Thunderbolt, fuck yeah!
Join Date: Jan 2005
Location: Denmark
|
Lately there has been a lot of news and talk about the erosion of privacy on the Internet. The Patriot act and EC logging directive are old news, but with initiatives like Phorm it seems like the ISPs are also getting into the act of tracking us online. And then there's all the criminals who would like to get their hands on our sensitive data as well. I've taken a look at Torpark and probably decided that it was too much of a hassle anyway. We also had an interesting discussion about VPN here at AN a while ago.
Now I was wondering if any of you guys had any ideas or opinion on online privacy. Personally, it does irk me that everything I'm doing online gets logged these days. Not so much because of what the government would do, but more because all these logs could potentially end up in the wrong hands. Hackers must see all these government databases as veritable treasure troves. Look no further than the UK for a fine example. So what can one do to minimise the exposure to all this? The main threats as far as I see it are:
I suggest we could categorise any suggestions in the following categories, depending on the degree of paranoia. Kinda like an Ars System Guide: 1. The ordinary user: Just want's his personal info to stay out of the hands of the wrong people. 2. The security minded user: Has confidential information and internet traffic that he/she want's to keep secret. This could for example be someone running a small business with confidential customer information or a journalist who had annoyed of the wrong people. 3. The paranoid: Basically want's to be totally invisible and considers himself to be a potential victim of the black helicopters. |
quote |
Mac Mini Maniac
Join Date: Sep 2005
|
Proxies. If you use 7, it's impossible to track you.
1) Use a Mac, try not to give away too much personal info on forums/myspace, etc. Use webmail and a router. When buying stuff online and similar, only buy from known-good vendors and check that the website uses SSL when giving your credit card details. 2) Same as above, except more so. Buy a good router from a major company like Cisco. VPN support might be nice also. 3) You want paranoid?
* I have this little calculator-looking thing. To log into my banks website, I need my username (random numbers/letters), password (same), code for the calculator-thingy, and the calculator thingy itself. I get a code from the bank which i type into the device and I get a different code back which I type into the online banking system. This ensures secure communications from everywhere. Converted 07/2005. Last edited by Yonzie : 2008-06-06 at 11:52. |
quote |
reticulating your mom
|
Vote for this guy.
Quote:
|
|
quote |
is the next Chiquita
Join Date: Feb 2005
|
I think this bears to keep in mind-
Internet originally was designed to enable communication among several computers. Privacy wasn't a design consideration, and one of aspect of Internet is end-to-end connectivity which also implies that you have to be fully known by everyone else to use the internet (otherwise you'd get blank pages after blank pages cos nobody would know where to send the information to). It is literally an afterthought. How is that relevant? Well, SSL is wrong solution to wrong problem, so even if it was unbreakable, it wouldn't really solve the real problem; it's easier to secure and protect a line from invasion or snooping, but not as easy to protect the endpoint (namely, your computer). That fancy calculator-thingy Yonzie talked about is probably perfect if he wanted to protect himself from man-in-middle attack or snooping, but it won't do a damn if there's a logger reading his keystrokes or malware that can access the memory heap. But thankfully, OS X gets it right and does much more to protect the endpoint much better than Windows. (To be fair, this is also true of any well-designed Linux distros or UNIX with a proper implementation of privilege separation and other security mechanism). |
quote |
Mac Mini Maniac
Join Date: Sep 2005
|
Quote:
(also added a linkt to a picture of it in my original post) Converted 07/2005. |
|
quote |
‽
|
Elaborate. What does Windows not do?
|
quote |
is the next Chiquita
Join Date: Feb 2005
|
For starters, it could silently installs bad stuff in name of convenience. With other OSs, you get a dialog asking for confirmation if you really want to run (with exception of that stupid "Download Safe File" option in Safari). Windows does prompt for this as well, but my understanding is that it's not always and you just have to say it's from Microsoft and you get instant access to everything in Windows.
Then there's IE's lenient security- just toss in an nasty ActiveX and you can basically do whatever you want. This may have changed with IE 7, however. Oh, and Windows XP shipped with Remote Assistance enabled, IIRC. Don't know if Vista still does that, but this is one of other defaults where you have to change to make it properly secure. |
quote |
BANNED
I am worthless beyond hope. Join Date: May 2006
|
Quote:
|
|
quote |
Formerly Roboman, still
awesome Join Date: Jul 2004
Location: Portland, OR
|
I am a pretty private person and I have concerns about intellectual property (I realize the chances of any thief stealing my laptop and then deciding that he or she would publish the novel themselves are virtually nil, but still...I'd feel so much better knowing that nobody else could have my work before I wanted them to) so I'm not planning on keeping any files of any importance on my netbook. Rather, I think I'll be picking up one of these.
Hopefully, people would be less likely to steal my lappy in the first place if they see that it is tethered to my wrist , and if I ever need to leave my lappy alone for the shortest period of time (to get a refill or something) I can easily take all my data with me; the most any would-be thief would get would be a single chapter (the one currently open). Right? It's kind of a ugly watch, though. and i guess i've known it all along / the truth is, you have to be soft to be strong |
quote |
Mac Mini Maniac
Join Date: Sep 2005
|
I hope you back up your watch. (OMG WTF? )
Also this: http://www.youtube.com/watch?v=LNN6CE_GJHQ Also, ditch the mininote and get a MB+iAlertu |
quote |
Formerly Roboman, still
awesome Join Date: Jul 2004
Location: Portland, OR
|
Quote:
Edit: iAlertU is awesome (love the car sounds and the use of the Apple Remote) but if a thief were to pick up a laptop and have an alarm sound, would they really put it back down and run away? I think they'd run away...without putting it down first. Maybe a well-meaning stranger would trip him on his way out, though. and i guess i've known it all along / the truth is, you have to be soft to be strong |
|
quote |
BANNED
I am worthless beyond hope. Join Date: May 2006
|
Quote:
|
|
quote |
Formerly Roboman, still
awesome Join Date: Jul 2004
Location: Portland, OR
|
Quote:
I know nobody would really steal my laptop for my writing, they'd steal it for the laptop (or possibly some personal information). I'm not famous enough for anyone to give a damn about my novel, and I have no delusions otherwise. So the steps I take are mainly to make me feel better. I just wouldn't want a copy of my book out in the wild, out of my control, even if the person with it doesn't give a shit about it. and i guess i've known it all along / the truth is, you have to be soft to be strong |
|
quote |
BANNED
I am worthless beyond hope. Join Date: May 2006
|
That's perfectly understandable. You're probably right about writers in general, although I figured at least a small percentage would have some good ideas about maintaining portability of their works while also keeping them secure.
|
quote |
Dark Cat of the Sith
|
I have 3 copies of my writing: the one on my hard drive, the one on my external drive (backed up only once a month), the one on my school storage space (backed up once a week). If I know I'm gonna be working on it not on my machine, I update the online backup; if I don't, I can always use the online one anyways and when I'm back on my computer resync it. If/when I get a .Mac account I'll probably keep a copy on there too, although whether or not I'll delete the Eden backup in favor of that one I haven't decided yet.
"A blind, deaf, comatose, lobotomy patient could feel my anger!" - Darth Baras twitter ; amateur photographer ; fanfiction writer ; roleplayer and worldbuilder |
quote |
OK Mr. Sunshine!
Join Date: Oct 2006
Location: Toronto
|
I recommend getting creative with making up your online personas - you have to act the part. Pretend to hold political and religious positions that you don't really believe in. Research them carefully so that you can argue from that perspective with all the vehemence and style (or lack thereof) that someone who really believes in them would.
Make up your location. This is really easy to do, thanks to Google and Wikipedia. It's amazingly easy to convince people that you live in, say, Toronto. Read enough about subjects that no one knows you study, so you can pretend to be knowledgeable about them online, and thus pretend that you work in a field you don't. Pick one that doesn't relate directly to what your board is about, so that other experts on that site won't be able to tell you're a poser. Also, pick one that's not common, to reduce the likelihood of being exposed. If you really want to get detailed (and I recommend you do), develop a specific style of writing that doesn't match your real one - vary the quality of your spelling, grammar, and vocabulary. It's all pretty easy to do with a bit of effort. I like to think of it as leveling my alt. Do not be oppressed by the forces of ignorance and delusion! But rise up now with resolve and courage! Entranced by ignorance, from beginningless time until now, You have had more than enough time to sleep. So do not slumber any longer, but strive after virtue with body, speech, and mind! |
quote |
Formerly Roboman, still
awesome Join Date: Jul 2004
Location: Portland, OR
|
Quote:
|
|
quote |
Stallion
Join Date: Feb 2006
Location: Milwaukee
|
Quote:
|
|
quote |
Sneaky Punk
|
That's the worst thing to do if you want to keep something privet (put it on Google I mean).
|
quote |
Stallion
Join Date: Feb 2006
Location: Milwaukee
|
|
quote |
Selfish Heathen
Join Date: May 2004
Location: Zone of Pain
|
Because it's Google?
Would you trust a megacorporation that makes money from indexing documents and selling advertisements based on the content of said documents with keeping your own personal and private documents? If you just need scratch space for something you don't need to keep private, Google Docs is great. Even if you think Google is a completely trustworthy storage mechanism, Google Docs are transmitted in plain text, introducing another major security concern. The quality of this board depends on the quality of the posts. The only way to guarantee thoughtful, informative discussion is to write thoughtful, informative posts. AppleNova is not a real-time chat forum. You have time to compose messages and edit them before and after posting. |
quote |
Thunderbolt, fuck yeah!
Join Date: Jan 2005
Location: Denmark
|
Thanks for you replies, guys. Especially Yonzie for the thorough guide to the paranoid life. However, I'm too fond of getting drunk to abide to it. But I've downloaded the Little Brother novel. Banana's point about the original intentions of the internet have also been taken to heart.
I'd also agree with Brad on Google. In fact that's why I stopped using my Gmail, well in principle .Mac could be just as bad, but at least it's not it's stated modus operandi to profile it's users. A thing that also struck out at me from the replies here is that people seem to have different ideas of what is most important in respect to privacy. Personally, I'm most concerned with commercial logging, and old-fashioned traffic analysis which can't be defeated by SSL and other forms of encryption. The latter looks at who you are talking to and not so much what is being said. It's pretty obvious that if you spend a lot of time communicating with your net-bank, then you might be a good target for some money related advertisements. Now that I think about it; it also baffles me to no end that email is still sent unencrypted unless you have some plug-in installed that needs to be present on both ends. |
quote |
Lord of the Rant.
Formerly turtle2472 Join Date: Mar 2005
Location: Upstate South Carolina
|
This is something that annoys me too. Granted, most of my emails are to my mom and family members, but still I would rather that info be private.
|
quote |
Thunderbolt, fuck yeah!
Join Date: Jan 2005
Location: Denmark
|
For me, I suppose it's safe from my Mac to .Mac. But after that I really don't have any control over it. I have a digital signature from the state that I can use to encrypt and sign mails with, but unless the other end also uses it I can't use it.
|
quote |
Stallion
Join Date: Feb 2006
Location: Milwaukee
|
Quote:
Are we really worried about someone hacking in to Google or hacking into my personal machine?!? The biggest thing I would worry about is losing the laptop and having your documents there for everyone to read. If someone is smart enough to hack into your computer or Google, I am sure they are savy enough to beat some encrypted document format. Even so, as others have stated, with all the other unencrypted data transferred across the web, what are the odds someone is going to pick up your book?!? It just seems far fetched to me. ...and calling/e-mailing/texting ex-girlfriends on the off-chance they'll invite you over for some "old time's sake" no-strings couch gymnastics... |
|
quote |
is the next Chiquita
Join Date: Feb 2005
|
^
Back to grammar school. Maybe this time around we can 1+ your reading comprehension, tensdanny38. |
quote |
Veteran Member
Join Date: Jun 2004
|
Roboman, I think if you want to be thorough, you'll assume everything you carry with you *will* be stolen, and work from there.
Full disk encryption on the laptop -> no one will get anything out of it. Backups at home/elsewhere -> at most, you lose last work. I wouldn't bother with the wristwatch thingy. The laptop should be encrypted anyway to stop anyone from pulling the data out of temp files, caches or virtual memory, and if you did carry the wristwatch you'd have to encrypt the stuff on it because it can be robbed or stolen as well. |
quote |
Stallion
Join Date: Feb 2006
Location: Milwaukee
|
Quote:
Bro, its an online forum. I spend 8 hours a day writing formal documents. I let my hair down online I guess. ...and calling/e-mailing/texting ex-girlfriends on the off-chance they'll invite you over for some "old time's sake" no-strings couch gymnastics... |
|
quote |
Posting Rules | Navigation |
|
Thread Tools | |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Procedure before sending iBook for repair: Privacy? | scubaski | Genius Bar | 10 | 2008-04-29 08:40 |
We're So Screwed (RFID Privacy Concerns) | Dave | AppleOutsider | 4 | 2007-02-21 08:04 |
Is our privacy being violated with 10.4.7? | washington mac user | Apple Products | 20 | 2006-07-09 16:00 |
One Mac, two people (iTunes, iPhoto, privacy, etc.) | psmith2.0 | Genius Bar | 18 | 2006-07-09 02:18 |
iTunes Mini Store Privacy Debacle: Apple's solution | chucker | Apple Products | 10 | 2006-01-18 11:53 |