Hacker News new | comments | show | ask | jobs | submit login
Ask HN: How do you protect your privacy online?
4 points by barking on Oct 29, 2012 | hide | past | web | favorite | 4 comments
On cryptome's home page ( http://cryptome.org/ ) it has this statement at the top

"Privacy, anonymity and security services are deceptive, protect yourself."

This struck a chord with me because lately I have been becoming creeped out by the way I'm being profiled based on my online activity.

I don't like the fact that google, for example, gives me results that it thinks might be of interest to me or that the ads on sites that I visit for the first time are already tailored to my tastes.

Even if you don't allow cookies or you have a dynamic ip, just the information sent by your browser about your setup can be enough, apparently, to attach a unique identity to your machine.

To guard my privacy I had been thinking about signing up for one of the services that offers privacy but as the old phrase says "who guards the guards"?

Is there such a thing in a system where your every click is logged and backed up somewhere?

I personally use 2 Browsers (FF and Chromium) for those reasons.

FF is my browser to stay private, therefore i am for example constantly not logged into my accounts (google/gmail/youtube).


-) 4 Easy Steps to stop online tracking


-) NoScript for FF

Stops every script unless you allow it.

According to http://stallman.org/facebook.html

"Pages that contain Facebook "like" buttons enable Facebook to track visitors to those pages. Facebook tracks the users that see 'like' buttons, even users who never visited facebook.com and never click on those buttons."

There also is a solution described to stop that, but NoScript technically should get rid of the problem.

-) Google has it's own privacy settings, i think you can prevent from being tracked too hard with setting those accordingly

-) DuckDuckGo is getting more and more famous, it's a search engine that market itself as respecting ones privacy and not bubble people (i personally still use google)



-) I also use AdBlock+ so i am not bothered with commercials to annoy me.

-) If you are really paranoid you could use something like Tor/VPN



i personally don't.

-) don't allow third party cookies

-) automatically delete all cookies after shutdown

-) don't use sync programs/functions

-) store data online only strongly encrypted

The reason why i have 2 browsers is, that when i visit an unknown site with lots of multimedia content and when i don't want to be bothered with looking for what script does what (to activate some video embedded on the site for example), then i can just copy it into chromium and it works.

And in chromium i can constantly read e-mails or visit youtube when wanting to leave a comment, in FF i can browse privately (so simultaneously).

If you are sharing your computer with people make sure

-) passwords aren't stored

-) to delete browser/download history in general

That is all i can think of right know.

Oh and e-mail:

-) set up own e-mail server and use encryption


-) choose e-mail provider having servers in a country that you trust and that maybe has an encryption feature (for example: Hushmail, located in Canada, free encryption - known to cooperate with us authorities though)

-> if you don't mind paying, CounterMail probably is interesting for you



Of course, in these days many users just give their information away for free. They react with false assumptions about being tracked (most companies think it is service to their customers - people aren't bothered so much with ads that fit their needs). So if you use facebook and use it to chat with people, you update your status, have many apps on a smartphone and just click on "agree" everytime without being concerned, then you shouldn't be too concerned about being tracked by Google either. Then you are just a hypocrite.

To add one suggestion, if you want even more control than Adblock Plus, you can look at Request Policy (http://requestpolicy.com)

Instead of a blacklist approach like abp, you control which cross-site requests are allowed. Most of the time all a site needs is one xsite request to the domain hosting its static resources

Wow! Thank you for such a comprehensive reply. Plenty to chew on. I don't use facebook or twitter or google plus. I think I'll adopt your dual browser, adblock and cookie suggestions immediately and then look into the others. Thanks again for taking the time to answer so well

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact