Privacy When Using the Internet
http://edu-observatory.org/olli/Privacy/index.html




HOW YOU ARE CONTINUOUSLY TRACKED VIA CELLULAR PHONES

  Your cellular devices are continuously connecting to cell
  towers ready to receive or initiate a phone call. A tower
  dump is the sharing of identifying information by a cell
  tower operator, which can be used to identify where a given
  individual was at a certain time. As mobile phone users
  move, their devices will connect to nearby cell towers in
  order to maintain a strong signal even while the phone is
  not actively in use. These towers record identifying
  information about cellphones connected to them which then
  can be used to track individuals.  This data exists back for 
  more than three decades.
   
  Any turned on cellular phone continuously reports its
    o EID (Embedded Identity Document) unique to eSIM card, or
    o ICCID (Integrated Circuit Card Identifier) unique to a 
      physical SIM card, and
    o IMEI (International Mobile Station Equipment Identity) 
      unique to physical device,
    o and more.  

NSA Can Reportedly Track Phones Even When They’re Turned Off
  https://slate.com/technology/2013/07/nsa-can-reportedly-track-cellphones-even-when-they-re-turned-off.html

  To spy on phones when they are turned off, agencies would
  usually have to infect the handset with a Trojan that would
  force it to continue emitting a signal if the phone is in
  standby mode, unless the battery is removed. In most cases,
  when you turn your phone off—even if you do not remove the
  battery—it will stop communicating with nearby cell towers
  and can be traced only to the location it was in when it was
  powered down.

"It's Worse Than We Thought" | Edward Snowden  (11+ min)
  https://www.youtube.com/watch?v=0k9fE8PpIzs



YOUR BROWSER (AND IP ADDRESS) CAN IDENTIFY YOU

  Every device that connects to the internet, whether at home
  or out and about, has an unique IP (Internet Protocol)
  address. That address is known by your ISP (Internet Service
  Provider) at home, your Cellular Carrier, or the providers
  of Wi-Fi networks you connect to in public.  
  
  See what your browser reveals every time you connect to a 
  website. 
    https://centralops.net/asp/co/BrowserMirror.vbs.asp
  Browser Fingerprinting
    https://pixelprivacy.com/resources/browser-fingerprinting/
  
  
  
GIVING AWAY INFORMATION ON SOCIAL MEDIA 

  You give away a tremendous amount of information about your
  location, activities and life. Please watch the Documentary:
  The Social Dilemma (2020)
    https://www.imdb.com/title/tt11464826/
    https://www.youtube.com/watch?v=iYVVgGWUKKg
       
  Explores the dangerous human impact of social networking,
  with tech experts sounding the alarm on their own creations.



SPYING ON YOU

  Major harvestors of information include: Google, Facebook,
  Amazon, and the NSA. Most harvesting takes place by our
  computers automatically running JavaScript code embedded in
  websites we browse.
  
  Things connected to the Internet (IoT). The Ring Doorbell
  and many home security devices, meant to protect you, are
  spying on you.  Alexa, etc. is always listening to you.  

  Fifteen (15) Ways Google Collects Your Private Info and Data
    https://www.quertime.com/article/15-ways-google-collects-your-private-info-and-data/
  Four (4) ways Google is destroying privacy
    https://www.salon.com/2014/02/05/4_ways_google_is_destroying_privacy_and_collecting_your_data_partner/

IF YOU CONTINUE TO USE GOOGLE, MANAGE YOUR GOOGLE ACCOUNT
  https://myaccount.google.com/privacycheckup
  https://myaccount.google.com/dashboard









REGAINING SOME PRIVACY - WHAT CAN YOU DO? USE A FARADAY BAG (Pretty Drastic) https://www.amazon.com/Faraday-Protector-Tuulin-Blocking-Blocker/dp/B07RSHRCSS https://www.amazon.com/Mission-Darkness-Non-Window-Faraday-Phones/dp/B01A7MACL2 RF Signal Blocking - 100% shielding of Wi-Fi (2.4 & 5GHz), Bluetooth, cell signals including 5G networks, GPS, RFID, and radio signals with 90dB average attenuation from low MHz all the way up to 40GHz. EMI, RFI, EMF radiation shielding. USE A VIRTUAL PRIVATE NETWORK (VPN) A VPN secures your device's internet connection to guarantee that all data you are sending and receiving is encrypted and secure from prying eyes, even from your ISP and reduces tracking by hiding your IP Address. Excellent VPN services: ExpressVPN, NordVPN. VPN Reviews from Top10VPN. USE PUBLIC DNS SERVICE OPTIONS Your DNS history can identify you, perhaps even better than tracking cookies. The Domain Name Systems (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources. Each device connected to the Internet has a unique IP address which other machines use to find the device. DNS servers eliminate the need for humans to memorize IP addresses such as 192.168.1.1 (in IPv4), or more complex 2400:cb00:2048:1::c629:d7a2 (in IPv6). Default DNS services are provided by your Internet Service Provider (ISP) at home, your cellular provider, workplace, and all public Wi-Fi networks that you might use. Many are logging everything you do. Some are blocking websites. Public DNS (over TLS/HTTPS) service offer privacy and security. DNS resolvers can also be configured to provide security solutions for their end users (people browsing the Internet). Some DNS resolvers provide features such as content filtering, which can block sites known to distribute malware and spam, and botnet protection, which blocks communication with known botnets. Many of these secured DNS resolvers are free to use and a user can switch to one of these recursive DNS services by changing a single setting in their local router. Cloudflare DNS has an emphasis on security. https://www.cloudflare.com/learning/dns/what-is-dns/ https://www.cloudflare.com/learning/dns/what-is-1.1.1.1/ https://en.wikipedia.org/wiki/Public_recursive_name_server https://www.dnsperf.com/#!dns-resolvers USE A SECURE DEFAULT SEARCH ENGINE WITH YOUR BROWSER Switching to a more secure, privacy focused search engine is another way to maintain better privacy while browsing the web. Most of the popular search engines rely on selling users advertisements to make money. Search engines like Startpage, and DuckDuckGo are funded by donations and search related advertising, not by harvesting and selling your information. DuckDuckGo does not track you https://DuckDuckGo.com Use Google without being tracked https://www.startpage.com INCREASING PRIVACY ON ANY BROWSER Your search history can identify you, perhaps even better than tracking cookies. Private browsing is a privacy feature in most web browsers. When operating in such a mode, the browser creates a temporary session that is isolated from the browser's main session and user data. Browsing history is not saved, and local data associated with the session, such as cookies, are cleared when the session is closed. These modes are designed primarily to prevent data and history associated with a particular browsing session from persisting on the device, or being discovered by another user of the same device. How to Always Start Any Browser in Private Browsing Mode https://www.howtogeek.com/137466/how-to-always-start-any-browser-in-private-browsing-mode/ Turn Private Browsing on/off on your iPhone, iPad, or iPod touch https://support.apple.com/en-us/HT203036 If browsing privately is not an option, some of the tracking can be mitigated by disabling cookies. Cookies are little pieces of data that most websites use to store information on your browsing activity. HOW TO BLOCK COOKIES (EXCEPT FOR SITES YOU USE) IN ANY BROWSER https://www.howtogeek.com/63721/how-to-block-all-cookies-except-for-sites-you-use/ A cookie is simply a small file that a web site places on your computer to store information. The process itself is totally benign, and can even be helpful-cookies do useful things like store your shopping cart information between sessions, save you from the hassle of logging into a site every time you open and close your browser, and other helpful time savers. The ones that give cookies a bad name track users without their explicit knowledge and help advertisers (or other entities) build profiles of users. Many people want to limit the amount of information that is gathered about them, and do so by limiting the kind of cookies that their browser accepts and retains. REGULARLY DELETE HISTORY AND WEBSITE DATA (includes cookies) Removing cookies and more. Wipe your computer of your browsing history, cookies, and other detritus. It won't solve the problem on its own, but it is almost essential to clear away the tools people can use to track you. ADBLOCK PLUS (works on all computers and mobile devices) https://adblockplus.org/ Block ads that interrupt your browsing experience. Say goodbye to video ads, pop-ups, flashing banners and more. Blocking these annoyances means pages load faster. With Adblock Plus avoiding tracking and malware is easy. Blocking intrusive ads reduces the risk of "malvertising" infections. Blocking tracking stops companies following your online activity. BETTER BLOCKER (Excellent Safari content blocker) https://apps.apple.com/us/app/better-blocker/id1080964978 https://apps.apple.com/us/app/better-blocker/id1121192229?mt=12 Blocks all the tracking things. Better is a privacy tool for Safari that protects you from trackers and privacy-eroding ads on the web. Make your web experience safer, lighter, and faster in Safari on iPhone, iPad, and Mac. PRIVACY BADGER (from the Electronic Frontier Foundation) https://www.eff.org/privacybadger https://www.eff.org/privacybadger/faq#Will-you-be-supporting-any-other-browsers-besides-Chrome-/-Firefox-/-Opera https://ssd.eff.org/en/blog/privacy-badger-now-fights-more-sneaky-google-tracking Privacy Badger is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web. If an advertiser seems to be tracking you across multiple websites without your permission, Privacy Badger automatically blocks that advertiser from loading any more content in your browser. To the advertiser, it's like you suddenly disappeared. Tor BROSWSER (versions for all platforms) https://www.torproject.org/projects/torbrowser.html.en https://www.torproject.org/about/overview.html.en https://www.torproject.org/download/download The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked. Tor Browser lets you use Tor on Microsoft Windows, Apple macOS, or GNU/Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained (portable). TESTING PRIVACY EFF -- Is your browser safe against tracking? https://coveryourtracks.eff.orgg Browser Fingerprinting https://pixelprivacy.com/resources/browser-fingerprinting/ Web Browser Cookie Forensics https://www.grc.com/cookies/forensics.htm Example of blocking trackers LIMITING LOCATION DATA EXPOSURE (NSA) https://media.defense.gov/2020/Aug/04/2002469874/-1/-/0/CSI_LIMITING_LOCATION_DATA_EXPOSURE_FINAL.PDF Different users accept different levels of risk regarding location tracking, but most users have some level of concern. The following general mitigations can be used for those with location sensitivities: o Disable location services settings on the device. o Disable radios when they are not actively in use: disable BT and turn off Wi-Fi if these capabilities are not needed. Use Airplane Mode when the device is not in use. Ensure BT and Wi-Fi are disabled when Airplane Mode is engaged. o Apps should be given as few permissions as possible: o Set privacy settings to ensure apps are not using or sharing location data. o Avoid using apps related to location if possible, since these apps inherently expose user location data. If used, location privacy/permission settings for such apps should be set to either not allow location data usage or, at most, allow location data usage only while using the app. Examples of apps that relate to location are maps, compasses, traffic apps, fitness apps, apps for finding local restaurants, and shopping apps. o Disable advertising permissions to the greatest extent possible: o Set privacy settings to limit ad tracking, noting that these restrictions are at the vendor's discretion. o Reset the advertising ID for the device on a regular basis. At a minimum, this should be on a weekly basis. MAKE SURE YOUR SMARTPHONE APPS AREN'T SPYING ON YOU https://phys.org/news/2018-01-smartphone-apps-spying.html USES END-TO-END ENCRYPTION (EE2E) https://en.wikipedia.org/wiki/End-to-end_encryption Apple iMessage And Facetime & Privacy https://support.apple.com/en-us/HT209110 https://support.apple.com/en-us/HT204380 We designed iMessage and FaceTime to use end-to-end encryption, so there’s no way for Apple to decrypt the content of your conversations when they are in transit between devices. Attachments you send over iMessage (such as photos or videos) are encrypted so that no one but the sender and receiver(s) can access them. Signal - Secure Phone Calling & Text Messaging https://www.signal.org https://www.signal.org/download/macos/ https://apps.apple.com/us/app/signal-private-messenger/id874139669 Signal messages and calls are always end-to-end encrypted and painstakingly engineered to keep your communication safe. We can't read your messages or see your calls, and no one else can either. TAKING BACK OUR PRIVACY https://www.newyorker.com/magazine/2020/10/26/taking-back-our-privacy TOOL GUIDES https://ssd.eff.org/en/module-categories/tool-guides OUTBOUND FIREWALLS-- Monitor all web traffic ZoneAlarm (Outbound Firewall for MS Windows) http://www.zonealarm.com/security/en-us/zonealarm-pc-security-free-firewall.htm LuLu (Outbound Firewall for macOS) -- Patrick Wardle https://objective-see.com/products/lulu.html OBJECTIVE-SEE (for Mac users) https://objective-see.com SURVEILLANCE SELF-DEFENSE https://ssd.eff.org https://ssd.eff.org/module-categories/basics https://ssd.eff.org/module-categories/tool-guides HUMAN BEHAVIOR https://defensivecomputingchecklist.com http://edu-observatory.org/olli/HCS/Week1.html http://edu-observatory.org/olli/HCS/Week2.html GETTING HACKED (11+ min) https://www.youtube.com/watch?v=bjYhmX_OUQQ

RESOURCES ELECTRONIC FRONTIER FOUNDATION (EFF) https://www.eff.org https://ssd.eff.org/en/module/your-security-plan APPLE'S APPROACH TO PRIVACY https://www.apple.com/privacy/ https://www.apple.com/privacy/features/ https://www.apple.com/privacy/manage-your-privacy/

BOOK RECOMMEMDATIONS Permanent Record by Edward Snowden https://www.amazon.com/Permanent-Record-Edward-Snowden/dp/1250237238 Edward Snowden, the man who risked everything to expose the US government's system of mass surveillance, reveals for the first time the story of his life, including how he helped to build that system and what motivated him to try to bring it down. In 2013, twenty-nine-year-old Edward Snowden shocked the world when he broke with the American intelligence establishment and revealed that the United States government was secretly pursuing the means to collect every single phone call, text message, and email. The result would be an unprecedented system of mass surveillance with the ability to pry into the private lives of every person on earth. Six years later, Snowden reveals for the very first time how he helped to build this system and why he was moved to expose it. Spanning the bucolic Beltway suburbs of his childhood and the clandestine CIA and NSA postings of his adulthood, Permanent Record is the extraordinary account of a bright young man who grew up online--a man who became a spy, a whistleblower, and, in exile, the Internet's conscience. Written with wit, grace, passion, and an unflinching candor, Permanent Record is a crucial memoir of our digital age and destined to be a classic. The Snowden Files: The Inside Story of the World's Most Wanted Man By Luke Harding https://www.amazon.com/Snowden-Files-Inside-Worlds-Wanted/dp/0804173524 Edward Snowden was a 29-year-old computer genius working for the National Security Agency when he shocked the world by exposing the near-universal mass surveillance programs of the United States government. His whistleblowing has shaken the leaders of nations worldwide, and generated a passionate public debate on the dangers of global monitoring and the threat to individual privacy. In a tour de force of investigative journalism that reads like a spy novel, award-winning Guardian reporter Luke Harding tells Snowden's astonishing story-from the day he left his glamorous girlfriend in Honolulu carrying a hard drive full of secrets, to the weeks of his secret-spilling in Hong Kong, to his battle for asylum and his exile in Moscow. For the first time, Harding brings together the many sources and strands of the story-touching on everything from concerns about domestic spying to the complicity of the tech sector-while also placing us in the room with Edward Snowden himself. The result is a gripping insider narrative-and a necessary and timely account of what is at stake for all of us in the new digital age. sam.wormley@gmail.com