Jump to content

All my products and services are free. All my costs are met by donations I receive from my users. If you enjoy using any of my products, please donate to support me. Thank you for your support. Tom Speirs

Patreon

DuckDuckGo


tthurman

Recommended Posts

  • 3 weeks later...

I play it a bit dangerous I guess. HTTPS everywhere, Ghostery, Norton Security Suite, and DuckDuckGo square my security. I have been rocking a modified "Hosts" file forever, which I'm not sure even works the same as it used to. It was kinda like pi-hole, except ad servers are listed in the hosts file. When a webpage requests an element from an ad server listed in the Hosts file, a match is found. This tricks the website into thinking the file is local to my machine; but nothing really is. The ad never appears on the page, instead it's replaced with a "not found" image if anything appears at all.

I've been considering NordVPN for an added level of anonymity. I'd prefer a free VPN if there were a good one (outside US, unlimited DL, & fast), but I've not looked that hard into it.

What is this DNS voodoo you speak of?

Link to comment
Share on other sites

Okay, so from what I gather It boils down like this:

Spoiler

Proxy:

  • Hides IP address
  • Does not encrypt internet traffic
  • May improve speed/privacy if ISP DNS server is slow/Logs traffic
  • Defeats censorship, but not snooping.

Smart DNS:

  • Chooses which type of connection is routed through a proxy server
  • Hides IP address, for select content.
  • Does not encrypt internet traffic.
  • May improve speed/privacy if ISP DNS server is slow/Logs traffic, but only for content routed through the proxy.
  • Can be configured to connect to georestricted content from a specific region.
  • Defeats censorship, but not snooping.

VPN:

  • Hides your IP Address
  • Encrypts Internet traffic 
  • Defeats censorship and snooping,
  • Encryption slows upload/download
  • App protection via killswitch to stop all UL/DL if VPN connection is lost.

I gather a good paid VPN offers the ultimate in anonymity and privacy, whereas Proxy servers and Smart DNS only offer sudo anonymity - snoops can still intercept your unencrypted web traffic and see what you see, unless the DNS server offers DNScrypt. And if it does, haw is that different from a VPN?

Link to comment
Share on other sites

There's a been a war raging between advertisers and consumers since forever. Services that protect privacy cater to consumers, which makes them safer and provides a place of refuge. Advertisers and those they support see this as an assault on their livelihood, and work feverishly to prevent you from having anywhere to hide. They discredit, demonize, and ban privacy on false idealism, like the old adage, "if you have nothing to hide, you have nothing to loose". Ad-men, pocket politicians, radical nationalists, and many others convince themselves that Less privacy means more safety. Well that's a dangerous notion and clearly wrong.

Nothing is more effective at preventing an attack as keeping secrets. Privacy is the primary deterrent, security only applies if the enemy knows how to look for what, as well as when and where to look for it. That knowledge should have been kept secret in the first place. The most effective security system, strongest door, castle, fortress, or military detachment can't beat lack of knowledge. If no one knows who, what, when, where, and why, then there will be no enemy to attack you in the first place. 

Ask the defense department if we'd be safer without a private place to store state secrets, online retailers if they or their customers would be safer without a private place to store sensitive information. Public nudity is illegal. That's something to hide, and I will loose my freedom and reputation if I don't. Here's a fact. I have to undress at some point (to bathe, change my cloths, play risque twister, or whatever), so I need a private place to do that. Glass houses, doors and ceilings prevent no one from seeing what they'd  rather not or shouldn't - they just keep people out.

Privacy doesn't just protect secrets you want exposed, like corporate or political corruption, but those you don't, like personally identifiable information. Most secrets are good, not bad! My credit card and social security number are secrets. No one would say that I'm a terrorist and try to have me incarcerated for not letting a thief steal my identity or money, but that's what this dangerous rhetoric implies - that there's no legitimate use for secrets and if you have anything to hide you must be a criminal. Good people absolutely have more to hide and loose than they ever did before. The internet has changed the way secret information is stored and shared. We need more privacy, because we have much to hide and a lot to loose.

Link to comment
Share on other sites

I remember ad-free internet.  It was awesome.  Of course, the slow 56k baud modem eating up the phone line 12 hours a day sucked. But back then you didn't need more.  Now it's so bad, you can't even trust your own email.  My ex-coworker (lives down the street from me) had me come over to fix her computer for like the 10th time the other day.  She never had a computer before, now in the last year she's gotten viruses, malware, and very nearly had her identity stolen.  Were it not for ID theft protection, she'd be toast.  It's far to easy for scammers to take advantage of the unwise.  This is a case where ignorance is NOT bliss.  Read below to see what I mean:

Spoiler

The most recent call for me to help her went like this. 

Needs me to fix her computer.  Said her computer kept coming up saying it was infected, and she had to call a phone number to have somebody fix it.  It came up fresh from a reboot with her screen all black, a nifty logo of a would-be virus type software ad, politely telling her her computer was infected and could be fixed by calling the number.  You know, your typical ransomware.  She called the number.  It sounded somewhat legit to her.  She gave them a credit card number she had like a $200 limit on.  They took the money.  Then asked her for her to press a certain key stroke (like WIN+ALT+K or something).  Her screen unlocked and automatically opened up a webpage prompting her to install a program.  Very clearly the site said it was a remote access utility so the company she called could gain access to her computer to clear out the virus.  Again, she's a total newb and doesn't realize the security violations happening here.  She followed the rep's instructions, with them still on the phone, installed the program, and they continued to go in and erase the program prompting the warning on her screen during boot up.  She then hung up and rebooted.  This was all before calling me.  What she called me for after that was that her computer was running super SLOW.  I popped in there with my classic assortment of utilities.  Hitman Pro, Adaware, SpyBot, Malwarebytes.  I found that the program she installed for the remote access installed a keylogger, as well as a background service that was taking up 50% of her CPU.  Not only that, but when she checked, her account with the credit card company had gone from the payment she made to them (like $10), to being overcharged by $100.  Basically, they got her.  While I was there she was able to dispute the entire charge to her credit card, including the "legit" charge.  When it was all said and done, she had her computer back and the credit card cancelled.  This was the closest I've seen somebody I know have a true full-on identity theft attack because of the keylogger.  They were waiting for MORE information, and took the opportunity to install access behind her back, with her "willingly" installing it.

Spoiler

The time before that when I had to fix her computer prompted a complete format and reinstall of Windows.  She get's emails from her brother all the time.  He's in the army and sends her photos of him and his buddies at the different place's he's staged.  Well, somebody "out there" got wise to the idea and formulated an email to look like it came from him.  It said something like "So and so sent you a picture.  Click >here< to see it!".  So without thinking twice about it, she clicked "there".  Next thing you know, a program installed itself and infected her computer.  When I came to the rescue, I asked her if there was anything she wanted to keep before I formatted.  She said she didn't want to lose his pictures.  I asked where they are (so I could back them up to a USB stick I brought).  She showed me how she gets them, and it was in the web via yahoo mail.  So I told her they were safe.  I also saw the email she "clicked".  I instantly recognized it as a phishing/malware scam.  But she was ignorant to it.  I tried to show her, and explain that he sends her pictures using ATTACHMENTS, and she never had to click a link in an email to see a photo from him.  I pointed out that if she hovers over a link she should read the screen saying where it's going and NOT click if it doesn't look right or familiar.  I think she's finally getting the hang of it but who knows?

Spoiler

Another email scam she got was with PayPal.  She signed up for it for some reason, eBay I think.  I told her eBay was too big a thing for her but she insisted, saying her friend came by and showed her how to do it and felt totally safe with it.  Well anyway, she got an email from "PayPal" saying she was overdrawn.  It asked her to "click here" to go to PayPay's website and immediately make a deposit into her account.  Well, she clicked, got infected, and I had to come rescue her again.  This was another piece of training I had to go through with her.  Not only does PayPal send emails like that, they only act as an in-between with eBay and her bank, and that they're not a bank themselves.  She said she got another email from PayPal saying her account was locked out because she had too many failed attempts to login, and asked her to "click here" to try signing in again.  She said she thought that was a scam and erased it.  I congratulated her because PayPal wouldn't have you try to sign in again, they'd tell you to go to the website and click "forgot password" to have it help her reset it.  I had that happen to me recently because, well, I don't use PayPal all that much and forgot it.  Plus, she has all her passwords written in a book so she couldn't have done it wrong so many times they would tell her.  And she said she never had a problem logging in before.

She's getting better at recognizing the potential scams, but still willy-nilly clicks wherever she wants on a webpage.  She'll be reading the news and see an ad on the side for something and she'll just click it.  "Ohh free hotdogs!" >click<  She just doesn't get it.  I had to point out to her that if she sees that blue triangle, or something that says "ad", don't click it.  But she still does.  She thinks the internet is an interactive newspaper.  Which was true 20 years ago.  :(

Anyway, click the above for some prime examples.  Flying across the internet, in your face ads is becoming so bad, it makes the ignorant people all the more susceptible to privacy issues.  You can't be safe on the internet anymore.  It's bad and obscene.  I hate that these people take advantage like they do, preying on the untrained.  Some of us were around when the internet was young and useful before big business came in and commercialized it, we have no problem identifying the bad stuff (most of the time).  Now you got these new users with their new computers, who are 50+ years old with a computer in their house the first time, who just don't know any better.  I think there's no end in sight.  In my co-worker's case, her best bet is to just disconnect.  For others, they need to be in a safer environment, like the Public Library, to browse.  And then NOT do any kinda of online banking /shopping or socializing (Facebook) on that computer.  If you don't want the next user in the library to potentially see your credit card information, don't enter it.  If you don't want the guy sitting next to you to see you in the library fapping off to whatever, it's a safe bet it's an unsafe website to begin with and you probably shouldn't be there in the first place.

Link to comment
Share on other sites

Yep, I've helped out a few people ignorant of basic computer privacy and security. I mean basic, like installing an antivirus program and running it periodically. It's absolutely blood curdling to see a sweet old lady just trying to keep in touch with her son living across the country get taken advantage of.

My advice shouldn't have to be, 'disconnect from the internet'. Especially since now it's practically impossible to. Their considerable education and experience sadly couldn't prepare them for a world this messed up. They need people to help them learn, or a society that keeps enough analog methods around to allow them to function offline.

Oh here's an example I see all the time. I have the weather channel app installed on my phone. Well they have an ad right in the middle of the current day forecast and the seven day. It always has some incredible click-bait picture/caption. Things like, "Clint Eastwood facing 25 to life" with a picture of him looking sullen. Things like that make you think "what happened"?. And lookout if you click on the ad to find out! That's on a reputable app like the weather channel. Do they not have standards? Or are they just so greedy they don't care how many people get duped, as long as they get paid the most? Maybe they justify the decision by shifting the blame to us. "Well they don't want to pay for the app, so we have to make money some way".

Link to comment
Share on other sites

I got one of thoes yellow envelope letters in the mail that uses a font looking like hand writing. They even used a real stamp to sell the look. I've seen these before. What was new this time was this little Plastic thing glued to the letter inside. It made the envelope bulge as if there was something more inside. Well this was your run of the mill scratch it to see if you've WON A NEW CAR!! The plastic thing had a pull tab with a serial number that lights up with a red LED. So the idea is, if the serial number matched the scratch off, you win a new car. Well I scratched, and pulled, and...Oh hey guys, guess what?

I WON A LEXUS!!!

Oh wait...I won an invitation to attend a lexus dealership, for a chance to win a lexus at an ambushing event (err, I mean spring clearance event). OH BOY!!!!

I pocketed the batteries and LED, then recycled the tree carcass.

 

How did they get my address I ask you? I'm sure it wouldn't have anything to do with the new car I bought last year. My dealership would never sell my personal information like that! No I'm sure everyone in a 100 mile radius of the dealership received one of these letters. No, the dealership or the marketing firm they didn't hire made no effort to target their audience...Man it's exhausting trying to defend obviously shady tactics. Marketing must ruin a person emotionally, if they were't sociopaths to begin with. This is just one of the many good reasons to have more privacy and an example of what the lack of privacy leads to.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...