The world is changing fast and your private data is at risk whenever you go online. Numerous entities, both public and private, are working hard to track, monitor, and record your digital activities. There are many reasons for this:
- Advertisers (including Google and Facebook) want to know everything about you, including your web browsing history, location data, contacts, and more. This makes it easier (and more profitable) to serve you targeted ads and influence your purchases.
- In an age of pandemics and lockdowns, many governments around the world are working hard to track movement and biometric data of their citizens.
- ISPs (internet service providers) are spying on their customers and feeding this data to various third parties, including advertisers and government agencies. In many countries, this is not only legal, but required. See for example in the United Kingdom (with the Investigatory Powers Act), United States (Senate Joint Resolution 34), and now also in Australia (mandatory data retention).
- The internet is also becoming less free due to censorship efforts and content blocking. Whether it is China, Germany, the UK, or the United States, various groups are working hard to censor content online.
But don’t get discouraged. Alternative technologies are experiencing a renaissance as awareness about these issues grows and people seek out solutions. Indeed, for all of the problems listed above, we find excellent solutions to give you more privacy, security, and freedom in your digital life. And that is the purpose of this guide: to give you solutions. Here’s what we’ll cover in this guide:
- Secure and privacy-focused browser
- Virtual Private Network
- Ad blocker
- Password manager
- Secure and encrypted messaging
- Private search engine
- Private email
- Operating system
- Antivirus software
- Data removal tools
But before we begin, one key consideration is your threat model. How much privacy and security do you need given your unique situation and the adversaries you may face?
Most people today are seeking protection against online tracking by advertising networks as well as a higher level of privacy and security. Others, such as investigative journalists working with sensitive information, would likely need an even higher level of protection. So keep this in mind as you proceed. Everyone is unique in their approach to privacy and security; there is no one-size-fits-all solution.
So here’s what you need:
1. Secure and privacy-friendly browser
Everyone needs to be using a secure and privacy-friendly browser for three important reasons:
- Browsers have a large attack surface and can be compromised in many ways.
- By default, most browsers contain lots of private information, including your browsing history, usernames, passwords, and autofill information, such as your name, address, etc.
- Browsers can reveal lots of identifying information about your location, system settings, hardware, and much more to third parties.
Secure Browsers: Based on my own tests and experience, here are the most secure browsers that also respect your privacy:
- Brave – Brave is a chromium-based browser that is very privacy-focused right out of the box. By default, it will block ads and trackers, and it’s also customizable, fast, and has built-in protection against browser fingerprinting.
- Firefox (modified) – Firefox is a great browser for both privacy and security after doing some modifications. It is highly customizable to give you the level of security and privacy you desire, while also being compatible with many browser extensions. See our guide on how to modify Firefox for more privacy.
- Tor browser – The Tor browser is hardened version of Firefox that also utilizes the Tor network by default (but this can be disabled).
- Ungoogled Chromium – As the name suggests, Ungoogled Chromium is a stripped-down Chromium browser that has been “Ungoogled” for more privacy. Source code is here.
- LibreWolf – This is a fork of Firefox that has been tweaked for more privacy and security.
Of course, there are many browsers on the market and choosing the best one all comes down to your own needs and tastes. Chrome, Opera, Safari, and Vivaldi also get some attention, but they’re not the best choices from a privacy standpoint.
2. Virtual Private Network (VPN)
Using a good VPN (virtual private network) is one of the simplest and most effective ways to protect your privacy, secure your devices, and also access blocked content online. A VPN is a critical tool to be using, especially with internet service providers spying on their users and logging all activity.
Here are some of the problems that VPNs can solve:
- ISP Spying – A VPN will encrypt and anonymize your internet connection. This makes your traffic completely unreadable to your ISP and other third parties.
- Blocked content – A VPN will let you easily get around blocked content and censorship. Simply connect to a VPN server in the region you need and access the website or stream as normal.
- IP and location tracking – Many websites and advertisers track users through their IP address. With a VPN, your IP address and location will be replaced by the VPN server’s IP address and location.
- Copyright issues – Torrenting and streaming media from third-party sources can come with some risk in the form of copyright issues. A VPN will anonymize your IP address and help keep you safe.
We’ve tested all of the popular VPN services and the results can really vary. Below are our current recommendations that are private, secure, fast, and reliable on many platforms.
- NordVPN – Best all-around VPN with secure apps for all major devices and very fast speeds (over 750 Mbps). Great for streaming plus extra security features (with a 74% off coupon).
- Surfshark – Best VPN for many devices (unlimited)
- ExpressVPN – Secure and reliable VPN service
- Proton VPN – User-friendly and private VPN in Switzerland
We have other recommendations and providers in our guide on the best VPN services.
And if you are new to VPNs, we also have a guide on how to use a VPN.
3. Advertisement, tracker, and malware blocker
A good ad blocker is essential for privacy and security reasons. From a privacy perspective, it’s important to block ads because they also function as tracking by recording your online activity to create an intimate user profile. This data is then used for targeted ads and/or sold to other parties.
Ads are also risky from a security perspective because they can contain malicious code that can infect your device when a web page loads – no clicks required.
Effectively blocking all ads is the only way to go. Here are a few different options from our guide on the best ad blockers:
- Browser ad blocker extensions – Browser-based ad blocker extensions, such as uBlock Origin are quite popular, but they also come with some tradeoffs. Online ads may still be using up resources and tracking you, even if the ads are not being displayed. Choose your ad blocker carefully – some ad blockers will collect user data for profit and/or show you “approved” ads.
- VPN ad blocker – There are now many VPNs with ad blocking built in. With this method, the VPN can effectively block ads, trackers, and malware at the VPN server, thereby protecting your devices.
- Ad blocker apps – A dedicated app will most likely do a very good job blocking ads on your device. One popular and well-regarded option is AdGuard.
- Ad blocking on a router – Ad blocking on a router can be accomplished various ways – from using ad blocking DNS to loading custom filter lists onto your router.
- Pi-hole – Pi-hole is a network-wide ad blocker that functions as a DNS server and can be deployed in various ways. It is most often used on a Raspberry Pi, connected to your home router (but there are many other different setup options).
The best ad blocking setup will depend on your situation and needs. If you have numerous devices you use at home, setting up a network-wide ad blocker would be a good solution for blanket protection. uBlock Origin remains a popular option for browser-based ad blockers. However, I like NordVPN with the Threat Protection feature as a simple, all-in-one solution for VPN and ad-blocking.
4. Password manager
The topic of passwords is actually quite large, encompassing password strength, password management, and password storage. In this section we’ll focus on password management and storage. Many people store passwords directly in the web browser — but this can be risky.
A more secure method is to use a dedicated password manager app. And note that a dedicated password manager can also offer browser extensions that are convenient and secure. Here’s a screenshot of Bitwarden, which is one of our favorites:
Here are the best password managers we have tested:
- NordPass – From the makers of NordVPN and NordLocker, NordPass is a secure, user-friendly password manager that has also passed a third-party audit. (See the NordPass review here.)
- Bitwarden – A free and open source password manager that is user-friendly and secure. (See our Bitwarden review.)
- 1Password – Another great option is 1Password, with many features and strong security standards for all types of devices (our 1Password review has more info).
- KeePassXC – As a locally-hosted password solution, KeePassXC differs from the others on our list. See the pros and cons of this password manager in our KeePass review.
Start using a good password manager today. See also our guide on how to create strong passwords.
5. Secure and encrypted messaging apps
Many people are turning to secure and encrypted messaging apps over concerns with privacy and security of other popular messengers. For example, WhatsApp collects and shares data from your phone with Facebook, the parent company of WhatsApp. If you find this concerning (and you should), then consider some of the secure alternatives below.
Additionally, with the inherent limitations of email, we recommend a secure messaging app for those wanting the most secure messaging platform possible. The secure messaging apps below utilize strong encryption standards and work well for teams or individual use on various operating systems and devices.
- Signal – This is probably the most popular secure messenger with a rapidly-growing user base. It is free, open source, and very secure. We really liked how it performed in our Signal review — but also noted some drawbacks, such as the need to use your phone number for verification.
- Wire – Based in Switzerland, Wire is another great option that is secure, user-friendly, and fully featured. While there is a free version for personal use, it is hard to find, as described in our Wire messenger review.
- Threema – This is one of the few paid encrypted messengers, but it’s only $2.99 for a lifetime license. Threema is also based in Switzerland and is open source. See our Threema review here.
- Telegram – Telegram is a very popular encrypted messaging app out of Russia, but it also is not encrypted by default. See the pros and cons in our Telegram review.
With all of the people abandoning WhatsApp and going over to Signal, there’s a better chance to connect with people you know on a secure platform. This trend kicked off early last year and we hope to see it continue!
Note: Also keep in mind that standard SMS text messages are not secure or private. They can be read by your phone service provider and are susceptible to man-in-the-middle attacks and also eavesdropping by Stingray devices. When privacy matters, use a good secure messaging app.
6. Private search engine
The big search engines (Google, Yahoo, Bing) record and track your searches, which helps them to build a user profile for their advertising partners.
Consider these privacy-friendly search engines instead:
- MetaGer – An open source metasearch engine with good features, based in Germany.
- Searx – A privacy-friendly and versatile metasearch engine that’s also open source.
- SwissCows – A zero-tracking private search engine based in Switzerland, hosted on secure Swiss infrastructure.
- Qwant – A private search engine based in France.
- DuckDuckGo – A private search engine based in the US.
- Mojeek – The only true search engine (rather than metasearch engine) that has its own crawler and index (based in the UK).
- YaCy – A decentralized, open source, peer-to-peer search engine.
There are also a few “private search engines” that are now owned by advertising companies. For example, Startpage was bought out by System1, a pay-per-click ad company. For more information, see our guide on private search engines.
7. Private email
Many of the popular email providers, such as Gmail, Yahoo, and iCloud are not good choices when it comes to privacy. Would you want random people having full access to your emails, collecting data for targeted ads, or passing the information on to third parties? This actually happens.
- Gmail gives third parties full access to emails and also tracks all of your purchases by reading the receipts in your inbox.
- Advertisers are allowed to scan Yahoo and AOL accounts to “identify and segment potential customers by picking up on contextual buying signals, and past purchases.”
- Yahoo was found to be scanning emails in real-time for US surveillance agencies.
And while Gmail remains the most popular service in the world, you pay with your privacy. Consequently, as awareness about these issues grows, many people are seeking alternatives to Gmail.
If you care about privacy and the security of your data, consider these secure email services. Here are some excellent options:
- Proton Mail – Best for strong encryption (33% off coupon)
- StartMail – Private email hosted in The Netherlands (50% off coupon)
- Mailfence – A secure and customizable email service
- Tuta Mail – Secure Email for Any Device
- Mailbox.org – Affordable private German email service
- Posteo – Reliable anonymous email service
- Runbox – Private email in Norway
- CounterMail – Swedish email with strong security features
- Kolab Now: Swiss email, compliant with GDPR, HIPAA, and PCI
- Soverin – Basic private email service
And if you want to learn more, check out these reviews:
- ProtonMail Review
- StartMail Review
- Tutanota Review
- Mailfence Review
- Mailbox.org Review
- Hushmail Review
- Posteo Review
- Fastmail Review
- Runbox Review
Note: We also have a guide on encrypting email.
8. Operating system
Consider using the free and open source Linux operating system. There are many different versions of the Linux operating system designed for different types of users:
- If you want the look and feel of Mac OS or Windows, check out Elementary OS.
- Ubuntu, Mint, and Debian are other popular options.
Tails is another privacy-focused operating system that can be run live on a USB drive, CD, or SD card.
Problems with Windows and Mac OS
Windows – The latest version of Windows (Windows 10) is a platform built for total surveillance – giving corporations and governments complete access to everything you do on your machine. Aside from data collection concerns, most malware targets Windows users – another serious drawback and security risk.
Mac OS – While Apple may be slightly better in terms of privacy, it too has problems. Just like Microsoft, Apple has configured its operating systems to collect vast amounts of your private data, whether it is browsing history through Safari, connection data, location services, and more.
9. Antivirus software
While not necessarily a “privacy” tool, using good antivirus software may be wise depending on your situation. The problem, however, is that many antivirus solutions abuse your privacy and may come with some invasive and “unwanted” additions.
Just like with sketchy free VPN services, free antivirus software can also be problematic. In testing eight popular free antivirus suites, Emsisoft discovered that seven of them were bundled with PUPs (potentially unwanted programs), which can be harmful and very annoying. Tip: avoid free antivirus software!
Another major issue is privacy. Many popular antivirus suites utilize invasive data collection, to include browsing history, “suspicious” files, metadata, and more. Carefully read through the privacy policy of your antivirus before installing.
Although RestorePrivacy does not devote much attention to antivirus software, one solution that offers the highest levels of security while also respecting user privacy is Emsisoft. Another potentially good option, which is entirely FOSS, is Clam AV.
See also the antivirus privacy guide.
10. Data removal tools
As regular readers of this site know, personal data is valuable. In fact, there massive companies working behind the scenes to collect, compile, and sell your private data to third parties.
While there are good solutions for how to delete your digital footprint, there are also tools that take an active approach in targeting these data brokers. These types of tools and services are becoming increasingly popular, especially as the data collection problem becomes increasingly worse.
Here at RestorePrivacy, we have tested many different market leaders, such as DeleteMe and Incogni. Based on our tests and analysis, these are some of the top options:
- Incogni – Developed by the team behind the popular VPN service Surfshark, Incogni is a simple-to-use solution that focuses on efficient data removal across a wide network of platforms.
- DeleteMe – A popular choice that offers a wide variety of features and services designed to protect your privacy and keep your personal data away from data brokers and people search sites.
- Optery – A comprehensive tool that prioritizes the secure erasure of data from various databases, helping users regain control of their online information.
See the best data removal services here.
Conclusion: Restore your privacy and take control of your data
That’s all for now, although this guide will continue to be updated with more privacy tools and information. We’re also keeping an eye on discussions surrounding privacy tools on various forums, such as Reddit.
If you have any feedback, tips, or suggestions based on privacy and security tools you are using, feel free to drop a comment below!
This article was last updated on May 31, 2024.
Lets have some fun!
Quiz yourself to 9 questions for 2023/2024 in what you really know about your knowledge in a few digital topics.
[https://www.pewresearch.org/internet/quiz/digital-knowledge-quiz-2023/]
How Americans View Data Privacy
[https://www.pewresearch.org/internet/2023/10/18/how-americans-view-data-privacy/]
Wikipedia is used in full or in part by most of the major AI systems employing natural language processing (NLP) techniques and advanced transformer neural networks. Three years ago, to find out what Wikipedia (largest nonprofit educational resource on the planet) was doing to stay balanced, neutral, and accurate and what it can be doing better; Forbes interviewed one of the most impactful humans alive who created and made Wikipedia free, the founder of Wikipedia, Jimmy Wales.
[https://www.forbes.com/sites/alexzhavoronkov/2021/04/14/capturing-biases-in-the-age-of-aithe-interview-with-the-founder-of-wikipedia-founder-jimmy-wales/]
How Technology is Killing Privacy
[https://scholarworks.gvsu.edu/cgi/viewcontent.cgi?article=1430&context=honorsprojects]
Working towards creating a more equitable and just AI systems base framework that benefits society as a whole from Technology bias, also known as algorithmic bias. As the unintended and often discriminatory outcomes that arise from the design and implementation of artificial intelligence (AI) and machine learning (ML) systems.
Is technology doing away with our privacy?
[https://www.legalzoom.com/articles/privacy-and-technology-is-technology-doing-away-with-our-privacy]
https://www.iihs.org/ratings/partial-automation-safeguards
Vehicle partial automation safeguard ratings on rated systems.
Test protocol March 2024
https://www.iihs.org/media/d01ff4e0-50ba-4199-8e0f-c1ef8c3b18e1/ql-Ovw/Ratings/Protocols/current/automation_safeguards_test_and_rating_protocol_V1.pdf
Alex or anybody else.
How can the individual mitigate the new personal risks associated with AI technology?
What risks could there be with AI algorithms, that can’t help but, to reflect the biases of their creators. Could such AI systems inherit biases from the data resource used to train them, or learn patterns, relationships, and correlations to an individual activities?
Will AI-powered surveillance grow to be a concern?
KNOWLEDGE is POWER
Since for years, the tech industry has collected Big Data datasets, by allowing them to pool in the diverse collections of structured, unstructured, and semi-structured data that continues to grow. This can include years and even generations of text, audio, video, and other formats.
Is it up to a nation in mitigating its population personal security and privacy risks associated with the advancing AI technology and market use?
Since the internet touches all nations, an international cooperation needs to establish a common standards and frameworks for AI development and deployment that align with human values and ethical principles globally.
Then all Nations, can develop and implement AI-specific laws and regulations within its land. Thus, insuring their regulatory bodies have the necessary resources and expertise to oversee AI development within the international cooperation ruleset.
R provides a wide variety of statistical (linear and nonlinear modelling, classical statistical tests, time-series analysis, classification, clustering, …) and graphical techniques, and is highly extensible. The S language is often the vehicle of choice for research in statistical methodology, and R provides an Open Source route to participation in that activity.
https://www.r-project.org/about.html
[Statistics Definition: Statistics is a branch that deals with every aspect of the data. Statistical knowledge helps to choose the proper method of collecting the data and employ those samples in the correct analysis process in order to effectively produce the results. In short, statistics is a crucial process which helps to make the decision based on the data.]
Is there any way to use WhatsApp in a way that decreases collection of information by Facebook?
I live in the U.S. and have never used WhatsApp. (And I have never had a Facebook account!) But in planning a short trip to Mexico, I find that many businesses expect I will have a WhatsApp number, and some require it to do business with them. One tour company and one restaurant responded to initial email inquiries with a request that I communicate by WhatsApp—in one case, just to make a restaurant reservation!
Is there a way to install WhatsApp on my phone that will prevent Facebook from collecting personal information or at least decrease what they collect? For example, can I deny requests for any permissions or even all permissions?
What are the privacy risks using WhatsApp on a Windows computer?
get a cheap burner phone for your trip. you have a different number and you don’t have to register it. just return to your usual phone when you get home.
AI’s Energy Demands Are Out of Control. Welcome to the Internet’s Hyper-Consumption Era
The technology’s energy needs for training and deployment are no longer generative AI’s dirty little secret, as expert after expert last year predicted surges in energy demand at data centers where companies work on AI applications. Almost as if on cue, Google recently stopped considering itself to be carbon neutral, and Microsoft may trample its sustainability goals underfoot in the ongoing race to build the biggest, bestest AI tools.
“The carbon footprint and the energy consumption will be linear to the amount of computation you do, because basically these data centers are being powered proportional to the amount of computation they do,” says Junchen Jiang, a networked systems researcher at the University of Chicago. The bigger the AI model, the more computation is often required, and these frontier models are getting absolutely gigantic.
In addition to high levels of energy usage, the data centers that train and operate generative AI models consume millions of gallons of water.
Source: [https://www.wired.com/story/ai-energy-demands-water-impact-internet-hyper-consumption-era/#intcid=_wired-nativearticle-bottom-recirc_5caca7e7-7c05-498a-98bc-4c0d6805831e_entity-topic-similarity-v2_fallback_popular4-1]
All major software being used today, as is distributed by an organization within the reach of a countries surveillance laws.
Lends prudent users must interact with Internet Services knowing that despite how much any digital-service company wants to protect your privacy, at the end of the day these web companies must comply with that countries laws. Of which they wish to opperate in.
The Governing Body of a country may force service operators to install/enable surveillance in their hardware/code. That fact and with a countries public trust, makes likely the population not finding out due to gag orders from such surveillance laws. Lends an unfortunate consequence for users having blindly trusted any software or service from a past history in their use of it. Not knowing the emerging trend of having to “Verify before Trust” must be the users digital golden rule going foreward.
Countries during a time of war, are countries less accountable to their public!
Countries regulatory Internet enforcement may have already placed (surveillance in code) or have installed (surveillance hardware) at the ready in the event of their government directs such action, as required by its law to which can flux.
The Country agency then can unilaterally monitor users’ communications metadata and content, including phone calls, email traffic and web browsing activity. Metadata may be obtained without a warrant or the agency could block certain classes of content without a court order.
What is, What maybe, What happens are in a Digital flux. Which refers to the constant change and evolution of digital technologies, platforms, and trends. It encompasses the rapid shifts in consumer behavior, market demands, and technological advancements that shape the digital landscape for an organization within the reach of a countries surveillance laws.
Anybody know about this?
Cut down on data collection and protect your sensitive personal information, health data, and geolocation. Answer a few simple questions to get customized recommendations to help you.
iPhone or iPad, Android phone or Tablet, Mac or Windows computers, Chromebook, Smart TV or Streaming device, Smart speaker, Security camera, Baby monitor, Smartwatch/fitness tracker, Gaming console.
[https://securityplanner.consumerreports.org/]
And
How to Take Back Control of Online Data With Apps Like Consumer Reports’ Permission Slip.
Permission Slip is a free app, available for both iOS and Android devices. It provides information on how more than 100 companies use your personal information, and lets you request that they stop selling it, or that they delete it.
[https://www.consumerreports.org/electronics/privacy/take-control-of-online-data-with-apps-a5151057853/]
Alex, would you mind giving your readers some brief insiders insight of your offerings of –
https://cyberinsider.com/about/
Cyber Insider (CyberInsider.com and Cyber Insider, LLC) is a cybersecurity and technology news platform that also publishes in-depth guides, tutorials, and reviews.
The mission of Cyber Insider is to raise awareness about digital privacy and cybersecurity topics while also giving our readers the tools and information to regain control of their digital lives.
[Alex Lekander is the Editor-in-Chief and owner of CyberInsider.com. With a passion for cybersecurity and privacy topics, Alex launched this website in 2020.]
And
https://restoreprivacy.com/about/
AKA – https://restoreprivacy.com/mission/
RestorePrivacy is a digital privacy advocacy group committed to helping you stay safe, secure, and private online.
The mission of RestorePrivacy is to raise awareness about online privacy and security while also giving you the tools and information you need to restore your online privacy and stay safe and secure in today’s digital environment.
[Alex Lekander is the Editor-in-Chief and owner of RestorePrivacy.com. With a passion for digital privacy, Alex created this website in 2017 to raise awareness about online privacy and security and help real people.]
My thoughts, are maybe you plan to or can do more with CyberInsider.com, than you wanted for RestorePrivacy.com, while keeping along the lines of RP/Mission #5. Complete Independence.
BUT thats not realistic as the PP pages of both sites along with some contents that mirror the other for a clone-like Mission and purpose, as I see it.
What I was hoping, Alex, that you’ve offered a sign-up membership. For a members forum discussion of RP topics, private messaging between members and basically cloned like the XDA Developers site. That offers a wide range of rooting guides, tutorials, and resources for various Android devices. BUT for any platform and/or device, as members help members to specific paths in restoring their own privacy of a particular device they own.
Hi BITR, the idea behind Cyber Insider was to focus more on news, beyond just privacy topics. And with RP, we’ve covered news a bit over the past few years, but the focus on this site is more centered around privacy guides. The membership idea sounds interesting, but that’s not something I think we could manage at this time with the current resources.
Thank you, Alex sir
Last thoughts,
Cyber Insider sounds like a below the surface view to a users understanding of how to restore privacy from the hardware out.
Importantly, to start with the right hardware to gain root access over thie device in their firmware or operating system. The embedded systems firmware or the (OS) software in a device, in turn, that allows a user full rights in management and controls of its hardware, OS/Firmware and the other software/apps on it.
You do some of this already, ex:
[https://restoreprivacy.com/vpn-router/]
You have more of a team of like-minded privacy and security enthusiasts than ever before.
Maybe you can ask them their thoughts, or head it with that someone that started with you and you trusted in their help in the early begining.
Seems a shame to clone or closely mirror what your about in another website without blazing new ground. But, you mentioned current resources, so, man-power couldn’t be meant. Time ?
You would have to look at how xda generates revenue and use the least privacy invasive means if possible. Charging for a membership is an option as well.
Taking payment like –
Ask new members to put money on certain brands of gift cards, and then give you the PIN codes.
Send money through a money transfer app, such as Zelle or Venmo.
Transfer cryptocurrency, such as Bitcoin or Ethereum, to your wallet(s).
Load money onto a prepaid debit card and then give you the card information.
Moving on, hope this gives you motivation to brainstorm with your team of “what if” possibilities.
= )
Braves AI answer – – – on esim tracking privacy
The introduction of eSIM technology has raised concerns about the potential for tracking and privacy breaches. In this answer, we will explore the issues surrounding eSIM tracking privacy and discuss the measures that can be taken to protect your privacy.
How eSIMs Can Be Tracked
IMSI Catcher: eSIMs, like traditional SIM cards, can be tracked using IMSI catchers, also known as Stingrays. These devices can intercept and record the IMSI (International Mobile Subscriber Identity) of a device, allowing authorities to track the device’s location.
Cellular Network Data: Mobile network operators can track the location of a device as it connects to their network, regardless of the type of SIM card.
Apps and Services: Many apps and services request location information for legitimate purposes, such as navigation, weather, and social media. Users have control over whether they grant permission for these apps to access their location.
Concerns and Risks
Privacy Breaches: The tracking of eSIMs can lead to privacy breaches, as sensitive information such as location data and personal identifiable information (PII) can be accessed and shared without consent.
Surveillance: eSIM tracking can be used for surveillance purposes, allowing authorities to monitor individuals’ movements and activities without their knowledge or consent.
Data Collection: eSIMs can collect and store sensitive information, which can be used for targeted advertising, data mining, or other purposes.
Solutions and Best Practices
Use a VPN: A Virtual Private Network (VPN) can help mask your IP address and encrypt your internet traffic, enhancing your online privacy.
Review App Permissions: Regularly review and manage app permissions, particularly those related to location services, to ensure that you only grant access to trusted apps.
Use a Secure eSIM: Look for eSIM providers that offer secure and transparent tracking practices, and ensure that you understand the terms and conditions of your eSIM service.
Disable Location Services: Disable location services for apps and services that do not require them, and consider using a location-sharing app that allows you to control who can access your location.
Use a Privacy-Focused Browser: Use a browser that prioritizes privacy, such as Brave, which blocks trackers and protects your online privacy.
Conclusion
eSIM tracking privacy is a concern that requires attention and action. By understanding the risks and taking steps to protect your privacy, you can enjoy the benefits of eSIM technology while maintaining your online security and privacy.
The New York governor, Kathy Hochul, plans to introduce a bill banning smartphones in schools, the latest in a series of legislative moves aimed at online child safety by New York’s top official. Hochul said she would launch the bill later this year and take it up in New York’s next legislative session, which begins in January 2025.
[https://www.theguardian.com/us-news/article/2024/may/30/new-york-smartphone-school-ban-bill]
UNESCO calls for schools around the world to ban smartphones in the classroom. The UN agency said that even being close to a smartphone has been linked with students being distracted in the classroom, which in turn causes poorer student performances.
Mere proximity to a mobile device was found to distract students and to have a negative impact on learning in 14 countries, the agency writes, less than 1 in 4 nations across the world have banned smartphone use in schools.
Those that have banned them include France, which introduced the measure in 2018, Italy, where teachers collect students’ smartphones at the beginning of the day, Finland, and the Netherlands, which is going to introduce the ban in 2024.
As a result of their findings, UNESCO recommends a global ban on smartphones in the classroom.
[https://www.euronews.com/health/2023/07/26/unesco-calls-for-schools-around-the-world-to-ban-smartphones-in-the-classroom]
Good findings BITR
Car dealerships across North America have been severely impacted by a series of cyber attacks on CDK Global, a leading software provider to the automotive industry. The attacks have forced CDK Global to shut down most of its systems, disrupting business operations at thousands of dealerships. CDK Global provides software solutions to over 15,000 car dealerships in the US and Canada, helping them manage vehicle acquisitions, sales, financing, insuring, repairs, and maintenance.
The first attack occurred on Wednesday, June 19, 2024, when CDK Global’s systems were hit by a cyber attack. The company shut down its systems as a precautionary measure, but a second attack occurred later that evening, further disrupting operations.
The attacks have raised concerns about the cybersecurity of the automotive industry, with many dealerships lacking basic cybersecurity protections. The industry has been warned that dealerships are attractive targets for cybercriminals due to the sensitive customer data they hold.
The automotive industry has responded to the attacks by urging dealerships to take immediate action to protect themselves from cyber threats. CDK Global has also announced that it is working with external experts to assess the impact of the attacks and restore its systems.
VoiceID is a secure and convenient authentication method that uses a person’s unique voiceprint to verify their identity. It provides an additional layer of security, making it more difficult for fraudsters to gain unauthorized access to accounts. VoiceID is used by various organizations, including financial institutions and technology companies, to provide a seamless and secure experience for their customers.
VoiceID works by capturing a person’s voiceprint, which is a unique representation of their voice. This voiceprint is then used to verify their identity during phone calls. The process is seamless and frictionless, taking as little as 60 seconds to complete once enrolled.
VoiceID is a technology that uses a person’s unique voiceprint to verify their identity. It works by creating a digital representation of an individual’s voice, which is then used to authenticate their identity. This method provides an additional layer of security, making it more difficult for fraudsters to gain unauthorized access to accounts.
Could AI be used to defeat the voice-print authentication method?
When something like this is avalible?
[https://vocalid.ai/]
There is currently no federal law that restricts the use of biometric data by businesses. Moreover, there are only a minority of states that developed legislation to counterbalance increased data privacy concerns. Illinois, through the Biometric Information Privacy Law (“BIPA”), was the first to implement a biometric security law and serves as a leader for biometric privacy legislation.
[https://web.archive.org/web/20211025200159/http://ipjournal.law.wfu.edu/2020/12/protecting-our-fingerprints-and-retinas-a-call-for-biometric-data-privacy-legislation/]
Microsoft hired Andrew Harris for his extraordinary skill in keeping hackers out of the nation’s most sensitive computer networks.
The product, which was used by millions of people to log on to their work computers, contained a flaw that could allow attackers to masquerade as legitimate employees and rummage through victims’ “crown jewels” — national security secrets, corporate intellectual property, embarrassing personal emails — all without tripping alarms.
To Harris, who had previously spent nearly seven years working for the Defense Department, it was a security nightmare. Anyone using the software was exposed, regardless of whether they used Microsoft or another cloud provider such as Amazon. But Harris was most concerned about the federal government and the implications of his discovery for national security.
[https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackers]
It’s not just new automobiles that contain computer features that record your driving habits, but even apps on your mobile devices can too.
https://arstechnica.com/cars/2024/06/one-of-the-major-sellers-of-detailed-driver-behavioral-data-is-shutting-down/
Wow, good find Mike, thanks.
So its real. Interesting!
Skeptics have long assumed that car companies had at least some plan to monetize the rich data regularly sent from cars back to their manufacturers, or telematics.
Inertial Navigation
Are also embedded in some mobile phones for purposes of mobile phone location and tracking.
[https://en.m.wikipedia.org/wiki/Inertial_navigation_system]
Dead Reckoning
In navigation, dead reckoning is the process of calculating the current position of a moving object by using a previously determined position, speed, direction, elaspsed time. Inertial navigation systems, which provide very accurate directional information, use dead reckoning and are very widely applied.
[https://en.m.wikipedia.org/wiki/Dead_reckoning]
Telematics is an interdisciplinary field encompassing telecommunications, vehicular technologies, electrical engineering, and computer science.
GPS navigation, integrated hands-free cell phones, wireless safety communications, and automatic driving assistance systems all are covered under the telematics umbrella.
[https://en.m.wikipedia.org/wiki/Telematics]
Verisk, which had collected data from cars made by General Motors, Honda, and Hyundai.
GM had been sending data to both Verisk and LexisNexis.
LexisNexis’ telematics page shows logos for carmakers Kia, Mitsubishi, and Subaru.
GM’s stealthily authorized data sharing has sparked numerous lawsuits, investigations from California and Texas agencies, and interest from Congress and the Federal Trade Commission.
What’s next personalised billboards long your traveled route from advertisers?
Some very concerning developments as of late. Adobe has implemented new features that allows the company to spy on users.
https://www.computing.co.uk/news/4268783/adobe-users-revolt-updated-terms
A security expert has reviewed Microsoft’s “Recall” option and says it has it can leave users vulnerable to wrongdoers.
https://mashable.com/article/microsoft-copilot-recall-cybersecurity-disaster
Maybe AI is good for ?
Here is a mention of AI helping to protect identity.
“Online and device security, including AI-powered scam protection. Aura’s mission is to build a safer internet. To do that, the company is constantly releasing new tools to protect you from hackers and cybercriminals, including a secure password manager, military-grade virtual private network (VPN), powerful antivirus software, Safe Browsing tools, and even AI-powered scam call and text protection.”
Alex have a look at that company, checking out the ‘Digital Security 101’ helps articles info. using the load more articles to move further.
Wow, it’s funny you mention Aura, BITR. We just started looking at them recently. And one of our writers, Sead, just published an Aura review here. We’re going to build up a new category on the site focusing on identity theft protection services and it seems Aura is one of the top options. Great minds think alike 😉
I thought that once, but as a hardsell, I wasn’t in sync with ya enough. Things change hopefully to the best for all. Mine did in time. = )
I’ll checkout what Sead has to say.
Congrats on the new material category. I might add, the site needs to adopt a policy forgetting the threat level logic.
You go online, do business with an online companies p r e sents, or any business that is supported by, has ties to the digital world…the threat is real. So the armor should be the same with exceptions for platforms/device differents. Where a Table could help in what people can do to
RestorePrivacy! ; )
GOOD WRITEUP by Sead.
By the way, your image is new too. My beard on you, there would be no white T-shirt showing. Saved big on razorblades I have.
Yep I rocked the giant beard for a few years, but I finally had to get it under control.
Where’s this tech world taking humanity?
[https://bahaiteachings.org/human-brain-which-part-contains-conscience/]
For any moral reasoning in that part of the human brain that decides between right and wrong. Is the path answered with AI, when as far modern science can currently determine, that we have no “moral module” or specific, identifiable area of the brain responsible for conscience-driven decision making.
Instead, they found the neural network that makes moral decisions actually overlaps and connects with several other important brain functions. It cross-connects with the network that determines the intentions of others; with the network that attempts to understand other people’s emotional states; and with the network that prompts us to feel empathy for others, as well. All of those widely-dispersed networks “light up” in brain scans when moral and conscience-driven decisions get made.
Moral reasoning and the high-order abstract decisions we make from our conscience relates to our ability to see things from another person’s point of view, understand their emotional state and have empathy for them — all at the same time. This sophisticated, uniquely human and domain-global ability sets us apart from every other creature.
The conscience, then, may even transcend the confines of the brain, and extend to the heart and the soul, acting as a universal instrument of perception, understanding and moral choice.
Those of you that remember back to a time of a digital world before the technolgy explosion. When the browsing exploits were cookies and tags that evolved to Super, Ever, Zombie. Now we face AI to be exploited by augmentation of the past exploits.
Where enhancement from AI as an universal instrument drives the computers that are made to think like humans without our empathy, of the mind and our conscience with the soul all enlighten us and connect us. AI is not safe to guide humanity.
Information source,
[https://windowsxlite.com/]
[https://www.minitool.com/news/windows-x-lite-optimum-11-24h2.html]
Windows X-Lite Optimum 11 24H2 is a custom lite system based on Windows 11 version 24H2.
This release allows you to bypass TPM, Secure Boot, RAM, CPU, and storage checks, and bypass Microsoft’s forced account creation during setup/installation. So, it will give you a smoother experience on lower-spec machines.
Here is Brave’s AI answer on new laptop w/OEM Windows 11.
Optimize Windows 11 laptop for maximum privacy and security setup
To set up a new laptop for privacy on Windows 11, follow these steps:
Step 1: Create a Local Account
Instead of using a Microsoft account, create a local account on your Windows 11 laptop. This will prevent Microsoft from storing your data and tracking your activities. To create a local account, go to Settings > Accounts > Family & other users > Add someone else to this PC, and select “I don’t have this person’s sign-in information” > “Add a new user without a Microsoft account”.
Step 2: Disable Online Speech Recognition
Disable online speech recognition to prevent Windows from sending your voice data to Microsoft. To do this, go to Settings > Privacy & security > Speech > Speech recognition > Change > Off.
Step 3: Disable Ad Tracking
Disable ad tracking to prevent Windows from collecting data about your browsing habits and interests. To do this, go to Settings > Privacy & security > Advertising > Ad tracking > Off.
Step 4: Disable Diagnostic Data
Disable diagnostic data collection to prevent Windows from sending data about your system and usage to Microsoft. To do this, go to Settings > Privacy & security > Diagnostics & feedback > Feedback frequency > Basic.
Step 5: Disable Location Access
Disable location access for unwanted apps to prevent them from tracking your location. To do this, go to Settings > Privacy & security > Location > App permissions > Location > Off.
Step 6: Disable Shared Experiences
Disable shared experiences to prevent Windows from sharing your data with other devices and apps. To do this, go to Settings > Privacy & security > Shared experiences > Off.
Step 7: Disable Personalized Suggestions
Disable personalized suggestions to prevent Windows from using your data to suggest apps, files, and settings. To do this, go to Settings > Personalization > Suggestions > Off.
Step 8: Enable DNS over HTTPS
Enable DNS over HTTPS (DoH) to encrypt your DNS traffic and prevent it from being intercepted by third-party servers. To do this, go to Settings > Network & internet > Advanced network settings > DNS > DNS over HTTPS > On.
Step 9: Use a VPN
Use a reputable VPN to encrypt your internet traffic and prevent it from being intercepted by third-party servers.
Step 10: Regularly Review and Update Your Settings
Regularly review and update your privacy settings to ensure that your laptop remains secure and private.
By following these steps, you can set up your new Windows 11 laptop for privacy and protect your data from being collected and shared without your consent.
AI-generated answer. Please verify critical facts. Learn more
[https://search.brave.com/help/ai]
Wow, that’s interesting, thanks for sharing BITR! I have not tested out Brave’s AI search engine yet.
= )
Thanks
How about some reality in your privacy insights to all the reviews you do. Update the privacy/security categories for any companies that are allowed to assign, transfer, and subcontract its rights and/or obligations under their Terms without any users notification. Making a special cautionary note in the review at least for your readers.
Another view, would be how much a business (vpn,email,browser,device) prospers from the actual purpose its in business of and offers users.
User base versus revenues minus overhead. How profitable is it? Is it selling users data to pad its profits? How is a users data used to make the business money buy the Terms you have to agree to by using it. Please include this research as well RP.
Thanks for your full reviews.
Oeprating system:
It shoud included BSD variant – OpenBsd, FreeBSD…
Apple may have to open its app store to alternatives resulting from the recent anti-trust court decision, but it is doing so placing numerous restrictions and fees in order for them to operate.
https://money.usnews.com/investing/news/articles/2024-01-24/apple-plans-new-fees-restrictions-for-downloads-outside-app-store-wsj
For people wanting to buy a smartwatch but are concerned about Google’s and Apple’s data mining (yes, Apple does it too), there are privacy-oriented alternatives. One other brand not listed whose products tend to rate very well with Mozilla’s “Privacy Not Included” list is Garmin.
https://howchoo.com/technology/best-smartwatch-for-privacy-and-security/
There are a number of Black Friday discounts on a variety of privacy-oriented products. Some even extend through Cyber Monday.
https://youtu.be/psl0SqT3INc?feature=shared
Apple is working on unlocking their mobile devices in order to accommodate sideloading which could mean new apps and repositories similar to Android.
https://9to5mac.com/2023/11/18/apple-head-of-security-iphone-app-sideloading/
Privacy protections are almost non-existent when it comes to automobiles.
https://arstechnica.com/cars/2023/09/connected-cars-are-a-privacy-nightmare-mozilla-foundation-says/
Mozilla compiled a list of the privacy practices of the major car brands.
https://foundation.mozilla.org/en/blog/privacy-nightmare-on-wheels-every-car-brand-reviewed-by-mozilla-including-ford-volkswagen-and-toyota-flunks-privacy-test/
This group has some ideas on what you can do.
https://privacy4cars.com/
Hi Sven,
I just bartely got a brand-new Macbook Pro 16-inch laptop for school, which comes with the M2 chip. I also just got a brand new iPhone 14. I installed MacOS Ventura, but I’m wondering if I should switch to Linux to better protect my privacy? Or does that just defeat the purpose of having a Macbook Pro in the first place?
Hey Spencer!
Brand new Apple gear… wow! IMO, stick with the Mac OS and do whatever you can to lock it down for security and privacy. Sven has many helpful articles in different categories on how to do that. A decent VPN for starters is a must
The iPhone, on the other hand, (and any other mainstream cells) are built for data collection = not privacy friendly.
BTW, there are very few current Linux OSes (distros) that are designed for an M2 chip. I have Linux, i.e. Mint, MX and Sparky — see https://distrowatch.com/ — running on 3 older iMacs because I could not install newer Mac OSes on them. Work great but you gotta pick and choose = pretty steep learning curve all round.
Good luck with your schooling! Cheers, George
Hi Sven,
Tools like LittleSnitch (for Mac) or Glasswire (for Windows) are not mentioned. With the great amount of control they give over incoming and outgoing connections, they can be a useful tool to improve privacy&security. Is there a reason they are not mentioned here?
Good points John, I think they were on here at one point, and should be added back.
With Little Snitch Mini there is now a version available that is less cumbersome to set up than the full version, and with LuLu from Objective-See there is a free & open source tool with similar features.
Got another suggestion for Restore Privacy – Sven.
Add to your ‘Restore Privacy Checklist’ the inclusion of an antivirus on the device.
To the ‘Privacy and Security Essentials’ links could have information about nowadays phishing URL’s or malware download link’s especially with technology advancing faster than follow-up security patches roll out. The more mainstream the technology has become, the more attractive it has become to threat actors. The same accessibility that makes the QR code a useful tool also makes it an effective vector for phishing and malware delivery. Quick Response (QR) codes are two-dimensional barcodes used to enable users to access data or web-based resources (URLs).
QR codes -‘ Quick Response codes’ are nothing new, having first been devised in 1994 as a way of tracking car parts during manufacturing. However, smartphones and mobile connectivity have caught up to the QR codes’ potential, and the digital tiles now provide handy shortcuts for consumers to complete actions or get more information. They are commonplace on travel and event tickets in many countries, with restaurant menus and advertisements being other popular uses. And of surges, anyone who has done a COVID test will have noticed a QR code as an alternative to typing out the long string of ID numbers.
There are several factors that make QR codes an appealing attack tool. Codes can be used in emails as a substitute for URL links or attached files. In normal use, this will automatically redirect the recipient to a specified web page or interact with a specialized device or application. Attackers can exploit this trait to disguise a phishing URL or malware download link that might otherwise be picked up by email gateways or other anti-phishing cybersecurity solutions.
But the QR code itself is not malicious and there is nothing to give one set of pixelated squares away as a potential threat. This, combined with our growing familiarity with the technology, means many users will simply wave through a QR code where they might have been suspicious of a normal link.
Added to this, the codes are usually intended to be scanned by a smartphone, which means a user that opened an email on their desktop endpoint will be jumping devices. This will often mean switching to a less secure personal device, particularly in the age of remote working.
https://www.emsisoft.com/en/blog/32351/how-to-prevent-phishing-attacks/
https://portswigger.net/daily-swig/qr-code-security-best-approaches-to-using-the-technology-safely-and-securely
https://www.techradar.com/features/do-not-overlook-the-security-risk-posed-by-qr-codes
Will AI (artificial imitation) someday allow people to lay on a beach somewhere while it runs their business and brings in record profits?
I have recently learned how the reCAPTCHA test works:
https://www.cloudflare.com/en-gb/learning/bots/how-captchas-work/
If it is true that “The reCAPTCHA also may assess the cookies stored by the browser on a user device and the device’s history in order to tell if the user is likely to be a bot” and that “The latest versions of reCAPTCHA are able to take a holistic look at a user’s behavior and history of interacting with content on the Internet”, then it seems that there are some privacy issues here… How to protect from that?
Thank you!
What about smartphones?
Hi
As I know, on RP, there are (at least) two articles, part of which address your question.
One is “Browser Fingerprinting Protection: How to Stay Private”.
https://restoreprivacy.com/browser-fingerprinting/
The other is “Controlling Communication Channels is Crucial for Privacy”.
https://restoreprivacy.com/controlling-communication-channels/
You might look into these two.
Hi Sven Sir,
Online Privacy is a struggle and a fight which we are loosing every day. With each passing day it is becoming more and more difficult to restore privacy. One has to become a digital hermit and a digital vagabond to get some sort of online privacy and misses out on so much. Amazon, Google Products, Microsoft Products etc are not private but one has to use them in certain situations and there is no other option, like for example Microsoft Office. Or Google Maps. And now there is Chat GPT. Data is monitized in this age of information and data is power. People aren’t rich enough to pay for all services and so this is what we are left with. Big Tech is a necessary evil as Open Source communities are not resourceful and Governments can’t produce this kind of technology so rapidly, we will be years behind. Online security from fraud and hack is still a goal which is feasible and can be persued. But online privacy is very very difficult.
Digital world emerges out of real life world and is influenced by its problems. In an ideal society free from exploitation we can have a great digital life. But otherwise the area of work is real world. VPN, Adblocker etc are not the fundamental solution. Just a kind of plaster on an already fractured arm.
Hi Sven,
Reading this article on RP motivates me to look into Linux. And, I find that Ubuntu did sell users’ information to Amazon. So, I guess, although Ubuntu is more private than windows and Mac OS, some other Linux distros can do better.
For more details, might consult the following article by Richard Stallman, a founder and leader of the free software movement.
https://www.gnu.org/philosophy/ubuntu-spyware.en.html
Best,
CP
As a BSD user I recommended you one of them: FreeBSD, OpenBSD…
Sven Sir Please review Malloc VPN: Privacy & Security available for Android and iPhone. It is much more than a VPN and comes with very powerful and unique features to protect user privacy and security.
[https://www.mallocprivacy.com/]
The developers behind this service are very passionate about security and privacy.
Sven
Could you move https://restoreprivacy.com/browser-fingerprinting/
To you Page Header TOOLS Tab across the top in the dropdown listings? It’s hard to locate now really as it located presently.
Thanks
Yep, I just added it Kathy, thanks.
Thank you Sir. Your proving the site more valuable as you make things easier to find, understanding them for resolve or of a red flag to the privacy issues out there in the web.
Oh, maybe you can work on this demise I’m finding about/with your site and the wonderful comments your fans have left here over time. Yes, if you take the long route through your sites map it’s possible still? https://restoreprivacy.com/sitemap/
The issue of demise is – if you can remember the commenting authors name of something that was relevant to you. YOU Can’t Presently SEARCH for that NAME given for the comment(s) your site had posted from this commenting author. Why?
End result is once that page (with relevant comment) is push away to add room in present day comments. It’s dead for easy recall here – why?
I elect for you to have an easy search for a comments author by name, first – in your tabs search functions, second – in the sites archives. Please sir : )
If I have NordVPN this mean I have the AdBlock feature so, knowing this: Can I delete all browser extensions and be safe?
Thanks to all.
Sven Sir,
There are things which should be added to this article under ‘Other security and privacy practices’ which should include email compartmentalization and using different email for different services and different category of services and keeping banking email separate private, using encrypted cloud storage or one from a privacy respecting provider, secure and privacy friendly note taking apps, network and bandwidth monitors like Glasswire, being careful and showing good judgement when downloading apps and software on Smartphone and PC and preferring web apps, using email aliases and temporary throwaway emails, Keeping system and apps up to date, Securing Home Router and home Network, Being careful with phone number sharing as it serves as a unique identifier, avoiding personal assistants and chat bots, Using private alternative to Microsoft Office, Private Navigation Apps like Osmand and Sygic, Taking care of Smartphone Bluetooth and Wifi Connection when in Public, and finally ensure physical security of devices we use.
Thank you
Sven Sir,
1. I don’t use Data removal tools as it adds to extra cost and my data is not with data brokers as I have been careful from the beginning.
2. I use WhatsApp as the very few people whom I communicate are on WhatsApp and no use going for Signal or Session Messengers.
3. I use Ads free Microsoft Outlook Premium which comes with additional security features. Considering the nature of email protocols where the above options make you stand out without adding much to privacy and lesser security than Gmail and Outlook, I believe it is better to use Outlook Premium and also compartmentalize emails for various types of accounts.
4. I use Windows OS on HP Laptop and Android from Samsung. I need these for features which are not present on Linux and privacy is tricky on a smartphone. Still I do get ample privacy by using high quality and trustworthy apps and services and reduce data collection on these platforms via settings.
5. I use Neeva Premium as Private Search Engine and it works for me. Ads free and high quality results.
So OS, Email, Messenger are what I am using based on my convenience.
Corrections:
1. Wickr Me, the free encrypted messaging app owned by Amazon Web Services, is shutting down on December 31st, 2023
2. Session Messenger should be included in the list secure messenger options
3. Number 10 After Antivirus is not conclusion but Data removal tools.
PASS THIS ALONG-
We recently became aware of an incident in which a code-signing certificate, fraudulently claiming to be from Emsisoft, was employed in a targeted attack against one of our customers.
The attack failed – our product detected and blocked it – but we are issuing this alert so that both our customers and users of other products are aware of the tactics that were used in this case. We strongly recommend that users of Emsisoft products set an administrator password.