protecting your privacy on internet - googlegeneva.libnet.info/images/pdfs/geneva/class...
TRANSCRIPT
1 *
ClassDescriptionLearn how to control your 'digital trail' on the Internet: managing cookies, including 'super cookies', the difference
between session cookies, persistent cookies, and third‐party cookies; learn what information your browser reveals to
websites and how this can be used to identify you.
ClassLengthOne and one‐half (1½) hours
IntroductionA recent survey (January 2016) revealed that 68% of Americans cited online privacy as the thing they most worry about,
especially the issue of organizations sharing their personal details with other enterprises without their knowledge. More
than one‐quarter of those surveyed reported they have stopped using an app because the information it asked for was
deemed ‘disproportionate’; nearly one‐fifth felt ‘forced to use a website they didn’t trust’; one‐third said they
appreciated being able to read privacy policies, but only one‐sixth have actually done so.
If you went shopping at a mall, you wouldn’t give your name, address and phone number to any store that asked for it.
And you wouldn’t want someone following you around the mall, watching what you buy, and seeing how much money
you have on you.
To protect your privacy, it is necessary to limit how much personal information you post on the Internet. Remember, if
you’re on Facebook or LinkedIn, you've already given away a lot of privacy. How far you go to protect your privacy
depends on how you feel about anonymity. There is a direct correlation between convenience and anonymity (the more
convenience, the less anonymity; the more anonymity desired, the less convenience).
Objectives Understand the difference between session cookies, persistent cookies, third‐party cookies, and ‘super cookies’
Understand how to manage cookies
Have an understanding of what your web browser reveals to websites
Learn what options are available to control your personal information
Thisisahandoutforyoutokeep.Pleasefeelfreetouseitfortakingnotes.
Protecting Your Privacy on the Internet
2 *
CookiesAn overview of how cookies are used:
Whatisacookie?A web cookie is a small piece of data sent from a website and stored in the user’s web browser. Every time the user
loads the website, the web browser sends the cookie back to the website server to inform the server of the user’s
previous activity. Web cookies were designed to be a reliable mechanism for websites to remember information (such as
items added in the shopping cart in an online store), record the user’s previous activity (to notify the user of changes on
the website since the last visit), to check if a user id and password is being used to access an account from a never‐
before‐used location (to reduce the possibility of fraud), to save a user’s preferences on the site (such as font, font size,
or color theme), to verify the user is currently logged in (eliminating the need for a user to provide user id and password
for each page they try to access) , and even to save passwords and form content a user has previously entered, such as a
credit card number or an address.
In short, web cookies were designed for good uses.
TypesofCookiesSession cookies are only retained as long as the web browser remains open. They are used while a user navigates a
website. Because they have no expiration date, the web browser deletes them when it closes.
3 *
Persistent cookies are created with expiration dates which a web browser uses to determine when they can be deleted.
Many cookies are dynamically set to a certain number of days and/or months and/or years into the future. I’ve seen
cookies with expiration dates of 31 Dec 9999 (!) and some with dates in the 1960s (not a typo!). Most tracking cookies
are of this type; they can be used by advertisers to record information about a user's web browsing habits over an
extended period of time.
Secure cookies can only be transmitted over an https connection (not http). This makes them less likely to be exposed to
cookie theft via eavesdropping.
First‐party cookies come from the domain shown in the web browser’s address bar, i.e., from the website being visited.
They are used by the website for things like keeping a user logged in between pages.
Third‐party cookies come from a domain not shown in the web browser’s address bar. These sorts of cookies typically
appear when web pages feature content, such as banner advertisements, from external websites. This opens up the
potential for tracking the user's browsing history, and is often used by advertisers in an effort to serve relevant
advertisements to each user.
Supercookies are either (1) cookies configured to appear they are from a top‐level domain (e.g. ‘.com’) and can be used
to impersonate cookie requests from all websites with that particular top‐level domain; most modern web browsers
block these; (2) a ‘zombie cookie’ or ‘evercookie’ or ‘flash cookie’ or other unusual cookie designed to remain
permanent; or (3) ‘unique identifier headers’ which are injected into a user’s request for a web page by the provider (in
March 2016, Verizon agreed to pay a $1.35 million to resolve charges by the FCC for doing this).
Flash cookies are cookies stored by Adobe’s Flash Player in its own local storage space.
Zombie cookies (aka ‘evercookies’) are cookies that are automatically recreated after being deleted. This is
accomplished with the help of a script which stores the cookie’s content in multiple locations (such as Adobe Flash
Player’s local storage, normal cookie storage, browsing history, and other locations), and, when the script detects the
cookie’s absence in any of these locations, recreates the cookie using the data stored in the other locations.
ComputerUsers’ResponseUnfortunately, people discovered how to use cookies for not‐so‐good
purposes. Now, many web pages save dozens of cookies to your
computer — both from the website you visit and from third parties —
just by visiting a single page. Most advertisements appearing on a web
page also come with cookies. These cookies can be used to assemble a
profile of the websites you visit, the articles you read, what items you
view on a retailer’s website, what items you purchase, how long you
spend on a page, and more.
Gathering information about consumers is certainly not new. After all,
credit reporting agencies and direct marketing firms have kept detailed
files about consumers' payment histories and buying patterns for
decades. The difference is the Internet has made this type of infor‐
mation gathering much easier, faster, and cheaper. The plummeting
costs of data entry, computer processing, storage, and communications
are making it economical even for small companies to record every
detail of their interactions with customers for later use and sale.
Inevitably, this led to a reaction. People wanted to delete web cookies
and prevent them from being used for tracking.
Number of cookies received from one visit to
the CNN home page:
Cookie domain Numbercnn.com 20 rubiconproject.com 18 outbrain.com 5 doubleclick.net 2 krxd.net 2 postrelease.com 2 scorecardresearch.com 2 131788053.log.optimizely.com 1 aspen.turner.com 1 google.com 1 imrworldwide.com 1 twitter.com 1 ugdturner.com 1
TOTAL 57
4 *
Deleting(Removing)Cookies&SettingControlsonCookiesFlash Player cookies are stored within the Flash Player and are shared across different web browsers.
AdobeFlashPlayerCookiesClick the ‘Start’ button and click ‘Control Panel’. Click on ‘System and
Security’ …
… find and click ‘Flash Player’ (there
may be some variation in name) to
open the ‘Flash Player Settings
Manager’:
On the ‘Storage’ tab, under ‘Local
Storage Settings’, is the default of
‘Allow sites to save information on
this computer’. This means ‘Flash
cookies’. You can change it here. If you choose to block all sites
from storing information, you’ll see a warning:
5 *
If you click the ‘Delete All…’ button you will see:
DeletingCookies&SettingControlsonCookiesinBrowsersThe procedure for deleting cookies is similar across web browsers. Here are the steps for some of the most common
web browsers. If you use a different browser and can’t figure out how to apply these directions to your browser, a Web
search will provide instructions.
SafarionOSXLaunch Safari. From the menu select ‘Safari’, then
‘Preferences’. A window will open to the ‘General’
options (or the last option you had open).
Switch to the ‘Privacy’ option.
6 *
‘Always block’ (all) cookies will prevent any
new cookies from being stored, but many
websites will not function without a cookie.
‘Allow from websites I visit’ blocks third‐
party cookies.
‘Always allow’ allows all cookies from all
sites.
Clicking on ‘Remove All Website Data…’ will
open a confirmation window ‘Are you sure
you want to remove all data stored by
websites on your computer?’ plus some
additional details and a choice of ‘Cancel’ or
‘Remove Now’.
Click on ‘Details’ opens a list of sites which
have stored cookies (shown at right).
From here, you can selectively remove
cookies, cached information, and ‘local
storage’.
InternetExploreronMicrosoftWindowsLaunch Internet Explorer. Click the toothed wheel near the upper‐right to
open the menu, then click on ‘Internet options’.
(Alternately, you can click the ‘Start’ button and click ‘Control Panel’…
7 *
… from the Control Panel, click ‘Network
and Internet’).
Either way, the ‘Internet Options’ dialog
box will open (next page). It has seven tabs
and will open to the ‘General’ tab.
Clicking the Delete… button opens the ‘Delete Browsing History’ dialog
box:
This can be used to
delete everything in a
category. (There is no
option for deleting
specific cookies.)
Placing a check next to
‘Delete browsing
history on exit’ will
delete everything every
time Internet Explorer
is closed.
Clicking the ‘Settings’ button opens the ‘Website Data Settings’ dialog
box with three tabs:
The ‘Temporary Internet
Files’ tab has a ‘View files’ button which can be used to open the folder
serving as Internet Explorer’s cache. This can be used for selectively
deleting files.
8 *
The ‘History’ tab is used to limit the number of days information is
stored.
The ‘Privacy’ tab of the
‘Internet Properties’
dialog box has a slider
bar with options of
‘Block All Cookies’,
‘High’, ‘Medium High’,
‘Medium’ (default),
‘Low’, and ‘Accept All Cookies’. For the more adventurous, clicking on
the ‘Advanced’ button opens a dialog box (shown far right) where
placing a check next to ‘Override automatic cookie handling’ allows
choices for ‘First‐party Cookies’, ‘Third‐party Cookies’ and ‘session
cookies’.
GoogleChromeonMicrosoftWindowsLaunch Google Chrome. Click the three horizontal lines near the upper‐
right and then click ‘Settings’.
9 *
Scroll down to
the bottom of
the screen and
click on ‘Show
advanced
settings’.
This will expose
several
sections
beneath the
‘Default
browser’
section (see
next page).
Do Not Track options are handled
differently by different web browsers,
but there is one thing common to all: it is
a request only. There is no requirement
for any website to honor the request.
10 *
The section of interest is the ‘Privacy’ section.
Clicking the ‘Clear browsing data…’ button opens a
window from where types of data can be selected
for deletion as well as how far back in time the
deletions should cover.
Clicking the ‘Contents settings…’ button opens a
long section of options (see next page).
11 *
We are interested in the first section, ‘Cookies’.
There are options allowing you to choose how Google
Chrome will normally handle cookies and two buttons
offering more detailed controls.
12 *
The ‘Manage
exceptions…’ button
opens the window at
right. It is used to override
the handling of cookies
from specific websites.
The ‘All cookies and site data…’ button opens a window for
viewing what is being stored:
Entries can be clicked to provide additional
details:
Items can be removed individually…
…or all items can be removed.
13 *
MozillaFirefoxonMicrosoftWindowsLaunch Mozilla Firefox. Click the three horizontal lines near the
upper‐right and then click ‘Options’.
The ‘Options’ page will open to the ‘General’ section. Click ‘Privacy’
to get to those options:
If you click ‘clear your recent
history’, a dialog box opens with
choices of what you want
cleared (deleted) and how far
back in time the deletions should
cover:
If you click ‘remove individual cookies’, a window opens from which you can
examine individual cookies and then remove them with the ‘Remove Selected’
button. If you want to remove all
cookies from a single domain, be
sure to have the domain
highlighted, not a specific cookie.
You can also click the ‘Remove All’
button to delete all cookies from all domains.
14 *
By default, Firefox will accept all
cookies and remember all
history, but this can be changed
with this drop‐down menu.
If you select, ‘Never remember
history’, this pop‐up will appear:
Selecting ‘Use custom settings
for history’ expands the
‘History’ section, offering more
granular options:
The drop‐down menu for ‘Accept third‐party
cookies:’ offers ‘Always’, ‘From visited’, and
‘Never’.
The drop‐down menu for ‘Keep until:’ offers
‘they expire’, ‘I close Firefox’, and ‘ask me
every time’.
The ‘Exceptions…’ button opens the window
below. It is used to override the handling of cookies from specific websites.
The ‘Show Cookies…’ button opens the window showing
cookies seen on the previous page. From there, you can
delete individual cookies, all cookies from a specific
domain, or all cookies from all domains.
15 *
AdvertisersReaction:BrowserFingerprintingConcerned about privacy, many users began deleting cookies and even preventing them from being saved to their
computers. Advertisers responded by coming up with a new way to track users: Browser Fingerprinting. Browsers
provide information to websites in order for the website to serve up an appropriate page – and some information not
strictly needed, but still provided: things like computer operating system version, screen resolution, color depth, plug‐ins
on the browser being used, applications installed on the computer (Adobe Reader, Adobe Flash, Java, Real Player,
QuickTime, etc.), colors set for windows used by the operating system (title color, border color, background, fonts, etc.),
size of the browser’s window, time zone, fonts installed, IP address, geographical location, whether it was a mobile
phone, preferred language, and a whole lot more. When they put all of this together, they were able to assemble a
‘fingerprint’ that was almost as unique as a human fingerprint — and this fingerprint was stored in a database on an
advertiser’s server where they could collate visits to various websites by a particular computer/browser fingerprint.
The Institute of Electrical and Electronics Engineers has labelled this the ‘Online‐Tracking Arms Race’ (see article in Links
section).
Of course, just like the use of cookies, these techniques can be used for positive purposes, such as ensuring the person
logging into an account really is that person and not someone thousands of miles away who has acquired a password to
another person’s account. Unfortunately, browser fingerprinting for tracking purposes is much more common than
browser fingerprinting to prevent fraud.
There are some ways to reduce the effectiveness of browser fingerprinting. The most common are (1) use Tor, (2) use
the Tor browser, (3) use a VPN, (4) disable JavaScript, and (5) use a HOSTS file. VPNs, unless provided for you by an
employer or school, usually cost money; the others are free.
UsingTorTor is free software (additional information in Links section) for enabling anonymous communication. It directs Internet
traffic through a free, worldwide, volunteer network consisting of thousands of relays to conceal a user’s location and
usage from anyone conducting network surveillance or traffic analysis. The core principle behind Tor was created by the
United States Naval Research Laboratory with the purpose of protecting U.S. intelligence communications online and
developed further by the Defense Advanced Research Projects Agency, a department of the U.S. Department of
Defense.
Tor can be very effective, but, as the Tor website warns, ‘You need to change some of your habits, as some things won't
work exactly as you are used to.’ Changing habits (in any area of our lives) is difficult. Bouncing the network traffic
between you and your destination through Tor does have a performance ‘hit’. Using Tor does attract the attention of
the NSA and its friends and it causes the NSA to assume you are not a citizen of the U.S. and therefore eligible to be
surveilled.
UsingtheTorBrowserThe Tor browser, is a project of The Tor Project. It is free to download
and use and is available for Microsoft Windows, Apple OS X,
GNU/Linux, BSD, Unix, and Android. At right is the screen for setting
‘Privacy Settings’ and ‘Security Level’. It works like any other browser,
but at the higher security levels, some pages may not function as
expected or even appear as intended.
16 *
DisablingJavaScriptAlthough all web browsers have the ability to block JavaScript, this will render many websites inoperable. Many web
browsers which permit add‐ons have extensions such as Mozilla Firefox’s ‘NoScript’ which will initially block all
JavaScript, but allow the user to specify exceptions as they encounter a website which needs it. Until you have visited all
your regular websites and specified exceptions, it can be tedious to use, but thereafter works with no interaction unless
visiting a website not previously visited.
Some websites use JavaScript both to function and to track. A recent story (March 2016) reported a user who had ad‐
blocking software installed was using Facebook, typing a comment about only travelling with carry‐on baggage, and the
right‐hand pane changed to one for luggage — and he hadn’t even pressed the Enter key!
Google Chrome can be set to block JavaScript on all sites by default, when you browse to a site that uses JavaScript, the
upper right corner of the browser displays a box with a red “X” through it. If you click that and select “Always allow
JavaScript on [site name]” it will permanently enable JavaScript for that site, but it doesn’t give you the option to block
third‐party JavaScript content on the site as NoScript does.
UsingaHOSTSFileA typical web page will contain references to other domains which are only used for advertising and/or tracking
purposes. When the web browser loads the page, it does what it does when a website’s address is entered into the
browser: it requests the Internet Protocol (IP) address — unless it already has the address stored internally.
Originally, Internet‐capable devices used a HOSTS file which contained a directory of other computers and their IP
addresses. But when domain names were introduced to handle the growing number of computers on the Internet, the
Domain Name Service (DNS) was created: a network of servers containing directories of domains and their IP addresses.
When one of these servers received a request, it either responded with the answer or forwarded the request to another
DNS server and once it had the answer, responded to the request. But if the computer ‘knows’ a domain’s IP address
already, there is no need for a DNS request. And the HOSTS file is still present (typically with almost nothing in it).
So when a web page refers to a domain such as doubleclick.net (DoubleClick has been serving up advertising and
tracking users since 1996), the computer could make a DNS request, be told the address is 216.58.216.78, and then
request the information from that IP address. But, if the HOSTS file has an entry for doubleclick.net with the IP address
listed as 0.0.0.0 (a special address universally reserved for use by each Internet‐capable device to refer to itself which is
never forwarded to another device), then it requests the information from itself and gets a ‘not available’ response.
The result? No advertisement to fill the space on the web page (depending on the web browser, it will either be blank or
have a ‘not available’), no scripts from that domain can be run, and — critically — no information can reach that domain
from the web browser. This all happens in milliseconds. In fact, receiving a ‘not available’ response from itself is faster
than downloading the advertising and scripts from the advertising/tracking domain.
It would be a lot of work to create a HOSTS file listing the thousands of domains used for advertising and/or tracking
purposes. But others have already done the work. One only need download one of their prepared HOSTS file and replace
the one on the computer to be used.
Instructions for doing this are readily available. It requires basic‐to‐intermediate computer skills. Ideally, an updated
HOSTS file should be used to replace an existing HOSTS file on a regular basis, but is not essential. The domains of
advertisers and trackers changes little.
HOSTS files can be defeated by a web page referring to advertisers and trackers by their IP address rather than their
domain name, but this tends to be rare because it eliminates the ability for a domain to have flexibility in its
configuration.
17 *
OtherTechnologiesforTrackingSilverPush
SilverPush is a software library which can be incorporated into applications. It is designed to pick up near‐ultrasonic
sounds embedded in a TV, radio, or web browser advert. These signals, in the range of 18kHz to 19.95kHz, are pitched
too high for most humans to hear, but can be decoded by software. Applications using the SilverPush code can pick up
these messages from a phone or tablet’s built‐in microphone, and be directed to send information such as the phone’s
International Mobile Station Equipment Identity number (which is usually unique), location, operating system version,
and potentially the identity of the owner, to the application’s servers.
Imagine sitting in front of the television watching a show about cooking and an advert comes on for kitchenware with an
embedded ultrasonic signal, apps using SilverPush on your nearby phone will hear it, decide you are into cookery, and
phone home this data to ad networks. Adverts for cooking‐related items will start appearing.
The US Federal Trade Commission has already sent letters to a dozen mobile app developers, warning that software
using SilverPush could be in violation of federal privacy laws.
KeystrokeDynamicsTelegraphists used to be able to recognize who was sending messages based on an operator’s unique ‘signature’: things
like speed; durations of dots, dashes, and intervals; and accuracy. Even as late as World War II, military intelligence used
these signatures to help distinguish enemy from ally. This technique was found to be applicable to typists on a
typewriter and later a computer keyboard. With computer analysis, this has developed to include analysis of each key on
a keyboard and key sequences (for example, ‘stewardesses’, ‘reverberated’, ‘watercrafts’, and ‘cabbages’ might be
typed more quickly by left‐handed typists than right‐handers with the same average typing speed).
So far, the use of keystroke dynamics has been limited to applications where it is necessary to ensure the person
entering a user ID, password (or even better, passphrase) is the one to whom the user ID has been assigned. But the
technology is being examined for tracking purposes and may well be the next phase of the ‘Online‐Tracking Arms Race’.
OperatingSystems,UserAccounts,‘AppStores’,etc.Of course, whenever you are required to use a user ID (especially if it mandates
a ‘real‐name system’ or includes information such as a credit card which can be
connected to you), there is loss of privacy. Complete anonymity is difficult to
achieve.
Increasingly, operating systems are tracking what users do and even where
they travel. Smartphones (e.g. iOS and Android) and even more traditional
operating systems (e.g. OSX, Windows 10, Chrome OS, etc.) are retaining
information about our activities and even sharing that information with the
companies which develop them.
Peter Steiner’s cartoon shown at right was created in July 1993. More than
twenty years later, it can still be true, but is far less likely to be true.
18 *
LinksArticlesAboutTracking&Privacy
Electronic Frontier Foundation’s page on Privacy https://www.eff.org/issues/privacy
The 10 Immutable Laws of Personal Security on the Internet http://blog.radware.com/security/2015/08/10‐laws‐of‐internet‐security/
Anti‐privacy unkillable super‐cookies spreading around the world – study http://www.theregister.co.uk/2015/08/17/tracking_supercookies_spreading/
The Information That Is Needed to Identify You: 33 Bits http://blogs.wsj.com/digits/2010/08/04/the‐information‐that‐is‐needed‐to‐identify‐you‐33‐bits/
Browser Fingerprinting and the Online‐Tracking Arms Race http://spectrum.ieee.org/computing/software/browser‐fingerprinting‐and‐the‐onlinetracking‐arms‐race
The Privacy Risk Of Behavioral Profiling https://godpraksis.no/2015/07/the‐privacy‐risk‐of‐behavioral‐profiling/
Behavioral Profiling: The password you can't change https://paul.reviews/behavioral‐profiling‐the‐password‐you‐cant‐change/
ISPs are stripping encryption from netizens' email – EFF http://www.theregister.co.uk/2014/11/12/customers_email_encryption_stripped_out_by_isps/
Verizon to Pay $1.35 Million for “Supercookies” http://incompliancemag.com/verizon‐to‐pay‐1‐35‐million‐for‐supercookies/
Boasting about your binges on Facebook could hurt your credit score https://nakedsecurity.sophos.com/2015/11/05/boasting‐about‐your‐binges‐on‐facebook‐could‐hurt‐your‐credit‐score/
How TV ads silently ping commands to phones: Sneaky SilverPush code reverse‐engineered http://www.theregister.co.uk/2015/11/20/silverpush_soundwave_ad_tracker/
Beware of ads that use inaudible sound to link your phone, TV, tablet, and PC http://arstechnica.com/tech‐policy/2015/11/beware‐of‐ads‐that‐use‐inaudible‐sound‐to‐link‐your‐phone‐tv‐tablet‐and‐pc/
Revealed: FBI can demand web history, phone location data without a warrant http://www.zdnet.com/article/fbi‐can‐force‐companies‐to‐turn‐over‐user‐data‐without‐a‐warrant/
Redmond's Chatty Cathy (story about Windows 10 sending information to Microsoft) http://www.infosecurity.us/blog/2015/8/15/chatty‐cathy‐os
Microsoft vacates moral high ground for the data slurpers' cesspit (about Windows 10) http://www.theregister.co.uk/2015/08/06/microsoft_vacates_moral_high_ground_for_the_data_slurpers_cesspit/
San José Public Library Virtual Privacy Lab https://www.sjpl.org/privacy
19 *
ToolsSurveillance Self‐Defense: Tips, Tools and How‐tos for Safer Online Communications https://ssd.eff.org/
Privacy Badger https://www.eff.org/privacybadger
Who Has Your Back? Protecting Your Data From Government Requests https://www.eff.org/who‐has‐your‐back‐government‐data‐requests‐2015
justdelete.me ‐ A directory of direct links to delete your account from web services http://justdelete.me/
My IP Address – shows your Internet Protocol address, your Internet Service Provider, and your location http://whatismyipaddress.com/
BrowserSPY – online test showing what your browser reveals to websites http://browserspy.dk/
Panopticlick – online test of how unique your browser is to see how easily websites can track you https://panopticlick.eff.org/
Tor – free software that helps you defend against network surveillance and traffic analysis https://www.torproject.org/ — download & instructions: https://www.torproject.org/download/download.html
Tor Browser – free browser with user‐controlled levels of privacy and security settings https://www.torproject.org/projects/torbrowser.html
Tails (a live operating system designed to use the Internet anonymously) https://tails.boum.org/
TOS;DR [Terms of Service, Didn’t Read]– ratings of website terms and privacy policies https://tosdr.org/
HOSTS file from mvps.org (works on any operating system, but directions only provided for Windows) http://winhelp2002.mvps.org/hosts.htm
How Japan's Privacy Visor fools face‐recognition cameras http://www.pcworld.com/article/2969732/privacy/how‐japans‐privacy‐visor‐fools‐facerecognition‐cameras.html
Instructions5 steps to secure your Facebook account login https://blog.avast.com/2015/07/23/5‐steps‐to‐secure‐your‐facebook‐account‐login/
Worried about Google’s Your Timeline? Here’s how to disable tracking https://nakedsecurity.sophos.com/2015/07/24/worried‐about‐googles‐your‐timeline‐heres‐how‐to‐disable‐tracking/
Facebook users: Make sure your mobile phone number is private https://www.grahamcluley.com/2015/08/facebook‐mobile‐phone‐private/
Edward Snowden Explains How To Reclaim Your Privacy https://theintercept.com/2015/11/12/edward‐snowden‐explains‐how‐to‐reclaim‐your‐privacy/
The Edward Snowden guide to practical privacy (highlights of article from The Intercent) http://www.theregister.co.uk/2015/11/12/snowden_guide_to_practical_privacy/
Encryption Works: How to Protect Your Privacy in the Age of NSA Surveillance https://freedom.press/encryption‐works
20 April 2016
BrowserExtensions(mightblocksomewebcontentandfeaturesyouwanttosee)HTTPS Everywhere (browser extension) https://www.eff.org/https‐everywhere
Privacy Badger (browser extension) https://www.eff.org/privacybadger
uBlock (browser extension) https://www.ublock.org/
Messaging&MobileOpen Whisper Systems – send encrypted messages or make private phone calls for free with these open‐source tools https://www.whispersystems.org/
Telegram – free messaging app with a emphasis on speed and security. Syncs across multiple devices https://telegram.org/
Cryptocat – free, open‐source, encrypted messaging software https://crypto.cat/
Secure Messaging Scorecard – discover which online tools and mobile apps keep your messages safer https://www.eff.org/secure‐messaging‐scorecard
Privacy Coach – add‐on that helps you learn about and manage Firefox for Android privacy settings https://addons.mozilla.org/en‐Us/android/addon/privacy‐coach/
OnlineSearchEnginesDuckDuckGo – search engine that focuses on protecting searchers' privacy and avoiding personalized search results https://duckduckgo.com/
Disconnect Search – fetches results from popular search engines while preventing search sites from tracking your searches https://disconnect.me/search
Questions? Feel free to contact Ross Valentine at [email protected] or call the library at 630.232.0780 x279