Tech!

[KimmieElise]

I am big into tech and online privacy.  Totally love discussing privacy issues and educating others.  Hit me up if you're interested.

[HaraSurya]

Back in about May 2020 I went from being a long-time Nexus/Pixel Android users on Google Fi to buying an iPhone SE 2020 and switching to Visible because I was tired of being tracked by Google. I also switched to Microsoft Edge and (more recently) Duck Duck Go for similar reasons.

 

Needless to say, I haven't been on Facebook or Twitter in years. Zuck can bite a big one.

[Jani]

18 hours ago, HaraSurya said:

I was tired of being tracked by Google.

I turned all that tracking off.  I was tired of being asked to review places I drove by and didn't want a timeline to be kept.  So far so good.  I have never belonged to FB.  Too invasive! 

[Jackie C.]

I tried Facebook once... it was... a dark place. Never again.

 

Hugs!

[Audrey]

I wouldn't trust Mark Zuckerberg with my dirty laundry, let alone my data. It's infuriatingly difficult to disable all the trackers and it seems there are new ones whenever there's an update to something. They're like roaches, if you have one, you have a thousand. As I always say, in the digital world, if something is "free," then *you* are the product being sold.

 

Love,

~Audrey.

[HaraSurya]

[KimmieElise]

I have actually been really shocked at what data Facebook and Google gather on us.  I don't know if you are aware, there is a setting on Android Phones which is hidden, which allows your bluetooth (even if turned) off to send data to other phones you simply walk by in a store, as a means of tracking you.  Facebook has a profile on you whether you have an account or not, because you may be mentioned in other folks accounts, and appear in the background of other people's pictures.  Facebook will use your microphone, and your camera to spy on you.  Google and Facebook aren't the only offenders either.  Here are some others:

• Microsoft and Apple both use telemetry to find out what you're doing with your device.
• Amazon uses certain privacy violations, either through its voice interaction devices or other means to target you for advertising.
• Instagram, and WhatsApp are owned by Facebook, and participate in Facebook's data gathering.
• Robinhood, which has recently come to focus in the news has been selling trading data to the hedge funds including Citadel which has a stake in the bailout of Melvin Capital.
• Zoom is full of security vulnerabilities, does not have the end-to-end encryption it claimed it has, and is strongly suspected of transcribing conversations to share with ????

Right now, Google forces install of Facebook, which can be disabled, but not removed from a phone.  Any phone with Google services on them, even when "turned off" is at risk for privacy invasion.

 

I am encouraging people to take steps to take back their dignity and privacy.  It is getting to the point there are viable alternatives to a lot of these companies' products, which don't compromise our privacy.  For example, Duck Duck Go is a search engine which doesn't collect your information.  MeWe is a fairly good alternative to Facebook and you have a lot more direct control of what you see and don't see.  I am personally on a number of alternative social media platforms.

 

I am in the process of deleting everything I've ever put on Facebook in advance of deleting my account.  As soon as I am able I am going to either buy a Linux or "De-Googled" phone (all of Google Services removed from Android), and I have already taken some more technical steps to guard myself and obfuscate my identity online.  For those that will understand this, these steps include:

 

• Running Linux currently in a virtualized environment to block a certain amount of Windows telemetry.  I am posting this on a virtualized Manjaro Linux install using VMWare Player Workstation 16.  Eventually, I will be switching to Linux full time.
• Using a VPN to disassociate my IP address from my location.  I sometimes run TOR as an alternate.  I also use a VPN to connect my wifi devices to my router.  My wifi VPN is Wireguard installed on my OpenWRT router.
• Running browser finger print privacy web browsers such as Brave when interacting with Facebook, Google, or any other Big Tech Platform, and interacting only with those platforms on Brave to conceal my browsing history.
• Using a DNS filtering server to prevent certain apps and things from completing requests for IP address, such as watson.microsoft.com which is Windows telemetry.  This also has the benefit of filtering about 98% of ads.  I am currently using a Raspberry Pi computer running PiHole for this purpose.
• I use Libre Office for office software.
• I use Jitsi rather than Zoom for online meetings whenever possible.
• I use ProtonMail rather than say Gmail or other Big Tech mail services.
• I occasionally, especially in big crowds, use a Faraday bag to isolate my phone, which not even turning off a phone will do as effectively.

A lot of that may not mean much to some of you, and that is totally fine.  That was for more for the tech savvy people.

 

For me this is everything about having dignity.  I shouldn't have to open my entire life up to someone just so I can keep in touch with friends, write a letter, or send an email.  It isn't like I have anything to hide either.  I just can't see any valid reason anyone needs to know as much about me as these Big Tech companies do.  I am also not going to be complicit in Big Tech's information gathering on other people, by allowing them to use my phone to track others.

 

 

[HaraSurya]

I have no issue with "how does a user operate the device" and "performance issues" type of telemetry. I've studied UI design and that's a goldmine of useful data when designing them and Microsoft has come out and said how useful telemetry is for fixing corner-case stability issues. That's not getting into how it can be used for improving security, which is another major aspect of telemetry. I'm fine with that kind of data collection because its relatively benign.

 

The problem I have is "track every breath I take and what my farts smell like to shovel ads down my throat." Because, frankly, the ads they serve are total garbage and you know they're doing a lot more with that info than just advertising. (Seriously, I once looked up a lawnmower on Lowes.com and I got lawnmower ads for three months.)

[KimmieElise]

16 hours ago, HaraSurya said:

The problem I have is "track every breath I take and what my farts smell like to shovel ads down my throat." Because, frankly, the ads they serve are total garbage and you know they're doing a lot more with that info than just advertising. (Seriously, I once looked up a lawnmower on Lowes.com and I got lawnmower ads for three months.)

 

Granted, some telemetry is acceptable in some situations.  My objections are more regarding the fact Microsoft wants to know the details of every search I make, and more, based on Terms of Service they can change and I can't.  There is no reason for them to know as much as they do about us.

[tracy_j]

One of my main gripes over this kind of thing is that all this telemetry is sapping away all my computing power on other people's whims and fancies.

I have also noticed that the demand for accepting cookies and things has increased considerable in recent months. That may have been due to Brexit and no longer membership of the EU here but, as I have non-storage of cookies it gets very opressive. I now avoid some sites completely.

As a matter of interest - Does anyone know of a real time cookie monitor that can keep track and show current cookie storage on my computer? - Update: I just found one called 'WebCookiesSniffer'. I may have a look when I get chance.

 

Tracy

[KimmieElise]

1 hour ago, tracy_j said:

One of my main gripes over this kind of thing is that all this telemetry is sapping away all my computing power on other people's whims and fancies.

I have also noticed that the demand for accepting cookies and things has increased considerable in recent months. That may have been due to Brexit and no longer membership of the EU here but, as I have non-storage of cookies it gets very opressive. I now avoid some sites completely.

As a matter of interest - Does anyone know of a real time cookie monitor that can keep track and show current cookie storage on my computer? - Update: I just found one called 'WebCookiesSniffer'. I may have a look when I get chance.

 

Tracy

Some cookies and the like are necessary and actually helpful.  I think there is a requirement in the new EU privacy standards which requires sites to ask permission to use cookies which has lead to the increase of visible requests to use cookies.  Cookies haven't really increased, only the requests for permission.

 

I can almost promise you Transpulse uses cookies.   This is because the of the layers of technology behind making a site like this work, and the fact the base technology just sees requests to interact with the site's server and responds to them.  The base technology (probably Apache or Nginx) don't really care what you asked for last time or who's asking.  It isn't until you start adding a scripting language like PHP and trying to create a different experience based on whether they are logged in or not, and what permission levels they have, are cookies necessary.  Generally, a site like Transpulse or just about any forum or social media site keeps track of your status in the above regard by placing what is called a session cookie in your browser.  The  session cookie contains probably a lengthy, randomly generated ID number which the scripts read each time you look at a different topic or do something different and the site reloads in your web browser.  The ID is compared to data stored on the server, and the scripts basically say, "Oh this person is 'a345f2894ec2145677ffa23172b34c12' and looking up their current status, they are logged in, their permissions are 'registered user level,' and their log in expires in 1 hour if they don't do anything on  the site between now and then."

 

Cookies are only a backup for Big Tech.  Certain information can be gathered about you just by what your browser tells a website about itself when it makes contact.  The browser will report the operating system you're using (including version numbers), your public IP address, what browser and version you are using, certain basic information about add-ons.  In addition, scripts sent to your browser can send back things like your screen resolution and a number of other things which collectively create a unique fingerprint you can be identified by as you move from site to site.  This is why I generally recommend using a separate browser for interacting with Google and all its derivatives (Youtube, etc), Facebook and all of its derivatives (although I think facebook ought to be completely removed from people's lives), Twitter (Ugh, wouldn't touch it with a 49.5' pole), Microsoft, LinkedIn, Zoom, and a few others.   I personally use Brave, which is a Chromium-based browser (which Chrome is also Chromium-based but serves Google's interests).  Brave messes up the browser signature by altering certain data reported to web sites every time you start the browser.  This keeps Big Tech from easily identifying you in a way that is associated with your browser.

 

Most browsers have the ability to clear data (history, cached pages, and cookies) periodically and automatically.  Almost all my browsers clear this data when I close the browser.  The browser I use for interacting with Transpulse and a number of others forums and social media sites is actually on a virtualized Linux computer I can simply "suspend" when I want to shut down.  Suspension causes the virtualization software to take a picture of the state of every thing when I suspend, and then returns everything back to its state when I restart it.  This means all my open websites are there on my browser.  If I am writing something on Libre Writer (pretty much MS Word), it is preserved to the key stroke.

 

The big concern with cookies comes when third-party items are brought into a web pages (something I am happy to report doesn't seem to be happening here on Transpulse).  Some advertisements download with a webpage.  These advertisements pass off a little script ("program") that is run by your web browser.  Since this advertisement is drawing information from a different server than the web site you are viewing, they can put their own cookies on your computer to log your having viewed their ad and where.  Other scripts report back invisibly to third party web analytics services which serve web admins in determining how their site is being used, and proof of traffic to sell advertisements to third parties.  Google Analytics is probably the biggest of these services.  These analytics services put their cookie on your web browser every time you visit a site where they are being used.  They can read back a browsing history of their sites by reading all their cookies (because browser won't allow them to read other people's cookies).  Google Analytics is almost everywhere.

 

Of course, to completely anonymize yourself on the web, it take more than changing up  your browsers.  It takes obscuring your IP address through using proxies, TOR or VPNs, and a few other steps, but using different browsers for different things is a good start.

 

Keep in mind being anonymous is a totally defensive game, however, and winning against Big Tech means taking down their algorithms which allow them to sell targeted advertising, which is their income (you are the merchandise btw).  This means actively feeding them disinformation to dilute the results and confuse the Artificial Intelligence.  If you normally look at CNN, go to Fox or Glenn Beck or something.  You don't have to read a dang word of the sites you visit.  The idea is to feed the AI contradictory information.  If you  like fishing, and don't like true crime stories, go to a true crime website.  If you are uninterested in Rap music, go to a few rap music sites.  Being creative, random, and unpredictable will mess with the AI, and if enough of us do this the AI will be useless.  Being Libertarian, I like this solution as it is populist, legal, and completely non-violent.  Win-Win for us.  This won't completely kill Big Tech, but bring it down to size and allow smaller, up-coming platforms a chance in the market.  I like that as well.

 

As to sapping your computing power, I highly recommend using a DNS filter, like OpenDNS's services.  This post is already a small book, so I will keep this brief.  A DNS filter will prevent your computer from being in touch with known advertisers, analytics sites, and telemetry sites.  If implemented correctly, this will have the net effect of a lot less communication with third-parties, and a lot less downloaded scripts to your browser which means less drag on your system.  The best part is your computer thinks its trying to connect with these sites, but is being told, "Yeah, I can't find that site out there.  It doesn't seem to exist."

[LaurenA]

Of course to be totally anonymous all you have to do is stay off of the Internet 

[tracy_j]

Interesting reading @KimmieElise. I don't know the full detail of this site as I am not technically involved but know it is not agressive. There is probably some small cookie use as, when logging on, it asks whether to remember me which would presumably have to be stored in a cookie. @Petra Jane may know more here.  It asks me every time as I delete history on exit. I do tend to use different browsers and close and re-open browsers between different sites to clear the cookies as I have wondered about linkups between them. This does keep hassles to a minimum. To an extent I do share things about too as I have a Linux machine which I use for more technical things. The biggest prompt there was Microsoft. I probably don't have to give details, but am finding it a refreshing change although I am glad I am technical enough to get my hands dirty in the system at times. Although some people do setup for dual boot, Linux or Windows, I am finding it better to totally seperate them, but must admit I do have seperate computers, so can contrast, compare and use either sytem to their advantage. I do more involved things though with interfacing and some lower level programming. My partner uses our old desktop which now has Linux Mint and has had little issue with the change from Windows but she only tends to use it for web browsing, YouTube and TV catchup channels. Hotbeds of advertising but, by and large, isolated to that computer.

 

A point on your mention of dis-information too. I looked back and it does not seem like I read it here but, I have recently read an article somewhere that data mining companies do run AI software to discriminate between genuine and spoof users. Wherever it was, there were interesting insights into just how successful this can be. There appears to be a constant battle going on in the background with some people really pushing back, as well as the more powerful automated software probing all it can. From a statistical standpoint, it is probably difficult for the average user to significantly fool the AI, and it is well designed to counter most automated attempts which often give somewhat random inputs which (not remembering exactly how they counter it) probably appear more as noise / statistical fluctuations.

 

Tracy

[Petra Jane]

Yes, the site does use cookies, purely to allow you to remain logged in from visit to visit.

 

If you don't want to retain your cookies and are happy to log in every time you visit, set your browser to clear your cache/cookies whatever when you exit said browser.

 

Here's a link to our Privacy Policy for those interested.

 

 

[KimmieElise]

17 hours ago, Petra Jane said:

Yes, the site does use cookies, purely to allow you to remain logged in from visit to visit.

 

If you don't want to retain your cookies and are happy to log in every time you visit, set your browser to clear your cache/cookies whatever when you exit said browser.

 

Here's a link to our Privacy Policy for those interested.

 

 

I personally have no issue with Transpulse's cookies.  I am curious about something regarding the expiration dates, but that can be for a DM discussion.  What is most important to me is there are no third-party tracking cookies on Transpulse.  

[KimmieElise]

Progress Report:

 

I am near to being Big Tech Free, which is a goal I set for myself this year.  I am sharing this because this isn't that hard for the a reasonably computer-literate person to achieve with a bit of education.  If you don't like Big Tech all up in your business, then these are some steps you can take.

 

Here are some of the things I've done to become Big Tech Free:

• I bought a laptop which was Linux friendly.  I am running Ubuntu Linux with the Mate desktop.  Linux is entirely Open-Source, which means anyone can read the source-code and see whether or not it is spying on you.  Ubuntu is also part of the Debian Linux family of Linux, which is super secure.
• I use different browsers for different things, so browsers can only see the cookies and cache for their sites.  If you use a Google service (like Youtube), I use Google Chrome, and Chrome is used for nothing else.  Firefox is for Amazon.  I use Brave for banking.  VIvaldi is my main browser with certain cookies blocked.  I am not quite done with facebook, but I use Opera for facebook and nothing else. I am deleting facebook soon.  I don't use facebook properties WhatsApp and Instagram.
• I have a phone with a de-Googled Android.  This means all the Google Apps have been removed, and securities have been put in place to maintain integrity of security.  Apps are drawn from Fdroid which is an Open Source app store, and Aurora.
• I use a VPN and TOR for internet connections.  VPN encrypts all data in and out of your computer or device to a server somewhere in the world (there are servers all over), and then the server interacts with websites on you behalf to obscure you IP address.  TOR stands for The Onion Router is a way to bounce through three servers to get to websites, and no server is fully aware of the whole path internet requests are being routed through.  IP addresses can be geo-located, so using VPNs and TOR I keep websites from knowing where I am.
• I use Jitsi for video conferencing if possible.  If I have to use Zoom, I create a virtual machine to run Zoom on.  I delete that machine when the Zoom call is over.  Zoom is horrible.  Virtual machines are surprisingly easy to create and use.  VMWare Workstation Player is free, works on all major platforms, and runs in a window.  You can basically run an isolated computer environment on your computer and switch between them.  The native operating system cannot see what is happening in the VM and the VM cannot see what is happening in the native operating system.
• I have replaced using Facebook Messenger with Signal. Signal is end-to-end encrypted, and Open-Source.
• For email, I  use Protonmail out of Switzerland.  A basic account is free.  I pay for enhanced features for my business, and to have multiple users.  Protonmail is encrypted from me to Protonmail's servers and stored encrypted on their servers.  Each customer has their own encryption keys which not even Protonmail knows.  The data is unecrypted for outside users, but remains encrypted end-to-end with other Protonmail users.  If I want end-to-end encryption for non-Protonmail users I can send the intended recipient a password to allow un-encryption on their end.  This works because of what is called asynchronous encryption.

I have a few things to do yet to complete the move to privacy online.  I need to get rid of facebook for good, and start feeding some sites disinformation on myself.  I want to find ways to automate that to some extent.