I was just reading an article about Calibra, Facebook's cryptocurrency.

Within the article, it brought up the privacy issues that Facebook regularly faces, ie Cambridge Analytica gaining access of up to 87 million FB users without their consent.

The big question I have is how many people really care about stuff like that? Is it just a small segment of watchdogs that raise the flag?

Sure, read an article, talk about it for a day or two. But how many people actually DO something about it... cancel accounts, unplug from services, etc.

Thoughts?

I feel that if you're now becoming concerned about your privacy and are thinking of doing something about it, it's too late.

I always Google "incognito", and I Facebook with an alias.

I always Google "incognito", and I Facebook with an alias.

Just an FYI, if you're talking about an incognito mode like in chrome, that only prevents any records of your activity from remaining locally on your computer.

Rest assured, google knows exactly what you're searching for in incognito mode.

If you want more anonymity in your searching, you need to use a VPN, a different search engine, an anoymizing plug-in, or a combination of those.

Just an FYI, if you're talking about an incognito mode like in chrome, that only prevents any records of your activity from remaining locally on your computer.

Rest assured, google knows exactly what you're searching for in incognito mode.

If you want more anonymity in your searching, you need to use a VPN, a different search engine, an anoymizing plug-in, or a combination of those.

This in spades. Firefox + VPN at a minimum. For those of you with more . . . er . . . eclectic pastimes, you'll need VPN + Tor, and maybe even Tails.

https://www.washingtonpost.com/technology/2019/06/21/google-chrome-has-become-surveillance-software-its-time-switch/?utm_term=.b180922918f9

https://www.washingtonpost.com/technology/2019/06/21/google-chrome-has-become-surveillance-software-its-time-switch/?utm_term=.b180922918f9

disclaimer, i work in tech. these articles are often fear-mongering and prey on non-tech saavy users. chrome doesn't explicitly set any cookies on its own -- it's a browser. hell, you don't even need cookies to uniquely identify an end-user anymore, browser fingerprinting is probably more accurate than that ever was.

i would take an article published on a site owned by amazon with a grain of salt when it's critiquing a competitor (admittedly, that doesn't discredit the factual parts of that article)

disclaimer, i work in tech. these articles are often fear-mongering and prey on non-tech saavy users. chrome doesn't explicitly set any cookies on its own -- it's a browser. hell, you don't even need cookies to uniquely identify an end-user anymore, browser fingerprinting is probably more accurate than that ever was.

i would take an article published on a site owned by amazon with a grain of salt when it's critiquing a competitor (admittedly, that doesn't discredit the factual parts of that article)
Editors at the post could give a rip about Amazon because they're not owned by Amazon. They're owned by Bezos, who also owns Amazon. It's like the Boston Globe, which is owned by Red Sox owner John Henry. The Red Sox don't own the Globe.

This is unlike Warren Buffett, whose company Berkshire Hathaway actually owns the Omaha World-Herald.

The topic around do people care is hard to measure. If you measure it in "steps people take to be more private"...no they don't care (or know) because they aren't taking steps.

As an easy start, install the duck duck go browser extension (duck duck go is a search engine that doesn't track you). You'll also realize that the google universe makes for a very pleasant, seamless experience and that's why they are so ubiquitous. Try using Openstreetmap for all of your mapping needs.

As others have mentioned a VPN is also important. Because your bytes, before they are seen by facebook/google/whoever are seen by your ISP. The VPN will sit between you and your ISP.

As someone who works in digital marketing, cookies, not fingerprinting, are what our technologies rely on. But, there are many large, large "tech giants" that do rely on fingerprinting.

Facebooking with an alias might make it harder for you to find on facebook, but facebook doesn't care what your name is or whether or not you're really you. They just want to serve you ads that you are more likely to click on than not click on.

Editors at the post could give a rip about Amazon because they're not owned by Amazon. They're owned by Bezos, who also owns Amazon.

you have more faith in impartiality (on the tech front) in ownership from a bezos owned publication than i do. i'm actually quite a fan of wapo in general -- but not with regards to their coverage of topics in tech, more specifically in privacy and ethics in tech.

https://www.nytimes.com/interactive/2019/08/23/opinion/data-internet-privacy-tracking.html

What did we find? The big story is as you’d expect: that everything you do online is logged in obscene detail, that you have no privacy. And yet, even expecting this, I was bowled over by the scale and detail of the tracking; even for short stints on the web, when I logged into Invasive Firefox just to check facts and catch up on the news, the amount of information collected about my endeavors was staggering...Basically, Internet privacy seems to be a myth.

https://www.nytimes.com/interactive/2019/08/23/opinion/data-internet-privacy-tracking.html

Basically, Internet privacy seems to be a myth.

Would have been more interesting if they contrasted this with the browsing of someone using a VPN with a combination of PrivacyBadger and uBlock on their browser, which purport to block trackers and ads, respectively.

Basically, Internet privacy seems to be a myth.

i always presume this to be a basic truth.

it's like girls who text naked pictures of themselves to their boyfriend. then they are shocked, SHOCKED that the pictures wind up on the 'net.

once it's digital and has traveled off your device, you have no control over it. that's the way i see it.

I have never been on FB,twitter or any other social network but I do pay for and use a VPN as well as other browsers besides safari and google. I am sure that there are still my digital footprints out there but I do feel safer in my approach. I am not a tech guy so not real sure how to check what I do leave behind.
I think FB is evil and they have way to much info about what people do and where they are at any given time. I would not doubt that they are listening to conversations.

Digital/Internet Privacy is a myth because laws in the USA are not as strong as other countries and our lobbyists (and the political systems in which they work) will make sure it stays that way. As such, companies do not even do the bare minimum to protect your data because they treat it as their property, not yours.

There are simple things you can do to protect yourself but do not get confused between hackers who want to steal your information and big corporations that you gladly hand over everything to each and every day.

After the Equifax breach did you lock your credit report? If you have no idea what I am writing about then go read up on the breach and then contact the three reporting agencies and lock your credit report. Not a temporary security lock but actually lock it so nobody can access it without your consent and passcode to unlock it.

Do you have mutli-factor authentication on every account (or at a minimum your email, health, and investment/bank accounts)?

What protection(s) do you have on your smartphone?

Have you checked the privacy settings on all your social media accounts?

Do you use a VPN and proxy service as mentioned above so nobody can track you?

How about ad-blockers and anti-virus software?

There is nothing you can do (currently) about what data is already out there about you and in some cases nothing at all such as with credit cards (every time you buy something that information is shared with about 1,000 different companies) but you should try some basic protections rather than do nothing at all.

You can also talk to your congressperson and senator and tell them to change the laws to make them stricter like the European Union GDPR (https://en.wikipedia.org/wiki/General_Data_Protection_Regulation) so companies stay out of your data and your life.

Americans simply have no idea what the government can do via the Patriot Act (https://www.eff.org/issues/patriot-act) (put into law by Bush, expanded and renewed by Obama, and you can imagine where Trump stands on the topic). The government spying on its citizens has no political affiliation.

So, unless you want to sell all your electronics and go live off the grid, stay informed, stay current, stay protected, and be mindful of what you share with anyone and everyone.

Before you think I am writing this post while wearing a tinfoil hat in my basement bunker, know that I have worked in the technology field for more than 25 years, hold a CISSP (https://www.isc2.org/Certifications/CISSP), hold a CISM (http://www.isaca.org/CERTIFICATION/CISM-CERTIFIED-INFORMATION-SECURITY-MANAGER/Pages/default.aspx), and just completed a master's degree in information management (https://ischool.syr.edu/academics/graduate/masters-degrees/ms-in-information-management/) with a focus on information and cyber security (https://ischool.syr.edu/academics/graduate/cas/cas-information-security-management/) via the #1 program in the field.


Happy (web) surfing!

Would anyone who is knowledgeable on the topic say that one credit card is better than others for protection against "cyber crimes"?

I try and limit my online purchasing through paypal, which is linked to one credit card (not my bank account at all) and use that same credit card for online merchants that do not take paypal.

is one choice of card any better than the others for the large bulk of my internet spending with regard to protecting myself if things go south?

Would anyone who is knowledgeable on the topic say that one credit card is better than others for protection against "cyber crimes"?

I try and limit my online purchasing through paypal, which is linked to one credit card (not my bank account at all) and use that same credit card for online merchants that do not take paypal.

is one choice of card any better than the others for the large bulk of my internet spending with regard to protecting myself if things go south?

There are several credit cards that allow you to create temporary one time numbers for online purchases. That seems more secure if you're worried about one of the sites you buy from being compromised. On NYC's point above, I don't know if that info still gets sent to other data harvesters in your name.

I just got a capital one venture card recently, and they offer the temporary number thing. But, they also just got hacked... so, can't really give them a thumbs up or thumbs down.

Would anyone who is knowledgeable on the topic say that one credit card is better than others for protection against "cyber crimes"?

I try and limit my online purchasing through paypal, which is linked to one credit card (not my bank account at all) and use that same credit card for online merchants that do not take paypal.

is one choice of card any better than the others for the large bulk of my internet spending with regard to protecting myself if things go south?

I do not think any one credit card is necessarily going to be better than another but limiting the amount of active credit cards one has might help because one of the tenants of cybersecurity is to "limit your attack surface".


I have a similar strategy to you but break it down even further:

* eBay Sell account, PayPal Sell account, email Sell account, bank account with no more than $500 dollar in it linked to PayPal to because that is all I am willing to put at risk. No credit card.

* eBay Buy account, PayPal Buy account, email Buy account, credit card (this card is the same one used for online purchases if merchant does not take PayPal but I do not use it for anything else and we check once a year to make sure the credit card issuer keeps the credit/spending limit very very low which is the opposite of what the card issuer wants). No bank account.

While Apple Pay is mostly secure, I do not trust NFC (https://en.wikipedia.org/wiki/Near-field_communication#Vulnerabilities) systems because they can be easily hacked and are used by ApplePay when you pay with your iPhone as well as when one might use a contact-less credit cards. I only use chip credit cards and insert them into the reader.

I am happy to go into more details offline but needless to say my wife and I do not use store issued credit cards, gas credit cards, and will most probably never get an Apple Card (https://www.apple.com/apple-card/).

I do not think any one credit card is necessarily going to be better than another but limiting the amount of active credit cards one has might help because one of the tenants of cybersecurity is to "limit your attack surface".


I have a similar strategy to you but break it down even further:

* eBay Sell account, PayPal Sell account, email Sell account, bank account with no more than $500 dollar in it linked to PayPal to because that is all I am willing to put at risk. No credit card.

* eBay Buy account, PayPal Buy account, email Buy account, credit card (this card is the same one used for online purchases if merchant does not take PayPal but I do not use it for anything else and we check once a year to make sure the credit card issuer keeps the credit/spending limit very very low which is the opposite of what the card issuer wants). No bank account.

While Apple Pay is mostly secure, I do not trust NFC (https://en.wikipedia.org/wiki/Near-field_communication#Vulnerabilities) systems because they can be easily hacked and are used by ApplePay when you pay with your iPhone as well as when one might use a contact-less credit cards. I only use chip credit cards and insert them into the reader.

I am happy to go into more details offline but needless to say my wife and I do not use store issued credit cards, gas credit cards, and will most probably never get an Apple Card (https://www.apple.com/apple-card/).

I hope cash does not die in my lifetime
See the Snowden film for great overview of the death of privacy and how to survive in the era of Big Tech/Big Brother.
no “anti-social” media for me thank you
no Goog
no Spitter
no FishHook
off the Instagrid

Would anyone who is knowledgeable on the topic say that one credit card is better than others for protection against "cyber crimes"?

I try and limit my online purchasing through paypal, which is linked to one credit card (not my bank account at all) and use that same credit card for online merchants that do not take paypal.

is one choice of card any better than the others for the large bulk of my internet spending with regard to protecting myself if things go south?

NYCFixie hit on the important points both on this page and the previous about security in general. My experience with credit cards is that you're going to get compromised. It will happen. It's just a matter of how often and how well your CC company responds. I pretty much only use AMEX for this reason. They make it so replacing your card and removing fraudulent charges is almost easy. They can also roll forward any recurring payments so you don't have to run around updating numbers for your Netflix, Hulu, Prime, etc., etc., etc. accounts. I've also found that their monitoring systems are pretty accurate and whenever my card has been compromised, they actually alert me before I figure it out myself.

Nothing is free, you have to be really naive to think that facebook and all of the other free platforms are not going to use any of the data posted by you.

They say they will protect you and stuff but the problem is that they need to get money somehow, so they sell all they can from you, and no matter if they swear to you that they wont... yes they will and they do...

Anybody remember the winter soldier when the computer scientist explained how they read your data in the internet? Pretty much that's what they are doing... there is a project already running that is trying to predict the future.

So, if you arent able to take care of your own privacy creating alter egos in those free plataforms, why you should believe they will do it for you? Social network is nice, but is totally out of wack lately, better just fly under the radar and pretty much go analog, and off the digital world but the paceline forums :D

I was just reading an article about Calibra, Facebook's cryptocurrency.

Within the article, it brought up the privacy issues that Facebook regularly faces, ie Cambridge Analytica gaining access of up to 87 million FB users without their consent.

The big question I have is how many people really care about stuff like that? Is it just a small segment of watchdogs that raise the flag?

Sure, read an article, talk about it for a day or two. But how many people actually DO something about it... cancel accounts, unplug from services, etc.

Thoughts?


Do they care? Maybe, but what I see is that they really don't understand the technical side so it's difficult for them to make an assessment.

The press isn't going to explain it because the press is one of the biggest offenders at tracking people and building detailed profiles. Tell me what you read and I will tell you all about you.

Businesses aren't going to explain it because tracking and building detailed profiles of users is the predominant business model of the last 15 years.

Congresspeople aren't going to explain it because campaigns are one of the biggest offenders at tracking people and building detailed profiles of voters.

Law enforcement (state, local, and especially the federal spy agencies) love all of this because they know a panopticon will make it easier to solve crimes and they have this fantasy that they will predict who can commit crimes.

We have a sad formula in this country: the citizens are in the dark and every source of real power has a vested interest in keeping them in the dark. So...do the people care? Maybe.

https://assets.amuniversal.com/36047b203b150138eb72005056a9545d

Bit of a thread dredge but I just signed up to Mozilla's VPN and thus far have been very impressed. This is not a VPN to use to allow you to access UK Netflix or BBC iPlayer. But if your main requirement for a VPN is privacy and maintaining your internet connection's native speed, it seems great so far.

I am using this in combination with the in-Firefox uBlock extension and an on-network PiHole and I feel pretty safe. I haven't been getting targeted ads for a while due to the PiHole but I am glad that a VPN from a company I have trusted for over a decade, rightly or wrongly, exists.

It uses the WireGuard protocol rather than IKEv2, IPSec or OpenVPN and to me, it's noticeably faster than any other VPN I've used. Latency is the same to Google.com, regardless of whether the VPN is enabled. Impressive.

I usually get 290Mbps down using Fast.com and with the VPN enabled and connected to a server in Los Angeles, I'm getting 280Mbps. Also very impressive. I usually get around 50Mbps when using a VPN.

It's worth noting that it relies on Mullvad's VPN offering in a Mozilla branded package, which I'm happy with as I already have a Mozilla account. In fact, if I go to Mullvad's website, it tells me that it thinks I am using a Mullvad VPN.

Bit of a thread dredge but I just signed up to Mozilla's VPN and thus far have been very impressed. This is not a VPN to use to allow you to access UK Netflix or BBC iPlayer. But if your main requirement for a VPN is privacy and maintaining your internet connection's native speed, it seems great so far.

I am using this in combination with the in-Firefox uBlock extension and an on-network PiHole and I feel pretty safe. I haven't been getting targeted ads for a while due to the PiHole but I am glad that a VPN from a company I have trusted for over a decade, rightly or wrongly, exists.

It uses the WireGuard protocol rather than IKEv2, IPSec or OpenVPN and to me, it's noticeably faster than any other VPN I've used. Latency is the same to Google.com, regardless of whether the VPN is enabled. Impressive.

I usually get 290Mbps down using Fast.com and with the VPN enabled and connected to a server in Los Angeles, I'm getting 280Mbps. Also very impressive. I usually get around 50Mbps when using a VPN.

It's worth noting that it relies on Mullvad's VPN offering in a Mozilla branded package, which I'm happy with as I already have a Mozilla account. In fact, if I go to Mullvad's website, it tells me that it thinks I am using a Mullvad VPN.

Thanks for this, I’ve been waiting for them to roll it out for OSX before signing up. I’ve become a big Mozilla fanboy over the past year or so, just because it seems they’re really trying to help bring a better internet to users.

I'm convinced that Facebook is actually going to go into the identity theft business at some point. It's not that difficult to de-anonymize a supposedly anonymous database, Facebook was trying to buy anonymous versions of health records and match them up to people. The website itself is only used for data mining, the data sales are their actual business. And they are really bad about who they will sell to. It could actually make problems for people. Although, tbh, they are collecting data about everyone, even if they don't have a fb account.

surprisingly, theradavist.com has a ton of tracking on it. Download any free web sniffer extension for chrome and you'll see how many scripts each site you visit is running in the background.
Google Analytics and Google Tag manager are EVERYWHERE.

You are going to get used if you use the internet. Mostly you won't know who is using you, but they will know you.

De-anonymizing is kind of a red herring because when the data is in separate containers it might be anonymous, but stir the containers together and its pretty straightforward to establish patterns, and those patterns can lead to identifying users.

Between your internet use and cell phone use, you are not anonymous to someone with access to the data and time to stir it up. Cell phones are the most virulent data collectors around. What do you think Verizon, ATT, T-Mobile do with your data? Marketers buy it all the time. But mostly they just want to sell something and don't care who you are other than a likely buyer.

The data that can be readily bought by anyone who can pay for it is perhaps more indicative of your patterns and life activities than a law enforcement subpoena. The subpoena is limited in scope. The commercial data market is vast beyond belief. And government agencies buy the data too. However, they are not looking to sell you anything.

None of this means you should start wearing a tinfoil hat. But you should think about it.

In your email account, you often provide a mobile number for two-factor and a back-up email. Once these items are linked, you can create a very nice picture of your activity. Throw in geo-location, and photos you post, and your click stream, and you are basically cooked.

With GDPR in Europe, you at least get queried by sites about cookies and can toggle some off, but it takes up a lot of time and more people just accept all.

Counterintuitively, the easiest way to detect a scammer is their email and other contact details on the internet don't link up if they are any good. Everything is a segregated box leading to a dead end.

I feel that if you're now becoming concerned about your privacy and are thinking of doing something about it, it's too late.

Agree...do a google search of your name..:eek:

You are going to get used if you use the internet. Mostly you won't know who is using you, but they will know you.

De-anonymizing is kind of a red herring because when the data is in separate containers it might be anonymous, but stir the containers together and its pretty straightforward to establish patterns, and those patterns can lead to identifying users.

Between your internet use and cell phone use, you are not anonymous to someone with access to the data and time to stir it up. Cell phones are the most virulent data collectors around. What do you think Verizon, ATT, T-Mobile do with your data? Marketers buy it all the time. But mostly they just want to sell something and don't care who you are other than a likely buyer.

The data that can be readily bought by anyone who can pay for it is perhaps more indicative of your patterns and life activities than a law enforcement subpoena. The subpoena is limited in scope. The commercial data market is vast beyond belief. And government agencies buy the data too. However, they are not looking to sell you anything.

None of this means you should start wearing a tinfoil hat. But you should think about it.

I mean, researchers and experts have been saying for a while that they’ve been able to re-indentify almost all users from anonymized datasets:

https://techcrunch.com/2019/07/24/researchers-spotlight-the-lie-of-anonymous-data/

In the government example you mention, though, I know there’s been a lot of recent news about them purchasing location data from app developers who were collecting that stuff on users in order to help track individuals they’re interested in.

I mean, researchers and experts have been saying for a while that they’ve been able to re-indentify almost all users from anonymized datasets:

https://techcrunch.com/2019/07/24/researchers-spotlight-the-lie-of-anonymous-data/



Great info, thanks for the link. Very interesting stuff.

I mean, researchers and experts have been saying for a while that they’ve been able to re-indentify almost all users from anonymized datasets:

https://techcrunch.com/2019/07/24/researchers-spotlight-the-lie-of-anonymous-data/

In the government example you mention, though, I know there’s been a lot of recent news about them purchasing location data from app developers who were collecting that stuff on users in order to help track individuals they’re interested in.

You mean the Palantir business model.

You mean the Palantir business model.

Yep, and it’s enough to score them a $22bn valuation for IPO next week