Ask Slashdot: How Do You Protect Your Privacy These Days? Or Do You? 319
An anonymous reader writes "The NSA snoops traffic and has backdoors in encryption algorithms. Law enforcement agencies are operating surveillance drones domestically (not to mention traffic cameras and satellites). Commercial entities like Google, Facebook and Amazon have vast data on your internet behavior. The average Joe has sophisticated video-shooting and sharing technology in his pocket, meaning your image can be spread anywhere anytime. Your private health, financial, etc. data is protected by under-funded IT organizations which are not under your control. Is privacy even a valid consideration anymore, or is it simply obsolete? If you think you can maintain your privacy, how do you go about it?"
one method (Score:5, Funny)
not truthfully responding to such questions
Re: (Score:2)
no kidding
there may or may not be one( or more) site(s) that has my REAL D of B and age
nor have my address or city i live in
different profiles might have different schools
and different years attended
or not .
Re:one method (Score:5, Interesting)
Which part of not entering real information did you miss?
Unfortunately there's a couple of flaws in his plan:
a) Facebook is busy asking other people things like: "Did you go to school with JohnVanVilet?" and they're all eagerly answering "Yes!!"
b) They've figure out he lies so they're starting to 'confirm' every new account via. mobile phone.
Re: (Score:2)
fortunately in some countries a prepaid simcard costs $1-2 .... quite convenient for being disposable
Comment removed (Score:5, Interesting)
Re: (Score:3)
well sure, if you're a mafia boss handing out death sentences you might need to change the phone every 3-4 calls... if you just want to fuck with nsa change the phones and sims with your friends, maybe they'll make one single superperson out of you.
there's diminishing returns on that for advertising sites though, and if you want to appear online as yourself with some profile then people will somehow have to know it's you(or at least that it's your alias) anyways. it's not like some random website that uses
Re: (Score:2)
That's where the tracking cookies come in ... you might have several facebook accounts, but the odds are, there's going to be one cookie that remains the same for advertisers.
Re: (Score:2)
That's where multiple browser profiles and cookie control (including Flash cookies & HTML5 storage) come in.
But I must say it becomes more of a PITA as time goes on. My Firefox install is so heavily modified it gives a lot of trouble...doesn't work with Slashdot at all anymore and I can't figure out why. For now I'm using a Chromium incognito window when I want to post a slashdot comment.
In Soviet Russia, Comrades can always find YOU! (Score:2)
It is just why I always insist that any so-called Crypto Phone Program is basically worthless since any of them does nothing to hide a FACT of communication between specific persons. The 3-letter agencies need not know the conversation itself since they can always torture it out of your correspondent.
Now, I see some developments in this direction but all of them are quite far from fruition since every really anonymous protocol is by definition slow.
Re:one method (Score:5, Funny)
When I have a phone conversation, I do it by recording MP3s, putting them in encrypted form on microSD cards, and leaving them at dead drops.
Re:one method (Score:5, Insightful)
It depends who you are hiding from.
The typical internet user is unlikely to incur the wrath of the NSA or even law enforcement unless they are involved in crime or political activism. They may choose to hide on princible.
What they do have to fear is the casual background check.
For example: I loathe the catholic church. A bunch of homophobic superstitious idiots with ridiculous beliefs that even they have had to shy away from out of embarassment. Stuck-up people who claim to be the sole early authority on issues of morality, though apparently this includes sheltering a truely obscene number of child-molesters in their ranks from the public relations disaster of actually being caught by law enforcement.
My first job out of university was in IT support at a catholic school.
Now, imagine if I had been dumb enough to write the above under my real name somewhere? The school may very well have put my name into google to check if I have any skeletons, found something like the above, and decided not to offer me the job. I'd never have learned why, just gotten the 'your application was not successful' form letter, so it's impossible to say how often this happens - but with facebook and google requiring real names for an increasing number of social media concerns, this is surely happening with increasing frequency.
Re: (Score:3)
Because:
1. They have money.
2. I, being unemployed, did not.
3. The church didn't actually exercise much control over the everyday running of the school anyway.
Princibles are all very well if you have money. When you've been unemployed for six months with nothing but a diploma and a CCNA, you take what work you can get.
And your proposed solution isn't exactly princibled either. Self-censorship? Never say anything that could offend anyone, because you may some day need their favor?
If you've managed to find my
Re: (Score:3)
Hey, I'll one up that by saying "Don't have a fucking stupid social network account to begin with". /. not evidence of this?
You can quote me on that. I did.
We're nerds, we really don't do social. Not within a structured environment anyway. Is
Go to town, look up the fly, see who am I, you can try, then wonder why. So many possibilities, so many degrees, so many fields, so many who would be fly, they are not I and I, aye? Eye think you misrepresent your abilities.
Re: (Score:3)
Re: (Score:3)
not truthfully responding to such questions
So I shouldn't let on that I have contracted cold fjord to secure all my data?
Re:one method (Score:4, Insightful)
Don't use it (Score:5, Funny)
Nothing you do electronically is anonymous. I don't use the Internet, I don't make phone calls, and I don't do email. Ever. At all. I only pay cash (coins actually, because bills have serial numbers that can be tracked). And I certainly would never, ever, post anything online.
Re: (Score:2)
If you've ever touched a penny, then the govt has your DNA
Re:Don't use it (Score:5, Funny)
That's exactly why I only touch pennies with my private parts - they may have my DNA but they're not going to like where it came from.
Re: (Score:3)
Nothing you do electronically is anonymous.
Worse: Anybody who can find out anything at all about you, will, and they'll sell that information to as many other people as they possibly can.
I keep my data locally. Almost... (Score:4, Insightful)
My private data does not leave my home network. I lack off site backups, but Google spies on all my email. I rarely bother with Tor, just enough to draw suspicion. Gee, maybe I should rethink some of this, but that sounds like work.
I think my issue here is the same as a lot of peoples: maintaining privacy requires you actually bother to do stuff. My categorical banning of all cookies, java script and browser plugins except for white lists is really the only effort I've put into my privacy.
I don't go around spamming private stuff on Facebook, but I still expose my reading habits to web servers, my ISP etc. I don't host my own sites, so I'm leaking lots of info about my users/readers to the hosts. I lack HTTPs support on most of my sites, so I'm leaking lots of stuff.
I've toyed with Tor hidden services (I made one), and bitcoin (I have some), but never actually done anything with them. I have a big interest in privacy, but generally I don't bother with it. Its kinda sad really.
We need better tools to make having privacy not be a sacrifice: it needs to be easy, and not lose you features, or even the people who care (like me) won't even bother. We are a long way from this, which in the purest sense isn't even actually possible (You have to lose some features if you have true privacy).
Re: (Score:2, Insightful)
We need better tools to make having privacy not be a sacrifice: it needs to be easy, and not lose you features, or even the people who care (like me) won't even bother.
This. We also need to make it much easier to find out which tools/services are worth people's time, energy, and money. Even something as seemingly simple as intelligently choosing an ISP, VPN, email provider, etc. requires a massive investment in time to learn the basic technical aspects of each service & relevant features, scour the Web to find non-spammy reviews hidden among the SEOspam, compare prices & feature offerings... If a geek like me that already understands the technology and has a to
Re: (Score:3)
I don't care (so much) as long as (fillinfodder) (Score:5, Informative)
Most people I have talked with are angry, but don't know how to act against it.
Re: (Score:3)
You should take it on yourself to educate them. Tell them about cheap VPN services and how easy they are to set up. I even give people cheap flash drives I bought of eBay and loaded with a portable version of the Tor browser bundle. I'm trying to figure out if a portable VM with Tails is possible.
Re: (Score:2)
Simple (Score:5, Funny)
I send everything to Snowden for safe-keeping.
Simple. (Score:5, Funny)
I don't have anything the NSA is interested in.
The people that are likely to try to gain from violating my privacy are likely to spend 10 times more then they gain.
Re:Simple. (Score:5, Insightful)
I don't have anything the NSA is interested in.
The people that are likely to try to gain from violating my privacy are likely to spend 10 times more then they gain.
There are two words that everyone should be concerned with: False Positive.
Re:Simple. (Score:5, Insightful)
As I usually say: every week there is someone who wins the lottery, and that chance is really, really small.
Re: (Score:2)
If that's what you're worried about wouldn't you want to give them more information so they'd have a better picture of you rather than less?
Re:Simple. (Score:5, Insightful)
Re: (Score:3, Interesting)
"I don't have anything the NSA is interested in."
Do you comment on any forums to influence people?
Do you vote? Do you think your vote is not interesting?
Do you have relatives? Do you think they are all so bland and uninteresting?
Do you work for a company? Does it make stuff in competition to other companies?
Do you know stuff the NSA might find useful.
In Soviet Russia your TV watches YOU! (Score:5, Insightful)
I don't have anything the NSA is interested in.
It's correctable. Just ask your congressman to make your everyday activity punishable. Here in Russia I read about 3 reports per day about people punished due to use of social networks to publish dissent with official national policy.
Re: (Score:3)
Mne chto, pokryt' tebya russkim matom, chtoby ubedit' v obratnom? I know about LG Smart TV. I simply don't watch TV since there is pro-Putin propaganda and stupid serials specially crafted to make Putin's electorate more controllable. The only satisfactory channel is "Kultura".
Soviet anecdote: Pet'ka comes to Chapaev (Chapaev was a famous Red commander during Civil war and a hero of lots of anecdotes).
Chapaev: Pet'ka, why haven't you ironed your uniform?
Pet'ka: This morning I turned on my radio and could re
Re: (Score:3)
"I don't have anything the NSA is interested in."
Today.
That you know of.
Not too bothered (Score:5, Interesting)
Anyhow, the way these things work is:
- Either a very small percentage of people are seriously affected by breaches in privacy, in which case I don't need to worry too much about it, or
- A significantly large number of people are seriously affected, so that it becomes a political issue and there's a push to do something about it.
Re: (Score:3)
what makes you think that 20 000 contractors wouldn't be a way for the information to leak to criminals or that 20 000 contractors wouldn't use in a fashion that would be criminal for anyone else?(you know, like using your identity to email hack someone else and you ending up as the fall guy...).
Re:Not too bothered (Score:5, Informative)
The NSA *is* a criminal gang. And, it's a criminal gang that can put you in jail for breaking laws that you don't even realize you are breaking.
Re: (Score:2)
Yeah, that usually works sooo well.
Re:Not too bothered (Score:4, Insightful)
The NSA is a criminal gang. They operate above the law and ignore rulings against them. As far as they are concerned the rules do not apply.
We also know that individuals in the NSA a criminals. They use their power to spy on their partners, for example. You should be very afraid of the NSA.
Re: (Score:3)
If you have the cash and contracts you can 'run' the same systems on any scale.
The "worry" is really who you upset - a brand name, their private security, a gov, a cult, a faith, a nation, some criminal group, law enforcement, ex law enfacement, a political party.
http://www.theatlantic.com/international/archive/2010/08/a-spy-in-the-jungle/60770/ [theatlantic.com]
http://www.latimes.com/business/money/la-fi-mo-corp [latimes.com]
Proxies and encryption (Score:5, Informative)
It doesn't take much to make their jobs harder. I use these things also for everyday items, it's not like I fire up PIA to "go dark and do evil stuff". I've plenty of friends that don't see the point of doing what I do when what I use it for isn't illegal, but privacy means privacy from prying eyes, I decide what I share with others.
Re: (Score:2)
proxy/VPN access to the net.
Since it isn't obvious, there are two ways that VPNs help:
(1) They mix your traffic in with everybody else using the same proxy - when you are at home your IP address is generally yours alone, but with one of these proxy services there could be hundreds of people using the same IP address.
(2) You can easily switch between proxies. The service I use has about 20 proxies in the US alone. Whenever I do something where I have to explicitly hand out identifying information (like make a purchase with paypal) I
In Soviet Russia, the Party will find YOU! (Score:2)
Since it isn't obvious, there are two ways that VPNs help:
(1) They mix your traffic in with everybody else using the same proxy -
Once upon a time when the trees were green I logged to some VPN. Then I found the output proxy address of this VPN and entered
$ ssh this_address
- and logged into my own system. It means that this specific proxy does NOT mix any traffic. And BTW I don't fear NSA which supervises this VPN, I fear only The Party. And also if you think that The Party cannot separate your traffic from the mix - you are wrong.
Re: (Score:2)
Http proxies can add (if configured to do so) an header reporting the real IP, so even if you are behind a proxy they will get your IP.
They can indeed. You can use this website to see if your browser is doing that, it is the HTTP_X_FORWARDED_FOR header.
http://ipinfo.info/html/privacy-check.php [ipinfo.info]
With the right plugin you could also configure your browser to spew random ip addresses in the forwarded-for header if your proxy doesn't put one itself.
What's DNTPlus? Is it free software? (Score:2)
I can't find DNTPlus.
I found something similar-sounding on addons.mozilla.org, called DoNotTrackMe, but it's proprietary software so there's no way I'd trust it with my privacy.
(I'm also looking for a free software alternative to Ghostery if anyone has suggestions.)
Re: (Score:2)
Depending on the platform, there are some options. (Score:5, Interesting)
The issue is you cannot protect your privacy directly from the NSA. They seem to have tapped communication between Google data centres, can request any information they wish from any company (Google, FB, your local ISB and phone provider, etc), so the only option is limiting the amount of data you provide. Interestingly I started taking the following steps even before the leaks simply because I became uncomfortable with the major corporations gathering my data and then changing their privacy policies at will. That's not how contracts are supposed to work, and disagreeing doesn't seem to have any effect. Once Snowden went public, my paranoia turned out to be justified.
In general terms, I do not share anything truly personal on a public forum. So on FB I never upload pictures, I do not share places I visit, and I do not provide a phone number. I just use it to set up events like Birthdays or nights out. I do not use twitter, foursquare, pinterest, instagram, myspace or whatever social fad of the day happens to be. It could be that in my early thirties I'm becoming a technology Luddite, but then I was never denied a job because my *insert questionable behavior here* is posted all over the net.
Google is a special case. I started using Gmail when getting invites was almost impossible, and Youtube when they were still independent. So giving up my Gmail account would be a VERY significant undertaking, especially since I couldn't come up with better alternatives (fast, supporting POP3, almost perfect uptime, and guaranteed not to shut down). But I never stay signed into Gmail outside checking my mail, I do not use G+, I stopped using YT while being logged in, and I search through DuckDuckGo. And if anyone can suggest a reliable email provider that is NOT Google, MS or Yahoo, I am all ears.
Getting to specific platforms, on a Windows 7 PC, I use Seamonkey with Adblock Plus and No Script. I also block all third party cookies. I'm also considering adding Ghostery to the mix. This takes care of most of the trackers, cookies, ads, etc. I have not used Linux on a desktop in years, and I am yet to touch Windows 8, so I can't comment there. I also never share my location, although it's pretty braindead to find out where my IP is located anyway.
On my smartphone, I run CyanogenMod without GApps, meaning no Google account, no PlayStore, no Google Maps, etc. You get the idea. Every single app on my phone is installed from F-Droid. I have a fully functional, OSS book reader (Cool Reader), browser (Firefox with Adblock Plus), map application (rmaps), email client (k-9). So my phone is fully functional for my needs without any connection to the Google servers. As before, I never share my location which on a smartphone does make a difference.
This is pretty much what I've done to avoid Big Data without using any functionality and giving up only a bit of convenience. Any suggestions for improvements are more than welcome.
Re: (Score:3)
I use Seamonkey with Adblock Plus and No Script. I also block all third party cookies. I'm also considering adding Ghostery to the mix. This takes care of most of the trackers, cookies, ads, etc.
Not Ghostery -- it has a dubious mission and works by parsing lists that are growing longer by the week. Try the Request Policy extension for Firefox. Request Policy is simpler. It blocks off-site requests and shows you a list of what each site is requesting. You'll learn just how much tracking is happening and you may begin to avoid sites that you used to trust.
The latest Firefox has a "click to play" feature. Type "about:config" and search for "click_".
I have not used Linux on a desktop in years, and I am yet to touch Windows 8, so I can't comment there.
I prefer Linux on my desktop in every way. Just don't
Re: (Score:2)
I think even the Nvidia and Broadcom problem isn't so bad these days, I haven't had any trouble with their hardware in the last few years.
Re: (Score:2)
Re: (Score:2)
Real men host their mail themselves.
Anti-Spam, anti-virus, blacklists, security updates, and dealing with shit when it goes wrong? ... and it only costs me a fiver to sign up for that grief?
Most real men have better things to do than administer a personal email server.
And to what end? When most of the personal email I get is from other people with gmail/hotmail/outlook/yahoo/or major ISP addresses... so the 'other half' of every conversation is just wide open anyway.
For most of us in that boat, we might as
In Soviet Russia, Windows looks from YOU! (Score:2)
If you believe that anti-virus and security updates are really needed then you possibly believe that the program should have .exe extension to be executable. Throw away this belief. After this your only problem will be spam. And it's quite easy to fight. You just tell your important correspondents to include some keyword to header and tune your mail client to mark it as NOT SPAM. Every other mail is sorted by built-in spam filter of your client.
Re: (Score:2)
If you believe that anti-virus and security updates are really needed then you possibly believe that the program should have .exe extension to be executable. Throw away this belief.
The security updates are for the server itself. If you think its ok to run a mail server and not be paying attention to security updates. Well ... "Throw away this beleif." :)
As for anti-virus; sure I can handily automatically strip out executable from anyone not on a white list I suppose.
After this your only problem will be spam
Re: (Score:3)
Give these guys a try: Your own dam server that you control.
Re: (Score:3)
It's really not a fuckload of work. It's a load of work to set it up and very little ongoing work to keep it updated.
It's really not for everyone but this is slashdot isn't it?
Privacy? (Score:5, Insightful)
Re:Privacy? (Score:4, Insightful)
Anything I care to keep private, I don't put on the internet. That's about it.
The facebook spy system encourages others to post everything they know about you. People do that without any understanding of what they are giving away for themselves or for people they know.
This is bad from the simple example of so called friends making sure criminals know when I'm on holiday as well as my home address, to corrupt government spooks having access to everything that anyone ever wrote about me as well as a stream of up to date pictures.
Is it worth protecting? (Score:4, Interesting)
Security by obscurity? (Score:3)
Security by obscurity is never a good thing. Basically, if you think that your door will never be kicked down because THEY don't know about your belongings - you are wrong. Your door should never be kicked down because it's strong enough. And while they kick you should have enough time either to shoot or to exfiltrate.
You live in your cardboard and sheetrock cabins - and think it's normal. The normal building is at least wooden one where you need a chainsaw to enter. Here in Russia the Police needs about a
Don't use "free" services (Score:5, Interesting)
The main thing I do to protect my privacy is not to use "free" services, such as Gmail, Hotmail for personal email. I maintain my own server which has a mailserver installed. This means that no-one except me (and anyone who manages to break in) can just access my email.
I live in the Netherlands where ISPs are forced to keep "traffic records" of me. Because I'm an academic I get to use the academic ISP, which is not bound by that law, at least for Internet traffic. But having my own mailserver means that also my my email traffic is not monitored and can not be requested by the police. Furthermore, having your own mailserver and domain also makes it very easy to compartmentalise service subscriptions. Just make a new email address for each service.
I used to use Google Calendar, and Contacts but stopped with that since I discovered that OwnCloud is a really decent private drop-in replacement that you can host yourself.
I use many different privacy plugins (Ghostery, Adblock, etc.), while being aware that this makes my browser ID somewhat unique and identifiable. At least I'm making it harder for them.
Re: (Score:2)
You can use FireGloves to make your browser much less identifiable...I'll warn you though, it increases the PITA factor significantly.
I don't use my real name. (Score:5, Interesting)
Depends on your fears (Score:3)
Worried about governments?
All data leaks eventually.
Your best bet is a thick layer of data that defines you as normal, therefore boring.
Worried about ID thieves?
Try to minimize the number of online retailers you do business with, or credit cards you have - but do keep at least one throwaway card it's really easy to just drop in case it's taken over, for transactions you don't quite trust.
Worried about purchases being tracked back to you? Use cash.
Basically it's not good enough to be worried about "privacy", the term is too all encompassing. Instead start to think about who exactly you are worried about getting what and minimize that risk.
One more (Score:3, Interesting)
Worried about someone finding your child-porn stash?
Don't store it with Google [cbslocal.com]
Basically a lot of the answers to how to avoid "X" would be, don't store that with Google.
It's a rough question though as I have to say I'm OK with Google poking through Picasa in order to catch a real child molester.
Basically I've always assumed myself that anything marked "private" and uploaded to a server I do not control, means it is for my eyes only - plus the eyes of every admin on the system.
Re: (Score:3)
You say you would let Google go through your photos... What about your email? What about your documents, your phone calls, your home. How about the government bring you in for questioning once and a while, just to make sure you are a good citizen... Where does it stop? Where do you draw the line and say "no more".
That's a slippery slope fallacy, and it can go the other way as well. What if we keep police from looking for (whatever criminal), then it spreads and pretty soon no criminal will ever be stopped. We will live in a society of lawlessness because people can do whatever they want without fear of retribution.
It sounds silly, but so does your argument. "If you take the tasers away from policemen, soon enough there will be no policemen."
In Soviet Russia, Borings Normalize YOU! (Score:2)
Your best bet is a thick layer of data that defines you as normal, therefore boring.
You don't live in a country where normal is punishable.
Re: (Score:2)
Your best bet is a thick layer of data that defines you as normal, therefore boring.
The feds thought Asimov was "interesting,", a guy who only could have been more "boring" if his ancestors came from England instead of Russia. Are you sure it's possible to be "boring?"
Yes, there is privacy... (Score:3)
...at least in this day and age. The trick is to remember that any information that is recorded to any form of media, can be stolen, copied, or given away. If you want to maintain something in privacy, it can't leave your head. You can't write it down, or draw, or paint the idea. You can't make a tape of it or a video of it. You can't say it to your lover or spouse.
Of course that makes it incredibly difficult to act on what you maintain in privacy, but that is more of a problem of getting others to work with you in suport of that idea.
There is a presumption of privacy codified in law, however that presumption does not seem to be all that relavent to our current state of govornment or business, so you are pretty much stuck with what you can control. At the moment that's pretty much restricted to what's in your head.
No, I'm not much happy with that either.
No backdoors in encryption (Score:5, Insightful)
Everything Snowden released has shown that the NSA doesn't have magical ways to break modern encryption. They rely on strong-arming various organizations and hacking vulnerable systems.
Re: (Score:3)
Tor and Bitcoin seemed to be particulary resistant to their efforts (other encryption protocols, not so much), but your ecosystem is not just your network, sites you visit [slashdot.org] could be used to plant backdoors in your system (and if your browser is safe enough, what about your flash player?).
This is not just about privacy, is also about having installed in your pc/network government's malware under the control of criminals (that work/had worked for the government or bought it from one of them)
Re: (Score:2)
Price, gov support, removing real competition, giving 2-3 "selections" internationally.
The method that they can turn to plain text or track or decode becomes the standard. No need to break anything if the world uses your code generation after foolish generation
Some good tips (Score:2, Insightful)
Here's some nice tips which won't ultimately solve the problem but which will greatly improve your privacy.
1) Use common sense. Try to imagine which routes your data will take and which providers will it meet. Will those parties snoop on your data (datamining or wiretapping)? What kind of privacy policies do they have?
2) Use encryption in as many places as you can. HTTPS and IMAPS are good start.
3) Do not put important data into services provided by Google, Facebook or other datamining companies. If possibl
Re: (Score:2)
Not just your operating system, this site [prism-break.org] gives you safer alternatives for most of what you use.
And maybe could be interesting to put your perimeter apps in disposable/restorable boxes, either vms with snapshots or containers [github.com], so even if they are hacked you have an easy restore point or even detection that it happened.
Government doesn't bother me (Score:5, Interesting)
The government snooping around doesn't bother me all that much, as while it might be a waste of money, it really doesn't affect me. It's just dead data sitting around on some NSA server. There is more interesting stuff to read then my email. What I am bothered by is the leaking of private data that happens all over the place, things like the people you follow on Twitter or Youtube being publicly visible information. Why exactly does every modern social webpage treat what are essentially bookmarks as public information and publishes it to the world? Why is everybody just accepting that and not complaining about? You can't even switch it off most of the time. I find that incredible annoying and avoid any service that does that when I can. I don't have much of a problem with my information being out there, but at the very least a service should make it very clear what kind of information is public and what is private and modern services don't really do that.
Another thing I have a real issue with is the starting pervasiveness of requiring real life authentication to log into a webpages. Mobile phone numbers started as just a way to get your password back, but now quite a few webpages are requiring them and Google+ and Facebook have their real name requirements. Furthermore there are more and more webpages that only allow you to access them via your Facebook or Twitter login, not via a webpage specific account. So once Facebook or Google switching on the requirement for a mobile phone number or real name and enforce that, that means your real life identity is linked to a ton of a webpages and you can't stop that from happening unless you completely avoid that webpage, as even Tor doesn't give you a free anonymous mobile phone number.
Re: (Score:2)
Until the day that Grumbel decides to run for Congress, on a platform of returning the protections guaranteed by the Constitution against the encroachments of the NSA. All sorts of "dead data" suddenly comes to life out of context like so many zombies.
Re: (Score:3)
The government snooping around doesn't bother me all that much, as while it might be a waste of money, it really doesn't affect me.
Yeah, it doesn't affect you (Well, it affects your freedoms, but those are worthless, so who cares?), so it doesn't matter. If the government uses all this data to abuse other people, it doesn't matter since it's not happening to you. The fact that the government can change the rules, misinterpret the data, and use it to harass virtually anyone doesn't matter at all.
Move away from US services; use encryption (Score:5, Informative)
Three things:
- I am making an effort - both privately, and for the companies I consult with, to move away from US-based services. This is a long-term strategy, as changing company infrastructure can take time.
- Encrypt everything. It take a bit of work, but you can set up encryption so that it is transparent to the casual user. Just as an example, with EncFS you can automatically and transparently encrypt data you store in the cloud. The user sees the unencrypted version, but the encrypted version is synchronized with the cloud.
- Teach people about password managers like KeePass. Get people to use long, cryptographically difficult passwords. Bonus points: copy-paste out of a password manager eliminates over-the-shoulder observation, keyloggers, passwords written on post-its, etc.
Wrong question - it's not about our privacy (Score:5, Insightful)
Come on, you're asking the wrong question!
The sun doesn't revolve around you or me.
Those here who answer "I don't care" are halfway right.
None of us will be betrayed by Google or Amazon - that's bad business.
NSA won't post your private stuff or steal your money - they just want to do their job, damn the consequences.
However, after the next economic depression and mass unemployment, or after the next great war,
when we elect our Führers, or support revolutions ending in a totalitarian states,
they will find it convenient that our governments have built the infrastructure for their tyranny.
To answer the question that your should have asked:
* Voice your opinion.
* Support EFF https://www.eff.org/action [eff.org] and similar organisations.
* Contact your representative.
* Vote with your head and your heart - not your wallet.
The net belongs to them (Score:2)
2. Know the US brands that willingly and knowingly helped the NSA and run any different OS/file systems.
3. Learn to think like a protester in 1980's Eastern Europe. Just keep been political active and know its all been filed, linked, watched, tracked, logged.....
Voice print, face scanning, OS, telco, ISP, cell tower tracking
4. Pay
Personal Cloud (Score:3)
Citizens of USA (Score:2)
Re: (Score:3)
Resist, lobby congress, join the EFF and start to use techniques to minimize exposure. Also push on your locally elected officials to enact a privacy first approach in their dealings because they're the ones who approve license plate scanners, red light/speed cameras and other little conveniences to generate revenue. In my city we've outlawed red light cameras but the police have license scanners on a lot of their cars, so we're working to get deletion/retention policies enacted. Also, de-Google and de-F
I don't... (Score:2)
propaganda (Score:4, Informative)
We've seen a lot of this propaganda in the past years and I refuse to believe it. What I mean is the attempt to spread a meme that says "post-privacy" or "privacy is done for anyways".
Look who the proponents of this meme are. Always, always the people who want it to be the case - Zuckerberg, government spy units, advertisers.
No, the battle isn't over while one side still fights. And there is quite a lot you can do to maintain your privacy. And like everywhere, there's a law of diminishing returns, which means the first steps, that bring you a ton of privacy back, are really, really easy.
Step No. 1: Don't post all your life to Facebook, Instagram and Twitter. Security researchers have demonstrated years ago how from that data alone they can create extensive profiles on you, including movement data that police would need a search warrent for your mobile provider for.
Step No. 2: Keep your secrets secret. If you want to share them with someone because you just have to talk with someone about the guy you murdered last week, or the hot chick you cheated on your wife with last month, or how you really hate your grandma even though you always play nice at the family events because she's rich - or whatever is on your conscious, do it in person, face-to-face only.
And that's about it. 80% of your privacy restored right there.
Whine about the NSA all you want, but if I can reconstruct where and with whom you have been with at what time on which day from your social media data, the biggest threat to your privacy is yourself.
SPREAD IT AROUND (Score:2)
People do get framed (Score:4, Insightful)
A few commenters have suggested that they have nothing to worry about because they let no "sensitive" information out onto the web.
Sorry to break it to you, but the world is not fair. People are sometimes framed or kangaroo-ed into apearing guilty of something when they are clearly not (I have had it happen). Sometimes, various authorities need to catch someone to hang blame upon for some crime. I've even heard cops tell a public defender, "We know he didn't do it, but we know he's a bad kid, so we got him."
Also, numerous (unregulated) consumer-monitoring agencies scrape up everything from public databases, buy lists from shops, service providers, your bank, your phone company, your credit card company, and your grocery "club card," sold subscriber lists, and so on. All of this data is correlated based on a few unique or semi-unique identifiers such as full name, SSN, phone number, credit card transaction number (it's illegal to track by CC #, but they get around this.), bank and account's last-four digits, addresses, and so on. This approach does produce some viable correlations, but typically yields "profiles" that are rife with errors.
HR departments use reports from these aggregators as if they were 100% accurate. There is no law in place that will allow you to opt out, to see their entire file on you, or to correct errors. There are anecdotes of people searching months for a job, only to find out at some point from an interviewer that, "you have XXXXX crime in your profile," even if you don't have a record. I once had collection agencies coming after me from Time-Warner Cable for bills on a Texas account — I have never lived in Texas, but the burden of proof was on me.
Despite what the aggregators would have everyone think, names are not unique. Phone numbers are not unique, as they are recycled. Email addresses are often not unique, as they are recycled.
Like it or not, there are many profiles on you that are beyond your access, and the law has not yet caught up with these practices.
Happy privacy!
Re:Unplug. (Score:5, Insightful)
So you plan on never going to the doctor. Never getting a job. No girlfriend. Never walking down a city street. Never owning a car. Never renting or owning a place to live. Oh, and groceries...
About all you could do is head to the woods and live off the land, but not yours. ( Of course then you have the satellites to worry about.. ).
Good luck with that plan.
Re:Unplug. (Score:5, Funny)
So you plan on never going to the doctor. Never getting a job. No girlfriend. Never walking down a city street. Never owning a car. Never renting or owning a place to live. Oh, and groceries...
Slashdotters don't do any of these things. Especially not the job or the girlfriend or leaving the basement.
Re: (Score:2)
I have a job and two girlfriends (one three year relationship one four year relationship - both still going strong).
I hope they don't find out about each other.
Re:Unplug. (Score:5, Interesting)
There are two levels of private here. There's keeping things private from potential employers, friends, family, associates and so on and there's keeping things private from the NSA, GCHQ, Chinese Government and so on. The average guy or girl has absolutely no hope of keeping their online dealings private from the latter. From the former, you don't so much keep them private as be a bit circumspect when making use of the internet, your mobile phone and so on.
So far over the last 10 years I've had 1 credit card attempted theft (tried to transfer £4,000 out of it, bank caught it as "suspect" so it didn't happen) and I've had 2 email accounts hacked and used to send spam. Of the latter, the problem was weak passwords. I now have a "system" for passwords and none are weak, but that doesn't mean the NSA and GCHQ can't still read them. I have no intention of fighting a room full of Mathematics PhDs for my data.
Even if you get the NSA to stop doing this through political action, the Chinese, Russians and so on will still be doing it.
Re: (Score:3)
Re: (Score:2)
You live two lives. One is an ordinary, boring life that you don't mind the NSA finding out about. The other is as secretive as possible. No using credit cards. Nothing that requires ID. No flying, no buying alcohol.
One obvious problem with this is withdrawing cash. You have your public life, and the NSA sees you going to an ATM and grabbing $450, then it sees a transaction for $447 with an unknown person -- that's evidence linking your private identity to your public one. This is ameliorated if your public
If you can't beat them, join them (Score:2)
It's been deemed acceptable to gather data on the entire population - though still illegal.
Proportionally, it's acceptable to gather data on everyone in any position of power. Though still illegal.
It's the only way to even the game.
Re:A few things... (Score:5, Insightful)
faraday cage cell phone case
Just take the battery out. Physically remove it. Or if you want to be 110% sure don't carry a phone at all, it's not like it's law that you have to carry one.
Re: (Score:3)
Yet.
Re: (Score:3)
Won't happen or it'd be illegal to forget to charge it or forget it at home. Assuming you want or need to be carrying it around most of the time it's more effective as a screening device, if you are going to a clandestine meeting and five others also happen to have their cell phones go dark at the same time that's a pattern, particularly if it repeats itself. If you're normally online it's probably better to leave it turned on at home, in which case they'd need to look for secondary clues you aren't actuall
Re:ALWAYS BE PARANOID (Score:4, Informative)
Don't use windows. Even if you don't believe the NSA backdoored windows the NSA do get every bug alert long before anyone else does. They also have no problem using script kiddie tactics.
Using windows is like storing your data in a transparent bag in full view of the world.
Re: (Score:3)
I use Retroshare. Similar thing IM-wise, encrypted messaging, but it also has some excellent file searching/browsing/transfer capabilities (Great for those with a healthy disrespect for copyright), runs fully decentralised (Great for those in more repressive countries where IM software servers are blocked) and can also handle decentralised forums and mail transfer.