In China, there appears to be a public understanding that personal privacy is not protected while in the U.S. most citizens are not concerned about their own protections. How else could Facebook exist and prosper so mightily? As for me, I don't book Face and neither should anyone else.
I don't limit my digital footprint in what I say on the internet — for proof see some of my hyperbolic posts on HN, ;-) — because I reckon what I say is pretty harmless, albeit opinionated. Similarly, I've no hidden thoughts to harm people.
That said, I consider it a different matter when it comes to the Googles and Facebooks of this world pinching my data without paying for it, it's why I rile against invasive technologies such as JavaScript which provides the power to these large multinational megaliths (and many others) to do so. (Privacy is a war that end-users are losing and have effectively lost as they've essentially no tools or other recourse to fight back).
I also self-censor when it comes to searches or when following links from innocuous sites that may eventually lead, chain-like through others, to ones that may be deemed undesirable. For an inquisitive techie like me this is a damn pain.
As I see it, in the current political climate, it'd be stupid to do otherwise. My you, 20 years ago nothing would have been further from my mind (or I'd imagine on the minds of most other internet users for that matter).
Unfortunately, both corporate and state surveillance is fact of life and a sign of the times and we just have to get used to it. If that limits the full extent of access and the liberties that the internet actually provides one then so be it. Sadly, we've little other choice.
From what I've read they can still gather your public data, but to a lesser degree than they can from the direct use of their services. The second-hand scraping is a lot less specific - "he visits X website, at X time, X times a day" as opposed to "he works at X, is featured in X type of photo, shares X type of content, has close relations with X people, is likely to click X type of advert". They can extrapolate a lot more accurate assumptions about someone from the latter set of data.
I'm sure they're much better at data scraping then they were when I read that last though. Thankfully people much more intelligent than myself are making it easier to obfuscate this activity. I've had a lot of luck using the advice below:
> "he works at X, is featured in X type of photo, shares X type of content, has close relations with X people [...]
There's nothing preventing anyone to scrape that kind of info from public sources either. Some of this may be available here on HN (shares that kind of content, works at X), others on competitor's social networks (Twitter, Mastodon, Reddit, GitHub, forums). In fact, this is part of Google's core business model, and you can most likely see this in their database already: "google" yourself.
Admittedly, no one will be able to scrape click rates, but that's relatively insignificant compared to the amount of info we already publicly share.
> There's nothing preventing anyone to scrape that kind of info from public sources either.
Absolutely correct, if you read my posts then you'll see that I expose both myself and my ideas to quite some considerable degree. I'm under no illusion that all my attempts at blocking Google's spying will not work here.
I've never had the need to hide myself on the web, rather it's that I've been forced to, or at least to try to hide parts of my private data—none of which I'm ashamed about.
It's the underhanded and egregious way Google, Facebook, et all have gone about it that hurts and which I find so objectionable.
rhn_mk1 9 hours ago | parent | on: Limiting Your Digital Footprints in a Surveillance...
> That said, I consider it a different matter when it comes to the Googles and Facebooks of this world pinching my data without paying for it.
>What makes you think they are not scraping your public activity from other sites?
I assume and expect Google et al to be monitoring and incessantly cross-referencing my web activity as well as extracting and distilling my personal information. Also, I assume the dossiers they produce on my activities are growing larger by the day. I consider their monitoring to be a hostile, unwanted, invasive and egregious act on their part.
I also know I've small resources and can only mount a limited defense against these attackers and that anything I do will only be partially effective. As I said in my reply to vcavallo, one can only go so far or one ends up wasting hours doing little else except tweaking security settings. Even so, I reckon I push my security systems hard and I demand a lot from them, perhaps more so than most other users do.
The best I can do is to make it as hard as is possible for Google and cronies to steal my data but I do so only up to the point where I reckon the Law of Diminishing Returns sets in. If I increased my protection any further then it would cause me undue extra work not to mention increased difficulty for me to navigate the web. It's impractical for me to list all of these protections here but here are a few of the key ones. Anyway, judge for yourself (and tell me what I've missed).
1. I've advised friends and my well-known contacts who have Gmail accounts that they will only get brief and or limited (and innocuous) data sans personal data and important information from me in replies to their Gmail account emails—and that this is specifically because they're using spyware Gmail! Offline, eyeball-to-eyeball, I amplify these concerns by strongly advising them that whenever they (a) send me emails, or (b) forward my emails and other details to other Gmail accounts, etc., and (c) whenever they even mention me in Gmail messages, either to me or to others, then they are violating my privacy and to do so only as a last resort. Right, I actively embarrass them for being stupid enough to let Google 'rape' them of their personal information (remember, we're in a war with Big Tech for our personal data so we can't be too nice).
2. I do not use web mail as it's easier to track—here we have the JavaScript problem again. (All my mail clients are POP/SMTP or IMAP.)
3. I do not respond to unsolicited emails from Gmail accounts when the sender is unknown to me. Most of these messages are deleted forthwith. In infrequent cases where I have to open them, I do so either offline or take other measures to ensure scripts don't 'phone home' to Google, et al.
4. If I have to send or receive emails to Gmail accounts then I ensure their content contains essentially innocuous data. I tell Gmail users not to include my personal data or other important information in the emails they send to me, or if they have to then for them to use other means such as a standard POP/SMTP account, or if it's important information then to use PGP or other obfuscating means.
5. If I have to send any information other than innocuous data to Gmail users then I do so by an encrypted PDF attachment. In cases where no key has been agreed upon beforehand, I send multi-valued prompts for the keys along with the PDF that only the recipient can answer (I'm aware this isn't very secure but it is likely—at least partially anyway—to put the kibosh on much of the automatic indexing.)
6. When responding to messages from Gmail accounts instead of replying directly with 'reply' I create new messages and also ensure that the Google message IDs are fully scrubbed out in replies (this likely stops some linking). I do this with all replies, CCs and or forwards to Gmail accounts e...
Out of your precautions, the one that interests me the most is number 1, because it acknowledges that other people's attitude determines one's privacy:
> 1. I've advised friends and my well-known contacts who have Gmail accounts that they will only get brief and or limited (and innocuous) data sans personal data and important information from me in replies to their Gmail account emails—and that this is specifically because they're using spyware Gmail! Offline, eyeball-to-eyeball, I amplify these concerns by strongly advising them that whenever they (a) send me emails, or (b) forward my emails and other details to other Gmail accounts, etc., and (c) whenever they even mention me in Gmail messages, either to me or to others, then they are violating my privacy and to do so only as a last resort. Right, I actively embarrass them for being stupid enough to let Google 'rape' them of their personal information (remember, we're in a war with Big Tech for our personal data so we can't be too nice).
What kind of reactions did you get? Do you allow the sime kind of information you post on public fora?
Seeing how trusting well-meaning people are, I'm wary of giving them any kind of sensitive information in digital form. It will inadvertently end up on Facebook, auto-backed up by Google or Apple, or in a private Dropbox share, outside of my control.
When it comes to things you might have missed, I've recently learned that US-based companies in areas which one would expect sensitive, are extremely promiscuous with personal data. The shocking example was Google plugging into payment processors streams (credit cards).
I agree with you. If you were to look at some of my other posts on privacy then you'd see that compared to many other internet users I actually go to inordinate lengths to keep Big Tech at bay. For instance, not using JavaScript during browsing is my default mode (and that's only part of my protection system); such action however is considered extreme to the point of being obsessional by some HN readers.
However, one can grind things too fine and all one ends up by doing is spending almost full time looking for security breaches in one's fortified ramparts and tunnels under browser 'moats'. It's where one draws the line that matters, the timid keep safe distances, hide behind others or pretend not to know and hope such problems will never affect them. I can definitely say I'm not one of those, in fact I reckon I push my security boundaries pretty hard and demand a lot from them.
It seems to me if you want to achieve something that's close to the bleeding edge then you have to be prepared to suffer inconvenience and or bleed a little. For instance, risk-takers push the law up to its edge so as to get something daring or audacious done that few others risk trying, they tread the line separating the legal from illegal whilst simultaneously leaning over precariously into illegality and hoping they don't fall.
At the very edges—which really isn't very often—I run my internet browsing a little like that, but in my post I was referring to the vast numbers of internet users who always take safer routes or play by the default rules. ...And it's also what I do most of the time.
It doesn't matter. It didn't matter for all the people in East Germany the communists took away and tortured and often murdered. It certainly didn't matter in the Soviet Union, either. Your silence and self-censorship won't matter in the end. The Soviets often just targeted random people because it chilled dissent overall.
Silent or not, party member or not, you will be dragged from your home in the night and never seen again. This is the reality of what it was like.
So you might as well be brave and speak out against it because that's the only actual defense you have.
> Your silence and self-censorship won't matter in the end. <...>
> Your silence and self-censorship won't matter in the end.
Very true, but you cannot reasonably accuse me of that (read my posts carefully)! Few are as vocal and critical as I am about the subject.
In my original post I was suggesting that on SOME politically sensitive topics that it's stupid to fully speak one's mind about even though one can still do so; that is if one's views are well against the established orthodoxy. I don't have to spell out what those topics are, as everyone except those with room-temperature IQs are well aware of them.
This is not the case here about privacy and data theft by Google et al. I'm glad to say they're not off limits with governments yet (I hope not anyway—or I'm in big trouble). ;-)
Are you sure, how can you be sure?
I reckon not (and they couldn't anyway). And I've no illusions that all the protections that I've evoked/implemented myself against Google et al would add any meaningful protection either.
Methinks, the only way to bypass governments would be to delete one's ISP account and throw away one's PCs and smartphones.
It might be nice if the US became the privacy state in contrast to the proliferation of the surveillance states. It is a naïve speculation but, by coining a phrase, maybe we can get a few politicians to try to nudge the government toward a greater respect of personal freedoms and a sense of protected privacies with respect to this particular issue.
It would be nice but I'd reckon the US will be the last to do so. The US, being the center of Capitalism and home of Big Tech, the lobbying pressure on politicians will be far too great for them to resist. Even Europe, despite the GDPR, is pretty wishy-washy about this kind of privacy regulation.
For the time being, I reckon this is strictly a DIY exercise.
"Other than that, I figure that if the Chinese authorities want to intercept my Bluetooth keyboard signal, they’ll just get an appreciation of how little work my editors have to do to my sterling copy."
Kind of an interesting, but short interview. That quote cracked me up.
23 comments
[ 2.8 ms ] story [ 59.8 ms ] threadhttps://ssd.eff.org
Also https://news.ycombinator.com/item?id=19278936
[0] https://cs.nyu.edu/trackmenot/
[1] https://adnauseam.io/
That said, I consider it a different matter when it comes to the Googles and Facebooks of this world pinching my data without paying for it, it's why I rile against invasive technologies such as JavaScript which provides the power to these large multinational megaliths (and many others) to do so. (Privacy is a war that end-users are losing and have effectively lost as they've essentially no tools or other recourse to fight back).
I also self-censor when it comes to searches or when following links from innocuous sites that may eventually lead, chain-like through others, to ones that may be deemed undesirable. For an inquisitive techie like me this is a damn pain.
As I see it, in the current political climate, it'd be stupid to do otherwise. My you, 20 years ago nothing would have been further from my mind (or I'd imagine on the minds of most other internet users for that matter).
Unfortunately, both corporate and state surveillance is fact of life and a sign of the times and we just have to get used to it. If that limits the full extent of access and the liberties that the internet actually provides one then so be it. Sadly, we've little other choice.
What makes you think they are not scraping your public activity from other sites?
I'm sure they're much better at data scraping then they were when I read that last though. Thankfully people much more intelligent than myself are making it easier to obfuscate this activity. I've had a lot of luck using the advice below:
https://web.archive.org/web/20181107150700/https://iotdarwin...
There's nothing preventing anyone to scrape that kind of info from public sources either. Some of this may be available here on HN (shares that kind of content, works at X), others on competitor's social networks (Twitter, Mastodon, Reddit, GitHub, forums). In fact, this is part of Google's core business model, and you can most likely see this in their database already: "google" yourself.
Admittedly, no one will be able to scrape click rates, but that's relatively insignificant compared to the amount of info we already publicly share.
Absolutely correct, if you read my posts then you'll see that I expose both myself and my ideas to quite some considerable degree. I'm under no illusion that all my attempts at blocking Google's spying will not work here.
I've never had the need to hide myself on the web, rather it's that I've been forced to, or at least to try to hide parts of my private data—none of which I'm ashamed about.
It's the underhanded and egregious way Google, Facebook, et all have gone about it that hurts and which I find so objectionable.
> That said, I consider it a different matter when it comes to the Googles and Facebooks of this world pinching my data without paying for it.
>What makes you think they are not scraping your public activity from other sites?
I assume and expect Google et al to be monitoring and incessantly cross-referencing my web activity as well as extracting and distilling my personal information. Also, I assume the dossiers they produce on my activities are growing larger by the day. I consider their monitoring to be a hostile, unwanted, invasive and egregious act on their part.
I also know I've small resources and can only mount a limited defense against these attackers and that anything I do will only be partially effective. As I said in my reply to vcavallo, one can only go so far or one ends up wasting hours doing little else except tweaking security settings. Even so, I reckon I push my security systems hard and I demand a lot from them, perhaps more so than most other users do.
The best I can do is to make it as hard as is possible for Google and cronies to steal my data but I do so only up to the point where I reckon the Law of Diminishing Returns sets in. If I increased my protection any further then it would cause me undue extra work not to mention increased difficulty for me to navigate the web. It's impractical for me to list all of these protections here but here are a few of the key ones. Anyway, judge for yourself (and tell me what I've missed).
1. I've advised friends and my well-known contacts who have Gmail accounts that they will only get brief and or limited (and innocuous) data sans personal data and important information from me in replies to their Gmail account emails—and that this is specifically because they're using spyware Gmail! Offline, eyeball-to-eyeball, I amplify these concerns by strongly advising them that whenever they (a) send me emails, or (b) forward my emails and other details to other Gmail accounts, etc., and (c) whenever they even mention me in Gmail messages, either to me or to others, then they are violating my privacy and to do so only as a last resort. Right, I actively embarrass them for being stupid enough to let Google 'rape' them of their personal information (remember, we're in a war with Big Tech for our personal data so we can't be too nice).
2. I do not use web mail as it's easier to track—here we have the JavaScript problem again. (All my mail clients are POP/SMTP or IMAP.)
3. I do not respond to unsolicited emails from Gmail accounts when the sender is unknown to me. Most of these messages are deleted forthwith. In infrequent cases where I have to open them, I do so either offline or take other measures to ensure scripts don't 'phone home' to Google, et al.
4. If I have to send or receive emails to Gmail accounts then I ensure their content contains essentially innocuous data. I tell Gmail users not to include my personal data or other important information in the emails they send to me, or if they have to then for them to use other means such as a standard POP/SMTP account, or if it's important information then to use PGP or other obfuscating means.
5. If I have to send any information other than innocuous data to Gmail users then I do so by an encrypted PDF attachment. In cases where no key has been agreed upon beforehand, I send multi-valued prompts for the keys along with the PDF that only the recipient can answer (I'm aware this isn't very secure but it is likely—at least partially anyway—to put the kibosh on much of the automatic indexing.)
6. When responding to messages from Gmail accounts instead of replying directly with 'reply' I create new messages and also ensure that the Google message IDs are fully scrubbed out in replies (this likely stops some linking). I do this with all replies, CCs and or forwards to Gmail accounts e...
> 1. I've advised friends and my well-known contacts who have Gmail accounts that they will only get brief and or limited (and innocuous) data sans personal data and important information from me in replies to their Gmail account emails—and that this is specifically because they're using spyware Gmail! Offline, eyeball-to-eyeball, I amplify these concerns by strongly advising them that whenever they (a) send me emails, or (b) forward my emails and other details to other Gmail accounts, etc., and (c) whenever they even mention me in Gmail messages, either to me or to others, then they are violating my privacy and to do so only as a last resort. Right, I actively embarrass them for being stupid enough to let Google 'rape' them of their personal information (remember, we're in a war with Big Tech for our personal data so we can't be too nice).
What kind of reactions did you get? Do you allow the sime kind of information you post on public fora?
Seeing how trusting well-meaning people are, I'm wary of giving them any kind of sensitive information in digital form. It will inadvertently end up on Facebook, auto-backed up by Google or Apple, or in a private Dropbox share, outside of my control.
When it comes to things you might have missed, I've recently learned that US-based companies in areas which one would expect sensitive, are extremely promiscuous with personal data. The shocking example was Google plugging into payment processors streams (credit cards).
Don’t give in unless you choose to.
However, one can grind things too fine and all one ends up by doing is spending almost full time looking for security breaches in one's fortified ramparts and tunnels under browser 'moats'. It's where one draws the line that matters, the timid keep safe distances, hide behind others or pretend not to know and hope such problems will never affect them. I can definitely say I'm not one of those, in fact I reckon I push my security boundaries pretty hard and demand a lot from them.
It seems to me if you want to achieve something that's close to the bleeding edge then you have to be prepared to suffer inconvenience and or bleed a little. For instance, risk-takers push the law up to its edge so as to get something daring or audacious done that few others risk trying, they tread the line separating the legal from illegal whilst simultaneously leaning over precariously into illegality and hoping they don't fall.
At the very edges—which really isn't very often—I run my internet browsing a little like that, but in my post I was referring to the vast numbers of internet users who always take safer routes or play by the default rules. ...And it's also what I do most of the time.
Silent or not, party member or not, you will be dragged from your home in the night and never seen again. This is the reality of what it was like.
So you might as well be brave and speak out against it because that's the only actual defense you have.
> Your silence and self-censorship won't matter in the end.
Very true, but you cannot reasonably accuse me of that (read my posts carefully)! Few are as vocal and critical as I am about the subject.
In my original post I was suggesting that on SOME politically sensitive topics that it's stupid to fully speak one's mind about even though one can still do so; that is if one's views are well against the established orthodoxy. I don't have to spell out what those topics are, as everyone except those with room-temperature IQs are well aware of them.
This is not the case here about privacy and data theft by Google et al. I'm glad to say they're not off limits with governments yet (I hope not anyway—or I'm in big trouble). ;-)
Methinks, the only way to bypass governments would be to delete one's ISP account and throw away one's PCs and smartphones.
For the time being, I reckon this is strictly a DIY exercise.
Kind of an interesting, but short interview. That quote cracked me up.