Maintaining online privacy seems impossible to me!

[Seankay]

It used to shock me how facebook suggested me the exact same people I met for the first time. It has happened to me for 4 times as much as I can remember. It was on the same day. Any way, I personally have some privacy concerns which is the reason why these things actually shocked me more than it did to my friends. I did take some steps to deal with it like getting a vpn, reading more and getting some knowledge about it. But, today it shocked the hell out of me when some people started following me on Instagram out of no where.

These were party people and online stores which deal in accessories and stuff. I planned a mini online store to enter this business a week ago and discussed it with a couple of my friends. Plus, I also did some of the research on this area too. Anyways, as I said, I took some steps to protect my privacy like these online privacy tips by the vpn provider, some more tips by arstechnica and this one By Mikko Hypponen on his reddit ama. Despite all these, I actually was being approached by people for whom I was a potential business asset.

I am clueless right now and I have nowhere to go. Nothing to think of...

 

[Cmustang87]

I don't understand what you are trying to do. I don't see a question in your post, or any concise request for assistance in anything specific.

 

[Dead Parrot]

If you use Spybook, expect to have everything you do online tracked, complied, aggregated, correlated and sold to anybody willing to pay Spybook's price. Same rule for Google, Yahoo, your ISP, your cable company, your phone company, Domino's Pizza and most websites. What did you think that Google-Analytics.com script was doing?

 

[Red Squirrel]

It is indeed ridiculous how much FB can really know about you. I feel browsers are to blame for this - they should not allow whatever scripts that run to leak so much info on you. What stops malicious sites from tracking you like this? They could track what you do when you're banking etc. Perhaps even initiate a transaction. That type of scripting where sites can control/see what you do on other sites should not be possible, yet it is. I think they can do this as they can read other domain's cookies. I always had the impression that was not possible but it is. That's how they track you. I am pretty sure they can read your history too. Again, browsers are the problem, they should not allow this. Though they do all sorts of other stuff too to track as despite having stuff like Privacy Badger and Adblock I still run across instances where FB knows exactly what I'm up to IRL. Like I'll see an ad for something I bought at a store, or talked about. It is believed that they can track you through your phone, your conversations get indexed and they pull keywords. Again, I blame the browser, the mobile one in this case. Browsers should not even be able to access the microphone let alone allow sites to do it.

If it was not FB doing this, it would be another site (Google does it too), and while these are more "annoying" just by principal, what's really alarming is how many malicious sites are doing this stuff, but without you even knowing.

Also even if you don't use FB they track you anyway, and build a shadow profile of you. They scrape info off your friends' phones. FB always asks if I want to put my phone number, and they actually already know it, despite me never having entered it anywhere. That's because they just scrape friend's contact lists. It's ridiculous really.

Unfortunately there's not much you can do. For more sensitive stuff, use Tor. Though if you use Tor a lot I presume they'll still be able to fingerprint you in some way or the other. You could use it in a VM and set it up so the VM resets everytime it's rebooted.

 

[Nenu]

First problem is using Facebook.
Second problem is creating an account anywhere other than a major retailer that requires personal information.
If you are worried about it, dont do it.

 

[Seankay]

I don't understand what you are trying to do. I don't see a question in your post, or any concise request for assistance in anything specific.

You're actually right about it. I wanted to get some help, but I was so outta my mind that I didn't realize what to do. Sorry for that!

If you use Spybook, expect to have everything you do online tracked, complied, aggregated, correlated and sold to anybody willing to pay Spybook's price. Same rule for Google, Yahoo, your ISP, your cable company, your phone company, Domino's Pizza and most websites. What did you think that Google-Analytics.com script was doing?

I completely agree now, but I have heard about some people who are cybersecurity experts and they keep their online things private yet they use all these things too. Is it just a myth?

It is indeed ridiculous how much FB can really know about you. I feel browsers are to blame for this - they should not allow whatever scripts that run to leak so much info on you. What stops malicious sites from tracking you like this? They could track what you do when you're banking etc. Perhaps even initiate a transaction. That type of scripting where sites can control/see what you do on other sites should not be possible, yet it is. I think they can do this as they can read other domain's cookies. I always had the impression that was not possible but it is. That's how they track you. I am pretty sure they can read your history too. Again, browsers are the problem, they should not allow this. Though they do all sorts of other stuff too to track as despite having stuff like Privacy Badger and Adblock I still run across instances where FB knows exactly what I'm up to IRL. Like I'll see an ad for something I bought at a store, or talked about. It is believed that they can track you through your phone, your conversations get indexed and they pull keywords. Again, I blame the browser, the mobile one in this case. Browsers should not even be able to access the microphone let alone allow sites to do it.

If it was not FB doing this, it would be another site (Google does it too), and while these are more "annoying" just by principal, what's really alarming is how many malicious sites are doing this stuff, but without you even knowing.

Also even if you don't use FB they track you anyway, and build a shadow profile of you. They scrape info off your friends' phones. FB always asks if I want to put my phone number, and they actually already know it, despite me never having entered it anywhere. That's because they just scrape friend's contact lists. It's ridiculous really.

Unfortunately there's not much you can do. For more sensitive stuff, use Tor. Though if you use Tor a lot I presume they'll still be able to fingerprint you in some way or the other. You could use it in a VM and set it up so the VM resets everytime it's rebooted.

It is insane. I do use Tor not via VM but I often use Tor over VPN which is pretty reliable I guess. But still... I think I will have to get rid of using these services if I really want my privacy secured. But it ain't easy in this world anymore.

First problem is using Facebook.
Second problem is creating an account anywhere other than a major retailer that requires personal information.
If you are worried about it, dont do it.

You're right, but as I said, it ain't that easy to do in this world.

 

[SirMaster]

Your issue is in using all the social networking stuff. You essentially waive much of your privacy by uploading all that information on yourself to such a place. I never had a problem with online privacy, but then again I don't use facebook or twitter or any of that noise. I didn't need them before they were invented and my life hasn't really changed after they were invented.

 

[Dead Parrot]

One approach that will help is have two computers. Use one for ONLY your social network stuff(Public Computer). Use the other for your Professional/Business/Private stuff(Private Computer).

Private computer: for your browser of choice install a script blocker, ad blocker and tracker blocker. Don't allow any scripts unless needed for the task at hand. Avoid allowing any scripts by default. PITA but it will remind you just how many 3rd party scripts are trying to do something. Use a non admin account as much as possible.

Public computer: Still use a script blocker, ad blocker and tracker blocker but understand that for a lot of the social media to work, you may have to allow some of the scripts to run. For best results, use a VM running on the Public Computer to use your social media stuff. Easier to revert to a clean checkpoint. If you do on-line gaming, use the public computer as much as possible since a lot of games attempt to spy on you. They may call it telemetry for "An Enhanced Customer Experience." You will probably need to run the games on the actual hardware instead of the VM due to performance/graphics limitations of some VMs.

Get yourself a real stand alone hardware firewall. Default rule for your network is block all traffic unless you create a rule allowing it. Log the blocked traffic. The amount of blocked traffic may surprise you. Keep the rules as narrow as possible. It is expected that the rules for the Private and Public computers will be different.

Nothing is perfect as the online spy companies keep improving their tracking techniques. Some of the stuff they do is down right scary.

 

[Ur_Mom]

Even browsing some sites that have a Facebook follow button can track you. Even if you're not a Facebook user.

I am. So, I could visit other sites and then go to Facebook and there are some new people and/or ads.

What sucks, and some people have given very paranoid (but believable) explanations. Meet someone in real life, talk about something. Hours later, you're seeing ads for that product or service. Even if you didn't research it online. Some say that connection researched it, and you have similar interests, so it shows the ad to you... Others say that the microphone pics up the speech and then puts ads out... It's creepy, regardless.

That, and if someone searches for you online, you're "connected" even without being friends. They create that connection, so they are now "Someone you may know".

I still think Facebook is pretty shady when it comes to privacy. I continue to use it. But, I have another PC that I use for when I want privacy. And, as a strong Windows supporter and fan - it's not Windows.

 

[Xinmosni]

 

[Ur_Mom]

Reasonable expectation of privacy. There's a difference between Facebook and HardForum. Facebook leaks your details everywhere. Who you know, what you do, age, sex, likes, dislikes, hobbies, etc.. HardForum - what you post.

Windows? Who knows. It's not released.

With the Internet, you should have a reasonable amount of privacy. Facebook goes way beyond that.

Even going completely off the grid, you're still not going to have 100% privacy. You can just do the best you can. On the internet, you do the best you can. It'll never be 100%.

 

[Farva]

Did you not bother to read the user agreement? You'd see they track and sell your information.

 

[Seankay]

Your issue is in using all the social networking stuff. You essentially waive much of your privacy by uploading all that information on yourself to such a place. I never had a problem with online privacy, but then again I don't use facebook or twitter or any of that noise. I didn't need them before they were invented and my life hasn't really changed after they were invented.

You are actually right about it. But doing business has become hard these days without such things.

One approach that will help is have two computers. Use one for ONLY your social network stuff(Public Computer). Use the other for your Professional/Business/Private stuff(Private Computer).

Private computer: for your browser of choice install a script blocker, ad blocker and tracker blocker. Don't allow any scripts unless needed for the task at hand. Avoid allowing any scripts by default. PITA but it will remind you just how many 3rd party scripts are trying to do something. Use a non admin account as much as possible.

Public computer: Still use a script blocker, ad blocker and tracker blocker but understand that for a lot of the social media to work, you may have to allow some of the scripts to run. For best results, use a VM running on the Public Computer to use your social media stuff. Easier to revert to a clean checkpoint. If you do on-line gaming, use the public computer as much as possible since a lot of games attempt to spy on you. They may call it telemetry for "An Enhanced Customer Experience." You will probably need to run the games on the actual hardware instead of the VM due to performance/graphics limitations of some VMs.

Get yourself a real stand alone hardware firewall. Default rule for your network is block all traffic unless you create a rule allowing it. Log the blocked traffic. The amount of blocked traffic may surprise you. Keep the rules as narrow as possible. It is expected that the rules for the Private and Public computers will be different.

Nothing is perfect as the online spy companies keep improving their tracking techniques. Some of the stuff they do is down right scary.

Thanks a lot for the suggestion mate. It is very logical and practical too!

Even browsing some sites that have a Facebook follow button can track you. Even if you're not a Facebook user.

I am. So, I could visit other sites and then go to Facebook and there are some new people and/or ads.

What sucks, and some people have given very paranoid (but believable) explanations. Meet someone in real life, talk about something. Hours later, you're seeing ads for that product or service. Even if you didn't research it online. Some say that connection researched it, and you have similar interests, so it shows the ad to you... Others say that the microphone pics up the speech and then puts ads out... It's creepy, regardless.

That, and if someone searches for you online, you're "connected" even without being friends. They create that connection, so they are now "Someone you may know".

I still think Facebook is pretty shady when it comes to privacy. I continue to use it. But, I have another PC that I use for when I want privacy. And, as a strong Windows supporter and fan - it's not Windows.

Exactly! It is creepy af and did scare the crap outta me

True that mate!

Reasonable expectation of privacy. There's a difference between Facebook and HardForum. Facebook leaks your details everywhere. Who you know, what you do, age, sex, likes, dislikes, hobbies, etc.. HardForum - what you post.

Windows? Who knows. It's not released.

With the Internet, you should have a reasonable amount of privacy. Facebook goes way beyond that.

Even going completely off the grid, you're still not going to have 100% privacy. You can just do the best you can. On the internet, you do the best you can. It'll never be 100%.

Did you not bother to read the user agreement? You'd see they track and sell your information.

I kinda underestimated that way beyond for facebook...

 

[Red Squirrel]

Just because it's in the user agreement does not make it right. They KNOW people don't read those, they are purposely made super long. And even if you do read it, you still can't stop it from happening. They can put what they want in those it does not automatically make it morally right.

And with FB it's not even a matter of "well don't use it then" because they spy on you whether or not you have an account.

 

[N4CR]

And that's not even digging into 20+ years of Echelon aka mainstream 'Prism', which records pretty much everything you do, plus is now being accessed by lower and lower levels of agencies. It used to be exclusively for industrial espionage, political dissent etc, now they're letting even common public servants access it in a compartmentalised way. Because when more than half the population in a given country is a 'political dissenter' it's not so effective any more, is it? It certainly doesn't stop much Terrorism.

 

[Deleted member 245375]

There is no privacy anymore, and I mean anywhere and not just "online" - as one saying goes, privacy is a relic of bygone ages long since passed. If you're online, whether it be with a computer you own, one owned by your employer, a smartphone owned by either, or whatever device you're using at any given time you can rest assured that if you partake of any services available provided by any company then you can rest assured that more is known about you than you'd dare believe.

And it will only get worse as time passes.

 

[Seankay]

Just because it's in the user agreement does not make it right. They KNOW people don't read those, they are purposely made super long. And even if you do read it, you still can't stop it from happening. They can put what they want in those it does not automatically make it morally right.

And with FB it's not even a matter of "well don't use it then" because they spy on you whether or not you have an account.

But not using the app and account definitely do make a difference I guess!

And that's not even digging into 20+ years of Echelon aka mainstream 'Prism', which records pretty much everything you do, plus is now being accessed by lower and lower levels of agencies. It used to be exclusively for industrial espionage, political dissent etc, now they're letting even common public servants access it in a compartmentalised way. Because when more than half the population in a given country is a 'political dissenter' it's not so effective any more, is it? It certainly doesn't stop much Terrorism.

The security vs privacy thing is their most solid excuse for all this!

There is no privacy anymore, and I mean anywhere and not just "online" - as one saying goes, privacy is a relic of bygone ages long since passed. If you're online, whether it be with a computer you own, one owned by your employer, a smartphone owned by either, or whatever device you're using at any given time you can rest assured that if you partake of any services available provided by any company then you can rest assured that more is known about you than you'd dare believe.

And it will only get worse as time passes.

I wish I could become a caveman. Seriously!

 

[Red Squirrel]

There is no privacy anymore, and I mean anywhere and not just "online" - as one saying goes, privacy is a relic of bygone ages long since passed. If you're online, whether it be with a computer you own, one owned by your employer, a smartphone owned by either, or whatever device you're using at any given time you can rest assured that if you partake of any services available provided by any company then you can rest assured that more is known about you than you'd dare believe.

And it will only get worse as time passes.

Thing is, it does not HAVE to be that way. One way to solve this... which would take lot of money, would be for a fully open source hardware movement. Right down to the silicon. Rebuild computing right down to the silicon with privacy built right in, via various methodology/processes to ensure that backdoors can't be added. Start at the hardware level then continue this philosophy right through to the end user programs.

Problem is though not enough people even care about privacy so this would never really take off outside of the geek community. It's scary the amount of people that use cloud stuff and "have nothing to hide". There are steps you can take to at least be "more" private and first step is to not use cloud services or any 3rd party service and host everything yourself. But of course because of all the backdoors in stuff now it's still not enough, that's why we need custom rolled open source hardware right down to the cpu. But the money and knowledge that would take is high up there.

 

[Deleted member 245375]

It is literally impossible to secure technology in the imagined ways you just suggested because as technology changes so do the people that use it as they gain more knowledge about the given technology meaning they'll find ways to get in, that much is proven by our actual history already. Hell, I remember when Sony had those CDs that couldn't be copied or ripped by design and somebody whipped out a Sharpie and bypassed it with a tiny quarter inch swipe of the marker on the disc surface. I also remember how DVDs couldn't be copied till someone wrote a single line of code that broke the CSS (as in Content Scramble System and not the CSS aka Cascading Style Sheets used for webpage layout controls) encryption they use.

I also remember (because of stupid dumbass laws) that if you were to wear a t-shirt with that single line of code printed on it as you got on a plane bound for a destination outside the US you could literally be arrested, held, tried, and even convicted as someone that was smuggling munitions (see, I said it was stupid) because the stupid dumbass laws had classified strong encryption as a munition and carried with it a sentence up to 10 years in a Federal pound-me-in-the-ass prison (sorry, Office Space is a great flick) and a $1 million fine.

Anyway, nothing is secure anymore which is another thing I point out fairly regularly. If someone with the requisite skills wants to get something done, they're going to do it and nothing is really going to stop 'em which is what would happen with the kind of stuff you're conceptualizing, it's just not a workable solution unfortunately.

I'm not a pessimist, really, I'm not even an optimist in many respects either but I do my best to see all the possible angles and views on any given situation and after working with computers and consumer electronics for 41+ years now I simply won't put my trust in most anything anymore. It's not that I don't care about privacy as it's a major point for me and I study personal privacy issues constantly and keep up with legislation in Congress and everywhere else I can because it really does matter tremendously and more each passing second so when people see me say that people are fucking stupid there's a reason for it.

Yes there are steps that people can take to have more privacy, sure, my Firefox is pretty hardened in every manner it can be, my Windows 7 install is as hardened as it can be (and yes the running joke is the NSA doesn't care even though they put out their own hardening guides for major OSes years ago), the fact remains that while someone can do things to ensure that they still have a level of privacy they can be comfortable with on their own it's already too late aka the cat's outta the bag with all the personal data that's already been accumulated.

As one NSA engineer was quoted years ago, "The best data trove in the history of mankind isn't even owned by any government agency, it's owned by Mark Zuckerberg and friends and it's known as Facebook." And as you stated, people don't care aka they're doing it to themselves and there's just no turning back now.

 

[Seankay]

TBH- I panicked a little early I suppose I should have panicked with what Director CIA told about Privacy in America and I hope everyone's aware of it already. Well, I was only worried about Social Media but this whole digital landscape is badly screwed up. If I will be honest, then I have to blend in. Pretend like I don't care about online privacy or my overall privacy at all if I wanna so business in this booming online world. The ugly truth is, you can't have everything!

 

[Seankay]

In this world, nothing is impossible you can maintain your online privacy by changing your IP.You can change or hide your IP by using VPN.There are many VPN but I suggest you express VPN.I am suggesting you express VPN because I am using Express VPN because ExpressVPN is a whole package backed by a credible infrastructure. Moreover, it has more options to choose from. So that is why it's a no-brainer for me to choose ExpressVPN.

I don't think you have read anything on this thread have you?

 

[Cmustang87]

I don't think you have read anything on this thread have you?

I think they care more about advertising said product than reading the subject material in the thread.