The world is changing fast and your private data is at risk whenever you go online. Numerous entities, both public and private, are working hard to track, monitor, and record your digital activities. There are many reasons for this:
- Advertisers (including Google and Facebook) want to know everything about you, including your web browsing history, location data, contacts, and more. This makes it easier (and more profitable) to serve you targeted ads and influence your purchases.
- In an age of pandemics and lockdowns, many governments around the world are working hard to track movement and biometric data of their citizens.
- ISPs (internet service providers) are spying on their customers and feeding this data to various third parties, including advertisers and government agencies. In many countries, this is not only legal, but required. See for example in the United Kingdom (with the Investigatory Powers Act), United States (Senate Joint Resolution 34), and now also in Australia (mandatory data retention).
- The internet is also becoming less free due to censorship efforts and content blocking. Whether it is China, Germany, the UK, or the United States, various groups are working hard to censor content online.
But don’t get discouraged. Alternative technologies are experiencing a renaissance as awareness about these issues grows and people seek out solutions. Indeed, for all of the problems listed above, we find excellent solutions to give you more privacy, security, and freedom in your digital life. And that is the purpose of this guide: to give you solutions. Here’s what we’ll cover in this guide:
- Secure and privacy-focused browser
- Virtual Private Network
- Ad blocker
- Password manager
- Secure and encrypted messaging
- Private search engine
- Private email
- Operating system
- Antivirus software
- Conclusion
But before we begin, one key consideration is your threat model. How much privacy and security do you need given your unique situation and the adversaries you may face?
Most people today are seeking protection against online tracking by advertising networks as well as a higher level of privacy and security. Others, such as investigative journalists working with sensitive information, would likely need an even higher level of protection. So keep this in mind as you proceed. Everyone is unique in their approach to privacy and security; there is no one-size-fits-all solution.
So here’s what you need:
1. Secure and privacy-friendly browser
Everyone needs to be using a secure and privacy-friendly browser for three important reasons:
- Browsers have a large attack surface and can be compromised in many ways.
- By default, most browsers contain lots of private information, including your browsing history, usernames, passwords, and autofill information, such as your name, address, etc.
- Browsers can reveal lots of identifying information about your location, system settings, hardware, and much more to third parties.
Secure Browsers: Based on my own tests and experience, here are the most secure browsers that also respect your privacy:
- Brave – Brave is a chromium-based browser that is very privacy-focused right out of the box. By default, it will block ads and trackers, and it’s also customizable, fast, and has built-in protection against browser fingerprinting.
- Firefox (modified) – Firefox is a great browser for both privacy and security after doing some modifications. It is highly customizable to give you the level of security and privacy you desire, while also being compatible with many browser extensions. See our guide on how to modify Firefox for more privacy.
- Tor browser – The Tor browser is hardened version of Firefox that also utilizes the Tor network by default (but this can be disabled).
- Ungoogled Chromium – As the name suggests, Ungoogled Chromium is a stripped-down Chromium browser that has been “Ungoogled” for more privacy. Source code is here.
- Bromite (Android) – Bromite is a Chromium-based browser for Android platforms only (no support for desktops). It is a great mobile browser with ad blocking and built-in privacy protections.
Of course, there are many browsers on the market and choosing the best one all comes down to your own needs and tastes. Chrome, Opera, Safari, and Vivaldi also get some attention, but they’re not the best choices from a privacy standpoint.
Worth mentioning: Don’t use a browser-based password manager, which will store your usernames and passwords in plaintext, thereby leaving them vulnerable to exploitation. Passwords saved in browsers are popular targets for hackers.
2. Virtual Private Network (VPN)
Using a good VPN (virtual private network) is one of the simplest and most effective ways to protect your privacy, secure your devices, and also access blocked content online. A VPN is a critical tool to be using, especially with internet service providers spying on their users.
Here are some of the problems that VPNs solve:
- ISP Spying – A VPN will encrypt and anonymize your internet connection. This makes your traffic completely unreadable to your ISP and other third parties.
- Blocked content – A VPN will let you easily get around blocked content and censorship. Simply connect to a VPN server in the region you need and access the website or stream as normal.
- IP and location tracking – Many websites and advertisers track users through their IP address. With a VPN, your IP address and location will be replaced by the VPN server’s IP address and location.
- Copyright issues – Torrenting and streaming media from third-party sources can come with some risk in the form of copyright issues. A VPN will anonymize your IP address and help keep you safe.
I have tested all of the popular VPN services and the results can really vary. Below are our current recommendations that are private, secure, fast, and reliable on many platforms.
Above are the top three VPNs that performed well in testing for the respective reviews. We have other recommendations and providers in our guide on the best VPN services.
And if you are new to VPNs, we have a general VPN overview here, which covers all the important details.
3. Advertisement, tracker, and malware blocker
A good ad blocker is essential for privacy and security reasons. From a privacy perspective, it’s important to block ads because they also function as tracking by recording your online activity to create an intimate user profile. This data is then used for targeted ads and/or sold to other parties.
Ads are also risky from a security perspective because they can contain malicious code that can infect your device when a web page loads – no clicks required.
Effectively blocking all ads is the only way to go. Here are a few different options from our guide on the best ad blockers:
- Browser ad blocker extensions – Browser-based ad blocker extensions, such as uBlock Origin are quite popular, but they also come with some tradeoffs. Online ads may still be using up resources and tracking you, even if the ads are not being displayed. Choose your ad blocker carefully – some ad blockers, such as Ghostery and Adblock Plus will collect user data for profit and/or show you “approved” ads.
- Ad blocker apps – A dedicated app will most likely do a very good job blocking ads on your device. One popular and well-regarded option is AdGuard.
- VPN ad blocker – Another option is to use a VPN that offers an ad blocking feature (VPN ad blocker). I tested various options for the VPN ad blocker guide and found most to work well.
- Ad blocking on a router – Ad blocking on a router can be accomplished various ways – from using ad blocking DNS to loading custom filter lists onto your router.
- Pi-hole – Pi-hole is a network-wide ad blocker that functions as a DNS server and can be deployed in various ways. It is most often used on a Raspberry Pi, connected to your home router (but there are many other different setup options).
The best ad blocking setup will depend on your situation and needs. If you have numerous devices you use at home, setting up a network-wide ad blocker would be a good solution for blanket protection. uBlock Origin remains a popular option for browser-based ad blockers. However, I like NordVPN with the CyberSec feature as a simple, all-in-one solution for VPN and ad-blocking.
4. Password manager
The topic of passwords is actually quite large, encompassing password strength, password management, and password storage. In this section we’ll focus on password management and storage. Many people store passwords directly in the web browser — but this can be risky.
A more secure method is to use a dedicated password manager app. And note that a dedicated password manager can also offer browser extensions that are convenient and secure. Here’s a screenshot of Bitwarden, which is one of our favorites:
Here are the best password managers we have tested:
- Bitwarden – A free and open source password manager that is user-friendly and secure. (See our Bitwarden review.)
- NordPass – From the makers of NordVPN and NordLocker, NordPass is a secure, user-friendly password manager that has also passed a third-party audit. (See the NordPass review here.)
- 1Password – Another great option is 1Password, with many features and strong security standards for all types of devices (our 1Password review has more info).
- KeePassXC – As a locally-hosted password solution, KeePassXC differs from the others on our list. See the pros and cons of this password manager in our KeePass review.
Start using a good password manager today.
5. Secure and encrypted messaging apps
Many people are turning to secure and encrypted messaging apps over concerns with privacy and security of other popular messengers. For example, WhatsApp collects and shares data from your phone with Facebook, the parent company of WhatsApp. If you find this concerning (and you should), then consider some of the secure alternatives below.
Additionally, with the inherent limitations of email, we recommend a secure messaging app for those wanting the most secure messaging platform possible. The secure messaging apps below utilize strong encryption standards and work well for teams or individual use on various operating systems and devices.
- Signal – This is probably the most popular secure messenger with a rapidly-growing user base. It is free, open source, and very secure. We really liked how it performed in our Signal review — but also noted some drawbacks, such as the need to use your phone number for verification.
- Wickr Me – This is another great option for secure messaging, with some unique privacy and security features. Like Signal, Wickr Me is also free. See our Wickr Me review for the good and bad.
- Wire – Based in Switzerland, Wire is another great option that is secure, user-friendly, and fully featured. While there is a free version for personal use, it is hard to find, as described in our Wire messenger review.
- Threema – This is one of the few paid encrypted messengers, but it’s only $2.99 for a lifetime license. Threema is also based in Switzerland and is open source. See our Threema review here.
- Telegram – Telegram is a very popular encrypted messaging app out of Russia, but it also is not encrypted by default. See the pros and cons in our Telegram review.
With all of the people abandoning WhatsApp and going over to Signal, there’s a better chance to connect with people you know on a secure platform. This trend kicked off early last year and we hope to see it continue!
Note: Also keep in mind that standard SMS text messages are not secure or private. They can be read by your phone service provider and are susceptible to man-in-the-middle attacks and also eavesdropping by Stingray devices. When privacy matters, use a good secure messaging app.
6. Private search engine
The big search engines (Google, Yahoo, Bing) record and track your searches, which helps them to build a user profile for their advertising partners.
Consider these privacy-friendly search engines instead:
- MetaGer – An open source metasearch engine with good features, based in Germany.
- Searx – A privacy-friendly and versatile metasearch engine that’s also open source.
- SwissCows – A zero-tracking private search engine based in Switzerland, hosted on secure Swiss infrastructure.
- Qwant – A private search engine based in France.
- DuckDuckGo – A private search engine based in the US.
- Mojeek – The only true search engine (rather than metasearch engine) that has its own crawler and index (based in the UK).
- YaCy – A decentralized, open source, peer-to-peer search engine.
There are also a few “private search engines” that are now owned by advertising companies. For example, Startpage was bought out by System1, a pay-per-click ad company. For more information, see our guide on private search engines.
7. Private email
Many of the popular email providers, such as Gmail, Yahoo, and iCloud are not good choices when it comes to privacy. Would you want random people having full access to your emails, collecting data for targeted ads, or passing the information on to third parties? This actually happens.
- Gmail gives third parties full access to emails and also tracks all of your purchases by reading the receipts in your inbox.
- Advertisers are allowed to scan Yahoo and AOL accounts to “identify and segment potential customers by picking up on contextual buying signals, and past purchases.”
- Yahoo was found to be scanning emails in real-time for US surveillance agencies.
And while Gmail remains the most popular service in the world, you pay with your privacy. Consequently, as awareness about these issues grows, many people are seeking alternatives to Gmail.
If you care about privacy and the security of your data, consider these secure email services. And if you want to learn more, check out these reviews:
- ProtonMail Review
- Tutanota Review
- Mailfence Review
- Mailbox.org Review
- Hushmail Review
- Posteo Review
- Fastmail Review
- Runbox Review
- CTemplar Review
Note: We also have a guide on encrypting email.
8. Operating system
Consider using the free and open source Linux operating system. There are many different versions of the Linux operating system designed for different types of users:
- If you want the look and feel of Mac OS or Windows, check out Elementary OS.
- Ubuntu, Mint, and Debian are other popular options.
Tails is another privacy-focused operating system that can be run live on a USB drive, CD, or SD card.
Problems with Windows and Mac OS
Windows – The latest version of Windows (Windows 10) is a platform built for total surveillance – giving corporations and governments complete access to everything you do on your machine. Aside from data collection concerns, most malware targets Windows users – another serious drawback and security risk.
Mac OS – While Apple may be slightly better in terms of privacy, it too has problems. Just like Microsoft, Apple has configured its operating systems to collect vast amounts of your private data, whether it is browsing history through Safari, connection data, location services, and more.
9. Antivirus software
While not necessarily a “privacy” tool, using good antivirus software may be wise depending on your situation. The problem, however, is that many antivirus solutions abuse your privacy and may come with some invasive and “unwanted” additions.
Just like with sketchy free VPN services, free antivirus software can also be problematic. In testing eight popular free antivirus suites, Emsisoft discovered that seven of them were bundled with PUPs (potentially unwanted programs), which can be harmful and very annoying. Tip: avoid free antivirus software!
Another major issue is privacy. Many popular antivirus suites utilize invasive data collection, to include browsing history, “suspicious” files, metadata, and more. Carefully read through the privacy policy of your antivirus before installing.
Although Restore Privacy does not devote much attention to antivirus software, one solution that offers the highest levels of security while also respecting user privacy is Emsisoft. Another potentially good option, which is entirely FOSS, is Clam AV.
See also the antivirus privacy guide.
Conclusion: Restore your privacy and take control of your data in 2022
That’s all for now, although this guide will continue to be updated with more privacy tools and information.
Comments?
If you have any feedback, tips, or suggestions based on privacy and security tools you are using, feel free to drop a comment below!
“The company’s stab at the biometrics checkout market has raised debate about data storage and tracking.”
https://www.theguardian.com/technology/2022/may/17/mastercard-launches-smile-to-pay-amid-privacy-concerns
Steven, I’d like to suggest that you test and review drive wiping software such a CCleaner and PrivaZer and others on a Windows machine. To test it out, you could wipe a drive and then run the same forensic software that the NSC would use to see if these wiping apps really do get rid of all you browsing history, thumbnails and sensitive files.
What do you think?
Hi Mega1
You may find this article of interest:
https://www.techradar.com/reviews/piriform-ccleaner
I don’t believe CCleaner would get a pass mark for privacy:
“Some users may find it useful to note that CCleaner runs constantly on the background of your computer and reports anonymous user data to its developers. While this is a mostly harmless feature and no sensitive information is shared, you may just want to be extra careful about installing this piece of software.”
“… the free version includes very intrusive pop-up ads that one might find it difficult to work with.”
I personally haven’t seen or been bothered by these mentioned ads, maybe because of my add blockers.
My view is that CCleaner can be useful for a person who needs the services CCleaner provides.
Myself, I periodically (not often) download and run it to see what it finds.
I do that for a couple of days then then uninstall it.
On the whole, before I started learning CCleaner was a very important tool for me, now it is less unneccessary.
For Windows users the >’netstat’ command can be handy.
(It shows the connections your devise is making to remote servers. Boy!)
It was interesting for me to run ‘netstat’ then clean with CCleaner then run ‘netstat,’
You have the tools, maybe do some testing..?
(If you have an add blocker the change won’t be as dramatic)
So you need to decide if CCleaner is a good tool for you
Maybe you should test for yourself?
BeBeX
The statement, “If something sounds too good to be true, it is” comes to mind.
Such is the case here: [https://www.unspyable.com]
Or is seems. I cannot put my finger on it but something reads…off.
Maybe I am wrong and if so, please correct me. But parts of this system looks good and others…not so much.
Any opinions would be good. Thanks.
Disroot is a very interesting operation. They’re based in Amsterdam, Netherlands and are a privacy-focused, all volunteer outfit. Their products are all free the ability of users to being send OpenPGP encrypted emails through their web-based email service (they have an app on F-Droid), choose Disroot’s client or Mozilla’s Thunderbird for desktop emails, have decentralized chat thanks to their partnership with Matrix, and they even support custom domains.
https://disroot.org/en
However, because they’re all volunteer and funded by donations, Disroot may lag in terms of updates. This European website has done a comprehensive review:
https://proprivacy.com/email/review/disroot
There is one vital point that needs to be made that doesn’t get addressed here and on other privacy sites. You can take as many precautions as you want (like use a privacy browser or VPN), but in order to achieve full online privacy the server-side needs to be addressed. For privacy advocates, this is a very bad problem.
Your ISP and cable or broadband internet provider is probably logging all of your online activity too. No doubt a letter requesting it from the FBI or police would be quickly given to them by your internet provider or even sold to advertising companies. You know all of those computerized vehicles coming out with those neat gadgets? Well, no doubt they’re monitoring and even benefiting from your personal information too.
During 2019, Maine enacted an ISP privacy statute that is presently the subject of court challenges. So far, it has been upheld. It could be a model for other laws, but, until other states enact them, you’re information is still available to them.
https://www.cnet.com/tech/tech-industry/maine-governor-signs-internet-privacy-protection-bill/
So, congratulations on following the advice on websites like this. But know that, until you can have the ability to opt-out of the surveillance mentioned above, just try to keep a low profile and pull out of as many services that benefit from your data as you can.
Someone on this page asked if a VPN can bypass a firewall. This article does a good job explaining the difference between a Firewall and a VPN and if bypassing a firewall with a VPN can be done.
https://cyberwaters.com/can-vpn-bypass-firewall/
In short, the message being conveyed is: “Don’t use it. It’s Russian.” Instead of issuing yellow stars will red ones be issued?
https://www.bleepingcomputer.com/news/security/german-government-advises-against-using-kaspersky-antivirus/
“A small team of researchers at the Darmstadt University in Germany have published a report illustrating how their AirGuard app for Android provides better protection from stealthy AirTag stalking than other apps.”
https://www.bleepingcomputer.com/news/security/free-android-app-lets-users-detect-apple-airtag-tracking/
Look up Snowden ExpressVPN for details about why I don’t believe it belongs on the list
MullVadd has a good reputation for respecting user privacy
Tor browser should hands down be #1 in regards to privacy, by a long shot
QubesOS and Whonix are both great operating systems
Here are some different opinions on using Tor browser alone.
Hi Guys, above Sven says for ad blocking he likes Nord with CyberSec, so my question? Is anything gained running adguard while connected via Nord w CybSc. =regards single PC -ethernet connection
Yes, I would guess that AdGuard has a more robust filter lists than the CyberSec feature from NordVPN. Therefore AdGuard may block more stuff, but it may also slow things down a bit, whereas CyberSec won’t do that.
While Apple has taken a public stand on privacy, curtailing data and app abuses declaring it doesn’t profit from its users’ information, the company has also created comprehensive new ways to track us.
https://www.wired.co.uk/article/apple-surveillance-technology
Privacy is a fundamental human right. Prominently included in the Universal DECLARATION of said Human Rights and also the International Covenant on Civil and Political Rights. Alas, privacy is (and likely always will be) an absolute mythical f’n unicorn/white-buffalo hybrid.
My dismay has grown, year after year as the complacent masses give zero Fs. But, as you all well know, turns out that two de facto titans of the realm were at worst, machinations of the “enemy” all along. At best, they were ultimately proven to be complete failures at their stated purpose.
As privacy pundits have long echoed is response to the (seemingly fizzled) FBIs faux-war on encryption, “if there are forced zero-days included in encrypted tools, then they would cease to be encryption at all.” Period. End of story.
— BTW, I say “faux-war” because it was mostly ‘smoke and mirrors’ all along, really. They don’t NEED mandated backdoors, they just kinda would like to have them. —
Signal App:
I once really admired straight man, B. Acton and his funky, rebel-with-a-cause crypto partner. You know the one? The caricature of self-serving bravado that calls himself, “Moxie Marlinspike”….probably in the 3rd-person but to be fair, I’m just guessing on that. 😉
But I’ll try and stick to respective functionality of the tools, themselves….l est I go off on a tangent and wax malevolent in ad-hominems.
Long the darling of the privacy advocates , Signal have been at the forefront and seemingly excel where it matters most in spite of myriad shortcomings. I, for one, truly believed they were going to be an Institution in this winnable war.. Turns out, that was almost surely BS. I don’t think that we can hang on to “not great but, best we’ve got at the moment” logic anymore, do you? I’m not using them.
Aside from the obvious and very serious implications surfacing as of late, the entire project itself has long suffered from lack of transperancy, extremely poor comms/interaction with users and a a questionable roadmap while ignoreing glaring faults.
Yeah, it’s probably…….nay, it is *MAYBE* better than SMS and voice data just floating around unencrypted. But settling is growing thing for me. I always gave Signal Foundation the benefit of the doubt assuming they were obviously one the good guys and things just take time. They’re “working on it”, I’m sure. Maybe we just need to hit that “Donation” button more so theat they can hire more staff. (fyi: we didn’t/don’t need to do that, btw….they are FLUSH with cash).
I uninstalled Signal for good and now I feel naked. Now what? Session, XMPP, Syphon? Certainly not Telegram! ugh
Tor Browser/Onion:
Always lauded as the slow moving – but invisible – tank of internet anonymity. Many moons ago, when a buddy in college first told me that he bought his weed online and it delivered via USPS, I was in utter disbelief. But he sure did. For a fairly long time, the Onion Router seemed to be exactly what it was supposed to be: a truly anonymous gateway to web only foiled in the case of user error.
Now obviously, it goes without saying that Nation States will always work to combat any such obfuscation. But what vexes me most in this unfortunate saga is that they succeeded in such grand fashion against Tor Project and with such little clamor, to boot. It’s going on a decade now (IIRC) since the first fed court documents plainly stated that a convicted criminal had been de-anonymized using Tor.
I don’t particularly give a damn about the dark web nor do I frequent .onions nor use Tor Browser, itself beyond occasional tinkering. But upon hearing it had been broken, I found this to be incredibly noteworthy. Tor Project was synonymous with “anonymity” and I assumed this would be a very big deal.
Using good ol’ fashioned logic, I immediately considered Tor Project to be broken and likely, nearly dead. Who wouldn’t? Welp, most as it turns out. Tor dev soldiered on with what had become their mantra, “Will not fix”, for years. with almost nary a fuss from almost anyone.
Only in the the past year (and for some reason, REALLY ramping up this past December) have I begun to see scattered reports on ‘KAX17’ and the widespread, very-much known about and very long-standing issue with malicious nodes being used by “SOMEBODY”.
(Gee, I wonder who it could be?!? /s)
Tor brass ultimately removed all traces ot the word “anonymity” from their marketing and documentation. The very MISSION of the entire damn project, itself….or was it?
I’m going to stop short of a full-blown rant (too late, amitire!) assuming we all know the gist of these two unfortunate events. I just wanted to say that for me personally, my confidence in privacy is at an all-time low. Like surely many of you here, I’ve long a stalwart of among a veritable sea of complacent, clueless, ‘don’t-give-a-damn’ lemmings out there. You know, somebody who religiously updated about:config prefs (let alone, knew they existed). Somebody who knew better than to trust the likes of the laughably layman-lauded Ghostery. Someone who knew better than to think Google’s “incognito” meant a damn thing, really. Somebody who had cautious optimism and believed in the cause.
However lately, I find that I, myself am giving in/up on increasing levels of IDGAFedness. If you can’t beat em…..
Maybe I’ll just buy a couple privacy nightmare smart watches and even use some Gapps and why not?…Samsung hardware, while we’re at it. Oooh, Knox….that just SOUDS secure. Find My Mobile? Bluethooth headphones? Safe Browsing? Diagnostics uploads? Seems legit.
I’m finally sick of swimming against the stream….and for what? There are like, I dunno…15? 20 of us out here who care enough to even actually fight the growing monolith of surveillance culture/”marketing”?
What say you, friends? I don’t even do social media…never had a Facebook. I’ve always wondered what the other half (99.9%) lived like with their Instagrams, their OnStar, their Near Field Comm payment methods, their Samsung Photo Gallery automatically creating “stories” for them based on the pictures they take (gross!). Google Drive? What’s that LIKE? Google Docs? What even IS that? Windows that makes 500+ calls home per day…LOLFIREWALL, be damned?
Sorry, I’ve just about had it here, man. Am I alone? Go read the Play Store reviews for literally EVERY GApp/G suite…whatever. Hilarity will ensue. From Google Health to the newly forced, Intelligence Service, 100% of clueless apes are in full, faux-outrage mode. “Where did this app come from?” and “I’m so sick of Google!” and my personal favorite, “Suddenly battery life is suffering and I can’t get CCleaner to work properly anymore!”
Until we far surpass ~1%-3 of us caring enough to actually take action against our enemy overlords at Google, FB, Adobe, LexisNexis, Deutshe Telekom, Oath, etc and STOP F’n USING THEIR “free” products, we’re jogging in place at BEST.
I mean, Zuck could stop pretending to care at all and change their slogan to “F all you Sheeple..all your hopes and dreams are belong to US!”….he could stop bothering with blatantly lying to dog and pony congress….he could literally walk around spitting in people’s faces and I’m certain that STILL, pretty much nobody would leave their precious FB/Metaverse accounts. And complaing about it the whole way.
////rrrraaaannnntttt
Forgive me, my typos…they know no what they say….as it were, I hunt ‘n pecked that diatribe via mobile.
Can’t be using proprietary SWYPE nor AutoCorrect. Much less, a mobile keyboard with full friggin’ network access (all of em but two last I checked)! Simple Keyboard or nothin’.
TBH, “Nothin” is growing on me. But manics gon’ manic.
¯\_(ツ)_/¯
Awesome Rant.
I started in computers/ networks in 1984.
Who would have thought the whole world would be ok with Goatse level privacy and security.
But its FREE. Ya so is prison sex, but not for me thanks.
McDonalds continues to sell the most burgers….
Outer Limits was right (their intro).
Regarding iPhone privacy, I am using the tools that are available, like hiding my real IP address. It works (I tried it out with DNS leak tools when I was test-driving several VPNs) to the point where I wouldn’t even know myself what my IP address was anymore if I hadn’t looked it up.
But what really bothers me are all those third party trackers, especially the Facebook pixel. And I just found out that one site I have recently been to “notifies FB” according to the Blacklight tool, and uses session cookies, meaning they log your keystrokes.
So I’m wondering now, am I outfitted with the darn pixel? Every browser – again, on iPhone – that I use has the strictest cookie setting even though it supposedly “might break some sites.” But how would I really know if I have this pixel follow me around? (I’m not even on FB anymore, but we all know FB tracks everybody it can.)
Does anybody here know how to get rid of a tracker once you have it, or how to investigate if you do have it? I use FF Focus, DDG browser, Safari, Quant, and regular FF. Sometimes SnowHaze but it keeps having issues with some sites.
Thanks.
Hi Brad,
Somethings that may address your inquiries:
Facebook Pixel:
https://developers.facebook.com/docs/facebook-pixel/get-started
“The Facebook pixel is a snippet of JavaScript code that loads a small library of functions you can use to track Facebook ad-driven visitor activity on your website. It relies on Facebook cookies, which enable us to match your website visitors to their respective Facebook User accounts. Once matched, we can tally their actions in the Facebook Ads Manager so you can use the data to analyze your website’s conversion flows and optimize your ad campaigns.
By default, the pixel will track URLs visited, domains visited, and the devices your visitors use. In addition, you can use the pixel’s library of functions to:
-track conversions, so you can measure ad effectiveness
-define custom audiences, so you can target visitors who are more likely to convert
-set up dynamic ad campaigns”
https://developers.facebook.com/docs/facebook-pixel
“The following data can be collected by the Facebook Pixel:
– Http Headers – Anything present in HTTP headers. HTTP Headers are a standard web protocol sent between any browser request and any server on the internet. HTTP Headers include IP addresses, information about the web browser, page location, document, referrer and person using the website.
-Pixel-specific Data – Includes Pixel ID and the Facebook Cookie.
-Button Click Data – Includes any buttons clicked by site visitors, the labels of those buttons and any pages visited as a result of the button clicks.
-Optional Values – Developers and marketers can optionally choose to send additional information about the visit through Custom Data events. Example custom data events are conversion value, page type and more.
-Form Field Names – Includes website field names like email, address, quantity, etc., for when you purchase a product or service. We don’t capture field values unless you include them as part of Advanced Matching or optional values.”
Facebook Cookie Policy:
https://www.facebook.com/policy/cookies
“Websites and apps provided by other companies that use the Meta Products, including companies that incorporate Meta technologies into their websites and apps. Meta uses cookies and receives information when you visit those sites and apps, including device information and information about your activity, without any further action from you. This occurs whether or not you have a Facebook account or are logged in.”
Facebook Shadow Profiles:
https://www.makeuseof.com/tag/facebook-shadow-profiles/
Best way I know to block them is Ublock Origin though there are other methods. Here’s a tutorial that shows how easy it is.
https://www.youtube.com/watch?v=2lisQQmWQkY
Regards,
BoBeX
My threat model includes data gathering companies like Google, and I was told recently that Google owns the keyboard used by my Samsung phone. Google is a USA company, and Samsung is South Korean. My phones settings use the default Samsung keyboard, and do not have an alternative, Google or otherwise, listed.
Does Google own Samsung, or are they owned by the same company? Are there alternatives to a cell phone keyboard that might be used to basically key log everything I do, no matter what else I use? Is this problem insurmountable until I get a Linux phone? Does this problem even exist?
Can’t address the ‘keyboard’ issue, but doing a little research, I can’t find any corporate relationship between Samsung and Google. Never heard this idea expressed.
Hello Sven and RP,
Thank you for excellent information, clearly presented, with all the why’s and wherefore’s!
Search Engines: i too have noticed DDG now is a lot harder to get good results from. Even querying a known, good, complete URL (just to make sure i didn’t typo), the results often do not mention, reference or point to that URL. Also, quite a few multiword queries return results that only address one word, and no amount of tweaking will fix. Using quotation marks, AND, OR, NOR do not seem to work any longer. Plus, after going to Settings and customizing, suddenly a few searches later in one session it reverts to default Settings without any warning (or reason why it did so).
Three questions:
(1) Under OS, you mention Linux; but any thoughts as to the *BSDs? i’m thinking of moving to FreeBSD.
(2) Any thoughts about DiceKeys.com?
(3) Will y’all ever rate best/top hosting services for security and privacy?
Thanks again!
Hi Kagey. We do not cover operating systems in much detail, other than pointing people toward some of the more privacy-respecting options. I’m the wrong guy to ask about the BSD operating systems, but someone else here may chime in on that one. I have not looked at DiceKeys.com. For private hosting, you may want to check out Njalla or OrangeWebsite in Iceland.
One other privacy tool you should consider for you Apple or Android mobile device(s) is a firewall. A Firewall allows you to block or restrict apps from being able to “call home” by sending information about you to advertising or tracking services. There are three firewalls that are free and open source that I recommend:
1) Netguard (Android) – https://netguard.me/
2) Blokada (Android) – https://blokada.org/*
3) Lockdown (iOS) – https://lockdownprivacy.com/
* Blokada’s primary purpose is an add blocker but the app has features like a firewall too.
Blokada is now on ios also. I can’t get Lockdown to work at the same time as my vpn. How do I use both at the same time? or is it not possible?
@rufnhappy I am unsure as I am not an Apple user. I would assume you can only use one and not both at the same time.