Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: basic rules for cyberspace data privacy

  1. #1

    Default basic rules for cyberspace data privacy

    I'm really interested what other open minded people & cyberspace junkies are thinking about this thread?


    9 basic rules for cyberspace data privacy

    more or less most of you will now very well how much data in cyberspace is used for various analytics, especially for government excuses, lovely marketing researchers, behavior analysis, Google scary domination, pseudo data retention regulations, indexing engines etc....
    (did you ever look in the browsers status bar, how many times you see google-analytics requests??)


    next time you use twitter,facebook, blog's, think about twice, how much data you leave behind!

    THIS IS NOT FOR "COVERING" YOUR TRACKS
    , but for the most basic cyberspace rule & human right: privacy!

    Also many rules apply to your smartphone & fancy gaming console behavior as well!


    1. Don't use your real name & email address all the time...I'm mean in future we will use nicknames only anyway ..and having our dedicated avatar ;-)
    Google/IPhone/Ovi Apps are great, cloud computing & co, but it will be
    very,very tempting to re-use/insider trading your personalized data profiles!!


    2. Instead always using google, try using Scroogle
    (no offend, but other search engines doing the same thing, but google does it most & scary effective!). If you are curious about the google cache, install the Firefox addon Cache View!


    3. Understand what's running behind the website
    Using Firefox addons, like Flagfox (where is webserver located and basic infos) or LiveHTTPheaders


    4. Cover your basic web surfing behavior by using different proxies (like Firefox addon Tor-Proxy.NET Toolbar, or ozzie's QuickProxy), up-to-date proxies can be found here: Proxy Lists. Sorted by update time. List #1


    5. Don't register with your real name & email address, even for simple free downloads. Only where it is legal mandatory (commercial online shopping ;-)


    6. Commercial 'Internet Privacy' tools are not recommended, because you'll never know how much data the gather from their clients by themself, even if it's called: 'statistically reason only' - or do you capture all the time the commmunication your tools are using for their 'automated background service'?


    7. If you share some private stuff on your website, don't allow any search engine spider to query your site - create robots.txt into your root webserver folder (example: http://zerohat.de/robots.txt)


    8. Do not use dynamic dns clients for your home-router/pc, if not desperite needed (why would you want, that 24x7 you distribute your current public IP?)


    9. Get involved to protect your online privacy - cyberspace censorship is just silly and data retention regulations are for 'Big Brother watching' ONLY!



    Verify your identity online:

    -use the amazing maltego tool (included in BT4 - take your time to configure the transformations properly, to query all known ressources successfully!!)
    Maltego

    -use http://shodan.surtri.com SHODAN - Computer Search Engine if you can lookup your IP


    ..be surprised what tracks you have left in cyberspace and think about twice, next time you over credulous use your real name, email address or online registration!

  2. #2
    Just burned his ISO
    Join Date
    Oct 2008
    Posts
    22

    Default

    10. Be conscious of your privacy:remember that in the end it's (almost always) YOU that decide what information about yourself to reveal, when, why, and to whom.

  3. #3
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by brtw2003 View Post
    did you ever look in the browsers status bar, how many times you see google-analytics requests??
    Tools such as no-script will help eliminate google analytics. As well as the SecFox addon pack for firefox. These should be standard on anyone who wishes to be a bit anonymous.
    But then again who's to say that even those tools do not "spill the beans".
    Money and three letter agencies around the world have a lot of power.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  4. #4
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Quote Originally Posted by brtw2003 View Post
    [B]I'm really interested what other open minded people & cyberspace junkies are thinking about this thread?
    I think you're overly paranoid.

    9 basic rules for cyberspace data privacy

    more or less most of you will now very well how much data in cyberspace is used for various analytics, especially for government excuses, lovely marketing researchers, behavior analysis, Google scary domination, pseudo data retention regulations, indexing engines etc....
    (did you ever look in the browsers status bar, how many times you see google-analytics requests??)


    next time you use twitter,facebook, blog's, think about twice, how much data you leave behind!

    THIS IS NOT FOR "COVERING" YOUR TRACKS
    , but for the most basic cyberspace rule & human right: privacy!

    Also many rules apply to your smartphone & fancy gaming console behavior as well!


    1. Don't use your real name & email address all the time...I'm mean in future we will use nicknames only anyway ..and having our dedicated avatar ;-)
    Google/IPhone/Ovi Apps are great, cloud computing & co, but it will be
    very,very tempting to re-use/insider trading your personalized data profiles!!
    Agreed. It seems reasonable to have multiple email accounts. One for family/friends and one for junk. (Or to use a system like trashmail.net for registrations etc)


    2. Instead always using google, try using Scroogle
    (no offend, but other search engines doing the same thing, but google does it most & scary effective!). If you are curious about the google cache, install the Firefox addon Cache View!
    Seriously? Unless you go clicking a ridiculous number of ads who really cares if google has some search history for you. Well not even "you" just an IP which if you use cable or DSL is re-assigned to others at regular intervals, etc.
    Alternately if you do really care for some reason you could simply delete your cookies & cache regularly.

    3. Understand what's running behind the website
    Using Firefox addons, like Flagfox (where is webserver located and basic infos) or LiveHTTPheaders
    An interesting idea but most people (average Joe types) won't understand any of the information anyway. For those that do you have limited choices. Obviously you arrived at said site for a reason in the first place, so either you have no find another source for the same info/files or accept the content (or be smart and use adblock/NoScript. [Which most people with a few neurons to rub together do anyway])

    4. Cover your basic web surfing behavior by using different proxies (like Firefox addon Tor-Proxy.NET Toolbar, or ozzie's QuickProxy), up-to-date proxies can be found here: Proxy Lists. Sorted by update time. List #1
    Why? Unless you're doing something you shouldn't do you really care if someone can learn a little bit about your browsing habits. Again I say simply don't click ads, and be aware of the type of sites you visit. OMG brtw2003 visited the remote exploit forums! Very important info.......

    5. Don't register with your real name & email address, even for simple free downloads. Only where it is legal mandatory (commercial online shopping ;-)
    Wasn't this #1 on your list?

    6. Commercial 'Internet Privacy' tools are not recommended, because you'll never know how much data the gather from their clients by themself, even if it's called: 'statistically reason only' - or do you capture all the time the commmunication your tools are using for their 'automated background service'?
    Agreed.

    7. If you share some private stuff on your website, don't allow any search engine spider to query your site - create robots.txt into your root webserver folder (example: http://zerohat.de/robots.txt)
    Sure. Though you could also argue that this gives interested parties (or malicious individuals) a reason to dig deeper.

    8. Do not use dynamic dns clients for your home-router/pc, if not desperite needed (why would you want, that 24x7 you distribute your current public IP?)
    Why? It's not as if your IP address is private data anyway? If your IP was private it wouldn't work.

    9. Get involved to protect your online privacy - cyberspace censorship is just silly and data retention regulations are for 'Big Brother watching' ONLY!
    Is there an actual recommendation here?
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  5. #5
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by thorin View Post
    I think you're overly paranoid.
    While that maybe true, thorin one has to remember that in some parts of the world the government wants to snoop on their citizens. Even if someone is doing nothing "wrong", they still want to maintain their own privacy.
    I will take a good guess that the OP is from Germany. As such they have ( or are wanting to) change their data retention laws so that everything that everyone does with a internet connected computer is stored for x years and made available to n persons. Not only computers but cell/mobile, and home telephones, Email etc.
    I don't know about you but when I call ___ and talk about ____ I don't need big brother recording it and then turning around and allowing it to be hacked and put up on Youtube.
    Here is just one such link with more info in regards to the above.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  6. #6

    Default

    Quote Originally Posted by thorin View Post
    I think you're overly paranoid.
    well, if you watch the data breaches occurring worldwide, I'd say everyone should be paranoid in these cyberdays anyway, BUT besides that...

    Business temptation is too high, to ignore the effect that
    any kind of end-user profiling is/will be a tremendous business-enabler for all stupid ideas...this is only the beginning: semifluid.com » Blog Archive » Connection Cloud or imagine to run a sophisticated db query on salesforce.com

    ..we will see a lot of privacy data trading in the future..
    and even if it's cross-border pseudo-legalized data exchange by the government...

    we all know, many data means automated controls must put in place and some intelligence for triggering specific events, which means for sure, false positives and data flows which are impossible to control in the wonderful cloud ...and further imagine some noise outside your building and right after some people asking for your computer..next day, damn just a false alert of our freshly installed KI-based-logging-the-whole-bad-internet-including-the-whole-wireless-cloud :-)

    It's just a thought and I think it shouldn't underestimated.

  7. #7
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by brtw2003 View Post
    well, if you watch the data breaches occurring worldwide, I'd say everyone should be paranoid in these cyberdays anyway, BUT besides that...

    Business temptation is too high, to ignore the effect that
    any kind of end-user profiling is/will be a tremendous business-enabler for all stupid ideas...this is only the beginning: semifluid.com » Blog Archive » Connection Cloud or imagine to run a sophisticated db query on salesforce.com

    ..we will see a lot of privacy data trading in the future..
    and even if it's cross-border pseudo-legalized data exchange by the government...

    we all know, many data means automated controls must put in place and some intelligence for triggering specific events, which means for sure, false positives and data flows which are impossible to control in the wonderful cloud ...and further imagine some noise outside your building and right after some people asking for your computer..next day, damn just a false alert of our freshly installed KI-based-logging-the-whole-bad-internet-including-the-whole-wireless-cloud :-)

    It's just a thought and I think it shouldn't underestimated.
    I personally think that the whole cloud computing this is a terribly bad idea. I've had quite a few sales drones over the past few weeks call me and want to talk about hosted solutions, and they just won't take "hell no!" for an answer. They seem to think that they being sales drones and that they attended a seminar about cloud computing, that they know better than those of us that are out here cleaning up the messes.

    The last guy wanted to provide us with a hosted VoIP system. When I wouldn't bite on the idea of a hosted system, he persisted until the other guy with him finally got him to back off.

    Cloud computing I believe, has dangers that we haven't even seen yet.

    On a funny side note, on all my network drawings whenever I have to draw the cloud for the internet, I always make it look like a storm cloud, dark and scary. Just a little subliminal way of getting the point across that we don't know what's in the cloud and it could be bad.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  8. #8
    Junior Member g3ksan's Avatar
    Join Date
    Jan 2010
    Location
    Florida
    Posts
    93

    Default

    Quote Originally Posted by streaker69 View Post
    I personally think that the whole cloud computing this is a terribly bad idea.
    Cloud computing I believe, has dangers that we haven't even seen yet.
    I agree 1000% It is really untested territory that companies are boldly exploring with no regard for security. I don't like the idea of someone else having control of my data, (Maybe I have control issues) especially (unrelated to cloud computing) after last year's credit card DB breaches. No thank you.

    This thread is a good idea for folks who forget the basics of keeping yourself safe on the internet.
    This is the sixth time we have created a thread about it... and we have become exceedingly efficient at it.

  9. #9
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by streaker69 View Post
    On a funny side note, on all my network drawings whenever I have to draw the cloud for the internet, I always make it look like a storm cloud, dark and scary. Just a little subliminal way of getting the point across that we don't know what's in the cloud and it could be bad.
    Actually there is a silver lining.
    But I do agree that there are unknown dangers to cloud computing.
    It is funny that there is always a rush by so many companies to be on the cutting edge with some piece of technology, but have no idea of the dangers behind it.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  10. #10
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by archangel.amael View Post
    Actually there is a silver lining.
    But I do agree that there are unknown dangers to cloud computing.
    It is funny that there is always a rush by so many companies to be on the cutting edge with some piece of technology, but have no idea of the dangers behind it.
    See, now you're just being selfish.

    One of the biggest issues I have with the whole cloud computing thing is what happens to your data when the company you initially trusted with it goes out of business and their assets are sold to another company? You would hope that you'd still have access to your data, but who knows?

    Look at some worst case scenarios. A few years ago SILO, an electronics retailer went out of business around 12PM EST. They actually told customers to get out of the stores, the doors were then locked and all inventory was moved to a big warehouse where it was then sorted and sold off.

    Now, imagine something similar happening at a midlevel data center. You'd hope it couldn't happen, but there's never a record of something happening, until there is.

    Interesting Read
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •