Category Archives: privacy

your website sucks in so many ways

Well, maybe not yours, but if it qualifies for the following rules, it does. So check em out.

  1. You can’t store my name. My name contains something called an umlaut which is used in Germanic languages like German (duh) and Dutch for instance. My name either turns up with a missing letter, or I get a funky character instead. It sucks. It means you can’t handle unicode or encoding properly. It sucks.
  2. You send me my password in plain text email right after I register. Well, ok, the email used HTML encoding, but that doesn’t make it any better. Email is not safe. Really, it isn’t, so I’m glad I didn’t use a password that looked anything like a password I use anywhere else. This makes me think your coders don’t know what they are doing.
  3. You chopped off my password after n characters and didn’t even warn me about it. Yep. As soon as I’m done registering I get this error message that my password is wrong. I just gave it to you silly twat, and it’s still in my copy buffer dammit, so it can’t be wrong!? Guess what happens when I do that password recovery thing by the way. Oh yeah. I get my password in plain text again, in my mailbox.
  4. I find out there are some privacy settings in my account settings which where not presented to me when I created my account. How odd? Not really. Apparently I automatically opted-in on a bunch of possibilities to commercially exploit my info. Nice… not. I hate spam. It sucks.

Most of these are so easy to come by that it’s sad to see these practices still in use. Try any good web 2.0 service and you’ll see how to avoid these pitfalls, and learn about encoding dammit. Also if you’re registered to the Belgian newspaper site of Het Nieuwsblad, make sure you check your privacy settings, and skip on some of the spam-features they have. They suck.

Photo by Sinsong, cc-licensed

the right way to block evil website cookies

I posted about this back in 2004 (whooosh, where did the time go right?), but IMHO the best way to block out any evil cookies from ad agencies, tracking sites, or whoever is putting cookies on your machine, is to use a whitelist.

With a whitelist you only allow a handful of sites to put a cookie in your browser. With a blacklist you block all the evil websites that put cookies on your machine. Problem is the last one might be handier, but it’s simply impossible to know all the websites out there that suck. So by only putting the good ones in, and making sure Firefox cleans up all cookies after you close the browser, you end up with a cookie jar with only the best ones in them. Just the way we like it.

So how do you do this in Firefox 3? It’s quite easy really, and it goes like this:

  1. Open the Options window from the Tools menu.
  2. Open the Privacy tab.
  3. Check the “Accept cookies from sites” and “Accept third-party cookies” in the Cookies panel.
  4. Set the “Keep until” dropdown option to “Until I close firefox”. That way, all cookies will be erased when you close the last browser window.
  5. Click the Exceptions button. Enter the domain names of sites you trust putting cookies on your machine. Only those will be allowed from now on.

You’ll see that your whitelist will be quite limited. If you have a different and complex password for every site, using something like KeePass Password Safe makes login in to your favourite sites a lot easier, and even removed the need of adding not so frequently used sites in the whitelist at all.

This doesn’t protect you from a virus or trojan infection, but it does make it harder to track your online trail for any company that ever displayed a banner on a webpage you have been viewing.

Surf safely!

p2p traffic filtered in belgium soon?

Copyright can be beautifull too.It’s not just the Germans that don’t get how the internet works. The Belgian copyright organisation Sabam won a case in the Brussels court against Scarlet, one of the Belgian internet providers, to stop illegal p2p music downloads.

The idea is to use filters on all p2p traffic and block illegal downloads. That might work in theory, but in reality this means Scarlet will have to be building a huge filtering system tracking all p2p downloads from it’s customers. Privacy anyone?
As with all filtering systems, there will be ways to bypass them by using tunnels, or simply making the transfered files unrecognisable for the filters. How about legal downloads btw? How will those filters know the difference?

Sabam is doing the same thing RIAA has been doing in the States. Instead of changing their failing business model and fix their own problem they are putting the blame with the ISPs and forcing them to fix their problem. Instead of finding a way to offer legal music on the internet in a flexible way that people are willing to use, they are trying to block downloads instead, because they want to sell more plastic disks filled with 50% filler people don’t want to hear.

Look at iTunes ffs, it’s not like people don’t want to legally buy music online right?

Scarlet is of course appealing the sentence in court. Hopefully a judge with some more knowledge of the internet will be in charge of that case…

You can find Dutch articles about the case here, and here.

free industrial strenght data wiping

Awesome looking circular saws.It’s hard to believe there are still people who would sell or ditch their old hard drive without erasing the data off it first, but apparently there are. A while ago I prepared an old 486dx2 machine for it’s final trip to the recycle centre (at least, I think they recycle old electronic devices that get dumped at the so called “container park”) and I also wanted to make sure that my data was wiped clean off it, even though I’m pretty sure there wasn’t a lot of vital or delicate personal information on it. No sex tapes or anything like that on there, I swear. Those would be on a more recent machine of course, since making your own kinky vids is just a recent trend….

But to get back on topic, I searched the internet for something that would do the erasing for me, in a professional, yet preferably free and open source manor. Professional, simply because just reformatting or deleting files makes it easy for someone with the right kind of knowledge to retrieve the contents of the data afterwards in a jiffy. Good data recovery tools can do some of that for instance, so we need something that overwrites and mangles whatever is on the drive so that it gets really, really, really hard to get any of it back in the long run.

How about something that uses algorithms approved by the F.B.I. and the Canadian Mounties to shred it’s digital files? How about something that fits on a bootable floppy disk, and wipes all drives in the system you have it boot on? (after selection some options of course, not automatically) Well, if that sounds like something that might just do the trick, you should check out Dareks Boot and Nuke.
It’s free, runs on the most hardware and drive types, is child’s play to use it, and did I say it’s free?

You can choose from 5 different possible ways to wipe your drives clean, and to get that extra warm and safe feeling you can select how many runs in a row it has to perform, just to make sure that everything is nicely turned into digital shred.

I did put a big fat warning label on that floppy though.

googling for porn

You probably heard about this by now but the Google subpoena is a real bitch. So the government wants to invade the privacy of every American, and I’m pretty sure non-Americans such as myself as well by getting search query information concerning kiddy porn. I can’t say I don’t like them fighting that smut though, but they are violating “our” civil rights in the process as well, and that’s a no-no in my book.

Google seems to be the only one that didn’t fold (here’s a big FU to MSN and Yahoo btw, who did turn over the requested data) I’d say they are definitely sticking by their “don’t be evil” motto.

One thing did hit me though when I read about all this stuff. Google has a awful lot of information on all of us using their services. Through your google account they can track your recent web queries, your email traffic, your blogging activity…

I didn’t have a problem with that before, because I trust Google for some reason. Problem is, if they are forced to hand over the data by the government… that trust in Google isn’t worth a damn anymore is it.
I bet a lot of people will be started to look into anonymisers and stuff like that before they start surfing for their dose of explicit nudity in the future…

lets have some acid

I decided to give Acid Xpress a go the other day, to see if that would be a nifty tool in my arsenal of noise generation equipment, and it turns out you can use this piece of software for free, on the condition that you go through a registration process during installation which requires you to give them some information such as your name and address.

Yay!!

Now, since I’m not really the trusting type, I decided I’d take a quick peek at the privacy policy this nice company had provided with the installation to perhaps ensure that the data I submit over the web into their -no doubt- highly secured database is actually safe, and won’t be sold to a network of evil spammers or telemarketers.

Hmmm…

Guess it’s time to invent some bogus info before hitting that Next button.

a bit of privacy

Registering for forums and other sites is something that is required at most of em by now. It’s a pitty because sometimes you just want to check something, or download something from one of those sites without having to go through yet another registration form, because you simply don’t intend to spend a lot of time there in the first place.
Besides, spreading your e-mail address all over the place is just a certain way to get more spam, so that’s just one more reason not to get it into another database.

While a lot of times I just refuse to register, there might be a solution to use the sites features anyway, and stay somewhat anonymous.
Check out BugMeNot, a site that provides a way to “share” user accounts for registration requiring sites. Currently they are up to 19.606 sites, which ain’t bad, but if one ain’t in there yet, you’re free to add it yourself.

There’s even a Firefox extention for it, which makes checking for a usable account so much easier.

Also interesting are ways to keep spam out of your inbox by using free services like Mailinator or SpamMotel

With Mailinator you can “create” any e-mail address on the fly, and check it later on to see if anything arived.
Spammotel works as a forwarder where you can create an unlimited (well, probably not, but I bet its plenty) number of randomly generated e-mail addresses linked to your real address. If spam starts arriving from a certain site, you’ll be able to identify it uniquely, and block it if wanted.

Sweeeeeeet!