First of all, I decided to write in english. Although my previous post was in portuguese, it is easier to share and to get heard when you write in a language that is more widespread and accessible.
I decided to write today about privacy. It is something that gains more and more importance in our current society, but still, seems that “ordinary” people don’t seem to care (or understand) how it affects our lives. I was fortunate enough to be born in the mid-90s and evolve alongside of the internet. I’ve seen it grow, from something that was just a mere place for silly entertainment or education, to become a central part of our daily routine. There is no such thing you can’t do through the internet: from shopping, reading, dating, learning, working, yada yada.
But as all good things, new tech is being distorted and the web as we knew no longer exists. If you browse the web, or use your phone, tv, car, refrigerator, and many other devices connected to the internet, you are being watched. I know, that’s not news for almost a decade (it’s been here for quite a long time) and I know it sounds conspirationism, but the fact is that is already proven its not.
The web in the west is mainly controlled by the big 5: Amazon, Apple, Facebook, Google and Microsoft. It is impossible to browse the web without using one of their softwares and services. The freedom of their users is being threatened by government surveilance. If we try and take a look, many services are dominated by these companies.
- OS: Google (ChromeOS), Microsoft (Windows) and Apple (MacOS)
- Browsers: Google (Chrome), Microsoft (IE, Edge), and Apple (Safari)
- Emails: Google (Gmail), Microsoft (Outlook) and Apple (iCloud)
- Streaming (films and video): Google (Yuotube, Play Videos), Apple (iTunes, Apple Tv), Amazon (Prime Video), Facebook (Videos and Gaming)
- Shopping: Google, Amazon, Apple, Microsoft, Facebook
- Office: Google (GSuite, Google Apps), Apple (iWork), Office Suite/Office365 (Microsoft)
- Social Network: Facebook (Facebook, Whatsapp, Instagem), Microsoft (Linkedin, Yammer), Google (Youtube)
- Mobile Phones: Apple (iOS) and Google(Android)
- Assistants: Alexa (Amazon), Siri (Apple) and Google Home.
The fact that these american giants have caught up so many users (and do provide their information to the government of the United States is very scary). And the fact that a lot of people get scared about downloading TikTok (because it is owned by a chinese company) but don’t care to use their hardwares and softwares (which have been either produced or owned by chinese corporations) means that people are uneducated, they are not software alphabeticized. Therefore, we as a society are giving too much information for too few “trusted” ones.
So…how do we escape from that? Well, it’s not that easy. Privacy is a matter of adjusting the amount of information you give versus the ease of use; the more we restrict the access to your data, more difficult our lives will be. We have let them to be so intrinsec to our lives that (at lease for me) no longer is valid to dispose from all their products and services. I’ll share what I’ve done to minimize their control over my life and you might follow the same path :)
Well, in terms of operating systems, it is recommended to use neither Windows or MacOs. We’ll have to stick to open-source projects where any user can check what is happening. It doesn’t mean that the software is perfect nor privacy-safe, but we have the possibility to check ourselves.
Therefore, we must use a LINUX distribution. I mylself use Ubuntu, which is fond to me, because I use it for about 10 years. I know its from a company called Canonical, but I don’t think I’m letting too much information for them. Although they might collect data, it is a matter of trust. If there is any clue they are not being honest about data collection, I’ll have no mercy on changing to another distribution.
I think the last two are suitable for people who are targets of the CIA since they are Tor based OSs (we’ll get to Tor soon), but who am I to judge?
For more information on Tor based OSs visit https://www.privacytools.io/operating-systems/#tor_os
This is where things get intersting. Chrome is the big leader as Internet Explorer was 10+ years ago. And although a lot of browsers are using Google-based technology (Chromium), we have a few options for those who care about privacy.
Firefox is one of the classic browsers. It is the true heir of Netscape and its not controlled by a company, but from an organization called Mozzila. Although Mozzila needs to profit to sustain themselves (and most of its revenue comes from Google, which is a threat), they consistently try to improve the web. Being honest, Friefox is the only one that can challenge the Chromium-based browsers. The large amount of browsers that are based on chromium is increasing more and more (Vivaldi, Brave, Opera, and even MS EDGE). This means that Google is taking control of many decisions of where the web is moving. Using Firefox is not only a matter of personal taste, but also a pollitical decision and a consumer manifest against monopoly.
Firefox comes with a built-in tracker-blocker and a good amount of good quality add-ons. You can also sync your data with a Mozzila account (which is a matter of how much you trust them). If you want, there are extensions that syncs your information and are browser-agnostic.
- uBlock Origin
- HTTPS Everywhere
- Firefox Multi-Account Containers
- Facebook Container
- Temporary Containers
- DuckDuckGo Privacy Essentials
Brave is a Chromium-based browser that takes user privacy as one of its core values. You might have heard of Brave as a browser that pays users for seeing ads. And that is true. If you opt-in, notifications will appear every now and them. Accordingly to the way you interact with them, Basic Attention Tokens (or BATs) will be issued for you. You can link to an Uphold account to store these BATs and exchange them to another cryptocurrency or to a government issued currency (such as Euros and Dollars). Brave also comes with an ad-blocker and tracker-blocker built-in (and in my opinion even stronger than the Firefox have). As a Chromium-based browser, you have to trust that Brave developers have removed all of Google telemetry (which is not true, since some parameters still are enable by default).
- uBlock Origin
- HTTPS Everywhere
- DuckDuckGo Privacy Essentials
If the same recommended extensions for Firefox are available for Brave, consider it recommended ;)
Tor is a browser that lets you access the tor network. “What is the Tor network?” you may ask, is actually a part of the web that is not accessible directly from search engines, that are not indexed, therefore, are deep, deep hidden in the web. These sites are usually accessed through an “.onion” domain and only by a browser capable of accessing the Tor Network.
Also, the Tor Browser, have ways to redirect traffic so that your VPN or Internet Service Provider cannot see what you are browsing. This option is the safest of them all, so the cost of it is usually the speed (since the added security makes things a little bit slower). Also, your ISP might not know what websites you are visiting, but they might know you are using Tor, and they might make your connection slower as well.
Tips for safe browsing
- HTTPS Everywhere extension is a must. Never use a site that is not https anymore.
- Never maximize your browser to prevent tracking.
- Disable Google Services in configurations if they exists
- Disable Web RTC to prevent tracking
You can find more tips at https://www.privacytools.io/browsers/#fingerprint
Emails, they are the unsafest thing we could have, but we cannot live without them, mainly for creating accounts in other services and use as a second factor of authentication. Althought the services listed below are recommended, be sure that although your email contents might be secured, if the client used by your contacts are one of the big five, they will have access to your content. Also if they don’t encrypt the metadata (such as sender and subject), your ISP and network sniffers connected to the same wi-fi or cabled network as you will be able to gain information about metadata, which is as important as the content of the email.
ProtonMail is an email service provided by a company that is located at switzerland, and has its main selling point its privacy. It does not display ads and their strategy of revenue is by selling plans. Their interface is up to date with modern standards, it is very straightforward and their app for Android/iOS is too.
Tutanota is another email service focused on privacy. I would say that it has a few things it does better than Protonmail, but the ui looks more like a 2000s vibe. If that is not a problem for you, you are good to go.
I mean, if you know how to safely self-host your email you probably wouldn’t be reading this blog post, right?
Don’t worry, our jorney will go further, but in another post.