Help me lock them out!!
January 4, 2008 6:15 AM   Subscribe

How can I protect my privacy online?

I have been following the recent stories* about the re-selling of data to third parties, loopholes in confidential data management, etc.

I am not a terrorist/ do not view dodgy pr0n/hate websites and I have nothing to hide (other than my own data) but I don't like corporations having access to this information that will steadily build up over the course of my lifetime. I want to know that any information that I give is stuff that I give willingly and with my full and considered consent.

So, here is the difficult bit: what hints, tips and advice can you offer to someone to ensure that minimal information is actually kept by these companies in the first place and to enable me to monitor how much I give them in the future?

I don't want to live like a virtual hermit, I DO want to make some purchases online and I do want to browse the web without any hassles where possible but not at the cost of having all my data bandied about to all and sundry.

I would like to build up some good habits (that I can automate if possible) which will enable me to keep an eye on this data.

I use a Mac at home and XP at work so advice for both is much appreciated.

Many thanks in advance!
posted by ClanvidHorse to Computers & Internet (13 answers total) 11 users marked this as a favorite
Response by poster: * Facebook
posted by ClanvidHorse at 6:17 AM on January 4, 2008

Disclaimer - I am nothing to do with this product and only ran across it on the web yesterday. However I am going to recommend my company buys them for our road warriors and I am going to get one for my personal use.

It is called IronKey and is advertised as being "designed to be the world's most secure USB flash drive, locks down your sensitive files and passwords with some of today's most advanced security technologies, including hardware encryption for safeguarding your data and advanced Internet protection software and services for securing your passwords and web browsing. And even if your IronKey is lost or stolen, not only is your data still protected, but you can restore it from an encrypted backup to a new IronKey and be up and running again in no time."

The thing even has an auto-destruct if the wrong password is entered 10 times consecutively. It appears to be a really good solution if you want to be security conscious.
posted by worker_bee at 6:23 AM on January 4, 2008

The first and by far the most meaningful thing you can do is to cut up all credit cards. Anything you do on the web is nothing more than a cherry on top of the information aggregated and sold by credit card companies.
posted by mikel at 6:24 AM on January 4, 2008

The majority of this stuff is done with cookies and javascript. Turn off, or hugely restrict them, and you're a long way towards winning. However, things like Facebook are designed to be data hoovers, so you can't use it and not have them track you.
posted by bonaldi at 6:30 AM on January 4, 2008

One obvious thing is to use pseudonyms and fake contact details when websites make you register (or use BugMeNot, if you can, though that's not always an option). I'm always amazed at how many people give out their details on web forms. Just make something up! To automate it, use the Google Toolbar's Autofill function.

Offline, you can do the same for things like grocery store and pet supply discount cards. It's not like you want them sending you mail, anyway.
posted by acridrabbit at 6:31 AM on January 4, 2008

If you really want to be anonymous online you could install Tor. Simply clearing cookies and emptying the browser cache regularly is a good idea. You can setup firefox to clear that info everytime it closes if you like.

On Mac, little snitch is great at monitoring any network activity initiated by applications on your machine. Netbarrier is another great tool with many relevant features.

The sears story has to do with spyware, not sure what facebook uses but I'd say 1) don't use your real name on a facebook account, and 2) clear cookies immediately after logging out of that site.

I don't have any specific recommendations for Windows, but good anti-spyware and anti-virus is essential, as well as a good firewall.
posted by sero_venientibus_ossa at 6:35 AM on January 4, 2008

Response by poster: I have already 'closed' my Facebook account (mainly due to the fact that I am not really too enamoured with people sending me vampire pokes or whatever shite) so that is not really an issue going forward but I suppose there will be some super-duper sites in the future that may be tempting to investigate and I want to make sure I cover my ass.
posted by ClanvidHorse at 7:00 AM on January 4, 2008

Always read EULA's and privacy policies, all the way through, to the bitter end. If you find anything even remotely fishy, don't use whatever it is.

Don't do e-commerce from work.

Avoid doing e-commerce on a Windows machine, especially if that machine has Computer Administrator user accounts in regular use for non-administrative work and/or a teenage sysadmin. If you must use Windows, don't use Internet Explorer. If you must use Internet Explorer, don't install any toolbars.
posted by flabdablet at 7:27 AM on January 4, 2008

The first and by far the most meaningful thing you can do is to cut up all credit cards.

I don't have anything to add, but I am interested in this question. So how does cutting up credit cards help anything?
posted by ObscureReferenceMan at 7:56 AM on January 4, 2008

acridrabbit was right about giving fake info to the grocery store discount cards and the like. However, it only works if you do not pay with a credit card using the discount card. They will link the two after a few times of that.

Not using credit cards will limit any data being collected. Pay cash. Any electronic transaction can and will be stored and linked to your name and your database.
posted by JohnnyGunn at 8:17 AM on January 4, 2008

A low-hassle solution for Firefox users is CS Lite, which allows you to control which sites get to place cookies (and thus track you between visits). Deny cookies by default, then selectively allow them for sites where you need them. This takes care of your Google history and most of the advertracking.

Be aware that anything that requires a non-shareable account will track you, and act accordingly. Seconding BugMeNot.

Use tor for stuff that you deem to sensitive to be seen by your ISP, but be sure to keep your tor/non-tor identities separate. Be aware that tor traffic is more vulnerable to snooping - even though you're anonymous, your traffic is less safe.
posted by themel at 8:19 AM on January 4, 2008

The first and by far the most meaningful thing you can do is to cut up all credit cards.

Uh, or you could call your credit card company and tell them not to sell your info. Read your ToS, there's a phone number in there.

Install Noscript for Firefox. Delete cookies regularly.
posted by almostmanda at 9:19 AM on January 4, 2008

My advice is much like almostamanda but goes a bit further.

1) Use firefox with Noscript and Tor with Foxyproxy

2) With noscript only allow scripts from sites you trust.

3) Only give out information where required i.e. use a false name unless buying things.

4) Do not allow people to sell your info (practically this means accepting fewer freebies - they come with strings; no free lunch and all that)

5) get the telephone and fax no dial preference service. This should eliminate calls.

6) Find and use encryption products - truecrypt is a good start.

7) Read crypto gram

8) Support EFF and ORG

Lastly true privacy is only buying things with cash, having no cards and no passport. Read some cryptogram think of who your actual threats are (credit card co's, government, crackers) and act accordingly. True privacy is no one knowing who you are.
posted by Vroom_Vroom_Vroom at 10:10 AM on January 4, 2008

« Older Need a new P4 motherboard   |   Wedding in Mexico? Newer »
This thread is closed to new comments.