Don’t Let Your Browser Suck Up All Your Data

The ConversationThe Conversation

A few tools to help you surf the web privately

In the aftermath of Facebook’s Cambridge Analytica scandal, now might be a good time to take care of the data that is being harvested thru your browser when you surf the web.

Below is a non-exhaustive list of the tools I use when surfing the web that help make my online experience more secure. Let me know if you use any others you think are important — I’m happy to add them. Browser — watching over your shoulder

If you are not entirely comfortable with the Google Privacy White Paper, there are plenty of options: Firefox, Brave and Chromium, and Firefox Focus for mobile.

If you are worried about losing speed, WIRED says Firefox Quantum is faster than Chrome:

It’s a browser built with privacy in mind, automatically stopping invisible trackers and making your history available to you and no one else. It’s better than Chrome, faster than Chrome, smarter than Chrome. It’s my new go-to browser.

You have no reason not to switch — unless you don’t care about your privacy.

By the way, you can check to see what Google knows about you in My Activity.”

Search Engine — it is like your BBF: you tell them everything.

Q: Would you show your mom everything you type in your search engine?

A: I would not.

Remember: companies leak data — and we give a lot of data to companies.

Below is an example of what you give to Google when you use their search engine:

Source: Google

And if you you sign up for an account — and remain logged in — they collect the following:

Source: Google

Even Apple collects data through Safari to gather user’s habits.

Again, why should you care about the data collected through your browser? Information profiles build up — and sometimes data leaks.

The bad news is that those leaks are becoming ubiquitous. Check out the graphic below, and keep scrolling down — I’ll see you at the bottom:

Source: information is beautiful

I think you can safely assume that your personal data will be leaked at some point in your life.

Google has leaked data in the past.

Imagine for a sec, if you can, the whole data set that Google has (owns?) about you.

Actually, back in the day, AOL leaked the data of 650,000 users. An AOL user who discussed the leak with a reporter at the time said:

My goodness, it’s my whole personal life,” she said.

I had no idea somebody was looking over my shoulder.”

So, which search engine can you use instead?

DuckDuckGo has done a fantastic job over the last few years. I have also tried Ixquick and Qwant in the past.

Source: https://duckduckgo.com/traffic

A few more tips to protect your search privacy:

  1. Don’t put personally identifying information in your search terms
  2. Don’t use your ISPs search engine
  3. Don’t login to your search engine or related tools
  4. Block cookies” from your search engine
  5. Vary your IP address (intermediate)
  6. Use web proxies and anonymizing software like Tor (advanced)

What about the rest of your browser?

Browser extensions

A tremendous part of your online life goes thru your browser.

You should set it up right.

HTTPS everywhere by Electronic Frontier Foundation

I use HTTPS everywhere to encrypt all my traffic.

HTTPS Everywhere […] encrypts your communications with many major websites, making your browsing more secure.

Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by using clever technology to rewrite requests to these sites to HTTPS.

For you to understand why you should encrypt your traffic, take a look at Eric Butler’s Firesheep — from a WIRED article in 2010:

The Firefox add-on Firesheep created quite a controversy by making it easy to capture unencrypted web traffic.

Firesheep sniffs unencrypted cookies sent across open wi-fi networks. That means anyone with Firesheep installed can watch your browsing sessions while you lounge at Starbucks and grab your log-in credentials for Facebook, Twitter or other popular sites. Armed with those credentials, anyone using Firesheep can essentially masquerade as you all over the web, logging in to other social sites, blogs and news sites using your Facebook or Twitter username and password.

That is why you should encrypt your traffic.

Now, on to the next one.

Privacy Badger by Electronic Frontier Foundation

What is it?

Privacy Badger is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web. If an advertiser seems to be tracking you across multiple websites without your permission, Privacy Badger automatically blocks that advertiser from loading any more content in your browser. To the advertiser, it’s like you suddenly disappeared.

Fair enough, and you might already be using an ad blocker, right? Like Disconnect, Adblock Plus, or Ghostery?

And you might be wondering: why use Privacy Badger instead if it does not block all ads? From the Electronic Frontier Foundation team who built Privacy Badger:

[…] none of them are exactly what we were looking for. In our testing, all of them required some custom configuration to block non-consensual trackers. Several of these extensions have business models that we weren’t entirely comfortable with.

A note: Electronic Frontier Foundation’s founder John Perry Barlow passed away last month. If you still haven’t read his beautiful and visionary memorandum on the web: here it is.

Back to extensions — last but not least:

DuckDuckGo’s browser extension— Black Mirror for websites

It does a few things and has some overlap with the above extensions. But above all, its Privacy Grade shows how a website can be trusted — it is like Black Mirror for websites.

Source: Black Mirror’s episode Nose Dive’

Here is Medium.com’s grade, for instance:

Drum roll — and just because we are in the midst of Facebook’s Cambridge Analytica scandal:

Your data is used for many purposes.”

Worst grade.

Interestingly, you’ll note that no tracker tracks you while you are on Facebook’s website.

This blog post was edited by FreeCodecamp.

Up next 25 quotes from startup communities by Brad Feld Below are quotes from Brad Feld’s book: Startup Community. This book tells the account of how seed accelerator Techstars community started. Feld is « French Tech Communauté » : quelle opportunité pour l’État ? État des lieux et réflexions sur les perspectives d’évolution de la French Tech. A l’heure où les sociétés « tech », les startups et les
Latest posts Update: added EtherCal (web-based spreadsheet), Etherpad (web-based word processor), Framadate (polls), Drop (file transfer) to list.romainaubert.com Mac Terminal commands to prevent Mac from sleeping Mac Terminal command-line interface (CLI) cheatsheet A roadmap to reclaiming my attention, relationships, intimacy and privacy Bypass cookie banners by toggling “reader view” in your browser Book review - alone together: why we expect more from technology and less from each other - by sherry turkle Update: added 2 Android OS, 2 phones, a search engine, a map app, 2 blog CMS, and a tool to delete Tweets to list.romainaubert.com Should people negotiate financial income from the use of their personal data? Peer-to-peer/decentralized network architectures and information commons as an alternative to a centralized internet Yelp is screwing over restaurants by replacing their phone numbers on listings and routing customers’ calls thru a referral marketing business. how to ditch Facebook, Twitter, Google News, Instagram, and LinkedIn — and still follow news, people and organizations you like Tour of Queyras (GR58), 140 km, 7,000m elevation, 7 days Facebook’s “privacy notifications” and “co creation strategies” to protect people’s privacy Privacy-friendly and open source alternatives to Google’s products Privacy 101: simple steps to protect your privacy online Bongo 9. twtxt Asynchronous communication for open source projects git - remote: Invalid username or password. fatal: Authentication failed for [remote’s URL] product development resources 10 Days in Silence: Vipassana Meditation Book review - un peuple de promeneur - alexandre romanès Book review - journey under the midnight sun (白夜行, byakuyakō) - keigo higashino Book review - how to fail at everything and still win big - scott adams Book review - the remains of the day - kazuo ishiguro Book review - man’s search for meaning - viktor e. frankl Book review - cosmos - michel onfray We don’t care about personas “Building a more private web” by Google — comment on Reddit Replacing Facebook with newsletters Now