Thread Number: 69994  /  Tag: Other Home Products or Autos
Internet Warning
[Down to Last]

automaticwasher.org's exclusive eBay Watch:
scroll >>> for more items
Post# 929174   3/27/2017 at 09:35 (209 days old) by Tomturbomatic (Beltsville, MD)        

The Senate has passed a bill virtually eliminating internet privacy which will make it possible for your ISP to monitor you and your searches, manipulate what you see and sell your personal information to anyone waving money in front of their eyes, EVEN THE CONTENT OF YOUR EMAIL. It is very important to contact your representative in the House and tell them to vote against H.J. Res. 86.

 

I don't think that this is political and placed it here so that all members and visitors could see it. If it needs to be moved, so be it.



CLICK HERE TO GO TO Tomturbomatic's LINK



This post was last edited 03/27/2017 at 10:07



Post# 929201 , Reply# 1   3/27/2017 at 11:52 (209 days old) by Tomturbomatic (Beltsville, MD)        

Torproject.org is a browser that preserves anonymity.

 

duckduckgo.com is a search engine that does not collect data on users.


Post# 929210 , Reply# 2   3/27/2017 at 12:23 (209 days old) by MattL (Flushing, MI)        

I also have a Proton mail account.  I have not used it much at this point but that may change quickly.



CLICK HERE TO GO TO MattL's LINK

Post# 929212 , Reply# 3   3/27/2017 at 12:26 (209 days old) by MattL (Flushing, MI)        

Also I've been kicking around the idea of finding a good VPN for some time, but have not drilled down and found one.  May have to devote some time to doing just that.  Anyone have a good one they recommend?

 

BTW if you do not know  a VPN is :



CLICK HERE TO GO TO MattL's LINK

Post# 929354 , Reply# 4   3/28/2017 at 02:27 (208 days old) by Travis ()        

I wonder what someone searches for that requires anonymity?  The worst I have ever searched for are random celebrities shirtless.  You guys must be really dirty!


Post# 929501 , Reply# 5   3/29/2017 at 00:12 (207 days old) by MattL (Flushing, MI)        

I don not think you understand what is going on.  It is NOT your searches and such, Google and all the others already have that.  It's you SOCIAL SECURITY number, your bank accounts your health issues, your kids any personal info you send.  It is done by your ISP, ATT Comcast, Version or what ever.  They will have the right to do whatever they want with this information.

 

You can become a troglodyte and do everything in person or via mail, bu once that info gets entered into a computer and sent to lets say the main office, all the info is fair game under the new rules.


Post# 929502 , Reply# 6   3/29/2017 at 00:17 (207 days old) by foraloysius (Groningen, the Netherlands)        

foraloysius's profile picture
I have Avast Premium security including an Avast browser with a safety system for online banking and Secureline VPN.

Post# 929533 , Reply# 7   3/29/2017 at 09:06 (207 days old) by Tomturbomatic (Beltsville, MD)        

The bill passed the House yesterday and is on the way to the President's desk for his promised signature.


Post# 929561 , Reply# 8   3/29/2017 at 12:54 (207 days old) by MattL (Flushing, MI)        

Here is something you can do.  I have.



CLICK HERE TO GO TO MattL's LINK

Post# 929585 , Reply# 9   3/29/2017 at 16:42 (207 days old) by Tomturbomatic (Beltsville, MD)        

I just saw a screen crawl  that everyone is furious with the non-privacy law and this includes industries with big bucks. There might be some reconsideration.



CLICK HERE TO GO TO Tomturbomatic's LINK



This post was last edited 03/29/2017 at 17:22
Post# 929599 , Reply# 10   3/29/2017 at 17:59 (207 days old) by Gyrafoam (Roanoke, VA)        
It's too late------

You guys think this is some kind of revelation.

If you go on the Internet at all NOTHING is private. You can spend all the money you want for that false sense of security. It's your money.


Post# 929632 , Reply# 11   3/29/2017 at 22:42 (206 days old) by MattL (Flushing, MI)        

What matters to me is WHO has the data.  I know google and yahoo collect stuff, and I live with that.  But letting ATT or Verison read my emails -before I do -- is a problem I want stopped.  They have no right to know my medical lab test results, my bank balance, my social security number and on and on.  This is stuff I would never put on google.  Yet they will now have full access to ANYTHING.  You are ok with that?  Sorry I'm not.  All in the interest of making a few more $$ off our backs.  We already pay much more for much less service compared to the rest of the world, now they want blood from us.  Plus, factor in the risk of any of these companies being hacked, it would be the mother load of info for any hacker. 


Post# 929652 , Reply# 12   3/30/2017 at 06:38 (206 days old) by vacerator (Macomb, Michigan)        
For sure Matt!

It's total B.S. if this passes congress. Um-peach harvest won't be soon enough either. For the people by the people? No it isn't.
The one who said America first is as much a globalist as anyone is. He makes royalties from properties in Manila, Istanbul, etc., etc.
Now the son in law is the one in charge of reworking government. They know real estate, not govt. They are acting more totalitarian like their money can buy anything. I suspect they want to move the UN so they can redevelop the NY site. It's adjacent to one of his towers.
Many others have worked and paid into everything for at least three decades, only to lose their jobs so close to retirement, and all they got was 22 weeks unemployment and on the street.
They lost their 401k profits, health insurance, pensions, etc. prior to 2009.
Then one of the ones responsible for it gets a cabinet appointment. Disgusting.
I used to think of this guy as a real builder, back in my twenties, when I visited NY city, and Atlantic city. It seemed he was a job maker, and making a run down city better. I could have filed bankrupt also in 2008, but I didn't.
No doubt they'll see this and I'll be on the anarchist list, if I'm not already.
Back in 2008, I got a phone call from a polling agency asking which candidate I liked and which party. I told them none, they all need to go.
Now I'm not a tea bagger either, and I liked Obama.
I've never needed a public assistance hand out, but you can bet if I ever do, I paid into that also.


Post# 929672 , Reply# 13   3/30/2017 at 09:49 (206 days old) by Tomturbomatic (Beltsville, MD)        

Sorry, but it has passed both houses, although the news of that has stirred up a firestorm of criticism and protest. The next step is 45's signature.


Post# 929685 , Reply# 14   3/30/2017 at 10:55 (206 days old) by Gyrafoam (Roanoke, VA)        

The criticism and protest is twenty years too late.

Post# 930178 , Reply# 15   4/2/2017 at 09:03 (203 days old) by vacerator (Macomb, Michigan)        
Medical information

is protected under the HIPPA act, but we're setting up a VPN anyway.

Post# 930264 , Reply# 16   4/2/2017 at 23:53 (202 days old) by earthling177 (Boston, MA)        

Don't count on the HIPPA thing -- not only a lot of things that used to be illegal are now happening, but there are all kinds of loopholes in laws. If I remember right, HIPPA prohibits releasing *your* or *mine* or *their* medical information, but it does not prohibit enough things from happening. I'd be surprised, for example, if it has anything to say about aggregates, randomized info and anonymous info, for example. So, they could gather medical info from say, one million browsers, aggregate them and remove "personal identifying info" from the data and sell it.

So, what's the problem, you ask? It's an aggregate and all personal info has been stripped, right?

Yes. And no.

If you have diabetes in NYC, LA, SF, Boston etc, you are probably safe.

If you have a rare form of cancer and live in Santa Barbara, CA, they might have your data. If you live in a place whose population is less than 10,000 and the "aggregate" offers as little as neighborhood or street name, they may have your file.

The entire problem is more complex than people would intuitively grasp.

For example, there used to be (maybe you can still google and find them) websites that used to offer you an idea of how "unique" your browser is. Things like what machine, OS, fonts browser, memory size etc could all be sniffed and a "unique index" (your system appears to be one in 10 million, for example) would show up even if you were coming thru VPN or TOR (I have not been keeping tabs on that, I don't know if they fixed that "flaw" in TOR), another more recent way to correlate your system with the one using TOR is sniffing the delay the mouse movements ("mouse sniffing") show at the other end, not sure if they corrected that yet or not.

So, maybe they don't know that "Joe Q. Public" who lives in Beverly, MA, USA has such and such medical problems. But if they buy enough browser data from different places, they might find out that a user whose browser/mouse uniqueness is 1 in 50 million lives in Beverly, MA, USA and has this list of medical issues, and data from other websites say that Joe Q. Public lives in Beverly, MA, USA (easy to get from their ISP) and maybe just those two websites, or maybe a third or forth website will correlate the name, the address and the "unique browser".

The good news is that in places where health insurance companies cannot deny coverage for "pre-existing" conditions or, even better, charge people more for having diseases, the privacy of medical data becomes nearly irrelevant.

Cheers,
   -- Paulo.





Post# 930272 , Reply# 17   4/3/2017 at 00:58 (202 days old) by MattL (Flushing, MI)        

Ok Paulo, you are in the biz, what do you recommend?   If anything-  TOR, VPN, ???


Post# 930287 , Reply# 18   4/3/2017 at 05:45 (202 days old) by earthling177 (Boston, MA)        

(Please note massive oversimplification ahead. I know these are not the most accurate ways to put the subject in question in writing. Thank you.)

Matt asked what we can do or what I recommend.

Those two seemingly identical questions can have multiple answers, none quite right for everyone.

Let me start by saying that (a) I have not kept current on privacy/encryption -- that is a big thorny field in and of itself, if you want to even get just a glimpse, I recommend Bruce Schneier's blog (www.schneier.com...); for example, right now, as I look on his site, one of the top stories is how someone found FBI Director James Comey's "secret" Twitter account, from crumbs lying here and there (www.schneier.com/blog/arc..., gizmodo.com/this-is-almost-certa...). Another good article in his blog is about why privacy is important (www.schneier.com/blog/arc...) and why questions like "if you have nothing to hide, why do you care?" are the wrong way to look at things.

I also want to mention that, (b) while my work is fixing mistakes other(s) made, I have quite a lot of friends in fields like encryption, privacy etc, from all kinds of places (academia [we're close to Harvard, MIT, etc], business [Akamai and Google employ an awful lot of folks, for example, and lots of ISPs have big offices around here], government, military [which (sub)contracts with many of the aforementioned companies], banking industry etc). No one agrees on which software or method is safe or even best.

And finally, (c) even if some subset agreed, they probably won't be able to tell you, because of Non-Disclosure Agreements.

One approach, by people who have security clearances, or at least were interviewed multiple times by places like the FBI (background checking) or CIA etc, is do nothing -- they already spilled all the beans to the feds, the important thing for the feds being that there is *nothing* for you to hide from the feds, which leads to next to zero blackmailing. If no one can blackmail you, they can't control you. An awful lot of my friends are exactly on this bandwagon. Mind you, that does not mean that an HMO would not just kill to have their data so they could charge two or three times what they charge another person.

Another approach is to look as much as possible as someone else. Please pay attention here because the details are what matters, and we're not talking about protection from virus/malware, we're talking about *personally* identifying you. If you bought a smartphone or tablet, or even a computer and did not change *anything* to personalize it -- if all your fonts are what came with the machine, you installed no or very few software packages etc, your equipment will look just like tens of thousands of *other* identical machines, particularly if you apply all the updates/upgrades and security patches. If within 2-5 days of a security patch appearing you let the machine install it (like most OSs do automatically), your machine will look almost identical to many others.

Sadly, that's not what people do -- they put a lot of fonts, delete and/or load apps and software, change the locations the software is installed "so it's easier for them to remember/use" etc. All of that makes their machines "unique". And it can be seen from anyone's website as you connect to them.

I'd also like to point out that the "Internet" as we understand was designed and implemented mostly to prevent attacks from breaking it -- attacks meaning either physical attacks (like bombing a city, or cutting cables) or virtual attacks (Denial of Service Attacks, for example), so a major design point was never privacy per se, but resilience and availability, which makes the entire thing route around problem areas and try to deliver your packets.

With that in mind, VPN (Virtual Private Networks) are just a way to encrypt *your* traffic to and from a safe place, say your office, so others can't easily eavesdrop on the *content* of the messages, but might be able to look at the routing, that is which computers are connected talking to each other.

The Onion Router Project (TOR) is not so much worried about protecting the *contents* of your message (although they end up being hard to mess with), but it's worried about protecting the *routing* data from prying eyes, so people (mainly investigators/governments) can't easily find out who is connected/talking to who. They typically route your messages thru something like several thousand machines, each of them only knowing who they got the package from and who they are supposed to send it to, but no much else.

Assembling the info back together is quite an awful lot of work. Think of it as you want to open this door in front of you, and you have a million keys to try -- it might take you a while, and a cop might show up and ask what the hell you are doing while you're at it. But gosh darn it, if one of the first 10 tries opens the door, or you happen to be handy picking locks, you won't need any of the keys.

Encryption *has* its problems.

For example, right now, if I go to panopticlick.eff.org... and click the "Test Me" button, it will tell you my browser is unique, with 17.75 bits of info, and even the info that is mostly common (for example, one in every 64.28 computers have exactly the same fonts I do), one in two computers share my language setting (English) etc. but the combination of all the data makes it unique.

So, suppose on one hand I have this medical file with only a "browser fingerprint" (about a 32-digit number), and on the other hand, I just happened to have your name, address etc *and* your exact browser fingerprint. All of a sudden, it does not matter to me if I am interacting with you thru VPN or TOR, it's very likely you are the person I'm looking for, and if I get just a few more bits of information, I might seal the deal. It's as if I did not *need* the keys to "decrypt" your front door anymore, because you left your front curtains open and I can read the titles of your books which are visible to me thru binoculars. More or less.

For even more information, please see panopticlick.eff.org/about..., www.eff.org/deeplinks/201... and Wikipedia also has an article about TOR.

It should go without saying that one should NOT have Flash installed at all, if you don't NEED Java, remove it, and you should limit the availability of java script for use by websites -- the last one is becoming difficult to do, many websites will not function correctly without java script enabled. (As you can see here, it's even difficult to *mention* the language properly without convoluted ways, most properly coded websites will strip it to sanitize their inputs.)

Some of my friends claim (I have not checked that for their "truthiness", like Stephen Colbert said) that the very act of using VPN or TOR can actually *attract* attention from the feds. Hard to say.

Ideally, we should curtail what kind of useful things people could *do* with our info, for example, by whacking the insurance companies over their collective heads and telling them: you are a *licensed* operation, and you lose your license if you start surcharging for certain diseases and pre-existing conditions. Tell some countries in Europe that you need to *hide* the fact that your grandma died of cancer or diabetes and they look at you funny, like you've grown 3 heads.

Sometimes I think we should charge people for abusing their powers -- for example, recently, radio stations around here started broadcasting advertising over the mechanism that is supposed to tell the listeners which radio station and song/singer we are tuned to. Isn't that just great? Now instead of paying attention to driving, they want us to know the latest discount the local tire store has for you! But wait! There is more! Call now! Operators are standing by! Maybe if the people involved with the ads had to pay for the car accidents, they wouldn't be so keen on using this "cheap" channel that "no one is using yet" -- that might have killed email spam, telemarketers etc, just like it almost killed people faxing you ads, but that requires judges to have a clue or two.

Cheers,
   -- Paulo.


CLICK HERE TO GO TO earthling177's LINK


Post# 930298 , Reply# 19   4/3/2017 at 07:23 (202 days old) by Liberatordeluxe (Chelmsford, United Kingdom)        
Privacy

@Tomturbomatic I'm in the UK but none the less I take privacy very seriously like yourself. Would be interested to know which email provider you use and what computer. Do you use Chrome book or Windows or are you an Apple user?



Post# 930319 , Reply# 20   4/3/2017 at 10:21 (202 days old) by vacerator (Macomb, Michigan)        
Maybe the

Prez will veto?

Post# 930521 , Reply# 21   4/4/2017 at 07:50 (201 days old) by vacerator (Macomb, Michigan)        
No,

he signed the totalitarian law.

Post# 932586 , Reply# 22   4/15/2017 at 19:11 (189 days old) by Tomturbomatic (Beltsville, MD)        
Nobody has to use the internet

From Raw Story via JMG: GOP Rep. Sensenbrenner from Wisconsin said this at a town hall when a constituent asked about internet privacy.



CLICK HERE TO GO TO Tomturbomatic's LINK

Post# 932591 , Reply# 23   4/15/2017 at 19:21 (189 days old) by LordKenmore (The Laundry Room)        

lordkenmore's profile picture

I wonder if Sensenbrenner is one of those politicians who wants to shove the hands of time to 1950-something when the Internet didn't even exist?


Post# 932761 , Reply# 24   4/16/2017 at 14:49 (189 days old) by warmsecondrinse (Fort Lee, NJ)        

And we end users have been and always will be at a disadvantage. We have limited time, skills, energy, etc. to devote to keeping our info private, while those trying to obtain it are more likely than not PAID to do so and have both more skills and more resources. Have I missed something there?

As I understand the situation, whom you're 'talking' with online and the content of your conversation are two totally separate things. What safeguards one should not be implied to safeguard the other. Do I have that right?

I have read many times that using TOR is sort of like announcing that you're hiding something. I have NOT read that at all about VPN's. Any idea as to why?

The picture I get from what I've read is that the best the average user can do is to make his online information require more time and energy to cull, given that there's rarely a live person zero-ing in one person's internet activity at a time. It's usually automated. Sort of like putting a Club on your steering wheel. It doesn't actually stop a thief, but it DOES increase the chances of the thief moving on to another car as breaking The Club requires additional time and energy. Have I got that right?

In terms of what the average guy (like me) can do, a few starters are:

- Use something other than Windows. A non-Windows OS requires more man-hours of live people per computer hacked.

- Use an e-mail whose servers are not in the U.S.

- Use a lesser-known browser.

I.e., you can't actually make your data more secure, but you CAN increase the number of hoops a given data slurper must jump through to get it.

Corrections, please.

Thanks,

Jim


Post# 932904 , Reply# 25   4/17/2017 at 11:03 (188 days old) by Liberatordeluxe (Chelmsford, United Kingdom)        

@Warmsecondrinse would you say Apple computers and phones were better for Privacy than Google?

Post# 932946 , Reply# 26   4/17/2017 at 14:34 (188 days old) by warmsecondrinse (Fort Lee, NJ)        

That's an excellent question. My understanding is that Apple and Linux systems are marginally more secure than Windows, but that's not where the actual security comes from. It's from economies of scale.

Let's say (for easy numbers) Apple in on 20% of home computers and Linux is on 10% of home computers in the U.S. Windows is the other 70%. If it takes 100 man-hours to create some sort of malware, that malware is usable to attack 700 out of 1000 computers if you design your malware to attack windows systems. Whereas if you design your malware to go after Apple, you can only attack 200 and 100 if you design it to work against Linux. Which operating system does it make more sense to attack?

Since there is a small but measurable difference in the inherent security of the systems, I'd guess the actual man-hours required in my example for Apple and Linux malware would be more like 110. A small difference, but it is there.

But there's much more involved. Apple does a fairly good job of making sure anything that is available on their products meets their standards. So the question becomes: How much do you trust Apple?

With Linux the oversight is from a large community of people. Linux is "open source" meaning that literally anyone and everyone has full access to most everything. This means that someone up to no good is much more likely to have his misdeeds spotted and broadcast by other hackers and geeks rather more quickly than if the same were to happen to Windows or Apple. Also, there are specific varieties of Linux (called 'flavors') whose owners have tons of money invested in their unique flavors. They tend to move EXTREMELY quickly when any kind of problem is discovered.
-------------------

Android (Google) is another kettle of fish. Historically, Google has done a very, very poor job of vetting apps that are allowed onto its devices. That has changed somewhat in the past year or so. From what I've read Google has become more strict.For example, why would a keyboard need access to your location? It doesn't. Previously a keyboard could do that without telling you. NOW, the maker of the keyboard has to provide at least a token explanation to Google why it needs access to your location AND must specifically ask you for permission in plain English to do so.

The thing with Google is that Google sells advertising based on what you do. The danger is more alack of privacy from 'Big Data'. On the flip side Google has become more up front about it and has opened up more ways for you to keep track of what data you do or do not share. That takes time and energy. And again, we're back to trust: How much do you trust Google to not access your location when you have your GPS set to 'off'?

And all of the above is a HUGE oversimplification. I'm sure I've got a few things wrong and the wizards here will correct them and provide better examples.

Jim


Post# 936725 , Reply# 27   5/6/2017 at 06:33 by jp10558 (Southern Tier, NY, USA)        

No OS is safe unless you know what you're doing, and even then there's plenty of bugs. Heck, the Intel hardware is bugged - look up AMT at some point. That said, there's a few differences. Google Android and Windows (10 anyway) are basically designed to spy on you and report directly to the vendor, Google or Microsoft respectively. Apple - who knows. Right now they claim they respect privacy, but you'll just have to trust them. I think they're marginally better than the others, but really you have to go FLOSS (i.e. Linux, BSD, etc) to have some chance of control of the OS. Then there's the VPN aspect. Google "that vpn guy" for a big spreadsheet of what can be gleaned from commercial vendors. Even then realize you can "thwart" your ISP and Google or Microsoft to some extent by using VPN and not using their OSs, but if you then go and use their services like GMail or Outlook.com, they know everything you do there.

I don't think you can realistically thwart the government via technology - that's a political / legal battle. And good luck. Don't break a law the NSA or CIA is going to care about and you're probably fine. The bigger issue is things like the WikiLeaks Vault 7 where the tools get released to everyone including the cyber criminals. Have lots of backups ...


Post# 938608 , Reply# 28   5/15/2017 at 04:40 by mieleforever (SOUTH AFRICA)        
On a side note

My firm's server has been attacked by ransomeware about a week and a half ago. What an absolute nightmare.

It cost us about a week in down time and a lot of money to have the machine fixed, modifications done to the server and other machines to try and prevent such an attack from happening again.

And now I have read that there is a major bug out that will try to get a hold of your machine's information. This is really terrible and I just hope that it does not happen again.

So to evereybody out there take every precautionary measure you can to protect your investment and machines.

Regards


Post# 938629 , Reply# 29   5/15/2017 at 09:23 by warmsecondrinse (Fort Lee, NJ)        

I use Linux (Ubuntu, to be exact) and I can tell you that no major skill is required to install and use it problem free for research, e-mail, etc.

But here's an example of what IS a problem:

I'm assembling a calendar of weekend events with an eye toward sharing it with friends. If I use Google Calendar I can send event info from the website to the calendar with just a few clicks. With every other calendar I've tried to use it is immeasurably more complicated. I get asked multiple questions I've no way to answer. I've spent hours I really don't have trying to assemble this calendar without using the data slurpers. I've gotten nowhere.

IMO, a major reason Google is taking over is the same that Windows XP was so successful: It just works. People may want to avoid google and microsoft, but the desire to do so and the willingness to do the necessary work does not make the required resources magically appear. Google and Microsoft have figured this out:-(





Forum Index:       Other Forums:                      



Comes to the Rescue!

The Discuss-o-Mat has stopped, buzzer is sounding!!!
If you would like to reply to this thread please log-in...

Discuss-O-MAT Log-In



New Members
Click Here To Sign Up.



                     


automaticwasher.org home
Discuss-o-Mat Forums
Vintage Brochures, Service and Owners Manuals
Fun Vintage Washer Ephemera
See It Wash!
Video Downloads
Audio Downloads
Picture of the Day
Patent of the Day
Photos of our Collections
The Old Aberdeen Farm
Vintage Service Manuals
Vintage washer/dryer/dishwasher to sell?
Technical/service questions?
Looking for Parts?
Website related questions?
Digital Millennium Copyright Act Policy
Our Privacy Policy