Feb 11, 2013, 05:28 PM
|
#26 | |
|
Quote:
;-) Back on topic, I'm surprised no one has mentioned Tor yet: https://www.torproject.org/ Meets all her requirements: open-source, highly anonymous, nearly untraceable. If you're really paranoid, then with all the other proxies, e.g. hidemyass from post #2, you'll have to worry about honeypots. That means the proxy operator itself might have an interest in tracking you or even be set up by malicious parties. Tor involves chaining of and fast switching between hundreds of proxies, so even if one of them is compromised, it still maintains your anonymity. As for "What kind of footprint is my MacBook leaving behind?", use Firefox and install extensions:
Last edited by svenr; Feb 11, 2013 at 05:40 PM. |
||
|
0
|
|
Feb 12, 2013, 09:47 AM
|
#27 | ||||||||||
|
I'm back! (Had Internet issues yesterday afternoon, and lost my message.)
Quote:
 Quote:
Quote:
Quote:
Quote:
Although I think my larger concern is just the whole "Big Brother is watching you" thing. My goal is to make sure that when I connect to the Internet and surf the Internet, it is not like I'm leaving a trail of breadcrumbs so obvious that everyone and anyone can see my every move. And it is my fear that if you don't do things like: Hiding your IP, Hiding your MAC Address, Maybe Surfing over Encrypted Connections, and so on, that you might as well be driving around with your Name, Address, and Social Security Number on the back of your shirt?! But then I just don't know, because unfortunately, I am ignorant about Networking and Security in the scheme of things...  Quote:
Quote:
Quote:
Quote:
Well, isn't there anything I can do to avoid the Gov't or Corporate America from tracking my every move online? What are your thoughts on this "Hide My Apples" program? Sincerely, Debbie ---------- Quote:
Debbie |
|||||||||||
|
|
0
|
|
Feb 12, 2013, 10:22 AM
|
#28 | |
|
Quote:
I don't mind that you know my Name (First), or Location (State), or my Profession (Business Analyst), because it helps make things more personal, when you at least know someone's First Name and some basic information about them. More so, knowing just those things is pretty useless information for any other purpose. However, the fact that others can log things like... - When I access the Internet - Where I access the Internet - What equipment I use to access the Internet - What I look at while on the Internet ...could totally impact my Privacy, Security, and Freedoms that I've come to expect as an American?! It is probably due to my ignorance of Networking and Web Security, but I have this growing fear that people might be able to identify my particular computer, and once they do that, they could track me wherever I go online, just like there is a GPS unit sewn to my side?! With each passing month, I read more and more in the news how in the U.S. and abroad, both "good" and "bad" Internet users are tracked and often persecuted and jailed because of their actions and affiliations. (Thank God I don't have to live as a female in a country like Pakistan...) Again, I think my online activities are pretty tame, YET I don't like the idea someone, somewhere, is amassing this gigantic file on everything I've ever done online... Think about it, just by looking at my browser's cache or my Internet activity, you could figure out... - Where I work - Where I shop - Where I bank - Groups I belong to ...and so much more?! It seems to me that there ought to be lots of ways to not leave such an enormous bread-crumb trail of my daily activities, and that is the latest "kick" that I'm on...  Sincerely, Debbie |
||
|
|
0
|
|
Feb 12, 2013, 10:32 AM
|
#29 | |
|
Quote:
I would be very interested in hearing what you have to say. (This has turned into a fascinating thread!) Sincerely, Debbie |
||
|
|
0
|
|
Feb 12, 2013, 11:06 AM
|
#30 |
|
Personally, I think there are a few simple things that just make sense to do... in priority order for me:
1) Use a VPN whenever at a public hotspot - Sidejacking is too trivial to accomplish. I use a commercial product (Witopia), but I am sure there are open source ones as well. 2) Encrypt your HDD. I turn on File Vault II right away 3) Turn on your firewall. /Jim |
|
|
|
1
|
|
Feb 12, 2013, 11:55 AM
|
#31 | ||
|
Quote:
I agree and disagree with some of what you are saying. I agree that we give away way too much information, as a matter of course, in our daily lives. But we disagree where to prioritize our efforts. Do you read the privacy statements that your bank makes you sign? Recently my bank wanted me to agree to several paragraphs that gave them permission to give my information to their related (and unrelated) affiliates... when I was there to register as a signing officer for a non-profit group I belong to. Oh, they sputtered and fumed when I crossed out the whole page and initialed it (to make it legal). Told me I " ... couldn't do that!" I pointed out that I just had. And in end they accepted the paperwork. I do that kind of thing with just about every facet of my life ...I read the privacy statements and tick the 'no' box or cross off the paragraph. One time we were declined for a mortgage because we refused to the sign the contract with the marketing clauses intact. I'm belabouring that point because these are examples of privacy intrusions that are truly dangerous. What you do on internet is too random, and it's too easy to block ads. Get a few Airport Expresses when you travel. Each one has a different MAC address. You plug them into the hotels ethernet port, and connect wirelessly with your laptop. It's also usually a faster connection. Your laptop's MAC address is now hidden from the hotel. On the internet I'm pretty sure all anyone will see is one of the hotel's routers MAC addresses. If you are still worried, upgrade your laptop annually. New machine ID each year means all the previous info is useless. Block cookies. That will do more to preserve your anonymity, and is easy to do. Institutions you deal with have much more ability to track you. Mainly because we usually agree to it... even if we don't know it at the time. Credit and debit cards are very closely tied to a real identification, and since new cards are issued by the people with the file - getting new card doesn't clear the file (like getting a new laptop does). Do you shop at Target? Do you have a loyalty card? Really scary story recently in the NY Times about how they track customers. They got so good at predicting when someone was pregnant (and started sending coupons for things that expecting moms might want) that people got scared. So - they still send the coupons (business is business, after all) but they bury the coupons in a random selection of other coupons that they know you don't really want - but they act a camouflage. But - on line... it's too easy to fool the trackers. Sometimes I will spend an hour or two looking at stupid cat videos (actually, 'playing' while I do something else) just to mess with Youtube. You can set up several different identities to use in different places. Different browsers as well. Surf from different locations. Change your machine and even if they have been tracking the machine, it's in someone else's hands now. ---- By the way... by doing bit more sleuthing - and not much more .... I know a bit more about the persona you are using than what you have told us here. Did you know you can Google search on a specific photo? And that leads to other forums you are on, and if I wanted to register I could look at your profile there and read all of your posts and probably get more details to start putting together a more complete profile? Of course, what we don't know is if your name really is 'Debbie' and whether you used a real photo of yourself. -------- If you travel, encrypt your HDD. Read the latest MacWorld magazine on security. It has one of the best general round ups on computer security I've seen in a while. ------ Quote:
--- I've gone on far too long... but really.... you are right to worried about your privacy... but you are probably barking up the wrong tree in the forest.
__________________
My friends, love is better than anger. Hope is better than fear. Optimism is better than despair. So let us be loving, hopeful and optimistic. And we'll change the world. - Jack Layton |
|||
|
|
1
|
|
Feb 12, 2013, 12:09 PM
|
#32 |
|
Debbie, it isn't true that the information you gave in your profile is useless.
A few minutes ago I used that information (plus a guess about something I didn't think of yesterday) to get to a professional site where you have a major presence (2,657 posts). I joined that site, which meant I could look at your postings, and if I were a bad guy, I'd be in a position to monitor what you're interested in, offer suggestions for solving problems that could reasonably lead to my asking you for contact information or a private meeting . . . and on from there. My guess is that because the site's the kind of site it is, I could get you to reveal information that you wouldn't reveal on a site like MacRumors. I won't name the site on here, of course. But if you go to it -- you must know the one I mean -- you'll find a new user "monokakata." Now I have to figure out how to resign from that site, because not only do I mean you no harm, I'm not involved in the matters taken up by the site. My point is the same one I made yesterday -- even when we think that an online profile doesn't give enough identifying information to track a person, it certainly can. And I'm an amateur. I'd guess that anybody who wanted to know my personal details could look through my postings for occupation clues, take my user profile and add that information to it, and find me quite easily. Try it, Debbie. I won't make you endure all my postings looking for occupational clues, though. I'm an anthropologist. The rest you can get from my profile right here on the sidebar. If it takes you or anybody else more than a few minutes to find me, I'll be surprised. I'm not trying to hide from anybody, so I've taken no care to cover my tracks. How about not putting my street addresses and phone numbers in any reply you make here, though. |
|
|
|
2
|
|
Feb 12, 2013, 01:46 PM
|
#33 |
|
That is of course assuming that the person calling her/himself Debbie, actually is a Debbie and not a Sara, Jack or Chen Ling. And that the picture hasn't simply been lifted from Facebook or any random website. It's so easy to lead anyone down a wrong track ...
|
|
|
|
0
|
|
Feb 12, 2013, 02:56 PM
|
#34 | |
|
Quote:
 Dale@DEFCON 3
__________________
How to Post, Quote and Multi-Quote Photos - My Google Docs Folder 12/2011 I'm out of my mind, but feel free to leave a message. |
||
|
|
0
|
|
Feb 12, 2013, 03:39 PM
|
#35 | ||
|
Quote:
It all sounds very good, but to play devil's advocate... 1.) Why should I trust Witopia? If you think about it, there is virtually no way of ever knowing if any of this Privacy and Security stuff really works. (Anyone here smart enough to review the code for PGP or an RSA key fab to know if it does what it says?! Certainly not me!!!) 2.) Are there any competitors (Proprietary or Open-Source) out there to compare against? 3.) Pardon the newbie question, but is it possible to create your own VPN, or does that require infrastructure equivalent to the cable company? 4.) How would I use a "Personal VPN" with respect to Free Wi-Fi at Starbucks, or my Hotel Room, or - if I get one - a Data Plan with Verizon? Is Witopia something that sits on top of the actual "Internet Plumbing"? 5.) Related to #1... Don't you ever freak out when it comes to trusting all of these IT Security companies and their Security Products?! I think I'm smart enough to know when Microsoft (or Apple) is "pulling the wool over my eyes", but when it comes to Security stuff, I'm way over my head. In some ways, that worries more than the Bad Guys themselves. Why, because I am entrusting my personal data (and life) with some big, cold mega IT-Security corporation that is ultimately driven by PROFITS... Millions of Americans trusted Goldman Sachs and Bank of America with their $$$, and look what happened... I am learning SO MUCH in this thread, but pardon my increasing skepticism as the conversation evolves!! Quote:
Thanks for the tips, Jim!!!  <--- I think this is how you say "Good job" on here?!  Sincerely, Debbie |
|||
|
|
0
|
|
Feb 12, 2013, 04:04 PM
|
#36 | |
|
Quote:
How do you know that someone is not physically following you? Twenty yards behind you, and across the street? Maybe there is a tracking chip on your car? In your purse? Hidden cameras in your office? A drone with a camera following you from up high. You don't ... but you also probably don't worry about these things (too much) either because rationally you know that you are not doing anything to justify that kind of effort. Probably. So you get on with your life, enjoy the things that really matter. You make a reasonable assumption and balance the very low risk of being surveilled with the effort needed to thwart it. If you were in a business that could make you a target, then you would take actions that - on balance - mitigate the risks. Most of them. And get on with your life. Heck, even the President of the USA does things (occasionally) that may be risky because he has decided that the activity is 'balanced' by the security. Most of the actions and products you are considering are being hawked by people who make money by feeding on your fear. Or they just get their jollies making people afraid. Block your Cookies. Encrypt your harddrive (File Vault II is much better than the FV I - which is probably the review you are reading) and stay away from people who are professionally scared.... Also, if you are that worried... don't sign up for loyalty programs, use cash where convenient. Don't use a cell phone. Start expunging your Social Security number from all of those places that you've used it as a form of ID. I mean, really... does the video store really need your SSN to prove who you are. And get on with your life. Also... if the government to get to know you they'ed just get the records from your cell phone carrier, your bank, your credit card issuers.. Much much easier, and much more complete than trying to track your laptop and online activities. If an international hacking group wanted to get to know you they'd do the same, but without the warrants.... wait, does the US government need warrants anymore?  
__________________
My friends, love is better than anger. Hope is better than fear. Optimism is better than despair. So let us be loving, hopeful and optimistic. And we'll change the world. - Jack Layton Last edited by snberk103; Feb 12, 2013 at 04:12 PM. |
||
|
|
0
|
|
Feb 12, 2013, 04:26 PM
|
#37 | |||||||||||||
|
snberk103, you sure know how to humble a girl?!
I'm not sure if I should be more paranoid and worried with all you have written, or if I should feel better, because I have new information to protect my privacy?!  Quote:
Quote:
Quote:
Also, one of my biggest fears is be tracked back to my physical computer. So, in my case, where I am away from home and using my MacBook, is there any way to ensure that I cannot be traced back to my physical machine/device? (To say I logged in at Starbucks in Michigan doesn't mean much, but to say Computer #12345 access MacRumors.com on Feb 12, 2013 does seem pretty damning to me...) Quote:
Is it the MAC address? And where is that stored? Is it on your Motherboard? Or is it on the HDD? Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
But my point was that the Internet and Computers carry much more weight than just 10 years ago - both for the better of humanity and the demise of it. To sum up my personal fears, working in IT and traveling a lot, I have come to the conclusion how much Corporate America - and to a large extent the Gov't - owns Debbie's soul, and that bothers me. A lot of the blame falls on ME. (I'm naive to think the Internet and Google and Yahoo Mail and YouTube and WikiPedia don't come with a "price"...) And yet, as an American, I am spoiled when it comes to personal freedoms... So in the last year or two - when I have time - I have been reading up and talking to lots of people much smarter than I, trying to make sure I haven't completely sold my souls to Corporate America, and as someone said on this thread earlier, that - when taken out of CONTEXT - I will not someday regret something that seemed innocuous at the time?! Quote:
Quote:
Sincerely, Debbie |
||||||||||||||
|
|
0
|
|
Feb 12, 2013, 04:51 PM
|
#38 | |||
|
Quote:
Quote:
Then again, I'm not sure you entirely understand my points... In my original post, I am trying to learn about how to cover up digital things of which I know very little (e.g. IP Address, MAC Address, etc.) because I believe that they could be very damning over time. By contrast, I don't mind if you know basic information about me like Name, State, Profession, etc. But, right or wrong, it does freak me out if You, or Panera Bread, or my ISP, or the Gov't knew that I Googled "LSD" (while I listened to a Jefferson Airplane song) or that 4 years ago I landed on a Porn Site (while I was Googling "Teen Solo" while reading about that girl from Australia sailing around the world by herself) or that I frequent certain stores online, or that I have chatted with and visited many websites related to my Political Views, and so on and so forth... Follow me? I sorta put myself out there for people to see parts of me in things like this forum. Other things, like where I shop, or my political views, or my health conditions, or my religious views, and so on I do not want people to be logging in some database, or to end up in court some day when I'm on trial for being "human"!! I appreciate you playing devil's advocate - all of you - but also hope you see the distinction I am making. Really, I guess it comes down to this... I want to be Technologically Savvy enough to control all of my information and decide who gets what, even if that is a *dream*?! Debbie ---------- Quote:
I'm just a working slob by day, trying to recover from "The Great Recession" and hoping that before I turn 50, I'll actually get back to living outside of work and OFFline... Debbie |
||||
|
|
0
|
|
Feb 12, 2013, 05:47 PM
|
#39 | ||||||||||||
|
Quote:
Quote:
Quote:
Anyway, whether you paranoically use several to mask your MAC inside the hotel, or just get one because they are amazing little devices is up to you. Quote:
But no... there are no guarantees that someone isn't following your laptop. Just like there is not guarantee that the asteroid on Feb 15th isn't going to knock a satellite out of orbit that lands on your home. It's not likely to happen, but it may. But I'm not going to lose any sleep over it. Or the thousand other risks that are much more likely than somebody taking so much interest in me that they try to hack my computer. Though I do put passwords on them of course. Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
And relax!
__________________
My friends, love is better than anger. Hope is better than fear. Optimism is better than despair. So let us be loving, hopeful and optimistic. And we'll change the world. - Jack Layton |
|||||||||||||
|
|
1
|
|
Feb 12, 2013, 06:09 PM
|
#40 | ||
|
Quote:
http://forums.macrumors.com/showpost...9&postcount=26 Quote:
https://panopticlick.eff.org/ Counter-measures also in my post above. To get to the hardware layer and identifying unique motherboards or HDs would be MUCH harder and would require someone to launch a sophisticated targeted attack against you or at least get you to install some kind of malware to spy on you. BTW, the EFF has a great page on this whole topic: https://ssd.eff.org/ |
|||
|
|
0
|
|
Feb 12, 2013, 08:50 PM
|
#41 | |
|
Quote:
There is nothing wrong with what you are trying to do. In real life we try to keep private all the time: from closing your blinds at night, to putting up fences, to covering up valuables in your car while shopping, we are constantly aware of keeping private. For security sure, but also for comfort and peace. You aren't being paranoid by locking your door, you are just being prudent and removing yourself as a target of opportunity. In life we also freely give up privacy as needed. My doctor, lawyer, banker, and psychologist (if I had one :P) know a lot about me. We give up our privacy to these people because they provide us with a service that would be hard to perform without it. In turn, they promise (sometimes by law) to never share what we share with others. I have nothing to hide, but I would rather not have my medical records available to anyone who wants them. Being online "feels" private. Like visiting your psychologist...you feel comfortable in your surroundings and rarely worry about the private details you are sharing. The difference? Your psychologist keeps your private information safe, but the same isn't true for most online websites. While online, we aren't very prudent, we do make ourselves easy targets... We think we are being private, but we aren't, at all. The blinds are wide open, goods on display in the back seat and the door is unlocked. We aren't doing anything bad, but so what? The only effective way I've managed to stay anonymous is to disrupt this general feeling of "comfort". I might be in my office (with the blinds closed), but I'm no where near private while online. It is simple in concept, very difficult in practice: Have two completely different identities. When you are using your real identity you'll be accessing banks, support sites for products you own, email, Facebook, etc. You visit these sites freely, giving up privacy for a service. Then, for everything else, you have your other identity. Here is how to set one up: 1. Create two accounts on your computer (if you know VMs, you can use one of these instead... but two accounts is easy enough). 2. Your second account should not have any "phone home" apps like dropbox, iCloud, email, etc. You are going to use this account for all online activities that don't need to know who you are. 3. With your new computer account, download, install and run TOR. Read up on it first. =) 4. After it is installed, visit tormoil and sign up for an email address (use a nickname). This is the start of your online identity. All paths will lead back to this. Since you signed up with it using TOR, it is a pretty decent dead end. Now, you can keep using TOR, or sign up for a VPN. I went the latter route, it isn't too much money, and while it isn't as anonymous as TOR, it is a much more pleasant experience (TOR is great, but slow). Once you've chosen, you can get a nicer email address from yahoo or gmail or wherever. Ok, this was long enough... if you have any specific questions, just ask! |
||
|
|
1
|
|
Feb 12, 2013, 09:15 PM
|
#42 | |
|
Quote:
|
||
|
|
0
|
|
Feb 12, 2013, 09:18 PM
|
#43 | |
|
Quote:
/Jim Last edited by flynz4; Feb 13, 2013 at 10:36 AM. |
||
|
|
0
|
|
Feb 13, 2013, 08:06 AM
|
#44 | |
|
Quote:
|
||
|
|
0
|
|
Feb 13, 2013, 09:01 AM
|
#45 | |
|
Quote:
Packets are exchanged, for example in a TCP connection state, when the originating IP (you) contacts the remote IP (Google, for example). The application at each end (Safari at yours, the web server at Google) use port numbers as well. Your port is random, Google's is port 80 (the http port). This combination of port<-->IP<-->IP<-->port is called a socket, it is unique on the network as long as it exists, and data is exchanged over this socket. In order for the packets to get back to you (to your Safari), your IP address must be known by the protocols. There may be any number of intervening layers of proxies, network address translations, etc, but the chain must be complete for you to receive your packets. On the Internet, you are not going to get any information unless you tell someone where to send it. Last edited by HenryAZ; Feb 13, 2013 at 09:04 AM. Reason: spelling |
||
|
0
|
|
Feb 13, 2013, 09:07 AM
|
#46 | |
|
Quote:
I've now made it my mission that whenever these things are available I will first try to download it from their website (if available, otherwise I scan it in). Then I use either a PDF writer or a photo editing program and slightly modify the words. "I do NOT allow my likeness to be used." etc.. I inject the work NOT in a lot of places. Then I sign that waiver and hand it in. I have yet to have ANY place actually notice that it has been changed -- mostly because the employees there don't know anything about it besides just collecting the waivers. These things bother me more than a lot of the online things. I honestly don't mind some of the data gathering and focused marketing; that is what keeps a lot of the good, free services free. I don't care if they know I went to porn sites, or that I like to drink tequila or Absinthe, or that I own a Mac and use Safari . . . I don't do anything illegal and if I get ads for these thing who cares. (Ad blockers and spam filters are wonderful things). But a company that goes out of their way to hide something in another document adding clauses that will allow them to do things like use your likeness on TV without your permission or compensation means that they are also more likely to do something nefarious with it. If they weren't they wouldn't be HIDING IT! Have it a check box on the form "I opt into allowing my image used for corporate advertising" instead of trying to slip it in somewhere. Things like Picasa that so many people use. Read the TOS, you've given google the rights to use your photos any way that they want for any purpose that they want without compensation to you. Although Google may never do this; if you use their application, they could change their mind at any minute and decide to do it. People are diligent for some things, such as hiding their identity, but they forget the easy and obvious things like reading TOS' and signing away rights in other forms. Knowledge is power. Be smart, surf wisely. I know that this identity is NOT secure, anyone can trace it back to who I really am because I don't hide from it. There are other identities I use that no one knows about; those would be much harder to track back to me because I don't want them to be. Just use what you know wisely and sometimes not worry so much. |
||
|
|
0
|
|
Feb 13, 2013, 10:24 AM
|
#47 | |
|
Quote:
I couldn't connect to the site, so either it's down or I'm better at hiding my tracks than I realized....
__________________
My friends, love is better than anger. Hope is better than fear. Optimism is better than despair. So let us be loving, hopeful and optimistic. And we'll change the world. - Jack Layton |
||
|
|
0
|
|
Feb 13, 2013, 10:41 AM
|
#48 |
|
I have been following this thread and find it fascinating but I also find just about all of you extremely paranoid. Realize that the moment you step foot on the internet you leave a footprint of your activities no matter how careful you are.
Here is my opinion.... do a google search for yourself and any variation of yourself. If you don't come up in any result within the first 5 pages then no one gives a damn about you and isn't out to get you. I know a couple of people who wear the tinfoil hats and who always think the black helicopters are hovering overhead. It's quite funny to hear their stories. When in doubt...move to Utah or Montana, build a bunker, and prepare for the worst. The rest of use will enjoy life. |
|
|
|
0
|
|
Feb 13, 2013, 11:19 AM
|
#49 | |
|
Quote:
Working an the applications I occasionally did see examples of what you did (crossing stuff out) but it was rare. Most waivers were innocuous and meant to permit the race to do things such as publish or broadcast images of the runners as they participated, without needing to go to each individual and ask permission. It's almost impossible to identify people in a mass-participation race unless the image shows a bib number. The race wants to use the images for their own publicity, or to illustrate their applications, or posters, and so on. The image waiver comes into play in another area -- finish line photographs. Big or important races generally have photographers (third party companies) contracted to try and get a finishing photo for every finisher. The runner is then given the chance to buy that photo, and many do. The potential privacy issue comes because typically the photo companies put up everybody's image on their website, keyed to runner number (but without any name information). So potentially, everybody's image is posted on the web, and that calls for permission in some form. It must be true that in some cases (maybe many of them, outside of mass-participation events) the organizers have a nefarious purpose, or at least one that you'd rather not allow. But sometimes it's all straightforward. |
||
|
|
0
|
|
Feb 13, 2013, 02:05 PM
|
#50 | |
|
Quote:
IF they offered me a waiver that had a check box that said, "Check here if it is OK to use your child's image." Of course I wouldn't check it. Most would. But to hide the lines within the "Release of Liability" waiver that they tell you is for their protection in case someone gets hurt, is bad. With the way I modify the waivers, they look almost identical to the originals. No cross outs, no marks anywhere, I make an effort to keep the lines and justification to be similar. Thus at first glance it looks identical to the original. If they are hiding this working inside a liability waiver, it's fair that I hide the fact that I removed the wording.
|
||
|
|
0
|
 |
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | Search this Thread |
| Display Modes | |
Linear Mode
|
|
All times are GMT -5. The time now is 06:33 PM.
