10. Be conscious of your privacy:remember that in the end it's (almost always) YOU that decide what information about yourself to reveal, when, why, and to whom.
basic rules for cyberspace data privacy
I'm really interested what other open minded people & cyberspace junkies are thinking about this thread?
9 basic rules for cyberspace data privacy
more or less most of you will now very well how much data in cyberspace is used for various analytics, especially for government excuses, lovely marketing researchers, behavior analysis, Google scary domination, pseudo data retention regulations, indexing engines etc....
(did you ever look in the browsers status bar, how many times you see google-analytics requests??)
next time you use twitter,facebook, blog's, think about twice, how much data you leave behind!
THIS IS NOT FOR "COVERING" YOUR TRACKS, but for the most basic cyberspace rule & human right: privacy!
Also many rules apply to your smartphone & fancy gaming console behavior as well!
1. Don't use your real name & email address all the time...I'm mean in future we will use nicknames only anyway ..and having our dedicated avatar ;-)
Google/IPhone/Ovi Apps are great, cloud computing & co, but it will be
very,very tempting to re-use/insider trading your personalized data profiles!!
2. Instead always using google, try using Scroogle
(no offend, but other search engines doing the same thing, but google does it most & scary effective!). If you are curious about the google cache, install the Firefox addon Cache View!
3. Understand what's running behind the website
Using Firefox addons, like Flagfox (where is webserver located and basic infos) or LiveHTTPheaders
4. Cover your basic web surfing behavior by using different proxies (like Firefox addon Tor-Proxy.NET Toolbar, or ozzie's QuickProxy), up-to-date proxies can be found here: Proxy Lists. Sorted by update time. List #1
5. Don't register with your real name & email address, even for simple free downloads. Only where it is legal mandatory (commercial online shopping ;-)
6. Commercial 'Internet Privacy' tools are not recommended, because you'll never know how much data the gather from their clients by themself, even if it's called: 'statistically reason only' - or do you capture all the time the commmunication your tools are using for their 'automated background service'?
7. If you share some private stuff on your website, don't allow any search engine spider to query your site - create robots.txt into your root webserver folder (example: http://zerohat.de/robots.txt)
8. Do not use dynamic dns clients for your home-router/pc, if not desperite needed (why would you want, that 24x7 you distribute your current public IP?)
9. Get involved to protect your online privacy - cyberspace censorship is just silly and data retention regulations are for 'Big Brother watching' ONLY!
Verify your identity online:
-use the amazing maltego tool (included in BT4 - take your time to configure the transformations properly, to query all known ressources successfully!!)
Maltego
-use http://shodan.surtri.com SHODAN - Computer Search Engine if you can lookup your IP
..be surprised what tracks you have left in cyberspace and think about twice, next time you over credulous use your real name, email address or online registration!
10. Be conscious of your privacy:remember that in the end it's (almost always) YOU that decide what information about yourself to reveal, when, why, and to whom.
Tools such as no-script will help eliminate google analytics. As well as the SecFox addon pack for firefox. These should be standard on anyone who wishes to be a bit anonymous.Originally Posted by brtw2003
But then again who's to say that even those tools do not "spill the beans".
Money and three letter agencies around the world have a lot of power.
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
I think you're overly paranoid.
Agreed. It seems reasonable to have multiple email accounts. One for family/friends and one for junk. (Or to use a system like trashmail.net for registrations etc)9 basic rules for cyberspace data privacy
more or less most of you will now very well how much data in cyberspace is used for various analytics, especially for government excuses, lovely marketing researchers, behavior analysis, Google scary domination, pseudo data retention regulations, indexing engines etc....
(did you ever look in the browsers status bar, how many times you see google-analytics requests??)
next time you use twitter,facebook, blog's, think about twice, how much data you leave behind!
THIS IS NOT FOR "COVERING" YOUR TRACKS, but for the most basic cyberspace rule & human right: privacy!
Also many rules apply to your smartphone & fancy gaming console behavior as well!
1. Don't use your real name & email address all the time...I'm mean in future we will use nicknames only anyway ..and having our dedicated avatar ;-)
Google/IPhone/Ovi Apps are great, cloud computing & co, but it will be
very,very tempting to re-use/insider trading your personalized data profiles!!
Seriously? Unless you go clicking a ridiculous number of ads who really cares if google has some search history for you. Well not even "you" just an IP which if you use cable or DSL is re-assigned to others at regular intervals, etc.2. Instead always using google, try using Scroogle
(no offend, but other search engines doing the same thing, but google does it most & scary effective!). If you are curious about the google cache, install the Firefox addon Cache View!
Alternately if you do really care for some reason you could simply delete your cookies & cache regularly.
An interesting idea but most people (average Joe types) won't understand any of the information anyway. For those that do you have limited choices. Obviously you arrived at said site for a reason in the first place, so either you have no find another source for the same info/files or accept the content (or be smart and use adblock/NoScript. [Which most people with a few neurons to rub together do anyway])3. Understand what's running behind the website
Using Firefox addons, like Flagfox (where is webserver located and basic infos) or LiveHTTPheaders
Why? Unless you're doing something you shouldn't do you really care if someone can learn a little bit about your browsing habits. Again I say simply don't click ads, and be aware of the type of sites you visit. OMG brtw2003 visited the remote exploit forums! Very important info.......4. Cover your basic web surfing behavior by using different proxies (like Firefox addon Tor-Proxy.NET Toolbar, or ozzie's QuickProxy), up-to-date proxies can be found here: Proxy Lists. Sorted by update time. List #1
Wasn't this #1 on your list?5. Don't register with your real name & email address, even for simple free downloads. Only where it is legal mandatory (commercial online shopping ;-)
Agreed.6. Commercial 'Internet Privacy' tools are not recommended, because you'll never know how much data the gather from their clients by themself, even if it's called: 'statistically reason only' - or do you capture all the time the commmunication your tools are using for their 'automated background service'?
Sure. Though you could also argue that this gives interested parties (or malicious individuals) a reason to dig deeper.7. If you share some private stuff on your website, don't allow any search engine spider to query your site - create robots.txt into your root webserver folder (example: http://zerohat.de/robots.txt)
Why? It's not as if your IP address is private data anyway? If your IP was private it wouldn't work.8. Do not use dynamic dns clients for your home-router/pc, if not desperite needed (why would you want, that 24x7 you distribute your current public IP?)
Is there an actual recommendation here?9. Get involved to protect your online privacy - cyberspace censorship is just silly and data retention regulations are for 'Big Brother watching' ONLY!
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
While that maybe true, thorin one has to remember that in some parts of the world the government wants to snoop on their citizens. Even if someone is doing nothing "wrong", they still want to maintain their own privacy.
I will take a good guess that the OP is from Germany. As such they have ( or are wanting to) change their data retention laws so that everything that everyone does with a internet connected computer is stored for x years and made available to n persons. Not only computers but cell/mobile, and home telephones, Email etc.
I don't know about you but when I call ___ and talk about ____ I don't need big brother recording it and then turning around and allowing it to be hacked and put up on Youtube.
Here is just one such link with more info in regards to the above.
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
well, if you watch the data breaches occurring worldwide, I'd say everyone should be paranoid in these cyberdays anyway, BUT besides that...
Business temptation is too high, to ignore the effect that
any kind of end-user profiling is/will be a tremendous business-enabler for all stupid ideas...this is only the beginning: semifluid.com » Blog Archive » Connection Cloud or imagine to run a sophisticated db query on salesforce.com
..we will see a lot of privacy data trading in the future..
and even if it's cross-border pseudo-legalized data exchange by the government...
we all know, many data means automated controls must put in place and some intelligence for triggering specific events, which means for sure, false positives and data flows which are impossible to control in the wonderful cloud ...and further imagine some noise outside your building and right after some people asking for your computer..next day, damn just a false alert of our freshly installed KI-based-logging-the-whole-bad-internet-including-the-whole-wireless-cloud :-)
It's just a thought and I think it shouldn't underestimated.
I personally think that the whole cloud computing this is a terribly bad idea. I've had quite a few sales drones over the past few weeks call me and want to talk about hosted solutions, and they just won't take "hell no!" for an answer. They seem to think that they being sales drones and that they attended a seminar about cloud computing, that they know better than those of us that are out here cleaning up the messes.
The last guy wanted to provide us with a hosted VoIP system. When I wouldn't bite on the idea of a hosted system, he persisted until the other guy with him finally got him to back off.
Cloud computing I believe, has dangers that we haven't even seen yet.
On a funny side note, on all my network drawings whenever I have to draw the cloud for the internet, I always make it look like a storm cloud, dark and scary. Just a little subliminal way of getting the point across that we don't know what's in the cloud and it could be bad.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
I agree 1000% It is really untested territory that companies are boldly exploring with no regard for security. I don't like the idea of someone else having control of my data, (Maybe I have control issues) especially (unrelated to cloud computing) after last year's credit card DB breaches. No thank you.
This thread is a good idea for folks who forget the basics of keeping yourself safe on the internet.
This is the sixth time we have created a thread about it... and we have become exceedingly efficient at it.
Actually there is a silver lining.
But I do agree that there are unknown dangers to cloud computing.
It is funny that there is always a rush by so many companies to be on the cutting edge with some piece of technology, but have no idea of the dangers behind it.
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
See, now you're just being selfish.Actually there is a silver lining.
But I do agree that there are unknown dangers to cloud computing.
It is funny that there is always a rush by so many companies to be on the cutting edge with some piece of technology, but have no idea of the dangers behind it.
One of the biggest issues I have with the whole cloud computing thing is what happens to your data when the company you initially trusted with it goes out of business and their assets are sold to another company? You would hope that you'd still have access to your data, but who knows?
Look at some worst case scenarios. A few years ago SILO, an electronics retailer went out of business around 12PM EST. They actually told customers to get out of the stores, the doors were then locked and all inventory was moved to a big warehouse where it was then sorted and sold off.
Now, imagine something similar happening at a midlevel data center. You'd hope it couldn't happen, but there's never a record of something happening, until there is.
Interesting Read
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Posting Permissions
