Hacker News new | past | comments | ask | show | jobs | submit login
Going dark: online privacy and anonymity for normal people (troyhunt.com)
355 points by danso on May 19, 2016 | hide | past | favorite | 116 comments

I'm surprised he doesn't mention NoScript, Privacy Badger, etc. "Normal people" should be more concerned about about the highly detailed profiles that companies are building based on browsing habits. "Normal people" read about data breaches and embarrassing leaks that force politicians to resign. "Normal people" know nothing about the behind the scenes tracking that goes on when you google medical symptoms[0] or visit pages which have Facebook like buttons as footers[1].

Yes, this article is targeted at people who don't understand the problem of using their .gov email address to sign up for dodgy sites, but think about whether you'd rather have your bank statement made public or a large, visualizable data set representing most of your browsing history.

I would love to see more work done on privacy through noise/obfuscation, such as that started by Adnauseum[2] and TrackMeNot[3] - not necessarily publishing your credit card details online as suggest in another comment here, but in making random search queries and clicking on random ads when your device is idle. Most of us have sufficient processing power and bandwidth for the overhead not to be a problem. It's sad that it looks like both add-ons have failed to make a splash, and seem to have fallen out of active development (end of 2015 marks the last commits for both projects, which is too soon to pronounce them dead, but they definitely don't seem to be hives of activity).

[0] http://motherboard.vice.com/read/looking-up-symptoms-online-...

[1] http://www.allaboutcookies.org/cookies/cookie-profiling.html

[2] http://adnauseam.io/

[3] http://cs.nyu.edu/trackmenot/

I do a lecture at local hackerspaces about basic security for the common person and anonymity is far down on the list.

Much higher on the list are basic protection from dangers on the internet, like browser based exploits. So Noscript is one major selling point for Firefox due to most browser based exploits using Javascript. Even if you whitelist all the sites you're still more secure with noscript than without simply because it blacklists the unknown sites you don't know about, the ones that e-mail links open or pop-ups force your browser to load through various tricks.

I wonder if there's any demand for a pre-built whitelist for NoScript that includes stuff like Amazon, Google, Apple, banks, and most other popular sites. The admin would err on the side of allowing scripts to run, while the default-block rule would still block unknown and ad/tracker domains. It would obviously be less secure than an intelligent user making all their own decisions, but it would make the barrier to using NoScript much lower.

Edit: While I'm musing on this, I wonder if NoScript could use a UI overhaul. A little icon that says "Something broken? Try activating these domains" with some heuristics e.g. first try allowing the current domain, then stuff on common CDNs, then maybe digging into DNS records or SSL certs for common ownership...

I'm finding uMatrix is useful, and have deployed it with ongoing support for non-technical users.

It's possible to whitelist (and blacklist) specific targets, including local site, and a set of specified third-party targets.

That said, overall, it's a bit of a complexity bunghole, and may not be for the general public. But then, computers in general aren't, in many ways, either.

There is and I've given that so much thought. I've gone as far as to sync my own Noscript lists. Since Firefox Sync will not sync noscript whitelists I have to do that myself. So that's a major feature request from me right now.

Not only to have pre-built lists but also to share your own list between devices.

I used to wonder this as well, but the problem is then you have to trust whoever submitted it set the rules up properly.

We (disclaimer i'm a co-founder) does exactly this with our Blur product which includes a "tracker blocker". We crowdsource and test for problems because of 'improperly implemented' tracking code and blockers and dynamically allow just those trackers on key sites. More here: https://www.abine.com/suggestions/

I have done a number of "Internet Safety and Security" classes in my position as a public librarian. My focus is not so much on anonymity, as much as understanding the problem of identity. I explain the certificate system and how a hacker might actually target you. Phishing -- probably the biggest security risk I see on a day to day basis -- is a problem of identity, giving money to someone you do not know and cannot verify.

I also cover basics like using better passwords, not reusing them and ways to keep them safe (keepass, last pass, a password memo book, etc.). And I emphasize over and over again to keep your software up to date. Let companies that have experts on staff do the work for you. Update Windows, your web browser and all Internet connect applications regularly (also applicable to iOS, the App Store and the Play Store).

Finally, I cover basic anonymity tools like ad-blockers and Disconnect.

The final paragraph loses a lot of my clientele, so NoScript is a non-starter for them.

Until my aging mother can use NoScript and still understand why many websites just don't seem to work, it isn't covering the majority use cases.

This comment alludes to a UI/UX goal commonly voiced as an obstacle, that of some 'ware not being market-ready until it's "Grandmother operable". This thread, however, is a discussion of matters of digital defense. Just as with physical defense, it is the pietous responsibility of the more savvy and agile offspring to shield their elders from harm (presuming no malice by the senior party emancipates one from such duty).

Have you explained to her that NoScript intentionally breaks websites, making them not operate as the designer intended, so that the website (and by extension the underlying computer) only does what you want it to do, and not the (potentially nefarious) activities planned by the designer?

When I try explaining this to other people, even other engineers, they usually tangent into a discussion about how paranoia and an inability to trust are unhealthy. And they stand their ground in the face of mounting evidence, insisting the designer is a humble, well-meaning person like themselves, and would have no reason for doing such evil things.

True and this is also what I always mention, Noscript is really an advanced topic and everytime I've tried to make friends use it they've eventually given up.

But people who come to these lectures or cryptoparties usually have a desire to do something about their personal IT-security so hopefully they can find the motivation.

I do similar talks for regular users* and I try to explain how to prioritize risks, and why they might not be focused on what's really important. Purchasing an anti-virus suite and identity theft protection and worrying about online banking are way overrated.

Strong consumer protections exist in many developed nations which limit your liability, it is the banks who stand to lose. No doubt it can be a hassle if your credit card number is stolen, But that card is the bank's property. You just report any fraudulent transactions and get a new card if necessary. The more important thing to protect is your private data, you can't get that privacy back.

Also, NoScript is awesome and I highly recommend people try it. It can be fiddly to get working at first but a surprisingly high percentage of websites work better without having to white-list anything. It also helps with privacy by blocking trackers like Google Analytics, especialy on sites like Troy's which lack a privacy policy and do not provide any warning at all about third-party trackers to site visitors. Pretty new site redesign, same lack of transparency as before.

* By 'regular users' I mean when I say "Try an ad-blocking extension with your browser, add it from the menu" and they say "What is the menu?" and we build their knowledge up from there... . It can be frustrating for all but I highly recommend it as it keeps you grounded and provides balance for the HN bubble I sometimes find myself in.

I've been installing NoScript, and instructing how to use it, on "regular" users' browsers for years. The sad inevitability is I end up instructing most of them on how to enable "Allow scripts globally(Dangerous)" option to help quell the flood of phone calls concerning their "broken internets". Many just can't be bothered &/or don't care enough to learn. Free will can be such a bitch, sometimes.

The big problem with noscript, and this has already been mentioned on here, is that it requires a certain level of experience with the web to operate.

You almost have to be an experienced webdev to recognize which domains are necessary and which aren't.

But this is also why I emphasize that you can freely use the global whitelisting option and still be much safer than without noscript. Simply because the sites that will get you are often the sites that open unexpectedly. Unknown domains that you did not request.

I'm at the point where I refer people to an ad-blocker and Disconnect. Not perfect, but a whole lot better than nothing.

I've found the Ghostery extension for Safari to require very little fiddling, breaking almost no sites and blocking ads and third-party trackers.

> anonymity is far down on the list

Is that your choice or user demand?

Confidentiality is one of the pillars of security, and beyond a doubt the most common attack on user security is on confidentiaility by commercial and government organizations.

> think about whether you'd rather have your bank statement made public or a large, visualizable data set representing most of your browsing history.

If someone got access to my banking details, they could do far more damage than just make my bank statements public.

Now I've dealt with identity theft and credit card fraud, and I work in digital marketing, so I know which one I'd choose: Nobody is going to visualise my individual browsing history, and even if they did (for what reason I can't imagine), I can't imagine what they'd do with it! I can imagine someone might try to build a demographic profile about me to sell me stuff that I'd like, but that's good because it would be stuff that I would like.

People's browsing histories are regularly used in court....

But in those cases it sounds like it was because they didn't even use private mode, were logged in, or didn't clear history. Not because LE got a subpoena for shady-ad-network.

I appreciate the intention of this article. Written for people only starting to change their surfing habits in light of Snowden. But the example of the tools they should use are not thought out very well.

First: Freedome by F-Secure is closed source and there is no OpenVPN alternative. Always choose a VPN that has OpenVPN so that users can configure the connection to their needs. No need for this bloated mess.

Second: Whilst disposable Google accounts might seem like a good idea, there are any number of ways for Google to cross-correlate a disposable identity with your actual identity using fingerprinting captchas or even your screen resolution. Google does this to spot serial re-registrations and to stop people gaming Google Plus voting rings and spammers in general.

Third: Be careful of online websites offering fake-name services. Most of this data is generated server-side and logged for the purposes of cross-correlation with your IP address and useragent string. Quite possibly the vast majority of fake-identity sites are run by LEA

- I like to write some quick and dirty ruby gems to generate fake identities because then it can't be correlated. (The names are pulled in from disparate sources and I always ensure true-randomness).

- In terms of email, use things like Riseup which use TLS at every hop so that passive dragnets cant sniff the password. 99% of all IMAP and SMTP services can be passively sniffed because they use weak STARTTLS.

- Use 'honeywords' in an email to correlate different emails with different activities. For example:

This way you can whitelist those addresses for the purposes of filtering out spam and phishing attempts.

> Second: Whilst disposable Google accounts might seem like a good idea, there are any number of ways for Google to cross-correlate

In all fairness, the author does mention multiple times that a fake Google account is not meant to protect you from Google, but from the site you're signing up on.

I don't see the point of using honeywords. I mean, I've used them a bit, but any spammer is going to strip them immediately, so they're useless for identifying which provider leaked your address, right? And now to login, you need to remember the honeyword you used to register, which is a big inconvenience for anyone not using a password manager. (Use a password manager!)

If you primarily use honeywords, then you can filter out anything going to craigds@host.tld as spam. The hard part would be transitioning people you want to communicate with to craigds+{family,friends,correspondence}@host.tld.

Optionally, retain craigds@host.tld for personal and professional communication/correspondence, and move everything else to craigds1+{something}@host.tld (or a different host).

I just bought an entire TLD for signups/spam and made it a catchall. One positive is I know when companies are breached often before they announce it as my pagerduty@domain.com told me a little while ago.


I've used the same strategy for the past few years with great results. Like you said it's really nice to see early on which companies are leaking your info.

It's also nice to be able to kill specific email addresses once a breach has been disclosed and the spam becomes plentiful.

This is a great idea! What's it like viewing email? Which client do you use? Is it easy to see which email address the email was sent to?

Viewing email is as you would expect, the email they sent to is in the header so it's just a single click away in Thunderbird.

Wait, did you really mean "TLD", or just "domain"?

Great article.

The only real omission I noticed is the lack of mention of advanced browser fingerprinting techniques that can be used against browsers, even if caches are emptied, 'porn modes' activated, VPNs opnened. As demonstrated here by the EFF's Panopticlick initiative. https://panopticlick.eff.org/

One of the most important points about the anonymity provied by the Tor project to remember is that the Tor Browser is painstakingly hand crafted to avoid many of these problems. In other discussions about TOR it is worryingly common to see other ways to route browser traffic through TOR, without mentions of the implications.

For those interested, here's a recent look into the Tor Browser system by one of the developers.


What do you mean with "VPNs opnened"?

The article is wrong about Tor being an alternative option to a VPN. If anonymity is your concern, you should use TOR to connect to a VPN (paid with Bitcoins).

"VPNs opened" was poor wording. Clarifications provided by the guys below seem to match what I remember from listening to talks on Tor by the project's developers.

Operational security and Tor is such an interesting and frankly, quite scary subject. I've mainly used and instructed people on Tor for read-only uses of the web.

For my own needs, masking the origin of an actively participating persona is out of scope. I generally warn people about doing anything that requires sign-on/nicknames etc without very careful research.

I recognize that my lack of a need for serious anonymity for basic political activism etc is a huge privilege. So I try to give back by running a bunch of Tor middle relay myself.

For serious anonymity, I'd really be strict about using a forensically clean Tails USB boot environment, on varying public Wi-FI hotspots with a dedicated laptop that never has touched my regular network. The laptop must not ever be powered on near my house. Lots of systems, like Cisco Meraki business Wi-Fi APs take note of all nearby Wi-Fi and Bluetooth devices for 'location analytics'.

Javascript and stuff must be disabled of course. Carrying any cell phone, burner or otherwise is out of the question.

The reasons are many, but for starters, you don't want to be identifiable as the only person at your location making Tor connections, if you're doing something important.

Here are some good points on the subject. https://www.youtube.com/watch?v=eQ2OZKitRwc

My approach for promoting Tor to regular people around me is through describing it as a way to do random googling on subjects people don't necessarily want linked back to them, through analytics and ad companies.

I'm personally pretty convinced that insurance companies around the globe are looking pretty seriously at how far they could push their use of intelligence from data brokers. For purposes like identifying people with potential inherited diseases, recreational drug use habits, mental health problems etc.

So, I think Tor is important for all of us.

I love the tor browser, however much of the internet without javascript is not useable, at all. Very unfortunate for a tor fan like myself. To be quite honest, if most people weren't like 'grandma' and actually took more interest in the underpinnings of the computer itself, they would automatically be more self-aware of said security. However, it can be said that our 'security', and most importantly, our identity, has been compromised by the very govts and colluding corporations who regulate the devices with which we network. The "land of the free" is anything, but not that. I can't stress enough that societies need to preach good computing habits with encryption first and foremost. Instead all I ever hear is how wonderful the latest device is because: it's newer, faster, you can piss on it, etc. Where in the hell is the spiel on how secure it is and how wonderfully it encrypts everything? The worst part of it is that most don't take enough interest and the powers that be are similar to snakes in the grass. The balance of anything, even information as well as communication is what we all need to strive for.

With a properly setup TORbrowser it will use a different tor circuit for every host. Using a [single] VPN "centralizes" your exit connections. For HTTPS enabled sites TOR is perhaps a better choice, just have to be careful of sslstrip.

I even vaguely remember that in one of Snowdens released documents, the NSA wrote in a powerpoint presentation that this setup causes head aches. Will try to find it again.

It's important to note which things are theoretically hard vs lack of tooling.

Using a VPN after Tor might defeat a bad exit node sniffing or changing content. But a VPN absolutely hurts anonymity. Plus there's no way to be sure the VPN op isn't keeping logs.

If I were at the NSA and concerned about any of this, I'd start a few VPN companies. And run Bitcoin exchangers/vendors.

Doesn't this create a risk of committing fraud and identity theft in some countries?

I can understand it wouldn't be a crime to create a random email address but creating a fake house address and using this for payments sounds a little tricky.

What you call "fraud" I call "privacy". Anonymous transactions happen all the time with cash, and any new payment method needs an equivalent. In the modern era where it is no longer possible to gain privacy by being unobservable, a new definition of privacy is required. Dan Geer has a very good replacement definition; privacy is "the effective capacity to misrepresent yourself"[1]. If cash isn't possible, misrepresentation is the only option.

[1] http://geer.tinho.net/geer.blackhat.6viii14.txt

What you call privacy might be called fraud in some countries. That's what my question is about.

I concur & I tread lightly in my guerilla tactics. My bank, my insurance company my Dept Of Motor Vehicles & the other "legit" govs that require my info get it(and I use offline services as exclusively as/while I am still able). For every other "reg required" service, discount card "brick & mortar" or any other entity that requires a unique account, they get all the mis-info I can feed them. In the end, they get their unique identity to track and disseminate, it's just a falsey.

*Granted, it is an easily unravelled ball of lottery hotlines & public spaces addresses that could easily be traced back to the real "me", but I'm not really hiding, just preserving my right to be left alone from prying marketeers and... ahem.... data scientists.

In the interest of discussion, I'm going to play devil's advocate here. Please don't attack me personally.

The difference between a cash transaction and, say, a bitcoin transaction is one of scale. To make a cash transaction requires us to be in the same place and to have at least a basic understanding of identity. A fraudster can obviously profit in this situation, but their targets are limited to who they can physically meet.

The Internet is an order of magnitude larger scale. Fraudsters can work in bulk and hide their transactions easily. It's wholesale and not retail, so to speak. That is a problem worth at least considering.

It doesn't create a risk of these activities.

It may make it easier for people to commit fraud, though I suspect anyone considering that career choice is probably slightly ahead of the content of this article.

As to identity theft - I can't see how this article would help or hinder anyone in that pursuit. I guess if you follow one of the practices described - unique ID attributes at your various throwaway / anonymity-desired sites you visit - you may make it slightly harder for someone to pinch your identity.

What identity are you stealing though?

This is just a list of more things for them to clamp down on.

I'm thinking about going in the opposite direction, and broadcasting all of my personally identifying information (credit card, SSN, etc). Obviously I would have to set aside a large amount of time to deal with issuing fraud reports, and make sure that I wasn't risking anything that I can't afford to lose--but it does seem simpler in some ways.

After all, if you don't have anything to hide, you're bulletproof, right?

As another pointed out, nothing to hide depends on context and context can be other than legal context.

Your browser history or credit card statements for porn sites may not be illegal, but might hamper your political career or personal life.

You may be the CEO of a non-profit aiming to combat fossil fuels in which case your youth spent tractor pulling or drag racing may prove "annoying" once a adversary succeeds in spinning the history right.

There are lots of examples where nothing to hide has absolutely nothing to do with the law. And the big deal here is that YOU decide for yourself what your conscience can commit to - not public debate.

The problem: "Nothing to hide" depends on the context. Maybe you don't have anything to hide under the current laws, but what about laws in 20 years from now? Maybe times change and suddenly, you've got a lot to hide.

I'm having trouble finding it but the perfect example of this is a census that collected religious affiliation (for innocent statistics) that some brave citizens went to great lengths to destroy when they came under Nazi occupation in order to try and protect Jewish residents.

Another example would be the internment/deportation of 120,000 Japanese-Americans during WW2. I'll bet when they were ticking the 'Japanese ancestry' box on their census form they had no idea they were signing up for future imprisonment without due cause or due process.


Related Wikipedia page: https://en.m.wikipedia.org/wiki/Internment_of_Japanese_Ameri...

Might be worth noting that children that were in these camps are still alive today.

@idlewords has a few examples here: http://idlewords.com/talks/haunted_by_data.htm

e.g. A gay Russian who opens a LiveJournal account in 2004. Before LJ is bought by a russian company and russia becomes more homophobic.

While an interesting story, I don't think it is as meaningful as people try to make it here. Sure, the census might have helped Nazis quite a lot in committing atrocities. But it doesn't mean the census wasn't genuinely useful, and - more generally - you can't make day-to-day decisions on the assumption that you'll get invaded and conquered by extermination-minded people.

Are you allowed to weigh the benefits versus the costs of participating? To whom were the stats "genuinely useful"?

You don't need to weigh things against extermination explicitly, just any bad consequence, including political ones.

You are basically asking about the usefulness of demography in the society. I think it's pretty easy to imagine plenty of uses.


> it's pretty easy to imagine plenty of uses

To all individuals equally? weighed against individual risk?

Here are some things people were targeted over in the past:

- generic wealth level - generic education level - living in a particular area of the country - disabilities - having small children

You could probably find more examples like those if you browse the history of humanity. The point is, you can be targeted over anything, and you can't predict what it will be in advance. The Nazis exterminated members of religious minorities and different sexual orientation, which was somewhat unusual in history. The Soviets killed people with high educational credentials and with lots of wealth. Who knows what the next evil empire will pick as an excuse to murder people?

You can't run a society on the assumption it's doomed and everyone will get massacred. That some particular demographical data will be used to select and murder people is a low-probability hypothetical. That it is useful for managing a country right now is a fact. I get one not wanting to be oversharing about oneself, but I don't think that a remote possibility that a piece of demographic data will be used for evil purposes is grounds for ditching censuses altogether. This is not something we should be paranoid about.

I didn't make the Nazi comparison, and in fact I think it's a straw man. EVerything that concerns you about US/corporate data collection wrt social networks, internet monitoring/prism, mass surveillance etc, is also a concern with statistics collection.

Finding yourself questioned, monitored, surveilled, on any kind of "list" (no-fly, hollywood-black) or at any kind of increased risk or action by any actor, state or otherwise, is a risk to be weighed against whatever gain you might make from accurate stats.

> Who knows what the next evil empire will pick as an excuse to murder people?

An argument for giving up less discriminating information in general.

> You can't run a society on the assumption it's doomed and everyone will get massacred.

Much of the US constitution seems centered on protecting the people from an overly powerful government, and restricting said power. Make this sentence less hyperbolic, and you can run a society based on certain assumptions of corruption and abuse.

Suspect this is the link you have in mind:


It's cropped up on HN before.

The Netherlands. Directly affected Anne Frank's family, among others.

While it makes a nice story, if you think that lacking this information would have seriously slowed down the Holocaust you are sadly mistaken.

That is actually not correct. You should read "IBM and the Holocaust" to get a good account on exact that - there are good comparisons of countries that had very detailed census (typically "more organized" northern European) like Holland, where the majority of jewish population got killed, while in other countries like France it was as "low" as 25%.

In France in particular there is the example of https://en.wikipedia.org/wiki/Ren%C3%A9_Carmille René Carmille, who was in charge of census and actively sabotaged the collection and use of data.

See also http://theinstitute.ieee.org/technology-focus/technology-his... which calls Carmille one of the first hackers:

"After the invasion, the pro-Nazi Vichy government ordered a nationwide census. Carmille requested the assignment of compiling data from the census forms onto tabulator cards for analysis. His group transferred the data, including information from Column 11—where citizens were asked to indicate their religion—onto tabulator cards. They were instructed by the Nazis to sort the cards and print a list of all Jews living in France so that they could be located and sent to concentration camps.

Over the course of two years, Carmille and his group purposely delayed the process by mishandling the punch cards. He also hacked his own machines, reprogramming them so that they’d never punch information from Column 11 onto any census card. Instead, Carmille’s groups spent most of their time using the information on the cards to find and recruit former French soldiers for the French Resistance."

If that's not hacking and data protection, then I don't know what is.

Why would citizens accurately report a prohibited (or highly disfavored) religion? I can understand using existing census data, but a new census, after it's obvious what the government wants, seems not-so-useful?

This is a non-argument for me but may work for others. I couldn't care less what happens in 20 years. I don't even know if I'm alive then. It may be irrational but I simply don't care.

Then you're not receptive to any reasoning about future values, which seems sad.

Why is it sad? I live in the moment and I'm very happy. I'm not saying everyone should be like me though.

It's sad because it seems to treat the entire future as a kind of lost cause, which to me is primally saddening, like nihilism or solipsism.

No, that's not what I'm saying. I care about privacy for other peoples' sake and partly for my own. But my own personal future is a non-issue. The future of the world is not.

With the phrase "nothing to _hide_" you are starting from a bias: that if you have something that is not public knowledge then it must be wrong or evil and must therefore be hidden.

This is an excellent observation. Perhaps the phrase should be "If you have nothing private you have nothing to fear".

Exactly :)

And that better sentence busts open the assumption :)

I like the idea of digital chaff: publishing huge amounts of completely erroneous information about yourself and everyone else means that no one knows what to believe anymore.

Shouldn't a service like this exist?

What would this look like? Maybe a bot that went to dodgy sites, and signed up for accounts in your name, with random-but-valid data?

Maybe it would go into comment threads, Google the title, and post a blurb paragraph from a top result? Use karma and elastic search to machine learn which sites and topics to post?

It might even respond to questions with the specific random data for that site from when it signed up, to keep it consistent.

I mean, what you describe is most comments on Youtube or anywhere really. Can't we just pay a measly sum to some troll and let them run loose with a bot network conditioned on the fever-rants of 4chan/b/? Would this make the net worse? Could we tell?

Nice idea! If you do this, your defense to the banks could be that the government forced you to go public. You're covered.

TLDR: Use a VPN + Incognito mode + fake email and info

The VPN hides your IP. Incognito mode prevents your cookies from giving away your identity. And the fake info helps with things like sites being hacked and the data being dumped online.

And you really should try to use a reputable VPN, like the one they recommend in the article. Plenty of VPN services are in the business of injecting ads and malware, logging your traffic, stealing passwords and credit card numbers, etc.

Incognito mode is per session, not per tab or window.

> Going dark: online privacy and anonymity for normal people

Caveat: normal people don't care about such things.

I have found that normal people are those that care most about it, once they experience that the social contract that governs private space has being violated.

How many people become victims to identity theft per year? How many people end up in a bad breakup where their ex uses private information in some action of revenge? How many people get falsely accused each year by the police?

Ask them if they care about privacy and anonymity, or as it is more commonly phrased, personal security.

The term "normal person" is referring to your average person, and the average person has not been through such an experience.

Also, the whole "once it happens to someone, they care" applies to pretty much anything. Find someone who invests a lot of their time speaking in public for any cause you can imagine. Someone who talks to audiences about the perils of alcohol, drugs, any cancer or disease - basically anything that is harmful/dangerous/deadly. How many of them do you think ever gave a second thought to their cause, before it affected their lives personally (themselves, a family member, or close friend)? Practically none of them. People generally don't care about the consequences of anything until they've been slapped in the face by it.

I don't think this is true. I think people either don't understand it, or have a different comfort level than others. I work at a public library with people who struggle with basic information literacy, but they are very protective of their phone number. That's a piece of private information to them, despite how much safer it would keep them in the event their email account is compromised (or they inevitably forget their password when they arrive a week later to check their email for the first time). When I assist someone in setting up an email or Facebook account, I spend time to explain this problem to them.

People care, they just don't know.

Privacy is for everyone, not just the privileged few.

It isn't about privilege. It is more about whether privacy is something that you are worried about or not. Most people don't care about it and don't even think about protecting it.

Anyone with curtains on their windows, or who closes the door to their bathroom cares about privacy.

Yeah, but that's "real" privacy and they understand it quite easily. Meanwhile virtual privacy is something different and more complicated.

Privacy doesn't even work that well until you get it to be common practice. Otherwise, practicing privacy is just a big red flag.

I really object to the language of "dark" to describe privacy or anonymity, which are thereby painted with a sinister connotation.

A better term already exists: "blank"

    Computer Court 9: "Guilty. Take her down."
    Convicted Blank:  "I know my rights. I won't be judged by a machine!"
    Dragul:           "You don't have any rights. You're a Blank."
    Convicted Blank:  "Blank is beautiful!
                       Blank is beautiful!
                       Blank is beautiful!"
Max Headroom, Episode ABC.1.6 "Blanks"

Similar to /s/blacklist/blocklist, maybe we can replace this with "Going Transparent" to describe privacy or anonymity.

"Going Clear"?

Inspired by this comic: "Going other": http://www.robot-hugs.com/other-five/

P.S: Dark is cool ;-)

I suggest the german "Geist" which means spirit or ghost (as in Poltergeist). It sounds a bit like "Guest" and Ghostery uses this metaphor already. Plus, german is cool.


The article recommends going to Fake Name Generator (tm) to get a random online identity. The page is not encrypted and looks very, very fishy.

That page recommends going to Social Security Number Registry. Again, an unencrypted totally scammy looking page. If you enter a random name and select a random state, it will 'verify' that your identity has been stolen. Then, if you click on 'Validate', you can enter your SSN (unencrypted, of course).

I don't even know how to code, and this is a news site for hackers? This tripe makes it to the top of the front page?

FWIW, there is a "secure" version of the fake name generator, but you have to pay $1.99/year and sign in with Google, which is hilarious.[1]

Also, as explained by the creator[2], the SSN registry site is worthless and apparently a joke (although I'm not going to poke around on the site to verify).

[1] https://www.fakenamegenerator.com/premium.php

[2] http://www.forbes.com/sites/adamtanner/2014/02/03/the-mormon...

That really just makes everything worse, because this site, HN, presents the blog post as if it is a legitimate guide. The Fake Name Generator(tm) page states: "You should click here to find out if your SSN is online." Making no mention that the site is intended to be a joke.

Apparently, HN is a joke.

(Note that the only way to view the Forbes article you linked is through the cached version.)

It's a good piece, but the treatment of VPNs is bad. There's a new site about choosing a VPN service: https://thatoneprivacysite.net/ It summarizes a huge amount of information, for 159 VPN services.

It is so difficult to balance productivity/convenience and privacy/security.

Only recently did I stop worrying about privacy/security, and frankly my online experience is much better. I can now participate in any services/apps that catch my eye, I now save CC data at some sites, don't have a VPN/Tor slowing traffic and giving me cloudflare walls/"im not a bot" verification, don't have noscript/ublock/privacy badger breaking most sites, can sync across devices and backup online.

Having both secure & private online behavior is a massive inconvenience. You basically can't participate in the online world as it exists. (There are definitely opportunities to create secure/private versions of existing tools)

This submission has some more tips for preserving your privacy https://news.ycombinator.com/item?id=11706680

The SMS receiving sites don't work so well IME. They tend to use a single number for everyone, and the demand by spammers etc is so much higher than the free supply that for any given service, your number will probably already be blocked. Or the receiving will be unreliable, etc. I've gotten it to work sometimes, but usually not. Definitely too hard and time consuming for "normal people".

Is there a site that sells phone numbers for viop and sms for bitcoin without requiring identity?

Identity is required by us (and by most "foundational" financial and phone providers) but for external use with other 3rd parties, not at all. www.abine.com

As I am cranking away on some Go services on my laptop on my local coffee shop wifi, I see log entries popup of people trying to access php pages.

I go and ask the staff, and they said their POS is full of some weird software.

a good VPN provider is worth it, but finding one that will not keep logs on you is another story.

Here's the thing, if you are a normal person - you aren't going to read a guide on something like this. I have a 1 sentence guide on this for the 'normal person' - If you wouldn't want your grandma to see it, just don't enter it in an internet browser.

Sadly enough, I tend to agree with you.

I will note, however, that you display some naiveté about grandmothers ;)

I'm interested in 'phishing and malware protection', which I think means all my traffic gets reported to Google. This plus Google Analytics means the electric eye is on me wherever I go. Tips to browse safely without these?

The article exemplifies why the widespread misappropriation of of the VPN term is unfortunate (in same series as "router" for NAT boxes...), it serves to confuse people about the potential of real overlay networks.

Please say more about "the potential of real overlay networks".

Well, tunneling your web traffic to some random "VPN" provider and having all traffic flow out in the open to the internet is just defending against your last mile ISP basically. A real encrypted overlay would be a fully connected mesh between all the nodes of the network. Like IPSec was originally meant to work (transport mode, anyone being able to set up a security association to any other IP address with common PKI)


> Well, tunneling your web traffic to some random "VPN" provider and having all traffic flow out in the open to the internet is just defending against your last mile ISP basically.

People use VPN services because they can't trust their ISPs. ISPs log traffic, shape traffic, share data with adversaries, etc, etc. People instead choose to trust VPN providers. Typically, there are few ISPs to choose from. But there are numerous VPN services.

> A real encrypted overlay would be a fully connected mesh between all the nodes of the network.

Well, there are https://peervpn.net/ and https://www.onioncat.org/ (which connects through Tor). From years ago, I recall one from some Russian with a friend in Antarctica. But not even the name :(

Is this really still the best way to pay for stuff anonymously online? Lie to a financial institution? I understand the desire to avoid fraud, but boy does that irk me. Hrmm...

Skimmed the article, saw that he reccomended using Googlemail. Looked at the title of the post again. Looked at Googlemail reccomendation. Laughed and made a mental note not to trust "Troy Hunt".

Maybe try reading the article instead of skimming. He mentions options to Gmail if you don't want to deal with them.

Pro tip: don't comment if you've just "skimmed the article".

Hi, I'm Troy McLure. You may remember me from such articles as "Beans: The Forgotten Fruit" and "Making your Millions on Mt. Gox".

What is wrong with using gmail if you are following all the other safeguards he suggests (VPN, false identity, etc.)?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact