Online Privacy

RyanM

I posted this morning about being blocked while using a 3rd party commercial VPN provider. That thread had some interesting points in it around online privacy, or the misinformation/misunderstandings surrounding it.

I like to think that I am fairly safe online. I use uBlock Origin to attempt to block adds and trackers, I also have DuckDuckGo Privacy Essentials which attempts to make your browsing safer and more private (for example by forcing SSL/TLS connections).

That said, perhaps my understanding of how to protect my identity and information online is incorrect. Are there good articles or tutorials I could read through that would help me to protect myself online? Any other pointers? Thanks.

johnpoz

Take a look here for starters on how they track you without using an IP.

https://panopticlick.eff.org/

tagit446

@ryanm said in Online Privacy:

That said, perhaps my understanding of how to protect my identity and information online is incorrect. Are there good articles or tutorials I could read through that would help me to protect myself online? Any other pointers? Thanks.
@johnpoz said in Online Privacy:

This definitely seems like a good discussion to have. Seems like the web is full of disinformation and as such it would be good to hear from those here that make a living securing networks what their approach is. I think there is plenty of info when it comes securing a connection between known endpoints that you have control over but not alot when it comes to surfing the net in the wild.

I think using pfSense is a really good start for most people given its capabilities in regards to security. Using packages such as pfBlockerNG can also help in regards to privacy as you have the ability to use feed list of your choice to block certain traffic. You could potentially find feeds that block most anything such as telemetry and trackers as an example.

I'm probably wrong given my limited knowledge on the subject but personally I'm starting to believe there is really no good way to be 100% secure and anonymous while being online, at least not without breaking things. Either way it would still be good to hear what approaches others use to have some degree of privacy and security while online.

I know there are many that want to be anonymous online so that they can do malicious things. There are also those of us that would like to stay anonymous to help protect ourselves from those malicious actors and don't feel it's anyone's right to secretly steal our information in the background, profile us based on our searches or target us with things they think we want to see. Just look at all the Facebook shenanigans, selling user data, targeted news feeds, ect... Why anyone trust them now is beyond me.

Take a look here for starters on how they track you without using an IP.
https://panopticlick.eff.org/

Thanks for this, the test provided is definitely revealing in terms of fingerprinting. I already new some of the information gathered is used to give a better experience when viewing a webpage and to help web developers determine what technologies to use on there websites but I had no idea they were using the same info to identify/fingerprint a user.

RyanM

I agree, I wasn't aware of the browser fingerprinting. I would be very interested in mechanisms to defend against this. From what I was reading the only to defend against this currently is to use something like Tor. And using Tor has its limitations as well in regards to performance and breaking some sites.

On the plus side, I found out that I can use pfBlockerNG for blocking ads. I wasn't aware of this. I had been using it to bypass my Netflix traffic through my WAN instead of VPN.

johnpoz

So here is the thing - while I agree its a great discussion on how this stuff can be done and the tech behind is very interesting to me..

What I don't get is the concern with aspect of online vs real life.. So do you only use cash? Do you wear masks to hide yourself from the 100's and 1000's of camera's that track you while you walk about the city?

Do you not use any sort of pass for tolls, do you not have any sort of reward cards? Do you not have a cell phone? Do you not buy anything online ever - or do you only buy it through tor with crypto?

What exactly is your concern here? While I get some of the companies have gone a bit overboard in trying to gather info.. This is what GDPR is about.. So guessing your a real fan? But then you complain with website X has to change stuff to comply, etc..

It always drives me nuts when users scream I need to hide my privacy - yet don't have clue one to what is actually going on ;) Let me send 10$ to company X per month to make my internet slower.. While I pay for it with my CC and go to the store an use their reward card...

You do understand that anyone can fire up a vpn, pay for some bandwidth and then get charge premium for the bandwidth while making your internet slower an gathering as much info as they can about their users and saying "we don't log" and then sell that info for even more money.. While all your wanting to do is hide that you go to pfsense.org from your actual ISP ;)

Its one of the worse BS scams out there... I could fire up a vps and sell it as vpn ;)

RyanM

You bring up some valid points, and yes, I am a huge fan of GDPR and hope it becomes legislation in the US as well.

Some of what you mentioned is opt-in. I use credit cards for convenience and enjoy the rewards points from them. I accept that they can then track my purchasing history. I buy a ton of stuff on Amazon. I accept that they can track my buying habits and in return I get free 2-day shipping and excellent customer service. I accept that Google reads my email and mines my GDrive files in exchange for the convenience and service they provide (although dropping Google is something I have been considering, I have already moved almost entirely away from Google for search).

Regarding cameras, this is something I have been thinking about more and more over the last few years. I don't like it, but I don't know that there is a reasonable option to protecting myself from this.

The issue I take with online trackers is that I did not consent to their tracking, and I am not really sure what I get out of it.

You are probably right, and the VPN is really giving me a false sense that it affords me some degree of protection. Perhaps I will drop it when it comes up for renewal.

johnpoz

VPNs for sure have their use - don't get me wrong.. Its a an option for when your using what could be a hostile network like a wifi network at your local coffeeshop, the airport, etc..

Just vpn in your home connection ;) via your pfsense install. Or run a vps on the internet for $15 a year ;) and route your traffic from a hostile network through that.

Your vpn service provide one actual service that everyone actually "wants" and that is circumvention of geoip info.. I want my US netflix while overseas, or I want to view UK stuff while Im in the US, etc.. But don't kid yourself that is actually protecting your privacy...

And when you leverage some shared IP, you need to be aware that some sites are going to block said IPs because all that comes from them is crap spammers...

tagit446

@johnpoz said in Online Privacy:

What I don't get is the concern with aspect of online vs real life..

It always drives me nuts when users scream I need to hide my privacy - yet don't have clue one to what is actually going on ;)

And we/you are using pfSense why..? Are you only using it for its routing functions? Is your firewall open to the world?

Most of what is going on in the real world is simply out of our control so we have to live with it unless you want to move to some remote place like Alaska, become a hermit and live solely off the land(not a bad idea). Sure, in most places though our whereabouts and purchasing habits can easily be tracked in many, many ways. The thing is, is that most of this stuff is in our face and we are aware that its going on. Some of it we can avoid if we choose and some of it we can't.

When it comes to our online lives however most of us as you have said have absolutely no idea what is going on behind the scene and/or have heard just enough to know to be wary and that we need protection. Unless you work in the online security field, how would you know of all of the things going on and how to mitigate it? Most of us are just to busy in our own lives and professions and have little time to learn online security. We get online in our spare time, research what we can in the time that we have and try to make what we feel is an informed decision. The only problem with this is there is just so damn much information to learn and process.

Every other week it seems like we hear about some large company having a data breach causing thousands of their customer accounts being compromised. If they can't keep our data safe..

I'm not trying to come off as paranoid as I don't feel that I am. I just want to be informed and secure my data to the best of my ability. I truly believe that's what most of us want. It's a learning process and I am glad you guy's are here to give it to us straight. But hey, we are getting there.. after all we are using pfSense!

As far as using a vpn provider, I've gone from being a firm believer to now being on the fence due to what I've learned in this forum. Alot of good points have been made, some I already knew and some I didn't. Something that is bugging me though, if going through a vpn provider only gives a false sense of security then why do so many bad actors use such services?

chpalmer

@tagit446

"But don't kid yourself that is actually protecting your privacy..."

+1

Of coarse the fishing hook company wants to sell you more hooks.. and more complicated expensive hooks..

We always put cameras in their own subnet by themselves with no outbound firewall rules when we have one or two we need to access for public consumption.. The inbound connection will initiate the state and the camera will be able to reply to those trying to access it.

My first choice is using something like Youtube Live for the public to see cams however. Or Blue Iris for private cams. Easy peasy.

I am no fan of GDPR.

johnpoz

@tagit446 said in Online Privacy:

And we/you are using pfSense why..?

I use it because its an easy to use full featured firewall/router.. My network is segmented and firewalled.. My IOT devices are on their own segment and are have controlled and logged access. While they can access the internet they do not have access to my other devices.

My wifi is also segmented, I have my network for my devices that use eap-tls to auth.. While iot devices and guest have their own vlans and are again controlled and traffic monitored for odd stuff they might be doing ;)

A firewall between your local networks has little to do with some vpn service..

sukulentos

This post is deleted!