Electronic Frontier Foundation’s Report Card on Companies Who Protect Your Privacy

Some do a good job. Others, not so much. AT&T, Verizon, Other Telco Providers Lag Behind Tech Industry in Protecting Users from Government Overreach, EFF Annual Survey Shows | Electronic Frontier Foundation

Online retail giant Amazon has been rated number one in customer service, yet it hasn’t made the public commitments to stand behind its users’ digital privacy that the rest of the industry has.

AT&T, Comcast, T-Mobile, and Verizon scored the lowest, each earning just one star. While they have adopted a number of industry best practices, like publishing transparency reports and requiring a warrant for content, they still need to commit to informing users before disclosing their data to the government and creating a public policy of requesting judicial review of all NSLs.

The full list can be found here.

Some Simple Steps Toward Online Privacy and Security

I value my privacy. That is one of the reasons I live where I do. (In the country) I don’t have nosy neighbors to deal with every day. My neighbors and I talk when there is a reason to do so.

I also value my online privacy. I don’t want to be a “product” for Google, or Facebook or whoever. So I do things to safeguard my privacy. Google tracks every search you make, back to you as an individual. Facebook tracks you even if you are not logged on to Facebook. (Every site that has a Facebook “Like” button is tracking you.) And they sell that information about you to other companies.

Google and Facebook – not to mention the CIA/NSA/FBI/EIEIO – want you to believe that privacy is impossible. That security is impossible. Because if you think it is impossible, or even just really hard, you won’t even bother to try to secure your technology. But it isn’t that hard to have decent privacy and security. And it isn’t just the .gov or the big corporations that want your information. Hackers are looking too.

So here is a list of things you can do. Some are easy to do; some are a bit harder. Some are free, while some cost a little. While the list isn’t in order of importance, or effect, the first 3 items on this list should take you less than 10 minutes – total. And you only have to do them once (or until you get a new computer or switch to a new browser.) The rest of the items are a bit more complex, but they are not impossible. Do one thing a day for a week. Or do one thing a week if they seem overly complicated. Even if you only do one thing a month, you will have much better security in a fairly short time. Do something.

  • Use a Search Engine That Doesn’t Track Every Query.

    There are a couple of alternatives to Google. And not Yahoo or Bing. (They aspire to be Google.) DuckDuckGo is the easiest (though you have to install an extension in Chrome to set it as your default search engine because Google REALLY doesn’t want you to have any options). Disconnect is another option. There are probably more choices to cut off the tracking of everything you do. I started using DuckDuckGo when Google stopped answering the queries I typed in and started answering what they THOUGHT I wanted to know. Also Google has a tendency to shortchange any site connected to firearms or the 2nd Amendment. (Which is a subject near and dear to my heart.) There are probably other subjects that Google is downplaying. (That said, I do use Google, Yahoo and Bing on occasion.)

  • Disable 3rd Party Cookies in Your Browser.

    This isn’t a fool-proof method, but the folks who write tracking software still complain about Apple’s Safari browser – it is the ONLY browser that ships with 3rd party cookies disabled by default. How to turn them off depends on which browser you use. But look under “settings” or “options” for something about content or privacy. The browsers have good help – mostly.

  • Install Privacy Protection Extensions in Your Browser.

    Privacy Badger from the EFF blocks all kinds of things that are stealing your info – and potentially loading Malware on your system. It is available for Gecko-based browsers (Firefox, Pale Moon, etc.) and Chromium-based browsers (Chrome, Opera, Vivaldi, etc.). I am not sure about Microsoft’s browsers or Safari.

    uBlock Origin (not uBlock, uBlockPlus, or any of the others) is a fairly efficient ad-blocker that will shut down tracking-based ads. And the potential spyware, etc. that can come along with ads. Available for Gecko and Chromium browsers as well as Microsoft’s Edge. (Some of these may be available for your mobile devices as well.)

  • Continue reading

Welcome to the Police State

Where the press does the bidding of the government (at the Dems in power), and your phone company spies for the .gov as well. AT&T reportedly spies on its customers for government cash

The Daily Beast is reporting that the telco has essentially turned itself into a spy-for-hire in the pay of the government. According to the piece, the company’s Project Hemisphere is providing warrantless surveillance, thanks to some legal gray areas, that score it millions of dollars from taxpayers.

And no one seems to care.

More Ways for Your Smartphone to Track Your Every Move

The super cookies the telecoms were using can now be (almost) replicated thanks to the W3C apis to give websites access to data that no website needs. How Your Smartphone Light Sensor Could Help Websites Track You

Does a website really need to access the amount and the red/green/blue character of the ambient light in your location? I wish someone at W3C would explain the use case.

Well it’s clear that the advertisers have a use case.

Tapping into this data, it will be possible to “profile, detect, recognize and track” users and their behavior, such as what time they usually work, what lighting conditions they prefer, and how frequently they are in their house or office, according to [Lukasz] Olejnik.

Not just advertisers who might be interested in that data.

I wish people would consider the security implications of things before running headlong off a cliff.

Already these APIs are in Firefox. Coming soon to Chrome and Opera (not sure if this means the APIs are being added to Chromium base, or if other Chromium browsers will be impacted). They may be coming to Safari as well.

You can eliminate this from Firefox by going to about:config and changing “device.sensors.enabled” to “false.”

The more recent results posted to twitter show these sensors being used (in the wild) in industrial espionage.

“Alexa, tell the Feds where the bodies are buried.”

More FBI Spying. The FBI Can Neither Confirm Nor Deny Wiretapping The Amazon Echo. Are you surprised? Then you haven’t been paying attention.

In many ways the Echo is a law enforcement dream. Imagine if you could go back in time and tell police that one day people would willingly put microphones in their own homes that, with a little hacking, could be heard from anywhere in the world 24/7.

And it isn’t clear that warrants are being obtained. Fourth Amendment? What is that?

Welcome to the Panoptican.

(The history of FBI hacking – which goes back farther than you may think – can be found at this link.)

Everybody Hates Feinstein and Burr’s Anti-encryption Bill

It will destroy a whole lot of things. Like any hope of security. Tech coalitions pen open letter to Burr and Feinstein over bill banning encryption | TechCrunch

The Venn Diagram tells the story.

It goes on to point out “unintended consequences” such as compromised security being compromised for bad actors as well as good, and also that any national attempt to hamper the operation of a global industry is foolish and bound to fail and, in failing, damage the reputation and economy of the U.S. (I’m paraphrasing).