An Anonymous Coward writes:
Speaking at the Decentralized Web Summit conference in San Francisco run by the Internet Archive, the engineer [Inventor of the World Wide Web, Sir Tim Berners-Lee] joined other internet notables including "father of the internet" Vint Cerf and Mozilla head Mitchell Baker in discussing how to strengthen the open internet as well as ensure its contents are retained over time."The web is already decentralized," Berners-Lee told attendees. "The problem is the dominance of one search engine, one social network, one Twitter for micro-blogging. We don't have a technology problem; we have a social problem."[...] founder of the Internet Archive, Brewster Kahle: "Edward Snowden showed we've inadvertently built the world's largest surveillance network with the web. We have the ability to change all that."The conference featured the developers of many tools that aim to retain the internet's decentralized nature, such as Blockstack, Ethereum, Interledger, IPFS and others.
Speaking at the Decentralized Web Summit conference in San Francisco run by the Internet Archive, the engineer [Inventor of the World Wide Web, Sir Tim Berners-Lee] joined other internet notables including "father of the internet" Vint Cerf and Mozilla head Mitchell Baker in discussing how to strengthen the open internet as well as ensure its contents are retained over time.
"The web is already decentralized," Berners-Lee told attendees. "The problem is the dominance of one search engine, one social network, one Twitter for micro-blogging. We don't have a technology problem; we have a social problem."
[...] founder of the Internet Archive, Brewster Kahle: "Edward Snowden showed we've inadvertently built the world's largest surveillance network with the web. We have the ability to change all that."
The conference featured the developers of many tools that aim to retain the internet's decentralized nature, such as Blockstack, Ethereum, Interledger, IPFS and others.
It's not just the World Wide Web, it's the entire internet: your phone reports on your location at all times, apps on it flush contents of your phone to the owners of the app, almost all websites do some sort of tracking (most of them using Google Analytics), e-mail providers happily hand over anything to anyone asking, and the rest is vacuumed up automatically by the NSA.
Well now - no-script is probably the single biggest thing you can do. Just stop your own computer from reporting on you. Don't allow those scripts to snoop through your brower, it's settings, plugins, fonts, etc. The importance of stopping scripts really can't be over emphasized, now can it?
Cookies. Don't accept them unless they are necessary - that is, the site won't run without cookies. But, few sites are really that necessary. Right here on Soylent, the cookie is a convenience, but it's not a necessity.
Block advertising. Pretty much all advertisements today come from a relatively small number of servers. Block those servers, and they can't track you. Block Google analytics, and Google loses much of their leverage.
Blocking Windows telemetry is becoming a big thing. Windows is phoning home, and you don't want Microsoft to know anything about you.
Don't be a part of the big social network - Facebook. I know, you just almost have to have an account. Pretty much everyone has a Facebook account, and sometimes you need to check on someone. An invalid parent maybe, the kids at home, whatever. But, FFS, don't be the damned fool who posts every minute of your day to Facebook! And, trash all those Facebook apps. Each and every app is a camera and microphone into your life, with a "developer" trying to capitalize on it.
All by itself, a VPN isn't worth much. If you're accepting cookies, allowing scripts to run, and advertisers are installing super cookies to your computer, the VPN is totally worhtless. The browser is identifying itself despite the VPN. But, if you're blocking most or all of the crap, then a VPN does have value. Use a cookie manager to clear those cookies - you can whitelist the half dozen that you deem necessary, and have the browser discard all the rest every several minutes, or at the end of a session.
Don't sign in to Google, or Yahoo, or any of those other "services" providers. Or, if you must sign in to make use of Gmail or whatever, use another browser to take care of all your other business. Once you're signed in with a browser, Google or whoever has a lot of access to your other tabs and windows. Use a different browser that shares no data with your signed-in browser.
Avoid those damned toolbars like the plague. Few of them have any redeeming value whatsoever - all of them "phone home" to someone.
Firewall settings. If you run Windows, especially if you run an aging version of Windows, you don't want ANYTHING coming in from the web, uninvited. Firewalls are not a bad idea for other OS's, but they are essential for Windows. Shut down EVERYTHING that you don't actually use. No vector, no spying, no exploit. If you never use FTP, just close port 21, you don't need it. If you don't close it, then the bad guys might use it against you.
Shut down any services you don't need. I've used Blackviper's tweaking advice since I found his site years ago. If you don't need that remote assistance service, then disable it. Don't be afraid to disable half of Windows services. If you're not real sure, disable that service, and run your computer for awhile - if you can do everything you want to do, then that service is unnecessary for YOU.
Best practices say that you never open an email attachment, unless you were expecting it and you know what it is. Don't click links in your email. You have little idea where you'll end up, and chances are there is a "drive-by" waiting to download itself.
Stay away from the porn sites - they have a long history of being exploited, then, in turn, exploiting people watching the videos.
Uninstall Flash. Better yet, uninstall all Adobe products. It's not that long ago that Adobe had more unpatched exploits running in the wild than even Microsoft had. You don't need any Adobe stuff - there are satisfactory substitutes for everything that Adobe publishes.
I guess that's nearly it. I'll think of something more after I click "submit" - but this is a good starter at least.
Last I heard, gossip and entertainment sites were a bigger malware vector than porn sites. It may have changed of course.
Last I heard, gossip and entertainment sites were a bigger malware vector than porn sites.
Wait, there are people frequenting porn sites for other reasons than (a very special form of) entertainment? Or what makes you think porn sites are not entertainment sites?
I watch porn for the dialogue.
For me it's the fabulous sets and the special effects that keep me riveted.
A nice list. I would add that Browsers (Firefox, Chrome) and have different profiles - so use them!!
I have many profiles from the ultra paranoid, to the somewhat lax, and use the browsers for specific purposes.
I find it greatly improves the user experience, for some sites that don't work properly....you can fine tune a profile.
Oh, and I ONLY use chrome to access google crap. I use chromium for other "chrome" friendly sites...
I'm a Penguinista ;-)
Well now - no-script is probably the single biggest thing you can do.
Stay away from the porn sites
One of these things is not like the others...
(going to various free porn sites with NoScript and AdBlock is perfectly safe in my experience)
It's a good list, and thank you for providing it.
I would say, run Linux and you eliminate a good chunk of what you're talking about. Second, run NoScript and UMatrix and you eliminate a good chunk of the browser-based stuff you're talking about.
The real crux of the matter is the physical network stuff you're talking about. Software is easy, download it and you're done. Hardware is harder. How do you get a server in Boston to communicate with a client in Roanoke unless your info travels through a corporate- or government-controlled line?
That's a piece of the puzzle for us citizens to solve. If we can solve it, it eliminates one of the most pernicious groups of companies who oppose our freedom, the telecoms.
But it misses the point.
All of these steps are the digital equivalent of preppers, and ultimate force the hand of escalation until you are spiking directly into a line with a food bucket and 56k modem.
There lots of different ways to do anonymity, but reducing the usefulness of a tool is assbackwards IMHO. Might as well go back to sneakernet.
Making the data worthless seems more effective long term, like if you could design a program to do random searches and visit random pages, so it becomes impossible to detect signal from noise.
Eventually tech will progress to where reliance on telecos will be less pronounced, but for this particular epoch, you might as play along with an ace up your sleeve.
TrackMeNot [nyu.edu] works for Firefox, Chrome, and at least some derivative programs like Pale Moon.
Note that random searches are a 2-edged sword. They increase the noise level, which is good. OTOH, they may sooner or later search for "anthrax kiddie porn jihad bomb", which could conceivably attract unwanted attention. Though it's more likely to be something like "our apr nov consensus divided" (the last thing my browser seems to have searched for). Random searches have the most desired effect if lots and lots of people are doing them.
Actually, that works in your favor.
For any search, if you can prove the extension was installed, you have plausible deniability.
Same works for encryption, privacy settings, etc. (a lot of people have to use them otherwise they stand out against the traffic).
Anyhoo, best practice is assume you are being tracked regardless, and work from there.
Perfect. Thank you.
Cookies. Don't accept them unless they are necessary - that is, the site won't run without cookies.
I tried this for a while, and it was a hassle. Instead, you probably want something like Tab Cookies [google.com] for Chrome, or Self-Destructing Cookies [mozilla.org] for Firefox. These extensions will accept all cookies from sites you visit, and then delete the cookies set by a given site once you no longer have that domain open in any tab. (You can whitelist certain domains so its cookies are kept, for logins you'd like to have persist.) You get all the functionality of accepting cookies on any site, and are subject to none of the long-term (cookie-based) tracking.