
Ask HN: How to take your privacy back? - thretgreegre
As we saw in the recent discussions https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=22236106 or https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=20794937, all browsers do kinky stuff in the background that the user has not initiated nor is aware of. It is one thing to ping home to see if there is an update available but that is not even close to what is happening. And it does not matter if you are using firefox or brave. They all do it.<p>Then there is the Windows, the big daddy of spyware, that sends everything about you directly to Microsoft. They just rebranded spying on its users as &quot;telemetry&quot; to brainwash people into thinking it is not as bad as they think it is.<p>Anyhow, it looks like it is impossible to simply sit in front of Wireshark and try to manually blacklist everything you see. There are millions of domains and sub-domains these companies use to spy on you one way or the other so it is a fools errand.<p>Hence the question arises - is it even possible to get your privacy back?  Are there tools would that allow you to do that or should we just forfeit our privacy altogether and forget it even existed in the first place?
======
rglullis
One project I started but stopped due to some (in my view) limitation of IPFS
is
[https://bitbucket.org/lullis/nofollow](https://bitbucket.org/lullis/nofollow).

It started as a "read-it-later" service that would extract the content and
bookmark any page you wanted but afterwards the idea that it could be used as
a distributed, curated, web of "clean" and tracker-free html documents.
Basically, every web page you saved on your instance would be saved on your
IPFS server as well and it wouldn't be hard to write an extension to check if
any url you want to open has already a cleaned version on IPFS.

So, with more people installing/using this system, the more the different
instances would collect pages and more people with the extension could go on
without needing to visit any site that could actually track you. What pulled
me off this (besides "regular" work and family) was the fact that IPFS does
not have yet any sort of ACL for your pinned content. As it is now, your node
will serve anyone that asks for content that you have. If you are pinning
content from different websites it would be quick to make you a target for
copyright lawsuits.

I still use my own instance, but at the moment it is just something that does
more or less the same as Wallabag. I do wish I get some time to make it more
useful for more people though.

------
vearwhershuh
In increasing level of commitment/difficulty:

\- Use brave as your browser

\- Use a VPN w/ tracker blocking DNS

\- Move to protonmail or fastmail

\- Start using Signal for your instant messsaging

\- Start using Tor (but that might get you on the list)

\- Stop buying everything through Amazon

\- Install and use piHole (and marvel at how much traffic your wifi router
sends to home base)

\- Suck it up and move to linux

You are still going to be tracked, but these are the things I can think of
that might help.

~~~
beatgammit
Eh, I think moving to Linux is easier than many of those things, especially
"start using Signal" since it has issues with the network effect. In fact, I'd
put Signal at the end of the list. Sure, you can use it as an SMS frontend,
but that doesn't really give you any privacy benefits.

------
throwaway9d0291
It's relatively straightforward: where possible, stop using products and
services that don't respect your privacy and instead use ones that do. Where
you can, reduce their ability to compromise your privacy with ad-blockers,
custom DNS or by disabling JavaScript.

Windows has telemetry? Use Linux. Firefox has tracking? Use IceWeasel. Every
website wants to track you? Disable Javascript. Google tracks your every move?
Stop using Google products.

Yes, in many cases this will lead to some degree of inconvenience or perhaps a
service that meets a particular need doesn't exist. That's the price you have
to pay in modern times but it is a price you're able to pay, if you value
privacy sufficiently.

~~~
silicon2401
What are the privacy costs to using FF?

Also, what's a good alternative to Google docs/etc? Should I VPN into a home
machine using open/libre office?

~~~
throwaway9d0291
I don't know, I was just taking the poster's claims at face value.

There are self-hosted alternatives to Google Docs, like OwnCloud with
Etherpad.

------
ocdtrekkie
Pihole is still a really nice fire and forget solution for your network. It
costs nearly nothing and you outsource the question about what to block to the
lists they source. A network-based blocker will also block your OS’ bad
behavior, such as calls to telemetry domains.

And then, you know, don’t use Chrome. A browser from an ad company will always
be compromised by design.

~~~
thretgreegre
that IS a solution, but it requires another piece of hardware. I believe there
must be a solution that could provide the same via virtual network driver(like
VirtualBox).

~~~
iwalton3
You can install a hosts file on your computer blacklisting many of the domains
in the PI hole system, although if you use the largest blacklists you'll
probably have performance issues. You can also install a local DNS server like
dnsmasq and set that up to block websites.

There are also external DNS providers that provide blacklisting similar to PI
Hole. (Although then you are trusting the DNS provider not to track you.)

------
drKarl
You can use some of those crowdsourced lists of hosts files to ban trackers,
ad networks, and the like, i.e.
[https://github.com/StevenBlack/hosts](https://github.com/StevenBlack/hosts)
or [https://github.com/notracking/hosts-
blocklists](https://github.com/notracking/hosts-blocklists), you can use pi-
hole even as a docker container [https://github.com/pi-hole/docker-pi-
hole](https://github.com/pi-hole/docker-pi-hole) or install it in your router.
You can use privacy plugins and extensions for browsers, like umatrix, etc.
You can use Tails, which uses 2 VMs. You can use a VPN service (that's
controversial since you then put your trust on the VPN provider), or roll your
own with something like algo from trailofbits, or streisand. You can combine
multiple VPNs an/or Tor, with VMs. Mirimir wrote some articles on that setup.
If you want to go full in you can use QubesOS, although now Joanna Rutkowska
left the team.

I'm sure there are other options...

~~~
drKarl
Also use a linux phone like Librem 5 or Pinephone (still early days for both),
or root an android phone and flash it with a custom ROM. Best option for
security and privacy is GrapheneOS but only supports Pixel phones. LineageOS
supports lots of devices. There are others.

------
nostrapollo
If the assumption is that browsers track because it benefits the company
commercially, it would be really cool if a company produced a browser at a
premium that didn't do all of the above - this model must exist already?
Privacy for a price sounds like a bad precedent to set though.

~~~
darau1
Unless the software is open source and _only_ community supported, it's the
only precedent that makes financial sense.

~~~
beatgammit
Which is precisely why I use Firefox. Once you disable Pocket, I think you can
be reasonably sure the browser isn't tracking you, but websites surely do. If
you want to limit websites tracking you, your best option IMO is Tor Browser,
which is also based on Firefox.

If you want the "paid" option, Brave apparently tries to reward content
creators for good advertising behavior, while blocking bad ads.

~~~
nostrapollo
Here's a guide: [https://restoreprivacy.com/firefox-
privacy/](https://restoreprivacy.com/firefox-privacy/)

------
mus1cfl0w
I can highly recommend the Privacy, Security & OSINT Show but it really
depends on how far you want to go:

[https://www.inteltechniques.com/podcast.html](https://www.inteltechniques.com/podcast.html)

