- General hardening of your computers
- Which apps should I allow to use my voice?
- Which apps should I allow to track my location?
- Search engines
- Minimising tracking of your purchases
- Social networks
- VPNs and encrypted networks
- A separate browser for every privacy suck
- Doing various other things with a modicum of discretion
- Other confidentiality-violating things
- Internet of things
- Going deeper.
- Getting old school
- Dazzle camoflague
- Academic stuff to read to stay paranoid
Threat model: I think that perhaps massive corporate data collection is an empire of oily rags which threatens democracy, or perhaps just leads to strangers knowing too much about my doctor appointments and where my kids are, or indeed lets anyone find me who knows my number. I regard social media as a new pollution the we have not yet regulated. I want to risk the amount of this ambient data pollution I emit so that businesses who feed upon it cannot be so prey upon me so.
Which apps should I allow to use my voice?
The voice assistants have given us no reason to trust them. Be wary.
Which apps should I allow to track my location?
As few as possible. The New Your times interactive on the 2019 state of the art is grim indeed and has all kinds of implications for how people’s lives might be controlled.
You don’t want large search businesses to know what you are searching for?
- Startpage repackages Google search results AFAIK anonymously.
- duckduckgo is a search engine that repackages… Yahoo searches (?). They are strident privacy advocates which is excellent although I would like to know more about them technically.
- Qwant promises to forget user data rapidly. There is not a lot of organisational transparency on their privacy guarantees AFAICS.
- search encrypt also claims to great privacy via encryption in the Perfect Forward Secrecy mode. Presumably this is supposed to prevent them from assembling a history of my searches? They do not explain exactly whom they wish to protect my search queries from, nor tell me how I woudl verify their claims.
- The searx family is a network of metasearch engine portals with the aim of protecting the privacy of users. Searx does not share users IP addresses or search history with the search engines from which it gathers results. Tracking cookies served by the search engines are blocked etc. The flagship instance is searx.me but there are many user-operated ones, since it is open source. Advanced: run your own DIY search anonymiser on your own server.
- Disconnect anonymises other search engines from their servers.
trackmenot is an interesting alternate solution – it generates random nonsense search queries on search engines to muddy user profiling, much like noiszy, mentioned below, does for news consumption. I would be curious to know how effective that is, or even how one would discover how effective that is.
You don’t feel like doing gratis market research for large multinationals, spilling your friends’ secrets, or facilitating Cambridge Analytica voter manipulation? Good. We can mitigate that kind data leakage damage. So easily that we should, regardless of how effective this is at overall confidentiality preservation.
- Brave to eliminate most tracking except for consensual-opt-in privacy-compatible tracking. I have many questions about that, but it is worth a try.
- Privacy possum aims to be a successor to privacy badger which is more aggressive and (the creator argues) remedies certain shortcoming in privacy badger. The argument is something like “let us raise the cost of tracking people” and consider ourselves successful if it is probably too expensive to bother.
- Privacy badger is an open source non-profit low-configuration blocker of tracking advertisers
- ublock origin offers fancy script blocking for the obsessive compulsive.
- scriptsafe offers aggressive no frills script blocking.
- the browser plugs suite is various browser plugs that hinder fingerprinting of the unique features of your browser.
- Fuzzify automates and monitors clicking on the “delete my ad data” button in facebook.
- HTTPS everywhere is vexing. Every browser should implement this functionality, of being secure by default instead of writing your passwords on the lawn in big letters anytime someone asks. That’s why it’s annoying that you have to install a plugin to make it work. And, worse, a horribly memory-hungry plugin. This is being gradually rendered irrelevant by HSTS; hopefully we can forget it soon.
- adblock plus and ublock origin reduce the number of tracking services which can view us online. I really need to tidy the info about these up a bit and explain, because they are so simple and so useful. However, they may be an endangered species.
- torbrowser bundles all the ad-blocking conceivable, although it also makes browsing unpleasant and slow. There is some kind of lesson there.
- Left-field solution idea automate the browser do stuff randomly in order to hide what you do deliberately. Random noise extnesions attempt to make your browsing data useless to trackers, by making your browser mindlessly visit lots of nonsense sites, thus confusing the paper trail. noiszy does this for browsing. trackmenot does this for search queries.
- Ghostery disables most of the social media spyware, although its a little opaque.
Minimising tracking of your purchases
Whole other complicated story, 🏗 I think worth doing. Consider what Amazon knows about you.
In addition to knowing what people buy, Amazon also knows where people live, because they provide delivery addresses, and which credit cards they use. It knows how old their children are from their baby registries, and who has a cold, right now, from cough syrup ordered for two-hour delivery. And the company has been expanding a self-service option for ad agencies and brands to take advantage of its data on shoppers.
VPNs and encrypted networks
See VPNs etc.
A separate browser for every privacy suck
Firefox multi-user-containers are one low friction option; they compartmentalise our different online activities from each other so that each website your so compartmentalise lives in its own solipsist universe.
One could probably cobble together something similar for Chrome using multiple users, but that sounds boring. The firefox solution is much better.
If you cannot use Firefox, it is trickier.
Single Site Browser
I could use a Single-site browser to access Facebook because
- Otherwise Facebook would know even more about me than they do
- Facebook is a blackhole of timewaste that I don’t want to browse to by accident, so I should make it slightly more difficult for myself.
You can do this too, for social media, or for whatever other website you wish to.
- Epichrome (macOS): An application (Epichrome.app) and Chrome extension (Epichrome Helper) to create and use Chrome-based SSBs on Mac macOS. So, full Chrome, custom configuration. Here is a walk-through.
The Browser UI is very minimal, just a toolbar (with site tabs) that disappears in Full-Screen mode.
MacPin apps are shown in macOS’s Dock, App Switcher, and Launchpad.
Custom URL schemes can also be registered to launch a MacPin App from any other app on your Mac.
So, minimal browserlets.
- Fluid.app (macOS). No longer recommended because it’s unmaintained and obsolescent. The free version doesn’t isolate your workspace. I reckon the paid version (USD5) would be well worth it if it were maintained.
- How To Turn Chrome or Firefox Into A Single-Site Browser.
- Making Firefox into a “Single-Site Browser”
- Create applications shortcuts in Google Chrome for Macs with a shell script
Doing various other things with a modicum of discretion
You need one. See passwords.
See transferring money.
See Synchronising files.
Other confidentiality-violating things
Internet of things
You should be approximately aware of the nasty things that people can and will do to your computer. Don’t do them yourself.
Getting old school
Academic stuff to read to stay paranoid
Sarigol, E., Garcia, D., & Schweitzer, F. (2014). Online Privacy as a Collective Phenomenon. arXiv:1409.6197 [cs]. Online.
Your friends have already disclosed secrets about you by disclosing they know you on social media, secrets that will be further disseminated by random grad students in Switzerland when the social media company you entrusted with this information goes bust.