Who's Tracking You, and Do You Mind?

[BuckNekkid]

There is a way to somewhat mitigate the under-the-covers tracking that happens each and every day one is online: Go to https://someonewhocares.org/hosts/ and download the (constantly updated) hosts file there. Replace your namby-pamby hosts file that does nothing for you, and all of a sudden, most of those 'bots who like to "phone home" without your knowing about it, will die an unmourned death. Dan Pollock, who owns the site, explains how it works.

 

[imwjl]

It's a big difference between my pervy neighbor spying on my daughter sunbathing with a drone and XYZ country doing it from a satellite in space!






So many companies/governments/schools etc can't manage to get security right. It's hard to expect the average consumer that posts things like "How early should I leave to get to the airport" on facebook to understand digging into all the documentation.


"Agree to the terms?" Yes, please!!

It's easy for my poor hearing to know a common drone is close enough to possibly get a better view than most of our eyes, but I get your point.

For the rest, my mind was at Home version of Windows automatically pushing the critical updates. Security can't be perfect and the evolution of the Microsoft products actually help the daft achieve better security, and at a high level it is not that much than how Apple and Google achieve it. The reduction of compromised systems has benefited all of us.

It is terrible. They pop up ads that you cannot shut off when you open the internal (computer) search window. As if Microsoft isn’t making enough money with the sw and cloud services alone.

I'm sorry, but unless I really misunderstand, that is willful ignorance. Except for Home version getting critical updates pushed, that's the main push difference. The right in front of your face initial setup choices are an easy few options for privacy and tracking matters. Pop up ads after that come from user choices or user being daft. There is also how price point or department store craptops vs laptops can have pre-installed software. If you buy your license from Microsoft or first tier products you don't get that crap.

Beyond that, we have free will and lots of choice. Google and Microsoft will show you more ads depending on your choices and what you care to pay for. As said, you can change that. Alternatives don't have that junk but Apple is in the ad business too. Ads also fund some popular open source products.

 

[Flat6Driver]

There is a way to somewhat mitigate the under-the-covers tracking that happens each and every day one is online: Go to https://someonewhocares.org/hosts/ and download the (constantly updated) hosts file there. Replace your namby-pamby hosts file that does nothing for you, and all of a sudden, most of those 'bots who like to "phone home" without your knowing about it, will die an unmourned death. Dan Pollock, who owns the site, explains how it works.

Yikes ..reading that list of pages to block. Yukko

 

[imwjl]

There is a way to somewhat mitigate the under-the-covers tracking that happens each and every day one is online: Go to https://someonewhocares.org/hosts/ and download the (constantly updated) hosts file there. Replace your namby-pamby hosts file that does nothing for you, and all of a sudden, most of those 'bots who like to "phone home" without your knowing about it, will die an unmourned death. Dan Pollock, who owns the site, explains how it works.

A DNS-based security subscription and settings if far more automated and easier to do you allow or blocks within. We (IT dept) give a lot of support to staff - near 1000 people. From that I know managing hosts file isn't for everyone.

Yikes ..reading that list of pages to block. Yukko

See the above, and know Cisco buying OpenDNS still left a free version available for personal users. There are others but Cisco is most of the TALOS database and has a far stronger history and reputation than some. Other good security products use the TALOS database.

There’s a lot more you can do to lock down an iPhone but thankfully, compared to Google’s Android release, there are some pretty good security and privacy options with an iPhone. I wrote a primer on this for family and friends. It’s a little sloppy but I think accurate and pretty comprehensive (and it saves the gauntlet of bait and switch ad sites you will have to wade through in the first 25 or so sponsored links that will be at the top of the Google search results if you try and search for this. If anyone wants a copy, PM me.

V 16 is explicit private or protect for app rights, and also disallows third party keyboard apps for some functions via disallowing access to clipboard. 16.0.3 has fixed the paste bug but I see it still exists with unsupported or not recently updated apps.

Now I will point out some good in tracking and cameras.

As a kid someone lied and said I beat them up and stole their bike. Without cameras at a school yard I was a 9 year old in custody until my parents helped prove otherwise. At point in the 1990s the police had a stupid campaign to try and punish road rage with a tip line and signs plus news broadcasting that. I got a letter and police at my door for something I did not do. It was mighty lucky my employer and a customer could both verify it was impossible.

This past summer a friend got a parks closed curfew violation ticket from Chicago likely his mentally ill brother lying about it. He used a neighbor's Ring camera and Google data to show he was 150 miles away from that.

The AEB technology in all new cars and some for the past 11+ years determines guilt or innocence in some accidents.

 

[BuckNekkid]

A DNS-based security subscription and settings if far more automated and easier to do you allow or blocks within. We (IT dept) give a lot of support to staff - near 1000 people. From that I know managing hosts file isn't for everyone.

True. But if you're a home user and don't have a) an IT Department (likely son or daughter), or b) an account with and knowledge how to use DNS, this hosts file is a major improvement over just letting oneself get run over by 'bots and skeezy operators.

 

[imwjl]

True. But if you're a home user and don't have a) an IT Department (likely son or daughter), or b) an account with and knowledge how to use DNS, this hosts file is a major improvement over just letting oneself get run over by 'bots and skeezy operators.

We do this helping staff at scale - hundreds of people. How our time is spent is logged. It is proven well to be easier, faster and more lasting to coach them to sign up and put the two settings in their home router. That also makes any guests or others who use their home network get that protection. It's an automatic making sure they have it if they buy a new computer or device.

 

[1955]

I hope you know the risks of "just downloading", and target that VPN use makes you. From the standpoint of being a security professional, the post you replied to is just plain ignorance. Especially and except for carrier location tracking, the categorically thinking a smart phone is somehow less private or secure.

One big irony in the amount of data tracking like the screen shot is so many people just being too cheap, lazy or dumb to consider buying a product instead of being the product.

It should also be known to more that open source or Linux are not a pass or exclusion for security and privacy matters.

I’m not understanding exactly what you are trying to say, probably because I don’t know computers, but I’ll defer to your experience on these issues. Maybe you are speaking of IT alerting on proxy server traffic they see from a worker, thus drawing attention?

The VPN I use is a paid for app, it’s called PIA. I would imagine most of these companies that start off with a mission statement of strong privacy get bought up by the leviathan companies. I read that Duck Duck Go met a similar fate, but I don’t know if it is true.

Brave is only the best solution I’ve found thus far, but I’m sure it’s probably getting kickbacks from a Martha Stewart copycat or who knows. I’m definitely open to a better suggestion.

I use an iPhone for nearly everything. On initial setup, it takes me quite a while to toggle off the various privacy intrusions and tweak it. I specifically block location tracking, microphone, camera, etc. in nearly all circumstances.

I’m not over-scrupulous to the point of carrying a faraday bag, using a pineapple server, or scrubbing exif data when posting photos, but I try to avoid being a target by not throwing dollops of metadata out into the universe in the tiny ways that I can.

Hoping everything will be ok is not realistic with the egregious intrusions on the general public’s privacy in the last two decades. Surveillance capitalism, with the consequential curating of social standing created in it’s wake is already rebarred in so deep that the boundary monuments of ethical prerogatives will likely never get walked back.

I don’t have the time to wait around for a company like Purism to roll out the Librem, although I commend their dedication to putting some semblance of control back into the customer’s hands.

The underdog companies that try to fight the behemoths are not only fighting the lightning obsolescence that shallow pockets invite, because by the time they roll it out, software like Pegasus is two steps ahead, but they are also trying to persuade market share with a growing public that has no pangs of conscience trading privacy for expedience.

I was only familiar with Microsoft (with only layman understanding) up until XP, but I did notice on later releases the increased telemetry, which combined with the ever-changing operating systems and too-late security patches, don’t give me much hope. Maybe a professional that has all of their machines wiped of bloatware, adware, etc. from the get go, and has the time to go in msconfig, research and disable the offending or curious services, has a robust firewall with end to end encryption, etc. can boast of navigating effortlessly around the dank stalagmites, but I just gave up on them.

iOS/Mac doesn’t seem to me to be much better, endlessly leveraging intrusive defaults, from protecting your hearing for your own darn good to parsing a mind numbing amount of system event logs and health data, etc.

I won’t even speak to Boogle, as they are well known to be the devil incarnate with everything they touch, but the occasional white knighting I’ve seen from the collision of their aggregation and a conveniently fashionable sleuth story doesn’t make up for the Orwellian contempt they hold for the average consumer.

Carriers, who join their tower dongles together like Riverdance dancers, have no problem selling geo location tracking to interested or cough important parties on hunches alone, here a ping there a ping, everywhere a ping ping, and they have a fun little way to make everyone their world Wi-Fi oyster if you’re not savy enough to incessantly change passwords every fortnight with 126 disparate characters.

Sure, some concerns are marketable conspiracy theory and monetized fear mongering to the potbelly crowd, but there are legitimate concerns that have not been addressed by those that can, and a certain slice of the bamboozled think it’s all a lemon and they want their money back.

The only thing I know about open source is that Linux sounds like a Charlie Brown character, so, as usual, as the average consumer, maybe with above average indignity, I would ask where are the real and practical solutions for chumps like myself, who are yoked to the hot brick for necessity’s sake, but are sick and tired of being poked and prodded by strategic entities, with strategic goals, whose intent is not just parting me with my worthless farthings?

 

[redhouse_ca]

A DNS-based security subscription and settings if far more automated and easier to do you allow or blocks within. We (IT dept) give a lot of support to staff - near 1000 people. From that I know managing hosts file isn't for everyone.

See the above, and know Cisco buying OpenDNS still left a free version available for personal users. There are others but Cisco is most of the TALOS database and has a far stronger history and reputation than some. Other good security products use the TALOS database.

V 16 is explicit private or protect for app rights, and also disallows third party keyboard apps for some functions via disallowing access to clipboard. 16.0.3 has fixed the paste bug but I see it still exists with unsupported or not recently updated apps.

Now I will point out some good in tracking and cameras.

As a kid someone lied and said I beat them up and stole their bike. Without cameras at a school yard I was a 9 year old in custody until my parents helped prove otherwise. At point in the 1990s the police had a stupid campaign to try and punish road rage with a tip line and signs plus news broadcasting that. I got a letter and police at my door for something I did not do. It was mighty lucky my employer and a customer could both verify it was impossible.

This past summer a friend got a parks closed curfew violation ticket from Chicago likely his mentally ill brother lying about it. He used a neighbor's Ring camera and Google data to show he was 150 miles away from that.

The AEB technology in all new cars and some for the past 11+ years determines guilt or innocence in some accidents.

Thankd, great info. One challenge, tho, will be all the non-blocked stuff. Even if you are successful in the game of whack-a-mole that is blocking the worst culprits, your hardware and browser fingerprint is almost certainly known broadly. You can change your fingerprint but it’s a little tricky to track down. A good explanation of this can be found on that coveryourtracks.eff.org (that’s an Electronic Frontier Foundation site, so I trust it), but the data points that make up your fingerprint can be pretty tricky to track down on your machine and sw. There are some big elephant changes you can make that will go a long way toward making your rig less identifiable to trackers (a VPN using different nodes, if you have a trustworthy one - many are not, clearing cookies and caches at shut down, deleting old browser plugins,etc) but to create a really unique fingerprint, you have to change the identifiable information in things like headers, etc. Trackers will use seemingly very mundane details (like timezone, font type, screen size and color settings, etc) and the algos used to crunch that info are shockingly good at identifying you with this data. I have a lot more control over that with ios, and Apple released a feature that allows you to track which apps speak to which web hosts (setting>privacy>app privacy report). Its sometimes scary to see who’s connecting to which apps). They are also in beta for a private relay feature settings>icloud>private relay. It’s not an end all but I appreciate what they are doing for privacy and security. Im to the point where I don’t do much in line with Microsoft products and I would touch a google app on anything (or anything android).

If I need to do something totally private and secure, I think tails is tie way to go. If your really really paranoid, you can run a VPN client on your router and use that plus tails (tails doesn’t support a local vpn client yet). If your really really really paranoid whonix and I2P are the way to go.

 

[Texicaster]

A buddy of mine told me about those grocery store discount cards; the ones associated with your phone number. Supposedly some guy at a grocery store did a trip and fall. When investigated they discovered the bulk of his purchases were for alcohol and this was used against him during the claim process. My friend said NEVER use your phone number for these cards! And I don't use my phone number; I use HIS!

 

[imwjl]

I’m not understanding exactly what you are trying to say, probably because I don’t know computers, but I’ll defer to your experience on these issues.

The VPN I use is a paid for app, it’s called PIA. I would imagine most of these companies that start off with a mission statement of strong privacy get bought up by the leviathan companies. I read that Duck Duck Go met a similar fate, but I don’t know if it is true.

Brave is only the best solution I’ve found thus far, but I’m sure it’s probably getting kickbacks from a Martha Stewart copycat or who knows. I’m definitely open to a better suggestion.

I use an iPhone for nearly everything. On initial setup, it takes me quite a while to toggle off the various privacy intrusions and tweak it. I specifically block location tracking, microphone, camera, etc. in nearly all circumstances.

I’m not over-scrupulous to the point of carrying a faraday bag, using a pineapple server, or scrubbing exif data when posting photos, but I try to avoid being a target by not throwing dollops of metadata out into the universe in the tiny ways that I can.

Hoping everything will be ok is not realistic with the egregious intrusions on the general public’s privacy in the last two decades. Surveillance capitalism, with the consequential curating of social standing created in it’s wake is already rebarred in so deep that the boundary monuments of ethical prerogatives will likely never get walked back.

I don’t have the time to wait around for a company like Purism to roll out the Librem, although I commend their dedication to putting some semblance of control back into the customer’s hands.

The underdog companies that try to fight the behemoths are not only fighting the lightning obsolescence that shallow pockets invite, because by the time they roll it out, software like Pegasus is two steps ahead, but they are also trying to persuade market share with a growing public that has no pangs of conscience trading privacy for expedience.

I was only familiar with Microsoft (with only layman understanding) up until XP, but I did notice on later releases the increased telemetry, which combined with the ever-changing operating systems and too-late security patches, don’t give me much hope. Maybe a professional that has all of their machines wiped of bloatware, adware, etc. from the get go, and has the time to go in msconfig, research and disable the offending or curious services, has a robust firewall with end to end encryption, etc. can boast of navigating effortlessly around the dank stalagmites, but I just gave up on them.

iOS/Mac doesn’t seem to me to be much better, endlessly leveraging intrusive defaults, from protecting your hearing for your own darn good to parsing a mind numbing amount of system event logs and health data, etc.

I won’t even speak to Boogle, as they are well known to be the devil incarnate with everything they touch, but the occasional white knighting I’ve seen from the collision of their aggregation and a conveniently fashionable sleuth story doesn’t make up for the Orwellian contempt they hold for the average consumer.

Carriers, who join their tower dongles together like Riverdance dancers, have no problem selling geo location tracking to interested or cough important parties on hunches alone, here a ping there a ping, everywhere a ping ping, and they have a fun little way to make everyone their world Wi-Fi oyster if you’re not savy enough to incessantly change passwords every fortnight with 126 disparate characters.

Sure, some concerns are marketable conspiracy theory and monetized fear mongering to the potbelly crowd, but there are legitimate concerns that have not been addressed by those that can, and a certain slice of the bamboozled think it’s all a lemon and they want their money back.

The only thing I know about open source is that Linux sounds like a Charlie Brown character, so, as usual, as the average consumer, maybe with above average indignity, I would ask where are the real and practical solutions for chumps like myself, who are yoked to the hot brick for necessity’s sake, but are sick and tired of being poked and prodded by strategic entities, with strategic goals, whose intent is not just parting me with my worthless farthings?

A crazy or frustrating point with small companies you mention is now the ones that are promising mostly get bought by a very small circle who can bid much more.

My simple point here is there are good ways to avoid much of the negative stuff discussed. For example, Google and others have a free keyboard you iPhone does not have with a row of numerals. Typefinity has one that was made to avoid the privacy matters we discuss here but you have to pay $5 so the author can live. Paid tier Apple, Google and Microsoft cloud services with high privacy and compliance standards are $2 - $30 a month.

For the above, we used to be conditioned to and responded to much more expensive personal devices and paid $500 for a word processor. Thus, why I think a lot of whining is absurd. A lot of whiners should consider the whole $ few a day I pay to not be the product. Apple smart speakers have an option to limit listening.

We can't turn back on most successful technology so consider the positive elements too.

 

[imwjl]

Thankd, great info. One challenge, tho, will be all the non-blocked stuff. Even if you are successful in the game of whack-a-mole that is blocking the worst culprits, your hardware and browser fingerprint is almost certainly known broadly. You can change your fingerprint but it’s a little tricky to track down. A good explanation of this can be found on that coveryourtracks.eff.org (that’s an Electronic Frontier Foundation site, so I trust it), but the data points that make up your fingerprint can be pretty tricky to track down on your machine and sw. There are some big elephant changes you can make that will go a long way toward making your rig less identifiable to trackers (a VPN using different nodes, if you have a trustworthy one - many are not, clearing cookies and caches at shut down, deleting old browser plugins,etc) but to create a really unique fingerprint, you have to change the identifiable information in things like headers, etc. Trackers will use seemingly very mundane details (like timezone, font type, screen size and color settings, etc) and the algos used to crunch that info are shockingly good at identifying you with this data. I have a lot more control over that with ios, and Apple released a feature that allows you to track which apps speak to which web hosts (setting>privacy>app privacy report). Its sometimes scary to see who’s connecting to which apps). They are also in beta for a private relay feature settings>icloud>private relay. It’s not an end all but I appreciate what they are doing for privacy and security. Im to the point where I don’t do much in line with Microsoft products and I would touch a google app on anything (or anything android).

If I need to do something totally private and secure, I think tails is tie way to go. If your really really paranoid, you can run a VPN client on your router and use that plus tails (tails doesn’t support a local vpn client yet). If your really really really paranoid whonix and I2P are the way to go.

The management consoles are far simpler for a non-tech person to add allow and block items than editing a system file.

A buddy of mine told me about those grocery store discount cards; the ones associated with your phone number. Supposedly some guy at a grocery store did a trip and fall. When investigated they discovered the bulk of his purchases were for alcohol and this was used against him during the claim process. My friend said NEVER use your phone number for these cards! And I don't use my phone number; I use HIS!

A high bs factor and not understanding how law works in that. If what you heard is true, it is an outlier.

That's not evidence to prove the person was drunk. I cannot imagine a store sophisticated enough to have a loyalty system and not a loss prevention system with cameras capturing the incident. The part of a lawsuit called discovery typically has all parties looking at that video. It usually requires someone in IT doing discovery holds in the major messaging platforms so no one can delete data. Messing with evidence is an additional problem most with normal brain function don't do.

 

[Sparky2]

That shoot drones theme and mentality I've seen is misunderstood and quite off base considering the private satellite industry already in place and used for business and nation state intelligence.

Yeah, but I can't shoot those satellites down.
They are too high.

The video-camera-equipped quad-copter drones that screw around over our properties and invade our collective privacy?

Oh yeah.
Fair game.

 

[BigDaddyLH]

I just farted on an elevator and now I'm getting ads for air fresheners. It's real, people!!! Like, I didn't even own up to the flatulence.

 

[1955]

I just farted on an elevator and now I'm getting ads for air fresheners. It's real, people!!! Like, I didn't even own up to the flatulence.

If two people fart in an elevator at the same time, only the fallen tree in the forest hears it.

 

[Loquatious]

You're being tracked in more ways you know. Some people erroneously think that using VPNs guarantee more security over Internet traffic, but they are wrong. A VPN is just as likely to create a profile for you as an ISP is, and some claims that a VPN doesn't log activity have proven to be false or as a method for people committing crime (usually organized crime). Again, the latter only for "non logging VPNs".

The truth is most your traffic to sites is secure if the site uses SSL, which is the lock that probably shows to the left of the URL in your browser. That's good enough from keeping your data from being stolen via various known attacks. Wi-Fi spots these days are virtually just as secure. The only legitimate reason for using VPNs these days is to access content not available in your country. For example, getting the British Netflix when you live in America or looking at "adult" content in very conservative countries.

Privacy is dead, but that does not mean it's not still worth fighting for. Really, if you have issues with an insurance program tracking you on your phone, then you would be frightened about what information is out there about you. I'm also guessing you switched to Progressive. They used to have something to plug into people's cars but it caused so much damage to the electrical system that they started using an app on phones, which have accelerometers.

 

[cyclopean]

My phone listens to me. Can't figure out how to stop it either. It'll automatically look up things people say; I'll finish a live conversation about ham and there's Google results on my phone showing places to buy a ham.

Hate a lot of the new tech. I'm no longer technologically "current" for the first time in my adult life. Lost it I'd guess around age 50.

Start with a faraday pouch.

 

[Wrighty]

On the positive and disturbing side:

Sure, they can maybe track your internet use and toss mountains of SPAM at you ---- yet the C.I.A. and F.B.I. and MI6 and RCMP and KGB... still can't seem to find people (quickly?) who fraud senior citizens sell boatloads of drugs and do internet scams on a global platform. Hmmm?

And Amazon can’t find my Velcro ordered three weeks ago, even with Alexa keeping an eye on me!

 

[Weazel]

No Siri, Alexa, Gertrude or Barb for me.

I commute by bus, however, so to check real time route schedules, "they" need to know where I am.

I am fine with that.

 

[imwjl]

Yeah, but I can't shoot those satellites down.
They are too high.

The video-camera-equipped quad-copter drones that screw around over our properties and invade our collective privacy?

Oh yeah.
Fair game.

I understand the matter and the laws that apply. Sorry, but I'm not the type to think or make law enforcement's job mine except for the possibility of a very unusual circumstance, nor do I let fear control me as many do.

You're being tracked in more ways you know. Some people erroneously think that using VPNs guarantee more security over Internet traffic, but they are wrong. A VPN is just as likely to create a profile for you as an ISP is, and some claims that a VPN doesn't log activity have proven to be false or as a method for people committing crime (usually organized crime). Again, the latter only for "non logging VPNs".

The truth is most your traffic to sites is secure if the site uses SSL, which is the lock that probably shows to the left of the URL in your browser. That's good enough from keeping your data from being stolen via various known attacks. Wi-Fi spots these days are virtually just as secure. The only legitimate reason for using VPNs these days is to access content not available in your country. For example, getting the British Netflix when you live in America or looking at "adult" content in very conservative countries.

Privacy is dead, but that does not mean it's not still worth fighting for. Really, if you have issues with an insurance program tracking you on your phone, then you would be frightened about what information is out there about you. I'm also guessing you switched to Progressive. They used to have something to plug into people's cars but it caused so much damage to the electrical system that they started using an app on phones, which have accelerometers.

Some very good points.

VPN use is a red flag. The security platform I manage has pre-built or default alarms. Surely any ISP and law enforcement collaboration can see it with same ease.

Yes on the encrypted traffic but this is where TDPRI John lives. He screams Windows 7 forever while loathing Microsoft same time the security console I mentioned shows me he is compromised without his knowing it.

Smart and practical ways to fight for it as you say can be pretty easy and reward those who make good efforts. We can all start by choosing platforms better about it. I said in another post how it is not much money per day for some subscriptions and purchases I make. That has a win/win. I get better or best products same time the people who do that make a living.

Here is another trick. It cannot get around the cellular location all devices have but it can bypass what apps and browser temp, cookie and cache can do. One can have something like an Apple Watch cellular and not install any apps that send data elsewhere.

 

[Beebe]

I pretty much click "accept" for everything that shouldn't slow my devices down.

My thinking is it may come in handy if someone needs to find me, or if I need to prove where I have been.