Page 2 of 2

Re: An alternative to Google?

PostPosted: Sun Apr 09, 2017 6:36 pm
by Dmitri
Even with something like Tor, if you think you're 100% secure and anonymous -- think again. Much more so with something like duckduckgo or similar sites.

The moment your computer connects to anything on the network (not using https), you've potentially given up your privacy.

Re: An alternative to Google?

PostPosted: Sun Apr 09, 2017 11:10 pm
by grzegorz
grzegorz wrote:If anyone is interested I can post more articles


What is "brain hacking"? Tech insiders on why you should care

http://www.cbsnews.com/news/brain-hacki ... 0-minutes/

Re: An alternative to Google?

PostPosted: Mon Apr 10, 2017 3:05 am
by Dmitri
He's giving himself and the software designers way too​ much credit. That's a tiny fraction of the reason why people are addicted. If you're a kid who grew up with this - sure you'll be affected more than your parents (who grew up without anything like it), but the core of the problem is dopamine addiction.

I never (almost never) use social media software, and I still constantly look things up and check a couple forums multiple times a day. It's not the software or some evil design -- it's simply the fact that vast amounts of relevant (directly relevant to your needs-of-the-moment) information is immediately available, at a flick of your thumb. Software just helps to facilitate access to that information.

Re: An alternative to Google?

PostPosted: Mon Apr 10, 2017 5:17 am
by Snork
Dmitri wrote:Even with something like Tor, if you think you're 100% secure and anonymous -- think again. Much more so with something like duckduckgo or similar sites.

The moment your computer connects to anything on the network (not using https), you've potentially given up your privacy.


HTTPS is important for security and a tool like HTTPS Everywhere is an essential add-on for browsers: https://www.eff.org/https-everywhere

However, as a separate and general comment, it is also important to know what HTTPS does and does not do. Fundamentally it will do two things:

1. Enforce an encryption layer for your data in transit. The encryption layer might not be any good, for example there are still some websites using old versions of SSL, but it will make the effort to get you some level of encryption.
2. Offer you an opportunity to validate the identity/ownership of the website you are connecting to. In practice this is most useful when companies have gone through Extended Validation with a reputable CA.

In both cases it is down to the user to ensure the encryption is sufficient for the purpose, the company on the certificate is as expected, and the CA is reputable. Modern browsers are pretty good at warning users if there is an obvious deficiency. HTTPS is also widely believe to be no obstacle to state-level agencies, if you are already on their radar.

HTTPS will not obfuscate your IP or protect you from tracking through browser fingerprinting, both of which Tor will attempt to do. Browser fingerprinting is much more prevalent these days than people realise. There are several companies that provide browser fingerprinting services to third parties, for example Iovation (https://www.iovation.com). A website runs Iovation's javascript which takes your browser fingerprint and logs your activity with Iovation. The website then pays Iovation for information about you based on your activities on the many other websites that also run Iovation's javascript. This information is usually in the form of a "reputation" score, so the website can quietly and immediately identify a potentially good customer, or a potentially fraudulent customer. Some people would be comfortable with this, others less so. Most people will have profiles with these reputation broker companies, whether or not they are aware of it. Of course correct use of browser add-ons like NoScript will help in frustrating this, but if you have a static IP address only a VPN or Tor will help you. If you have a smartphone you probably have very few countermeasures.

With the use of HTTPS on Tor .onion sites there is some debate. Traffic within the Tor network is always encrypted and since accessing a .onion site means you don't use an exit node, the enforced encryption layer provided by HTTPS is redundant. There is the issue of identifying the legitimacy of the site which users will simply have to do their best with.

Regarding the security of Tor, that depends entirely on who you are going up against. It is well known the FBI have some kind of Tor exploit they are refusing to divulge - probably javascript based. Wikileaks seems to have good information that NSA and GCHQ own large numbers of Tor relays and exit nodes, which greatly decreases the security. But if you're doing anything that merits their attention you're screwed anyway.

Steve James wrote: resistance is human, but probably futile.


It is a futile endeavour. For those who are interested in protecting their privacy, the adversaries are authoritarian governments and amoral international megacorps. Not only do they have enormous resources, they actually own the infrastructure. Only a few individuals are going to possess the education and discipline to use the tools and techniques available to them to preserve what little remains of their private lives. Not only will these tools and techniques be gradually outlawed through legislation, the devices we use to access the internet will become increasingly closed and subject to back-doors and constant monitoring. This is already well underway.

Re: An alternative to Google?

PostPosted: Mon Apr 10, 2017 6:29 am
by Dmitri
Snork wrote:HTTPS will not obfuscate your IP or protect you from tracking through browser fingerprinting

Yep, very good point to keep in mind

Re: An alternative to Google?

PostPosted: Mon Apr 10, 2017 7:00 am
by windwalker
Only a few individuals are going to possess the education and discipline to use the tools and techniques available to them to preserve what little remains of their private lives. Not only will these tools and techniques be gradually outlawed through legislation, the devices we use to access the internet will become increasingly closed and subject to back-doors and constant monitoring. This is already well underway.


informative post ;)

Re: An alternative to Google?

PostPosted: Mon Apr 10, 2017 6:14 pm
by Steve James

Re: An alternative to Google?

PostPosted: Tue Apr 11, 2017 1:16 am
by grzegorz
GOOGLE VOICE SEARCH RECORDS AND KEEPS CONVERSATIONS PEOPLE HAVE AROUND THEIR PHONES

http://www.independent.co.uk/life-style ... 59376.html

Anyone know of this?

Re: An alternative to Google?

PostPosted: Tue Apr 11, 2017 6:26 am
by Steve James
I don't know, but I don't keep a camera or microphone attached to my pcs. I would not doubt that any voice-operated software will retain records that can be accessed or retrieved. There was an issue with the voice command on Samsung tvs, but it also applies to applications like Alexa, Siri, and speech recognition programs.
Walking in the sand leaves footprints; but, now, talking on the beach can leave voiceprints.

Re: An alternative to Google?

PostPosted: Tue Apr 11, 2017 2:01 pm
by windwalker
https://www.patreon.com/
https://www.minds.com/

couple of sites that
some feel might be good replacement candidates for
Utube.com "google" for those interested.

Re: An alternative to Google?

PostPosted: Tue Apr 11, 2017 5:34 pm
by grzegorz
Thanks.

Re: An alternative to Google?

PostPosted: Mon Jun 19, 2017 2:28 am
by Rian
There are some ways to thwart browser fingerprints such as using the Tor browser, disabling JavaScript or installing script-blocking plugins. Besides, you should install VirtualBox.
Anyway, the term “privacy” does not exist now. All info you’ve exchanged, all websites you’ve ever visited can be detected by a third party and utilized for malicious purposes. But if you comply with the security rules (I add a link just to name a few), you have a chance to stay anonymous and secure online as far as possible.