×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

How do You Protect Your Online Privacy?

Cliff posted more than 7 years ago | from the now-that-they-are-watching-are-you-paranoid-yet dept.

129

P asks: "In the light of the recent discussions about on-line privacy: What can one do to protect his/her on-line privacy, while still having a enjoyable web experience? For example, are you using PGP for all your emails and Zfone for all your VOIP traffic? Or are there better ways of protecting oneself? Share your tips and tricks."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

129 comments

Easy. (5, Funny)

isometrick (817436) | more than 7 years ago | (#15347585)

I don't use the internet.

Re:Easy. (1, Funny)

carlmenezes (204187) | more than 7 years ago | (#15347882)

So in other words, you didnt pay your licensing fees to Al Gore.

Re:Easy. (-1, Troll)

Anonymous Coward | more than 7 years ago | (#15348279)

If I shit on a rag and smear it in your hair while you suck my dick, I think I might then laugh at the lame ass shit flowing out of your mouth. Fucking retard.

Re:Easy. (0)

Anonymous Coward | more than 7 years ago | (#15351046)

Why would you want someone to have shit flow out of their mouth onto your dick?

Wait a sec - Jay? Is that you? Say hi to Silent Bob for me.

Motherfucker! It's time we wrote something back! Type this shit down:
"All you motherfuckers are gonna pay! You are the ones who are the rag-smearers!"

A man can't use the internet, but "isometrick" can (0)

NRAdude (166969) | more than 7 years ago | (#15348166)

If the people could comprehend the difference between a man and a person, then all the privacy problems would be solved.

First, trademark the name. Second, respond only in matters of interest -- by contract, not to adhere to codes and related private law patented subject matter. Third, the law of trust.

Every server today wants a "name" to a trusted "resident." As defined in law dictionaries, a "resident" is a "thing known" and by subject matter that "thing known" is in dispute by a prior contract to discharge of its account. In terms of services that have no cost for registration, it would prevail that the people move their person to contribute intellectual property that may discharge the want of funding. Such is the inherint case with SLASHDOT, whereby most people contribute good information and bring such a good content that registration is acknowledge to discharge by good contribution; or show a quo-warranto where the matter does stray from a journalist bringing "news" and dialogue to trade.

As well, it would seem that a "person" is defined in the 14th century french (its first occurrence) as "a mask worn from time to time." Thereby, "isometrick" is as much a person as "nradude." Even so, there is a person shared as "Anonymous Coward." In terms of protecting one's privacy, it is acknowledged that a certain name is capable of copyright by determination of trade value. For distinguishing among others of similar patent, it is advisable that a trademark known to an account of a certain day of a month of a year would prevail that there are many of similar name and trademark but each is an separate and independent interest.

Consider that there should be allowed many accounts to a single person on Slashdot, as distinguished by port and time of entry by landing rights. If there were an infinite number of Gregory Thomas(tm) born April 20, then they would surely be not the same instance of 420 but precisely different measurement of time. Why would not the time of registration of a Slashdot account be any different? Slashdot records the personable name to the account, the account number is deed and unique by its own, yet Slashdot doesn't allow same name?

"Anonymous Coward" is just the example, yet it appears there is one public without and one private reserved within. If everything was a correct world, then it would not be difficult to determine (by accounting) the CowboyNeal from fellow CowboyNeal.

Also, on the driver license or related applicatiosn that demand a SIGNATURE (only signature, not "sign"), it is good to "DBA" the name and acknowledge the true name as the trademark. As in my examples above, "Gregory Thomas" is a trademark of the Mundt family; contracts are meeting of the minds, not meetings of the flesh (think bacteria, or fungus, or virus reasoning with cell structure);

In matters of law, most trusts are derived from the tradename of a child, and the trusts are assumed and therefore coerced because their nature is unlawfully negotiated without a sound mind or "unconcionable contract." For those, just dissolve the trust at signature as would determine on the Face of the private trust matter (advertisements on behalf of the trademarked name):

(at a private intstitution, such as that DEPARTMENT OF MOTOR VEHICLES)
with Power of Attorney over "Gregory Thomas Mundt";
Gregory Thomas dba GREGORY THOMAS MUNDT

Notice how the above only abates the 14th amendment origin from the trademark; government is a public trust, not a private matter. Any registration is to lay dormant one's property, wherever derived from their legislative and judicial and executive ability, and be endowed with benefits from another. Administrators of Slashdot are no different than executives, but they are voluntarily in this respect and verry much honourable.

Forget it (4, Insightful)

Gothmolly (148874) | more than 7 years ago | (#15347609)

seriously, if "They" want your data, They will go through your trash, subpoena your pay records and phone records, and tap your phone line. "They" will know more about you than you can imagine, regardless of whether you use encrypted VoIP or not.

Want to feel safe on line? Write your Congressman, tell your friends about IP and privacy issues, affect a cultural change. As long as 51% of your friends are willing to trade freedom (theirs and yours) for security (mostly theirs), you're fscked.

Re:Forget it (2, Insightful)

Bios_Hakr (68586) | more than 7 years ago | (#15347919)

Politicians don't care. And maybe they shouldn't. There are bigger fish to fry right now.

I understand that in an online community, privacy is a big issue. Just like condoms in schools are a big issue with soccer moms. However, in the overall scheme of things, there are a lot of areas that need to be fixed.

If you really want to make a change, start demanding term limits on the Senate and House.

Demand a Constitutional ammendment limiting the ammount of money a single person is able to contribute to a political party. $500 sounds like a good number.

Demand that lobyists be forced to open their books on all expendatures. Make every cent that the AARP, NRA, NAACP, etc be accounted for and displayed on the web.

Demand that politicians be forced to committ to promises during their campaign. Failure to make serious headway towards campaign promises should be grounds for Impeachment.

Demand that the DoD and other government agencies reduce their budgets while maintaining manpower to accomplish their missions. Do we really need to spend $200m on the F-22 when the $40m F-16 and F-18 is still good? Sure, the F-22 is nice, but would you rather be defended by a single F-22 or 5 F-16s? Do you really think a pilot in an F-22 could take out 5 F-16s?

Privacy is *not* the problem; it's the symptom. When you start asking why our privacy is at risk, you'll eventually come to the core problem. Govenrment corruption and power grabs are the real problem.

yes about the F-22 (1)

r00t (33219) | more than 7 years ago | (#15348066)

Generally, the F-16s wouldn't see the F-22. If they did (visually), they couldn't get a missle to lock on. The machine gun stands a chance, barely.

An F-35 with a laser might do OK against the F-22, but that toy isn't shipping yet.

Re:Forget it (2, Informative)

coaxial (28297) | more than 7 years ago | (#15348303)

Demand that the DoD and other government agencies reduce their budgets while maintaining manpower to accomplish their missions. Do we really need to spend $200m on the F-22 when the $40m F-16 and F-18 is still good? Sure, the F-22 is nice, but would you rather be defended by a single F-22 or 5 F-16s? Do you really think a pilot in an F-22 could take out 5 F-16s?

First, we''re not going to be fighting F-16s, MiGs? Sus? Yeah. Mirages and ChengDus? Maybe. But not Fs. Anyway, it might be able to, I don't know. The F-14 was capable of downing six over the horizon targets simultaneously, and we retired that.

You're bigger point about weapon systems being political decisions rather than military decisions is dead on though. The RAH-66 Comanche program started in 1983, and 21 years and $31 billion laters it was canceled. What did Army Chief of Staff Peter Schoomaker say in February 2004 about its cancelation?

[The] Comanche was a wonderful idea up until about 1989. [...] We started seeing that kind of threat disappear, and then it continued to disappear over the last decade." Commenting on the Schoomaker statement, Defense News wrote on 1 March: "Army officials say the move reflects the more elusive enemies and weapons that have emerged since Comanche was conceived in 1983 to find and fight Soviet tank formations. Stealth, once the RAH-66's biggest selling point, is now deemed unnecessary and expensive.


That's just one example of an unneeded, and unwanted weapon systems. Unwanted by the military mind you. Why does this happen? The weapons mean jobs. And one one is going to vote against jobs in their district, and no one is going to vote against jobs in someone else's district for fear of retaliation. Why do you think the BRAC [defenselink.mil] is now (supposably) apolitical and is hella hard to appeal?

Whenever I think about how much money is being wasted on undesired weapons, I think of Eisenhower's 1953 speech to the American Society of Newspaper Editors: [eisenhowermemorial.org]


Every gun that is made, every warship launched, every rocket fired signifies, in the final sense, a theft from those who hunger and are not fed, those who are cold and not clothed.

The cost of one modern heavy bomber is this: a modern brick school in more than 30 cities.

It is two electric power plants, each serving a town of 60,000 population.

It is two finely equipped hospitals.

It is some 50 miles of concrete highway.

We pay for a single fighter with a half million bushels of wheat.

We pay for a single destroyer with new homes that could have housed more than 8,000 people.

This, I repeat, is the best way of life to be found on the road the world has been taking.

This is not a way of life at all, in any true sense. Under the cloud of threatening war, it is humanity hanging from a cross of iron.


Of course he was nothing but a goddamn pinko. [msu.edu]

Eisenhower just a goddamn pinko (1)

FunkyRat (36011) | more than 7 years ago | (#15348619)

That's what Robert Welch (founder of the John Birch Society) argued [publiceye.org] : "Welch's famous book, The Politician, caused a stir even among many loyal Birch members who were shocked by Welch's assertion that President Dwight D. Eisenhower was "a dedicated conscious agent of the communist conspiracy.""

Got to love those conspiracists.

Re:Forget it (4, Interesting)

QuantumG (50515) | more than 7 years ago | (#15347994)

Back in 1998 I was raided by the Australia Federal Police. They were looking for evidence on computer crimes allegedly committed by people I had allegedly spoken to on IRC. They weren't after me, but I was still thankful that my harddrive was encrypted and there we no laws, at the time, that could be used to force me to give up my encryption keys. Had there been evidence on my harddrive that I had committed a crime (there wasn't, unless I'm committing crimes and I'm not aware of it) I would have been facing jail time, even though the AFP did not have any justification to search that computer because of anything I had done.

Re:Forget it (1)

maxume (22995) | more than 7 years ago | (#15349615)

In the US, if you could afford a decent lawyer, they would not be able to use evidence obtained in such a way at trial.

Electronic Frontier Foundation, Tor, & Privacy (1, Troll)

reporter (666905) | more than 7 years ago | (#15348052)

To protect your privacy on the Internet, you have two choices: general anonymizer like Tor [eff.org] or an anonymous proxy server [proxyblind.org] .

I prefer Tor because it is affiliated with the Electronic Frontier Foundation (EFF). A page on the EFF website states, "A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently . Law enforcement uses Tor for visiting or surveilling web sites without leaving government IP addresses in their web logs, and for security during sting operations."

The issue is trust. I trust the EFF.

On the other hand, some anonymous proxy servers are located in Mexico. Do I trust that Mexican society is a staunch advocate of privacy rights and other civil rights?

Re:Electronic Frontier Foundation, Tor, & Priv (2, Interesting)

Anonymous Coward | more than 7 years ago | (#15350460)

or join the underground network named AnoNet [brinkster.net] , stops snoops on both the inside and the outside. its a self contained internet on top of the internet running over multiple vpn's, it might even have holes to the outside via a tor or proxy servers, i use it all the time, not only from an anonymous point of view but also the networking experiments, great community, great spirit.

free the nerd inside you!

Re:Electronic Frontier Foundation, Tor, & Priv (1)

Deagol (323173) | more than 7 years ago | (#15351504)

Tor's pretty nice. Unfortunately, Slashdot blocks known Tor nodes. Or at least it did when I last tried to log in via the Tor network. It was very annoying.

Re:Forget it (1, Interesting)

Anonymous Coward | more than 7 years ago | (#15348858)

seriously, if "They" want your data, They will go through your trash, subpoena your pay records and phone records, and tap your phone line. "They" will know more about you than you can imagine, regardless of whether you use encrypted VoIP or not.

I don't know where you're from, but here in the US if "they" want to tap my phone or see my data and pay records "they" just do it. Subpoenas are for people who hate America.

Remember kids: If you're not doing anything wrong, then the fact that you're gathering huge amounts of information about everyone is all you have to hide. Or something like that.

Easy! (4, Funny)

slashflood (697891) | more than 7 years ago | (#15347625)

[x] Post Anonymously

Re:Easy! (1, Funny)

Anonymous Coward | more than 7 years ago | (#15347804)

I agree. This is the best way to protect your privacy online!

-Pete Koney

n00b! I'll show you how it's done! :) (0)

Anonymous Coward | more than 7 years ago | (#15348110)

Honestly, only giving out my personal details on a NEED to know basis IS how I protect my privacy.

There are plenty of websites, grocery store "loyalty" cards, etc. that have really wonky ideas about who I am or where I'm from. And I use only cash wherever possible--the grocery stores would catch me very quickly if I ever let them link me to a credit card or something.

Remember: they can't inadvertantly disclose information they don't have!

agreed (1, Interesting)

Anonymous Coward | more than 7 years ago | (#15348498)

Long live cash!

And fuck grocery store 'discount cards'. I've found it is best to get a new card with application, then discard application and continue to use card. If the application is necessary, the store's address and name of "General Manager" usually works for as long as you need the card.

GPG and Thunderbird (3, Interesting)

chicken_tonight (786398) | more than 7 years ago | (#15347627)

I was using GPG in Thunderbird, linked to my gmail account. This was just for signing though, so it was more to protect my identity than my privacy. I believe GPG does encryption too. It was seamless once it was setup, but I use gmail from too many places. It just wasn't worth it. Here's hoping Google adds support for this sort of thing to Gmail.

GPG hiccup (1)

jd (1658) | more than 7 years ago | (#15348413)

There has been a discussion on the Linux Kernel Mailing List with regards /dev/random (which I provoked by forwarding a link to a paper critical of it), which GnuPG, OpenSSL and other crypto programs use. Apparently, there are possible attacks which would allow an attacker to calculate earlier random numbers in the sequence, allowing them to guess generated private keys. This seems to be a theoretical attack only and seems to preclude remote exploits, as you'd need access to that device. However, it points to potential risks in the current system.


I'd suggest using LOTS of events to generate entropy (and destroy the Universe) -or- random number generating hardware.

I use GPG, but so what? None of my friends do. (1)

KWTm (808824) | more than 7 years ago | (#15348518)

I'm not sure what value there is in using GPG/OpenPGP when none of my friends do. I can think of a few things:

- promoting awareness of GPG (on those rare occasions when people ask me about the GPG signature block),

- using GPG for fun with fellow geeks I meet (but GPG is not mandatory --I mean, face it, I like you geeks and all, but no way am I going to exchange credit card numbers with you)

Right now I've got my wife set up to optionally have GPG available (via Enigmail on Thunderbird), but she's hardly using it, and I don't blame her. I don't want to force her to use it, but to make it drop-dead easy to use when the need arises. The fact that she's not using it means that the need isn't there, a situation that's not solved by making her use it.

Anyone here using GPG for a substantial reason? That is, GPG lets you communicate something that you otherwise wouldn't? This could be giving credit card info to family, or just feeling more at ease talking about confidential stuff because you know it won't be intercepted. Let's hear some cases. Anyone?

Re:I use GPG, but so what? None of my friends do. (1)

chicken_tonight (786398) | more than 7 years ago | (#15348546)

"I'm not sure what value there is in using GPG/OpenPGP when none of my friends do."

You're 100% correct which is why I wish the major webmail providers would start looking at it. I think if its done well it can be very useful without getting in the way.

Re:I use GPG, but so what? None of my friends do. (1)

EvanED (569694) | more than 7 years ago | (#15350807)

Really? I have my doubts that it could be unobtrusive. The actual encryption/signing of mail could be done invisibly or nearly, but what about key management? You need some sort of web of trust. Which means you need to tell the system who you trust to sign keys, and how much. I don't think there's any automated way around that, which means that you MUST put the burden on the user. And explaining what they are doing (setting up the "web of trust" or whatever you want to call it) is NOT going to be an easy task. I've read about it and other PKIs, and I still don't know all the details. (And the user WOULD have to know what they are doing to do it correctly; a poorly set up web of trust could be just as bad (if not worse, because you think you're safe) than no encryption at all.)

built-in security? (2, Interesting)

Anonymous Coward | more than 7 years ago | (#15347628)

This isn't a direct answer, but it's directly related. I've always wondered why network applications don't use encryption by default. For practically everything, from web servers to instant message apps, you have to go out of your way to set it up with any decent level of security.

Why aren't all connections passed over ssl or ssh? I know it's a bit of overhead, but it's not that significant for modern desktops.

Why isn't it the norm to see web servers running SSL? Why is SSL reserved for only financial transactions? For high-traffic web sites, this will slow the server down a little, but isn't that a valid tradeoff?

People seem concerned about the NSA wiretapping scandal, but this would be largely moot if the traffic they were snooping were encrypted. I can't be the only person who wishes encryption was the standard rather than the exception.

Re:built-in security? (2, Interesting)

Musteval (817324) | more than 7 years ago | (#15347727)

Because it would be just awful if the NSA knew that you were going to Slashdot ... ?

There is almost nothing online that necessitates encryption, except for things involving money, which already encrypt things. If you personally want privacy for something that most people don't care about privacy for, use Tor. Not that hard.

Re:built-in security? (2, Interesting)

redelm (54142) | more than 7 years ago | (#15347769)

One more thing to go wrong and increase support costs. Or if you like tinfoil, 'cuz the NSA want their job easier. There's no way they could snarf anything beyond src/dst/vol/time traffic analysis if most of the net were encrypted.

I suspect some netzis like China (Singapore?) would ban encrypted traffic if they could.

Re:built-in security? (1)

Nutria (679911) | more than 7 years ago | (#15348012)

I suspect some netzis like China (Singapore?) would ban encrypted traffic if they could.

And England and Australia.

The Clinton administration floated a bill that would mandate that the Feds keep in escrow "only accessible by subpoena or warrant" (yeah, right) all crypto keys.

Your slashdot id is low enough that you remember the Clipper chip, right? (And the Republican who lead the political charge against it?)



Re:built-in security? (1)

internewt (640704) | more than 7 years ago | (#15350532)

In Britian encryption is perfectly legal (I realise your .uk/.au comment was probably tongue-in-cheek), but it is a criminal offence to not hand over passwords or encryption keys to a court AFAIK.... The RIP act can be thanked for this.

Re:built-in security? (1)

redelm (54142) | more than 7 years ago | (#15350998)

I rememeber the Clipper, but not the guy who attacked it. IIRC, it died a market death.

The problem with subpoenae is they're handed out like handbills. Just start a lawsuit, and you've got the power. Of course, you could plea the Fifth. I'm not sure if that's been ruled upon wrt cryptokeys.

Re:built-in security? (1)

DrSkwid (118965) | more than 7 years ago | (#15348948)

  1. Certificates give Verisign more $
  2. Most websites are read only. So the only interesting bit for a spy is who connects, SSL doesn't hide that.
  3. You can't use SSL on multiple virtual hosts in Apache 1.x (not sure about 2.x) so even for self signing you have to choose which single hostname to use.
  4. What incentive for me as a host ?


I'm with you for some stuff, but that's usually where verifying your identity is important. My webmail/imap host is SSL - https://www.fastmail.fm/ [fastmail.fm] but I have no idea who they actually are or if I can trust them once they have my details.

Email gets sent plain to that server so I only do it to protect my password from sniffing.

Re:built-in security? (1)

arevos (659374) | more than 7 years ago | (#15349461)

There's a simple reason; it costs money.

Browsers come with a limited number of root certificates. If they encounter a SSL connection not signed by one of these certificates, a dialog box pops up warning the user and asking if they wish to continue. Clearly, you don't want the browser implying that you're untrustworthy to your users, so you have to go out and get a certificate signed by Verisign or some similar company.

Large websites clearly don't have a problem with this. What's several hundred dollars to a company of any significant size? But then CPU comes into play. SSL is an expensive operation compared to straight HTTP. With small numbers of visitors, this isn't a problem. With large numbers, the costs start to increase.

SSL just isn't worth the hassle or the cost for most websites. Screwing the NSA is all well and good, but when it affect's the bottom line, most people forget about it.

Re:built-in security? (1)

maxume (22995) | more than 7 years ago | (#15349626)

The overhead was a bigger deal 10 years ago. Throw in a little inertia, and here we are.

tor (2, Insightful)

compro01 (777531) | more than 7 years ago | (#15347630)

well, personally, if i'm doing something that i don't want traced, i'll fire up tor (http://tor.eff.org/ [eff.org] )tor

i currently don't really worry about my email security (if someone wants to read my aunt's cookie recipes, thats fine by me). if i happened to be doing something important, i'd likely use some form of encryption, likely PGP or maybe something stronger.

The flaw in only using GPG for "important" stuff: (3, Insightful)

KWTm (808824) | more than 7 years ago | (#15348550)


i currently don't really worry about my email security (if someone wants to read my aunt's cookie recipes, thats fine by me). if i happened to be doing something important, i'd likely use some form of encryption
 


This reminds me of a joke that takes place in a courtroom:

Prosecutor: Did you see this woman in New York?
Defendant: I refuse to answer that question!
Prosecutor: Did you see this woman in Chicago?
Defendant: I refuse to answer that question!
Prosecutor: Did you see this woman in Atlanta?
Defendant: What!? Atlanta?? I never saw her in Atlanta!

Moral of the story: if you don't pay attention to your email security except when you really need to, then when you do pay attention, someone else would also know to pay attention!

If someone wants to read my aunt's cookie recipes, that is not fine by me. Eat my {/dev/random}-XOR'd dust.

Re:The flaw in only using GPG for "important" stuf (1)

mindstormpt (728974) | more than 7 years ago | (#15349287)

That is all fine, but there must be support from both parties to use encryption. Somehow I don't think his aunt uses GPG, and even if he could go there and set it up, he (or you, or me) can't control what everyone he sends emails to uses.

Of course, you can just stop talking to your friends who don't install GPG and move on with your life.

this is easy... (1, Funny)

Anonymous Coward | more than 7 years ago | (#15347649)

i surf slashdot. they talk about all the bad things on the intarweb.

Disable Cookies (3, Informative)

Anonymous Coward | more than 7 years ago | (#15347650)

About all I use online is a web browser. For this, I of course use Mozilla Firefox, but disable cookies (except for sites that I know really need them, like online banking) and disable certain javascript features (opening windows, removing location bar, etc.).

I also use adblock to disable tracking sites. You know, hitbox.com and the like which use included URLs to track you by your IP address.

Re:Disable Cookies (1)

zappepcs (820751) | more than 7 years ago | (#15347941)

Adblock is very cool. I had to disable it to even see ads on /. I didn't know there were ads till people were talking about them in their posts, so I had to look.

Re:Disable Cookies (3, Informative)

DrSkwid (118965) | more than 7 years ago | (#15348977)

the NoScript extension is also a MUST HAVE

From /.'s homepage :

<script src="//images.slashdot.org/prototype.js?T_2_5_0_11 1a" type="text/javascript">

<script src="//images.slashdot.org/common.js?T_2_5_0_111a" type="text/javascript">

<script type="text/javascript" src="http://a.as-us.falkag.net/dat/dlv/aslmain.js" >

<script type="text/javascript" src="http://an.tacoda.net/an/11711/slf.js">

<script type="text/javascript" src="http://a.as-us.falkag.net/dat/njf/104/slashdo t/mainpage_p2_top_right_skyscraper.js">

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
<script type="text/javascript">
        _uacct = "UA-32013-5";
        urchinTracker();
</script>

Re:Disable Cookies (2, Interesting)

linvir (970218) | more than 7 years ago | (#15349451)

For those of us who don't use Firefox, it's easier and way more satisfying to blacklist those domains completely. Tacoda.net could be in the business of giving away free signed copies of Windows 98 to 3rd world puppies for all I know, but as far as I'm concerned they've dirtied their name with the crappy type of advertising, and I don't want to see anything from their servers. It'll be an annoying day when google catches on and brings google-analytics.com under google.co.uk, though.

Re:Disable Cookies (1)

stripe42 (845170) | more than 7 years ago | (#15351319)

Agreed on the satisfaction level. I use a local DNS server to block domains and all their wildcard subdomains of some of those bandwidth wasting "tracking" sites. Then the whole home network is "protected."

google.com is blocked by default by my NoScript in case they catch on, as you say. I never thought I'd like NoScript, but I've been pleasently surprised at it's ease of use and level of control. If there's a NoScript-type extension for your browser, you might find it useful too.

Happy surfing.

Simple (3, Funny)

halcyon1234 (834388) | more than 7 years ago | (#15347664)

It's simple. Don't ask stupid questions on a forum populated by a good chunk of people who consider BOHF to be non-fiction (and a training manual, to boot).

Re:Simple (0)

Anonymous Coward | more than 7 years ago | (#15347728)

Hmm, I prefer to think of the BOFH as a narrative of best practices.

Ahh.... (0)

Anonymous Coward | more than 7 years ago | (#15348225)

Good, I see that dummy mode is already engaged (permanently, no doubt) ...

Now, what was your username again?

*clickity* *clickity*

My easy solution (1)

gbobeck (926553) | more than 7 years ago | (#15347742)

I have the best method of protecting my privacy online... I use a computer belonging to someone else. The internet connection used by that computer is actually being mooched off of someone else (read: gotta love those unsecured wifi access points). I never use online commerce sites, nor do I maintain an email account.

Also, when anyone asks for my name, I tell them that my name is "Bob".

(btw... my post is supposed to be a joke)

Re:My easy solution (0)

Anonymous Coward | more than 7 years ago | (#15347825)

HAHAHAHAHA...

reading this and going check, check, already doing that.... :)

My post is also a joke :)

Who wants Tinfoil ? (1)

redelm (54142) | more than 7 years ago | (#15347753)

Seriously, who are your opponents? You cannot do any security planning without threat scenarios. If the NSA wants you, they pwn j00 d00d! But fortunately, they're seldom interested , and even more reluctant to disgorge their capabilities by revealing info.

So you have to decide what is cost effective. For me, for most things, no security at all the the perferred option. I _want_ people to read my postings and email. I'm far more concerned with my msgs not being received/read than unauthorized people reading them.

Re:Who wants Tinfoil ? (1)

slashflood (697891) | more than 7 years ago | (#15347859)

I _want_ people to read my postings and email.

Post your email account information. Server, username, password.

The ULTIMATE Solution (3, Insightful)

ImaNihilist (889325) | more than 7 years ago | (#15347834)

Lie. Lie about everything. Writing an email to your friend? Lie about it. Lie about everything that happened to you. Lie about who you are. IT DOESN'T MATTER. Signing up for some new service? Lie. Lie about your name, age, race, sex, address, credit card, whatever. Actually need to recieve the package? Send it to your neighbor and pick it up at the FedEx office with a fake ID that goes with your fake personality. Sometimes if you lie enough to a girl, you even get to sleep with her. Then, if you get herpes you can just lie to everyone else and say you don't have it! IT'S THE SAME THING IF YOU USE WINDOWS AND GET A VIRUS!! HOORAH! The lies will set you free.

Re:The ULTIMATE Solution (0)

Anonymous Coward | more than 7 years ago | (#15348666)

This was moderated insightful? Pfft!

I don't (4, Insightful)

carlmenezes (204187) | more than 7 years ago | (#15347870)

I just simply do not enter valid information. If they wanted valid information, there are enough ways of getting it. The more information a site asks for, the more I make sure that the responses I give are false. If a site only wants say, my date of birth, I might give my real date. If it wants my postal address, telephone number, yada yada without just cause...I will give them wrong info. Its my way of discouraging the use of such techniques. Maybe if enough people do it, then the next time they upgrade their site they will ask only for information that they absolutely need to have instead of every little detail.

Re:I don't (2)

plover (150551) | more than 7 years ago | (#15348589)

Maybe if enough people do it, then the next time they upgrade their site they will ask only for information that they absolutely need to have instead of every little detail.

Heh-heh. You've never worked for a large company, have you?

Employee: "Hey, boss, this data's no good. Most people are just typing a-s-d-f for their names and addresses and registering fake info!"

Manager: "Yeah, but it's really important that we find out what they think of our site. Let's get them to take a customer survey after registering."

Employee: "???"

The only was is to browse the web anonymously... (4, Funny)

bergeron76 (176351) | more than 7 years ago | (#15347949)

The only way would be to browse the internet from a completely anonymous place like a public library.

Here it is take it! (3, Insightful)

B5_geek (638928) | more than 7 years ago | (#15347962)

John Smith
1234 Anystreet
Anytown, CA
90210
(123)456-7890

DOB: 1/1/1900
email: aolsux@aol.com
Mothers maiden name: mommy

Easy to remember on any site I visit.
the moral of the story, NEVER give out true information to ANY online site.
You make exceptions on an as-needed basis.
(eg. bank, 1 or 2 trustworthy sites to shop from.)

Re:Here it is take it! (1)

Dadoo (899435) | more than 7 years ago | (#15348092)

Actually, now that we have WebSecret and Visa and American Express gift cards, it's easy to shop anonymously.

Re:Here it is take it! (1)

Xehn (669415) | more than 7 years ago | (#15350031)

I've never used websecret before, but I've been looking for a nice throw-off CC# to buy things from Paypal only merchants or online shops that seem a little on the 'sketchy' side. Are there any similar services out there open to the public? Most of the disposible credit card offers I've seen are only open to current customers of Credit Card Company X.

Re:Here it is take it! (1)

qwijibo (101731) | more than 7 years ago | (#15350419)

These throw away CC #'s make it possible to do anonymous transactions with merchants. The credit card companies still want to know who you are so they can get paid. This seems like a reasonable compromise if you want it to be a credit account. Prepaid throw away debit cards on the other hand would likely be too easily abused for money laundering, making that a product that banks don't want to offer.

Re:Here it is take it! (2, Interesting)

RedOregon (161027) | more than 7 years ago | (#15350443)

It's not a "throw-off" credit card, but my MBNA card has a nice downloadable app called ShopSafe that I *love* and use religiously.

It lets you generate a "one-time use" number, with a limit on the amount and expiration date. Once that number is used, it can't be used again. I just used it to buy a radio for my Harley; the price was about $700 plus shipping, so I made the amount $800 and expiration date two months out.

Once the company uses that number, it's locked. I can go into ShopSafe and reclaim the unused amount afterwards. Even if that company's server (or any other broker company they might use) gets cracked, my *real* credit card number is still safe. I've been using ShopSafe for at least two or three years, for *every* purchase I make online, and only had the throwaway number rejected *once*.

I went to a competitor's site and ordered there.

No affiliation with MBNA, I don't gain anything from this, bla bla bla....

Re:Here it is take it! (1)

bigmouth_strikes (224629) | more than 7 years ago | (#15349018)

Yesterday I tried to sign up for something and entered 1/1/1900 as my d.o.b., selecting the values from dropdown boxes. For some reason, I received the error "incorrect date" until I upped the year to 1920. Strange.

A better choice of ZIP code (1)

pestie (141370) | more than 7 years ago | (#15350618)

90210? I have a much better ZIP code I use when lying to the web: 20505. Go ahead, look it up [usps.com] , it's interesting. Heh...

Around the world in 80 leaks. (0)

Anonymous Coward | more than 7 years ago | (#15347991)

"In the light of the recent discussions about on-line privacy: What can one do to protect his/her on-line privacy, while still having a enjoyable web experience?"

The Internet is a convenience. Convenience is road towards the loss of privacy. Grocery cards are convenient because you get a discount, but you lose your privacy. Same with credit cards. The internet involves loss of privacy from the get go. e.g. ISP and continues with a digital path straight back to your computer.* Online shopping is convenient and a loss of privacy. And lets not mention all the "traps" out there just waiting to snare the privacy of the unwary. The best way to maintain privacy is to share as little of yourself with the outside world.

*You can obscure this path, but it is still present, and theoretically it can be traced.

Protection (1)

sjipca (913723) | more than 7 years ago | (#15348034)

I think the biggest thing is keep your mouth shut about internet stuff to others because you never know who is listening. Only give that kind of information out to those who know it. Also i think that you should only use fake stuff if you have had experience in things going missing like money etc. I also only put my name when signing up for e-mail accounts etc. because that information they do need. Also I believe another way of dealing with good security is make usernames that are unique and not simple like jdoe, or johndoe or doej234 and crap like that use something people wouldn't use to try and figure out who you are. When I pick any type of usernames etc. I try and make it be something that relates to me but doesn't give personal information or flag any.

Re:Protection (1)

doej234 (975371) | more than 7 years ago | (#15348492)

Funny, nobody has doej234 up until now. I don't think it gives any clue to my real name either.

Whois records (3, Interesting)

Centurix (249778) | more than 7 years ago | (#15348056)

I once received an abusive e-mail from some guy who was receiving loads of spam from a source using a rotation of from addresses. My address happened to appear on the mail he received and it he snapped, firing back at me. His mail address was from his family business, looked up the whois information which was correctly filled in. Phone number, address etc, simple google of the domain name showed me forums in which members of the family had posted in, different topics, cars, real-estate. From there I could build quite a profile of this person, his family, where they lived, google earth supplied satellite images of their house. I knew what kind of cars they owned, how much their house cost and when they bought it (purchasing records of individual houses was available online as part of the council areas statistics).

I sent him a mail explaining that it wasn't me sending the spam, and he wrote back apologising, then I explained to him all the information that I'd found including the google earth picture and he couldn't believe what I'd come up with by just roaming around the net.

My 8 years of internet usage.. (1)

marcushnk (90744) | more than 7 years ago | (#15348109)

I almost never put my real name on the net, I use my "nick" extensively (it _really) cuts down on phishing attacks and makes them much easier to spot), If I have to put my name down for anything other than CC purchases I put my initials in only.

Out of site out of mind and common sense is the only way to survive.

Using a variety of tools... (2, Informative)

ESRB (974125) | more than 7 years ago | (#15348169)

Firstly, tor [eff.org] with Privoxy and a Firefox plugin that makes it easy to switch between it and a direct connection. Others may use FreeNet [sourceforge.net] , but I personally don't bother.

For IRC, connect using SSL (If you trust the network admins. Even if you don't, still better than nothing) and perhaps through Tor as well. For email, anything PGP-ish.

Also, for protecting my files, I use TrueCrypt [truecrypt.org] .

Cookies (1)

worf_mo (193770) | more than 7 years ago | (#15348291)

Do you remove your browser's cookies on a regular schedule? If you don't, your favourite search engine has a nice track record of all of your searches. If you happen to enjoy your search engine's webmail offering, too, they may very well be able to associate your search habits to your real name, know who your contacts are, and by parsing the mail's contents, in order to place matching ads, they know what you talk about.

While Google promises to do no evil - which can be true or not, I'm not judging them - they are collecting an enormous amount of data about their users. Currently a prospective employer may google up some information about you. But what happens when Google, in some more or less distant future, is no longer guided by their noble motto and instead starts to sell their records as an alternative form of revenue? Your email conversations, your "talk" conversations, and for a small additional fee your full search records?

Paranoid? I don't know. Oh, and Google is just one example, maybe the the most famous. I'm not saying they're out to harm you either, it's just that they have the technical possibility.

Easy (1, Funny)

Anonymous Coward | more than 7 years ago | (#15348329)

Use your neighbors open wireless connection.

This is what I do (0)

Anonymous Coward | more than 7 years ago | (#15348450)

I bounce everything from my botnet of zombie PCs, using a stolen internet connection. I thought everyone did that.

I don't! (0)

Anonymous Coward | more than 7 years ago | (#15348551)

Because we good people have nothing to hide!

Another approach that works 100% of the time (2, Insightful)

AudioEfex (637163) | more than 7 years ago | (#15348581)

...Just don't put shit on the Internet you want to keep secret. You never enter it in, it never gets out. AE

Re:Another approach that works 100% of the time (1)

oneiros27 (46144) | more than 7 years ago | (#15351225)

And for those times when it does get out, and it's not in a place that you have control of, or shows up in a cache somewhere, I'm thinking about adding a few hundred pages of partially random information, so the real information blends in the background.

(I ran for public office, so unfortunately, my address is now out there... for those who know where to look ... which hopefully isn't the person who was stalking me in college)

The best... (1)

Enderandrew (866215) | more than 7 years ago | (#15348609)

The best answer is to talk with your kids, and encourage them to make good decisions. The internet is full of plenty of content easily-accessed that you probably don't want your kids to see. Either the computer is kept in a public place, or you have to educate your kids and trust them. Software programs are too easily bypassed.

Cross platform tools (2, Informative)

Gallvs (784291) | more than 7 years ago | (#15348943)

Some cross platform tools I use both under Linux and Windows:

  • Firefox with PermitCookies extension (to easily enable cookies on trusted websites) and BugMeNot extension (to avoid compulsory registration at popular websites)
  • When really needed (since it's pretty slow) Tor + Privoxy to surf anonymously
  • Thunderbird + Enigmail for email
  • Gaim + gaim-encryption plugin for IM
  • Truecrypt for disk encryption (latest version runs great under Linux too, although there is no GUI yet)
  • Throw-away email accounts like mailinator.com

But most importantly: /dev/brain

If you care about your privacy, don't give away your data to everyone!

Sneakemail for email addresses (0)

Anonymous Coward | more than 7 years ago | (#15349041)

I love using Sneakemail [sneakemail.com] for hiding my real email address much of the time. It's great for reducing spam, too.

I use loop-AES [sourceforge.net] to encrypt my hard disk.

If you have to ask.. (0)

Anonymous Coward | more than 7 years ago | (#15349095)

..they've already got you.

But since you asked:

Tinfoil!

Important step (1)

linvir (970218) | more than 7 years ago | (#15349428)

Be careful of the steady leak of information that most people go through. After registering on a few forums and stuff like that, it's amazing how much information you can release in a short space of time. After that, your data is only a small search [google.co.uk] away. Even though I've only used this URL and alias for a short while, it already leads to a Frappr map of users of ##slackware on freenode, with my general location and a photo... someone who really knew what they were doing could whois my site [domaintools.com] and then they'd have my full name, mobile phone number and my soon to be ex-address.

Sometimes I worry that so much of my data is so freely available, but then I always remember that people routinely provide even more when advertising their business or service. But even so, what do you guys think? Should I take some of that data off the net?

P works for CIA? FBI? NSA? SecSer? Homeland? (1)

Maljin Jolt (746064) | more than 7 years ago | (#15349429)

Asking Slashdot: Now THAT's a cheap way to perform methodical analysis for a government agency. No, I will not share any wisdom about how I do protect my online privacy.

Email filtering. (1)

Jaruzel (804522) | more than 7 years ago | (#15349522)

This'll be suck eggs for many, but new to others.

I, like many of you have the ability to have anything@mydomain email addresses that i can use/create on the fly. So what I do is, whenever I register on a website or give my email address out to a third party, I enter/provide a unique address. my email address at slashdot is 'slashdot@mydomain', at amazon it's amazon@mydomain and for any business contact it's my companyname@mydomain - anyway you get the idea.

The instant I get spam sent to an address, I immediately kill the address, and (if I can) shout at the person who leaked the address to spamlists.

It's my small way of (trying) to keep my inbox spam free, and to protect my privacy by not having a global email address that any tom dick or harriet can hassle me on.

-Jar

PS. As a side note. Does ANYONE know how to get Outlook to auto-file emails based on recipient smtp address, including auto creating the folders?

Re:Email filtering. (1)

ThinkDifferently (853608) | more than 7 years ago | (#15351154)

Yeah, that worked for me too...until one day I got spam on the entire domain. Someone decided to run their username for loop on mydomain and they actually caught 3 or 4 of my aliases. I had to seriously cut back on the obvious (and stupid) aliases that I was using, such as postmaster, help, sales, sysadmin, etc. Now, I only use purpose-derived aliases, such as microsoft, amazon, etc.

Re:Email filtering. (1)

gebbeth (720597) | more than 7 years ago | (#15351263)

Ever try spamgourmet [spamgourmet.com] ? It allows you to create disposable email addresses. I use it mostly for sites that I know will not respect my privacy (online forums etc). I use your method for banks and reputable businesses. Basically I can create a disposable address on the fly. For instance I give you the addres jaruzel.10.(myusername)@spamgourmet.com. You can send mail to that address 10 times and it will get forwarded to my real address. The 11th mail will get bounced as it no longer exists. You can set the number up to 20. You can also log into their web site and set an exclusive sender who does not decrement the number.

Technologies to use... (5, Informative)

jurgen (14843) | more than 7 years ago | (#15349528)

First off, use Linux. If your OS isn't reasonably secure, all bets are off, and Windows is just too difficult to keep secure for a casual user. With a good linux distro you're much better off so long as you keep it updated.

Secondly use encrypted filesystems for data you want to keep private. I can recomend encfs for Linux http://arg0.net/wiki/encfs [arg0.net] ... it's easy to use and can be installed with yum in Fedora. It uses file-level encryption which makes possible incremental backups which retain the encryption.

If you want protection from being forced by a court to give up your key, take a look at http://www.truecrypt.org/ [truecrypt.org] . This is a filesystem that lets you keep multiple levels of data encrypted with different keys, and if you give up one key noone can know that there's more data hidden with another key.

For web browsing use Tor, http://tor.eff.or/ [tor.eff.or] . Tor is still under development and may not be secure against a focused attack on you specifically, but at least your ISP won't be able to easily spy on you and your IPSs logs (which as we know are being mass-analyzed by the NSA) won't show anything about your activity. Also tor is /very/ easy to install and use, especially with Firefox and the FF tor extension. Also you can use it in combination with privoxy http://www.privoxy.org/ [privoxy.org] for some protection against malicious cookies and other tricks used by the sites you access.

Plus, here's a good trick for ensuring that your web browser cache, history, etc., can't be easily searched by someone who gets access to your computer... put them on an encrypted filesystem, as follows. Make a script that mounts an encrypted filesystem (asking for the passphrase), sets your HOME env var to the newly mounted fs, then starts Firefox (which now places its cache there because that's HOME), and unmounts the encrypted fs after Firefox exits. You should do this even if your entire home dir is also on an encrypted fs, because your normal home dir is likely to stay mounted for longer periods of time, so this way you separate the risk levels. And it's easy. An additional little-known trick for this: set the LOGNAME env var to something other than your username to let you run a second copy of Firefox on the same X display (so you can have an "insecure" and a "secure" one running at the same time).

Of course use GnuPG for secure email. The Thunderbird Enigmail extension makes it painless.

You should also give money to the EFF and run a Tor server if you can, to help maintain our ability to have some privacy.

Finally, if you are a hardcore libertarian and/or think we should have a truly free Internet, experiment with FreeNet http://freenetproject.org/ [freenetproject.org] and consider donating to its development. This project ran into some dead ends with scalability but the developers have taken a fresh approach and the new 0.7 dev version looks like it might be the start of something that could get big. They have a full-time programmer working on it paid by donations (and he's so dedicated to the ideal that his salary is the bare minimum he needs to live), so consider donating. (Btw., I'm not a libertarian in the political sense, but I think we need a strong counter-balance to the marching forces of fascism, so I donate to the Freenet project.)

:j

Protecting my Privacy (0)

Anonymous Coward | more than 7 years ago | (#15349743)

Virtual-hosted e-mail addresses are a great way to find out who is flogging your e-mail address, since you never need give the same address to two people. For my own pages, I wrote a bit of code to generate a uniquely-identifiable e-mail address based on the timestamp and the remote user's IP address.

I never give out my real details to anyone who does not need them. If they want a postal code, I just think of a city somewhere in the world and give them the postcode of the catholic church there {there's a catholic church in every city with a catholic population, which is almost every city, and even the Vatican don't know where they all are}. I give a made-up name, gender, country, occupation, income and all the other details they want -- although if a field is accepted blank, I'll leave it blank.

Also try looking here [google.co.uk] for some fake details you can use when filling in forms.

Supermarket loyalty cards can save you money, but provide a toehold into your private life if you are not scrupulously careful how you use them. I have several in different names, and split my shopping amongst them so as to make it look as though these people have very strange purchasing habits {such as the clergyman who buys nothing but toilet rolls, curry sauce and blank DVD+RW media}.

Lastly, when ordering anything on the Internet, I never use a credit or debit card. I just send a cheque or postal order by snail mail.

GnuPG and TOR (1)

Walter Carver (973233) | more than 7 years ago | (#15349910)

GnuPG/GPG (http://www.gnupg.org/) for encrypting e-mails and TOR (http://tor.eff.org/) for anonymous Internet communication.

Many people say "I will encrypt if I am sending/recieing something important/strange". It sounds reasonable, but this his way they (the ones who, legaly or illegaly, oversee) know when you send/recieve something (that you think is) "special" and to who. It's worse than not encrypting at all. They know that you have things to hide other than casual things (aunt's cookie recipe).

The point is that even the aunt's cookie recipe, or the photograph of me in my backyard is something I want to choose who will see.

So if we want privacy, we must use encryption in every single message we send/recieve. The problem is what happens when you need to communicate with someone who doesn't know to use GPG or is not willing to learn. Well, in that case you must choose, either privacy or communication.

Why should VoIP need a server, anyway?!? (1)

ivi (126837) | more than 7 years ago | (#15350271)

FTP doesn't need any more than my client & the source's server... ie, no intermediary...

So, why should VoIP be any different... ie, after a directory lookup leads to a connection
between caller and callee?

(We're talking about the simple case of a 2-party conversation...)

Maybe Im getting old... (1)

SoulRider (148285) | more than 7 years ago | (#15350957)

and my eyes arent what they used to be, but when I first saw the headline I saw "How to protect your piracy". I thought "Finally a useful article on Slashdot", but lo.

FF extensions and tor (1)

internewt (640704) | more than 7 years ago | (#15351632)

I use some select FF extensions, and will soon be setting up a tor node, along with common sense.

The FF extensions I use are:

  • NoScript (http://www.noscript.net/ [noscript.net] ). I allow very few sites to run scripts, and the vast majority of sites work fine without JS. Even if JS is needed, it is easily enabled for good with noscript, or just for that browser session (and I use this feature more). Like flash and animated gifs, JS has been hijacked by marketters as a method to peddle their wares and they have spoilt it for everyone else. A fantastic side effect of running without JS is many sites use JS almost as a crude DRM.... There's some sites about that make you click an "I agree" button to download stuff, and often the EULA is in an HTML form textbox. The more stupid web devs protect the text of the EULA with JS to stop it being changed, even though text in boxes can be "readonly" just with HTML from 10 years ago.... then you agree to your new contract :)
  • RefControl (http://www.stardrifter.org/refcontrol/ [stardrifter.org] ). A referer blocker. I block all referers as it's simply a way to provide less info to a website. A website doesn't need to know where I have come from, and what will they do with that knowledge if they have it? Probably nothing that can harm me, but it could be useful for targetted adverts. Very few sites need referers to work, and they are mostly pr0n and warez/crack sites that use referers to stop leaching. That reminds me, must whitelist fosi again :)
  • Adblock. (http://adblock.mozdev.org/ [mozdev.org] ). Everyone will be familiar with this. I use filterset.g too, and also add agressive filters for sites that are blatently tracking/trending domains. For example, one filter I have is http*.google-analytics.com/* . I have seen one tracking domain serving web bugs (those 1x1 images) by https, so my filters these days allow for that too...
  • Extended Cookie Manager. (http://xcm.defector.de/ [defector.de] ). I basically accept all cookies on a session basis, and then whitelist the sites that need permament cookies, or at least the sites I use that I trust not to track me (more than is necessary for the operation of the website), or that I don't want to have to log into every time.

    If anyone can answer this I'd be chuffed though: Can FF be made to automatically try to use HTTPS for all surfing? For example, you type in a URL and it'll try the HTTPS site, you click on a link on a website and the browser will go to the https if it exists?.

    As I said above I'm going to be setting up a tor node too on a spare machine, and will use this for searches and any communication with governmental sites, and sites where I may disclose personal info.

    I can, if I want to, renew my car tax online for example. The UK government has demonstrated it's obsession with data collection with the the ID cards etc., and sooner or later they will realise really how powerful datamining is. I don't feel they need to ever be given my name/address and IP. If they ever want to determine users from IPs (eg IndyMedia servers) they can get a fucking court order and get the ISP to hand over the info. Even that's horrific, but there's not much I can directly do about that, apart from a Tor node. An extension for FF to automatically use a proxy for certain domains would be cool.

    Of course common sense too protects your privacy. Always use fake details if registering for somewhere that doesn't need your details, and never use the same fake person at a bunch of sites, or even all the time. Make up names on the spot, or just munge keys. Some sites want valid info, or even check postal codes exist... We all know about 90210 for America, and the British postal code system can be abused too. I tend to use B1 1AA when a site wants a post code, or I'll go to their contact pages and find one there. Some sites are smart enough to not let you use their domain as your email address, but RL addresses often doesn't get the same check.

    Some sites want a close post code to provide you with local info (train times, for example). If you cannot fake a post code there, then use a post code a few letters different (at the end) from your real one, though the better thing to do is use a competing website who doesn't practice such invasive info gathering.

    EMail: I use website@mydomain.com for registering with sites when I need emails back, otherwise it's root@website or postmaster/webmaster etc.. If I use their address, then I allow them to spam/sell "my" address too.

    With time, the collection of info is only going to become more popular, especially when someone/some organsation comes up with a tool or method for making it possible for anyone to make money by using their customers info. By being "paranoid" about disclosing info now, hopefully I'm protecting myself in the future. I realise we have data protection laws in Europe and UK, but I think that in the future these will change, and I really do think they'll change the wrong way, most likely under the guise of terrorism or simply because of pressure from data-collection/mining/managing organisations.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...