Online Privacy

Since this is something that has become a lot more relevant in recent times, I wanted to share a few of the steps I've taken to protect some of my privacy online. Generally, I'd consider myself privacy-conscious - I even helped implement the entire GDPR catalog in my old firm (the brunt of it is actually offline), but I'm not so averse against everything that I'd forgo all convenience that comes with the actual handling of my private data.

Privacy settings

• Google Privacy Checkup
  
  This actually came up today, which prompted this text. If you are always logged into Google, like I am, there are lots of settings you can adjust, like how long your Youtube watch history is saved. I like being able to revisit videos I forgot about, but don't care about a lifetime history, so I set automatic deletion to 3 years. Similar for location data etc. You can also disable personalized ads for the Google network.
  
  I think it's a good idea to check your privacy settings for all the (bigger) sites that you are participating in.
  
  
• Ad personalization
  
  There are centralized locations for opting out of ad cookies for various networks (if they participate)
  • Your Online Choices (EU) [ Opt-out page ].
    They also have lots of good info on what ad personalization actually is and how it works.
  • Your Ad Choices (US) [ Opt-out page ]
    This one had some active for me as well.

Browsers

Brave has been mentioned. I actually moved back to Firefox after many years of using Chrome. I quite like it. They have added several products over the years that focus on protecting your data:

Firefox Products. For example there is Firefox Monitor, which lets you check if your email addresses have been breached by some data leaks in the past or Firefox Relay, which lets you create random email addresses for spam prevention purposes that are forwarded to your regular address and can be deleted on a whim.

On my smartphone I now use use Firefox as my main browser plus Firefox Focus as my standard app for when I click on links. It's basically a light Firefox with constant privacy mode, that can delete all cookies as soon as you leave the page again.


E-Mail

Moved my main account to Protonmail. I like it so much that I even opted for a premium subscription, which mostly lets me create more mail addresses.

Even in the basic version, though, it's possible to use tags. For example, if your address was johndoe@protonmail.com, you can receive mails sent to johndoe+anything@protonmail.com. So that's what I'm doing now when registering for newsletters or different sites. If my data was sold anywhere or breached and I get spam to that address, I at least know about it and can block it.


Adblock, ublock

Yeah, I guess this is a no-brainer. My Internet looks pretty clean, although I do make exceptions in rare cases. I'm also not as reluctant anymore to pay a bit for what I like, as I was earlier in my life.

~~~

That's it for now. Windows 11 is another area of interest, I suppose. Anything to know there, besides the obvious stuff you can turn off?

Thanks for the info!

Originally Posted by Arhu
Moved my main account to Protonmail. I like it so much that I even opted for a premium subscription, which mostly lets me create more mail addresses.

It's interesting. Complicated to change one's email after so long, though, but if I had to change it I would definitely consider them.

Here's for their debuts: 3 people working at the CERN funded this company in 2014-ish. https://home.cern/news/news/computin…ail-encryption

I see they provide VPN solutions too, and a basic, free one that I want to test. They have servers in a lot of countries. I don't think it's really necessary for privacy but it could help with access, and not always getting websites in another language than my own (Belgium has 3 languages).

Regarding Windows 10-11.

I was reading this article, which claims that Windows 11 collects more data than Windows 10 (like other articles I've seen), though it's always hard to know what is correct, and things change with time. Others will likely know more about it, but my two cents:

- I would delay the switch to Windows 11 as late as possible. It will be more stable, complains about privacy may reduce their abuse, and people will have developed more knowledge and solutions to tune the OS.

- It seems similar to Windows 10, in that you don't need an online account to install it, even if the OS makes its best to discourage it. You can opt out of this at the installation (click Next instead of creating the account, later select "Offline account" as sign-in option, disregard all the warnings and go on), and you can access the real user panel with the netplwiz command, instead of the one available from the configuration panel which is very limited and doesn't show the local accounts.

Originally Posted by Redglyph

- It seems similar to Windows 10, in that you don't need an online account to install it, even if the OS makes its best to discourage it. You can opt out of this at the installation (click Next instead of creating the account, later select "Offline account" as sign-in option, disregard all the warnings and go on), and you can access the real user panel with the netplwiz command, instead of the one available from the configuration panel which is very limited and doesn't show the local accounts.

You need to ensure you skip the connection to WIFI or wired network step (maybe even go into airplane mode or disconnect if using a cable) to be able to choose a local account in Windows 11. Running it now or a couple of months myself and I don't have any issues with it in regard to stability and performance.

Wait a minute didn't Microsoft stop the installation of Win 11 offline accounts? I know it was offered with the Enterprise/Pro edition, but that was to be phased out as well.

Good to know. My home PC is too old to run Win11 and my work laptop is in a domain, so I haven't had to think about the login yet. Otherwise, regarding interface and usability, particularly on an ultra widescreen monitor, I love it.

Originally Posted by Couchpotato
Wait a minute didn't Microsoft stop the installation of Win 11 offline accounts? I know it was offered with the Enterprise/Pro edition, but that was to be phased out as well.

From answers @Microsoft.com

Local Account in Windows 11

If you are install Windows 11 Home edition, your options for setting up a Local Account if you perform a clean install or setup a new PC will require signing in with a Microsoft Account. If you don't have one or don't want to create one, an alternative is to use a security key. But users do have some options that will require either disabling your Internet connection during the Out Box Experience.

So it can still be done, but they strongly advice against it for "security" reasons.

@Couchpotato @basharran This guide illustrates that: https://www.youtube.com/watch?v=uenBIXMM91g

They have an alternative solution to avoid disconnecting everything physically:
- SHIFT + F10, this opens a command prompt
- ipconfig /release, to release the network adapter

There's more to it, I'll let anyone interested watch the video.

It's ridiculous, if it weren't for games and a few apps, I'd switch my home PC to Linux (I know, it's possible to play a good share of games in Linux, but often with distros I don't want to use). Maybe the day I'm forced to upgrade Windows again to 11 or whatever comes next, I'll just do it.

I'm weird, or at least that's what family and friends tell me about my online habits: I only visit three websites and when I'm done browsing, usually after twenty minutes or so, I yank the hard-wire and simply read or play a game. I never ever simply let my computer remain attached online unless I'm doing something specific with it.

I use proton mail too, its good.

Hackers are really sophisticated now, so be careful if you get emails or texts saying "your Bank account is suspected of fraudulent activity, call this number now"

That message is itself a scam. They can find out who you bank with and impersonate like its your bank contacting you. I'm highly security conscious, and I almost fell for "my bank" saying there was fraud message.

If I hadn't gone onto my bank account first, and checked and saw there were no notifications from my bank to my account, I would have possibly gave out my bank credentials to a scammer.

Just be aware there are scammers all over now and they can get info about you like you wouldn't believe. Always have banks do double verifications where they send you a text message just to clear security to log onto the website.

If working at a certain job, lock your twitter account just so people can't try to track down your tweets and weaponize them against you. Don't post any photos that you aren't proud of online, never send nudes unless you are prepared to be exposed by cheats somehow. Hell, don't get me started, I will start saying you should hide where you live too, lol.

Originally Posted by Carnifex
I'm weird, or at least that's what family and friends tell me about my online habits: I only visit three websites and when I'm done browsing, usually after twenty minutes or so, I yank the hard-wire and simply read or play a game. I never ever simply let my computer remain attached online unless I'm doing something specific with it.

I could easily understand that if you were using a modem on the land line before. I used to ask my dad for permission before downloading files, so costly it was. … and also to make sure they wouldn't pick up the phone to call someone and wreck the download.

You can just close your connection with Windows to avoid messing with the Ethernet cable each time. Just click on the network icon at the bottom right, it opens a pop-up with the current connection, and there's an "airplane mode" option.

The downside of disconnecting after a short time is that it may delay the security updates that the OS needs to download, making your PC more vulnerable next time you connect.

Just to talk more generally about the state of our privacy, and the surveillance that's going on. What's really happening is that the vast majority of sites we visit are embedding code from multiple advertising services, which are trying to track and profile us, so that valuable data can be traded. You and your profile are where the money is being made, and the adverts you might see are a minor consequence of it.

All these sites have boiler-plate waffle about how they respect your privacy, while embedding sometimes dozens of bits of code from third-party advertising services, knowing that they they are attempting to uniquely identify and profile you, to track your behaviour across sites, and feed that into the data-trading system. And they have no real clue what these various scripts might be up to.

Most of us are probably aware of the Chinese state's attempt to develop a "social credit system", where everyone is fully surveilled and profiled, and assigned a score that has serious real-world implications. What we need to bear in mind is that something very similar is developing via the back-door in supposedly free countries, through online tracking, and the collaboration of the big data brokers with our own states and corporations.

In terms of "what's the worst that could happen", a couple months ago the people of Ukraine were driving home from the office, picking the kids up from football practice, and heading home for some Netflix - just like the rest of us. Now there is a real danger of them falling under authoritarian control, and there will be data about the citizens available to the new authorities that the Stasi could only have dreamed of. Better not have a profile that's flagged as a potential subversive. And even with something as seemingly innocuous as Netflix, you can bet they are profiling what your tastes are, what documentaries you watch, and feeding it into the data trading system.

There has tended to be a dismissive attitude towards concerns about privacy online, with a sort of implication that the cool kids don't worry about that tinfoil hat nerd shit. But, I think that attitude is old and lame itself at this point, and is aging like fine milk. A lot of the younger generation and the more switched-on folks understand what's going on now, and see the danger. If you haven't, I would look into it.

Some news about Proton, they're updating and integrating their product offer: https://news.itsfoss.com/protonmail-now-proton/

Shouldn't this thread be moved to Tech Help? I see many privacy posts ending up in the security thread over there instead of here, probably because of that.

Good stuff. I have a Mail Plus subscription and apparently got more features now. Using another VPN service at the moment, but will consider switching once the subscription runs out.

Moved the thread to Tech Help.

Originally Posted by Arhu
Good stuff. I have a Mail Plus subscription and apparently got more features now. Using another VPN service at the moment, but will consider switching once the subscription runs out.

Moved the thread to Tech Help.

Thanks!

How does the + thing work?

Do I just subscribe somewhere using +hello and it shows me those separately somehow?

Is there a limit on these?

Originally Posted by Pladio
How does the + thing work?

Do I just subscribe somewhere using +hello and it shows me those separately somehow?

Is there a limit on these?

I'm not sure what you are talking about. '+' from where?

Originally Posted by Redglyph
I'm not sure what you are talking about. '+' from where?

That's what you said:

Even in the basic version, though, it's possible to use tags. For example, if your address was johndoe@protonmail.com, you can receive mails sent to johndoe+anything@protonmail.com. So that's what I'm doing now when registering for newsletters or different sites. If my data was sold anywhere or breached and I get spam to that address, I at least know about it and can block it.

Originally Posted by Pladio
That's what you said:

Ah, you mean @Arhu's first post. I haven't tried that, I have just checked their mail and VPN free versions and it's very good, but you only get one email with the free version.

I didn't notice the additional emails must begin with the same root name though, if it's how it works it may be limiting. For my part, I'm using a "waste" email address for registrations and the like, unless I have enough trust in the website. I never read emails there except the confirmation when I'm registering somewhere.

Oops
Yes. It was Arhu.

It is an option that can be enabled in mail receivers. They either use name+something@mailserver.com or something@name.mailserver.com (if your actual account is name@mailserver.com).
Almost all mail receiving server software can do this. It just needs to be enabled on the mail server. If it is not you cannot use it. It is however only for receiving mails. You cannot send mails using that mechanism.