Daily Archives: March 31, 2017

Congress has moved to dismantle some Obama-era rules that would have protected the online privacy of everyday Americans. This sucks. The deregulation means it will be easier for huge telecom companies to track and sell their customers browsing history. This sucks! But not all is lost.

Regardless of what the Capitol Hill-based wrecking ball does to the FCCs online privacy rules, there are still steps you can take to protect yourself on the internet. The new era of anti-privacy policies in Washington does mean that companies like AT&T, Verizon, and Comcast can collect data about your everyday internet usage.

Your ISP can sell your traffic without any permission, and its unclear if they would even have to tell you they were doing it, Jeremy Gillula, a senior staff technologist at the Electronic Frontier Foundation (EFF), told Gizmodo.

The White House has already said it strongly supports the repeal of the Obama-era rules. Trump is expected to sign the bill into law in the coming days.

Without the FCCs privacy rules, its not just information about web pages you visit that service providers can collect. Your ISP can now track your activity any time your computer accesses the internet. If you check the weather on your phone, your ISP could know that youre worried about the rain and serve up ads about umbrellas. More realistically, they could sell the data about your daily habits to a marketing firm so that they could serve you more relevant ads.

However, you can still go dark, if you dont want big telecom peering into your private life. Theres a chance that your ISP will let you opt-out of certain types of data collection, although its unclear if theyre specifically required to do this in the absence of the privacy rules. The FTC does recommend that service providers off an opt-in option, although ISPs could just decide to ignore that recommendation. Your situation will inevitably depend on how your particular ISP decides to exploit the lack of rules. Otherwise, protecting your online privacy in these grim times essentially amounts to putting up a barrier between you and the prying eyes of large telecom companies. Let us show you how.

Our first recommendation is the best one: pay for a VPN service. Using a virtual private network (VPN) is the only way to ensure that youre accessing the internet through an encrypted, private channel. Your browsing habits can still be seen by the VPN serviceand law enforcement, if it comes to thatbut youll be safe from a spying ISP since it will see your traffic as coming from a random server instead of your house.

You can subscribe to VPN services for both desktop and mobile. But as the word pay implies, any decent option will cost you a few bucks a month. (Read that as: do not use a free VPN service and expect privacy at the same time.) Finding the right VPN for you can be an odyssey, although our friends at Lifehacker have this handy guide and this detailed spreadsheet that show the upsides of various services. If youre tech savvy, you can also set up your own VPN, although the server space does cost some money.

There is some bad news, too.

A VPN wont protect you from all of the creepy stuff that ISPs will be able to do, Evan Greer at Fight for the Future said in an interview with Gizmodo, noting that ISPs can still install secret traffic software and inject ads into web traffic when a VPN is in place. Thats part of the reason why the FCC passed internet privacy rules in the first place. Although they are the most comprehensive defense against snoopers, the fact that VPNs still wont completely protect internet users highlights just how badly America needed those privacy rules.

Without these rules, ISPs will be able to monitor, collect, and store almost everything you do online and sell that information to advertisers and data mining companiesand use it to build an almost complete profile of your online activity, Greer explained. In the end there are steps you can take, but also its the responsibility of our legislators to protect us.

Now lets get serious. If you really want to keep your browsing habits away from the prying eyes of corporations and the government, Tor is the best bet. It is not, however, the most convenient option nor is it the most comprehensive. (Using a VPN is the most comprehensive, even though it wont protect you entirely.)

Youve probably heard of Tor. Tor is everybodys favorite free anonymity software and is relatively easy to install on a desktop. Tor is also available for Android through a package called Orbot, which is slightly more difficult to install. Once youre up and running, you can browse the web anonymously, and even weasel your way into the edgy corners of the dark web, if thats your thing.

There are a couple of major downsides to using Tor all the time. One, it only protects you from snoopers when youre surfing the web in the Tor browser. Any other internet-connect apps, like email clients or chat apps, will not be anonymized. Two, Tor doesnt work well with sites that run Cloud Flares security software, which is the majority of sites on the web. When you visit these sites, you might have to type in a captcha to prove youre human which is fine from time-to-time, but Tor users often find themselves typing in captchas every time they visit a new domain.

Tor is not a perfect solution for browsing the web privately. Its certainly much better than using incognito windows in Chrome or private browsing tabs in Safari. As Gillula explained to Gizmodo, these features dont protect you at all if youre worried about obscuring your browsing habits from an ISP or the governmentnot one little bit.

See the original post:
How to Hide Your Browsing History From Your Snooping ISP - Gizmodo

GRAND TRAVERSE COUNTY (WPBN/WGTU) -- President Trump is considering signing a bill allowing internet service providers to sell your online history information.

Right now, different search engines and social media sites are already doing this. The bill would allow internet providers such as Charter and Comcast to do the same.

"Yes it's susceptible to hacking and that kind of thing but for the most part nobody is secure anyways," said Mike Tusan, the Owner of Mad Mike's a computer store in Traverse City.

Tusan said the new privacy rules wouldn't really change things too much.

"People sell content," said Tusan. "That's where the value of Google, Yahoo and Bing is. It's in the content of their users."

Greg Genoyer of Traverse City disagrees with Tusan. Genoyer believes the bill shouldn't be signed.

"I'm dead set against them doing that," said Genoyer. "They shouldn't be able to."

Genoyer said he thinks other services should also stop collecting our information.

"To sell anyone's personal information should be 100% illegal," said Genoyer.

For people who prefer to keep their online information more private, Tusan said there are some ways to do so.

"You can use a browser called a TOR browser," said Tusan.

A TOR browser protects you by bouncing your information around different networks all over the world which makes it harder for one source to track it.

You can also use Https Everywhere which is a plugin used to keep the pages you visit more secure.

Tusan said regardless of what you do it is impossible to guarantee your information is 100% safe.

"Is there a dark side? Yeah possibly, but for the most part this is going to be a good thing for people," said Tusan.

The Senate has already voted in favor of the bill, now President Trump has the final say.

Read the original here:
New bill could expand sale of your private online history - UpNorthLive.com

Unknown to many, all the websites that are within our reach through search engine sites like Google, Bing, etc. are roughly 4% of the overall content available on the Internet. This group of websites are known to be the Surface Web, which is what most users experience as web browsing regardless of the browser software to be used.

Photo courtesy of Unsplash

The remaining 96% of the internet is known as Deep Web, which has a certain number of software restrictions to be accessed. For starters, you need to use Tor browser, as links shared through the deep web are listed under the anonymous domain suffix known as .onion. However, there are many other valid reasons for using Tor whenever we decide to engage in this deep web experience, being anonymity the most important factor. Is there something valid that insurance companies can learn from this experience? Lets find out!

These two terms are often wrongly used, as people refer to the area that doesnt belong to the Surface Web as Dark Web, whereas in fact, the Dark Web is just a part of the Deep Web.

Deep Web is so vast that cannot be directly indexed, hence the reason why services like Google doesnt simply focus on attending a big volume of data like Deep Web sites, and they have escalated up as much as to host their social media versions of traditional networks available on the Surface Web.

Photo courtesy of Startup Stock Photos

Dark Web, on the other hand, is the term used to refer to a sort of bad neighbourhood of the internet, whose original purpose has been drifted so far that today is a place best known for illicit activities like selling drugs, guns, private data, pornography, terrorist activities and hackers. Theres a reason why standard browsers cannot access this area of the internet, and thats because of the need for these communications to be as anonymous as possible, avoiding trackback from governments, but thats not all thats required to enter the Dark Web.

Prior even considering to take a tour through the Dark Web, be sure to count with these two elements:

These measures are no means for forfeit government control but a way to protect our connection from hackers. There are many creepy stories going around the net on what can actually happen throughout the Dark Web, some true, some not, so best to take all the security means available the sooner, the better.

First and foremost, Dark Web is a place in which illegal software is sold like candy. Therefore, you can learn of potential software exploits before software developers announce such potential threats. For insurance companies that focus on cybercrime prevention, this is essential to be tuned with the latest trends in cyber exploits and digital terrorism, but also for further developing software suites that provide secure entourages for data exchange at large corporations.

Photo courtesy of Pixabay

Bids can be placed on acquiring valuable pieces of code, so whether your business happens to protect the interests of some troubled company or a competitor, its best to be acknowledged with potential liabilities hackers are trying to exploit.

Whether you decide to wander for work purposes or just out of fun, you always have to be prepared for whats coming up next during the time your visit is going to take. Under any means DO NEVER share personal data with users, especially payment ones, as you will be a witness of potential black money offers on multiplying Bitcoins for a small rate and a wide range of similar alternatives.

Also, for your sake, avoid randomly going through pages, or you wont be sure of whats coming up next. Gruesome images are a daily possibility, but if your security means arent as strong as desired, you are likely to open a gate for hackers to take control of your network entirely inadvisable with the increase of cyber kidnappings through these years.

In case you decide its not worth the risk to be looking at such places, or if your computer skills arent as desirable to explore difficult aspects of the internet, there is also a way to stay in touch with whats going on at the underworld by accessing news sites like DarkWebNews.

Be smart and wander with a purpose. Thats not a place for simply sharing a laugh among friends like what could be said about many scary sites warnings are meant to be for a reason.

VikasAgrawal

Infobrandz

Vikas Agrawal is a start-up Investor and co-founder of the Infographic design agency Infobrandz.com, He is a highly influential research analyst and strategic marketing consultant. Vikas advises and plans the visual marketing campaigns of Medium to Large companies. Vikas has worked globally across multiple industries including retail, financial services, logistics, manufacturing, telecoms and pharmaceuticals deploying effective strategic marketing plans and methodologies. A renowned blogger on the subject of Technology, Marketing and Entrepreneurship.

Read more:
What Insurance Companies Can Learn From the Dark Web - Customer Think

Congress recently voted to overthrow internet protection rules.

Republicans hit a roadblock last week with repealing and replacing the Affordable Care Act, but they are making progress in deconstructing broad internet privacy protection policies that were created under former President Barack Obamas administration.

The Federal Communications Commission (FCC) approved the internet protection rules on Oct. 27, 2016 in a 3-to-2 vote, according to The New York Times (NYT). The policies further prevent internet service providers, such as AT&T, Comcast and Verizon, from gathering and disseminating information related to a users browser history, location, financial data and other personal information.

The United States Senate voted 50-to-48 Thursday to repeal the FCCs rules, starting what could be an end to internet privacy. The House still needs to vote on the proposal, but President Donald Trump is expected to sign the legislation if it makes it to the Oval Office, according to the NYT.

The real crux of the legislation is that it allows companies to use customer information without their permission.

Internet service providers could use the data for targeted advertising and to sell it to third parties, reported The Hill.

If the legislation makes it to Trumps desk and he approves it, any internet customer could automatically relinquish his or her privacy without question. While federal intelligence agencies already have the capability of looking up peoples browsing history and patterns, the change in policy will open the door to widespread access to personal information.

On the surface, internet users could see even more advertisements that are specifically targeted at their personal browsing habits. For example, if you are helping a friend browse for clothing online with your computer, you could see advertisements on websites you visit that are related to clothing. While this isnt entirely new, a lack of privacy protection could lead to companies directly sending you advertisements via email, postal mail or over the phone.

Shippensburg University students are already experiencing targeted advertisement as they use SUs website. SUs website states it or a third party tracks how users browse ship.edu so ads can be targeted to users on other websites they visit. SU offers students a way of opting out of targeted advertising by visiting networkadvertising.org.

SU also tracks how people use ship.edu to analyze the data with Google Analytics. It does not allow the information gathered to identify individual people.

We do not associate any data gathered from the site with any personally identifying information from any source as part of our use of Google Analytics, SU states on ship.edu.

While students may see privacy protection on ship.edu, there is no guarantee the same level of privacy applies when browsing the internet via SU servers. Under its Computing and Information Network Usage Policy SU states, There should be no expectation of privacy information stored on or sent through university-owned IT resources, except required by law.

Whether students want privacy from their internet service provider, SU or the federal government, they could use an alternative internet browser, such as Tor Browser. The browser is free to download, install and use, and it provides anonymity when surfing the web. While not foolproof, the browser gives you privacy by sending your communications to different relays to prevent people from tracking your internet-use history.

Be warned using Tor, or a similar software package, may put you in violation of SUs network usage policies.

Attempting to disguise the identity of the account or machine you are using is prohibited, states policy No. 3 of Computing and Information Network Usage Policy.

While Tor may be an option for students who have internet access outside of SU, it isnt a permanent method to maintaining privacy. Surfing the web with Tor can be slow and it cannot ensure complete anonymity.

A lack of internet privacy will result in winners and losers, but the new legislation will serve as a reminder to internet users that what happens on the web does not stay on the web.

Go here to read the rest:
Internet users face diminished privacy - The Slate Online - The Slate Online

Informed news analysis every weekday

Your message has been sent.

There was an error emailing this page.

Mozilla has long used itsFirefox browser as a staging platform for other innovations. One of the first real-world applications for its fast-and-safe systems language Rust, for instance, is rewriting some of Firefox's innards.

Now comes a project called Binary Transparency, an effort to ensure that every Firefox binary produced by Mozilla is the same one that everyone else has received and hasn't potentially been tampered with.

At first this sounds like a glorified version of using hash signatures or checksums, which most every organization that supplies binaries of its apps does. But Mozilla has a more ambitious plan: To make it difficult for anyone to distribute compromised copies of an application, even if they come from Mozilla.

Mozilla's plan, documented in a wiki entry, expands on the existing processes for generating checksums from Firefox binaries. First, a hex string from a composite of the checksums of each binary component is generated, then that hex string is used as a domain name. Mozilla then obtains an X.509 certificate from a certification authority using that domain name and posts the certificate in a public log.

With this method, instead of generating a checksum for the binary and posting it somewhere (that is, a wiki), there's an irrevocable record of the checksum made available by authorities not affiliated with Mozilla. This not only ensures that users downloading a new copy of Firefox don't get smacked with a bogus binary, but also gives Firefox's updater a mechanism it can use to make sure it doesn't unwittingly fetch a maliciously crafted payload.

Fans of blockchain technology will see a kindred concept here. Mozilla is taking data about its binaries and putting it into a (theoretically) immutable public ledger. By using certification authorities, Mozilla works with a familiar entity that has plenty of infrastructure to support its use.

Mozilla's efforts with tamper-proofing also is a prelude to even more ambitious integrity checks. One of them is providing reproducible builds of Firefox to guarantee that the binaries produced for a specific application came from a given, verified source code tree and not from one that's been altered.

It's harder than it might seem to guarantee such bit-exact softwarebuilds. Even an item as innocuous as a timestamp on a file can produce an entirely different checksum for the whole package, so the entire build system has to be designed to take such factors into account.

The reproducible build concept is not new, butthere's been a resurgence of interest in making reproducible builds a practical and standardized concern. The Linux Foundation's CII (Core Infrastructure Initiative) renewed financial support for such a project last year. Many free software projects, from Linux distributions (Debian in particular) to trusted applications like the bitcoin clients or the Tor browser, employ reproducible build strategies. Google's Bazel build tool, open-sourced in 2015, supports reproducible builds as part of its mission statement.

Getting Firefox to use a reproducible build system has been on the agenda since 2013, but not as a high-priority item, in big part because Firefox's build system isn't currently designed to allow it. One issue in particular that creates problems is PGO (profile guided optimization), which optimizes binaries based on details gleaned from running the application. It's theoretically possible to make PGO play nice with reproducible builds, but like reproducibility in Firefox, it's a work in progress.

Sponsored Links

Originally posted here:
Mozilla project keeps compromised apps out of circulation - InfoWorld