There’s a great story at the wall street journal describing some of the techniques that are being used to track people on line that I found informative (as are the other articles listed in the series in the box below). EFF is doing some good work on this; your browser configuration probably uniquely identifies you and thus every site you’ve ever visited (via data exchanges). Unique information about you is worth about $0.00_1. Collecting a few hundred million 1/10ths of a cent starts to add up and may end up raising your insurance premiums.
One of the more entertaining/disturbing tricks is to use “click jacking” to remotely enable a person’s webcam or microphone. Is your computer or network running slowly? Maybe it is the video you’re inadvertently streaming back (and maybe you just have way too many tabs open…)
A few things you can do to improve your privacy include:
- Opt out of Rapleaf. Rapleaf collects user information about you and ties it to your email address. You have to opt out with each email address individually, which almost certainly confirms to them that all your email addresses belong to the same person. You might want to use unique Tor sessions for each opt out if you don’t want them to get more information than they already have via the process.
- Use Tor for anything sensitive. If you care about privacy, learn about Tor. It does slow browsing so you have to be very committed to use it for everything. But the browser plug in makes it pretty easy to turn it on for easy browsing.
- Don’t use IE for anything personal or important.
- Run SpyBot Search and Destory regularly. Spybot helps block BHOs and toolbars that seem to proliferate automagically and helps remove tracking cookies. You’ll be amazed at how many are installed on your system. I have used or not used TeaTimer. I’m less excited about having a lot of background tools, even helpful ones than I used to be. Spybot currently starts out looking for 1,359,854 different known spywares. Yikes.
- Check what people know about you: Google will tell you, so will Yahoo. Spooky.
- Use firefox. If for no other reason than the following plugins (personally, it is my favorite, but I know people who favor chrome or even rockmelt, but talk about tracking!) Just don’t use IE.
- Use the private browsing mode in your browser (CTRL-SHIFT-P in FireFox). It’d be nice if you could enable non-private browsing on a whitelist basis for sites you either trust or have to trust. We’ll get there eventually…
- TACO should help block flash cookies.
- Install noscript to block scripts by default. You can add all your favorite sites as you go so things work. It is a pain in the ass for a while, but security requires vigilance.
- Install adblock plus. It helps keep the cookies away. It also reduces ad annoyance. You can enable ads for your favorite sites so they can pay their colo fees.
- Add HTTPS Everywhere from EFF. The more your connections to sites are encrypted, the less your ISP (and others) can see about what you’re doing while you’re there. Your ISP still knows every site you visit, and probably sells that information, but if your sessions are encrypted they don’t see the actual text you type. It also makes it harder for script kiddies to grab your passwords at the cafe.