Press "Enter" to skip to content

Privacy & security roundup

Tips of hats to SC, MJR, H

15 Comments

  1. Kent McManigal
    Kent McManigal January 29, 2012 6:57 pm

    Of course, if your keystrokes are being logged, there is no necessity to break the password.

  2. Pat
    Pat January 30, 2012 12:31 am

    ~ Maybe there is something to “conspiracy theories” after all. World government,
    https://secure.wikimedia.org/wikipedia/en/wiki/World_government , here we come, if ACTA goes through. And we don’t know yet what particulars it encompasses.

    ~ If health insurance laws are passed, that’s one more Census question we need to take the 5th Amendment for — especially revealing if we have no insurance.

    ~ I had the same response as you from the internet invisibility test, with and without JavaScript. Is there no way to do without JavaScript?

    ~ Off topic: is anyone else bothered by the multitude of animations and pop-ups that constantly bombard the screen from various websites? I have Pop-ups turned off, but websites, as well as advertisers, have gotten around that by “popping up” whenever the mouse passes over an article or ad. The activity is a distraction to both eyes and concentration.

  3. Woody
    Woody January 30, 2012 6:51 am

    Claire,
    I am amazed and dismayed to discover that my proxy doesn’t mask my IP address as I was lead to believe it would. Do you have any insights into why that is, and any possible counter measures? Do you know if the VPN from our proxy service does any better?

  4. Steve
    Steve January 30, 2012 7:12 am

    Claire,

    I have both BetterPrivacy and Ghostery, even with cookies turned off they are getting a lot of info from me.

  5. R.L. Wurdack
    R.L. Wurdack January 30, 2012 8:35 am

    What happened to the Rutherford link?
    D.

  6. Claire
    Claire January 30, 2012 8:40 am

    R.L. — Nothing happened that I can see. The link works for me. Try again?

  7. Claire
    Claire January 30, 2012 8:45 am

    Woody — I assume you got the same result I did. The test “saw” what it was supposed to see (an IP address in Detroit or Chicago or Tokyo or some other non-you IP address). But then it “saw” an additional IP from your own ISP — which we’ve always been told could not be seen when using the proxy. And which in fact no other test has seen, that I know of.

    The VPN should take care of that. But then, so should the basic proxy service we’ve subscribed to!

    ADDED: By turning on JavaScript, we “allow” a lot of this to happen. Of course, if we don’t allow scripts, many perfectly innocent, useful sites become either partly or entirely non-functional. So that’s a dilemma.

  8. Claire
    Claire January 30, 2012 8:54 am

    Steve, correct me if I’m wrong, but I don’t believe BP, Ghostery, or cookie blocking hide your info from a site you visit. They’re all useful (and good for you), but not for that.

    Still … that site is seeing things it’s not supposed to be able to see, even with other protections. Definitely alarming.

  9. Pat
    Pat January 30, 2012 9:20 am

    In reading up on “VPN” I can’t see where it promises to do anything differently (or better) than Startpage with SSL or HTTPS does. And it has not delivered what I expected.

  10. Claire
    Claire January 30, 2012 11:33 am

    Oh yeah. And turn off JavaScript (get NoScript for Firefox, which lets you decide which sites you allow to run scripts).

  11. Pat
    Pat January 31, 2012 4:32 am

    NoScript works! Thanks. And my computer screen is much quieter now, audibly _and visibly_.

  12. Woody
    Woody January 31, 2012 5:26 am

    Pat,
    I just reinstalled NoScript after a hiatus of a year or so. It works but sometimes it makes it impossible to view content I want off of a web page. Trying to figure out which blocked script, or combination there of, is preventing a page feature (usually a video) from working can be impossible sometimes. Claire put the fear back in me with her post so I’m back to wrestling with it again. Hope your experience with it is better than mine.

  13. Pat
    Pat January 31, 2012 6:12 am

    Woody, I’ve found that to be true also, but so far (less than 24 hrs) I’ve had no trouble choosing my priorities. Often it’s curiosity, not necessity, that wants to read or see something, so I just forget it — or find a related article elsewhere.

  14. Claire
    Claire January 31, 2012 7:28 am

    Yeah, what Pat said. Woody, I’ve also had the experience you’re having. But overall I find that NoScript is so good at protecting my privacy, and gives such peace and quiet on the page, that I just accept that every once in a while something won’t work.

    For that, I keep a backup browser (Opera, in my case). When something doesn’t work on Firefox and I really, really want to access it, I open Opera temporarily.

    BTW, another reader heard back from Steve at Cotse who says (if I correctly interpret the tech-speak) that since the results we’re seeing on stayinvisible.com are produced by JavaScript, which runs on our own computers, some of the results may actually not be visible to the remote server, but only to us.

    Okayyyy … makes a certain amount of sense. But I’d rather know for sure that my privacy protection is working. IMHO, NoScript is the best of all the privacy tools I use.

  15. David
    David February 2, 2012 7:58 pm

    Hi Claire-

    Just a quick note. Protecting your privacy can take many forms, some of which are contradictory. NoScript is great, and I use it too, but if you’re not also using some service or device that prevents geolocation based on IP (and maybe even if you are) it may actually make you more _personally_ identifiable as opposed to hiding information on your computer…just because most people don’t use NoScript, so you stand out. If you’re personally identified on one site, it’s very easy for that information to be disseminated.

    For personal anonymity, I would actually recommend using a vanilla version of Internet Explorer, and I’d run that from a virtual machine (VMWare has a free version) running a recent (read “common”) version of Windows. The vm should be set not to save data from one session to the next (which is why I suggested VMWare–I actually prefer VirtualBox, but you have to manually make & return to a “snapshot” with it). That way you look like everybody else but cookies and such are automatically deleted every time you log off from your session.

    Then there’s the problem that subscribing to a service that purports to hide your identity/location is inherently risky. If you were an entity desiring to get information about people, specifically and preferentially including information those people want to hide from you, where would you start?

    To see just how dangerous NoScript can be, you can try this tool/project run by eff.org: https://panopticlick.eff.org/ (though you may be “unique” either way…).

    Tor, aka “the onion router,” is a great tool. But even that is more complex than it appears. It starts out dealing with PDF download issues, but if you’re somewhat technical, you may want to check this out: http://cryptome.org/0005/tor-opsec.htm (lots of useful data & links at the bottom).

    EFF has some good info about disk encryption, too, at https://ssd.eff.org/tech/disk-encryption (I mention this only because it’s not the panacea some folks seem to believe).

    Anyway, that turned out longer than I intended.

Leave a Reply