Tag Archives: privacy

Cloudflare launched fast and private public DNS service

Cloudflare launched their new free public DNS service yesterday (yeah, funny date to make product announcement on April 1st). But this is no joke. They actually launched this product. In a nutshell, it’s a service like OpenDNS or Google DNS, except it’s the fastest of them all and cares about user privacy.

Cloudflare DNS

Webpage: https://1.1.1.1

Primary DNS: 1.1.1.1

Secondary DNS: 1.0.0.1

As you can see from DNSPerf webpage, it’s resolving the fastest for basically entire world and their privacy policy is also very strict, meaning they do not track or store any user data and they also don’t sell any data to anyone.

It is yet unknown if Cloudflare DNS provides any other security features like cache poisoning protection, anti-phishing and malware blocking. Still waiting for their reply on this one, will update as I receive more info.

I’ve also included it on my public DNS list where I feature all DNS services that matter.

 

Advertisements

Bring privacy under your control again

Took me a while, but when Google fired James Damore for his memo, that was a tipping point for me. It was also a day when I entirely dropped Google Search. And also a day when I decided to start using more and more “independent” alternative services that are more privacy focused. Some are easier to switch to, some are not. But let me tell you, it’s worth it when you realize how these mega corporations are just straight up evil.  From their fucked up internal politics to endless meddling with politics worldwide to how they handle our sensitive private info with next to no regard for anything or anyone. Sure, they offer services for free in exchange for our privacy, but there will be a point when you’ll ask yourself, is my private info and data really worth so little that I trust it to Google instead of paying a relatively small subscription for a secure encrypted private mailbox with nearly same features as found on GMail? It takes some time to realize that, but take some time and think about it.

To make final decisions easier afterwards, here are some tips on what services to use in order to break free from mega corporations mining your personal data…

DNS Service

OpenDNS
Cloudflare DNS

Web Search

DuckDuckGo
Qwant
iquick | StartPage
Unbubble

e-Mail Service

ProtonMail
Tutanota
Hushmail
StartMail
Mailfence
PrivateRelay
Posteo
Kolab
Lavabit
Criptext

Data Storage

MEGA
DropBox

Online maps/navigation

HERE WeGo | HERE Maps for Android
OpenStreetMap

Two-Factor Authenticators

FreeOTP

Web browser

Mozilla Firefox
Vivaldi

VPN

ProtonVPN

 

Summary

After long hours of research and investigation, I’ve dug up these services that are highly focused on privacy and security, are mostly located in countries with most rigorous privacy laws or they are designed in such a way no one can even force them to uncover your data, because only you have the decryption keys. They may not be free, but can you really put a price tag on your privacy when you think about it? Some services cost a bit more a year, others less. Some are even free but with certain limitations like e-mail storage space and less features which kinda forces you to upgrade. But you can evaluate them cost free this way and decide which ones you like.

Suggestions?

If you know any other services that you feel they need exposure here, leave them down below in the comments and I’ll check them out. If I feel they are worthy, I’ll include them on the list above.

Ghostery went open source!

Ghostery is a browser extension that provides users of the interwebs with enhanced privacy as it blocks creepy crawlies hiding in webpages, tracking you, following everything you click or visit. Ghostery has been a widely used tool by users who care about privacy and then Cliqz bough them some time ago. And people had some concerns over what they do with all the info on trackers and how they actually make the money to pay their programmers. Well, worry no more, Ghostery has gone open source!

Anyone can check its source code now and inspect how it works and what and how it transmits the data to Cliqz, ensuring transparency and potential forks as well as accelerated development with larger base of contributors. It’s great news for everyone who value their privacy. If you don’t use it yet, check it out. It supports all major browsers and it can be found on extensions/add-ons webpages of all these browsers.

Stay away from Onavo Protect VPN app!

Recently, Facebook started promoting Onavo Protect VPN as means of protecting user privacy when browsing online for smartphones. Without disclosing that Facebook owns Onavo company since 2013! I find it absolutely disgusting that they weren’t disclosing this even back then and not surprised they still haven’t done the same today.

Now, ask yourself, Facebook, the cancer for privacy that it is, would you trust them routing ALL your traffic through their VPN “pipeline” to “protect” your privacy? I sure as hell wouldn’t, I have all their shit blocked on all webpages and stay as far away from their services as possible. I can’t really say anything more than to stay away from this shit. It’s sleazy, low and it’s not even protecting anyone’s privacy, it’s just moving literally EVERYTHING you view online through it, served to Facebook on a silver platter. Even data passing through is encrypted, they still see who is visiting what website and that’s already too much. AVOID!

Web of Trust (WOT) privacy scandal

I’m a bit surprised there is nearly no news surrounding this in English news, especially on tech sites, considering the scale and amount of users of WOT that aren’t limited to German market only.

Researchers of German NDR (Norddeutscher Rundfunk or Northern German Broadcasting) found out that WOT browser add-on was (and as things stand now, still is) gathering user data beyond what they were promising, ranging beyond only visited websites, they are gathering entire user history from browser, usernames, e-mails and more and selling it to 3rd parties. And they are doing this in such sloppy way external researchers were able to identify individuals by accessing open resources from WOT without even illegally (via hack) accessing their servers. You can apparently do it without any of that!

What’s even worse, after researchers asked developers of WOT about these things, all they got back was… silence, pretty much. Just a very vague reply that you can read here. When someone, instead of being open about the issue veils in silence, that’s a sign that something is going on. And nothing good will come from that.

I liked WOT a lot, because it was good resource to identify unknown websites and what experience others had with it. I’m not aware of any other service that has such level of user involvement in user rating and commenting of webpages. But as things stand now, I recommend users to at least block all public views of their ratings in WOT profile. What they’ve transferred to the 3rd party has already been done, but I think blocking will prevent cross-linking of users to the data. Also make sure to delete all cookies in browser under name “mywot” and quite frankly, deleting your WOT profile at this point wouldn’t be a bad idea either considering all the weird things going on around this service.

I now prefer avast! rating add-on (avast! Online Security) which comes with avast! Antivirus which I already use. Chrome users can even install it separately via Chrome Store even without avast! Antivirus. There is no commenting, but it has extra features like tracking blocking and the fact that avast! as company is very open about their product. When there were privacy concerns about it, they instantly provided answers to any questions by users. They also in detail explained how their rating and resource sharing system works and you can even opt out sharing of properly anonymized data with 3rd parties.

More links, mostly in German with greater details. Use Google Translate to read them.

In depth information from the researcher who uncovered all this:

https://www.kuketz-blog.de/wot-addon-wie-ein-browser-addon-seine-nutzer-ausspaeht/

Think whatever you want, but something fishy is going on and I’m not going to stand around as the smell spreads. Until developers come clean, this thing should not be on any computer.

I’ll keep you posted how things develop in the following days or weeks…

Enable global tracking protection in Firefox

As you may know (or not), Firefox has a tracking protection built in since quite few builds back. However, by default, this feature is limited to Private windows only. Enabling it globally will prevent tracking on all webpages. And from the looks of it, it doesn’t seem to affect browsing quality. You will recognize the active protection via displayed shield in the URL address bar. If there is no shield displayed, it means the webpage is not tracking you.

If you want to enable this globally, you can do this in two ways…

Add-on:

Install this add-on and it’ll enable it for you automatically. Since it’s an add-on, it’ll sync itself with you other Firefox installs on other systems, enabling it globally on all your devices.

Manual setting:

Type about:config in the URL bar and hit ENTER key. Confirm the warning and search for privacy.trackingprotection.enabled and double click it to set it to TRUE.

If value doesn’t exist, right click in empty space, select New and then select Boolean. Name it privacy.trackingprotection.enabled and toggle it to TRUE.

This is useful if you want this enabled on individual systems only or not having to install yet another add-on for a simple tweak within advanced settings. It’s up to you 🙂

Additional settings under Privacy:

Type about:config in the URL bar and hit ENTER key. Confirm the warning and search for privacy.trackingprotection.ui.enabled and double click it to set it to TRUE.

If value doesn’t exist, right click in empty space, select New and then select Boolean. Name it privacy.trackingprotection.ui.enabled and toggle it to TRUE.

You will get additional settings within Firefox with this one under Privacy settings where you can easily enable or disable tracking protection.

You can disable tracking protection for individual webpages by clicking the shield and disabling protection. I have just noticed tracking protection removes “Like” and stars ratings from my blog (this one). You can disable the tracking protection if you want to see the ratings for my blog posts. Same applies for other webpages. Unfortunately, there is no way of selectively enabling just specific “trackers” and leaving others blocked. It’s either fully on or off for a certain webpage.

Disable Windows 10 Tracking

I’ve already written about another tool to improve privacy on Windows 10:
https://rejzor.wordpress.com/2015/08/23/oo-shutup10-windows-10-privacy-tool/

But have recently found another tool that essentially does the same thing with few additional things, like the blocking of tracking domains and IP’s.

DisableWin10Tracking.png

You can read a very interesting article behind it here:
https://hackmag.com/security/what-data-windows-10-sends-to-microsoft-and-how-to-make-it-stop

This tool compliments O&O’s ShutUp 10 nicely, especially the domains and IP’s blocking part. So, I’ve first used O&O ShutUp 10 because it has more granular control and more descriptions for each setting and then use domain/IP blocking in DisableWindows10Tracking tool to finish it off.

Download DisableWindows10Tracking:
https://github.com/10se1ucgo/DisableWinTracking