If you use a browser, everything you do online is tracked. But you can fight back.
“There is no such thing as personal information protection anyway. Forget it.” Scott McNealy said in 1999 about online privacy: McNealy, a former CEO of now-disappeared Sun Microsystems, spoke about privacy again in 2015. McNealy's early remarks proved to be largely correct, despite a negative and gloomy tone.
Cookies, beacons, digital signatures, trackers, and other technologies on websites and apps help advertisers, businesses, governments, and criminals You can create very detailed profiles of intimate people. There is a lot of talk about Target's discovery of a pregnancy before her parents knew her parents based on online activities of a teenage woman in 2012. This is the standard of privacy today. Google and Facebook are the most notorious commercial Internet spies and one of the most widespread Internet spies, but they are not alone.
The technology of monitoring everything a user does is getting better and better. In 1999, many new methods of monitoring emerged that did not even exist. ▲Always listening to agents such as Amazon Alexa and Apple Siri ▲Bluetooth beacons on your smartphone ▲Device-to-device synchronization that shows user activity on all your devices, and ▲Social media platforms such as Facebook. In particular, social media like Facebook can generate revenue because it is designed to share everything about users and their contacts. Trackers are the latest way to automatically monitor users in browsers. For example, when I recently checked, CNN had 60 trackers running.
Apple's Safari 14 browser is equipped with a privacy monitor that shows how much personal information is currently being attacked. Users using it will be quite embarrassed, as the browser shows you how many tracking attempts have been interrupted over the past 30 days, exactly which sites have tracked and attempted you, and how often. In my case, on average, 125 times a week on the computer I use the most, the tracker breaks.
Understanding online privacy
When talking about online privacy, it's important to understand what's usually tracked. Most websites and services don't really know who's on their site, they're just browsers with many features that can be converted into profiles. Marketers and advertisers are looking for specific types of people, and they use profiles to do this. They don't care who the user really is. The same is true of criminals and criminal groups who commit fraud or manipulate elections.
If a company wants personal information such as user name, gender, age, address, phone number, company, title, etc., users are encouraged to sign up. You can then specifically associate all the data held by the device with the user and use it to target users individually. This is common on business-oriented websites where advertisers want to reach specific people with purchasing power.
Criminals will want this data, too, and so are insurance companies and medical institutions that want to filter out undesirable customers. Over the years, U.S. law has been trying to prevent this way of identifying customers, but more creative ways have emerged. Above all, the US government also wants personal data in the name of control or security.
Users should be most concerned when personally identifiable. In addition, the widespread profiling of browsers committed to privacy is of concern.
Browser, a tool at the center of privacy, but very weak
Browsers were at the center of privacy online, allowing you to choose to block cookies, clear your browsing history, not log in from scratch, and turn off ad tracking. But the browser is a very weak tool that can be easily bypassed. For example, the Incognito or Incognito mode, which turns off the browser history of the local computer, does not block Google, IT departments, or Internet providers from recognizing the sites you visit. It just prevents other users with access to the computer from seeing the record in the browser.
The browser's 'Do Not Track' setting is mostly ignored. And blocking cookies prevents Google, Facebook, and other users from looking at unique device identifiers to see if they're signed in to the service, and monitoring user behavior through other means, such as connecting devices through common logins. Do not stop.
Because the browser is the main point of access to Internet services that track users, you can have centralized control from the browser. While there are ways that websites can circumvent this, users should use the tools they need to reduce privacy breaches.
Different mainstream desktop browsers have different privacy settings
The place to start protecting privacy is the browser itself. Some browsers are more privacy-oriented than others. Many IT departments force company computers to use a specific browser, so you may not have a choice at work. But if you have a choice, you have to make good use of it. And you have to know and practice for the computer you control.
The following ranks desktop browsers in the order of personal information protection support, assuming the maximum use of privacy settings.
- Apple Safari
- Microsoft Edge
- Mozilla Firefox
- Google Chrome
- Opera (Opera, which will be described later, but its own performance depends on the settings)
The following table shows the privacy settings available in major desktop browsers. Safari is only available on the Mac.
Setting desktop browser privacy
There is something to note about Adobe Flash. As of January 12, 2021, Adobe disabled Flash media playback in the Adobe Flash plug-in to remove a very dangerous and widely used multimedia player. Most browsers now remove Flash support as well as control over it
However, Opera 73 continues to allow Flash playback with user rights using its own Flash player. Microsoft has a very complex strategy to scrap Flash based on the browser you're using (Internet Explorer, Old Edge, or Chromium-based Edge).
This is due to the reality that many IT departments still haven't replaced Flash video (primarily for education) with secure HTML5 yet. Flash content is blocked by default, but all three browsers support Flash players.
Browser settings and best practices for privacy
You must do the following in your browser's privacy settings.
- Turn on the tracking stop function. Although often ignored, it is intended for sites that respect it.
- Block third-party cookies. While the site legitimately uses first-party cookies to provide this functionality, third-party cookies belong to other entities (primarily advertisers) that are likely to track you in ways that you do not want. That said, don't block all cookies. Many sites may not work properly.
- Set the default permission to access the camera, location, microphone, content blocker, autoplay, downloads, pop-up windows, and notifications on your website to at least OK.
- Turn off the tracker. If your browser doesn't allow this, switch to using a tracker as it is the preferred way to monitor users over older technologies like cookies. Blocking the tracker is less likely to cause your website to function only partially, as you often use content blockers.
Also, when searching, take the following precautions:
- It uses DuckDuckGo as the default search engine. Because it's more private than Chrome or Bing. If necessary, you can always go to google.com or bing.com.
- Don't use Gmail in your browser. When you log in to Gmail or Google services, Google tracks your activity across all other Google services, even if you're not signed in to any other Google service. If you need to use Gmail, use an email app like Microsoft Outlook or Apple Mail. This way, Google's data collection is limited to email only. It is possible to start, and since it is a Google-only browser, it violates more privacy).
- Don't log in to other sites using your Google, Facebook, or other social service accounts. Instead, create your own account. If a social account is used for a convenient login service, the social company can access the personal data of the logged-in site.
- Don't log in to accounts such as Google, Microsoft, or Facebook from multiple browsers. That way, the vendor won't be able to create a complete profile of what the user has done. If you need to log in for synchronization purposes, consider using a different browser for various activities, such as Firefox for personal use and Chrome for business. Using multiple Google accounts doesn't help you separate your activities. Google knows that multiple accounts all belong to one user, and combines the user's activities.
Browser utility to enhance privacy
Additional tools can be used to supplement the desktop browser's built-in security settings.
Mozilla has a pair of Firefox extensions that protect you from Facebook and other users who monitor you on your website. The Facebook container extension opens a new, isolated browser tab for all accessed sites that contain Facebook tracking, such as when logging into a site via Facebook login.
This container prevents Facebook from seeing browser activity in other tabs. And if you use the multi-account container extension, you can open separate isolated tabs for various services, each of which can have a separate ID, making it difficult for cookies, trackers, and other technologies to understand all the activities of the tabs.
The Privacy Essentials extension of the Deokdeokgo search engine for Chrome, Edge, Firefox, Opera, and Safari slightly enhances privacy protection to block trackers and automatically open encrypted versions of websites (tracker Chrome doesn't do anything to block it by default, but other browsers do).
Most browsers, except Chrome, can now block tracking software, but anti-tracking extensions like Privacy Badger from the long-established privacy organization Electronic Frontier Foundation (EFF) are performed by the browser. You can outdo what you do. Privacy Badger can be used in Firefox, Chrome, Opera, and Edge, but not in Safari, which actively blocks trackers by itself.
In particular, EFF has a very useful tool called Panopticlick that analyzes the browser and reports the level of privacy in the settings set by the user.
I used PanopticClick to figure out how the standard settings differ from browser to browser, and the results show why I should adjust the settings in my browser, rather than rely on the default settings. PanopticClick revealed the following for mainstream desktop browsers that run with default settings:
- Chrome and Safari protect the personal information associated with advertisements as users wish.
- Firefox also protects personal information related to ads but also blocks advertisers who agree to comply with the Do Not Track setting.
- The edge has only weak basic protection.
- Opera performed poorly when blocking tracked ads and invisible trackers, and even after enabling maximum security settings, the poor performance persisted.
In conclusion, you shouldn't rely on your browser's default settings, and you should adjust your settings to maximize privacy. At Edge, you can see the following: Privacy is weak in the default settings, but tweaking the settings is quite powerful.
Adblocker, how to deal with it
Content Blockers and Adblockers tools suppress entire sessions of website code to prevent widgets and other code from working, prevent some site modules (typically ads) from showing up, Inhibits the built-in tracker. Ad blockers specifically target ads, while content blockers look for unwanted JavaScript or other code modules.
These blocking tools often damage parts of the site that authors consider to be an indicator of unwanted behavior, so they often compromise the functionality of the site. Depending on the tool, the results vary widely. If your site doesn't run as expected, whitelist the site or disable the content blocker for that site in your browser.
I've long been skeptical about content and ad blockers. Not only do legitimate publishers get rid of the revenue it needs to keep the business, but they rob many of their business models. In particular, these blocking services often charge publishers a fee to get through the ad. Block ads if the publisher doesn't pay. They promote themselves to protect user privacy, but viewing only paid advertisements does not help protect user privacy.
Of course, immoral publishers are the contributors that initially made users use ad blockers, so they are filthy in every way. However, modern browsers such as Safari, Chrome, and Firefox increasingly block 'bad' ads (the definition of bad ads is generally quite limited). Firefox goes beyond blocking bad ads in recent years and offers stricter content blocking options, similar to what extensions have been doing for a long time. What users really want is tracker blocking, which is handled by many browsers these days, either on their own or through anti-tracking extensions.
Provides less personal information than mainstream mobile browsers, desktops
Mobile browsers generally provide fewer privacy settings, even if they perform the same basic spy activity as those on desktops. However, you should use the privacy controls provided by the browser vendor.
The following is a ranking according to the order of support for personal information protection, assuming that the main mobile browser's privacy settings are used to the maximum.
- Microsoft Edge
- Mozilla Firefox
- Apple safari
- Opera touch
- Google Chrome
The following table shows the privacy settings available on major mobile browsers as of October 28, 2020 (version numbers are not often displayed for mobile apps). Safari is only available on iOS.
Both iOS and Android have disabled Flash for years, so you don't have to worry about flash technology on mobile. Also, control over the location, microphone, and camera usage is handled by the mobile operating system, so use the iOS or Android settings app. Some apps provide these controls directly for convenience.
Paranoid Browser, Brave, Epic, Tor
For years, ad blockers have become a popular way to combat malicious websites. But paranoids wanted stronger user privacy, and alternative browsers emerged.
Brave Browser and Epic Privacy Browser are the best known of the new types of browsers. The old privacy-oriented browser is Tor Browser. The Tor Browser was developed by the Tor Project, a non-profit organization founded in 2008 based on the principle that Internet users should have private access to the uncensored web.
All these browsers take a very aggressive approach that removes the entire code of the website to prevent not only ads but all kinds of features from working. These browsers often block the ability to register or log in to websites, social media plug-ins, and JavaScript in case personal information can be collected.
Nowadays, mainstream browsers other than Chrome can receive strong privacy protection, so there is very little need for a browser specialized in privacy protection. Even mainstream browsers support ad and content blocking, which was the biggest feature of these browsers.
In addition, Brave, an alternative browser, appears to be using ad blockers to steal revenue from publishers, not to protect user privacy. Brave has its own ad network and wants publishers to use its own instead of competing for ad networks like Google AdSense or Yahoo Media.net. Therefore, users who choose Brave Browser are forced to use the advertisement service. It's like a store telling people that to shop with a particular credit card, they can only buy products from a particular credit card company.
Nevertheless, there are the following reasons to consider this alternative browser in addition to adblocking.
- Since Brave Browser can inhibit social media integration on websites, plug-ins such as Facebook, Twitter, LinkedIn, and Instagram cannot be used. Social media companies collect huge amounts of personal data from users of their services on their websites. Brave doesn't respect the anti-blocking settings on websites and treats all sites as if they were tracking ads.
- Epic Browser's privacy controls are similar to Firefox, but internally they perform one different function. Because it's far from Google's servers, it doesn't go to Google to gather information. Many browsers, especially the Chrome-based Chromium browser, use Google servers by default, so you don't know how much Google is actually involved in web activity. However, if you log into your Google account through a service like Google Search or Gmail, Epic can't stop Google from tracking you in the browser.
- Epic also provides proxy servers to block internet traffic from data collection by internet service providers. CloudFlare's 1.1.1.1 service provides similar functionality for all browsers as described below (Google Chrome and Microsoft Edge allow you to use a third-party secure DNS provider if you want, but like Epic, it provides its own. I never do that).
- The Tor Browser is an indispensable tool for journalists, whistleblowers, and activists targeting governments and businesses as well as users in countries that censor or monitor the Internet. It uses the Tor network to hide users and their activities from these monitors and censors. You can also post a website called Onions, which requires highly authenticated access to disseminate very private information.
Other ways to protect yourself on the web, GDRP, CCPA, and Ed's Choice
Regulations such as the General Data Protection Regulation (GDPR) in Europe and the California Consumer Privacy Act (CCPA) in the United States are allowing more and more websites to control the use of cookies and other trackers by visitors on each site.
For simplicity, many multinational corporations offer the same choice to users outside of the GDPR and CCPA jurisdiction. In general, blocking cookies in your browser is not a practical suggestion at all. In some cases, you may need cookies that work the way you want, such as logging in automatically when a user returns to a website.
It can be helpful here to use the cookie controls required by GDPR and CCPA. When you enter a European website, you will see a pop-up window with GDPR consent, where you can see all the cookies you want to use on that site. Among them, marketing cookies are an object of concern. Often there will be dozens to hundreds of cookies from companies you've never heard of. For reference, ad blockers, content blockers, and other privacy tools can paradoxically remove CCPA or even GDPR agreements from various sites.
Because some cookies "follow" from site to site, they can show the same advertisements wherever they go based on interests, such as what you search for on Amazon or on search engines. Other cookies go further and create a user's profile by tracking the user's behavior and interests while surfing the web.
Since most of these cookies are served by the advertising network used by the website, neither the website publisher knows who these cookies came from. Because ad networks are also linked to other ad networks, no one knows who is tracking users on a particular site. In conclusion, it is easy to face a situation where dozens or hundreds of advertisers who do not know about a particular site want to automatically install cookies in their browsers.
Instead of individually deciding which cookies to accept, the user blocks them all. If many users do that, perhaps publishers and ad networks will actually manage these 'partners' and get rid of the evil ones. Find control over cookies, such as in the AdChoice link or Cookie Policy link. And it's hard to even block everything by the site. Users must set up controls for each site they visit. Assuming this feature is provided, the only way to specify the privacy settings of an advertiser is to use an ad blocker for a high-pressure approach.
Privacy steps you can take outside the browser
If you really want to protect your privacy, you shouldn't use the internet. Of course, it will be impossible. So, what can you do outside of what your browser allows?
Here are the privacy steps you can take for other web-based and app-based Internet activities. These other Internet tools are also more powerful spies than the browser itself. The goal is to limit sharing and make it difficult for trackers to see a user's activity as a whole.
- Do not use social networks. If you have to use them, share them as little as possible. Use privacy settings, but don't believe that they are no longer tracked. In particular, Facebook is notorious for unsavory and unauthorized use of user data even if it does not have an account and simply visits a Facebook page.
- I don't use voice assistants like Alexa or Siri. These collect a lot of data about users. Apple has long focused on privacy, and it appears that it has not resold the vast amount of data it has collected. However, recent versions of macOS and iOS introduced a service called Siri Suggestions, which analyzes user activity and provides recommendations. This service is something that Google and Facebook have been doing for years. All of this data is sent to Apple and is inconvenient. Since we've seen Apple accept privacy requests from some countries, there's a risk even if it respects users' privacy more than other data collection giants.
- Turns off 'useful' tracking features like Google Assistant and Siri's suggestion. Turn off these features for Facebook, Microsoft, Amazon, and all other users of mobile devices, web services, and computers. You need to turn off the advertising ID in Windows 10's general privacy settings.
- Turn off location services for apps or websites you don't really need. Turn off location services in the Privacy pane of the Windows 10 Settings app, privacy and settings system preferences in macOS, location services control in iOS settings, and Android location control windows.
- Look at the different privacy settings on each device you have. Limit access to activities and information wherever possible.
- When searching for products in a browser or shopping app, you shouldn't log into the online store. Log in only when you've decided what to buy, and retailers won't be able to track your browsing activity.
- Where possible, laws such as CCPA or GDPR are used to delete or restrict the use of data, rather than just managing cookies. week. Likewise, we regularly delete data from Google and other services we track extensively.
- Consider using a VPN (Virtual Private Network), but be careful. Free VPN services are making money somehow, and users' data is embedded in that 'somehow'.
- Use Cloudflare 1.1.1.1 service, which is a proxy DNS server that delivers web traffic, not Internet service providers. ISPs often collect search traffic and sell resulting profiles to advertisers and other commercial stakeholders. Cloudflare is a provider that manages Internet traffic for publishers, suppliers, and government agencies, but it seems to have fewer problems with the use of the data it collects than ISPs. And 1.1.1.1 is more comfortable than a free VPN. But there is no real freedom, and the fee is actually paid.
- When using 1.1.1.1, set the router so that all network devices are automatically protected. Set the primary DNS to 1.1.1.1 and the secondary DNS to 1.0.0.1. This way, you don't have to disable 1.1.1.1 pseudo VPN to use corporate VPN on your mobile device. On desktop computers, 1.1.1.1 doesn't use a pseudo VPN, so it doesn't conflict with corporate VPNs. However, you can also set 1.1.1.1 on computers and mobile devices when traveling or on the go outside a protected router. In the system's network settings of the operating system, configure the primary DNS to 1.1.1.1 and the secondary DNS to 1.0.0.1 (you can leave it as is after setting it). For mobile devices, install the 1.1.1.1 app from the App Store and turn it on when moving. However, to use a corporate VPN, you need to turn off the app.
Of course, you can still track users through other means, but that doesn't have a reason to make tracking easier. You can't completely protect your privacy, but it can make it difficult.
0 Comments