Threat model: You think that perhaps massive corporate data collection is an empire of oily rags which threatens democracy, or perhaps just leads to strangers knowing too much about your doctor apppointments and where your kids are, or indeed lets anyone find your who knows your number. You want to risk the amount of this ambient data to reduce predatory business behaviour towards you. You regard social media as the new pollution thw we have not yet regulated.
General hardening guides
vpn.ac has a nice basic list of basic privacy steps for browsing without leaking stuff through notoriously leaky apps.
Levelling up macOS by drduh, various UK NCSC guides, e.g ubuntu.
Which apps should I allow to use my voice?
None of the voice assistants can be trusted and PS Skype is spyware.
You don’t want large search businesses to know what you are searching for?
search engines in general
- Startpage repackages google search results AFAIK anonymously.
- duckduckgo is a search engine that repackages… Yahoo searches? They are also massive privacy advocates which is excellent although I would like to know more about them technically.
- disconnect anonymises other search engines from their servers
Advanced: run your own search anonymiser:
trackmenot is an interesting solution – it generates random bullshit search queries on your search engines to muddy your user profiling, much like noiszy, mentioned below, does for your news consumption.
Defeating browser trackers
You don’t feel like doing free market research for large multinationals, spilling your friends’ secrets, or facilitating Cambridge Analytica voter manipulation? Good-o, reducing that somewhat is easy.
I really need to tidy the info about these up a bit and explain, because they are so simple and so useful. However, they may be an endangered species.
- Firefox Multi user container makes separate mini-browsers for each social app so they each live in their own solipsist universe.
- Privacy badger is an open source non-profit low-configuration blocker of tracking advertisers
- Ghostery disables most of the social media spyware, although its a little opaque.
- ublock origin offers fancy script blocking for the obsessive compulsive.
- scriptsafe offers aggressive no frills script blocking.
- Fuzzify automates and monitors clicking on the “delete my ad data” button in facebook.
- HTTPS everywhere is vexing. Every browser should implement this functionality, of being secure by default instead of writing your passwords on the lawn in big letters anytime someone asks. That’s why it’s annoying that you have to install a plugin to make it work. And, worse, a horribly memory-hungry plugin. This is being gradually rendered irrelevant by HSTS; hopefully we can forget it soon.
- adblock plus
- torbrowser bundles all the ad-blocking conceivable, although it also makes browsing unpleasant and slow. There is some kind of lesson there, idk.
Left-field solution idea, make your browser do random stuff to hide what you are doing deliberately. Random noise generators attempts to make your browsing data useless to trackers, by making your browser visit lots of nonsense sites, confusing the paper trail.
Minimising tracking of your purchases
Whole other complicated story, TBD. I think worth doing. Consider what Amazon knows about you.
In addition to knowing what people buy, Amazon also knows where people live, because they provide delivery addresses, and which credit cards they use. It knows how old their children are from their baby registries, and who has a cold, right now, from cough syrup ordered for two-hour delivery. And the company has been expanding a self-service option for ad agencies and brands to take advantage of its data on shoppers.
Se social media if you must.
VPNs and encrypted networks
See VPNs etc.
A separate browser for every privacy suck
I use a Single-site browser to access Facebook because
- Otherwise Facebook would know even more about me than they do
- Facebook is a blackhole of timewaste that I don’t want to browse to by accident, so I should make it slightly more difficult for myself.
You can do this too, for social media, or for whatever other website you wish to.
- Epichrome (macOS): An application (Epichrome.app) and Chrome extension (Epichrome Helper) to create and use Chrome-based SSBs on Mac macOS. So, full Chrome, custom configuration. Here is a walk-through.
The Browser UI is very minimal, just a toolbar (with site tabs) that disappears in Full-Screen mode.
MacPin apps are shown in macOS’s Dock, App Switcher, and Launchpad.
Custom URL schemes can also be registered to launch a MacPin App from any other app on your Mac.
So, minimal browserlets.
Fluid.app (macOS). No longer recommended because it’s unmaintained and obsolescent. The free version doesn’t isolate your workspace. I reckon the paid version (USD5) would be well worth it if it were maintained.
- How To Turn Chrome or Firefox Into A Single-Site Browser.
- Making Firefox into a “Single-Site Browser”
- Create applications shortcuts in Google Chrome for Macs with a shell script
Doing various other things with a modicum of discretion
You need one. See passwords.
See transferring money.
See Synchronising files.
Other confidentiality-violating things
- Which android phones do not leave gaping unpatched security holes?. tl;dr – Google, LG, then everyone else.
- TODO: google tracking android devices
Running your own server? See secure web servers.
Internet of things
There is no reason you shoudl trust your internet of things devices not to be spyware.
You should be approximately aware of the nasty things that people can and will do to your computer. Don’t do them yourself.
Getting old school
Academic stuff to read to stay paranoid
Yes, that’s right, deducing your password by listening to your computer. But it gets worse:
Beyond acoustics, we demonstrate that a similar low-bandwidth attack can be performed by measuring the electric potential of a computer chassis. A suitably-equipped attacker need merely touch the target computer with his bare hand, or get the required leakage information from the ground wires at the remote end of VGA, USB or Ethernet cables.
Maybe don’t read this if you are working on reducing your background paranoia.
Roth, A. (2014). The Algorithmic Foundations of Differential Privacy. Now Publishers. Online.
The mathematical foundations of doing stuff privately. I hope someone else is reading this so that I don’t have to.
Sarigol, E., Garcia, D., & Schweitzer, F. (2014). Online Privacy as a Collective Phenomenon. arXiv:1409.6197 [cs]. Online.
Your friends have already disclosed secrets about you by disclosing they know you on social media, secrets that will be further disseminated by random grad students in Switzerland when the social media company you entrusted with this information goes bust.