Protecting Your Privacy on Internet - Googlegeneva.libnet.info/images/pdfs/geneva/Class...

1 *

ClassDescriptionLearn how to control your 'digital trail' on the Internet: managing cookies, including 'super cookies', the difference

between session cookies, persistent cookies, and third‐party cookies; learn what information your browser reveals to

websites and how this can be used to identify you.

ClassLengthOne and one‐half (1½) hours

IntroductionA recent survey (January 2016) revealed that 68% of Americans cited online privacy as the thing they most worry about,

especially the issue of organizations sharing their personal details with other enterprises without their knowledge. More

than one‐quarter of those surveyed reported they have stopped using an app because the information it asked for was

deemed ‘disproportionate’; nearly one‐fifth felt ‘forced to use a website they didn’t trust’; one‐third said they

appreciated being able to read privacy policies, but only one‐sixth have actually done so.

If you went shopping at a mall, you wouldn’t give your name, address and phone number to any store that asked for it.

And you wouldn’t want someone following you around the mall, watching what you buy, and seeing how much money

you have on you.

To protect your privacy, it is necessary to limit how much personal information you post on the Internet. Remember, if

you’re on Facebook or LinkedIn, you've already given away a lot of privacy. How far you go to protect your privacy

depends on how you feel about anonymity. There is a direct correlation between convenience and anonymity (the more

convenience, the less anonymity; the more anonymity desired, the less convenience).

Objectives Understand the difference between session cookies, persistent cookies, third‐party cookies, and ‘super cookies’

Understand how to manage cookies

Have an understanding of what your web browser reveals to websites

Learn what options are available to control your personal information

Thisisahandoutforyoutokeep.Pleasefeelfreetouseitfortakingnotes.

Protecting Your Privacy on the Internet

2 *

CookiesAn overview of how cookies are used:

Whatisacookie?A web cookie is a small piece of data sent from a website and stored in the user’s web browser. Every time the user

loads the website, the web browser sends the cookie back to the website server to inform the server of the user’s

previous activity. Web cookies were designed to be a reliable mechanism for websites to remember information (such as

items added in the shopping cart in an online store), record the user’s previous activity (to notify the user of changes on

the website since the last visit), to check if a user id and password is being used to access an account from a never‐

before‐used location (to reduce the possibility of fraud), to save a user’s preferences on the site (such as font, font size,

or color theme), to verify the user is currently logged in (eliminating the need for a user to provide user id and password

for each page they try to access) , and even to save passwords and form content a user has previously entered, such as a

credit card number or an address.

In short, web cookies were designed for good uses.

TypesofCookiesSession cookies are only retained as long as the web browser remains open. They are used while a user navigates a

website. Because they have no expiration date, the web browser deletes them when it closes.

3 *

Persistent cookies are created with expiration dates which a web browser uses to determine when they can be deleted.

Many cookies are dynamically set to a certain number of days and/or months and/or years into the future. I’ve seen

cookies with expiration dates of 31 Dec 9999 (!) and some with dates in the 1960s (not a typo!). Most tracking cookies

are of this type; they can be used by advertisers to record information about a user's web browsing habits over an

extended period of time.

Secure cookies can only be transmitted over an https connection (not http). This makes them less likely to be exposed to

cookie theft via eavesdropping.

First‐party cookies come from the domain shown in the web browser’s address bar, i.e., from the website being visited.

They are used by the website for things like keeping a user logged in between pages.

Third‐party cookies come from a domain not shown in the web browser’s address bar. These sorts of cookies typically

appear when web pages feature content, such as banner advertisements, from external websites. This opens up the

potential for tracking the user's browsing history, and is often used by advertisers in an effort to serve relevant

advertisements to each user.

Supercookies are either (1) cookies configured to appear they are from a top‐level domain (e.g. ‘.com’) and can be used

to impersonate cookie requests from all websites with that particular top‐level domain; most modern web browsers

block these; (2) a ‘zombie cookie’ or ‘evercookie’ or ‘flash cookie’ or other unusual cookie designed to remain

permanent; or (3) ‘unique identifier headers’ which are injected into a user’s request for a web page by the provider (in

March 2016, Verizon agreed to pay a $1.35 million to resolve charges by the FCC for doing this).

Flash cookies are cookies stored by Adobe’s Flash Player in its own local storage space.

Zombie cookies (aka ‘evercookies’) are cookies that are automatically recreated after being deleted. This is

accomplished with the help of a script which stores the cookie’s content in multiple locations (such as Adobe Flash

Player’s local storage, normal cookie storage, browsing history, and other locations), and, when the script detects the

cookie’s absence in any of these locations, recreates the cookie using the data stored in the other locations.

ComputerUsers’ResponseUnfortunately, people discovered how to use cookies for not‐so‐good

purposes. Now, many web pages save dozens of cookies to your

computer — both from the website you visit and from third parties —

just by visiting a single page. Most advertisements appearing on a web

page also come with cookies. These cookies can be used to assemble a

profile of the websites you visit, the articles you read, what items you

view on a retailer’s website, what items you purchase, how long you

spend on a page, and more.

Gathering information about consumers is certainly not new. After all,

credit reporting agencies and direct marketing firms have kept detailed

files about consumers' payment histories and buying patterns for

decades. The difference is the Internet has made this type of infor‐

mation gathering much easier, faster, and cheaper. The plummeting

costs of data entry, computer processing, storage, and communications

are making it economical even for small companies to record every

detail of their interactions with customers for later use and sale.

Inevitably, this led to a reaction. People wanted to delete web cookies

and prevent them from being used for tracking.

Number of cookies received from one visit to

the CNN home page:

Cookie domain Numbercnn.com 20 rubiconproject.com 18 outbrain.com 5 doubleclick.net 2 krxd.net 2 postrelease.com 2 scorecardresearch.com 2 131788053.log.optimizely.com 1 aspen.turner.com 1 google.com 1 imrworldwide.com 1 twitter.com 1 ugdturner.com 1

TOTAL 57

4 *

Deleting(Removing)Cookies&SettingControlsonCookiesFlash Player cookies are stored within the Flash Player and are shared across different web browsers.

AdobeFlashPlayerCookiesClick the ‘Start’ button and click ‘Control Panel’. Click on ‘System and

Security’ …

… find and click ‘Flash Player’ (there

may be some variation in name) to

open the ‘Flash Player Settings

Manager’:

On the ‘Storage’ tab, under ‘Local

Storage Settings’, is the default of

‘Allow sites to save information on

this computer’. This means ‘Flash

cookies’. You can change it here. If you choose to block all sites

from storing information, you’ll see a warning:

5 *

If you click the ‘Delete All…’ button you will see:

DeletingCookies&SettingControlsonCookiesinBrowsersThe procedure for deleting cookies is similar across web browsers. Here are the steps for some of the most common

web browsers. If you use a different browser and can’t figure out how to apply these directions to your browser, a Web

search will provide instructions.

SafarionOSXLaunch Safari. From the menu select ‘Safari’, then

‘Preferences’. A window will open to the ‘General’

options (or the last option you had open).

Switch to the ‘Privacy’ option.

6 *

‘Always block’ (all) cookies will prevent any

new cookies from being stored, but many

websites will not function without a cookie.

‘Allow from websites I visit’ blocks third‐

party cookies.

‘Always allow’ allows all cookies from all

sites.

Clicking on ‘Remove All Website Data…’ will

open a confirmation window ‘Are you sure

you want to remove all data stored by

websites on your computer?’ plus some

additional details and a choice of ‘Cancel’ or

‘Remove Now’.

Click on ‘Details’ opens a list of sites which

have stored cookies (shown at right).

From here, you can selectively remove

cookies, cached information, and ‘local

storage’.

InternetExploreronMicrosoftWindowsLaunch Internet Explorer. Click the toothed wheel near the upper‐right to

open the menu, then click on ‘Internet options’.

(Alternately, you can click the ‘Start’ button and click ‘Control Panel’…

7 *

… from the Control Panel, click ‘Network

and Internet’).

Either way, the ‘Internet Options’ dialog

box will open (next page). It has seven tabs

and will open to the ‘General’ tab.

Clicking the Delete… button opens the ‘Delete Browsing History’ dialog

box:

This can be used to

delete everything in a

category. (There is no

option for deleting

specific cookies.)

Placing a check next to

‘Delete browsing

history on exit’ will

delete everything every

time Internet Explorer

is closed.

Clicking the ‘Settings’ button opens the ‘Website Data Settings’ dialog

box with three tabs:

The ‘Temporary Internet

Files’ tab has a ‘View files’ button which can be used to open the folder

serving as Internet Explorer’s cache. This can be used for selectively

deleting files.

8 *

The ‘History’ tab is used to limit the number of days information is

stored.

The ‘Privacy’ tab of the

‘Internet Properties’

dialog box has a slider

bar with options of

‘Block All Cookies’,

‘High’, ‘Medium High’,

‘Medium’ (default),

‘Low’, and ‘Accept All Cookies’. For the more adventurous, clicking on

the ‘Advanced’ button opens a dialog box (shown far right) where

placing a check next to ‘Override automatic cookie handling’ allows

choices for ‘First‐party Cookies’, ‘Third‐party Cookies’ and ‘session

cookies’.

GoogleChromeonMicrosoftWindowsLaunch Google Chrome. Click the three horizontal lines near the upper‐

right and then click ‘Settings’.

9 *

Scroll down to

the bottom of

the screen and

click on ‘Show

advanced

settings’.

This will expose

several

sections

beneath the

‘Default

browser’

section (see

next page).

Do Not Track options are handled

differently by different web browsers,

but there is one thing common to all: it is

a request only. There is no requirement

for any website to honor the request.

10 *

The section of interest is the ‘Privacy’ section.

Clicking the ‘Clear browsing data…’ button opens a

window from where types of data can be selected

for deletion as well as how far back in time the

deletions should cover.

Clicking the ‘Contents settings…’ button opens a

long section of options (see next page).

11 *

We are interested in the first section, ‘Cookies’.

There are options allowing you to choose how Google

Chrome will normally handle cookies and two buttons

offering more detailed controls.

12 *

The ‘Manage

exceptions…’ button

opens the window at

right. It is used to override

the handling of cookies

from specific websites.

The ‘All cookies and site data…’ button opens a window for

viewing what is being stored:

Entries can be clicked to provide additional

details:

Items can be removed individually…

…or all items can be removed.

13 *

MozillaFirefoxonMicrosoftWindowsLaunch Mozilla Firefox. Click the three horizontal lines near the

upper‐right and then click ‘Options’.

The ‘Options’ page will open to the ‘General’ section. Click ‘Privacy’

to get to those options:

If you click ‘clear your recent

history’, a dialog box opens with

choices of what you want

cleared (deleted) and how far

back in time the deletions should

cover:

If you click ‘remove individual cookies’, a window opens from which you can

examine individual cookies and then remove them with the ‘Remove Selected’

button. If you want to remove all

cookies from a single domain, be

sure to have the domain

highlighted, not a specific cookie.

You can also click the ‘Remove All’

button to delete all cookies from all domains.

14 *

By default, Firefox will accept all

cookies and remember all

history, but this can be changed

with this drop‐down menu.

If you select, ‘Never remember

history’, this pop‐up will appear:

Selecting ‘Use custom settings

for history’ expands the

‘History’ section, offering more

granular options:

The drop‐down menu for ‘Accept third‐party

cookies:’ offers ‘Always’, ‘From visited’, and

‘Never’.

The drop‐down menu for ‘Keep until:’ offers

‘they expire’, ‘I close Firefox’, and ‘ask me

every time’.

The ‘Exceptions…’ button opens the window

below. It is used to override the handling of cookies from specific websites.

The ‘Show Cookies…’ button opens the window showing

cookies seen on the previous page. From there, you can

delete individual cookies, all cookies from a specific

domain, or all cookies from all domains.

15 *

AdvertisersReaction:BrowserFingerprintingConcerned about privacy, many users began deleting cookies and even preventing them from being saved to their

computers. Advertisers responded by coming up with a new way to track users: Browser Fingerprinting. Browsers

provide information to websites in order for the website to serve up an appropriate page – and some information not

strictly needed, but still provided: things like computer operating system version, screen resolution, color depth, plug‐ins

on the browser being used, applications installed on the computer (Adobe Reader, Adobe Flash, Java, Real Player,

QuickTime, etc.), colors set for windows used by the operating system (title color, border color, background, fonts, etc.),

size of the browser’s window, time zone, fonts installed, IP address, geographical location, whether it was a mobile

phone, preferred language, and a whole lot more. When they put all of this together, they were able to assemble a

‘fingerprint’ that was almost as unique as a human fingerprint — and this fingerprint was stored in a database on an

advertiser’s server where they could collate visits to various websites by a particular computer/browser fingerprint.

The Institute of Electrical and Electronics Engineers has labelled this the ‘Online‐Tracking Arms Race’ (see article in Links

section).

Of course, just like the use of cookies, these techniques can be used for positive purposes, such as ensuring the person

logging into an account really is that person and not someone thousands of miles away who has acquired a password to

another person’s account. Unfortunately, browser fingerprinting for tracking purposes is much more common than

browser fingerprinting to prevent fraud.

There are some ways to reduce the effectiveness of browser fingerprinting. The most common are (1) use Tor, (2) use

the Tor browser, (3) use a VPN, (4) disable JavaScript, and (5) use a HOSTS file. VPNs, unless provided for you by an

employer or school, usually cost money; the others are free.

UsingTorTor is free software (additional information in Links section) for enabling anonymous communication. It directs Internet

traffic through a free, worldwide, volunteer network consisting of thousands of relays to conceal a user’s location and

usage from anyone conducting network surveillance or traffic analysis. The core principle behind Tor was created by the

United States Naval Research Laboratory with the purpose of protecting U.S. intelligence communications online and

developed further by the Defense Advanced Research Projects Agency, a department of the U.S. Department of

Defense.

Tor can be very effective, but, as the Tor website warns, ‘You need to change some of your habits, as some things won't

work exactly as you are used to.’ Changing habits (in any area of our lives) is difficult. Bouncing the network traffic

between you and your destination through Tor does have a performance ‘hit’. Using Tor does attract the attention of

the NSA and its friends and it causes the NSA to assume you are not a citizen of the U.S. and therefore eligible to be

surveilled.

UsingtheTorBrowserThe Tor browser, is a project of The Tor Project. It is free to download

and use and is available for Microsoft Windows, Apple OS X,

GNU/Linux, BSD, Unix, and Android. At right is the screen for setting

‘Privacy Settings’ and ‘Security Level’. It works like any other browser,

but at the higher security levels, some pages may not function as

expected or even appear as intended.

16 *

DisablingJavaScriptAlthough all web browsers have the ability to block JavaScript, this will render many websites inoperable. Many web

browsers which permit add‐ons have extensions such as Mozilla Firefox’s ‘NoScript’ which will initially block all

JavaScript, but allow the user to specify exceptions as they encounter a website which needs it. Until you have visited all

your regular websites and specified exceptions, it can be tedious to use, but thereafter works with no interaction unless

visiting a website not previously visited.

Some websites use JavaScript both to function and to track. A recent story (March 2016) reported a user who had ad‐

blocking software installed was using Facebook, typing a comment about only travelling with carry‐on baggage, and the

right‐hand pane changed to one for luggage — and he hadn’t even pressed the Enter key!

Google Chrome can be set to block JavaScript on all sites by default, when you browse to a site that uses JavaScript, the

upper right corner of the browser displays a box with a red “X” through it. If you click that and select “Always allow

JavaScript on [site name]” it will permanently enable JavaScript for that site, but it doesn’t give you the option to block

third‐party JavaScript content on the site as NoScript does.

UsingaHOSTSFileA typical web page will contain references to other domains which are only used for advertising and/or tracking

purposes. When the web browser loads the page, it does what it does when a website’s address is entered into the

browser: it requests the Internet Protocol (IP) address — unless it already has the address stored internally.

Originally, Internet‐capable devices used a HOSTS file which contained a directory of other computers and their IP

addresses. But when domain names were introduced to handle the growing number of computers on the Internet, the

Domain Name Service (DNS) was created: a network of servers containing directories of domains and their IP addresses.

When one of these servers received a request, it either responded with the answer or forwarded the request to another

DNS server and once it had the answer, responded to the request. But if the computer ‘knows’ a domain’s IP address

already, there is no need for a DNS request. And the HOSTS file is still present (typically with almost nothing in it).

So when a web page refers to a domain such as doubleclick.net (DoubleClick has been serving up advertising and

tracking users since 1996), the computer could make a DNS request, be told the address is 216.58.216.78, and then

request the information from that IP address. But, if the HOSTS file has an entry for doubleclick.net with the IP address

listed as 0.0.0.0 (a special address universally reserved for use by each Internet‐capable device to refer to itself which is

never forwarded to another device), then it requests the information from itself and gets a ‘not available’ response.

The result? No advertisement to fill the space on the web page (depending on the web browser, it will either be blank or

have a ‘not available’), no scripts from that domain can be run, and — critically — no information can reach that domain

from the web browser. This all happens in milliseconds. In fact, receiving a ‘not available’ response from itself is faster

than downloading the advertising and scripts from the advertising/tracking domain.

It would be a lot of work to create a HOSTS file listing the thousands of domains used for advertising and/or tracking

purposes. But others have already done the work. One only need download one of their prepared HOSTS file and replace

the one on the computer to be used.

Instructions for doing this are readily available. It requires basic‐to‐intermediate computer skills. Ideally, an updated

HOSTS file should be used to replace an existing HOSTS file on a regular basis, but is not essential. The domains of

advertisers and trackers changes little.

HOSTS files can be defeated by a web page referring to advertisers and trackers by their IP address rather than their

domain name, but this tends to be rare because it eliminates the ability for a domain to have flexibility in its

configuration.

17 *

OtherTechnologiesforTrackingSilverPush

SilverPush is a software library which can be incorporated into applications. It is designed to pick up near‐ultrasonic

sounds embedded in a TV, radio, or web browser advert. These signals, in the range of 18kHz to 19.95kHz, are pitched

too high for most humans to hear, but can be decoded by software. Applications using the SilverPush code can pick up

these messages from a phone or tablet’s built‐in microphone, and be directed to send information such as the phone’s

International Mobile Station Equipment Identity number (which is usually unique), location, operating system version,

and potentially the identity of the owner, to the application’s servers.

Imagine sitting in front of the television watching a show about cooking and an advert comes on for kitchenware with an

embedded ultrasonic signal, apps using SilverPush on your nearby phone will hear it, decide you are into cookery, and

phone home this data to ad networks. Adverts for cooking‐related items will start appearing.

The US Federal Trade Commission has already sent letters to a dozen mobile app developers, warning that software

using SilverPush could be in violation of federal privacy laws.

KeystrokeDynamicsTelegraphists used to be able to recognize who was sending messages based on an operator’s unique ‘signature’: things

like speed; durations of dots, dashes, and intervals; and accuracy. Even as late as World War II, military intelligence used

these signatures to help distinguish enemy from ally. This technique was found to be applicable to typists on a

typewriter and later a computer keyboard. With computer analysis, this has developed to include analysis of each key on

a keyboard and key sequences (for example, ‘stewardesses’, ‘reverberated’, ‘watercrafts’, and ‘cabbages’ might be

typed more quickly by left‐handed typists than right‐handers with the same average typing speed).

So far, the use of keystroke dynamics has been limited to applications where it is necessary to ensure the person

entering a user ID, password (or even better, passphrase) is the one to whom the user ID has been assigned. But the

technology is being examined for tracking purposes and may well be the next phase of the ‘Online‐Tracking Arms Race’.

OperatingSystems,UserAccounts,‘AppStores’,etc.Of course, whenever you are required to use a user ID (especially if it mandates

a ‘real‐name system’ or includes information such as a credit card which can be

connected to you), there is loss of privacy. Complete anonymity is difficult to

achieve.

Increasingly, operating systems are tracking what users do and even where

they travel. Smartphones (e.g. iOS and Android) and even more traditional

operating systems (e.g. OSX, Windows 10, Chrome OS, etc.) are retaining

information about our activities and even sharing that information with the

companies which develop them.

Peter Steiner’s cartoon shown at right was created in July 1993. More than

twenty years later, it can still be true, but is far less likely to be true.

18 *

LinksArticlesAboutTracking&Privacy

Electronic Frontier Foundation’s page on Privacy https://www.eff.org/issues/privacy

The 10 Immutable Laws of Personal Security on the Internet http://blog.radware.com/security/2015/08/10‐laws‐of‐internet‐security/

Anti‐privacy unkillable super‐cookies spreading around the world – study http://www.theregister.co.uk/2015/08/17/tracking_supercookies_spreading/

The Information That Is Needed to Identify You: 33 Bits http://blogs.wsj.com/digits/2010/08/04/the‐information‐that‐is‐needed‐to‐identify‐you‐33‐bits/

Browser Fingerprinting and the Online‐Tracking Arms Race http://spectrum.ieee.org/computing/software/browser‐fingerprinting‐and‐the‐onlinetracking‐arms‐race

The Privacy Risk Of Behavioral Profiling https://godpraksis.no/2015/07/the‐privacy‐risk‐of‐behavioral‐profiling/

Behavioral Profiling: The password you can't change https://paul.reviews/behavioral‐profiling‐the‐password‐you‐cant‐change/

ISPs are stripping encryption from netizens' email – EFF http://www.theregister.co.uk/2014/11/12/customers_email_encryption_stripped_out_by_isps/

Verizon to Pay $1.35 Million for “Supercookies” http://incompliancemag.com/verizon‐to‐pay‐1‐35‐million‐for‐supercookies/

Boasting about your binges on Facebook could hurt your credit score https://nakedsecurity.sophos.com/2015/11/05/boasting‐about‐your‐binges‐on‐facebook‐could‐hurt‐your‐credit‐score/

How TV ads silently ping commands to phones: Sneaky SilverPush code reverse‐engineered http://www.theregister.co.uk/2015/11/20/silverpush_soundwave_ad_tracker/

Beware of ads that use inaudible sound to link your phone, TV, tablet, and PC http://arstechnica.com/tech‐policy/2015/11/beware‐of‐ads‐that‐use‐inaudible‐sound‐to‐link‐your‐phone‐tv‐tablet‐and‐pc/

Revealed: FBI can demand web history, phone location data without a warrant http://www.zdnet.com/article/fbi‐can‐force‐companies‐to‐turn‐over‐user‐data‐without‐a‐warrant/

Redmond's Chatty Cathy (story about Windows 10 sending information to Microsoft) http://www.infosecurity.us/blog/2015/8/15/chatty‐cathy‐os

Microsoft vacates moral high ground for the data slurpers' cesspit (about Windows 10) http://www.theregister.co.uk/2015/08/06/microsoft_vacates_moral_high_ground_for_the_data_slurpers_cesspit/

San José Public Library Virtual Privacy Lab https://www.sjpl.org/privacy

19 *

ToolsSurveillance Self‐Defense: Tips, Tools and How‐tos for Safer Online Communications https://ssd.eff.org/

Privacy Badger https://www.eff.org/privacybadger

Who Has Your Back? Protecting Your Data From Government Requests https://www.eff.org/who‐has‐your‐back‐government‐data‐requests‐2015

justdelete.me ‐ A directory of direct links to delete your account from web services http://justdelete.me/

My IP Address – shows your Internet Protocol address, your Internet Service Provider, and your location http://whatismyipaddress.com/

BrowserSPY – online test showing what your browser reveals to websites http://browserspy.dk/

Panopticlick – online test of how unique your browser is to see how easily websites can track you https://panopticlick.eff.org/

Tor – free software that helps you defend against network surveillance and traffic analysis https://www.torproject.org/ — download & instructions: https://www.torproject.org/download/download.html

Tor Browser – free browser with user‐controlled levels of privacy and security settings https://www.torproject.org/projects/torbrowser.html

Tails (a live operating system designed to use the Internet anonymously) https://tails.boum.org/

TOS;DR [Terms of Service, Didn’t Read]– ratings of website terms and privacy policies https://tosdr.org/

HOSTS file from mvps.org (works on any operating system, but directions only provided for Windows) http://winhelp2002.mvps.org/hosts.htm

How Japan's Privacy Visor fools face‐recognition cameras http://www.pcworld.com/article/2969732/privacy/how‐japans‐privacy‐visor‐fools‐facerecognition‐cameras.html

Instructions5 steps to secure your Facebook account login https://blog.avast.com/2015/07/23/5‐steps‐to‐secure‐your‐facebook‐account‐login/

Worried about Google’s Your Timeline? Here’s how to disable tracking https://nakedsecurity.sophos.com/2015/07/24/worried‐about‐googles‐your‐timeline‐heres‐how‐to‐disable‐tracking/

Facebook users: Make sure your mobile phone number is private https://www.grahamcluley.com/2015/08/facebook‐mobile‐phone‐private/

Edward Snowden Explains How To Reclaim Your Privacy https://theintercept.com/2015/11/12/edward‐snowden‐explains‐how‐to‐reclaim‐your‐privacy/

The Edward Snowden guide to practical privacy (highlights of article from The Intercent) http://www.theregister.co.uk/2015/11/12/snowden_guide_to_practical_privacy/

Encryption Works: How to Protect Your Privacy in the Age of NSA Surveillance https://freedom.press/encryption‐works

20 April 2016

BrowserExtensions(mightblocksomewebcontentandfeaturesyouwanttosee)HTTPS Everywhere (browser extension) https://www.eff.org/https‐everywhere

Privacy Badger (browser extension) https://www.eff.org/privacybadger

uBlock (browser extension) https://www.ublock.org/

Messaging&MobileOpen Whisper Systems – send encrypted messages or make private phone calls for free with these open‐source tools https://www.whispersystems.org/

Telegram – free messaging app with a emphasis on speed and security. Syncs across multiple devices https://telegram.org/

Cryptocat – free, open‐source, encrypted messaging software https://crypto.cat/

Secure Messaging Scorecard – discover which online tools and mobile apps keep your messages safer https://www.eff.org/secure‐messaging‐scorecard

Privacy Coach – add‐on that helps you learn about and manage Firefox for Android privacy settings https://addons.mozilla.org/en‐Us/android/addon/privacy‐coach/

OnlineSearchEnginesDuckDuckGo – search engine that focuses on protecting searchers' privacy and avoiding personalized search results https://duckduckgo.com/

Disconnect Search – fetches results from popular search engines while preventing search sites from tracking your searches https://disconnect.me/search

Questions? Feel free to contact Ross Valentine at [email protected] or call the library at 630.232.0780 x279

Protecting Your Privacy on Internet - Googlegeneva.libnet.info/images/pdfs/geneva/Class...

Documents

Transcript of Protecting Your Privacy on Internet - Googlegeneva.libnet.info/images/pdfs/geneva/Class...