Privacy When Using the Internet
http://edu-observatory.org/olli/Privacy/index.html




HOW YOU ARE CONTINUOUSLY TRACKED VIA CELLULAR PHONES

  Your cellular devices are continuously connecting to cell
  towers ready to receive or initiate a phone call. A tower
  dump is the sharing of identifying information by a cell
  tower operator, which can be used to identify where a given
  individual was at a certain time. As mobile phone users
  move, their devices will connect to nearby cell towers in
  order to maintain a strong signal even while the phone is
  not actively in use. These towers record identifying
  information about cellphones connected to them which then
  can be used to track individuals.  This data exists back for 
  more than three decades.
   
  Any turned on cellular phone continuously reports its
    o EID (Embedded Identity Document) unique to eSIM card, or
    o ICCID (Integrated Circuit Card Identifier) unique to a 
      physical SIM card, and
    o IMEI (International Mobile Station Equipment Identity) 
      unique to physical device,
    o and more.  

NSA Can Reportedly Track Phones Even When They're Turned Off
  https://slate.com/technology/2013/07/nsa-can-reportedly-track-cellphones-even-when-they-re-turned-off.html

  To spy on phones when they are turned off, agencies would
  usually have to infect the handset with a Trojan that would
  force it to continue emitting a signal if the phone is in
  standby mode, unless the battery is removed. In most cases,
  when you turn your phone off-even if you do not remove the
  battery-it will stop communicating with nearby cell towers
  and can be traced only to the location it was in when it was
  powered down.

"It's Worse Than We Thought" | Edward Snowden  (11+ min)
  https://www.youtube.com/watch?v=TGzikHRumSY



YOUR BROWSER (AND IP ADDRESS) CAN IDENTIFY YOU

  Every device that connects to the internet, whether at home
  or out and about, has an unique IP (Internet Protocol)
  address. That address is known by your ISP (Internet Service
  Provider) at home, your Cellular Carrier, or the providers
  of Wi-Fi networks you connect to in public.  
  
  See what your browser reveals every time you connect to a 
  website. 
    https://centralops.net/asp/co/BrowserMirror.vbs.asp
  Browser Fingerprinting
    https://coveryourtracks.eff.org/learn
  
  
  
GIVING AWAY INFORMATION ON SOCIAL MEDIA 

  You give away a tremendous amount of information about your
  location, activities and life. We are addicted an manipulated.
  
  Netflix Documentary Film: The Social Dilemma (2020)  (1h 34m)
    https://www.imdb.com/title/tt11464826/?ref_=fn_al_tt_1
    https://www.imdb.com/title/tt11464826/fullcredits/?ref_=tt_ql_cl
       
    Explores the dangerous human impact of social networking,
    with tech experts sounding the alarm on their own
    creations.

  You Tube - Talk: The Social Dilemma (2020)  (55 min)
    https://www.youtube.com/watch?v=iYVVgGWUKKg



SPYING ON YOU

  Major harvestors of information include: Google, Facebook,
  Amazon, and the NSA. Most harvesting takes place by our
  computers automatically running JavaScript code embedded in
  websites we browse.
  
  Things connected to the Internet (IoT). The Ring Doorbell
  and many home security devices, meant to protect you, are
  spying on you.  Alexa, etc. is always listening to you.  

  Fifteen (15) Ways Google Collects Your Private Info and Data
    https://www.quertime.com/article/15-ways-google-collects-your-private-info-and-data/
  Four (4) ways Google is destroying privacy
    https://www.salon.com/2014/02/05/4_ways_google_is_destroying_privacy_and_collecting_your_data_partner/

IF YOU CONTINUE TO USE GOOGLE, MANAGE YOUR GOOGLE ACCOUNT
  https://myaccount.google.com/privacycheckup
  https://myaccount.google.com/dashboard









REGAINING SOME PRIVACY - WHAT CAN YOU DO? USE A FARADAY BAG (Pretty Drastic) https://www.amazon.com/Faraday-Protector-Tuulin-Blocking-Blocker/dp/B07RSHRCSS https://www.amazon.com/Mission-Darkness-Non-Window-Faraday-Phones/dp/B01A7MACL2 RF Signal Blocking - 100% shielding of Wi-Fi (2.4 & 5GHz), Bluetooth, cell signals including 5G networks, GPS, RFID, and radio signals with 90dB average attenuation from low MHz all the way up to 40GHz. EMI, RFI, EMF radiation shielding. USE A VIRTUAL PRIVATE NETWORK (VPN) A VPN secures your device's internet connection to guarantee that all data you are sending and receiving is encrypted and secure from prying eyes, even from your ISP and reduces tracking by hiding your IP Address. Excellent VPN services: ExpressVPN, NordVPN. VPN Reviews from Top10VPN. USE PUBLIC DNS SERVICE OPTIONS Your DNS history can identify you, perhaps even better than tracking cookies. Default DNS services are provided by your Internet Service Provider (ISP) at home, your cellular provider, workplace, and all public Wi-Fi networks that you might use. Many are logging everything you do. Some are blocking websites. Public DNS (over TLS/HTTPS) service offer privacy and security. https://en.wikipedia.org/wiki/Public_recursive_name_server https://www.dnsperf.com/#!dns-resolvers 1. Set each computer to use Public DNS services. 2. Set your home Router to use Public DNS services. 3. Optionally set Smart phone Wi-Fi connections to use Public DNS services. Separate setup for each Wi-Fi network. SET A SECURE DEFAULT SEARCH ENGINE ON YOUR BROWSER Switching to a more secure, privacy focused search engine is another way to maintain better privacy while browsing the web. Most of the popular search engines rely on selling users advertisements to make money. Search engines like Startpage, and DuckDuckGo are funded by donations and search related advertising, not by harvesting and selling your information. DuckDuckGo does not track you https://DuckDuckGo.com Use Google without being tracked https://www.startpage.com HOW TO MANAGE COOKIES BY BROWSER https://www.cookiepro.com/knowledge/how-to-manage-cookies-by-browser/ Almost all modern browsers provide mechanisms for users to control how their computers handle cookies. This includes the ability to block cookies and prevent them from being loaded, as well as ways to delete the cookies already stored on their device. Website visitors are becoming more aware of the ways advertisers track them across websites. To combat this surveillance, popular web browsers are introducing new ways to protect the privacy of their users. Google Chrome, Safari, and Firefox have all announced big changes in 2020 that, when fully rolled out, should provide users with increased protection from tracking technologies. REGULARLY DELETE HISTORY AND WEBSITE DATA (includes cookies) Removing cookies and more. Wipe your computer of your browsing history, cookies, and other detritus. It won't solve the problem on its own, but it is almost essential to clear away the tools people can use to track you. ADGUARD (works on all computers and mobile devices) https://adguard.com/en/adguard-browser-extension/overview.html https://adguard.com/en/products.html AdGuard is the fastest and most lightweight ad blocking extension that effectively blocks all types of ads on all web pages! Choose AdGuard for the browser you use and get ad-free, fast and safe browsing. PRIVACY BADGER (from the Electronic Frontier Foundation) https://www.eff.org/privacybadger https://www.eff.org/privacybadger/faq#Will-you-be-supporting-any-other-browsers-besides-Chrome-/-Firefox-/-Opera https://ssd.eff.org/en/blog/privacy-badger-now-fights-more-sneaky-google-tracking Privacy Badger is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web. If an advertiser seems to be tracking you across multiple websites without your permission, Privacy Badger automatically blocks that advertiser from loading any more content in your browser. To the advertiser, it's like you suddenly disappeared. APPLE ICLOUD PRIVATE RELAY https://www.howtogeek.com/732978/what-is-apple-icloud/ iCloud Private Relay is Apple's biggest assault on advertisers and trackers. The service hides your IP address and Safari browsing activity from network providers and websites so that no one - including Apple can see who you are, where you are, or what sites you are visiting. The service protects your web traffic from prying eyes and spammers. Private Relay hides data from both the ISP and advertisers that aim to build your online profile. iCloud Private Relay is built right into iOS, iPadOS, and macOS. It will only work if you are an iCloud+ subscriber and you have it enabled from within your iCloud settings. TESTING PRIVACY EFF -- Is your browser safe against tracking? https://coveryourtracks.eff.org Browser Fingerprinting https://coveryourtracks.eff.org/learn Web Browser Cookie Forensics https://www.grc.com/cookies/forensics.htm Example of blocking trackers LIMITING LOCATION DATA EXPOSURE (NSA) https://media.defense.gov/2020/Aug/04/2002469874/-1/-/0/CSI_LIMITING_LOCATION_DATA_EXPOSURE_FINAL.PDF Different users accept different levels of risk regarding location tracking, but most users have some level of concern. The following general mitigations can be used for those with location sensitivities: o Disable location services settings on the device. o Disable radios when they are not actively in use: disable Bluetooth and turn off Wi-Fi if these capabilities are not needed. Use Airplane Mode when the device is not in use. Ensure Bluetooth and Wi-Fi are disabled when Airplane Mode is engaged. o Apps should be given as few permissions as possible: o Set privacy settings to ensure apps are not using or sharing location data. o Avoid using apps related to location if possible, since these apps inherently expose user location data. If used, location privacy/permission settings for such apps should be set to either not allow location data usage or, at most, allow location data usage only while using the app. Examples of apps that relate to location are maps, compasses, traffic apps, fitness apps, apps for finding local restaurants, and shopping apps. o Disable advertising permissions to the greatest extent possible: o Set privacy settings to limit ad tracking, noting that these restrictions are at the vendor's discretion. o Reset the advertising ID for the device on a regular basis. At a minimum, this should be on a weekly basis. MAKE SURE YOUR SMARTPHONE APPS AREN'T SPYING ON YOU https://phys.org/news/2018-01-smartphone-apps-spying.html The apps in question are mostly games. They seem harmless, but if you grant permission for those apps to use your phone's microphone, they can listen to your life through the phone-even when the app isn't being used. USES END-TO-END ENCRYPTION (EE2E) https://en.wikipedia.org/wiki/End-to-end_encryption End-to-end encryption (E2EE) is a system of communication where only the communicating users can read the messages. In principle, it prevents potential eavesdroppers - including telecom providers, Internet providers, and even the provider of the communication service - from being able to access the cryptographic keys needed to decrypt the conversation. Apple iMessage And Facetime & Privacy https://support.apple.com/en-us/HT209110 https://support.apple.com/en-us/HT204380 We designed iMessage and FaceTime to use end-to-end encryption, so there's no way for Apple to decrypt the content of your conversations when they are in transit between devices. Attachments you send over iMessage (such as photos or videos) are encrypted so that no one but the sender and receiver(s) can access them. However, if either of the Apple devices gets backed up to iCloud, undeleted iMessages can be decrypted by Apple. Signal - Secure Phone Calling & Text Messaging https://www.signal.org https://www.signal.org/download/macos/ https://apps.apple.com/us/app/signal-private-messenger/id874139669 Signal messages and calls are always end-to-end encrypted and painstakingly engineered to keep your communication safe. We can't read your messages or see your calls, and no one else can either. OUTBOUND FIREWALLS on computers -- Monitor all web traffic Best practices for configuring Windows Defender Firewall https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/best-practices-configuring LuLu (Outbound Firewall for macOS) -- Patrick Wardle https://objective-see.com/products/lulu.html https://objective-see.com SURVEILLANCE SELF-DEFENSE https://ssd.eff.org https://ssd.eff.org/module-categories/basics https://ssd.eff.org/module-categories/tool-guides HUMAN BEHAVIOR https://defensivecomputingchecklist.com http://edu-observatory.org/olli/HCS/Week1.html http://edu-observatory.org/olli/HCS/Week2.html GETTING HACKED (11+ min) https://www.youtube.com/watch?v=bjYhmX_OUQQ

RESOURCES ELECTRONIC FRONTIER FOUNDATION (EFF) https://www.eff.org https://ssd.eff.org/en/module/your-security-plan APPLE'S APPROACH TO PRIVACY https://www.apple.com/privacy/ https://www.apple.com/privacy/features/ https://www.apple.com/privacy/manage-your-privacy/

BOOK RECOMMEMDATIONS Permanent Record by Edward Snowden https://www.amazon.com/Permanent-Record-Edward-Snowden/dp/1250237238 https://www.youtube.com/watch?v=cihWEGNcuRU Edward Snowden, the man who risked everything to expose the US government's system of mass surveillance, reveals for the first time the story of his life, including how he helped to build that system and what motivated him to try to bring it down. In 2013, twenty-nine-year-old Edward Snowden shocked the world when he broke with the American intelligence establishment and revealed that the United States government was secretly pursuing the means to collect every single phone call, text message, and email. The result would be an unprecedented system of mass surveillance with the ability to pry into the private lives of every person on earth. Six years later, Snowden reveals for the very first time how he helped to build this system and why he was moved to expose it. Spanning the bucolic Beltway suburbs of his childhood and the clandestine CIA and NSA postings of his adulthood, Permanent Record is the extraordinary account of a bright young man who grew up online--a man who became a spy, a whistleblower, and, in exile, the Internet's conscience. Written with wit, grace, passion, and an unflinching candor, Permanent Record is a crucial memoir of our digital age and destined to be a classic. The Snowden Files: The Inside Story of the World's Most Wanted Man By Luke Harding https://www.amazon.com/Snowden-Files-Inside-Worlds-Wanted/dp/0804173524 Edward Snowden was a 29-year-old computer genius working for the National Security Agency when he shocked the world by exposing the near-universal mass surveillance programs of the United States government. His whistleblowing has shaken the leaders of nations worldwide, and generated a passionate public debate on the dangers of global monitoring and the threat to individual privacy. In a tour de force of investigative journalism that reads like a spy novel, award-winning Guardian reporter Luke Harding tells Snowden's astonishing story-from the day he left his glamorous girlfriend in Honolulu carrying a hard drive full of secrets, to the weeks of his secret-spilling in Hong Kong, to his battle for asylum and his exile in Moscow. For the first time, Harding brings together the many sources and strands of the story-touching on everything from concerns about domestic spying to the complicity of the tech sector-while also placing us in the room with Edward Snowden himself. The result is a gripping insider narrative-and a necessary and timely account of what is at stake for all of us in the new digital age. sam.wormley@gmail.com