With both governments and corporate entities trampling over the privacy rights of people throughout much of the world, choosing the right privacy tools is now more important than ever.
Why should you be using privacy tools in the digital age?
Let us answer this question by examining a few trends:
- Global surveillance – mass surveillance technology continues to strengthen and expand around the world – particularly in the United States, United Kingdom, Australia, and other Western countries. (See also the Five Eyes, Nine Eyes & 14 Eyes surveillance alliances.) This trend continues on, regardless of which political party is in office.
- ISP Spying – Internet providers often record connection times, metadata, and DNS requests, which gives them every website you visit (unless you’re using a good VPN). In many countries, this is not only legal, but required. See for example in the United Kingdom (with the Investigatory Powers Act), United States (Senate Joint Resolution 34), and now also in Australia (mandatory data retention). A VPN is now essential protection against your internet provider if you want to retain a basic level of online privacy.
- Censorship – The internet is also becoming less free due to censorship efforts and content blocking. Whether it is China, Germany, or the United Kingdom, authorities are working hard to censor content online. This is particularly the case in Europe. The UK is now considering 15 year jail sentences for people who view “offensive” websites.
- Malicious ads & tracking – Websites are increasingly hosting invasive advertisements that also function as tracking. Pop-ups and dangerous “click-bait” ads can also deliver malware and take your device over for ransom (ransomware). Malicious ads, which are delivered through third party ad networks, can even be hosted on major websites.
While the trends are alarming, there are relatively simple solutions to restore both your privacy and security.
But before we begin, one key consideration is your threat model. How much privacy and security do you need given your unique situation and the adversaries you may face?
Many people, such as every day internet surfers, are seeking protection against advanced tracking online through advertising networks as well as a higher level of online anonymity and security. Others, such as investigative journalists working with sensitive information, would likely opt for an even higher level of protection.
Here are some privacy and security tools to get you started.
Privacy Tools
Secure and privacy-friendly browser
Everyone needs to be using a secure and privacy-friendly browser for three important reasons:
- Browsers have a large attack surface and can be compromised in many ways.
- By default, most browser will contain lots of private information, including your browsing history, usernames, passwords, and autofill information, such as your name, address, etc.
- Browsers can reveal lots of identifying information about your location, system settings, hardware, and much more, which can be used to identify you through browser fingerprinting.
Secure Browsers: Based on my own tests and experience, here are the eight most secure browsers that will keep your data safe:
- Firefox (modified) – Firefox is a great browser for both privacy and security after doing some modifications. It is highly customizable to give you the level of security and privacy you desire, while also being compatible with many browser extensions. See my guide on how to modify Firefox for more privacy.
- Iridium – Iridium is a Chromium-based browser configured for privacy, with the source code published on Github. It might be a good option if you need a Chromium browser (don’t use Chrome).
- Gnu IceCat – GNU IceCat is another fork of Firefox, created by the people at the GNU free software project. IceCat meets the definition of “free software” and it also includes some privacy add-ons and tweaks by default.
- Tor browser – The Tor browser is hardened version of Firefox that also utilizes the Tor network by default (but this can be disabled). It should be noted that Tor was created by the US military and continues to be funded by the US government today. (See the in-depth Tor guide for more details.)
- Ungoogled Chromium – As the name suggests, Ungoogled Chromium is a stripped-down Chromium browser that has been “Ungoogled” for more privacy. Source code is here.
- Waterfox – Waterfox is a fork of Firefox, with telemetry and other items stripped out to give users more privacy. Among the different Firefox forks, it is one of the most popular.
- Brave – Brave is a chromium-based browser that is very privacy-focused right out of the box, unlike Firefox, which requires some customization. By default, it will block ads and trackers, and it’s also customizable, fast, and has built-in protection against browser fingerprinting.
- Pale Moon – Like Waterfox, Pale Moon is also a fork of Firefox. Although Pale Moon is customizable, it also feels a bit dated and runs on the Goanna engine (a fork of Firefox’s Gecko).
Of course, there are many browsers on the market and choosing the best one all comes down to your own needs and tastes. Chrome, Opera, Safari, and Vivaldi also get some attention, but they’re not the best choices from a privacy standpoint.
Browser add-ons worth considering – As discussed in the Firefox privacy guide, here are a few good browser add-ons that may be worth considering:
- uBlock Origin – A powerful blocker for advertisements and tracking.
- HTTPS Everywhere – This forces an HTTPS connection with the sites you visit.
- Decentraleyes – Protects against third-party tracking via content delivery networks (CDNs).
- Cookie AutoDelete – Deletes those unwanted tracking cookies.
- Privacy Badger – Another add-on from the Electronic Frontier Foundation, Privacy Badger blocks spying ads and trackers.
- uMatrix – While this may be overkill for many users, this powerful add-on gives you control over requests that may be tracking you on various websites.
- NoScript – This is a script blocker that allows you to control which scripts run on the sites you visit.
Worth mentioning: Don’t use a browser-based password manager, which will store your usernames and passwords in plaintext, thereby leaving them vulnerable to exploitation (discussed more below).
Virtual Private Network (VPN)
Using a good VPN (virtual private network) is one of the simplest and most effective ways to protect your privacy, secure your devices, and also access blocked/censored content online. A VPN is a critical tool with a growing number of cybersecurity threats, particularly targeted hacking of public WiFi users.
VPNs can range in price from $3.49 per month (NordVPN) up to $6.67 per month (ExpressVPN), and in some cases even more. When you purchase a VPN subscription you will be able to use the VPN on various operating systems and devices, from computers and tablets to phones and routers.
After testing and researching dozens of different VPN providers, here are what I consider to be the best VPN services (all based in privacy-friendly jurisdictions):
$6.67
(49% discount)
(30 day refund)
Review
(ExpressVPN)
€8.95
(7 day refund)
Review
(Perfect Privacy)
$3.49
(70% discount)
(30 day refund)
Review
(NordVPN)
$2.99
(7 day refund)
Review
(VPNArea)
$3.75
(7 day refund)
Review
(VPN.ac)
Keep in mind, the “best VPN” will likely vary for each person depending on your own unique needs and circumstances. And if you are new to VPNs, see my guide explaining everything you can do with a VPN.
Advertisement, tracking, and malware blocker
A good ad blocker is essential for privacy and security reasons. From a privacy perspective, it’s important to block ads because they also function as tracking by recording your online activity to create an intimate user profile, which is used for targeted ads. Ads are also risky from a security perspective because they are often malicious and can infect your device when a web page loads – no clicks required.
Effectively blocking all ads is the only way to go. Here are a few different options from the ad blocker guide:
- Browser ad blocker extensions – Browser-based ad blocker extensions, such as uBlock Origin are quite popular, but they also come with some tradeoffs. Online ads may still be using up resources and tracking you, even if the ads are not being displayed. Choose your ad blocker carefully – some ad blockers, such as Ghostery and Adblock Plus will collect user data for profit and/or show you “approved” ads.
- Ad blocker apps – A dedicated app will most likely do a very good job blocking ads on your device. One popular and well-regarded option is AdGuard.
- VPN ad blocker – Another option is to use a VPN that offers an ad blocking feature (VPN ad blocker). I tested various options for the VPN ad blocker guide and found Perfect Privacy to perform the best.
- Ad blocking on a router – Ad blocking on a router can be accomplished various ways – from using ad blocking DNS to loading custom filter lists onto your router.
- Pi-hole – Pi-hole is a network-wide ad blocker that functions as a DNS server and can be deployed in various ways. It is most often used on a Raspberry Pi, connected to your home router (but there are many other different setup options).
The best ad blocking setup will depend on your situation and needs. If you have numerous devices you use at home, setting up a network-wide ad blocker would be a good solution for blanket protection. uBlock Origin remains a popular option for browser-based ad blockers. I find Perfect Privacy’s TrackStop filters to also work the best.
Password manager
The topic of passwords is actually quite large, encompassing password strength, password management, and password storage. In this section we’ll focus on password management and storage. Many people store passwords in the web browser, but this is risky because your passwords could be hacked by third parties, since they are stored in cleartext. Instead, you would be better off using a dedicated password manager.
Here are the best password managers:
- KeePass – KeePass is a free, open source password manager that stores all passwords locally, which are secured with a master key or key file. I like KeePass because it can still be used with different browsers through official extensions or plugins, and it works will with Firefox (see Kee).
- LessPass – LessPass is also a free and open source password manager that generates unique and secure passwords for you. LessPass can be used through browser extensions, see their site for more details.
- Bitwarden – Bitwarden is another great open source password manager that is secure and easy to use. Bitwarden supports all major operating systems and browsers.
Secure messaging apps
Secure messaging apps are a great alternative to email, which has numerous inherent flaws and vulnerabilities. The secure messaging apps below utilize strong encryption standards and work well for teams or individual use on various operating systems and devices.
Private search engine
The big search engines (Google, Yahoo, Bing) record and track your searches, which helps them to build a user profile for their advertising partners. Consider these alternatives instead:
- Searx – A very privacy-friendly and versatile metasearch engine.
- Qwant – A private search engine based in France.
- DuckDuckGo – DDG is a privacy-friendly Google alternative that doesn’t utilize tracking or targeted ads. They also have a zero-sharing policy with other features, but they do record search terms.
- Swisscows – A Switzerland-base private search engine with zero tracking.
- Metager – A private search engine based in Germany.
For more information, see the guide on private search engines.
Private Email
Many of the popular email providers, such as Gmail, Yahoo, and iCloud are not good choices when it comes to privacy. Would you want random people having full access to your emails, collecting data to for targeted ads, or passing the information on to third parties? If the answer to any of those questions is no, then you need to look for a private and secure email provider.
Here are some of the best private email services:
Email Service
Storage
Price/mo.
Website
20 GB+
€1.00
(Free to 1 GB)
Up to 20 GB
€2.50
(Free to 500 MB)
Up to 20 GB
€1.00
Up to 20 GB
$5.00
Up to 25 GB
$1.66
50 GB+
€1.00
4 GB+
$4.00
(Free 1 week trial)
2 GB+
€4.41
Up to 20 GB
€4.00
(Free to 500 MB)
Up to 100 GB
$1.95
Secure/encrypted router (with a VPN)
If you’re looking for a relatively simple way to secure your entire home network and all devices, a VPN on a router is an excellent option. A good VPN router will:
- extend the benefits of a VPN to all your devices without installing software
- protect your data from third-party snooping, such as from your internet provider
- secure your home network against attacks, hacking, and spying
- unlock the entire internet, allowing you to get around geographic restrictions, blocks, and censorship
The only brand that currently offers a large selection VPN-enabled routers is Asus. The default Asus firmware, which is called ASUSWRT, supports OpenVPN, PPTP, and L2TP, right out of the box (no flashing required).
When choosing a router, the biggest consideration is processing power (CPU). Running a VPN on a router is a very CPU-intensive task requiring the router to process lots of encrypted data. For these reasons, it’s typically good to go with a router that’s at least 800 Mhz or more.
For an in-depth overview of all the different VPN router options, see this VPN router guide.
Firewall and Network Monitor
Using a third-party firewall and network monitor is a good way to see what connections are being made by various apps in the background on your operating system. These apps can affect your privacy when they “phone home” to send third parties various data from your operating system. With Windows and Mac OS, for example, there are many applications that are connecting to various servers and sending data.
Here are a few good options worth considering:
GlassWire – GlassWire describes itself as a “network monitor & security tool with a built in firewall.” GlassWire offers a free Android app and a paid Windows app. The GlassWire Android app is purely a network monitor with no blocking features. However, the Windows app offers more features and full blocking capability.
Little Snitch – Similar to GlassWire, Little Snitch also gives you the ability to monitor all connections going through your Firewall. Little Snitch is only available for Mac OS, but it provides many different features and blocking options. It also has a feature to show you the geographic location different apps are connecting to. Check out Little Snitch here.
Operating system
Consider using the free and open source Linux operating system. There are many different versions of the Linux operating system designed for different types of users:
- If you want the look and feel of Mac OS or Windows, check out Elementary OS.
- Ubuntu and Mint are two other popular options.
Tails is another privacy-focused operating system that can be run live on a USB drive, CD, or SD card.
Problems with Windows and Mac OS
Windows – The latest version of Windows (Windows 10) is a platform built for total surveillance – giving corporations and governments complete access to everything you do on your machine. Aside from data collection concerns, most malware targets Windows users – another serious drawback and security risk.
Mac OS – While Apple may be slightly better in terms of privacy, it too has problems. Just like Microsoft, Apple has configured its operating systems to collect vast amounts of your private data, whether it is browsing history through Safari, connection data, location services, and more.
Antivirus software
While not necessarily a “privacy” tool, using good antivirus software is a necessary and critical step. After all, privacy is meaningless without security. The problem, however, is that many antivirus solutions abuse your privacy and may come with some invasive and “unwanted” additions.
Just like with sketchy free VPN services, free antivirus software can also be problematic. In testing eight popular free antivirus suites, Emsisoft discovered that seven of them were bundled with PUPs (potentially unwanted programs), which can be harmful and very annoying. Tip: avoid free antivirus software!
Another major issue is privacy. Many popular antivirus suites utilize invasive data collection, to include browsing history, “suspicious” files, metadata, and more. Carefully read through the privacy policy of your antivirus before installing.
Although Restore Privacy does not devote much attention to antivirus software, one solution that offers the highest levels of security (excellent ratings) while also respecting user privacy is Emsisoft. Another potentially good option, which is entirely FOSS, is Clam AV.
See also the antivirus privacy guide.
Restore your privacy
That’s all for now, although this guide will continue to be updated with more privacy tools and information.
Comments?
If you have any feedback, tips, or suggestions based on privacy and security tools you are using, feel free to drop a comment below!
US federal grand jury has indicted four members of China’s military on charges of hacking Equifax to exploit the personal data of 150 million Americans.
According the indictment, the four defendants conspired to hack into Equifax’s computer networks, maintain unauthorized access to those computers, and steal sensitive, personally identifiable information of nearly half of all American citizens
Lawmakers and regulators failure in the U.S. government to safeguard the personal data of Americans has placed American consumers at risk.
Today our country is facing cyberattacks from foreign adversaries and it is the personal data stored by companies that is the target.
When these companies engage in lax security practices or freely disclose consumer data without consent, they are placing not only consumers, but also our nation at risk.
There is a call for passage of the Online Privacy Act, H.R. 4978, and the creation of a U.S. data protection agency. Find out more here.
https://lofgren.house.gov/media/press-releases/eshoo-lofgren-introduce-online-privacy-act
Sven,
Regarding your Little Snitch paragraph only being available for MAC OS.
There is now an Open Source equivalent port for Linux called Opensnitch, see github
https://github.com/evilsocket/opensnitch
https://itsfoss.com/opensnitch-firewall-linux/
Does take some effort in the Command line to install but well worth it.
I have Opensnitch running on Linux Mint 19.3.
Very cool, thanks for sharing! I’ll include it with the next update.
Hi,
I have been reading your blog for only a few weeks and Thank you! for doing what you do. Do you have any recommendations for free software that mimics MSFT Office?
Yep, check out LibreOffice. Another option is OpenOffice.
Use this for my NPO. LOVE IT! There is a learning curve and it is a little like the original Word, but it is amazing.
Little things are bad but that is personal. One thing that bothers me is in the outline, the point III has a larger margin than others.
LibreOffice that is.
Hi J.M.
I was looking at software cleaners and followed some telemetry topics. Seen this-
LibreOffice has it’s telemetry disabled by default currently, but is able to submit telemetry data to The Document Foundation when set up to do so. DON’T know if that’s on M$ side of the OS it taps into or it’s own thingy.
Something could change this setting in an update and could be possibly turned on – true?
Anti-Beacon was the product to allow users to unset it from within it’s user interface. Anti-Beacon Plus even addresses telemetry of popular browsers and some pre-installed manufacturer software.
[https://www.safer-networking.org/products/spybot-anti-beacon/]
Thought I’ll throw this out and the other ‘larger margin’.
[https://ask.libreoffice.org/en/question/10973/permanently-set-default-page-style/]
Peace 4 the planet ; )
@HardSell,
Sorry, just saw the reply. If you catch this, thanks for the info.
Hope you’re doing well.
Hi,
why don’t you do a review about privacy aspect of office softwares such as OnlyOffice, Softmaker Office, WPS Office, Google Docs?
it would be great.
Alan,
I would run, fast and far, from Google Docs.
I use Libre office and Apache Open Office may get a personal test run, I am not sure.
I heard rumor that Proton Technologies (Protonmail and VPN) is planning on ProtonDocs.
I will wait to see on that. But it could open some new doors.
Waterfox browser may not be in development anymore.
I use Palemoon, but didn’t know it was better for privacy. Can you elaborate on this? And also, you might want to have a look at PL’s add on list ( they are continuing with supporting the ones made using old software, XUL, I think) and recommend which can be used to enhance privacy on PL.
> Waterfox browser may not be in development anymore.
Any sources on this?
Of course it’s in development. What are you talking about?
Sven,
Though we’d see and as well a readers replies abilities over the stated idea below, to throw up this part again.
Taken from the link – see the following thoughts in full.
https://restoreprivacy.com/privacy-tools/#comment-64434
Recap:
[As basically a new means of supporting this site’s contents for everyone.
Importantly – you don’t have to check and moderate this separate RP members support site as much for spam, bots, shrills posts as these support members are cleared in most of the checks you’d make against them on the backend.
Well being as registered RP support members and have a good standing, their posting reputations, {maybe a Pin you’d assign} you’d know them safer.
Help me out people – what’s your thoughts here.
Thumbs up or not ?
> Sven Taylor says JANUARY 2, 2020
Not a bad idea, Hard Sell.
Some have suggested setting up a forum or a ‘RestorePrivacy’ subreddit, but I don’t care for reddit too much.
I’m still looking at different options. Thanks for the suggestions!]
_
This class of readers in your site could be called Ambassadors.
That help you advocate for privacy – hence privacy ambassadors in support of the main site’s contents w/ account perks.
I’m out of any more replys to this so don’t direct to me.
@@@ what are OTHER READERS thoughts of this and maybe any of their ideas – directions to see the site’s development of a strong support foundation in the roaring digital 20’s.
Thanks all
Anyone outside California know about this-
The new law — the California Consumer Privacy Act, A.B. 375 — affords California residents an array of new rights, starting with the right to be informed about what kinds of personal data companies have collected and why it was collected.
The law notably establishes a broad definition of “personal information,” drawing in categories of data including a consumer’s personal identifiers, geolocation, biometric data, internet browsing history, psychometric data, and inferences a company might make about the consumer.
Perhaps, firms are contending with the law’s requirements could threaten established business models throughout the digital sector. For instance, companies that generate revenue from targeted advertising over internet platforms — such as Facebook, Twitter, and Google — must, as the law is currently written, allow California residents to delete their data or bring it with them to alternative service providers.
These measures might significantly cut into the profits these firms currently enjoy, or force adjustments to their revenue-growth strategies.
https://hbr.org/2018/07/what-you-need-to-know-about-californias-new-data-privacy-law
California Raises the Bar on Data Security and Privacy
https://corporate.findlaw.com/law-library/california-raises-the-bar-on-data-security-and-privacy.html
California has lead the nation in matters like these before, and the nation followed suite some time later.
Man I hope it’s sooner than later now as it officially 2020.
Dear Sven & family – site crew and it’s readers,
May your New Year be totally blessed and secure as you go through the yearly cycle of life once more.
Thank you very much for a sane site in helping people to understand a private digital hygienic’s and/ for calming /boosting their sanity by being plugging into the intrusive eye’s of the world web matrix’s.
As well the platform here to interact with other readers of the world over gaining /sharing in different insights.
As we grow older – the Internet grows as a life’s necessity staple for business and Governments connected by commerce (or war/terrorism), and now advancing to eCommerce / legal authority treaty’s /etc in relations being digitally involved.
Weathering the ages then, will the internet have us all, leg ironed to it (monitored), able to even exist as a monetary unit in an aging and populous growth system, stemmed by a digital world and economics ecosystem.
The Internet – – is a loaded GUN and your site I believe helps your readers realize how big it’s load can spread as we read of the casualties. (Toll exacted)
~ ~ ~ ~ ! ~ ~ ~ ~
Allow me to reflect-
The thing with age and time as your path in life slows you down to a retirements faze, everything else speeds past so much faster as it seems! Time doesn’t really change but the value of it in your life does,
because of our maturing perspective to TIME and as it becomes short for life itself. These changes witnessed as we age throughout the stages of life itself.
The internet cheats us out of time – not in giving us more of it, think about US life in the 40’s-70’s of the personal time one did have – to today’s life style.
Yes an hour can seem like a lifetime at times, when your schedule pulls you in many directions in the prime seat of your life.
I’d just ask you to remember back, hearing the many times as a youth = your not old enough, or wait till your as old as your brother/sister.
Then with reaching an age to sports, scouts, driving, graduating school, and voting…
All being age confinements govern by time – to an youth’s aptitude/cognition as in the responsibility and appropriateness levels for a hands on experience in a REAL WORLD reality to the conditions it present.
Where’s the mental health value for today society’s youth to land, when these age related hands on staged life event values of real life lessons to be learnt.
All as being stripped away with ability in simulations to alter life values in their youthful perspective to their real life – as to what’s known by them.
By their changing reality as it’s known by them with virtual augmented and mixed environments way before even having reached a maturation to weighing it all out in known differences.
That a parents govern authority also stands to verify in the youths real hands on perspective of and to life.
But most parents see the internet as a baby setter for their youth today, and miss out on the harm factor it presents mentally/socially for the young and growing.
Aren’t we in fact seeing more and more mental health issues air today which has connections back to the digital age and internet? Films and games are right up there too. Those supposedly have age rating limits – do they work?
Then, as one person can have millions+ of people following or hedged with every post they make now – delivering one a sided view, thought, idea being echoed X’s times the following.
As the internet’s reach and ability to spread any word is to fast as in the “soap pods” challenge we seen this past year.
At that kind of thing – in my day, was trapped at the local level in such a challenge – not going out worldwide everywhere.
Further, that kind of harm and alarm would of reached out much slower just some 10-25 years ago.
Today it’s in almost every last neighborhood as soon as known – that’s harmed by the web, for lack of insights and the young users ability to accept their responsibility for the faceless victims that the internet reach harms and is harmed by for mere prank-sport-evil as being a bored youth.
To me it’s also stripping away the imagination and creativeness of any hands-on learnt abilities in today’s youth… The internet as offered – is a one size fits all mode relying on parents to govern their youths, while taking or making it all a much harder task in process to accomplish for parents that care to raise their children with guidance.
Toy’s are for a purpose as the child couldn’t operate a real like item without harm coming to them. The internet is not a toy… So why is a real gun loaded as the INTERNET in the hands of our children ??????????????????
Happy New Year to you as well, HardSell. Yes, tech has gone too far and I believe children are much better off avoiding screens and gadgets. Mobile phones and social media are addicting, and this is intentional. Children should learn how to type and basic computer skills, but this push for tablets and total WiFi connectivity with everything and every device is just insane. Every device that can connect to the internet can be hacked. The whole “Internet of Things” idea allows hackers and corporations to get 24/7 access to your personal life and data – but many people fall for this scam. And again, all of these devices can be hacked and the appliance companies will NOT be on top of security updates for their firmware as these devices age and get replaced with newer models. [end of rant]
Yeah I do that a lot too (rant).
I was taught given any serious situation I was involved in with another person(s), to use my logic in 3 options to observe with looking out for self preservation…
1) follow – till (astray from right)
2) lead – when awry (amiss proper direction)
3) GTFOOTW – get the fudge out of the way, if the prior two options are non-negotiable.
Maybe for “Rants” something like a community news topic where it’s open to anything (proper) by anyone, – – live chat box ? . . . . tab on site opens to live view (100-200 character count comment box)- live and 48-hrs recent conversations window ???
Be a Cool tool for the site – yes ?
First lets understand it’s the posts that are logged for 48 hours only and deleted, not the account set up to make posts or it’s info and activity needed to maintain the proper site this accounts made on.
That would probably need an RP comment account structure being setup on the site (See below), which might not be a direction you’d want to go, or the kind of linking info (email verification) people want to give you as for having a posting name guaranteed and used only by them.
It’s never been pointed out that I’ve seen – but can anyone use a name already having posts made under it and impersonate them.
I’ll submit this as commenter ‘Sven Taylor by HS’ and if you let it post as is – we’ll see then if that would be possible – to have impostors posting as someones name used prior on here.
Last thought, keep the site as is but offer the ‘Chat Box’ tab to where it opens the live window overlay visible to everyone on the site who’s interested to see.
This could all be done from another site you’d make for readers wanting to use this feature in making live chat comments that run visible here.
I could see something used as like the software/commerce sites offering customers of the live chat function – except this is an open end running session for all users logged in.
Verification of email address for a IP address needed for the 48 hours retention of each comment.
(so you use it daily and your IP is in the system constant) – VPN
I’d see you would have guaranteed additional expenses. So offer free use of it up to X posts monthly, anything over X it’s a dollar a month $12. to signup for a year as the whole only option.
Also this would be another avenue to donate to the Restore Privacy site.
Don’t fill the account info – but a donate button offered.
(Posteo/VPN.ac, either one I think it was stated – CC and account info where never link-able.
That’s an idea.
A min of $12 is required but users can enter another amount for the year if wanting to make a donation on top of min…
The mission statement here would stay intact as it reads in purpose. Though, a CB snap-in of sorts is used for people wanting their posting name as well as the ability to make live comments on Chat Box and supporting the RP site possible.
The CB set-up thingy might be a challenge, as it might be just a reflection here as all comments are being made while logged in from the other site needed to keep everything towards this sites privacy separate.
It’s only for people interested as I’ve pointed out.
Then people interested have to be verified to offer such a feature to them.
As well for payment and that side of the separate site’s liability.
Hope this gets alot of hits and reply’s. ; )
HardSell – Sir thanks
Hi Sven,
“It’s never been pointed out that I’ve seen – but can anyone use a name already having posts made under it and impersonate them.
I’ll submit this as commenter ‘Sven Taylor by HS’ and if you let it post as is – we’ll see then if that would be possible – to have impostors posting as someones name used prior on here.”
Well it was changed (reflecting me), so it was a reply and not a new comment, and then I did give a heads ups of what I was trying.
I might see again at another time – if it’d be different without any heads up given.
That account mentioned before – could offer avatars choice/upload as with the guaranteed users/posts name.
Thanks
The email address entered helps to prevent that from happening. The email is visible on the backend, but not to visitors.
Thanks Sven
Sites do/must advertise or sell users info or offer up links to % of a sale to existing online today – none mostly of which your doing. Your content is not LOCKED behind a paywall scheme. You don’t do anything invasive as in the majority of sites to learn of our identity.
I’M NOT saying to change any of that……
I’am saying, let us help you be creative to exist and possibly in offering this site for a long time to come! That’s all I’d want us to see.
I know it’s not good to discuss everything to much in the open… Then some comments can have tons of replies to the one – ratio. (guilty…here myself)
All taking up the time you’d spend elsewhere on/for the site.
Leads to very little compensation / productivity all the way round I would see for yourself.
After the first reply’s made (a to b – b to a) – it’s not reply’s anymore but a conversation that has started up.
Warn people of a change (trial) in 2020/2021 as one reply to one comment per day’s (24hrs) ratio to guests – will you offer them – – to free up some of your daily time needing invested.
And for this site to be as it was intended as more of an informative one in purpose – than as a medium for socializing about privacy and security with the breaking new related, as its turning out now.
I’m kind of saying too, it don’t have to be that way for everyone – just the unregistered guests on here.
Not as in a paywall but a supportwall membership you’ll offer to any people interested, and to a way of lessening your time involved here as I purposed this. Allowing us to have a part, be a part with some benefits beyond a donations goodwill.
Registering/verification with the other site (mentioned), for use of a live running chatbox offered on here your Restore Privacy homepage.
This other site (membership based) in offering your readers to become paid support members of RP as in a locked up a users name choice and having an avatar’s (choice) – – could also be used for PM (personal messages) between paid support membered users. A privacy – security socializing medium for that support audience.
Then the FULL comment section resides there as well, to where what’s seen on the Restore Privacy site (here) – becomes minimized as like you do in any months archive. So the new month brings no old comments/replies as shown on the main site.
As basically a new means of supporting this site’s contents for everyone. Importantly – you don’t have to check and moderate this separate RP support site as much for spam, bots, shrills posts as these support members are cleared in most of the checks you’d make against them on the backend. Well being as registered support members and have good standing reputations you’d know it’s safer.
Help me out people – what’s your thoughts here.
Thumbs up or not ?
Not a bad idea, Hard Sell. Some have suggested setting up a forum or a ‘RestorePrivacy’ subreddit, but I don’t care for reddit too much. I’m still looking at different options. Thanks for the suggestions!
Ohhhhh Shiiiiiiiii_t
Google announced “quantum supremacy” a couple months ago, which is a technological achievement that has HUGE repercussions !!!!
Not only for the company and its role in the World, but FOR ALL OF US INDIVIDUALS who want to maintain a sheer semblance of the right to privacy.
Google researchers have developed a computer called Sycamore, which is exponentially more powerful in its processing power than a “standard” supercomputer.
The workings behind Sycamore are what make it such a breakthrough, since it uses an algorithm that would take 10,000 years to give a similar output on a classical computer – – but it’s only 200 seconds on Google’s processor.
We should all be very concerned that with an industry leader of such a questionable (flip/flop) track record on data protection, privacy and political neutrality – along with a continued abuse towards market dominance,
now in fact has it’s very hands on the world’s most powerful computer.
These alike privacy issues came to a head around the Cambridge Analytica scandal, where Facebook was implicated in allowing a Russian-linked firm to harvest a huge amount of personal data, including political preferences, and allowing that knowledge to be used to meddle in the 2016 US presidential election.
Now that the processing power available to manipulate and use large amounts of data has increased, the stakes are raised in what big data can be used for.
The Big Tech industry, however, doesn’t seem to accept these growing dangers. The implicit aim of Big tech companies is to 1)acquire more users, 2)more data, and 3)ultimately more advertisers.
The symbiotic relationship between these three factors underpins most any tech companies’ business models, including the current wave of startups in Silicon Valley and elsewhere.
This will not change.
But what must change is the privacy regulations roll around data, it’s security as a standard set and its implementation with a solid body of enforcement. Regulation is, by and large, already present:
in almost every developed country, it is illegal for someone to hold data without a range of rigorous checks and balances on how it is sourced, held and transferred between parties.
A range of international treaties, such as the European Union’s General Data Protection Regulation (GDPR) and the EU-US Privacy Shield mean that data can only achieve “freedom of movement” by fulfilling Strict Criteria.
The largest data owners like Facebook and Google tend to follow these rules closely, meaning that the main concern is not control of data, but the data’s actual power.
Big data can already predict an individual’s consumer habits and personal desires to a somewhat eerie extent.
As processing power grows exponentially, will we have Facebook ads that can penetrate deeper and deeper into our lives and consciousness?
What will be the effect on our mental health?
Our family relationships?
And at the macro level, our economies as a world macroeconomics?
None of these personal, society and socially deeper questions appear to be being asked by either the industry or the regulators. Inevitably, they will become relevant as quantum processing power increases.
It is a matter of when, not of if – when people rise up against and push back.
There is still time for our governments to play catch up and protect consumers. Although Google’s Sycamore is advanced, it is still not capable of fulfilling every data scientist’s deepest desires. The Sycamore chip is a 54-qubit processor. That is relatively limited, and is one of the many reasons that the discovery is not practically useful.
Researchers want a 100-qubit – or even 200-qubit – system before they are really able to put it to the test and see whether the dreams of quantum computing are realized.
Rather than in just controlling the data’s transfer, it is time for a wider conversation about the data’s usage. Which uses of data – regardless of who owns it and how it has been sourced – are ethical and safe when it’s profiled on an individual?
And then which are unethical and dangerous uses?
Instead of moving from the outer edge of the circle inwards – we should be focused on an overview of center outwards as well. Both encompassing the examination like a gridiron marked off into squares or a network of squares.
Proofing in other words, somewhat like livestock plants or drugs research is done with checks and balances.
As lawmakers like US congresswoman Alexandria Ocasio-Cortez seem to enjoy grilling tech executives like Mark Zuckerberg on the minutiae of data usage, I hope we do not lose sight of the bigger picture.
The stakes are too high, and the processing power is now too great for us to be complaisance. Hope you see and agree…
Inspired by:
https://www.euronews.com/2019/10/28/big-tech-achieving-quantum-supremacy-for-the-first-time-is-bad-news-for-our-privacy-view
Somewhat related:
US, UK reach deal to make it easier to get electronic data
The deal would let American and British authorities seek electronic data in investigations directly from technology companies based in the other country, instead of the time-consuming process of going through the government.
[https://www.texomashomepage.com/news/political-news/us-uk-reach-deal-to-make-it-easier-to-get-electronic-data/]
Interesting news:
New computer chip allows information to be sent using a one-time unhackable Future-proof communication security.
While current standard cryptographic techniques allow for information to be sent quickly, they can be broken by future computers and quantum algorithms. However, according to the international research team, their new method for encrypting data is unbreakable and uses existing communication networks. It also takes up less space on these networks than traditional encrypted communications.
Associate professor of electrical engineering at KAUST and leader of the study, Dr. Andrea Fratalocchi explained why the team’s new security system will be essential in the quantum era.
https://www.techradar.com/news/new-uncrackable-security-system-may-make-your-vpn-obsolete
Related:
https://www.scotlandis.com/blog/new-security-system-to-revolutionise-privacy/
https://www.forbes.com/sites/daveywinder/2019/12/20/scientists-develop-absolutely-unbreakable-encryption-chip-using-chaos-theory/#648edf915ba8
@HardSell, @Sven
I read that they are saying it is a single communication. As easily as possible, does that mean you use the chip once and then need a new one?
I honestly do not understand. I was able to piece together the Chaos Theory and a few other things but that is the one area I did not know.
Heck J.M.
It’s over my head, but no, the chip is probably the expensive part.
For now as it’s all so new – that may change as everything does cheapen as it’s adapted and adopted too. It’s a wonder what a nanostructured materials is to look like when used with the word crystal.
Fetching any mental picture I can by reading it again.
It’s as greek to me -as- them there ‘password managers’ you use on sites without any need of a pre-made password for it / the concept there lost me too…
Looking at the parts-
https://onlinelibrary.wiley.com/doi/abs/10.1002/lpor.201600086
“an all‐optical laser‐driven transition from order to chaos in integrated chips on a silicon photonics platform. A square photonic crystal microcavity at telecom wavelengths is tuned from an ordered into a chaotic regime through a perturbation induced by ultrafast laser pulses in the ultraviolet range. The chaotic dynamics of weak probe pulses, with high spatial accuracy.”
-and-
https://www.scotlandis.com/blog/new-security-system-to-revolutionise-privacy/
“The proposed system uses silicon chips that contain complex structures that are irreversibly changed to send information in a one-time key that can never be recreated nor intercepted by an attacker.
Keys generated by the chip, which unlock each message, are never stored and are not communicated with the message, nor can they ever be recreated, even by the users themselves, adding extra security.”
– Ok what mental picture can I get, I need to see an image of the square photonic crystal microcavity.
What I do fish out unknowing – is maybe like a sea sponge and it’s pores when filled with h2o and squished at different hand pressures and content levels.
Each squish represents a generated new key and message sent.
The Key or Key pairs is what vagues me to, would that be omnipresents as something to alpha and omega one timer.
Since no mention of exchange or key banks – they must be created in use for one time – once only.
Since all email server to server transmissions (generally most), are one time and one way direction transmissions I can see the transit encrypted.
When it lands at the destination then further mailbox storage encryption is needed as it seems to me. Then what is quantum proof encryption for now, other than no server storage but local on the device.
Could the transmissions encryption abstractly laymen wise be seen as if your holding up a mirror to a bigger mirror.
That tunneling affect is the encrypted tunnel.
By the elements in the photonic crystal, at telecom wavelengths having tuned ordered into a chaotic regime through a perturbation induced by ultrafast laser pulses in the ultraviolet range.
So move the held mirror a fraction and a new keyed tunnel for a new message is realized.
That’s a headache to think about for sure.
Related:
In quantum optical devices, microcavities can coax atoms or quantum dots to emit spontaneous photons in a desired direction or can provide an environment where dissipative mechanisms such as spontaneous emission are overcome so that quantum entanglement of radiation and matter is possible.
https://www.nature.com/articles/nature01939
http://copilot.caltech.edu/documents/71-high_q_prb_rapids.pdf
https://www.researchgate.net/publication/234959441_Square-lattice_photonic_crystal_microcavities_for_coupling_to_single_InAs_quantum_dots
https://ir.nctu.edu.tw/bitstream/11536/26240/1/000285749500104.pdf
@HardSell,
I appreciate the thought and it helps. So it is not the chip that is one time use but the output.
I think the interesting concept is that Chaos Theory is being used in a practical way. The very aspect of Chaos Theory in itself is a powerful multiplyer for privacy.
It basically would render the quantum computer unable to compute the code. If the computer processes one part, it will corrupt the second part. Straightening out the second will mess the third. By the time the code is worked through the first parts would be scrambled again due to chaos.
I will not pretend to understand more than that but it does give plausable concepts to securing keys and data.
I should say that I do not believe that Chaos Theory will replace the 2nd law of Thermodynamics (hence one is a theory and the other is a law) in matters of science as some hope it will, but in computer modules and data retention and security, Chaos Theory may be very powerful.
Or, I could be missing how Chaos Theory may be used and not know what the plans are.
Hey Thanks
I like that 1-2-3\1 example you gave.
I skimmed over the links posted and the quantum dots part was referred to as having cross applicably in a large industry.
If one stops and thinks about the scale of nano (to me) the human eye cant see the nano dimension.
So anything with a screen could benefit as it’s a delivery means of light in a sense. But thinking about resolutions of how the screens detail could be built in the nano dimensions or multiples in unison of nano structures to give us 10D dimensions level or whatever a holo display would be.
Going far out in my thoughts tying to gather in a ?, what isn’t possible about this technology that couldn’t led to hologram displays and communication purposes via holo over optics. The chaotic regime scrambles the information in transit only as I UNDERSTAND – thus once it reaches the point of delivery it’s released from the scrambled state to display. It’s sent through a light form so why can’t the information be displayed other than digital texts.
Once there is understood how to create a field harmless to users to display holograms by quantum properties – why not ?
One thing right there with it all is the original string theory that focused only on boson particles. And what I recall of strings is their layered or stacked in fashion where multi-dimensions of the same matter can exist.
What’s So Special About a Boson?
Bosons are sometimes called force particles, because it is the bosons that control the interaction of physical forces, such as electromagnetism and possibly even gravity itself.
https://www.thoughtco.com/boson-2699112
Interesting.
Hey SVEN, HEINRICH, MIRIMIR
Any statistics for this holiday seasons in electronic sales that have the potential to being hacked ???
Been a lot in the news of security cams being hacked lately (lest around here).
Got any words of wisdom in those new gifts for people to heed warnings of ?
Sven, will Heinrich and Mirimir answer in their articles/reviews or is it their part just to add content to the site?
Well, not anything really new regarding holidays, but I’ve seen a lot of news lately about ransomware hitting different cities and government agencies.
They’re mainly focused on content.
Maybe we can get Heinrich and Mirimir interested to look at https://restoreprivacy.com/privacy-tools/#comment-63787
Where the prospects could possibly tie in with current concepts being broken by future computers and quantum algorithms.
Again maybe to inspire either one to have a full look as 2020’s date will be on everything shortly.
Most of what the site has covered (in encryption’s use) is then affected beside the more specific articles to-
https://restoreprivacy.com/let-pgp-die/
https://restoreprivacy.com/tutanota/
This Professor Andrea di Falco of the School of Physics and Astronomy at the University of St Andrews is interesting as his name is mentioned alot here-
https://phyesta.supa.ac.uk/staff/109998/publications
“It can be used to protect the confidentiality of communications exchanged by users separated by any distance, at an ultrafast speed close to the light limit and in inexpensive and electronic compatible optical chips.”
Keys generated by the chip, which unlock each message, are never stored and are not communicated with the message, nor can they ever be recreated, even by the users themselves, adding extra security.
Dr Aluizio Cruz, co-founder and CEO of the Center for Unconventional Processes of Sciences (CUP Sciences) in California and study author, said: “This system is the practical solution the cyber security sector has been waiting for since the perfect secrecy theoretical proof in 1917 by Gilbert Vernam.
Dr. Al Cruz agrees that it is true there is no such thing as uncrackable software but says, “what makes this method of cryptography so different from anything else out there is that the encryption is done using physical measurements of properties of nature, such as light.” Because it is “all hardware and physics,” Dr. Cruz says, “it would require advanced degrees in physics to even begin to understand what is happening inside this chip.”
Again, Dr. Cruz reiterated that there is no code to manipulate, and the limited software is ROM based, so traditional methods of hacking encryption are irrelevant. “At the same time,” he says, “the embedded math is based on axioms of the law of physics such as the second law of thermodynamics and chaos theory, so even if a malicious actor were to gain physical access to the chips, copy them or otherwise tinker with the components, it would prevent the encryption scheme from working, but would not reveal the key (which is never stored or shared anyway), nor would it provide any other avenue for cracking the code.”
https://www.forbes.com/sites/daveywinder/2019/12/20/scientists-develop-absolutely-unbreakable-encryption-chip-using-chaos-theory/#648edf915ba8
“It’ll be a key candidate to solving global cyber security threats, from private to national security, all the way to smart energy grids.”
https://www.scotlandis.com/blog/new-security-system-to-revolutionise-privacy/
Related:
https://onlinelibrary.wiley.com/doi/abs/10.1002/lpor.201600086
https://iopscience.iop.org/article/10.1088/1361-6528/aa593d
Hello Sven
THIS IS THE BEST PLACE TO MENTION THIS.
With your sites categories good in coverage I’d like to see two more added here under your privacy tools page information.
*Secure Payment
*Network
Something like my alphabetical list sums up the page for privacy tools.
Privacy Tools Categories:
Ad Blocker
Antivirus software
[*Network] = ?
Operating system
Password Manager
Private Browser
Private Email
Private Search Engine
Secure messaging app
[*Secure Payment] = ?
Virtual Private Network (VPN)
Secure Payments practical part, is it separates your digital payment information (card(s) number – security code) from the seller having direct access to it. Never mind having to know with a needed research of the selling site’s policies, in how long they could retain that specific payment data.
Secure Payments security part, would have included verifying your linked cards and/or bank account’s added as payment methods from within your SP account. Which also verifies your mailing address for shipping when using SP as the payment method.
Secure Payments served by a middle grounds source, as a payment link to giving your card details some anonymity over the seller having it in the payment process, and it is not intended for an anonymous use to hide self individuality.
A seller still gets your full personal information for the sell to complete and/or to contact you about anything related to it.
EX: name and address, contacts of email, cell #
[Even if you would have an account on the sellers site, all online site sales require the same basic information from you at check out – name and address, payment details, contacts of email, cell # ]
Network – is where we can understand and learn as well discuss ways to help guard if not secure our privacy and security over the device networks.
Network topology is the arrangement of the elements (links, nodes, etc.) of a communication network.
Network topology as to define or describe the arrangement of various types of telecommunication networks. It’s the computer networks we should focus.
https://en.wikipedia.org/wiki/Network_topology
In computer networks, computing devices exchange data with each other using connections (data links) between nodes. These data links are established over cable media such as twisted pair or fiber-optic cables, and wireless media such as Wi-Fi.
Topological structure of a network and may be depicted physically or logically.
Physical topology is the placement of the various components of a network (e.g., device location and cable installation), while logical topology illustrates how data flows within a network.
Computer networks support an enormous number of applications and services such as access to the World Wide Web, digital video, digital audio, shared use of application and storage servers, printers, and fax machines, and use of email and instant messaging applications as well as many others. Computer networks differ in the transmission medium used to carry their signals, bandwidth, communications protocols to organize network traffic, the network’s size, topology, traffic control mechanism and organizational intent. The best-known computer network is the Internet.
https://en.wikipedia.org/wiki/Computer_network
Thanks Sven
Great suggestions, HardSell. I’m going to work on this. Thanks for the feedback!
That sounds great Sven, for your privacy tools page to get it’s due attention(s) as we slip into 2020 forevermore. That is as welcoming as the new reviews, and sometimes the (drop everything) topics we’ve gotten this year.
Possibly, Sir please do include a piece on ‘Threat Model – Threat Mode” as for anyone ‘not having’ realized one for themselves.
Still yet – lost then, and whoever’s left to be surely wondering what to do in understanding the ways – one can set up their ends as productively from their devices face side (in it’s settings/programs) relating in a stronger privacy state to all their data going through it.
We see of the many things and fields covered on your RP site – it’s spoken similarity, [ everyone’s “will be different” ] pertains especially to a threat model/mode they have.
And for each user having a set of applied specifics in their own needs by the degree of an alarmed state they feel a call to answer.
By itemizing of the top important areas and down ladder, as where they should show interests and in giving their attentions to and may have need in spending some money as fortifying. They could go from an abstract view as it appears to most of us, to a knowledgeable image of an 3-D perspective in threats seen – to knowledge as applied of their own base as bottom line in model / mode as to protecting against.
I think if we were to imagine a pie or pizza (if preferred), and cut one piece in (that’s always there) for establishing a base starting point where everyone’s privacy is in need of direction, and then in fashioned course to gaining much of it back just by visiting and reading your site.
– Call that first slice by the name of personal privacy, concerning it’s for all as the -first tier Threat Mode- where everyone’s in it, however they uses or tap into any part of the internet’s stream today.
I mean this,, as needing done before spending any money, (don’t crank-up the furnace with the house wide opened), in where they had locked down their devices. Which means the OS, apps and their own web practices – all being understood as related in their own personal privacy’s loss.
There’s always more ways to look at, understand, practice, implement of the different areas involved here from any web users requisites or perspective. Though, we need a start and finish point in basics.
It’s my point that Sven brings forth the most common areas overall for the novice, that no matter to what the make, model of the device is …. ‘common’ traits do carry across them all. It’s those commons factors in all modern devices that link us to the first threat model / mode.
The Threat Mode/Model as the #1 spot would be just from their devices side in it’s standpoint or placement of the chain – which is where they can actually help themselves without a dime to invest.
If they understood how.
By ensuring OS receive updates, choosing to harden OS-Firewall settings, run less browser extensions, understand terms of TLS, DNS, etc, etc…
I don’t see that you Sven, personally should be going into each device here but, conduit in the links of info could be offered for your readers.
You might even devote a page to readers contributions for a specific Operating System and it’s platform, to where you’d not need as much research to bring the readers posted facts into the devices body of the article’s knowledge.
I’m going on the bases in my knowledge where Win 7 to Win 10 share much still in the dark undersides of their separate operating systems.
You could try with a page for Windows (platform) of nothing more than a sub-list as to where the areas are the OS and default programs needs the proper attention for users privacy.
All my own ideals – yes it’s more work for you Sven our privacy advocate, but nothing on the web comes close to being like it – I’ve ever seen.
Thank you Advocacy King of the lost privacy hearts.
Anyone
http://web.simmons.edu/~chen/nit/NIT'96/96-025-Britz.html
“Privacy is an important right because it is a necessary condition for other rights such as freedom and personal autonomy. There is thus a relationship between privacy, freedom and human dignity. Respecting a person’s privacy is to acknowledge such a person’s right to freedom and to recognize that individual as an autonomous human being.”
Thank you for the feedback and idea, HardSell. Another great suggestion.
What about the messaging app Wickr? It seems pretty secure.
Sven, I see you still recommend Wire messenger, even though they are sold to an advertising company, a case similar to StartPage. Do you still consider Wire safe?
This is wrong. Wire is a Swiss GmbH, Untermüli 9, CH-6300 Zug (“Wire”). Wire does not rent or sell your data to third parties. Moreover, the service jurisdiction is still based in Swiss and the servers are still based in UE (out of 14 eyes).
Wire blog:
In connection with the financing, our holding company moved from Luxembourg to the U.S., as we believe this will be helpful in future fundraising necessary to support our strong growth. Notwithstanding the foregoing, our current and future customers are licensed and serviced from Wire Switzerland, our software development team remains in Berlin, Germany, and our hosting is European-based. Our enterprise customers can deploy their own instance of Wire in their own data center.
Wire jurisdiction is Swiss and servers are based in EU.
Accepting outside financing does not change the legal jurisdiction of a Swiss company, operating in Switzerland.
Wire is still a better option than Signal which completely (100%) is owned and operated by a US entity, which also requires one to register a phone number, whereas you can use a burner email to use Wire.
The Brazilian company Privacy Tools (www.privacytools.com.br) also offers privacy services
Hi Privacy Manager,
The Restore Privacy site mostly deals with anyone’s personal online privacy.
The mentioned, wouldn’t be useful to family, single users outside of a CO.’s structure.
https://translate.google.com/translate?sl=auto&tl=en&u=https%3A%2F%2Fwww.privacytools.com.br%2F
AS- “We are a Privacy Tech, a privacy management platform.
Privacy Tools is the right platform for your company to comply with LGPD – GDPR – CCPA personal data protection.”
Thanks anyways ; )
Hi All,
So as we find ourselves living in tall shadows of a digital revolution age bearing from 1950’s to 1970’s era of modernization, which in turn has introduced us to an inherent evil called “privacy economics”.
– Leveraging on Data mining in the trappable, retention, and trading of your personal data having you profiled with about 1500 pieces of information and digitally preserved to live longer than YOU from all the sources you’ve generated any data.
.
Internets exposure today has increasingly deemed a nakedness in our privacy it affords ourselves in that we now prefer to cover and shield than be caught naked in the raw using it.
Beings it’s at 2020 door causes now a pressing question of should I self-secure in shutting down of whatever I can control being exposed from my side as countermeasures.
.
Then as the Fourth Amendment protects people, not places.
What a person knowingly exposes to the public, even in his own home or office, is not a subject of Fourth Amendment’s protection…
To what if any protections are placed on this material and the information derived from what merit in purpose-intent-plan in objectives first to generate individual profiles and then with keeping it updated as we live our life.
https://www.nytimes.com/2012/06/17/technology/acxiom-the-quiet-giant-of-consumer-database-marketing.html
In the digital world, information can be captured, copied, shared, and transferred at high fidelity and retained indefinitely.
Regulation attempts have failed https://en.wikipedia.org/wiki/Information_broker
.
A wide range of companies known as ‘data brokers’ collect and maintain data on hundreds of millions of consumers, which they analyze, package, and sell generally without any consumer permission or input to do so.”
https://en.wikipedia.org/wiki/Information_broker
.
Data and Metadata, in the course of ordinary web activities have users emit lots of “digital exhaust,” or trace data, that leaves behind more fragmentary bits of information.
Such as the geographical coor-dinates of a cell phone transmission or an IP address in a server log to name as two providing personal data generated, recorded, and retained.
Then advent of more powerful analytics, which can discern quite a bit from even small and disconnected pieces of data, raises the possibility that data gathered and held by third parties can be amalgamated and analyzed in ways that reveal even more information about an individuals life.
.
Data brokers collect a huge volume of detailed information on hundreds of millions of consumers.
Data brokers sell products that identify financially vulnerable consumers.
Data broker products provide information about consumer offline behavior to tailor online outreach by marketers.
Data brokers operate behind a veil of secrecy.
.
Considering as in your own defensive privacy stance then, should it’s scale depend on the Nut to shell ratio, as today the nuts size to your PRIVACY loss aspect has grown very big…
Maybe something scaled down to start you’d prefer, I just say anything (done rightly so) is better than nothing, and all you do now is not enough for the future.
You must diligently stay on top of your privacy’s loss.
.
Where to start ?
Read this to understand in that perspective where you could control easily as habits-
https://translate.google.com/translate?sl=auto&tl=en&u=https%3A%2F%2Fprivacyrights.org%2Fresources%2Fguia-basica-de-proteccion-la-privacidad-como-tomar-control-de-su-informacion-personal
.
And this perception to see how the future invents new hazards to us-
“Session replay scripts” can be used to log (and then playback) everything you typed or clicked on a website.
https://www.vice.com/en_us/article/59yexk/princeton-study-session-replay-scripts-tracking-you
.
Having significance in a meaningful purpose to your end results would entail partly to your apprehending in the knowledge mindfully as well of your perceptual understanding in how the web works.
Growing of your abilities to locate the data giving multi-surface (facets like a gemstone) areas that are in need to defend against in where the personal privacy factor fragments and yours is lost.
Then with that acquired knowledge to understanding what it is exactly that your up against or must fend from. (Hope to add Part # to explain)
.
For the most part advice what as has helped in knowing what kind of protections and practices I should use as helping me guard against or defending off from my privacy’s loss as I go online.
As I’m a simple man bear with, so only as I can understand the big picture from this minds perspective, I’ll try to help advise other readers gain their knowledge.
(Some people may see and understand a more complete picture than I, so please do share with us then – as mines just a base point in understanding).
– I will be adding more related details to this comment as Parts # in reply or with new comments parts # if reply box is acting wrong.
PART #1 , Thanks all
Thanks Hard Sell.
Hey all battery operated smart device owners,
Anybody herd of Juice Jacking, it’s a type of cyber attack involving a charging port that doubles as a data connection, typically over USB. This often involves either installing malware or surreptitiously copying sensitive data from a smart phone, tablet, or other computer device.
https://en.wikipedia.org/wiki/Juice_jacking
.
*Be on guard during the shopping/traveling holiday season.
As USB public charging stations are becoming more common, popping up in airports and shopping malls, as well down the line to where a public wifi connection is being offered for patronage or free – there might be a charging cube/kiosk available.
– The scam works similar to skimmers found at ATMs and gas pumps.
– When someone loads malware into the charging stations or one of the cables, thus, infecting the device charging.
– In as little as one minute, a virus can be transferred to unsuspecting users devices. Then, the virus begins exporting sensitive data and passwords directly to the scammers.
.
Here’s how the scam works:
A computer is concealed within the charging kiosk or on cables left plugged in that are programmed to automatically pair with smartphones when they are plugged in. The rogue computer can then freely access all the information stored on electronic devices, from passwords to emails, to address books to photos to text messages. It can even do a full backup of your phone, all of which can be accessed wirelessly by the crooks.
.
Another concept closely related, Dubbed “video jacking” by its masterminds, the attack uses custom electronics hidden inside what appears to be a USB charging station. As soon as you connect a vulnerable phone to the appropriate USB charging cord, the spy machine splits the phone’s video display and records a video of everything you tap, type or view on it as long as it’s plugged in — including PINs, passwords, account numbers, emails, texts, pictures and videos.
.
Juice/Video jacking is not possible if a device is charged via the AC adapter shipped with the device, a battery backup device, or by utilizing a USB cable with only power wires and no data wires present.
– – I’m wondering when this makes it to the car charges for electric cars.
As an bad example (I can’t think of another), a thief breaks into your locked car in your driveway, gets your garage opener and opens the garage, thief now has access to your home and you gone.
RELATE – then to a public car charging station that you’ve put your car to charge from, your car is also now port charging your phone to, all while your gone doing whatever.
Or say a mechanic plants malware in your cars computer system !
So be careful with all smart devices… Please
Hi M.D,
I’m with you in a concerned watch – “seems like privacy-oriented companies are being bought left and right lately.” It’s true but why?
It’s not just of lately, but of near the past years too.
https://restoreprivacy.com/antivirus-privacy/#comment-35948
–
I’d not only see the “US as a Five Eyes jurisdiction”, but like the king pin at the core of all the eye’s nations unified, as the (spider tending it’s web) if you will.
– That reach in (web data), can be extended by way of the United States Mutual Legal Assistance Treaties and Agreements.
https://restoreprivacy.com/5-eyes-9-eyes-14-eyes/#comment-58133
* Where most every nation outside of the 5, 9 and 14 eye’s abide by cooperation’s to the US king pin in these MLATs deals.
@That blurs things a great deal when the nations (outside the 14 eyes) and that already have good privacy laws in place – having agreed to these MLATs. Wouldn’t you agree?
So as I said in the link on MLATs, “a jurisdictions to privacy provisions (it’s laws) may have less importance than I would of guessed” !
–
{Remembering – TOR , “was developed in the mid-1990s by United States Naval Research Laboratory employees, with the purpose of protecting U.S. intelligence communications online.} It was years later (2002) the alpha version released and the first public release occurred a year later still.
https://en.wikipedia.org/wiki/Tor_(anonymity_network)#History
–
The Grid:
– – As an example to the “spider tending it’s web for web data” (the grid)
Seeing the highways and interstate’s road systems in the US going from top to bottom and across the nation, as only one web system.
– – – At some early point in the nations frontiers advancement, as the least path of resistance going from point A to point B – routes were established.
Then the roadways paved on over these frontier routes for the nations road system.
My POINT being, as the internet routes nations together on the grid – your studied for any data, for there is not another route to use other than the spider’s web or grid – that exists either as centralized or decentralized.
***We may catch word today – but it’s done developed into a spying purpose –
as I feel it was intended…
I wished it wasn’t this way as a pipe line into our lives.
Thanks for bringing this up…
Hello once again Sven, seems like privacy-oriented companies are being bought left and right lately. Wire (end-to-end encrypted chat service) has been bought by an US entity (essentially moving Wire into Five Eyes / US jurisdiction):
(Blog post from wire.com): https://wire.com/en/blog/wire_business_update/
(r/privacy reddit post): https://old.reddit.com/r/privacy/comments/dvry9f/wire_holding_company_moved_from_luxembourg_to_the/
This is quite concerning, considering that US is a Five Eyes jurisdiction, which severely lacks privacy laws alongside with (now possible) subpoenas directly from US court. However, that is not as concerning as the fact that the company behind Wire has not been open about the acquisition, and *only spoke up once people started questioning them*. Now the question is – is it still safe to use? Should people seek for an alternative? Or does this acquisition means nothing, as other secure end-to-end encrypted chatting methods exist (such as Keybase and Signal), who are also based within US jurisdiction? I would really like to hear your thoughts on this, and you should probably update this article with more up-to-date information about the jurisdiction of Wire.
I’m looking into this.
Hi M.D
I see an answer is give by Sven – that’s related ?
https://restoreprivacy.com/privacy-tools/#comment-61222
I’ll admit that the fog and haze given off of all these companies to users privacy is unreal in today’s knowledge age era. Facts to immediate inform their users never takes president, are revealed months later and/or if at all.
A tree’s view in structure of top down CO.’s entities should be given for any company operating where it’s based on users privacy intents of protection.
Hope you noticed that startpage is bought by the ad-company system1.
Yes, I saw that and will revise the article accordingly with the next update.
I’m new to VPNs and need help to understand how I can overhaul all of my devices connected to the internet that are not private at this moment. If I subscribe to ExpressVPN for 15 months, can you please clarify the steps to take back my privacy? For example, I already have 2 existing gmail accounts linked to my home IP, which I also access on my iphone. Of course my Gmail and YouTube are linked, so Google has tons of information on me about my viewing preferences, etc. I want to make this more private. I read I need to clear all of my cookies and then if I subscribe to ExpressVPN, do I have to also create a totally new Google identity through which I will now surf the web and watch online content on YouTube so that Google isn’t sharing my proverbial data file with the highest bidder? I’m assuming that even if I clear my cookies and subscribe to ExpressVPN, if I login to sites using my login/password, then the servers will know who I am and see that I am merely using a private IP, right? Can you clarify for me also that if I have ExpressVPN and am mobile, like at the gym where I typically use their wifi since I don’t have an unlimited plan (and I want to stream videos), does my ExpressVPN service carry over? I assume not, since I assume it’s through your own internet connection…Thus, does using ExpressVPN mean that you also have to buy unlimited data on your phone so that when you are mobile you can access ExpressVPN and not be using unsecure wifi connections? For payment, I don’t use bitcoin, so what is the next more private way to pay ExpressVPN? I prefer using credit cards, but, in this case, I don’t want it on them….I have Paypal….What do you all recommend for the next best thing to bitcoin for keeping payment to ExpressVPN private? Thanks for any help!
A VPN will work with any internet connection. You connect to the VPN server and encrypt your traffic through the internet connection, regardless of where you are at. There are no bandwidth limits with ExpressVPN (unlimited data transfer).
Yes, it would be good to create a new secure email account to replace Gmail. There are free options as well as cheaper options.
If you need a Gmail account to log in to YouTube or other google services, you could create a new one that is basically a dummy account that you don’t do anything with and is not connected to your previous accounts or identity. Once you transfer over everything in Gmail to your new email provider (such as Mailfence) then you can delete your old Gmail account.
I wouldn’t worry about private payments so much. Owning a VPN is not illegal and VPNs are becoming mainstream for privacy and security. And don’t get overwhelmed. Just go step by step on your own time frame.
Thanks for the fast response, Sven! I am looking at Mailfence. Do they have the functionality to transfer all pre-existing emails from another account? Is that an easy process? I used the gmail account for a almost a decade and have 50,000 business related emails I need to keep as records…I don’t want them to be deleted in a transfer. I assume that when you transfer emails from an account it just sends a copy and leaves a set, too? It would be a disaster if they were erased….
Also, I noticed in the past that when I went to delete my cookies on my Macbook Pro, it often said there were a core group that could not be deleted…I vaguely recall them being linked to corporations….Would I need to get an entirely new laptop and start with Express VPN and tighter security controls to prevent that from happening again? I saw you recommended an app called something like Cookie Delete that continuously deletes your cookies, but then at least one person commented that it logs you out of your email each time….that would get annoying….if I use Mailfence, for example, I want to be able to leave the browser open and not have it log out at home….Is that possible when using a VPN? Or do you always have to establish a connection with the VPN each time you want to see your new email on Mailfence?
Thanks!
Hi Kate,
GOOD overview of what you’ve envisioned needing done because of ?
The ? = ISP your subscribed at sourcing the internet to you…
Which ? = your IP address as well to an electric identity on you.
– Liken to your street address used to find your location, your IP address is need to go online – so it’s you that identified or can easily be as the things are setup this way.
A VPN in this link is always good but not really the magic bullet needed alone. A VPN alone can’t pull it all off, but think about an encrypted tunnel now that everything of your devices system passes through where you’ve installed the VPN Client(s) and their set active (at system start ups).
–
As in using a VPN, your moving your trust, speed, viewable web data from an ISP you’ve paid for over to the encrypted VPN service.
The ISP no longer can easily intercept, snoop and view your data.
– You’ll still use the ISP to connect to the internet.
A VPN is not a replacement for it. But, instead of the ISP communicating directly with a web page, the ISP now talks to the VPN server that talks to the web page through the encrypted tunnel. *It’s the VPN server that connects to the website you wish to reach.
The achieved key point now is the connection between your device and the VPN server is encrypted in what’s called a VPN Tunnel.
–
The ISP can still intercept the data, but that data is no longer viewable to it. In other words, the ISP is aware you’re sending and receiving things but has absolutely no way of knowing what those things are.
That is till a dropout occurs in the VPN service at anytime.
The moment a VPN connection drops, the encrypted VPN Tunnel is lost, and the ISP can once again view and analyze anything of your transmitted data.
Good paid for VPN’s have a KILL SWITCH for this purpose and then likely will handle all you DNS requests on their ends as well.
–
Pay for a VPN please to get-
1. More privacy.
Your connections cannot be linked to your computer…and you. You can visit any website and your ISP doesn’t know where you’ve been.
2. More security.
VPN connections are super encryption secure. The network is hack proof and all of your Internet activity is encrypted (coded) and unreadable in transit.
3. More website access.
No more blocks or censorship. Whoever can’t now prevent you from getting to websites based an your IP address location.
4.More anonymity.
Your true IP address is hidden! You’re unidentifiable online because you can constantly be using a different IP address, never your ISP assigned one.
In fact, it typically looks as if you’re in a different part of the world from wherever you really are if you choose to be.
I JUST USE A CLOSE-(ER) STATE SO SPEEDS ARE ALWAYS GOOD.
Hope this is informative help : )
https://restoreprivacy.com/what-is-vpn/
https://restoreprivacy.com/best-vpn/
https://restoreprivacy.com/vpn-reviews/
https://restoreprivacy.com/vpn-coupons-discounts/
Thanks for the clarification, HardSell. I was in Europe a lot last year and noticed that when I tried to access a lot of US websites I normally use, I was blocked purely for being in the EU. It surprised me since many sites are common retail sites like William Sonoma. I guess their logic is that they don’t want competitors in Europe copying their products, even though they manufacture a lot of them in Europe? My question for using something like ExpressVPN is will I get blocked from sites? Years ago, I used Tor a lot, and it always blocked me from using mainstream sites, stating I was using a banned IP…..I then stopped using Tor because I read it was government run anyway, so nothing was private anymore…..With ExpressVPN, will the IPs be banned by any websites, or will they be ok?
> My question for using something like ExpressVPN is will I get blocked from sites?
No, just connect to an ExpressVPN server in the US and you’re good to go.
> With ExpressVPN, will the IPs be banned by any websites, or will they be ok?
This does sometimes happen with lower-tier VPNs, but it should not be an issue with ExpressVPN as they have a huge selection of IPs that they ensure are working well with different sites, including Netflix and other streaming sites (that normally block VPNs).
@Kate,
Sven would know more than I, but it’s time to get off the fence and start your journey – agree.
Experience it – learning in small steps, in goal of designing a tailored path as addressing the needs required by yourself – platform – profession – offerings avail. – all with regards in your threat model protections sought.
*(overkill usually means overpriced – if interested take a smaller piece first and adjust in – as your knowledge becomes learnt)
–
Make a ‘Draft’ for an OUTLINE to use of your starting point and end goal. [tree is a good example image, you trunk – branches and limbs not hidden as being exposed on web – root system hidden from being exposed on the web]
Scroll to bottom of this page/all RP pages, for “Simple Privacy Setup” – as 7 key ingredients / fields to include.
– When you take a privacy/security stance and want a path defined it’s yours only – your song that no one else sings like you do. The ingredients and measures are but your own recipes creation. Get my drift – one size, unisex fit meanings won’t work for anything threat specific to and in your own privacy quest but possibly a mere vague guide. Research / read reviews / GOOD LUCK
Best
@Blocked because of IP – VPN change to any server in that region should work.
Hi Sven.
I’m wondering why you mention “Worth mentioning: Don’t use a browser-based password manager, which will store your usernames and passwords in plaintext, thereby leaving them vulnerable to exploitation (discussed more below).”
Later on you mention KeePass and LessPass, which both have a browser extension.
Or do you mean those built-in password managers that remember logins?
And I’d also like to know your thoughts on a PW Manager as LastPass?
I’ve been using it for a while and like it, but is there a specific reason why it’s not on your list?
I find it very easy to use as I use it both in my home as well as on work and mobile without having to remember a “key file” etc. to login as with KeePass :-).
I hope to see your reponse.
I mean don’t store your passwords into the browser itself, such as Firefox or Chrome remembering your passwords. Password manager browser extensions are fine. I like Bitwarden but haven’t tested many other options, such as LastPass, but it also looks good.
Hi Sven Taylor,
Thank you for this article. I always find the information you provide to be very enlightening and helpful.
I was wondering if you have any suggestions for a privacy-conscious calling app for Android that would serve as a secondary phone number so i would not need to give out my real phone number.
I came across an app a few months ago but unfortunately i flashed my phone and i did not have a backup of that app and of course I can’t recall what it was called.
That app allowed me to choose a phone number starting with area codes f my choosing and it allowed me to make and receive both phone calls and text messages just like a normal phone number. The first 30 days were for free but then you would have to pay for a subscription which was not expensive.
I would appreciate it if you can suggest an app that does the same.
Thanks
Hi Oleg, you might check out Line2, which I’ve used and it works well. Other options include VOIP.ms and also OpenPhone. For privacy, you can also use a fictitious name and pay with a virtual card through privacy.com, which allows you to use a fictitious name and address.
Hey all !
A Worldwide Survey of Encryption Products (yes from 2016), but it’s something I’v not seen altogether broken down by country and OS amongst other categories.
You seen ???
“In 1999, a group of researchers from George Washington University attempted to survey the worldwide market for encryption products [HB+99]. The impetus for their survey was the ongoing debate about US encryption export controls.
By collecting information about 805 hardware and software encryption products from 35 countries outside the US, the researchers showed that restricting the export of encryption products did nothing to reduce their availability maround the world, while at the same time putting US companies at a competitive disadvantage in the information security market.
Seventeen years later, we have tried to replicate this survey.”
https://www.wired.com/wp-content/uploads/2016/02/A-Worldwide-Survey-of-Encryption-Products.pdf
EX: just a part of the listed
Germany—112
United States—304
Netherlands—19
Romania—4
Australia—21
–
See what your country had/has to offer.
Related ?
CRYPTOGRAPHY AND LIBERTY 1998
AN INTERNATIONAL SURVEY OF ENCRYPTION POLICY
http://gilc.org/crypto/crypto-survey.html
2019 CIGI-Ipsos Global Survey on Internet Security and Trust
https://www.cigionline.org/internet-survey-2019
for privacy messenger
may u should have a look on briar.
https://briarproject.org/
– decentralised
– uses the tor network
– fully end2end
– open source
plz. dont recommend Privacy Badger
it can be used to get fingerprinted
best regards
Awesome advice, can I ask for a review or recommended options on personal privacy such as personal files, IP on corporate computers. How to setup and protect yourself from big brother too ? Possible ?
Hi scollops
You’ve asked a lot without giving specifics of Operating system(s), device(s), etc…
Sven’s got pages of good stuff and to telling the dangers of being online.
Helpful guides and articles (I take from his own experience) in his use, testing, researching and exploring this field that’s a big loss to us in it’s vast knowledge to understand.
There’s to much lead-way in each’s own scenario for him to be specific to anyone personally unless it touches close to home for him, as he’s been there.
Thanks….just trying to get a handle on where to start Mac mainly then MS laptop. Really about personal files and IP. Protecting especially when you forget to remove your IP..i.get the whole policy and company line. But oddly doesn’t work both ways. Anyway good to learn also for home as a Mac user.
Hello scollops,
Surely it would began within the devices foundation you’d set. Any order you’d want in your research and implementation.
A/My devices Strong Foundation:
– Hardened OS. (Root access if possible)
– Third party FireWall. (Firewall that blocks everything’s contact to the web by default, and the first time anything tries to enter or leave your system, your alerted (pop-up) to set an action for it from that point onward regarding it’s role in your devices setup.
– VPN service. (Hides your true location and encrypts all your devices generated traffic – installed to the system / because browser extension(s) VPN’s ARE NOT CAPABLE OF THE SAME FUNCTIONS Device Wide or simply their being offered as a watered down version to mimic a real VPN’s functions.
– Private Secure Browser /W/ Private Search Engine. (Separate programs and Working in Tandem when going online).
– Ad blocker. (Install to the system, some do their work in blocking online ads, but also on your installed apps that display ads too when opened and ran on the system. Kudos for the ones (Ad Blockers) offering advanced settings that dials into the specifics of your devices privacy – Ex: hides search queries, strips tracking parameters, hides your user agent, hides your IP address, etc, etc…).
– Password Manager. (Besides securely storing passwords and other personal and accounts info [locally is my preference/never trusted cloud storage]. CS is basically for syncing same info to multiple devices you own and that would go online.
Password Managers are capable of your longer stronger passwords generation than the average person would normally use and retain on their own).
– Secure email /W/ Secure Messenger. (Separate programs again – Look to them offering end-to-end encryption of your data for a true zero-access provider. That would be the encryption happens locally on the device (browser – app) and it’s done (only with access) from the users end to decrypting said data / and never the only encryption offered is to happen on the servers end. ‘Employees and the company partners’ then may very well have access to the servers decryption key and then to accessing your data.
.
Todays Best Secure Email Providers
https://restoreprivacy.com/secure-email
Some there may offer a full office suite to alleviate your need for a separate program to share your personal files. If your needing a cloud file service for uploading files so people can download them, then look at comments on Alternatives to Google Products – the Complete List (2019)
https://restoreprivacy.com/google-alternatives/
.
Hell I could go on and on, least I’d try the outline I’ve given above. I’ve not named any specific programs here. Then I can’t really see that if any applications redundancy of the the others in your basic foundation (system armor) you’d set harming you. Systems and associated hardware are beefier than early units, so redundancy with regards to system resources not an issue.
SCROLL DOWN to the first comment left here for helpful Windows information – and then up a few for other info. too – yes most will be my comments.
Mac – not a lot to offer as Apple – well you know doesn’t want you melding there.
https://restoreprivacy.com/vpn-for-mac/
– – – If you’ve a small footprint web wise (devices -or-
accounts) I’d not link any of them to a same online account by an IP address. VPN services do allow for multiple devices use on one account – set your other devices to another servers location to change it’s reflected IP address.
As well as not letting all our devices sink to/from cloud services – keep it (your data) stored locally on the device, and update them (all devices) yourself. By coping contents of folders or the folders tree themselves to the other like folders of a same program installed on your other devices.
Hope this helps and your welcome : )
Why isn’t EteSync ( https://www.etesync.com ) on this list?
It’s the only secure contacts, calendars and tasks solution out there…
Hi Jess.
Just a few points:
-Sven’s just one man running the site that has grown in new content, and still has to be updated in the existing already covered guides and articles. (Sounds like I know him, guaranteed I don’t), BUT HE HAS A GOOD WELL as we’ve talked some over his Secure Communication Center here-
https://restoreprivacy.com/secure-communication-center/
-It takes people like you to give all readers a heads up here on the RestorePrivacy site or by making contact by the link above ^ to Sven.
.
He as I (*this I believe), quest for only clients and server(s) to be ran on an open source(d) code base. *Term ‘- open source’ refers to something (code in this case), where people can modify and share their results because of its design, (the code) is publicly accessible.
*Then being offered at it’s foundation (server) – a hardened Linux installation, updates in patching any vulnerabilities as they become known, using safety mechanisms like TLS, CSPA, HSTS and in making sure to disable their weak ciphers.
*Then the encryption being used of an account, is in a way that only the USER (ends) and not it’s SERVER have access to your stored data’s information. Unfortunately, most of the communication services we can use are not end-to-end encrypted.
.
While any strong assurances of privacy, encryption and safety for your personal information are thrown out and about by different programs/services on the web.
STOP and consider that data (yours), is being kept (stored) in someone else server(s). Especially, in a case where the server synchronizes the users data with an app/device – any one ! in the chain are vulnerable to get hacked, or a government forces the hosting provider to hand over their server.
– – Anyone give thoughts to – of, that in ten years (or less) up the road THIS AGE of encryption may be broken !!! In Ten years I’ll bet your still alive – to what wide repercussions if today’s encryption gets broken? Your in life?
Remember the server back-ups and the fact that your not controlling the server – you’ll simply have no ideal to the copy and back-up counts made on said server containing your data… When the account is deleted spelled out time when all your generated data is totally deleted?
Point I make, wouldn’t double or triple encryption of data be something for a communications programs/services to look at for storing any users data. Servers encryption, then users encryption twice of TWO separate passwords/paraphrases or keys.
.
-I don’t find info. to when ‘EteSync’ was founded except ‘Posted on Wed 05 April 2017’ here-
https://stosb.com/blog/introducing-etesync/
Looks like a nice find on the surface Sir.
“EteSync is a journaled end-to-end encrypted contacts and calendar provider for Android and the desktop. Or to put it more plainly, it’s an app that backs up and syncs your contacts and calendars across devices and to the cloud in a secure way while maintaining a full history of the changes.
Our servers are located in Austria and are hosted by EDIS, so our server is safe, but the beauty of EteSync is that you don’t need to trust the server.”
– – -Botom line:
How’s the EteSync TOS and PP read?
How’s Austria’s privacy policy as a country in Central Europe comprising nine federated states?
Journaled – your data’s full change history in a secure way while maintaining a complete history of your changes both locally, and securely on our servers – – “”may be a handicap to some if they can’t control the time set – ex: 2 year max versa forever as account remains open.””
It’s not only your money but data given up by you. When you delete your data and then would delete your account – what assurances do you get – that you indeed owned the data ON the server used to store and/or back-up the said data. Proof and guaranties are just words in that all the copies and back ups will get deleted as well…
Tom from EteSync here.
Not sure I understand what you are saying, but just wanted to clarify a few topics that weren’t clear from your comment.
1. You were talking about having both the client and the server open source. Almost none of the recommended tools above satisfy this requirement, so no idea why you said it. With that being said, EteSync *IS* open source, client and server.
2. We obviously patch our servers all the time and maintain them.
3. EteSync is end-to-end encrypted, it says that on the home page.
4. Your data is not encrypted on the EteSync servers, only the end-to-end encrypted data, which we can’t access. We use strong encryption, if it’s ever cracked (like you suggested), every service above would be vulnerable, not just EteSync.
5. If the above point is still a risk for you, you can just self-host: everything is open source.
6. EteSync was released around March 2017. The blog post you mentioned is my public announcement post. You can also see all of the source on github to see when code was originally pushed.
7. TOS and PP: very simple and legible, less than a page long. Have a read.
8. Austria is probably better than Germany and Switzerland nowadays.
Thanks for your comment, and I hope this answers some of your questions and clarifies things.
Hi Tom, thanks for stopping by and clarifying things.
Hello Tom from EteSync,
No I got a way of doing things that suites me, so sorry if I’m hard to follow.
I did give EteSync a thumbs up here just for whats in print and for the direction in a mission it has.
Couldn’t you tell by my words…
.
Basically in answering to Jess, as why not every good, worthy, and related privacy/security application/service isn’t listed somewhere herein, and where Sven’s time (I’VE SEEN) has been utilized for the site.
As well, I had thrown out some flags for people to look for in anyone’s research of the service/app (yours – or any other).
.
The ‘quest’ part is just a longing for everyone who is connected to the web in some fashion, and that be as you’ve done and confirmed by your reply in the #1 and #2 answers. Hey you might be the first on the site to offer this – to the user.
I’d have that in the first paragraph of anything printed about EteSync.
Besides in the section topic above all listed in the article are not offering their client and the server as open source that your right on this.
Sven should add note of that feature if their offered.
I can only say, if Sven’s the time to test yours – you might be listed on the site.
– Glad to see you’ve tied up some loose ends for me by your answers.
Though in #4 answer it mentions ” Your data is not encrypted on the EteSync servers”.
* What of the users/account holders data does the non-encrypted data consist of /and/or about the account / then it’s owner?
* As for offering the service/app on a fee basics – how else does EteSync support itself ? Worthy of an answer…
** Do you ever see (at present) EteSync to becoming a full fledged communication platform as an email service.
Thanks and greetings Sir
What do you think of the new ‘sign in with apple’ feature?
I wouldn’t use it, because Apple.
Did anyone test this secure message app: https://www.goldenfrog.com/cyphr ?
They are from the same company as VyprVPN, so maybe it is not a bad option…
Hello,
First, thank you for sharing your knowledge and making our life more private.
Have you already heard of dissenter browser? Currently, it’s a fork of Brave, but built for people. If I am not mistaken, he removed Brave rewards and add his dissenter extension that is focus on free speech.
I’ve heard of it, but have not tested/used it.
Hey Sven and readers,
Had some deep thoughts today that I didn’t like in what I could imagine happening.
But usually I can also see a silver-lining to any darkness I envision.
That silver-lining, would need to be a global entity of some form of a governing body grounded on and with a foundation of global personal user internet privacy laws that has some teeth enforcement’s action.
If you’d think about it we as governments and nations have rules and laws within our own borders for just about anybody on anything.
.
As mankind advances in life with technology we loose our borders, that it opens up our lands and people to be victims of lawless enforceable actions as it mostly stands now.
We’ve seen or herd of nations going after nations (it’s people-interstructure-elections) using the internet.
Then you have the representation of other nations within a host country where a special revisions of it’s own laws are given making them useless to enforcement to these visitors.
[Kind of like the internet it’s happening to be border-less crime that hits a country]
Stop – picture this, land and water touches somewhere there are borders – laws usually change crossing that physical boundary into the other.
Now – think of the internet as air, a vast ocean, even electricity of a small sense to strength/power/grand or in other words something to big for any one nation to police on it’s own.
Just as we join alliances in time of wars, friendly nations need to join and sponsor a global eninity foundation of personal user internet privacy laws. As we keep budgets for troops and war machinery so to a nation needs to budget for global internet defense.
.
Some dark future thoughts:
Big tech (you know them) all come out with the new wave virtual personal assistants.
You are now able to do everything from your assigned virtual personal assistant (think of your shadow with an ID or in USA your SSN).
So all the new devices, apps and software/firmware versions are now designed to use your assigned virtual personal assistant or you don’t have an electric identity or worst outlet to interact on the web.
– A nations government steps in and uses this “taps” the wealth of new information down to (.) in com you type.
Now in short time – this virtual personal assistant technology has ability to track groups of devices, people, auto’s, purchases down to the last 10 seconds.
Then can disable any electric device connected to the internet, able to turn it on or off at that moment or simply once it had been tracked within the hour. (good and bad use here)!
.
In US you know of traffic light cams for red light runners.
What if you thought your neighbor had just got some kind of security severance service as you’d seen the worker install a couple cameras.
Then you come to know it’s making them money every month – as it’s scans and monitors the neighborhood.
– If you’d get on some high value list I could see this happening (advertising co. – prospect for CEO or like job), even like with a crime stopper program in rough neighborhoods – where every other house is scanning all the time.
To many more dark thoughts !
Any merit to worry yet ?
Hi, Sven
What do youu think about “the next gen VPN”:
[https://impulse.com/sdp/]
I’d stick with OpenVPN as it has been thoroughly audited and proven over many years (safe and secure).
Hi Sven,
I wonder why the Epic Privacy Browser for desktop didn’t meet your ranking.
They are coming out soon with an android version.
Regards,
That’s discussed in the secure browser guide.
I wonder why Telegram (encrypted) app isn’t under “Secure messaging app”. Have you tried it and what are you thoughts on it?
Hey John, yep, that’s a good option too, I’ll add it with the next update.
How would you rate Qubes OS ?
For those of us who have to use Windows for Adobe CC, a future article suggestion: “How to keep Windows 10 from spying on you” (apart from not using it, of course 🙂
Quick answer: Download Virtualbox (free and open source) and run Windows inside a virtual machine. You can use Windows 10 for free and you never have to register it. (I do this for testing software.)
According to Adobe, CC with an individual license will not work with a virtual machine. PlayOnLinux no longer works, Crossover doesn’t work. Wine never works with anything. If Adobe would only make a Linux version (go here and vote!: https://adobe-video.uservoice.com/forums/911233-premiere-pro/suggestions/36257581-yes-please-support-linux-this-would-be-a-huge-m) then I think Linux might well get a lot more users seemingly overnight. Perhaps they have a deal with Microsoft . . . ? So anyway, unless I’m mistaken (which is entirely possible–I’d love to be wrong about this!) I’m pretty sure that CC users are stuck with Windows 10, at least for the moment.
I don’t believe that will ever happen. This kind of talk has been going on since Linux was introduced. If one’s intent is simply browsing the web, I’d agree.
There’s way too few Windows applications and sites eg. financial institutions, insurance plans, governments and so on that do not support Linus browsers.
Not many people know of Oracle’s Virtual machine. It’s not user-friendly whatsoever. In fact, it’s pretty darn complicated just to try to load your OS of choice and install an application. The website to find and choose the hyperlink is nothing short of frustrating.
I suppose the majority of people who would want to use that particular VM are the ones who live a complex life and have a similar mindset.
For a couple of months or so I’ve been trying Blokada ad blocker on my android phone. So far I’m really impressed. Recently, they even added VPN service (paid, but pretty affordable). Notably, for example, the battery life is SO Much improved! Mobile data usage is used for a much lower amount per month (killing ads obviously saves a lot of data). These guys are doing tremendous job, and quietly, without much fuss and bells. Hope they will develope a good privacy package. So far, so good!
Yeah, Bronco. I using blokada for a while and, I agree with you, but I would like what you guys tink. And you Sven Taylor, what you tink about Blokada? You know? Have tested?
Looks good. I have not tested it.
Hi Sven, I am blown away, but not really that surprised at all the comments/questions you’re receiving now on this topic. I just have a few as they relate to browsing confidentiality/releasing details and prevention.
I visited a site that lists all your devices (that name is part of the URL) including screen resolution, video card, OS and so, so much more. I was terribly shocked to see the results.
I opened up TorBrowser (as we know Tor is slow as molasses) and I can’t disable a la carte the encryption or settings to improve speeds. However, Tor browser blocked a LOT of the info which was revealed in Chrome. It blocked RAM quantity, Graphics Card Name / Driver and many more system details.
When I reviewed the info on screen, the test results indicated the info which was concealed was “blocked” by browser “extension”. Yet, I see no add-on in TorBrowser.
As such, I wonder if there’s an actual extension or means of blocking the system info which Tor blocked on Chrome or use another browser which is faster, but does the same in terms of blocking system details?
Hey there, this is a tricky issue, but there’s a lot you can do to improve browser fingerprinting. See my main guide on browser fingerprinting for more info.
Hi Sven,
I think you should add to this article suggested ad-blockers, AVs, VPNs etc for mobile users – ios and android. Reality is that most people today use mobiles predominantly.
He Bronco, thanks for the feedback.
What do you think of 1password as a password manager? I tried bitwarden, but 1password works so much better for me.
Did you use Bitwarden with the browser extensions? It works like a charm (for me at least). I have heard good things about 1password from a usability perspective, and it’s been around a while, but I have not tested it. Main drawbacks: closed source and expensive.
I think this extension should be included in the privacy kit, here’s why:
https://lifehacker.com/clean-up-urls-before-you-share-them-with-the-tracking-t-1826459457
Thanks for the article!
But i have one question, why do you choose for this article exactly this messengers? Signal is abandoned, Threema is not free and open source, and Wire isn’t free. On my phone i have Signal and recent Utopia beta next with telegram on my pc. It’s actually a lot of great private messengers over there, why you mention only 4?
Hey there, Wire messenger is 100% free for personal use, and I use it all the time (free plan). There are business plans, but you don’t need that unless you want to use the premium features. I do plan to update the guide with more options soon, and I’d also like to have a secure messenger guide up in the coming weeks. Riot is another option as well.
Telegram is not as secure as the company’s marketing campaigns might lead you to believe. I prefer Utopia ecosystem. I guess that in the near future this decentralized P2P app will completely replace Telegram. All my confidential data shared is safe via Utopia messenger.
In 2019 already the majority of VPN providers claim that they are not keeping logs at all. One question is sitting deep in my brain, how those providers are checking the maximum allowed devices / connections?!
Yeah that’s a convoluted question. There’s usually some form of authentication mechanism that authenticates active connections, ensuring an account does not go over, without logging anything to the server. The exact method of authentication varies with the VPN.
Hi everyone,
Any concerns about the Webroot Secure Anywhere product? It’s based in the US, so… Any reports of personal data misuse?
Thanks in advance,
Kimi.
I everyone,
Does anybody here have information about the ExpanDrive app? Any concerns on privacy leaks, personal information logging, and selling, etc.?
Is there any alternative to it?
Thanks in advance,
Kimi.
Given that Microsoft take most your data anyway, what are your thoughts on Windows 10 Defender as an AV solution. At least you are eliminating 1 additional (3rd party AV) company from the privacy feeding frenzy.
Yes, that’s actually not a bad choice.
Hi Sven,
Awesome blog. I appreciate the contents you publish.
One question: how safe are the aforementioned messengers, namely Signal, Wire and Threema? All of them use WebRTC/STUN, thus all leak your IP, right?
Is there any workaround?
Kindest regards.
Hi Kimi, I’m not certain about the use of WebRTC in messenger apps, but there shouldn’t be any issues with IP leaks if you are using the messenger app. Of course, this is very different from surfing the internet through a browser with WebRTC enabled, when a website you visit could hit your browser with STUN requests, so not really an issue.
Hi Sven, how are you? Need your opinion about the operating system issue.
Lately i’ve been worrying a lot about privacy, but still worry more about security. I use MacOS in my laptop but am considering changing to one of your suggestions. So, in terms of security, the Linux based systems are equal to/better than MacOS?
If not, do you think its a good solution to keep MacOS but use Tails through USB whenever i need more privacy?
Hello, yes, generally speaking, Linux offers more privacy and security than MacOS. That being said, everyone has their own unique needs and preferences, including applications for work and other needs, so it can be a tradeoff.
When you need more privacy and security, you may also want to run a virtual machine on your Mac OS. This is very easy to do, simply install VirtualBox (FOSS) and then install Ubuntu to start learning the ropes of Linux. This will be free and very easy to use. VirtualBox will just run from your dock like any app. You can use as many different VMs as you want, clone environments, run different VM operating systems, it’s a great tool. Tails also isn’t a bad option, but everything is routed through Tor, which has drawbacks.
Hi Sven,
I’ve been using a secure instant messenger client for a while now called qTox, which is at present the most polished client for Tox ( https://tox.chat/ ).
–
Simply put it’s a distributed (peer-to-peer) protocol supporting instant messaging, voice, video that offers end-to-end encryption.
–
There is also P2P file transfers and desktop viewing. The desktop viewing was a little quirky and I am unable to test the video calling since I have no camera.
–
It utilizes DHT swarms (like BitTorrent) to find and connect to your friends so it can be a bit heavy on a cellphone battery compared to centralized services like Wire and Signal. Tox has no signup, no account and no business entity.
–
All that is required is to download the Tox client of choice for your platform, run it to generate your ID, give your ID to someone and then people who know your ID can find you in the swarm.
JN
should we use debian or ubuntu for security in laptop.
It all boils down to personal preference, but Debian probably has an edge in terms of security.
Hi Sven,
will you make a guide for android users?
Hi John, I made a basic Android privacy guide a while back, but it is a bit outdated. I don’t spend too much time on Android, aside from occasionally testing Android VPN apps, but I’ll keep your feedback in mind for either updating that guide or coming out with something better.
Hello all.
I have a recommendation in the category “password managers”:
Password manager is more and more a must have, even more if you use 2FA’s in everyday life.
So, I work mainly with 1password and enpass. Enpass is a good alternitive to 1password.
Very important for me is the security, like “AES-256 Encryption” and “data are stored locally by default” (lesspass is only a online based password manager, I think). Bitwarden has some negative critics, because, there are lines in the code, who allows reload JavaScript from third party sources. In additional to this, in the app for iOS and Android are tracker included (Google Analytics, Google Firebase Analytics, HockeyApp).
An another recommendation in the cetagory “Advertisement, tracking, and malware blocker” is:
For the firefox user, Ghostery should be mentioned here as a very good add-on.
Thanks.
Hello, yes, a very in-depth password manager guide is upcoming (sometime in the next month or so). This page will get updated as well. Thanks for your feedback.
I have a question about Telegram message app. Is it still safe? I’ve researched a lot but haven’t found a decent answer
No, there is a reason why it is not included in the recommendations.
Messaging is not encrypted by default and even when enabling it, it is not end-to-end encrypted, allowing traffic to be intercepted at the server.
I would suggest using Signal, which is similar to WhatsApp (owned by Facebook), with the added privacy.
I looked at Signal, then wrote it off. They make big claims about being open source, but there’s no source on their web site, nor a pointer to anywhere it might be found. The only thing they have is a compiled binary, which is *only* available through the Google Store. Which involves creating a Google account, which is a deal-breaker in itself.
There’s a github project that claims to be the source for Signal, but since there’s nothing about it on the Signal page, it could be any random malware site looking for suckers.
Even if it’s all on the up-and-up, just looking at their web site showed an astonishing cluelessness about how trust and security work.
“Just say no.”
Interesting…Signal seemed to be one of the best, but from what you’re saying maybe I should rethink that. If not Signal, what would you suggest? Wire?
Signal website with links to source code
https://signal.org/docs/
“Over a billion monthly active users across the world are now using the Signal Protocol for end-to-end encryption.”
Over a billion monthly active users across the world are now using the Signal Protocol for end-to-end encryption.
Love your site/ blog!! Incredibly useful info here.
What about Whonix?
Any thoughts about the Whonix OS?
Vm inside a VM…..
F
Yep, Whoinx is a Debian Linux bistro that’s a good option for privacy and security.
Hi Sven, which operating system do you recommend of these? Mint, Elementary, or Zorin OS?
There are many factors to consider and nobody agrees lol. I’d opt for Mint, but that’s just me.
https://puri.sm/posts/purism-becomes-pia-first-oem-partner/
It seems that PIA is the new OEM partner of Purism and will be fully integrated in future Librem 5 phone. Sven, do you think that it is an advantage?
Hi Vector, I saw that. Well, they are both in the privacy business, but I’m not a fan of bundling unnecessary software on devices. I’m testing out PIA for a new review right now and I have to say it has certainly improved in the past year.
Hello all. I would like to purchase a laptop that still has Windows 7. This is obviously for reasons of privacy. However with support and updates ended for this OS is it still possible to set it up and still have safety and good performance? Thanks
If Windows 7 is no longer supported, and you need Windows, you could get a Linux laptop and run Windows inside VirtualBox.
Whatever happened to the ‘UnaPhone Zenith’ that Tutanota back in 2016-04-29 was thrilled enough to partner with?
https://tutanota.com/blog/posts/una-phone-zenith-crowdfunding/
–
How IT can spy on your iPhone or Android smartphone
https://www.computerworld.com/article/3259868/how-it-can-spy-on-your-smartphone.html
.
You Are the Product:
In an Internet world dominated by Facebook and Google, most people understand the phrase “If you aren’t paying for it, you are the product.” What people don’t understand is that this concept has also landed on the shores of the privacy industry. History has proven that as any industry becomes “hot,” marketers will inevitably enter it. Companies that have demonstrated little regard for privacy are now using misleading marketing messages to tout their free privacy services, all the while supporting themselves through advertising and selling user data. This leads to important questions, such as why did Facebook pay $120 million to buy a free VPN app? Why did a popular free browser proxy turn its free users into a botnet for hire? And, what’s next?
https://www.goldenfrog.com/blog/price-of-free-in-online-privacy-industry
What if I cant afford a new laptop? Any way to get security updates for Windows 7 from a third party or something after Microsoft stops putting out their own (And same question about Win7 support)?
Any other ideas?
I don’t think so as the code is not open source.
I have been using Mint and it has been great. A little learning curve.
Try different flavors and see what you like best.
Hi Miguel,
I’d say no to your security questions of Win 7, M$ not supporting patches any longer is like being dropped into a pit of lions or vipers.
– If you persist, try looking for just the Win 7 OS and add it to a partition on the laptop. (Duel boot w/ perhaps Win 10).
Being on the latest hardware will always be a performance driver.
Ebay has listings yet for Win7.
Win 7 wikipedia page mentions paid support for Windows 7 Professional and Enterprise for three years after the end of extended support.
See: Support lifecycle > https://en.wikipedia.org/wiki/Windows_7
Here’s an article mentioning more on end-of-life –
https://www.extremetech.com/computing/276582-microsoft-relents-confirms-extended-support-option-for-windows-7
–
If your not wanting go with Sven’s mention of Linux w/ Win 7.
Go with Win 10 and use some/all of these-
Edited Host file with every URL you can find calling out Windows telemetry. Still everything is doing telemetry today, drivers too.
.
Sphinx Win10FC = firewall that blocks everything by default, uses its own rules, it doesn’t set any in the Windows firewall, you can switch the WINDOWS Built-in Firewall ON or OFF at your option due to the completeness of Sphinx Win10FC products independence.
– Free version has limits, as it can not manage system applications (located in c:\windows\*) .
– Note: originally called the Windows Vista Firewall Control it updates to the latest name of Windows OS to sound current.
*From your computers stand point the Sphinx Win10 Firewall Control stops all the telemetry leaving your device.
https://www.sphinx-soft.com/Vista/
.
The Windows OS has plenty of it’s own telemetry going on, so the Blackbird (free-donation) program (no installation) takes care of
this and runs on all recent desktop editions (Home, Pro, etc.) and to the versions of Windows (Vista, 7, 8, 8.1, 10).
https://www.getblackbird.net/
–
Not knowing how you’ll go with an OS – anything Windows Updates are covered on this site (ex: safe, not, security only, risks, etc…) from the menu on the lower right.
https://www.askwoody.com/
Hope this is helpful : )
So, I should not trust a free AV, but trust a password-manager like the ones you mentioned above…. (??)
Anyone willing to put some light on this?
Recommended password managers = open source
Antivirus = closed source (and much more potential for invasive/malicious activity going on behind the scenes)
Hi Ghis,
You can see it this way –
Addon password managers = specific data stored securely in a vault area on your device accessible by a master password you’ve given.
*Browsers should never be used for saving login credentials…
**Local device storage is better than cloud storage that has the benefit to sync to your other devices – – but clouds are a bigger risk target to hacks, as not only yours but everybody’s data stored there.
Where as –
A / V security products have access to the whole device and it’s access to all sections data because it runs at a high system level privileges.
Think ‘administer’ versus ‘user’ privileges…
You can restrict it’s access by excluding drives, folders, files but unless that’s done it reach is the greatest of anything you’ll install to a device.
* It may even access the installed files of the ‘password manager’ but as I understand can not reach the vault area because your master password locks it out.
* * So if you’d consider both like dogs, a lap hound compared to a guard dog. Which bite impacts greater harm and who’s poop is more substantial…
Both you invite into a device but a wise choice of understanding and a research of the TOS and Privacy Policy, along of users experiences documented should weed out bad actors.
Hope my off the wall rendition – helps : )
What about AppMoat by Seventh Knight?
https://www.seventhknight.com/appmoat.html
https://www.seventhknight.com/eula.html
https://www.seventhknight.com/privacy.html
What about it – this an advertisement?
Since you can’t buy it yet – it’s to new to be trusted, no user reviews!
Why mention it then ???
Very Quick look seams similar in functions like VoodooShield.
What about Firefox Focus aka “Firefox Klar” ?
https://support.mozilla.org/en-US/kb/focus
https://blog.mozilla.org/blog/2016/11/17/introducing-firefox-focus-a-free-fast-and-easy-to-use-private-browser-for-ios/
Mainly on android and ios. Doesnt have as many downloads as the main firefox though.
It’d be cool to take a look at this browser and see if its worth all the hype or if its just another free tracking scheme like Opera.
Can it be configured just like normal firefox in your guides?
Hi Kevin, yes, that is a great solution for mobile devices (Android and iOS).
You have great confidence in Emsisoft antivirus. I have used Emsisoft antivirus in the past. It was fair in performance and it was not difficult to find better. At that point, I came to the conclusion that Emsisoft is itself, a virus. Have you tried to get that POS out of your computer? It invades everywhere and regenerates crap you remove. For months, elements keep cropping up everywhere. Emsisoft is a malignant hemorrhoid in a computer system.
Grover is it your cold and need to get your temperature going to warm up something. Without any facts and links in support of your proof, your just spouting useless and false tales around about your own opinions that are groundless and useless to anybody else otherwise… Lets be fair by proving some proof for everyone : )
–
As I see it, there is no best Antivirus marketed today and I’m a little put off by the AV industry as my research into it leads me to hope for better of them in 2019 onward. https://restoreprivacy.com/antivirus-privacy/
– But, at lest Emsisoft makes the point to tell people about their security and privacy practices. As Emsisoft is pushing the knowledge out about how both benefits you and other helpful articles in their Blog posts. https://blog.emsisoft.com/en/
–
Besides an A/V’s roll covering the whole system – this leads to infringing on users’ privacy. As they then can be a backdoor to devices of your personal data, documents, and files. As far to going in intercepting the web traffic run on it. You can’t block them by a firewall as need for verifying file maliciousness and updating itself exists.
– As A/V’s run it’s access with high system level privileges, then for an whoever entity that leverages them – they have to comply with the laws of the countries in which they are established.
– Not only do A/V security software’s reduce the HTTPS connections security, but also introduce vulnerabilities such as in a failure to validate sites certificates properly. https://zakird.com/papers/https_interception.pdf
–
So Emsisoft gets mentioned here, not as perfect but, as a conscientious antivirus provider who respects their users private data, and to only using it when absolutely necessary, while other A/V’s are much less scrupulous in the very same roll.
@ Sorry but it almost sounds like your torrenting or download pirated stuff that puts your infections there or it respawn from. With an A/V software turned off – is in NoWay going to protect the system it’s installed on. Excluding hacks, cracks with it = same…
https://blog.emsisoft.com/en/category/protection-guides/
Please don’t torment yourself without supplying the facts/links in making such further accusations about any A/V – friend : )
ON A WINDOWS BOX ? Give this a thought…
Should a local or a Microsoft account in Windows 8 and/or 10, be used?
–
What is a local offline account in Windows ?
A local account is a ‘username and password’ combination that you have likely used to log into any of the legacy Windows operating systems of the past – that is before 8 and 10 came to be.
It grants you access to the system’s resources and allows you to customize it of your settings and preferences. As a local user account in Windows 8, 10, it will allow you to install the traditional desktop apps, personalize your settings and use the operating system the old fashioned way (desktop) or limited somewhat in the Metro UI.
{Please offer knowledge on Metro, I’ve stripped most of it out long ago.}
Of course, in using a local offline account it must be created for a single system each time, so if you have any multiple of systems/devices, you will need to use a different local account for each of them.
–
What is a Microsoft account?
Starting with Windows 8, Microsoft has tried to push users to sign into Windows with a Microsoft linked account. Some features of Windows 8 and Windows 10 require access to the Microsoft cloud, and you therefore have to authenticate the device with a Microsoft account.
-[For a complete list, just type “sync” in the Start menu or Start screen.]-
A Microsoft account is the rebranding of any in the previous accounts for Microsoft products. If you have ever used services like Hotmail, Outlook.com, Skype, or devices like Xbox game consoles or Windows smartphones, then you are sure to have a Microsoft account already.
– By rebranding and combining all these different accounts, Microsoft allows for a complete integration of all their services into a single online account. This means that you can use it to get access to everything connected to the Microsoft ecosystem. It means M$ knows a lot about U.
–
The main difference – mostly it’s about trusting your privacy with M$.
The big difference from a local accounts stance, is that you use an email address instead of a username (in local account) to log into the operating system. So you must use either a Microsoft indentured email address (hotmail.com, live.com or outlook.com), or Gmail, and even your ISP specific email address to create your Microsoft account. This type of sign-in as the cloud process is meant that you cannot remove your system account password protection.
You can only change it.
– Also, signing in with Microsoft account allows you to configure a two-step verification system of your identity each time you sign in. This requires you to enter a security code each time you sign into a device that is not on your trusted list.
– Is this not as bad as using Google products for most everything as well ?
https://restoreprivacy.com/google-alternatives/
–
Some Pro’s and Con’s
This is all on top of Windows known Telemetry in it’s OS systems.
– You’ll likely have access to the Windows Store but, if you use Windows 8, 10 Home, you cannot download and install apps without a Microsoft account supplied. Windows 8, 10 Pro, Enterprise or Education, you can download and install apps from the Windows Store, but only if they’re free. You must sign in using a Microsoft account so that their paid licenses are associated with you.
– A local offline account in Windows, pertaining to your system settings will not be synchronized across any of the computers and devices you may also have.
– Ensure signing up/in Windows by creating a local account – simply disconnect your computer from the Internet when you install Windows 8, 10 it’s that easy to see a different menu.
– A downside of this Windows account feature is that whenever you log on to your Windows computer, you’ll also sign in to the Microsoft’s cloud. *This means that Redmond knows when you sign in, and from where. NOT everyone feels comfortable with this power given to M$ by itself.
Boa tarde Sven gostaria de usar o Starpage mais possuo problema com imagens sexy poderia me ajudar com indicação de um filtro para imagens ou até total remoção de imagens do Star page .
Good afternoon Sven would like to use the most possible Starpage with sexy images could help me with the indication of a filter for images or even the total removal of images from the Star page.
Hi dwg,
Try looking here for what your wanting to do or settings changed.
https://support.startpage.com/index.php?/Knowledgebase/Article/View/192/5/what-is-your-family-filter-and-how-does-it-work
or
https://support.startpage.com/index.php?/Knowledgebase/Article/View/1162/19/the-family-filter-is-blockingreturning-too-much-content-how-do-i-turn-it-off-or-tighten-it
or
https://support.startpage.com/index.php?/Knowledgebase/Article/View/1237/19/video-results
Great site Sven! Regarding another privacy site, privacytools.io, that site is contradictory. It says that “You need your browser to look as common as everyone else. Disabling JavaScript, using Linux, or even the TBB, will make your browser stick out from the masses.” And yet it advertises the like of NoScript and Linux systems. Does the person running it not know that making all the changes to Firefox’s about:config as shown, and installing the advertised browser extensions, will make a person’s browser stand out more?
Hi Paul, yes, that is the tricky issue with browser fingerprinting, it is a catch-22.
Hi Paul,
It’s comments like yours I keep hoping to see show up here as more people find the site. I try to offer insights that I understand as well.
Good points you’ve brought up – Sir : )
Hi Sven,
I currently use VoodooShield (VS) and it seems to me that the privacy terms related to product are not abusive – at least it looks like VS just collects very minimal information that is not aimed for re/selling.
https://voodooshield.com/
https://voodooshield.com/Privacy.aspx
https://voodooshield.com/Terms.aspx
VoodooShield is a kind of security software that complements the AV programs and it simply locks the system (something like a NoScript for Windows system) by preventing any process to run outside those who has been white-listed. It is not open source but it seems to me like a good option for security reason which impacts to certain extend the privacy. I was wondering have you ever tried VoodooShield and would you please share your opinion? In this regard, do you know any website similar to the one of https://thatoneprivacysite.net/ where the terms and conditions related to AV products have been analyzed? I am thinking that probably after the Kaspersky public issues maybe someone has publish some interesting article about the privacy aspects of the AV products. Thanks.
Hi Vector,
I’ve tried VoodooShield for a short time and couldn’t get the knack of my system running it. That was back some years ago…
You can see some favorable users opinions here about two years ago and beyond that – https://malwaretips.com/threads/voodooshield-have-you-tried-it-would-you-recommended-it.61800/page-4
Then an extensive users talk and time coverage of it here – https://www.wilderssecurity.com/threads/voodooshield.313706/
–
I use to used KIS by Kaspersky back 3 years ago till VPN.ac said not too as they said it’ll cause me problems with their clients. Same troubles I suppose happened with AdGuard, as it ran into priority problems with the order of some kind of KIS driver calls made in my system – in about the same time frame of events before loosing KIS.
Then I caught word that the US defense departments dropped it from their ‘to use list’ of software’s as it’s founders were suspected of KBG ties as reviled – all before the last presidential election scandal’s broke.
I completely moved over to Emsisoft Internet Security that’s gone now. It has since merged with Emsisoft Anti-Malware.
https://blog.emsisoft.com/en/28245/merging-emsisoft-internet-security-with-emsisoft-anti-malware/
–
AV products have been analyzed? About your metadata privacy you mean? Good point, what else has free run to every nook and cranny of your system. Even to whats known of VirusTotal, as I use it as a second opinion or first understanding to a lot of things.
There are others in this lineup of file uploads in online checking services, even the online scanners of the most popular anti-virus/malware vendor’s to run scans and check out your PC for free. What else do they find out about you?
–
Only one study I know of was done in 2014 by AV-Comparatives, for Data Transmission in Internet Security Products.
http://www.av-comparatives.org/wp-content/uploads/2016/12/avc_datasending_2014_en.pdf
Emsisoft Blog had a post JUNE 26, 2015 covering Antivirus software: protecting your files at the price of your privacy.
https://blog.emsisoft.com/en/17153/antivirus-software-protecting-your-files-at-the-price-of-your-privacy/
AV Comparatives did not include questions about data retention which is unfortunate. Some companies may use the transmitted data only to determine the correct course of action, while others may save it for a period of time or maybe even forever.
It has been suggested that users only download and install products of reputable companies, and that they read the End User Agreements before they do.
–
Despite claim’s they anonymize any user’s data that’s collected. If they anonymize your data, don’t you think they are able to un – or de-anonymize this same data just as easily on their end?
– Then when you do install something run the terms through the below program-
EULAlyzer Personal / Free for personal & educational use – https://www.brightfort.com/eulalyzer.html
Would be nice if thatoneprivacysite would branch out and cover the A/V likes there too…
Thanks : )
Disposable email addresses providers like Burner Mail and Blur are also privacy tools.
Good point Mark, I’ll consider that for the next update.
33MAIL is another one I can say works very well.
[ Create a new e-mail address whenever you need one. Maintain complete control over active addresses. Forwards all mail to your existing e-mail address. You can even reply anonymously to emails forwarded by 33Mail. Never receive unwanted e-mail again! ]
Hi Sven and Mark,
@Sven I don’t know if disposable email address are really a privacy tool, when Private Email >Best Secure Email Providers list on your site already, offers Aliases – through their services. Although most of the encrypted mail services offered there, you can’t easily delete an alias but only disable it from being active.
–
@Mark did you know Abine Blur recently compromised it users. I don’t believe this was out of wilful miss-conduct but more to a problem of gross negligence.
https://www.abine.com/blog/2018/blur-security-update/
–
Even my own mention of 33MAIL deserves scrutiny, as I don’t see a Privacy Policy offered on it’s site but only a TOS, and usually one or the other gives an indication to their actual address of location and/or jurisdiction.
And a whois look up doesn’t offer much to their location – https://www1.domain.com/whois/whois.bml
– FYI, the US may be headed to a recession as the trade wars and now General Motors layoffs lay the indications of more to come.
What is your opinion on Riot? It is based on the Matrix protocol.
https://about.riot.im/
How do you like the open-source XMPP clients like Gajim? Particularly Gajim may use the OMEMO protocol.
https://gajim.org/
Hi Vector, I like Riot quite a bit. I haven’t looked into Gajim much yet.
Unfortunately, Gajim is not multi-platform messenger (no iOS, no Android support).
I am not sure what’s happened with Jitsi and particularly with the support of OMEMO protocol. They implement the OTR protocol but I am not sure whether it is not a bit obsolete.
https://jitsi.org
is https://jitsi.org similar jabber ? thanks a lot
The most widely used privacy tool anyone has is setting right behind their eyes. Called common sense or that gut feeling, trust your instincts that your brain gives to you.
-One practice I find helpful is to limit the installed programs to what I need and use, uninstalling those that have had little use to me in 6 months of the year.
–
How many people actually read a ‘EULA’ license agreement of the software they install?
Or for that matter of a Website’s Privacy Policy to make sense of the nonsensical?
Don’t just write off the ‘EULA’ license agreements and Privacy Policies as too long and verbose to read…
And other similar documents, including language that deals with:
Advertising – Tracking – Data Collection – Privacy Related Concerns
Installation of Third-Party / Additional Software
Inclusion of External Agreements By Reference
Potentially Suspicious Clauses
–
You know in todays world that it’s important to know things like-
1. If the software you’re about to install, displays pop-up ads, transmits personally identifiable information, uses unique identifiers to track you, or much more.
2. Of a website’s privacy policy for potentially interesting words and phrases, then what roll Third-Party External Agreements play.
–
Know What You’re Getting Into – Pop it into EULAlyzer .
This ones free as you do some work for the results.
http://www.brightfort.com/eulalyzer.html#Overview
–
EULAlyzer Pro for powerful and instant analysis using EULA-Watch, supports automatic license agreement detection and scanning for most major software installers.
http://www.brightfort.com/eulalyzerpro.html#EULAWatch
Note: This program does not provide legal advice.
You should always consult a lawyer for advice on legal issues.
http://www.brightfort.com/privacypolicy.html
The Good Trustworthy Antivirus programs should be in the Ranks above.
To thwart off malicious and unwanted software, and to reliably prevent phishing- and ransomware-attacks.
STAY away from the Free versions and you really don’t need their Internet Suites that some offer in all the bundled sub products.
I like to call these Jack of all Master of none…
–
Privacy – (taken from #5) https://blog.emsisoft.com/en/29702/choosing-antivirus-software-2018/
Some are extensively collecting data about your computer usage to improve their products. While simple product usage telemetry is usually anonymized, some products may also upload suspicious files from your computer to the vendor’s scanning cloud. You need to be able to fully trust that the vendor will handle your files responsibly, ethically and securely. After all, a private document could be part of such an upload, too.
–
Free Versions – “Has the antivirus industry gone mad?”
https://blog.emsisoft.com/en/11550/has-the-antivirus-industry-gone-mad/?ref=offer000012&utm_source=newsletter&utm_medium=newsletter&utm_content=mainnews&utm_campaign=offer000012
Fact: 7 out of 8 tested free antivirus suites bundle with PUPs
Comodo AV Free: changes home page and search engine provider to Yahoo during the installation process, unless the user unchecks the box.
–
Avast Free: offers Dropbox during installation by default, unless you uncheck the box.
–
Panda AV free: installs Panda Security toolbar, yahoo search takeover and MyStart (powered by Yahoo) home page takeover.
–
AdAware free: installs WebCompanion by default unless user unchecks the box. Also installs Bing Homepage takeover and Bing search takeover by default, unless opted out.
–
Avira free: offers Dropbox after installation. Takes over search with Avira Safe Search, which is a a white-labeled version of the Ask toolbar. Avira does disclose that it partners with Ask.
–
ZoneAlarm free AV + Firewall: with Custom Install: Zonealarm homepage and search takeover.This is a rebranded Ask toolbar, which is not mentioned on ZoneAlarm’s website.
–
AVG free: installs Web Tuneup, including AVG SafeGuard. Sets AVG Secure Search as homepage, new tab page and defaults search engine. Toolbar is Ask powered, although this is not explicitly stated. Also offers AVG Rewards, which displays popup advertisements with coupons and deals.
–
When the product is free the real product is YOU
Excellent points, Hard Sell, thank you. I’m going to update this guide with that information. Emsisoft is a solid choice and is one of the few AV’s that give you both security and privacy.
I agree about Emsisoft’s security and privacy practices, and then their always trying to get the word out about both.
Here’s some interesting facts you may find helpful to reference of anti-virus companies.
https://www.ivpn.net/blog/are-anti-malware-products-uploading-your-private-data
–
https://sanfrancisco.cbslocal.com/2017/03/08/wikileaks-cia-documents-antivirus-software-reviews/
–
https://blog.emsisoft.com/en/17153/antivirus-software-protecting-your-files-at-the-price-of-your-privacy/
Hello all
If – one key consideration is your digital threat model.
I’d definitely set the privacy bar HIGH there – as with all the Corporate, Government, and Web advertising entities collecting your data massively like never before.
A picture develops from all your collected data that can be like looking at a cross-cut of an adult tree growth rings, they’ll see an extended picture of your online life with all the collected data – just think of a two year period online what could be learnt of ourselves.
–
Did you know some advertisers attach the MAC address of a users devices to their demographic profiles so they can be retargeted even if the user clears their cookies and browsing history.
Clearing cookies doesn’t help you with web bugs and respawning cookies by the way.
–
If that old saying – Fruit doesn’t fall far from the tree – think about your offspring and relatives having similar likes as yourself, that your online habits and interests could most likely & will affect them.
How I try to guard my privacy and remember once it’s captured by one entity it can be shared, hacked in to, or go into a data base to live on for a very long time.
–
I’m running a 8.1 x64 Windows rig with IE 11 / Slimjet browsers, SSD and 16GB Ram. No Pen or Touch for display, no camera.
I’ve cleaned out most of the Metro crud for mostly a desktop experience as of the older Windows OS’s.
StartPage = my homepage and search engine.
Emsisoft = my main anti-malware.
Malwarebytes = 2nd line layer for malware defense.
RoboForm = (locally) not cloud, password manager for website logins with a strong password generator (usually at 20+ characters).
Maxa Cookie Manager = DATED / but still works covering many browsers – cleans cache, history, timed auto cookie deletion, w/ cookie evaluation – white/black lists, last update was 12 February 2014.
Adguard = ad blocker w/ personal privacy modules and stealth settings, really a lot more it has to offer than blocking ads.
VPN.ac = hides real IP – server side DNS, never surf without it.
VPNCheck Pro = DATED / DNS leak fix, changes your MAC address automatically but also your Hostname and Computer name, this also applies for all the Computer ID sniffer algorithms on networks.
Shadow Defender = runs your system in a virtual environment with no change to your real environment.
AOMEI Backupper Pro = is a complete yet simple backup software for Windows PCs and laptops, supports system/disk/files/partition backup & restore, file sync, and system clone as well as provides scheduling backup, merge images, dynamic volumes backup, UEFI boot, and GPT disk backup.
Sphinx Win10FC = firewall that blocks everything by default, uses its own rules, it doesn’t set any in the Windows firewall, you can switch the WINDOWS Built-in Firewall ON or OFF at your option due to the completeness of Sphinx Win10FC product independence – free version has limits as can not manage system applications (located in c:\windows\*) .
Note: originally called Windows Vista Firewall Control it updates to the name of current OS to sound current.
The most understandable detailed review I’ve seen here-
https://msfn.org/board/topic/174417-sphinx-windows-er-10-firewall-control/?tab=comments#comment-1107771
–
Most of the above have free versions but, all these I use are paid for except the web browsers – search engine.
Although free has more of a consequence to an individuals privacy, there is really no guarantee that a paid product by way of your paying for it, offers you any more of a guarantee that of your data won’t be collected and then sold on to others. From your computers stand point the Sphinx Win10 Firewall Control stops all the telemetry.
The Windows OS has plenty of it’s own telemetry going on, so the Blackbird (free-donation) program (no installation) takes care of
this and runs on all recent desktop editions (Home, Pro, etc.) and the in versions of Windows (Vista, 7, 8, 8.1, 10).
https://www.getblackbird.net/
–
I also run two system cleaners-
R-Wipe & Clean = automatically at browser close for browser / user set tasks, and at system shut down for full computer task list.
PrivaZer = automatic and manually at browser close for internet traces, and once weekly on the c\:drive.
HOPE this helps some people to know what steps I feel necessary in todays era of the internet.
I said ‘The most understandable detailed review I’ve seen’ about ‘Sphinx – Win10FC’ was with that above link, I forgot about this more detailed one.
Allowing network access to only trusted programs is a fundamental step in increasing your security and privacy. Windows 10 Firewall Control is a simple free/paid third party program to control and monitor the network activity of applications. It prevents undesired information leaks for incoming and outgoing connections for applications running locally or remotely on Windows.
–
Windows 10 Firewall Control puts you in control of all network communications your PC has. It can prevent applications from “phoning home”, sending “telemetry”, showing advertisements, checking for updates without your permission and so on. It’s very useful to detect and stop zero-day malware by blocking its network activity. By adopting a block-everything-by-default approach and allowing access to only whitelisted apps, Windows 10 Firewall Control gives you full control over network communication.
–
The application is very compact, has a small installer and low memory footprint. It’s compatible with Windows 7, 8, 8.1 and 10. The installer includes both 32-bit / 64-bit versions and automatically installs the appropriate version. Both IPv4 and IPv6 protocols are fully supported.
What’s special about Windows 10 Firewall Control is that it blocks connections by default, automatically detects when a program on your computer is trying to connect and shows a clear notification prompt asking your permission to allow or disallow it. Although the built-in Windows firewall includes a prompt for inbound connections, Windows 10 Firewall Control goes one step further and shows you prompts for outbound notifications too. The ease and transparency in setting up it’s firewall permissions for desktop and Store apps is what sets this program apart.
–
You can set the desired network permissions for any program easily with a single click. The most safe and reasonable permissions are advised automatically. A rich set of predefined permissions is available, you can choose and apply the chosen permission anytime.
It has an optional balloon notification that instantly pops up and includes detailed activity of each app and a description of why the app was blocked or allowed.
Both, already established and potential app connections are listed. In the paid versions, a predefined set of permissions (security zones) can be set for each program and activity type. A zone can be applied to any application with a single click. You can customize a predefined zone or create a new one that fits your needs precisely.
–
Many other features are included and the application is continuously being improved for many years. For instance, there is a way to automatically configure hardware routers/firewalls, create a safe virtual sub-network inside a single local network and control network permissions remotely. The application’s features are configurable such as disabling popup for new detected program trying to connect, suppress the log balloon, change the sound used for the prompt, import/export settings, password protect the settings panel and others. Windows 10 Firewall Control runs from the notification area (system tray) and also has taskbar integration.
–
The program has a simpler, free version but the advanced features are available in paid versions. All versions and editions are available in English, German and French. Very careful and personal support is available for free. You can compare the features available in the free version and the paid versions here: http://sphinx-soft.com/Vista/order.html