With the whole NSA PRISM storm blowing over the internet I thought it would be nice to compile a list of free and open source software I know that can help in safeguarding your privacy as an alternative to proprietary software or online cloud services which are not to be trusted with your personal data.
Hosting everything yourself is one way to go like the folks at unhosted.org suggest, but it isn’t free as it will a) cost you some money and b) usually quite some time to set everything up. Not everyone has the technical knowledge to do this either, so a list of open source software and trustworthy services for the masses would be great.
Turns out prism-break.org is just that kind of list, so that saves me the trouble of compiling it myself. Nice. Here’s another one with mostly the same items on it. Mostly.
The search bubble. That thing where Google puts you in so your results are tailored to your preferences and habits. It’s kinda creepy and cool at the same time isn’t it? One of DuckDuckGo‘s main features is that they don’t put you in a bubble. So they don’t track your past queries, they don’t spy on your social media accounts to figure out what you read, like or retweet and they don’t tailor your results.
This video shows pretty nicely what that Google bubble looks like btw.
Scary isn’t it? The problem is however… it works so damn good too.
I know my results are customized, but when I look for .NET related stuff (which I do all the time at work for example) whatever I’m looking for is usually in the top 3. I know it’s biased, but heck, it works like a charm.
Outside of the bubble, I get more stuff I don’t want or isn’t what I’m looking for.
So it all depends on what you want doesn’t it? But it is a good thing to know that the bubble is there and that it learns from your queries. It’s also good to know that you can escape the bubble if you want to. And just logging out of your Google account probably isn’t good enough.
One of the cool things emerging from the gazillion web 2.0 sites that popped up like zits on an unfortunate teens face are websites where you can publish your stuff without creating accounts or registering in any way. Anonymous so to speak.
Posting a quick snapshot online? Want to share a snippet of code? A collaborative manuscript? A mini-wiki for a short-lived purpose? There’s plenty of sites that offer these kind of functions without having to register. You can sign up if you really really want to in most cases, like if you want to claim, edit or delete things afterwards. But sometimes, that stuff is just overkill and maybe you just want to slap it online in a hurry or without any ties to your persona.
Here’s some good anon-services I found:
imgur.com: image sharing. Quick & easy. Keeps the pics as long as they are used for a fixed period of time. If not, they are deleted. Allows you to upload an image straight from a URL, which is damn handy if you want to avoid hotlinking pics from other sites.
bayimg.com, hosted by the lads from The Pirate Bay. Arrr! Free speech and all, upload anything (except pr0n that is).
pastebay.net, another one from The Piratee Bay lads. It’s like pastebin.com, but I’m sure more anonymous and certainly uncensored. Features are syntax highlighting for code and you can create your own sub-domain if you want to separate your snippets from others.
pastebin.com: I bet you’ve seen this one before. Paste text/code in an online notepad, allowing comments. Great for easy & quick copy-paste sharing.
pastehtml.com: the same as the above, except that this one takes HTML code and saves it as a working page on the site. It’s like free and ad-hoc web hosting. Pretty darn cool. Keeps the pages forever (or as long as the hosting is payed for) according to the FAQ. Needs a Facebook account if you want to claim pages. Sort of a big minus.
wrttn.in: notepad/publishing tool. Create and publish text with or without markup, embed images, videos etc. Very minimal in style, but that’s just what makes it look good. All this without branding or ads. Sounds cool doesn’t it?
shrib.com is another notepad service. Simple and URL based. Share your notes, back em up, keep them private.
piratepad.net : online collaborative Etherpad site. Allows for anonymous online collaborative text editing with a built in chat function. There’s more Etherpad hosts out there since it’s open source software. So if you want can even host your own. Oh yeah, and Arrrrr!!! of course. I almost forgot.
jottit.com : create a wiki, just like that. Anyone can edit, unless you claim it with a password. Sweet for mini sites and all!
A note on the use of “anonymous” here though. If you truly want to keep your identity hidden you might want to take additional measures than to simply trust the above websites in keeping your identity safe. Using a web browser to connect to any web site will give that site data about your browser, machine and geographical location. To shield this information and protect your online identity you should look into using an anonymizer like Tor.
I started playing around with Foursquare to see what all the fuss was about with those “hey look at me I’m at the grocery store” apps. On itself Foursquare turns this whole thing into a little game where you earn points and merit badges for exploring new and exciting places, which stimulates you to explore even more new and exciting places. It’s fun.
What I learned additionally while playing around with it, is that even without the GPS active on the phone, or the WiFi-localization mode which exists on any Android & iPhone device, Foursquare could figure out where I was pretty damn accurately.
So how does it do this?
Android for example can determine a phone’s location by using GPS, WiFi and cell-tower signals. So while some applications don’t work well without a GPS signal, it’s not really required to get a (not so accurate) fix on your location. So all any app really needs is an internet connection, your cellphone network data and possible some WiFi network info to get a pretty darn accurate idea where you are. Without even using the GPS function on your phone. Interesting.
This isn’t something shocking and new, but it is something to keep in mind when you’re installing random apps on your phone. These apps only need internet access to send your approximate location to whoever wants to know. No other security restrictions required.
The Belgian city of Mechelen is planning to put up road surveillance camera’s up on all big exit and entry roads to the city. The reason for this is -of course- the same as it always is when it comes to invading your privacy: to increase security. The plan is to scan every license plate that passes the camera and hopefully be able to stop or catch burglars more easily and scare them away from Mechelen.
I don’t have to tell you how scanning every car’s license plate invades the general public’s privacy, but that’s the price to pay for additional safety isn’t it? The problem with this solution is that it’s called a “Club solution” in the IT world.
A club solution works as long as only a small club of users (cities in this case) use it. So camera surveillance might scare off crooks, but it won’t stop them. They will move to other cities which do not have the same solution. This somewhat forces the other cities to apply the same tactic. After a while every major city will have camera surveillance in place and your solution stops working. It’ll make crime harder, but it won’t stop it. So they will return to the most profitable cities since there’s surveillance in all of them by now anyway.
I’m sure that a hardened criminal won’t be stopped by this. There’s plenty of ways to circumvent the camera’s when you think about it. Fake license plates, stolen cars, disabling the camera’s or simply making sure you bypass them by taking smaller roads.
So we end up with the public being watched at all time and crime at the same rates as it used to be. Big Brother is born one step at a time.
You’ve probably heard of them in the news. The Swedish Pirate Party is one that sprung from the Pirate Bay bittorrent search engine lawsuits and is a modern party which focused on issues concerning privacy and copyright which have changed considerably in the last decade due to the influence of the internet and modern technology. A while ago I heard that the Belgium government is trying to get a Big Brother bill (Dutch article) across to force ISP’s to keep records over a period of two years of all it’s customers internet usage. For one this is going to cost a shit-load which the consumer will end up paying one way or the other. We’re already one of the most costly European countries to have a broadband internet connection in without this measure, so this won’t help at all. Secondly this is also a huge infringement of our privacy. Europe suggest logs are kept somewhere in-between 6 months and 2 years. Funny that they are going for the maximum term on this. Why not take the short end and don’t bother ISP’s with the investment of keeping huge databases? The worst thing about this whole deal is the potential privacy infringements this could cause and for what? Huge databases sitting there to be exploited, hacked and sold on to the highest spammy bidder. I don’t like it a tiny bit.
So Belgium could use a Pirate Party to protect us from bills like this IMO.
Does your country have a Pirate Party?
Well, maybe not yours, but if it qualifies for the following rules, it does. So check em out.
You can’t store my name. My name contains something called an umlaut which is used in Germanic languages like German (duh) and Dutch for instance. My name either turns up with a missing letter, or I get a funky character instead. It sucks. It means you can’t handle unicode or encoding properly. It sucks.
You send me my password in plain text email right after I register. Well, ok, the email used HTML encoding, but that doesn’t make it any better. Email is not safe. Really, it isn’t, so I’m glad I didn’t use a password that looked anything like a password I use anywhere else. This makes me think your coders don’t know what they are doing.
You chopped off my password after n characters and didn’t even warn me about it. Yep. As soon as I’m done registering I get this error message that my password is wrong. I just gave it to you silly twat, and it’s still in my copy buffer dammit, so it can’t be wrong!? Guess what happens when I do that password recovery thing by the way. Oh yeah. I get my password in plain text again, in my mailbox.
I find out there are some privacy settings in my account settings which where not presented to me when I created my account. How odd? Not really. Apparently I automatically opted-in on a bunch of possibilities to commercially exploit my info. Nice… not. I hate spam. It sucks.
Most of these are so easy to come by that it’s sad to see these practices still in use. Try any good web 2.0 service and you’ll see how to avoid these pitfalls, and learn about encoding dammit. Also if you’re registered to the Belgian newspaper site of Het Nieuwsblad, make sure you check your privacy settings, and skip on some of the spam-features they have. They suck.