymizes the machines connecting to them, and encrypts the data traveling through their connections.

Some of what’s on the darknet is alarming. A 2015 story from Fox News reads:

“Perusing the darknet offers a jarring jaunt through jaw-dropping depravity: Galleries of child pornography, videos of humans having sex with animals, offers for sale of illegal drugs, weapons, stolen credit card numbers and fake identifications for sale. Even human organs reportedly from Chinese execution victims are up for sale on the darknet.”

But that’s not the whole story – nor the whole content and context of the darknet. Portraying the darknet as primarily, or even solely, for criminals ignores the societal forces that push people toward these anonymous networks. Our research into the content and activity of one major darknet, called Freenet, indicates that darknets should be understood not as a crime-ridden “Wild West,” but rather as “wilderness,” spaces that by design are meant to remain unsullied by the civilizing institutions – law enforcement, governments and corporations – that have come to dominate the internet.

There is definitely illegal activity on the darknet, as there is on the open internet. However, many of the people using the darknet have a diverse range of motives and activities, linked by a common desire to reclaim what they see as major benefits of technology: privacy and free speech.

Describing Freenet

Our research explored Freenet, an anonymous peer-to-peer network accessed via a freely downloadable application. In this type of network, there are no centralized servers storing information or transferring data. Rather, each computer that joins the network takes on some of the tasks of sharing information.

When a user installs Freenet, her computer establishes a connection to a small group of existing Freenet users. Each of these is connected in turn to other Freenet users’ computers. Through these connections, the entire contents of the network are available to any user. This design allows Freenet to be decentralized, anonymous and resistant to surveillance and censorship.

Freenet’s software requires users to donate a portion of their local hard drive space to store Freenet material. That information is automatically encrypted, so the computer’s owner does not know what files are stored or the contents of those files. Files shared on the network are stored on numerous computers, ensuring they will be accessible even if some people turn off their machines.

Joining the network

As researchers, we played the role of a novice Freenet user. The network allows many different types of interaction, including social networking sites and even the ability to build direct relationships with other users. But our goal was to understand what the network had to offer to a new user just beginning to explore the system.

There are several Freenet sites that have used web crawlers to index the network, offering a sort of directory of what is available. We visited one of these sites to download their list. From the 4,286 total sites in the index we chose, we selected a random sample of 427 sites to visit and study more closely. The sites with these indexes are a part of the Freenet network, and therefore can be accessed only by users who have downloaded the software. Standard search engines cannot be used to find sites on Freenet.

An introductory page on Freenet. Roderick Graham and Brian Pitman, CC BY-ND

Finding a ‘hacker ethic’

What we found indicated that Freenet is dominated by what scholars call a “hacker ethic.” This term encompasses a group of progressive and libertarian beliefs often espoused by hackers, which are primarily concerned with these ideals:

  • Access to information should be free;
  • Technology can, and should, improve people’s lives;
  • Bureaucracy and authority are not to be trusted;
  • A resistance to conventional and mainstream lifestyles

Some of that may be because using darknet technology often requires additional technical understanding. In addition, people with technical skills may be more likely to want to find, use and even create services that have technological protections against surveillance.

Our reading of hacking literature suggests to us that the philosophical and ideological beliefs driving darknet users are not well-known. But without this context, what we observed on Freenet would be hard to make sense of.

There were Freenet sites for sharing music, e-books and video. Many sites were focused around personal self-expression, like regular internet blogs. Others were dedicated to promoting a particular ideology. For example, socialist and libertarian content was common. Still other sites shared information from whistle-blowers or government documents, including a copy of the Wikileaks website’s data, complete with its “Afghan War Diary” of classified documents about the United States military invasion of Afghanistan following the Sept. 11, 2001 terrorist attacks.

With the hacker ethic as a guide, we can understand that most of this content is from individuals who have a deep mistrust of authority, reject gross materialism and conformity, and wish to live their digital lives free of surveillance.

What about crime?

There is criminal activity on Freenet. About a quarter of the sites we observed either delivered or linked to child pornography. This is alarming, but must be seen in the proper context. Legal and ethical limits on researchers make it very hard to measure the magnitude of pornographic activity online, and specifically child pornography.

Once we came upon a site that purported to have child pornography, we left the site immediately without investigating further. For example, we did not seek to determine whether there was just one image or an entire library or marketplace selling pornographic content. This was a good idea from the perspectives of both law and ethics, but did not allow us to gather any real data about how much pornography was actually present.

Other research suggests that the presence of child pornography is not a darknet or Freenet problem, but an internet problem. Work from the the Association for Sites Advocating Child Protection points to pervasive sharing of child pornography well beyond just Freenet or even the wider set of darknets. Evaluating the darknet should not stop just at the presence of illegal material, but should extend to its full content and context.

A pie chart shows the share of Freenet sites devoted to particular types of content. Roderick Graham and Brian Pitman, CC BY-ND

With this new information, we can look more accurately at the darknet. It contains many distinct spaces catering to a wide range of activities, from meritorious to abhorrent. In this sense, the darknet is no more dangerous than the rest of the internet. And darknet services do provide anonymity, privacy, freedom of expression and security, even in the face of a growing surveillance state.

The Conversation

The authors do not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and have disclosed no relevant affiliations beyond the academic appointment above.

Source : http://siouxcityjournal.com/opinion/columnists/far-beyond-crime-ridden-depravity-darknets-are-key-strongholds-of/article_03394871-e577-510a-82b2-e23102e327d5.html

Categorized in Deep Web
Page 2 of 3

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.

Follow Us on Social Media