Find the answer to your Linux question:
Page 1 of 4 1 2 3 4 LastLast
Results 1 to 10 of 31
Like Tree2Likes
I searched the forums a bit but didn't see this particular link posted anywhere so here it is for anyone that prefers not being followed all over web by the ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    oz
    oz is offline
    forum.guy
    Join Date
    May 2004
    Location
    arch linux
    Posts
    18,733

    Tips Regarding Internet Tracking and Your Privacy


    I searched the forums a bit but didn't see this particular link posted anywhere so here it is for anyone that prefers not being followed all over web by the overly nosy:

    Fix Tracking!

    While I don't go to places online that I would be embarrassed about, I still don't want someone following me everywhere I go online just like I wouldn't want that happening when at the shopping mall, or the grocery store. In fact, I walk out of those places where an employee follows me around after they've been told that I don't need any help.

    If any of you have additional tips, don't hesitate to post them.

    Thank you!
    rokytnji likes this.
    oz

  2. #2
    Linux User Steven_G's Avatar
    Join Date
    Jun 2012
    Location
    Western US
    Posts
    392
    OK, not trying to be a butthead oz (but just saying) for the tabs on the left-hand side of that site to work you'd have to have java-scripts enable in your browser. I'm sure that site is fine. But, if you don't want to be tracked in general then having js enabled by default in your browser is bad mojo.

    My recipe for *minimal* browser security (it can and does get more intense than this for banking, this is just to surf the web):

    There's a lot here and it's in no particular order.

    1) Have AppArmor installed with the utils suite added to it. Utils contains a set of AA configuration tools and a non-default set of AA profiles; including a non-default profile for FireFox. Or you can build a non-default AA profile or use SE-Linux.

    2) In browser configuration:
    A) Edit / Preferences / Privacy = Tell websites I do not want to be tracked.
    B) Edit / Preferences / Privacy = FireFox will use custom settings for History,
    Also Uncheck "private browsing" , "remember search" and "remember history"
    Check "accept cookies", uncheck "3rd party cookies"
    Keep until: Ask me every time
    Keep cookies only for session
    And only keep cookies on sites where an interactive dialogue occurs; such as when you sign in here or your web mail or check the weather by zip code or shop for cars or pay bills. All “non-interactive” cookies are for tracking purposes only.

    3) Use a document reader like evince, instead of the built in FF PDF reader. You'll have a smaller exposed potential exploit footprint.

    4) Set your downloads to ask every time instead of automagically being dropped in to the downloads folder. Even FF is susceptible to driveby Dls. And tell the DL dialogue box to pop open on DLs. This might give you a visual cue on a driveby DL.

    5) Install NoScripts and learn how to use it and configure it. Basically, when I set up a new browser installation I remove all the exceptions and just add back the ones I actually use as I use them. On the “Embeddings” tab forbid everything EXCEPT DO NOT apply the restrictions to white listed sites too. In the advanced / untrusted tab check all boxes. All of the other defaults should be correct.

    6) Install Ghostery and set it up to automagically block everything (pretty straight forward).

    7) Install Ad Block Edge, not Ad Block Plus. Edge is a fork. The author of Plus was under pressure to let a lot of crap slip by and here recently more and more exceptions for crap keeps creeping in to the default installation. Edge strips that crap out and is 100% compatable with Plus lists and plug-ins; ignore errors messages to the contrary. Subscribe to Fanboy's list.

    8 ) StartPage makes an excellent search engine.

    9) Install “New Tab Homepage”. Do no use the default new tab (which shows lots of previous tabs) as this fun little tool will pull up fun stuff like oh, A COPY OF THE BANK PAGE YOU JUST LOGGED OUT OF! OOOPS! Set StartPage as your homepage; it's customizable and you can install the engine to your browser.

    10) Google EverCookies, SuperCookies and LSOs (local shared objects [flash]). Basically these nasty little pukeburgers write themselves all over your system in lots of places cookies don't normally go and where you would never think to look for them; which is the point. I have tried recompiling FF to reject the @#$%^& things. And doing so will break 98% of the web, literally. Even cookie management won't keep them out. The only way I've found to manage them is to run BleachBit between sessions. They can still track you in session, but at least they can't build a profile of you that spans sessions; at least not easily.

    11) Install BetterPrivacy and learn how to configure it. It will help with the LSOs and SuperCookies, but not the EverCookies.

    12) Install Calomel SSL Validation. This will tell you just how strong HTTPS is at your favorite sites. (Like your bank, really wanna peeve somebody off? Call your bank and tell them to quit using weak encryption!) It also has options in it to configure FF to write the cache only to RAM and not the hard dsik.

    13) Install WOT, everybody should already know this one.

    14) Edit / Preferences / Security / Warn me when a site tries to install addons / execptions = Make sure the box is checked and all exceptions are removed. This hole combined with driveby DLs was infecting peoples browsers with bad addons not long ago.

    15) about:config
    dom.storage.enabled set to false
    geo.enabled; set to false
    network.dns.disablePrefetch; set to true
    network.dns.disablePrefetchFromHTTPS; set to true

    16) Block pop up windows on the content tab. Block attack sites and web forgeries on the security tab.

    17) Install Passive Recon and learn to use it. You'll have a much better idea of who's really on the other end of the connection.

    18 ) The Modify Header plugin will allow you to drop the user-agent string of a different browser / OS in to your broswer so you look like something you're not. This is a really easy way to protect yourself when you accidentally end up at malicious / compromised sites. Such sites often employ automated scanners that indentify the type of system that you have and customize their automated attacks to your system. So, when they attack me they are attacking FF 5 on XP!. BTW, there is an identifying string generated by FF that cannot be obfuscated - last I heard. So, if you run FF never change your header to say that you're on something elses like IE. You'll give yourself away. Instead change your OS and FF version.

    19) Install Webmail Ad Blocker.

    20) Install unplug and rip flash video from remote pages to local storage. This will strip out a ton of tracking crap.

    21) Install AskForSanitize and Secure Sanitizer and configure them to do a DOD 3 pass wipe of the cache on browser shut down. But, be sure not to tell either FF or the sanitizers to clean site preferences on shut down or you'll lose your per site cookie settings and your per site NoScripts settings.

    22) Install Search Engine Security.

    That will get you a good start on having the tools necessary for basic web privacy.

    If anybody really wants to go down the rabbit hole let me know and I'll pick up from here and give tips for setting up a banking machine.

    I covered a lot of this here.

  3. #3
    Penguin of trust elija's Avatar
    Join Date
    Jul 2004
    Location
    Either at home or at work or down the pub
    Posts
    3,529
    Also install easylist to your ad blocker. At the moment in ABP you can turn off acceptable ads.

    A simple way to deal with LSOs is
    Code:
    mv .macromedia saved-evil-stuff
    ln -s /dev/null .macromedia
    and boom! When you are happy things are working you can delete saved-evil-stuff.

    Install the HTTPS Everywhere extension from the Electronic Frontier Foundation.

    I always say that you can't stop yourself being tracked around the Internet but you can make the bastards work for it!
    What do we want?
    Time machines!

    When do we want 'em?
    Doesn't really matter does it!?


    The Fifth Continent

  4. #4
    Linux User Steven_G's Avatar
    Join Date
    Jun 2012
    Location
    Western US
    Posts
    392
    Well BB will "flush" LSOs, so I haven't messed with moving directories around. And easylist is a good addition to either version of AB.

    There's a big arms race going on in the privacy space. Almost as soon as somebody comes up with a new snooper somebody else comes up with a new counter; which is then countered.

    Custom configuration is *very* important to system sec. The more non-standard you are the harder you are to crack (usually, unless you do doofus stuff). But, if you get too non-standard then the counter punch will not work for you either.

    Balance.

    And elija is right: Tracking is an odd duck. You can never get away from it completely. And if you get away from it too much you actually become more tracable by not being trackable enough.

    Balance.

    I have two more "levels" of privacy in my playbook: Banking and Spooky. All three levels are progessive. So the one above is Basic, Banking builds on that, Spooky builds on banking.

    I use HTTPSEverywhere for Banking along with a lot of other stuff.

    For Spooky a Banking setup (with no actual banking info) gets dropped in to Tor along with a lot of non-standard stuff that you don't normally see coupled with Tor.

    The results do not make me UNTRACKABLE!. They make me ~untrackable.

    The difference?

    My guestimate (based on lots of stuff I've read) is that there are probably well less than 25K people on the planet that can make a machine become that big of a pain in the @$$ to track. With <25K people out of ~2B people on the net being that hard to track you stand out to the algo's like a friggin beacon!

    Thus the act of becoming "untrackable" actually makes you more trackable. You might as well stick a flare up your nose because the potential pool is so small that it is very easy for the algos to separate you out from each other based on individually distinguishable characteristics like the neuro-lingustic patterns in your writting samples.

    Balance.

    The only way to "defeat" tracking is to starve the bastards of information.

    Setup a basic profile and disrupt their profile building without standing out too much.

    Set up a banking machine so you don't have script kiddie headaches.

    Go spooky only when you absolutely have too so that there is as little information as possible for the algo's to associate back to you from that user mode.

    We now return you to your regularly scheduled program.

  5. #5
    Linux Newbie SL6-A1000's Avatar
    Join Date
    May 2011
    Location
    Australia
    Posts
    120
    Quote Originally Posted by oz View Post
    I searched the forums a bit but didn't see this particular link posted anywhere so here it is for anyone that prefers not being followed all over web by the overly nosy:

    Fix Tracking!

    While I don't go to places online that I would be embarrassed about, I still don't want someone following me everywhere I go online just like I wouldn't want that happening when at the shopping mall, or the grocery store. In fact, I walk out of those places where an employee follows me around after they've been told that I don't need any help.

    If any of you have additional tips, don't hesitate to post them.

    Thank you!
    Next time your in a shopping mall take a water pistol with you or a supersoker and next time an employee follows you around. Catch them off guard or wait for them to approach then bring out the water pistol and soke them... hehehe :P

    If you want to be really mean you could fill it with barbecue sauce or something like that but that's probably overkill.

  6. #6
    Linux User Steven_G's Avatar
    Join Date
    Jun 2012
    Location
    Western US
    Posts
    392
    I found a new privacy plugin to test. It's still in beta, but the concept is pretty cool: GoogleSharing.

  7. #7
    oz
    oz is offline
    forum.guy
    Join Date
    May 2004
    Location
    arch linux
    Posts
    18,733
    Quote Originally Posted by Steven_G View Post
    I found a new privacy plugin to test. It's still in beta, but the concept is pretty cool: GoogleSharing.
    Thanks... just read their webpage and that looks like a good one to have in place with google being so overly nosy and all!
    oz

  8. #8
    Linux Enthusiast cousinlucky's Avatar
    Join Date
    Dec 2005
    Location
    New York City
    Posts
    676
    Oz, many years ago a friend told me about a shoplifting gang that would send in two or three male decoys into a large store and a few minutes later the female thieves would go to work robbing the place blind while " security " stuck to the decoys like glue!! I'm old and use a cane so when store security is stalking me in a store I ask the manager to call the police because I think the guy might be trying to rob me!
    PCLinuxOS Gnome and PCLinuxOS Mate
    Linux user # 414321
    You Should Not Give In To Evils, But Proceed Ever More Boldly Against Them!! -from book six of Virgil's Aeneid
    Everything Within The Universe Is Related; We Are All Cousins!!

  9. #9
    oz
    oz is offline
    forum.guy
    Join Date
    May 2004
    Location
    arch linux
    Posts
    18,733
    Quote Originally Posted by cousinlucky View Post
    I'm old and use a cane so when store security is stalking me in a store I ask the manager to call the police because I think the guy might be trying to rob me!
    That's a great one, cousin L ... I'm gonna remember it and maybe use it myself the next time it should be called for!

    Edit: just to add that if you aren't sure that someone who is following you around is an employee, you could always call 9-1-1 for the same reason as above. After the police show up a few times, maybe management will consider changing their tactics.
    Last edited by oz; 02-27-2013 at 05:38 PM.
    oz

  10. #10
    Linux User Steven_G's Avatar
    Join Date
    Jun 2012
    Location
    Western US
    Posts
    392
    Well, I've been playing with the new addon all day. This is what I came up with:

    If you use no google sign in services like gmail or video chat then the propper configuration is to deny all google cookies locally in FireFox and allow java-scripts requested by google services like .com, static, (on some sites you might need to enable stuff like js for apis or ajax, etc) in NoScripts. You also need to allow google redirects in both FF and NS.

    In this configuration,with no local google cookies (which means they have no "on-machine" way to track you) all non-sign-in google services (like map directions) have worked for me without a hitch all day.

    But, this configuration will break any google sign in services; which you shouldn't be using any way because they're evil. They're the biggest friggin tracker on the planet and they're in bed with the guberment up to the tips of their stylishly frosted hair.

Page 1 of 4 1 2 3 4 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •