Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Privacy

How To Protect Your Privacy Online (theverge.com) 130

Though the U.S. Congress voted to roll back privacy rules, broadband customers can still opt-out of targeted advertising from Comcast, Charter, AT&T, and T-Mobile. But an anonymous reader explains why that's not enough: "It's not clear that opting out will prevent ISPs from putting your data to use," reports The Verge, adding "you're opting out of seeing ads, but not out of providing data." Neema Singh Guliani, legislative counsel for the American Civil Liberties Union, tells NPR that consumers can also "call their providers and opt out of having their information shared." But he also suggests a grass roots effort, calling this "an opportunity to pressure companies to implement good practices and for consumers to say 'I think that you should require opt-in consent and if you're not, why not?'"

To try to stop the creation of that data, Brian Krebs has also posted a guide for choosing a VPN provider, and shared a useful link to a chart comparing VPN providers that was recommended by the EFF. This may help avoid some of the problems reported with VPN services, and Krebs also recommends Tor as a free (albeit possibly slower) option, while sharing an informational link describing Tor's own limitations.

I'm curious what steps Slashdot's readers are taking (if any) to protect their own privacy online?
This discussion has been archived. No new comments can be posted.

How To Protect Your Privacy Online

Comments Filter:
  • by Geoffrey.landis ( 926948 ) on Sunday April 02, 2017 @12:40PM (#54160569) Homepage

    Motherboard actually had an interesting article pointing out that VPNs actually aren't all that great for routine browsing: https://motherboard.vice.com/e... [vice.com]

    • by Kernel Kurtz ( 182424 ) on Sunday April 02, 2017 @04:19PM (#54161269)

      I have my VPN on most all the time with no issues at all. My regular PC only tests around 30 Mb/s on my 150 Mb/s connection, but that is shared with several other computers anyway. They also may or may not use VPNs and I can still saturate my connection if they are all busy. Just can't do it on one machine.

      Ironically I mostly turn off the VPN for online banking, since banks and CC companies often flag connections from random geographic locations as suspicious.

    • by Anonymous Coward

      If you roll your own VPN via a VPS not only can you optimize the settings for maximum throughput, you're the only one consuming all the bandwidth so you aren't competing with other users. And, in many cases VPS cost less than a VPN service! With the latest OpenVPN 2.4 add this to the server.conf for increased throughput, you'll be pretty surprised. My tests show on a 30 Mbit connection, with compression I get 28 mbit, and without I get 16 mbit:

      proto udp
      fast-io
      sndbuf 0
      rcvbuf 0
      push "sndbuf 393216"
      push "rcvbuf

      • Sorry for the rant.

        Hey! No apology necessary. Thanks for all the info!

    • by tatman ( 1076111 )

      Motherboard actually had an interesting article pointing out that VPNs actually aren't all that great for routine browsing: https://motherboard.vice.com/e... [vice.com]

      All its doing is moving your identifable traffic from the IPS to the VPN provider. The VPN provider can still sell your browsing habits.

    • Motherboard actually had an interesting article pointing out that VPNs actually aren't all that great for routine browsing

      Motherboard.. LOL

      They say they got 5% of their normal speed w/PIA... Gee, using an NYC server, how could that happen? /s

      I get 85-95% of my cable speed with PIA, and that's while using a crowded Silicon Valley server... Drops to 75% when I use Southampton (UK) for BBC-related. London server would be considerably worse. I think I see a pattern here...

      Again... Motherboard? Please.

    • Just another PIA user that almost saturates my 75/75 FIOS connection, I would estimate about 60/60 bandwidth from PIA. Apparently that motherboard needs a firmware update BAD!!
  • by Anonymous Coward

    The only real way...

    • by Rick Schumann ( 4662797 ) on Sunday April 02, 2017 @01:17PM (#54160669) Journal
      This AC is being an AC, but he/she/it isn't completely wrong either. The Internet is becoming increasingly unusable. No matter what precautions you're taking, you're putting yourself at an unknown level of risk just by using it at all. Sadly I don't expect this situation to improve, I expect it to get worse. Even the most egalitarian and benign governments are monitoring the Internet to one extent or another, and personally I don't trust any corporation in any country to obey privacy laws if they think they can get away with it, and if they think there's money to be made from collecting and using your personally identifiable data.
      • Re:"Don't be online" (Score:4, Interesting)

        by DogDude ( 805747 ) on Sunday April 02, 2017 @07:02PM (#54161783)
        The Internet is completely usable. It was never designed to be anonymous or private. You may not think that it's usable for what you want to use it for, that doesn't mean it's unusable.
      • by Kjella ( 173770 ) on Sunday April 02, 2017 @07:14PM (#54161819) Homepage

        This AC is being an AC, but he/she/it isn't completely wrong either. The Internet is becoming increasingly unusable. No matter what precautions you're taking, you're putting yourself at an unknown level of risk just by using it at all.

        Except that it's a really big boat and a lot more prominent people than you do stupider shit without being snuffed out by black ops teams. And if it's Titanic heading for the iceberg, well then Hitler 2 will have dirt on the 99% of the population that don't care enough that Facebook and Google and everyone else is profiling them. Sure, you can opt out of the Internet. But when the information everyone else leaves is used to turn the country into a new totalitarian state you can't opt out of that.

        What lots of people do will in practice make decisions for you too. Not just votes in an election, though obviously the majority rules there too. People vote with their wallets and when they don't vote for the same as me those services shut down because of lack of business. If people don't care about pollution or littering or killing off the local environment or the planet then the result will be the same for everyone. If the public doesn't care about privacy, well the expectation of privacy will cease to exist.

        • How cute, you believe that voting is still based on the majority.

        • Re:"Don't be online" (Score:4, Interesting)

          by Rick Schumann ( 4662797 ) on Monday April 03, 2017 @11:07AM (#54164591) Journal

          If the public doesn't care about privacy, well the expectation of privacy will cease to exist.

          "For YOU", as the meme goes.
          Privacy is not decided by the majority, it is decided by the individual. If you fall prey to the troll/meme that privacy is dead and stop protecting your own, then you only have yourself to blame -- and you're helping perpetuate the troll/meme that social media, government agencies, and law enforcement would have you fall for. Keep protecting your private life from the prying eyes of whoever would pry into it. Even if you're not 100% successful, you'll still have some parts of your life that are yours and yours alone, as it should be. Otherwise, do you not see that you'd be living like a convict in a prison, or an animal on a farm, or like a perpetual child, watched and monitored 24/7/365? That's where things are headed if people don't come back around to the basic truth that 'privacy' is a normal, natural, healthy human need, not a sickness or a sign of criminal activity.

        • As I wrote here: http://web.archive.org/web/201... [archive.org]
          "Now, there are many people out there (including computer scientists) who may raise legitimate concerns about privacy or other important issues in regards to any system that can support the intelligence community (as well as civilian needs). As I see it, there is a race going on. The race is between two trends. On the one hand, the internet can be used to profile and round up dissenters to the scarcity-based economic status quo (thus legitimate worries about

  • by jimboinsk ( 802789 ) on Sunday April 02, 2017 @12:59PM (#54160629)
    Any browser that doesn't completely anonymize and secure browsing, social media, hosted email, any other applications that don't encrypt their communications, any network connection that isn't anonymous, any device you don't plan to ever re-use and that wasn't purchased with a traceable payment. I think that covers it, if you accept a couple dozen more assumptions that aren't listed in addition to the above.
    • by gnick ( 1211984 )

      For a few limited cases, those precautions aren't over-reaching. For the rest of us, though, it's a matter of "good enough." Personally I use a VPN, but in many other situations I could be described as lax on avoiding tracking. There's some common sense, and then there's trading convenience for privacy.

    • by rtb61 ( 674572 )

      That is not enough. You must also do exactly what they do in spy vs spy, scenarios, misinformation should be core for protecting your privacy as well as everyone else's. Two tools https://adnauseam.io/ [adnauseam.io] to create a plethora of fake clicks to poison data bases and http://www.cs.nyu.edu/trackmen... [nyu.edu] to copy search data miners.

      Never ever forget email, now it is wide open in the US and unfortunately you should never ever use ISP provided email any more, no mention of that and for good reason because yes the new

  • by DogDude ( 805747 ) on Sunday April 02, 2017 @01:08PM (#54160645)
    There's literally nothing you can do if you're paying an ISP for connectivity.

    The only way you can begin to have any kind of privacy is to connect through somebody else's connection (public or otherwise). From there, you can encrypt and all that good stuff. But with this new law passed, there's quite literally nothing you can hide from your own ISP.
    • by Anonymous Coward

      But with this new law passed, there's quite literally nothing you can hide from your own ISP.

      In other words, it's the same as it's been since the beginning of the Internet.

    • You must be using the new definition of "literally" because otherwise what you wrote doesn't make any sense. There are literally (old definition) hundreds of ways to encrypt communications and obscure the fact that they are even happening at all.

      • by DogDude ( 805747 )
        here are literally (old definition) hundreds of ways to encrypt communications and obscure the fact that they are even happening at all.

        You can encrypt to your heart's content, but your ISP has access to every single packet that flows over your connection, including where and when, even if they don't have immediate access to its contents. So, I'll stand by my use of the word "literally", thanks!
        • You can encrypt to your heart's content, but your ISP has access to every single packet that flows over your connection, including where and when, even if they don't have immediate access to its contents. So, I'll stand by my use of the word "literally", thanks!

          The person replying to you, telling you that encryption nullifies the point you're attempting to make, is completely right. Not just vaguely right, completely right. You therefor are either trolling, extremely misinformed, or somehow connected to a govt push to dissuade people from encrypting.

          • Not sure if trolling or genuinely naive...
            Looking through DogDude's post history, I'm going to go with the latter.
        • here are literally (old definition) hundreds of ways to encrypt communications and obscure the fact that they are even happening at all. You can encrypt to your heart's content, but your ISP has access to every single packet that flows over your connection, including where and when, even if they don't have immediate access to its contents. So, I'll stand by my use of the word "literally", thanks!

          Fine. So my ISP will know that I send a large stream of encrypted packets to one host that is a known Virtual Public Network service provider. My ISP can know nothing about the sites those packets are ultimately destined for, nor anything about their content. My ISP can see how much data I'm sending and receiving, but that's all... and if I really want to it's even possible to hide that by sending/receiving lots of meaningless packets. With a little work (I suspect I'd have to write some custom software, si

          • You're thinking too local. The ISP maybe can not see what sites you visit, but your VPN-SP can. And the NSA totally can see both, and connect the dots.
            • You're thinking too local. The ISP maybe can not see what sites you visit, but your VPN-SP can. And the NSA totally can see both, and connect the dots.

              Well, the whole point of having a VPN SP is to find one that will not keep track of information about you, sell it to other parties, etc.

              As for the NSA, bah. What interest would they have in me? We're talking about ISPs selling user data to parties unknown for profit, which can lead to all sorts of actual badness that impacts normal people. While I think it's very important to reign in the NSA as a matter of principle, in practice whether or not they have our data sitting in a secure database somewhere ha

              • As for the NSA, bah. What interest would they have in me?

                As of now, nothing, but with the right monkey at the helm that might change in a moment.
                I remember (the story) that one year before WW II broke out, the Dutch government suddenly became interested in registering religion of its people.
                A few years later it was found out that this whole anti-jew thing of the Nazi's was planned, and the (people in) Dutch government agreed with it on beforehand.
                At that time people probably also will have said the same

                • Sigh. I wasn't trotting out the old "I have nothing to hide" argument. Yes, that argument is flawed, and those flaws are the reason why it's important in principle to reign in the NSA.

                  My point was that that isn't the proximate risk. There's a much bigger and entirely non-theoretical risk in allowing ISPs to monitor connections that doesn't depend on the government deciding that middle-aged white guys need to be watched, and that's the risk that this thread is about, because that's the change that's in pro

                  • Ok, ic u. But now your ISP buys that VPN-SP and suddenly the dots are connected, and sold.
                    Or both sell their data to a commercial third party which connects the dots...
                    • Ok, ic u. But now your ISP buys that VPN-SP and suddenly the dots are connected, and sold. Or both sell their data to a commercial third party which connects the dots...

                      Again, selecting the VPN provider is an important part of the process. You need to find one that cares about security and privacy. Luckily, unlike with ISPs you can shop VPN providers worldwide and aren't limited to the small set that happen to operate in your neighborhood.

    • There's literally nothing you can do if you're paying an ISP for connectivity.

      The only way you can begin to have any kind of privacy is to connect through somebody else's connection (public or otherwise). From there, you can encrypt and all that good stuff. But with this new law passed, there's quite literally nothing you can hide from your own ISP.

      Actually you can, I found this out by accident meaning it wasn't meant for this reason. I used OpenDNS and by doing do became a ghost to my ISP.

  • I thought TrackMeNot was a good approach to poisoning big data analysis, but it does not appear to be receiving any updates and Google apparently figured out a way to detect it.

    sPh

  • by epyT-R ( 613989 ) on Sunday April 02, 2017 @01:27PM (#54160707)

    I hate the color orange.

  • by Anonymous Coward

    "But he also suggests a grass roots effort..."

    Neema Singh Gulani is female.

  • by Anonymous Coward on Sunday April 02, 2017 @02:30PM (#54160939)

    Change you user agent to something like this:

    "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/602.4.8 (KHTML, like Gecko) Version/10.0.3 Safari/602.4.8 Copyright2017@"

    Then tell your ISP that your queries are copyrighted and they have to negotiate with you (and perhaps pay you) to use them.

  • by Anonymous Coward

    TAILS, baby, TAILS..

  • by dryriver ( 1010635 ) on Sunday April 02, 2017 @03:08PM (#54161067)
    Windows 10, Edge, Office 365 and the Microsoft Cloud are BRILLIANT for your privacy. Nobody will ever know who you are or what you do online. Nobody. =)
  • by Anonymous Coward

    Entered my email address at the Charter opt-out site. Got this response:

    "Targeted Digital Marketing Ads
    Your Privacy Preference has been submitted successfully.

    Please note that it may take up to 60 days for this request to take effect."

  • by MrL0G1C ( 867445 ) on Sunday April 02, 2017 @04:32PM (#54161297) Journal

    More VPN providers than you can throw a bucket of sticks at:
    https://thatoneprivacysite.net... [thatoneprivacysite.net]

    TorrentFreak 2017 survey:
    https://torrentfreak.com/vpn-s... [torrentfreak.com]

    I've moved from PrivateVPN (seem incompetent) to CyberGhost premium (slow, dodgy untrustworthy they essentially log), NordVPN next.

    Valve/Steam f**ks over VPN users, downloads go at 40KB/s whilst using VPN, they seem to think it's up to them whether I use a VPN, like fuck you valve, that isn't your choice to make.

    • More VPN providers than you can throw a bucket of sticks at: https://thatoneprivacysite.net... [thatoneprivacysite.net]

      TorrentFreak 2017 survey: https://torrentfreak.com/vpn-s... [torrentfreak.com]

      I've moved from PrivateVPN (seem incompetent) to CyberGhost premium (slow, dodgy untrustworthy they essentially log), NordVPN next.

      Valve/Steam f**ks over VPN users, downloads go at 40KB/s whilst using VPN, they seem to think it's up to them whether I use a VPN, like fuck you valve, that isn't your choice to make.

      Over my 50mb/s connections I've seen 9-30 mb/s with steam using expressvpn

      • by MrL0G1C ( 867445 )

        Do you use a VPN server whic has an IP that has the same geolocation as your country? (when getting good steam speeds)

        It might just be that cyberghost are idiots and use the same IP address ranges for the free service as they do for the paid service which is why I see so much evidence of abuse reports for the IP addresses I'm using.

        • yes - it allows for the selection of server by geolocation or performance (there is a utility to ping/bandwidth test all of their servers and compare). I'm near Seattle, picked the Seattle server, and have steam d/l server set to Seattle. Sometimes I trace back to New Jersey for some reason, but I'm getting ~150 ping times worst case for gaming.
    • If you're interested in rolling your own VPN I can recommend libreswan [libreswan.org].

      I got both L2TP over IPSec and IPSec with XAUTH and PSK configurations working with the native VPN client (racoon?) in macOS Sierra (and presumably iOS). I'm still trying to get Android 6.0 working with XAUTH and PSK (establishes tunnel, but doesn't route properly), but L2TP works ok. My *NIX hosts just use libreswan as the client.

      Amazon offers 1,000 free hours to new AWS users and the pricing on their EC2 instances is very good, so

  • If you want privacy, you'll have to go find a wilderness hideout somewhere, not connected to the grid. It's an arms race. The more we try to protect our privacy, the more ways corporations will find ways to circumvent our protections.

    While you're out there, you might run into some people who think Y2K destroyed civilization...

  • Step 1: Create a Macro / Script to auto click every 3 seconds
    Step 2: Search for cat videos and set to auto click them
    Step 3: AFK for 1/2 the day
    Step 4: All your ads are now nothing but cats regardless of whatever you searched (search pizza -> get cat ads)
  • If you want to protect your privacy, the first step is to not use use google services or Facebook. That includes google DNS!

  • alltoptrending.com
  • My pfSense firewall has an alias (group of IPs) that it routes via VPN. Originally it was only my OrangePi torrent server, but with the new legislation, I've moved my phone and PC into the group. My 6 Rokus go out unprotected, but I have to imagine for security Netflix and Hulu use HTTPs for all their control signaling, so short of throttling by the ISP, I don't see them being rewarded for trying to read that data.

    • The insidious part is that Netflix and Hulu will be able to horse trade with your ISP.
      -- ninthbit Just channel surfed from channel 5 to channel 10 (hey .. watchers.. .0003 cents for this information)
      -- Public Utility ... we noticed that his smart power meter registered a 25 watt increase in power usage (maybe a refrigerator light came on)
      -- ISP ... we see an increase in encrypted traffic from (IPv6 address for home access point)

  • Don't forget that your computer has fingerprints.

    1. Operating System
    2. Browser
    3. Browser Plugins
    (versions and possibly installation dates of above)
    4. Cookies
    5. Tracking Files (1x1 invisible image isn't just to fill in a small hole in the picture)

    Mix all of that together, and add in the IP addresses these fingerprints are observed at and you are very well known. It doesn't matter if you use a VPN or not... The one time that you forget to login to the VPN, you've just left a calling card. On top of t

  • It seems to me that there is a bit of confusion regarding the issue of ISPs and privacy.

    According to a US Rep, Costello, (R) PA, it is the FTC, and NOT the FCC, that is to regulate privacy concerns here.
    Here's a link to his explanation: https://iqconnect.lmhostediq.c... [lmhostediq.com]

    Seems to me that we, the People, have allowed too much confusion and B/S from our political parties, such that it allows them to get away with too much.

    I say we start purging the system of band-aid laws and get serious about being FOR

We were so poor we couldn't afford a watchdog. If we heard a noise at night, we'd bark ourselves. -- Crazy Jimmy

Working...