How do you ensure privacy in this day and age?

[walterw]

Given the complexity of the systems today and the vast number of interconnected devices, it is challenging to both secure the devices and ensure privacy.  Setting up a firewall used to be sufficient; however, that is just one small piece.

 

What components do you use and at which level?

ie. firewall, SIEM, proxy server, DNS filter, IP blocks, etc.

[klipkyle]

Hello,

On a philosophical level, privacy involves thinking about what data goes where, and usually where the data passes through.  Also, security and convenience are inversely proportional, i.e. if you increase one variable, then the other will decrease.  Balancing security and convenience is the tricky part, and it is a source of many disagreements.

On a practical level, much of the tracking and profiling on the web is based on cookies.  If you clear your cookie store, most of the time you will look like a new user to the websites you visit.

Unfortunately, some sites will refuse to talk to you if you disable cookies entirely (intentional?  maybe).  So, one of my strategies is to constantly remove cookies when they are no longer needed. Extensions like Self-Destructing Cookies can automatically clear cookies when you leave a website.  (That extension is for Pale Moon.  However, I am sure there are similar extensions for other browsers.)  In the absence of such extensions, all of the major web browsers have an option to clear cookies when exiting the browser.

Also, if website A requires authentication and has a history of encouraging website B to embed iframes and scripts into website B's pages, thus allowing website A to log pages you view on website B (examples: Facebook, LinkedIn), then I will create a dedicated Google Chrome profile for website A and use the dedicated profile only for website A.  Each Google Chrome profile has its own cookie store, so each profile looks like a different user.  (Security by compartmentalization)

I hope this helps.

[walterw]

Hi,

Thanks for your thoughts.  Yes, that is something I think about, and you're right the 2 are inversely proportionally related.

Yes, clearing cookies / browser cache is one step.

 

From the desktop / end computer standpoint, I feel securing the system is much easier than a mobile device as the knobs are much easier to get at.  Google / Apple give developers more control over security / privacy than the end user.

Back to your philosophical view, so my concerns are:

1. I would like to minimize the blatant advertising that I am exposed to (here, privoxy works fairly well, but only for HTTP unless you're running an SSL Bump proxy).  DNS / IP blocks work okay at this.

2. The more subtle advertising such as studies showing how blue light keeps you up at night and why you need these blue-light filtering glasses are also a nuisance (this is just a recent pertinent example).  This is a more difficult problem to solve because often times the sources for these advertisements are reputable and will not be in a blocklist.  This type of stuff is pervasive and gets into your mind without necessarily appearing as advertising directly.

3. From the mobile "app" perspective, when installing an "app" you're handing over much of your private information just to use the "app".  The only choice you have here is to not use it.  I think Android is getting better at selecting what permissions you give apps, but this is still the wild west.  If you want to "secure" this information or data from "leaking" it is very difficult to do at the gateway level even with SSL Bump.  Another option is to run the app inside of a sandbox such as VirtualBox where you have that app running in isolation.  Sometimes you can do this, other times, the app needs to be on the device to be useful.

 

 

[klipkyle]

10 hours ago, walterw said:

From the desktop / end computer standpoint, I feel securing the system is much easier than a mobile device as the knobs are much easier to get at.  Google / Apple give developers more control over security / privacy than the end user.

Yes, that's definitely the case.  That's an interesting observation about how mobile platforms give developers rather than users more control over security.  That's partly the price of convenience.

10 hours ago, walterw said:

Back to your philosophical view, so my concerns are:

1. I would like to minimize the blatant advertising that I am exposed to (here, privoxy works fairly well, but only for HTTP unless you're running an SSL Bump proxy).  DNS / IP blocks work okay at this.

I use an ad-blocker for most of that stuff.  In the past, I have used custom /etc/hosts files and NoScript.  Ad-blocking is an ongoing cat/mouse game.

I have heard very positive things about Pi-hole, a DNS caching server that runs on a Raspberry Pi.

I used squid a few years ago for some tunneling, and I remember looking at the logs and watching HTTPS traffic flow through squid's HTTP-based proxy.  I had SSH tunneling on top of squid, and I was the only user on the local system, so I didn't care too much about it.  This was also with either SeaMonkey or Pale Moon a few years ago, both of which were at the time a couple generations behind today's Firefox.  So it might be the case that newer Firefox versions no longer tunnel HTTPS through an HTTP proxy.

I noticed there is another thread open about the HTTPS proxying question.

10 hours ago, walterw said:

2. The more subtle advertising such as studies showing how blue light keeps you up at night and why you need these blue-light filtering glasses are also a nuisance (this is just a recent pertinent example).  This is a more difficult problem to solve because often times the sources for these advertisements are reputable and will not be in a blocklist.  This type of stuff is pervasive and gets into your mind without necessarily appearing as advertising directly.

That's the next step in the ad-blocking cat/mouse game.  Someone creates ads that get around the filters.  Then, the filters figure out new ways of blocking the ads, and the cycle continues.

10 hours ago, walterw said:

3. From the mobile "app" perspective, when installing an "app" you're handing over much of your private information just to use the "app".  The only choice you have here is to not use it.  I think Android is getting better at selecting what permissions you give apps, but this is still the wild west.  If you want to "secure" this information or data from "leaking" it is very difficult to do at the gateway level even with SSL Bump.  Another option is to run the app inside of a sandbox such as VirtualBox where you have that app running in isolation.  Sometimes you can do this, other times, the app needs to be on the device to be useful.

It is possible to setup Android without the Google Applications.  However, that also means ripping out the Play Store.  Yeah, the situation stinks.

I try to opt for open source applications (e.g. the ones on F-Droid) when possible because those applications are far less likely to do sneaky things behind your back.  There are a few reasons for this.  One is that all the cards are laid on the table for everyone to see.  Another is that open source projects are usually designed around someone having a problem he/she wants to solve and a desire to share the solution, instead of the desire to make a quick buck.

Sometimes, permission overreach is an issue introduced by User Experience (UX) engineers who were unaware of the security implications of some of their decisions.  Much commercial software nowadays is architected top-down around a scripted user interaction, and the goal is to make the task as "easy" (i.e. convenient) as possible.  So, security is sacrificed.

Containerization on Android would be something interesting to see.  Also, a native Android runtime that can run Android applications on a desktop would be interesting.  I don't foresee the former coming anytime soon.  The permissions system already provides some security by compartmentalization.  The latter probably exists already.  Both would reduce convenience in favor of security.

[drobbins]

Two mobile phone apps that I like related to secure communications are: Signal and Telegram. Signal is designed to be a text message replacement (you can use it as your default text messaging app in Android, and upgrade certain conversations to secure) whereas Telegram is more like a better Google Hangouts.

[walterw]

 

6 hours ago, drobbins said:

Two mobile phone apps that I like related to secure communications are: Signal and Telegram. Signal is designed to be a text message replacement (you can use it as your default text messaging app in Android, and upgrade certain conversations to secure) whereas Telegram is more like a better Google Hangouts.

Yes, those are both great applications for communicating securely.

I think the "problem" I'm trying to address is general web surfing where:

1. The source may not be reputable and information legitimate.  It can plant an idea in your head.

2. The tracking, either through general surfing, use of "apps", OS-level monitoring, hardware monitoring (microphone / camera).

3. malicious apps / insecure apps / websites which harvest private information or are used to exchange private information, but may not be secure and could be intercepted by an adversary.

 

Having said that, if I were to run SSL Bump via Squid on myself, I could leverage ClamAV to screen the content before it gets to a browser which may help prevent malicious content from opening an exploit.  Perhaps I could also leverage some additional peer proxy that would "monitor" the data being exchanged and either block just the data in question or terminate the request altogether.  Ie. if I were unexpectedly transmitting my phone number (or some PII), I could potentially be notified in real-time then either terminate the request or allow it, etc.  However, there are ways around that.

 

At the end of the day, I think it comes down to trust.  If the site I'm visiting is trustworthy, the likelihood they would do nefarious things is small ...

This is what I'm looking for for mobile devices:

http://newport.eecs.uci.edu/~ashuba/publication/2015_antmonitor_s3/

 

I would imagine the same thing can be done more easily on an actual computer.

[nrc]

The biggest privacy holes are many of the apps and products where people have just accepted sacrificing their privacy for convenience.  I've begun switching my phones and tablets from Android to Apple because Google is the worst offender and Apple provides better control privacy for individual apps.

Beyond that:

Vivaldi Browser  with

• All Google options turned off in Privacy settings
• DuckDuckGo Search
• Privacy Badger add-on
• uBlock Ad blocker add-on

1.1.1.1 DNS resolution on all systems

Avoid Google apps as much as possible.

Avoid Amazon apps as much as possible.

No Facebook ever.

No Alexa, Siri, Cortana, Google Assistant or any voice control that listens without being manually activated.

[walterw]

Hi,

Is 1.1.1.1 just no logging or does it also filter out ads / spam as well - I think it supports DoH so at least if you don't have DNSSEC, then you can be sure your DNS isn't tampered with.  My concerns would be:

 

1. is this DNS record valid, how can I be sure

2. is this DNS record for ads / malware / spam / etc. - use a blacklist / blocklist (uBlock)

 

[nrc]

The basic 1.1.1.1 service is just about avoiding tracking through logging by your DNS provider.  They support DNS over TLS and HTTPS if you want additional privacy.  They also support DNSSEC although that really depends on the configuration of the site being checked. 

https://developers.cloudflare.com/1.1.1.1/what-is-1.1.1.1/

[drobbins]

On 10/1/2019 at 7:23 PM, walterw said:

1. The source may not be reputable and information legitimate.  It can plant an idea in your head.
 

You and I are on the cusp of a political discussion here ? but I would argue that even "reputable" sites these days are spewing propaganda, so there is no substitute for critical thinking. We do not live in an ethical age. Whether intentional or the result of our modern echo chamber, there is misleading information EVERYWHERE online and I couldn't really tell you ANY trustworthy source of information that I would tell you that you could trust implicitly. Even Associated Press and Reuters seem horribly compromised and full of spin! Every journalist seems to want to write an atomic bomb of a news story and go though such extreme lengths to try to inject bias while remaining 'factual' -- it would be comical if it weren't so sad. Assuming a posture of skepticism and "it's probably not as bad as it sounds" is highly recommended when looking at sources of information online. Politics is the art of getting a ton of people pissed off and then leveraging that energy -- and doing this online is known to be extremely effective. So you just have to be wary. Don't be a pawn.

Now, as for the other issues you raised, I guess I can read and think about those now that I've vented ?

[walterw]

 

On 10/7/2019 at 11:44 PM, drobbins said:

You and I are on the cusp of a political discussion here ? but I would argue that even "reputable" sites these days are spewing propaganda, so there is no substitute for critical thinking. We do not live in an ethical age. Whether intentional or the result of our modern echo chamber, there is misleading information EVERYWHERE online and I couldn't really tell you ANY trustworthy source of information that I would tell you that you could trust implicitly. Even Associated Press and Reuters seem horribly compromised and full of spin! Every journalist seems to want to write an atomic bomb of a news story and go though such extreme lengths to try to inject bias while remaining 'factual' -- it would be comical if it weren't so sad. Assuming a posture of skepticism and "it's probably not as bad as it sounds" is highly recommended when looking at sources of information online. Politics is the art of getting a ton of people pissed off and then leveraging that energy -- and doing this online is known to be extremely effective. So you just have to be wary. Don't be a pawn.

Now, as for the other issues you raised, I guess I can read and think about those now that I've vented ?

Yes, this is very true, and well-said.

What are your thoughts on the new Linux phones coming out such as the Librem5?

[calrama]

On 10/8/2019 at 5:44 AM, drobbins said:

[..] there is no substitute for critical thinking. [...] Politics is the art of getting a ton of people pissed off and then leveraging that energy -- and doing this online is known to be extremely effective. So you just have to be wary. Don't be a pawn.

W.r.t. critical thinking there is a pretty decent video series named calling bullshit, which goes into detail on how to apply it in an environment that's ever more increasing in nonsense information.

[rcd2000]

I almost always use VPN,  and change passwords all the time. Changing VPN helps to avoid targeting adds to some degree, but I think it is almost impossible to preserve privacy these days.