Digital Privacy - Have You Considered Yours

Gass

Member
An entire industry has grown around buying all this information about our digital lives, combining it with information collected from websites like Google and Facebook, to produce the detailed information on your daily habits in order to sell you more stuff...
What will we do when the day comes when it not only affects the ads we see but the prices we are given and expected to pay as well - if it's not happening already.

Say someone's annual income reflects in the prices - that your collected data shows you have an interest in, more income equals a higher price your given, or if it's known that your more than likely to return an item as over half of what you buy has been returned - just two examples that can be multiplied by any number of entries in your profile contents of the collected data that is stored about you without your consent. Sold, shared, hacked this profile is linked to you !!!

No one can doubt how much we expose ourselves online by completing homework assignments, applying for jobs, banking, and performing a myriad of other daily tasks. In the era of “big data,” broadband providers do not need to look at the actual content you stream or download to learn about the likes and dislikes of everyone in your home, this gives ISPs a comprehensive view in your behavior, your ISP collects on the number of Internet connected “smart” devices as well, and how they behave (or us the users), this allows anyone with access to the information to construct a frighteningly accurate picture of our private life's.

“Google Web search” isn’t actually the only game in town. Less profit-motivated search engines like DuckDuckGo.com and Ixquick.com may take a little getting used to, but they do make explicit policy of protecting users’ browsing privacy.

Every time you send a message, post, or picture, you’re publishing it the same way CNN does a news story. And the internet never forgets. Thus "Never" so your data trails lead to BIG DATA Storage and profiles you.

“The traffic that an ISP can observe from such a gateway contains a significant amount of private information about user behavior. The same study from 2013 finds that network traffic can reveal significant information about user activity, including information about when a user is home; the number, type, and manufacturer of devices that they have connected to the network; and in some cases even the waking and sleeping patterns of users in the home. It is worth NOTING that we can observe these features of user activity even when the traffic is encrypted.”

This is happening at all levels now, from your ISP, OS, installed applications, metro apps, mobile apps to the websites one may visit, our Data is collected for harvesting our personal information, interests, habits, etc... Like examining a cross-cut of an adult trees growth rings you see an extended picture of it's life, so it's true with the collection of our data - just think of a two year period online what could be learnt of us.

The amount of information ISPs have access to multiplies when an ISP is also the customer’s cable provider. Cable companies can and do collect information from a customer’s set-top cable box. Your mobile phone tracks your daily locations then your cell ISP and should you connect to your homes Wi-Fi network all gain this information.

In a paper partially funded by Broadband for America, a coalition whose members include AT&T, Comcast, and Verizon, alleges that a user can shield their self from an ISP’s prying eyes by using encryption or Virtual Private Networks. But is this really true as fingerprinting technologies advance and combined with system and user profile ID-ing.

Does digital privacy belong to those who can pay for it and who can encrypt their traffic, or is privacy a right as Congress intended?
The FCC should follow the law and propose rules that recognize that consumers have the same right to privacy when visiting a website as they do when making a phone call. Privacy isn’t just for those who can afford it.

There are strong privacy protections for telephone communications. Broadband is today’s dominant form of communication and consumers should receive the same level of privacy communications in the 21st century as they did in the 1800’s.
The FCC, as the primary “cop on the beat” for telecommunications, needs to enforce the consumer’s long established right to privacy.
{In the Spoiler Tabs are Links to other Related information and you'll soon see a theme to some practices start to appear}
Earlier this year, Pew Research found that nearly three-quarters of internet users want more control over who can get their information. Consumers don’t want their financial, medical and other personal information shared, at least not without their permission.
Critics argued that because consumers could be confused, the government should not adopt new rules for ISPs unless those rules were imposed on everyone at the same time. In other words, because websites would not operate under the stronger rules, ISPs should not have to either. Limited privacy protections are what we have now, and nearly half of internet users surveyed say the current privacy regime leaves them confused, discouraged, and impatient.

The optimal solution would be to adopt strong privacy rules for both ISPs and websites, but unfortunately, this is easier said than done. The FCC can adopt rules of the road to protect people’s privacy only when it comes to ISPs.
Websites, on the other hand, are overseen by the Federal Trade Commission (FTC). Unlike the FCC, the FTC must follow an arduous process that makes it virtually impossible to adopt similar rules.

We need to make sure consumers’ privacy is protected, no matter where they go on the internet or how they connect. Congress should take this opportunity to fully empower the FTC, and give it the tools it needs to protect consumers from the unscrupulous practices of any company that can collect and monetize their data — whether it is a website or a cable company.
To fully answer the public’s call and maximize the economic power of the internet, the two agencies must do all they can to protect consumers by using the tools that they have today. That means the FCC must act now to finalize strong, new privacy rules.

Back in March the FCC voted to begin crafting new broadband privacy rules.
The agency was prompted to action by bad behavior from the likes of AT&T (which had begun charging users a premium if they wanted to protect their privacy) and Verizon (which has begun modifying wireless data packets to track user behavior around the internet).
The proposal is basic, simply requiring that ISPs disclose what they're collecting, and provide working opt out tools to consumers. ISPs, eyeing billions in new marketing revenue potentially hamstrung by informed and empowered consumers with the proposed ability to opt out.

The FCC's proposal to create privacy rules for ISPs is a result of last year's Open Internet Order, in which the Commission reclassified ISPs as Title II telecommunications services under FCC jurisdiction. This proposal has also gone through the necessary public comment periods. The proposal would create opt-in consent requirements from consumers for the majority of their data that is collected by ISPs. ISPs currently collect consumer data that includes information related to sensitive issues like health, finance, and e-commerce. This proposal will also give consumers greater control over their personal information. It's been over ten years since Congress mandated that ISPs' top privacy priority should be making sure consumer data is not misused. These rules are long overdue.

We face uncertainty with the approaching November election. A new administration could strip away these important consumer protections. We cannot afford to wait. These proposals are both necessary for a fair, competitive, consumer-friendly marketplace.

The 21st Century Privacy Coalition - which represents the largest cable and telecommunications companies - addressed the Federal Communications Commission’s recent efforts to protect online consumer data. The 21st Century Privacy Coalition, while supporting the general distinction made by the Federal Trade Commission (FTC) between “sensitive” and “non-sensitive” data, advocated for classifying broad categories such as “browsing history,” which generally contains sensitive information, as “non-sensitive.”
Relying on this framework, the following items would not be protected under a “sensitive-only” approach:
-Whether a subscriber has visited a website related to a particular medical condition or other private information such as websites related to sexual orientation or sexual abuse.
-Whether a subscriber uses a medical monitoring device or particular method of online payment.
-Which devices in the house are used by children, run applications designed for children, or are associated with such activities as homework.

The question has been whether the FCC should extend its highly successful cable privacy and phone privacy regime to include broadband, or whether the FCC should instead adopt the FTC’s approach.

Unsurprisingly, the broadband industry wants to cherry pick FTC precedent to construct a standard that would leave our most confidential communications subject to their prying eyes. This would break with more than 225 years of federal law consistently maintaining the privacy of our communications. We have never let letter carriers keep a log of where we send our letters.
We have never let the phone company sell to advertisers a list of whom we call. The FCC should not let broadband providers track our every website visit or application use.

Laptops, Smartphones, and other devices you use at home all connect to the internet through your router, if you have a setup like this. And so do web-connected devices such as Smart TVs and some security cams and children’s toys.

Outwit Your Smart TV
Automatic content recognition (ACR) systems built into many smart televisions transmit data to analytics companies that may use it for marketing. You’ve already paid for your TV with money. If you don’t want to pay again with your data, hunt through your TV’s “smart” settings for the feature—which may be called Live Plus, SynPlus, or anything but ACR—and turn it off.

Keep GPS Data Private
Facebook can extract your whereabouts from your mobile phone. But you can turn the function off using your phone settings.
For an iPhone, you'll find the controls under Location Services. If you've got an Android device, look under Facebook Permissions in Applications Manager.

Use some Password Math
A strong password can be your first and last defense.


Step 1. E stands for “entropy,” which is the opposite of an ordered pattern. Entropy is good: The bigger the E, the harder a password is to crack.
Step 2. Let’s say your keyboard has 95 unique characters. If you’re randomly constructing a password from that whole set, R=95.
Step 3. Let’s say you have a 12-character password. If so, L=12.
Step 4. The number R to the L power is 540,360,087,662,636,962,890,625—which is how many possible passwords you’ve got.
Step 5. That number is the same as 2 to the 78.9th power—and the log base 2 of that is 78.9. In info-security lingo, it’s 78.9 bits of entropy. That approaches the “exponential wall,” where a password could take ages to crack. And yes, 12 characters picked at random from a keyboard will do the job.

Use Separate Browsers
Set them both up to do all the security and privacy things their capable of, and install Adguard on your system, don't let one browser import passwords, bookmarks-favorites from the other browser -- this is meant of both browsers. Add the HTTPS Everywhere extension, which you can download from the Electronic Frontier Foundation, and your connections will be encrypted anytime you connect to a website that supports https. As some sites that support https use it inconsistently and the extension makes it's use more of a uniformed use.
Use One browser for your personal online affairs - use this one exclusively for banking, emailing, online purchases, etc...
In the Other One browser use is for everything else like online forums and reading news, web searches, etc...
If the Other One browser for everything else (being) other than your "personal affairs" is compromised (malicious attack) it can't affect (breach) any of your personal information such as credit/debit cards, banking account as it dosen't even know this information exists - as it contained in a separated browser.
Another way is to use an installed Password Manager and don't let any Browser know anything in this department of your personal information's.

Use Encryption Everyday
Encryption is for everybody—activists, journalists, secretaries, grandmas. When you mail a letter, you seal the envelope so no one can read it. It’s the same idea with your data and encryption.
Basically, encryption scrambles your data so that it’s unreadable by anyone who doesn’t have permission to access it.

Do Your Phone First
Your smartphone knows everything about you. New iOS and many Android smartphones are encrypted by default, if you have an older mobile OS, you’ll need to go into Settings.

Do Your Computer Files
You can encrypt your whole machine or just sensitive files. To encrypt specific files on a Mac, use the Disk Utility. Windows 10 Home users can download a free app such as GPG4win (aka Gnu Privacy Guard).

Do Your USB Drive
Flash drives can be misplaced—along with your files.

Keep Your Fitness Data to Yourself
Many wearables are paired with users’ smartphones using Bluetooth technology—but those phones may not be the only hardware scooping up the signals. A 2014 study by the security firm Symantec and a June 2015 study by Germany’s AV-Test.org found that many Bluetooth devices don’t prevent data access by “sniffers” located nearby. Fitness trackers and running watches can broadcast sensitive information such as the user’s name, address, password, and GPS data.
Not all trackers let you shut off Bluetooth, but many do. If possible, keep your wireless settings turned off until you choose to upload the data to your phone at the end of a workout or at night.

Just Fake Personal Information
Toymakers are rolling out connected kids' products—including tablets and talking dolls—and asking families to divulge personal information to register them. But that essentially provides marketers and potential hackers with details about your children. So consider providing fake information. For an address, may we suggest Bart Simpson’s—742 Evergreen Terrace?
Same for yourself when joining an online mediums - supply fake information and use temporary email services. Of course this is not meant for any e-commence unless you use cryptocurrency as a payment method.

Lock Down Your Baby Monitor
Hackers sometimes break into WiFi-connected babycams, even hijacking the speakers to talk to children and caretakers. That’s often because users don’t know to change the default settings. When you set up any internet-enabled camera, create a unique username and password. Also, turn off the babycam when it’s not in use. That will make hackers less likely to discover it.

-----------------------------
WIFI Privacy
Make your router more secure.

Find an Ethernet Cable
It’s safer to rely on old-fashioned wires and plugs, the freedom of wireless is not yours alone... Then use it to connect the router to your computer, other devices when using wireless - disconnect as soon as your done.

Get the IP Number
Every router has two IP (internet protocol) addresses, an external one for communicating with the internet through a modem and an internal one for your laptop, smart TV, and other devices. To make changes to your router’s settings, you need to access it through your browser using the local IP address. (Owners of Apple’s Airport routers who have a Mac can make changes via Airport Utility.)

Update the Username and Password
If you never changed the default settings, do that now.

Change the SSID . . .
Your SSID—service set identifier—is your home network’s name. Replace the default SSID with something more creative but not too personal. There’s no need to identify this as your network, is there?

Then Hide It
Router settings allow you to hide your WiFi network from prying outsiders. Note that once you do this, you’ll stop seeing the network pop up in your own devices’ WiFi lists, and you’ll need to type the SSID into each device you want to connect.

Embrace Encryption
You need to switch from WEP to WPA2-AES and disable the PIN method of using WPS. These acronyms represent ways to encrypt communications on your WiFi network. You want WPA2-AES because it’s the newest and strongest. If you have really old devices, they may not be able to connect this way. And that means it’s time to replace them.

Update Firmware
Some routers today automatically update their firmware—they check for updates, install new software, and reboot in the middle of the night. But not all of them do—and many routers that say they have automatic updates require users to log on and hit “Okay.” So do that

Make Sure Remote Management Is Off
Are you going to need to change your router settings when you’re far away from home? Probably not. Do you want to allow anyone else to do it? No, so make sure that this feature is disabled. It’s often referred to either as Remote Management, Remote Access, or Remote Administration.

Shut It Down
Going out of town? Turn off the router unless you need it to access smart devices such as your thermostat or a security camera.

Laptops, smartphones, and other WiFi-enabled devices can automatically connect to familiar networks.
That’s convenient—no one wants to enter a password for their home or work WiFi every day—but it can also be risky. A hacker can set up a rogue WiFi network with the same name as a legitimate one such as “Google Starbucks” or attwifi and trick your gadgets into joining it.

Periodically get a fresh start by using your devices’ network or WiFi settings to prune the networks you join automatically.
Most devices let you delete networks one by one, but if you have an iPhone or iPad, you need to go to Reset Network settings under General settings and delete all of them at once.

----------------------
Check on the Kids
Minors had their identity stolen 51 times more often than adults in a study by researchers at Carnegie Mellon University.
Keep an eye out for letters from collection agencies, bills for unpaid balances, or a warning that pops up when you try to file your taxes electronically if you list your child as a dependent. But sometimes there’s no hint that a minor is a victim of identity theft. To be safe, request reports from the three big credit-rating agencies by the time your children turn 15. That will give you time to clear up any problems before they apply for college loans, jobs, or credit cards.

Stop ID Theft After a Death
Identity theft affects 2.5 million estates every year, according to the IRS. If a loved one has died, send a copy of the death certificate to the IRS (the funeral home may help with that). Also, cancel any driver’s license, and notify credit agencies, banks, insurance firms, and financial institutions.

See the whole - 66 Ways to Protect Your Privacy Right Now
http://www.consumerreports.org/privacy/66-ways-to-protect-your-privacy-right-now/

  • Everything starts with fresh install. The bloatware just sickens me.
  • I patch, harden and lock-down all my gear so that there is as little as possible attack surface to go after.
  • I use full disk encryption together with strong password protection.
  • I backup, backup my backups and locate the backups of my backup-ed backups somewhere else than my home (did I already say about encrypting your backups?).
  • I keep a record of my family’s gear, encryption keys and backups; nobody remembers this by heart.
  • I am wary of what networks I connect my devices with.
“Ask Me Anything” session on reddit
https://www.reddit.com/r/IAmA/comments/55t3ci/im_erka_koivunen_a_finnish_cybersecurity_expert/

EFF's Top 12 Ways to Protect Your Online Privacy
https://www.eff.org/wp/effs-top-12-ways-protect-your-online-privacy

https://cdt.org/blog/10-tips-for-protecting-your-digital-privacy/

https://www.theguardian.com/technology/2016/jul/03/online-security-measures-digital-privacy-guide

Digital self-defense
https://en.wikipedia.org/wiki/Digital_self-defense
Edit - bits and pieces I've shared here I've found across the web but, express my sentiment in part or as a whole of their line or paragraph. It is not from one source and some I've added to it contents.
EDIT-UPDATE 10/07/16

With rising concerns about identity theft and hacking in today’s data-driven world, it is important to know where security risks lie that might not be obvious. Internet-of-Things (IoTs), from coffee makers that are programmed to turn on when the user wakes up, to children’s toys that can connect to the Internet, have allowed certain features that have consumers saying, “how cool!”

But these Internet-connected devices usually require entering personal information about your home address, phone number, birthdate and more to set up your account and enable the WiFi connection. These “cool” features create a cause for concern as it provides a new way for hackers to access your personal information and identity.

A recent article by ABC Chicago covered the risks of having Internet-connected devices without secure passwords. Not only can other devices be easily hacked through the wireless connection after accessing one device, but the cameras in these devices can be used to spy on the user’s home–an even more frightening thought, especially for families with kids who may have WiFi-enabled toys.

Imagine a thief having a key to your bicycle lock, which then allowed them to access your car key, garage passcode and the key to your home. Soon they would have complete access to learn as much about you as possible and steal your information. This is effectively what can happen on a digital scale through IoTs if you do not use secure passwords. With new gadgets in your home after the holidays, now is a great time to make sure that your home is more secure by protecting your online identity.

Aside from hackers who want access to your personal information, marketers and retailers want to be able to read our habits across devices to discover more about us. Computers and location-tracking features are being added to many devices, from heart rate monitors and other health devices to cars and even newer model refrigerators.

Homeowners can access their home security systems and electricity via their Smartphones, and all of these devices require entering personal information into the account. While it is not illegal for them to conduct this cross-device tracking, you can safeguard your identity as much as possible by using a password manager and using a software to masked credit cards and email addresses to protect your private information.

This does not mean that you should throw away your computer and completely get off the grid. Many IoTs do provide useful features, and it is nearly impossible to work or live in the modern world without technology and a release of some of your information. This is a reminder to be proactive and stay as secure as possible by limiting tracking and creating strong, unique passwords for each account.

https://www.abine.com/blog/2016/the-internet-of-things-aka-the-interest-of-thieves/
Gass
 
Last edited:

Gass

Member
When browsing the web in the incognito mode your history is not recorded. Moreover, after closing a window, all cookies collected during your activity are automatically removed.

This stops browsers like Chrome or Firefox from recording your data, but your router, operating system, and websites themselves will record data on your presence anyway. The alternative is to use a VPN (virtual private network). It secures your browsing data through encryption, ensuring that your browsing activity, download history, and even IP address is not shared with third parties.

The use suggests a VPNs (virtual private network) will allow you to browse the web incognito. But let’s be clear about what VPNs do and don’t do. VPNs allow you to surf the internet from an assumed location. They’re great if you want to watch content you can’t access in your country, or to conceal your ISP from hackers or government spies. But your VPN provider will still be able to see everything you are doing so effectively your only moving from your ISP watching you to your VPN provider watching you. Incognito? Not really.

You also need to look at the legislation of the country your VPN provider is located in. In the UK for instance, there are data protection laws that protect you and that your ISP has to comply with. If you pick a VPN provider in a country without a strong legal framework you may be doing yourself more harm than good.

If you can’t understand what a product does, how can you be sure it is trustworthy? Only in a products transparency to the user does it give us an answer here.

According to a recent global study by Microsoft, most cyber surfers “still don’t feel they are completely aware of the information that’s being collected about them.” According to Robin Wilton, identity and privacy director for the Internet Society, every day businesses are finding new ways to use this collected intel.
The cyber data collection includes:
•Authorized collection or active data traces– Data you provide by consent when you register with a Website, such as name, email, phone number and preferences.
•Unauthorized collection or passive data traces – Data taken without your explicit knowledge or consent from your computer and browsing history, location specific data, search keywords and use of smart television.

Digital Footprints and Privacy Concerns:
It is too difficult to give exact statistics on the amount of data people leave, but confirmed every time we perform an online action, we are contributing to our digital footprint. Out digital footprint are more public than we would ever imagine.” – Rob Livingstone, IT Consultant

Digital footprints (aka cyber shadow or digital shadow) are the trail and traces on the Internet that we leave behind us as a result of our Web activities. Web sites collect information as you use them, with or without the knowledge of the user. Anytime a user visits and enters data into a Web site they should be aware that the data they enter could be stored, shared or used by the Web site. The data can be anything from surfing Webpages, phone calls, online shopping, updates and uploads on Facebook, Twitter, emails, to word searches on search engines such as Google, Bing and Yahoo. In the cyber world, everything we do, places we visit, and online contents that we read and write are in some way stored and can be traced back to find the activities of the individual.

This information is used for targeting individuals for services and products. It opens up a lot of doors for researching any individual’s backgrounds, characters, interests, activities, behaviors, likes and dislikes. From the perspective of a company, it is going to help them in targeted advertisements, recommendation engines, and to increase their customer base. But unfortunately, hackers and cyber criminals are taking advantage of the same trend. They can access personal and private information of an individual if they are not careful, which eventually leads to identity theft and loss of money.

Cyberpsychology:
The amount of time we spend online increases every year, and more information about us appears on the Web each time. In this digital era of a technology-dependent community, we have created two personalities of our own now.
They can be differentiated as follows:
1.Online or digital personality
2.Offline personality

This differentiation has created a study of its own, termed as ‘Cyberpsychology‘. It is the study of human mind and its behavior in the context of human interaction and communication of both man and computer. It’s about online identity, online relationships, personality types on cyberspace and digital addictions. A person’s real world attitude and behavior may not be the same on the Web.

Though digital psychology is a relatively new discipline, many organizations have started adopting these techniques to influence customer behavior and increase online sales.

The idea that nothing online is real and therefore nothing you do there “counts” is a fallacy. The self-deception is made much easier by hackers because they never have to see the faces or hear voices of their victim. Cyberstalkers and cyber bullying are also increasing drastically. Kids and teenagers are especially subject to social consequences from their digital footprints. Some don’t realize that posts that they put on social media sites are there for everyone to see and that they are there indefinitely. Other people can post inappropriate pictures and other negative posts about them that lead to embarrassment or even worse.

Along with seeing what you post on social media sites, such as comments and pictures, your digital footprint can help a prospective employer validate your resume and find out other information about you. This means that you want your footprint to be clean and truthful.

Hackers can steal your money using your digital footprints:
Most common Internet users are not aware of the extent of such issues. Imagine that with just one email, hackers can target or remotely control our systems. The IP address can be tracked from the header of the email IDs. There are various IP address locators available where one can get information about the ISP address to which the particular IP address belongs. Some additional information may be available that indicates the general area that an IP address might reside in. It is not necessary to hide yourself on the Internet; indeed this would be almost impossible. But it is wise to be careful about how you appear online, and to be conscious at all times of how you protect your online reputation.

You can also deliberately set about creating a positive online image. Identify how you want people to see you, now and in the future, and shape your online profile to reflect this. Publish photographs and blogs that present you in a good light and illustrate your values, skills, talents, interests, hobbies, and experiences. Our Internet activities are a cloud of data scattered on servers that are beyond our control. Our digital profiles are regularly bought and sold without our permission.

The trading of personal data by organized criminal gangs which is then used to commit fraud against individuals and corporate organizations has become one of the fastest growing crimes in the world. In the early days of identity fraud, concerns were focused on criminals gathering personal data through techniques including raiding bins, trading stolen passports and online phishing. Times have now changed, and although there are still methods through which personal data can be collected, people are now living their lives more mobile and online and leaving an increased digital footprint behind them. As a consequence, the main and wider threat now comes from two main sources:
•Spyware – Malware being placed on PCs and laptops, silently collecting data and feeding it back to criminals.
•Cyber Espionage – Hacking into major institutional databases, collecting thousands and sometimes millions of data records at a time.

These methods help criminals to build massive databases, slowly building up individual data profiles until they have enough information to successfully apply for financial credit under someone’s identity or via a fake identity. While 2014 was “The Year of Data Breach”, 2015 was off to a fast start with several prominent data breaches. As per statistics gathered by Breach Level Index, there were more than 2 million records per day that were breached in the year 2014, which means 32 records were breached each second.

Colin Holder, Director of Identity Intelligence, explains:
“Knowing the habits of these criminal data traders, how they interact and the methods through which they transact is the key to intercepting data that will at some point be used to commit fraud. Over the past 7 years we have been monitoring this criminal activity and have built up a database of over 500 million compromised data records, all of which have been, are currently or will be used to commit fraudulent transactions.”

In recent years, consumers have been presented with Identity Theft Protection products that allow monitoring of credit reports to help them detect if their personal data is being used to create additional lines of credit for criminal use. However, the problem of data trading does not just create problems in credit line applications. The growing issue is the build up of hundreds of millions of personal data records being traded over and over again that can enable someone to take over many other aspects of an individual’s life. As we live more of our lives via technology, sharing more data online through PCs and smartphones, these risks are set to compound.

Rosemary O’Neil, Privacy Product Innovation Manager at Assurant Solutions says:
“We face a growing problem and constant battle to stay as close to the shadow economy as we can. The best form of personal defense against this problem is early detection of your data having been compromised and then support in understanding what to do about it. The breadth of intelligence that is required just to keep up with the criminals is immense.”
Create a healthy digital footprint:
Inputs to digital footprint include location, time, search results and keywords, content created and consumed, and digital activity and data from server and from the user’s social crowd. Some data can come from deep data extraction and Internet data, such as footprinting. While a digital footprint can be used to infer personal information without their knowledge, it also exposes an individual’s private psychological sphere into the social sphere.

The most effective way to control your active digital footprint is to be careful about the information you share online, the platforms where you share the information (a Web forum, an email, a social network), and who you share information with (public, friends and family, an individual). Be particularly careful about publicly sharing any personal information.

User awareness:
As our digital lives continue to evolve, so will the ways in which we leave tracks through cyber space. Taking steps to manage you digital footprint can help ensure cyber criminals never pick up your trail.

If you use social networking sites such as Facebook, Twitter and LinkedIn, or regularly post photos, videos, blogs and comments, make sure to manage your contributions carefully, since much of the information stored online becomes public by default. Unless you change your privacy settings, your social network pages will come up on a Web search. Anyone who finds out enough about you could potentially impersonate you, so be careful about the personal information you make publicly available. Potential employers have also been known to reject applicants on the basis of information discovered online.

User awareness and employee training about digital footprints will help people to know how data about them are collected and shared. For example, a persistent browser based cookie can be easily detected and deleted by a user. But a new type of browser cookie called super cookie is designed to permanently store data on a user’s computer. These are more difficult for the users to detect and delete. They can contain any information from browser history to ad-targeting data.

The digital world has become a very integral part of our life. Properly analyzing each data and word that we share online will help to frame our personality and individuality.
---------------------------------------------------------

References

A new era in protecting your digital footprint
http://www.assurantsolutions.co.uk/A-new-era-in-protecting-your-digital-footprint.html

Concerned About Your Digital Privacy? You Should Be
http://www.popularmechanics.com/technology/security/how-to/a12895/why-you-should-be-concerned-about-your-digital-privacy/

Steps towards tracking and managing your digital footprint
http://www.idt911.ca/KnowledgeCenter/Articles/ArticleDetail.aspx?a={5162210D-25A0-4B76-83B9-FA90F00588CF}

Digital Footprint
http://digitallearn.org/sites/default/files/cop/Your Digital Footprint.pdf

How people spend their time online
http://designtaxi.com/news/359162/Infographic-How-People-Spend-Their-Time-Online/?interstital_shown=1

Parts of this post was from - SOURCE: http://resources.infosecinstitute.com/digital-footprints-privacy-concerns/
 
Last edited:

Gass

Member
Using Incognito Mode for Privacy? - Browser addons? - A VPN? - think it helps?

You're tracked by Google, by your ISP, your Government and hundreds of Data Collectors while in the incognito or other private browsing modes. Your browsing history is easily accessible (via your DNS cache) upon incognito window being closed.

Behind a VPN, your real IP address can leak through certain types of WebRTC calls. Even if your IP address is hidden, tens of thousands of websites use fingerprinting techniques such as accessing image canvas data to track you.
EDIT: 10-13-2016 / Just learnt of this about CHAT,
if you are chatting with someone and you/them have Wireshark running - you/them all that have to be done is to search UDP in a bar and it will give you/them the IP of the person on the other end of the conversation you/them are chatting with.

Just a heads up warning - it didn't give anymore details but, it was about popular social sites, to me this means all of the forms in all the chat capable mediums installed or online - yes Skype too. See "Shared IP" below in Quoted area...
Searching for keywords like - wireshark, chat, ip leak, might give more info. on it. Then I would understand that in all platforms of wireshark or similar/like programs are installed on could be as intrusive to your/their IP information. https://www.wireshark.org/
See Third-Party Packages at - https://www.wireshark.org/download.html
An Internet Protocol Address (IP Address) is a numerical label that is given to every device as a way to identify it on a given network. Your computer, smartphone, Laptop, PS3 are all given an IP address the moment you connect to the internet.

Shared IP – This is the popular and anonymous option for most VPN service users. With shared IP VPN’s, you are assigned multiple static, shared IP’s that are being used by hundreds (or thousands) of clients simultaneously. Because the same IP is being shared by such a large pool of users, it in turn offers more anonymity for the end user.

Browser addons that blocks in the fingerprinting scripts and functions like image canvas data access to protect you, in reality there is no combination of settings - changes and browser addons which provides the same level in protection of an all-in-one instance to your system from an application and then of running multiple instances in protection can break the web for you.
As well, any browser addon you've added has access to your entire browsing and search history and while many may protect you from some trackers, they often collect and sell your data to others - so your browser addons may be reducing your privacy and in some ways your systems security rather than enhancing it.
Many free apps and services come with a hidden cost: user data is sold to advertisers, if you don’t have to buy the commodity, then in all likelihood you are then their commodity as a free user.

On close of your Browser - is there no easily accessible record of your browsing history left on your computer. Are you sure? What about via your DNS cache?

Over 80% of websites use one or more tracking tools. There are found an average of six per website with that number rising to a dozen or more on larger websites.
http://blogs.wsj.com/wtk/

The $100+ billion dollar advertising industry, even a one percent additional yield means an extra billion dollars a year in revenues for advertisers, thus the massive incentive to track you and show you more personalized and intrusive ads.
Over a year of your browsing it can work out to hundreds of thousands of bits of data about you that's collected.

Many techniques are used to track you when you're online, you can block as many tracking methods as possible without "breaking the internet", and much of what can be blocked speeds up your browsing experience. Although one site may work and yet another may not, this makes finding a happy medium hard without experimenting and having just one application to fill this need.

Companies Track You via Several Methods:
Cookies - Evercookies - IP address - Flash cookies - HTML 5 storage - Fingerprinting.

Though you can handle cookies for the most part is why Fingerprinting has evolved and continues to do so just look at these methods,
1.UserAgent - 2.Language - 3.Color Depth - 4.Screen Resolution - 5.Timezone - 6.Has session storage or not - 7.Has local storage or not
8.Has indexed DB - 9.Has IE specific 'AddBehavior' - 10.Has open DB - 11.CPU class -12.Platform - 13.DoNotTrack or not
14.Full list of installed fonts (maintaining their order, which increases the entropy), implemented with Flash.
15.A list of installed fonts, detected with JS/CSS (side-channel technique) - can detect up to 500 installed fonts without flash
16.Canvas fingerprinting - 17.WebGL fingerprinting - 18.Plugins (IE included) - 19.Is AdBlock installed or not
20.Has the user tampered with its languages 1 21.Has the user tampered with its screen resolution 1
22.Has the user tampered with its OS 1 - 23.Has the user tampered with its browser 1
24.Touch screen detection and capabilities - 25.Pixel Ratio
This is not all just the ones mostly widely used of the bigger Web sites.
From the perspective of hundreds of ad & data collection technics - to these companies, you are their Product (your data), waiting to be sold to advertisers.

"Personally identifiable data from the online world is merged with personally identifiable information from the offline world, everyday," says the head of global privacy and public policy at Acxiom, a leading data collection firm to The New York Times.

Your age, race, sex, weight, height, marital status, education level, politics, buying habits, household wealth, health issues, vacation dreams, search queries and other personal details are collected and sold by data aggregators millions of times every second on ad exchanges.

“Your information can be stored, analyzed, indexed and sold as a commodity to data brokers who in turn might sell it to advertisers, employers, health insurers or credit rating agencies .” - The New York Times
“[Data collected through your browsing can determine] whether you can obtain a job, credit or insurance.” - The New York Times
"Websites Vary Prices, Deals Based on Users' Information...A Wall Street Journal investigation identified several companies including Staples...and Home Depot, that were consistently adjusting prices.”

You would never let anyone stalk you in real life.
Imagine hundreds of people following you around your work, your home, at stores with a notebook, writing down everything you do!!!

"Online Surveillance leads to Self-Surveillance and Self-Censorship." - The Washington Post
Without privacy, we lose our freedom of thought and exploration. When you know you're under surveillance, you are less likely to explore controversial topics or share minority opinions. Recent studies have found writers and those with minority views are already engaging in self-censorship after learning of the extent of governmental online surveillance.

No web browser can be considered fully secure, i.e. security is always relative rather than absolute.
Are people are just fooling themselves in anything they try and can do? Free or Paid...

Most of this from the
Nearly One-Third Of Americans Hide Information Online
http://www.npr.org/sections/alltechconsidered/2015/03/16/393337446/pew-nearly-one-third-of-americans-hiding-information-online?snowingthem=
Tech Support Scams use new Tricks to Hold Browsers Hostage
http://www.bleepingcomputer.com/news/security/tech-support-scams-use-new-tricks-to-hold-browsers-hostage/
Web2Web: Serverless Websites
https://torrentfreak.com/web2web-serverless-websites-powered-by-torrents-bitcoin-161008/
IoT devices hacks will increase in the near future. The biggest DDoS attack powered by 150,000 hacked IoT devices.
https://blog.360totalsecurity.com/en/biggest-ddos-attack-powered-150000-hacked-iot-devices/
The best 8 secure browsers 2016
This opened my eye's to some I've never herd of and some I think shouldn't of made the list.
http://www.techworld.com/security/best-8-secure-browsers-2016-3246550/

Gass :D
 
Last edited:

Gass

Member
Short version - points of interests...
This is from only one site on their privacy policy: Note these Words ! - Words ! - both colors

Any other online products or websites that we own (our "sites") and mobile applications (our "apps"), we collect information about you and use it to facilitate and improve our services. Information about you may also be shared with other companies. For instance, companies engaged in "targeted" or "behavioral" advertising present ads that might be of interest to you based on information about your online activities. We want to be clear about how information about you may be used and what your privacy options are.

Information we collect:

Information collected automatically: When you visit our sites and use our apps, we automatically collect and store information about your computer or mobile device and your activities.

This information includes:
-Your computer's IP address
-Technical information about your computer or mobile device (such as type of device, web browser or operating system)
-Your preferences and settings (time zone, language, etc.)
-Your mobile device's unique ID number
-Your mobile device's geographic location (specific geographic location if you've enabled collection of that information, or general geographic location automatically)
-The URL of the last web page you visited before coming to one of our sites
-The words you have looked up and results you selected
-The ads you clicked on
-How long you visited our sites or used our apps and which services and features you used


How we use your information
We use your information to provide and improve our services, customize services for you (such as by remembering your preferences), make special offers (like sweepstakes), better understand our users,
diagnose and fix problems, and sell and display ads that may be relevant to you.

Use of your information by other companies:

We share user information with other companies for various reasons. What information we make available to other companies depends on the nature of our relationships with them. We generally require these other companies to keep our users' information confidential.

Advertisers:

Advertisers and advertising networks use tracking technologies to collect information about users' computers or mobile devices and their online activities (for example, web pages visited and searches made) as well as general geographic location and use that information to display targeted ads to users. We sometimes allow these ad companies to collect such information when you use our sites and apps to enable them to display targeted ads to you.

Analytics Companies:
We allow analytics companies to use tracking technologies to collect information about our users' computers or mobile devices and their online activities. These companies analyze this information to help us understand how our sites and apps are being used. Certain versions of our App have an "Opt out of Tracking" setting, which permits you to opt out of being tracked by third party analytics companies.

What we don't share: We do not provide ad companies or analytics companies with your name, address, email address, phone number, or credit card information.

Tracking technologies:

We, as well as other companies, use tracking technologies to collect and store data about your computer or mobile device and your activities on our sites and apps.
By using our site and products, you give us EXPLICIT CONSENT to place cookies and other tracking technology on your computer or mobile device.

Cookies:
When you visit our sites, we place "cookies" (small text files) on your computer to recognize you.

Pixel tags:
We embed pixel tags (also called web beacons or clear GIFs) on web pages, ads, and emails. These tiny, invisible graphics are used to access cookies and track user activities (such as how many times a page is viewed). Ad companies use pixel tags to measure the number of ads displayed and their performance (such as how many people clicked on an ad).

Mobile Device IDs:
If you're using an app, we use mobile device IDs (the unique identifier assigned to a device by the manufacturer), instead of cookies, to recognize you.
Unlike cookies, device IDs cannot be deleted. Ad companies use device IDs to track your use of the app, track the number of ads displayed, measure ad performance and display ads that are more relevant to you. Analytics companies use device IDs to track information about app usage.

--- --- --- --- --- --- --- --- --- --- --- --- --- --- ---
Do your services completely hide my online activity?

VPN services will hide your online activity from your ISP and prevent web sites and email recipients from knowing your true IP address. Because many users share the VPN IP address, web sites can't tell the difference between your data and someone else's. The more people sharing the same VPN server and IP address, the more randomized the data becomes. The VPN is an important tool in maintaining your security and privacy. This will prevent data mining, many hacking attempts, and profiling for any legitimate purpose for which you use the Internet. Scramble servers go an extra step and hide the VPN header from your ISP.

Government agencies in countries around the world have been known to plant cookies and even malware on unsuspecting users in order to record data. Web site operators and search engines use many techniques to try and follow you across the internet. You must be aware of all of these methods and guard against them as well:

•Follow these steps to keep your browser from reporting your activity to web sites you visit and otherwise link to you, and to clear history and cookies.

• Do not use proprietary browsers tied to search engines or search engine tool bars. The only reason they offer this stuff is to make it easy to track in everything you do.

•Install Bleach Bit on all your computers and use it at least daily for basic cleaning.

• Don't log into web sites with a user name and password if you don't absolutely have to.
If you do log into a web site, close your browser to clear all history and cookies before going elsewhere.

• Only use your main email account to communicate with people you trust.

•When shopping or signing on to web sites, get a throw away email account and change it often.

•Private browsing, incognito and similar browser settings do not hide anything and will not protect you from being tracked. Using this makes you think you've accomplished something and makes you feel safe. In reality it hasn't changed anything.

•The "Do Not Track" option promoted in recent browsers is useless. There is nothing that prevents a web site from tracking you based on this setting. It is another feel good option and nothing more.
--- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- ---

Hope this gives you some insight to a rather closed world of what sites are doing ! ! !
Thanks,
Gass :D
 
Last edited:

Gass

Member
Google some time back made some revisions to it's services, the revisions more explicitly spelled out the manner in which Google software scans users’ emails, both when messages are stored on Google’s servers and when they are in transit, a controversial practice that has been at the heart of litigation.

Email- When you use Gmail, Google's email service, the company scans the content of your emails and the email addresses of your correspondents. Google's Gmail system also scans your incoming emails, even the ones coming from Yahoo and Hotmail. If you feel safe because you've deleted emails you regretted sending, think again. Google never erases its own copies, even copies of the drafts you decided not to send – even copies of incomplete messages you didn't save as drafts.
And then there are those Google servers, which route the emails of thousands of companies that apparently don't mind running the risk that their emails will be scanned. So whether you use Gmail itself, write to someone who uses Gmail, or, in many cases, simply email, Google's gotcha.

Considering somewhat secure services like of Googles Gmail from the perspective of an outside online hacker wanting your information but, it still can be a compromised venture by using Google itself, in that raw personal information of data that's being passed on to their partners or retained by Google itself, even it's employees (disgruntle) none the least it can be as harmfully used by them for any of the profiling and data mining of a users information for any monetary benefits.

What do data brokers really know about us?
http://www.pbs.org/newshour/bb/data-brokers-really-know-us/
An entire industry has grown around buying all this information about our digital lives, combining it with information collected from websites like Google and Facebook, to produce the detailed information on your daily habits. This is happening at all levels now, from your ISP, OS, installed applications, metro apps, mobile apps to the websites one may visit, our Data is collected for harvesting our personal information, interests, habits, etc...

Web sites collect information as you use them, with or without the knowledge of the user. Anytime a user visits and enters data into a Web site they should be aware that the data they enter could be stored, shared or used by the Web site. The data can be anything from surfing Webpages, phone calls, online shopping, updates and uploads on Facebook, Twitter, emails, to word searches on search engines such as Google, Bing and Yahoo. In the cyber world, everything we do, places we visit, and online contents that we read and write are in some way stored and can be traced back to find the activities of the individual.

We should be at a point of some critical debates about the future of the Internet: the proper role of law enforcement, the character of ubiquitous surveillance, the collection and retention of our entire life's history, how automatic algorithms should judge us, government control over the Internet, cyberwar rules of engagement, national sovereignty on the Internet, limitations on the power of corporations over our data, the ramifications of information consumerism, and so on.

Consumer capitalism - Wikipedia
https://en.wikipedia.org/wiki/Consumer_capitalism

I've only touched on some information - so it's up to you to know the rest of the story.
Gass
 
Top