I recently read some articles about data mining, Google, Facebook etc. that are really concerning. So, I'd like to know what do you think about using:

– Google search engine
– Gmail
– Facebook
– (add other services/sites if you like).

If you avoid to use above mentioned, what are alternatives that are more secure and that take care and respect your privacy?

When you are on the internet, as a general rule, be careful with what you post and publish. What name you use, etc... I wouldn't consider gmail and google search engine more secure/insecure than another one.

Google does collect some info, whether a concern or not who knows, I do remember some stuff about gmail, didn't pay much attention cause I don't use it.
There are many extensions/addons that claim various things ..?

https://addons.mozilla.org/en-US/firefox/browse/type:1/cat:12?show=100&sort=name

Privacy really depends on what type of footprint you leave on the internet, I see you have about 240 post on this forum, if you search google for your user name, all those post will show up in a search. I did a search on my name yesterday, and it was surpising what google found. It found post in other froums going back to 1998, which is when I started using linux.

Jim

One of the things that might help is the CustomizeGoogle Firefox extension. In particular, it's Google privacy settings:

From a review of Customize Google:


Privacy settings allow you to mask your Google identity as well as prevent data from being sent to Google Analytics.

-----

The privacy settings help to calm the nerves of folks who are uncomfortable with the cohesive behavior profiles that Google creates based on your actions. This shortens the reach of "big brother" without hampering access to any of your Google Account services.

http://browsers.about.com/od/46/gr/customizegoogle.htm

The extension is available here:

https://addons.mozilla.org/en-US/firefox/addon/743

After installation, look down the list for "Privacy".

It's also interesting how quickly it gathers everything
from my post 2 hrs. ago

Google does collect some info, whether a concern or not who knows

near bottom of page
http://www.google.com/cse?cx=014345598409501589908%3Amplknj4r1bu&ie=UTF-8&q=Google+does+collect+some+info%2C+whether+a+conce rn+or+not+who+knows&sa=Search

Often times the best judge of what should be public and what should be personal is the person who will ultimately post (or not post) the data.

You can use Tor with firefox for the best overall security. but, of course, you wouldn't want to log into anything while on tor, as that would defeat the purpose. read up on it (or the vidalia bundle) and see what you think.

Thanks for advices, guys. I recently found an "alternative" to Google too: Scroogle, which do the job nicely, it seems.

OHH! and I forgot!

cuil

no records.

;)

All we need is now Scroogmail and all is set (although I have no idea how that may look like):D

^^^ how tech savvy are you?

that has xisted for a while... and there are many ways to do it.

the easiest way is to use tor to connect to an anonymous email account (I'll leave those for you to find...).

you could use pgp/gpg... but thats complicated, and you'd still probably have to spoof your IP. again... tor should do the trick. it encrypts your data between entry and exit nodes as well.

but it all depends on what you mean by privacy, and how much trouble are you willing to go to to get it. If you mean privacy as in you're on a lan and you don't want people sniffing your personal/business convos or what-have-you, then what I posted is what you need. If you just mean "I don't want a company to make money off of selling info about what 'I' search for online," then your method should do the trick.

Moved to the cafe.

Carry on.

I'm not overly concerned with privacy on the Internet. As long as I make sure not to use my full name. For all you know my name is John Smith and I come from China. I don't leave personal details like my sir name, adress, phone number, etc on the Internet. Though I can still find posts I made over 10 years ago, hell, I even found my "neopet" account which I made when I was around 9 or 10 years old.

Google also recently had a 'retro google' up to celebrate there "birthday". They had a complete archive of all posts from 2000, 2001 I think It was. I remember a lot of people mentioning it being eery how there wasn't a single mention of September 11. In short, the minute you post something on the Internet, the information is pretty much there forever.

Thanks for advices, guys. I recently found an "alternative" to Google too: Scroogle, which do the job nicely, it seems.

Now don't get me wrong, I'm not a paranoid nut. Nor do I have any reason to believe that Scroogle is up to no good. But what reason do you have to think Scroogle is any more trustworthy than Google?

I started thinking about this when I read "Do you feel safe using Scroogle to hide from Google?" (http://anonymous.livelyblog.com/2007/01/16/do-you-feel-safe-using-scroogle-to-hide-from-google/comment-page-1/) As anonymous says there:


Scroogle, and services like it, may be good and have value, but they are basically nothing more than services who allow you to shift your blind trust in one service over to another service who could be “good” or “evil”.

If you don't trust Google, but you do trust Scroogle just because Scroogle says it's trustworthy... you wanna buy a used car? ;)

...but it all depends on what you mean by privacy, and how much trouble are you willing to go to to get it. If you mean privacy as in you're on a lan and you don't want people sniffing your personal/business convos or what-have-you, then what I posted is what you need. If you just mean "I don't want a company to make money off of selling info about what 'I' search for online," then your method should do the trick.

In fact both means. I'm not overconcered though, just would like to hear what do you guys think of it, what do you recommend, what are "good practices" that should be taken into account when online and when using some services or subscribing to some social networking sites (Facebook and friends).


Now don't get me wrong, I'm not a paranoid nut. Nor do I have any reason to believe that Scroogle is up to no good. But what reason do you have to think Scroogle is any more trustworthy than Google?

I started thinking about this when I read "Do you feel safe using Scroogle to hide from Google?" (http://anonymous.livelyblog.com/2007/01/16/do-you-feel-safe-using-scroogle-to-hide-from-google/comment-page-1/) As anonymous says there:

If you don't trust Google, but you do trust Scroogle just because Scroogle says it's trustworthy... you wanna buy a used car? ;)

Haha, nice point :D Exactly my thought. And no, I definitely do not trust Scroogle more than Google, I just heard of it recently and wanna check it out. I mentioned it to hear what do you think of it. It seems some of members of this forum prefer it.

Privoxy is a good service to run with Tor, it helps prevent your browser from posting your IP address amongst other things. I use it on my IPCop/Copfilter box; Copfilter comes with a brilliant set of Privoxy scripts that I hardly had to touch.

One of the wonders of the IPCop/Copfilter box is that I can run Privoxy & ClamAV (though I don't need anti-virus) without slowing down the internet experience on my small LAN, if anything due to my now being free of the cheap windows centric router I was using previously my internet experience is probably just a little faster.

Here is a thread that ran down similar lines as this one until its closure:

http://ubuntuforums.org/showthread.php?t=994754

People really can get aggressive/defensive on this topic; one side is paranoid & the other is ignorant!

Surely the two extremes & all those in between can help each other to a more comprehensive understanding of this important & complex topic?


Here are a couple of links that may not be posted in this thread yet:

http://ixquick.com/

http://re.search.wikia.com/index.html

[Edit:] This is for Scroogle search in Firefox:

http://mycroft.mozdev.org/search-engines.html?name=scroogle

– Google search engine


I use Scroogle as Google alternative : http://scroogle.org/
There's a sort of firefox addon for it to replace the google search at the top right by scroogle search.

i honestly could care less. So what if they have access to my email? millions of people use gmail, and if on the chance that they HAPPEN to spy on MY email...what are they going to find? what my plans are for next Saturday? what my homework assignment is?

and to secure your facebook privacy, just set your profile as private except for friends, and dont upload anything stupid like pictures of you drunk.

recently heard in UK that weapons (knives) were taken from peoples homes because the police had seen photos of them on facebook.

I use facebook, but believe it to be highly insecure. Unfortunately, as part of my job, some of my details have to be on the internet.

I use nosscript in firefox to stop google-analytics accessing information about my searches, and I use firestarter to make my connection less visible and control in and out going traffic. Unfortunately, if you have an internet service provider you can pretty much be traced (eventually).

However, though I don't like a police state, I think it is useful for the police to monitor sites with illegal activities (terrorist/paedophilia).

As far as google mail goes, I can't imagine anyone has the time or interest to look at what I am sending or receiving. Gmail is particularly good at getting rid of junk mail, so whilst that is still the case I'll keep using it.

where conversations like this usually go awry is when people start "assuming" (and we all know what that does...). The fact is, privacy is a basic human right. If someone walks up to someone in the street and asks the person their name, what they said in their last email, their views on whatever, their phone number, etc., etc., its their right to not say if they don't want to. Its the same online. If you choose to make something public, then so be it. If not, then so be it. There does not have to be a reason for anything-- thats part of being a right. They can exercise it for any reason or no reason at all. Its a choice.

Shaming people into submission has been used throughout human history to control people and cause them to agree to things that is certainly not in their best interest. There is no excuse for shaming a person for exercising his or her rights. So, lets not start down that road.

if you want it to be private, dont put it on the internet. that simple.

i honestly could care less. So what if they have access to my email? millions of people use gmail, and if on the chance that they HAPPEN to spy on MY email...what are they going to find? what my plans are for next Saturday? what my homework assignment is?

and to secure your facebook privacy, just set your profile as private except for friends, and dont upload anything stupid like pictures of you drunk.

Google scan all gmail. It won't take you long to verify that if you do a search.

Google scan all gmail. It won't take you long to verify that if you do a search.

i know they scan email, but from my understanding that process is automatic and is just used to generate the text ads you see when using gmail so it can generate 'relevant' ads. What i was talking about is if google actually decides to look at this information for some other purpose.

– Google search engine
Delete the ID cookie set by Google (cookie culler extension).

– Gmail
Use Hushmail.

– Facebook
Use aliases when you register or avoid using it altogether. I shut mine down after receiving some 50+ superwall/poker/zombie invitations in the first 2 months of registration.

Ixquick is a pretty good metasearch engine with a nice privacy policy.

If you're not doing anything wrong, what's the worry?

Look, Google picks up keywords in emails and searches, and I doubt it goes little beyond that.

CF's Internet Aphorism #23:

"What happens on the Internet, stays on the Internet - forever"

If you want privacy stay off the internet and don't own a cell phone, or credit card. They can use the cell phone to track you where ever you are and so can a credit card.

I use Cuil (instead of Google) 90% of the time, and I don't use social networking (what's the point!).

I recently read some articles about data mining, Google, Facebook etc. that are really concerning. So, I'd like to know what do you think about using:

– Google search engine
– Gmail
– Facebook
– (add other services/sites if you like).

If you avoid to use above mentioned, what are alternatives that are more secure and that take care and respect your privacy?

If you're concerned about the privacy of your searches, I suggest simply continuing to use google, but do so through a proxy.

Any other service (email (https://help.ubuntu.com/community/MailServer), social networking (http://sourceforge.net/projects/socialnetwork/), blog (http://wordpress.org/), photo gallery (http://gallery.menalto.com/), etc) ... if you want to be absolutely sure of your privacy, simply host it yourself.

Cuil -- is that still around -- remember when that was launched -- it was terrible!

If your seriously concerned with privacy, there is no excuse for not using gpg, particularly with the firegpg plugin with firefox. Google can keep all the encrypted emails I've stored -- I'd challenge them to decrypt them!

Other solutions mentioned above also are good, although cant say I trust Scroogle and more than Google.

i know they scan email, but from my understanding that process is automatic and is just used to generate the text ads you see when using gmail so it can generate 'relevant' ads. What i was talking about is if google actually decides to look at this information for some other purpose.

They can scan for whatever they are paid to scan for & process it however their customer wants them to.

I tried Tor and Privoxy but it made surfing almost impossible. Slowdown is huge. I followed instructions on Tor's website to configure it (as well as Privoxy).

As for hushmail, only 2 MB space? :o

Thanks for your responses, guys. I learned a lot from your answers :)

Cuil -- is that still around -- remember when that was launched -- it was terrible!

If your seriously concerned with privacy, there is no excuse for not using gpg, particularly with the firegpg plugin with firefox. Google can keep all the encrypted emails I've stored -- I'd challenge them to decrypt them!

Other solutions mentioned above also are good, although cant say I trust Scroogle and more than Google.

I would love to, but none of people I communicate with use gpg (or even know what it is; many call it "unnecessary complicating communication" etc.) :(

I tried Tor and Privoxy but it made surfing almost impossible. Slowdown is huge. I followed instructions on Tor's website to configure it (as well as Privoxy).

As for hushmail, only 2 MB space? :o

Thanks for your responses, guys. I learned a lot from your answers :)

If you are on broadband, Privoxy on IPCop/Copfilter, won't slow you down. It is possible to install Tor on IPCop, though it is not an easy task from what I have read.

If you can find a free old PII you may enjoy setting up IPCop/Copfilter, I found it to be a great project & an excellent learning experience.

If you don't like it, it is easy to go back to where you are now, & you will have learned some in the process. :-)

All the best.

I would love to, but none of people I communicate with use gpg (or even know what it is; many call it "unnecessary complicating communication" etc.) :(

No one said implementing security isnt without hasssle. Its your chance to educate your friends about gnupg. Its easy to implement, similar to using encrypted otr with im communication. I often find people claiming things are unnecessary when they don't understand things.

I would love to, but none of people I communicate with use gpg (or even know what it is; many call it "unnecessary complicating communication" etc.) :(

I have encouraged several people to use Gnupg, and several have started using it, although some users managed to forget their passwords from time to time etc. ;-)
In Thunderbird, with the Enigmail add-on, it is fairly easy to deal with GnuPG.

The funniest thing is the fact that implementing gnupg is indeed sooooooo simple. But still, when you mention encryption, people start to have that pale look at you :) And the sad thing is that even in business people don't care :( I work for a publishing house and we send our publications to the press through mail. And guess what: it's unencrypted. D'oh, it just makes me cry :(

But for IM, I'm not sure if it's simple as for mail. People use different IM apps, some even use online IM services. I don't know how to implement that (especially for people using MSN protocol; for jabber it's easy, I know).

BTW, is there some kind of totally-noob-tutorial regarding gnupg that you can recommend? Maybe I can convince at least some of my friends to give it a try.

There's quite a difference between "fairly easy" and "soooo simple".
Also, I can understand users who do find using GnuPG very difficult, as it needs a certain way of thinking, it took me some time in the past to understand the basics of GnuPG.
And I also realise that when they manage to forget their passphrase, and therefore lose all their encrypted emails in their Outbox, they will be sad about that, and think twice before using GnuPG a lot.
Apart from that there's the problem where to keep the secret key, some users prefer webmail, and putting the secret key on a mailserver is not the most perfect solution.

They can scan for whatever they are paid to scan for & process it however their customer wants them to.

again, they now know what my plans are for next saturday and what math problems my math teacher wants me to do. I know privacy is a good thing, but gonestly i dont really care when it comes to email. there are so many users using gmail, and so many email messages coming in and out that im just another face in the crowd, and i really have no sensitive information in my email so i dont care if they harvest my data, there is nothing there xD

again, they now know what my plans are for next saturday and what math problems my math teacher wants me to do. I know privacy is a good thing, but gonestly i dont really care when it comes to email.

I don't like the idea that my personal information is gonna be part of some huge statistical sell-more-because-of-their-behavior database.
If you don't care about that, fine.

But for the record, try the following :
1) Use a web browser that doesn't ad blocking (and no no-script etc.), make sure you allow ad-blocking overall (some people use a huge /etc/hosts file for ad blocking)
2) Find some a web page which has embedded Google ads.
3) Save that page with ctl-s
4) Close the browser
5) Open the saved html file on your hard disk with the browser, after navigation through file:///home/ in the url field.

If all went well, you will see the embedded Google ads taking your username and start offering you ads that have your username included.

Scary ? Annoying ? ... I think so.

i honestly could care less. So what if they have access to my email? millions of people use gmail, and if on the chance that they HAPPEN to spy on MY email...what are they going to find? what my plans are for next Saturday? what my homework assignment is?

and to secure your facebook privacy, just set your profile as private except for friends, and dont upload anything stupid like pictures of you drunk.

If you only knew the power of the dark side...

Really man! Between demographics, heuristic topology and neural nets, with a reasonable amount of data they can figure out Exactly who you are and what you are, where you are and what you're going to do next. The only question remains is who is using the resulting data, Google profiling for advertisers and shysters or the Men in Black ?

I know because I work with this stuff. : (

I guess you fall under the Ignorant catagory ?

Forgot to add, >> Cuil << has been formed on the basis that they don't collect any data, so it's what I use.

The search capability isn't as intuitive as FGoogle (mistake on purpose) but it's reasonable for most cases.

The (ab)use of click-through data gathering is really the bane of using the web. The worst part is not thinking that everything you say and do on the web can be seen by everyone - it's that the scumbags that you really don't want to know what you're doing are the ones who are trying to find it out.

on that happy note, have a nice - safe day

If your seriously concerned with privacy, there is no excuse for not using gpg, particularly with the firegpg plugin with firefox. Google can keep all the encrypted emails I've stored -- I'd challenge them to decrypt them!


However using FireGPG may lead to false security since Gmail automatically saves a draft of what you type while you are typing so even though your final mail gets encrypted everything you type may still be sent straight to the Google database without you realizing it.

There is an option to disable the autosave feature in FireGPG:


Please note that while you are composing a message, if it is autosaved it will be placed onto Google’s servers. While residing there, it will not be encrypted. Your messages will not be encrypted if they are autosaved while you are composing them.

If this concerns you for any reason and you want to take extra precautions, there is an option in FireGPG to disable Gmail’s autosave feature. From the Firefox menu bar, navigate to Tools > FireGPG > Options and go to the Gmail tab. Check "Disable autosave feature"

But that feature depends on Google formatting their html/javascript in a known way. If at any time Google changes the html/javascript format Gmail uses it may break the functionality and your email draft may be sent automatically again. This has happened before and will happen again. The FireGPG developer may after a while figure a way around the problem and release a new version that once again disables unencrypted autosave. But it is bound to happen again and you never know exactly when Google decides to change their sourcecode.



Version 0.7 (2009/01/19)
- Autosave is disabled again


So if you want to use Gmail and FireGPG I would suggest writing your mail in an external text editor and then just copy-paste it into Gmail and send it immediately to avoid the autosave vulnerability.

People worry too much about these things. These companies have a large amount of information about almost everyone. It's just part of how our modern world works.

For most people the only thing that happens is that they get an advertisement that is actually relevant to them. It's not some evil conspiracy that paranoid people want to believe.

If you only knew the power of the dark side...

Really man! Between demographics, heuristic topology and neural nets, with a reasonable amount of data they can figure out Exactly who you are and what you are, where you are and what you're going to do next.


Correct.

I think most people in this forum have no idea at all what is actually possible. With a big enough combined dataset and good data mining tools you can do amazing/scary things indeed.

People worry too much about these things. These companies have a large amount of information about almost everyone. It's just part of how our modern world works.

These companies don't usually keep that information to themselves. And even if you choose to trust, say, google to build nice fluffy user profiles, you really shouldn't trust the profiles other parties are building elsewhere.

IMV such data collection is only ever going to make targets of whatever 'minoriy' the data harvesters are told to concentrate on. If you think spambots are your biggest worry, you need to open your eyes I reckon...



For most people the only thing that happens is that they get an advertisement that is actually relevant to them. It's not some evil conspiracy that paranoid people want to believe.

Then why do governments pass laws to make such innocent bits of data collection available to their appointed agencies?

It is just part of how our modern world works, and that isn't alright baby. IMO, of course :-)

For most people the only thing that happens is that they get an advertisement that is actually relevant to them. It's not some evil conspiracy that paranoid people want to believe.

It is not that simple.

Look at atomic technology. With it you can:
A) Create lots of environmentally friendly power, to benefit people.
B) Create atomic bombs, to kill or scare people.

Whether to use it for A or B or both is up to whoever is in power to decide.

The "A" version of Google knowing everything about everyone is that people gain unprecedented access to information and communication. This is happening today. Good, good, good!

The "B" version of Google may or may not happen. There is no way to know. The technology will come to exist, it does in fact exist and will only improve with time. Just like the creation of an atomic bomb was bound to happen sooner or later, but whether it was ever going to be used on a population was for no one to know for certain, except for the few people in charge. No one today knows who will be the president of USA or the CEO of Google in 2020, nor in 2030, nor in 2050, or what the political or economical situation in the world will be like by then.

What is the "atomic bomb" version of Google then? The worst possible consequence of Google knowing everything about everyone, knowing what everyone thinks about everything, knowing what relation everyone has to everyone else, and defacto controlling all communication between everyone?

One simple worst case scenario:


The year is 2030. A group with great power (perhaps including the then president of USA, perhaps not) decides to get rid of their opponents once and for all.
They (or a global network of middle men) pay Google (or any of their subcontractors) good money to access their database in order to produce a list of their political opponents: Their habits, their history, their friends and their future plans, everything. They want to make sure they get "all of them" so they set the bar quite low - if there is only a 50% statistical probability that an individual is a political opponent of significance put them on the list anyway.
Based on the history of each individual they tailor a believable reason to put them on a list of terror suspects or accuse them of some other serious crime and imprison them. If need be create false digital evidence. Once they set a few examples other people may only need some minor "persuasion" to keep them quiet (pull stings to make them loose their job, disrupt their communication or stage an unfortunate accident for a friend or family member).
They produce a list of people that for many years have shown genuine signs of being very loyal to their goals and offer them leading positions.
They over time produce updated lists of the bad and good people so they can be handled appropriately.
They now have the population in complete control.


This is science fiction. I am not saying this is likely to happen. Or unlikely. But I do say that for the first time ever in any civilization it is actually becoming feasible.

Is it a good or bad thing? Can we decide what is good or bad if we are ignorant about the technology itself? Should we do anything to prevent such a science fiction scenario or should we just laugh at it?

Am I a paranoid? Is this a conspiracy theory? I do not think so. You tell me.

stormelf

The concerns you have raised with FireGPG and the intermittent savings of gmail composed messages are all true. If truly paranoid, compose in external editor. I've found that currently the feature to disable the frequent updates are working for me.

Searching for "Google & China" presents some very enlightening information on this subject.

I've recently became aware of this "google analytics" thing. I notice on the bottom left that it sometimes says "loading from google-analytics.com". Whenever I visit Google, Youtube, or any site affiliated with Google I seem to get some damn script on my computer, which will send stuff back to Google. It runs from time to time, regardless of what site I'm on.

My solution is to avoid Google at almost all costs. I have plenty of bookmarks and if I need to find some info I use Cuil first. Some sites use Google for their "site search" feature, so it's a real pain in the bum. Luckily I can exterminate the bugger when I go into my cookies thing. Then ta-da, Google Analytics is gone! Nice try Google.

I'm not sure how much data they gather with that particular software, but I'm not going to let Google act like they own the internet.

I just pointed google-analytics.com to 127.0.0.1 in /etc/hosts. Google can phone 127.0.0.1 all it wants. Since google provides far superior search results, I find it too useful to avoid. I don't use it for anything else though.

You can block google-analytics in Ad Block +.

I just pointed google-analytics.com to 127.0.0.1 in /etc/hosts. Google can phone 127.0.0.1 all it wants. Since google provides far superior search results, I find it too useful to avoid. I don't use it for anything else though.

could you post details "how" if possible..:)
much appreciated

could you post details "how" if possible..:)
much appreciated

My /etc/hosts file looks like this:

127.0.0.1 localhost google-analytics.com
127.0.1.1 tsubasa

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts