The latest episode of “Last Week Tonight with John Oliver” is about online data brokers — watch it! #privacy

If you use Chrome, then you owe it to yourself to LEARN THE TRUTH. Spread the world.

contrachrome.com

This is a great resource for people who love Chrome 😃

Damn! Just when I was planning to buy their outdoor camera! Enrolled the two old Wyze cameras to Cam Plus Lite recently, but now - removed the SD cards and putting them up for sale for those who don’t care about their privacy. www.theverge.com/23003418/…

Tiktok is such a surveillance tool that users refuse to admit it – not even some PH government officials who continue to use it (and promote it).

Tiktok shares your data more than others

If you don’t care about who has access to your data, then maybe you need to listen to this. www.pbs.org/video/the…

This is really scary as it can start a new business for criminals and abusers. Now, do Tile and that Samsung thingamagig next and see how far you can go. :)

appleinsider.com/articles/…

Nexus 7 running LineageOS resurrected. F-Droid installed, too.

OK. Ditched Firefox (because of Meta collaboration and Google influence) and Vivaldi (Chromium-based, and asked me to login to install uBlock Origin from Chrome Web Store). Now running LibreWolf (Apple Silicon native app). Nice.

Mozilla saying that “advertising provides critical support for the web” is true, but advertising is good IF THERE IS NO TRACKING ACROSS THE INTERNET. Sorry, Mozilla - your IPA (partnering with Meta whilst accepting funding from Google?) will keep this data tracking alive. That is it for me. I do not trust you anymore.

I cannot wait for the DuckDuckGo desktop browser.

Why is Google mum about the issue that is BT trackers? Why won’t they pick up that AirTag detection code, add it to AOSP and push it to all? Anyway, there are far worse trackers readibly available in the market today (see Amazon).

AirTags are positioned at the middle of the pack – between Tile, which was close to useless in tracking and getting detected, and GPS tracker, which was better as a tracker, with close to impossible getting detected.

Read how Kashmir Hill tracked her partner, with his consent, of course.

An annual celebration marked by events that educate and inform young ones and young once on how to be safe on the internet. On the main website, Safer Internet Day, you will see that it is supported by the likes of Facebook, Google, Tiktok and Twitter, four of the largest online services where users are not safe.

Events promoting Safer Internet Day (SID) often concentrate on online bullying, specially on these platforms. It is like a tobacco company sponsoring a healthy smoking habit to children! It is rare to have an event where organizers tell participants to stop using these companies' products and services for fear of losing sponsorship money.

For fear of losing sponsorship money, SID event organizers will not tell users to protect their privacy and stop using products from Facebook, Google, Tiktok and Twitter. Event organizers will also not tell users in order to protect their mental health, they should avoid these same companies' products.

So how can you be safe on the internet when the narrative is controlled by companies that make the internet unsafe, right?

How to be safe on the internet?

For starters, stop using Facebook, Google, Tiktok, Twitter, Viber, Instagram, and use products and services that are privacy-centric. Here are some examples:

1. Use Signal, Threema or Matrix/Element instead of using the messaging services from Facebook, Google, Telegram or Viber.

2. Use DuckDuckGo or Ecosia as your search engine. On DuckDuckGo, you can access Google Search without providing Google with your data.

3. Use Fastmail or ProtonMail or Tutanota as your e-mail provider instead of Gmail.

4. Use email aliases to hide and protect your main email address. Simplelogin.io, DuckDuckGo, Firefox, iCloud+, and Fastmail provide this service.

5. Use a password manager (paired with email aliases) to ensure that passwords and email addresses are unique for each online service or app you sign-up on.

6. Add your main email addresses on haveibeenpwned.com to monitor if they’re compromised. Some password managers, like 1Password, have this monitoring feature built-in.

7. Use yewtu.be to view YouTube videos or use youtube-dl or yt-dlp.org to download YouTube videos and watch it on your device without any trackers or recommended videos.

8. Use Safari (if available) or DuckDuckGo (if available) or Firefox as your browsers (and change the default search engine to DuckDuckGo) instead of Chrome.

9. Use mailing lists (e.g., groups.io) or a public chat/messaging service (e.g., matrix.org) to manage and engage with your community.

10. Write on your own blog (e.g., micro.blog, wordpress, write.as), where you have control and ownership of your content.

11. Use Flickr.com or Pixelfed.org to host your public photos. Do not overshare. If you think your innocent looking photo doesn’t contain data that reveals where and when you have taken it, you are in for a surprise. Parents respect the privacy of your children - don’t post photos of their faces - you will never know how it will be used against them in the future.

12. Avoid feeding the trolls. The best way is to ignore. Same with bullies.

13. Be kind. Having a safer internet means treating each other kindly and respecting others the way you want to be respected.

I doubt that you will hear most of these from any of the Safer Internet Day events or they will lose their sponsorship deals!

Be safe out there.

I used to have a Spotify family account, but after learning about their shady surveillance behavior (yeah, paying for the service does not guarantee that companies won’t be evil), ditched it right away.

On Spotify and your listening behaviours

I block Google Analytics (even if I know Safari does the same thing) and Google Fonts. Websites often have fallback fonts anyway (or is it the browser?). If you are a website designer and/or developer, you should stop fetching fonts outside of your server - it slows rendering a bit, and now, it is found to violate GDPR.

There is an interesting “partnership” between Apple and Google brewing. If they are working on a privacy-centric solution to contact tracing in pandemic times, then I am all for it. Apple’s involvement gives me some sort of assurance that privacy will be preserved, compared to a Google only initiative. The draft specifications are already out for everyone to check out.

This “collaboration” is not different from Google’s support of Apple’s SMS-based OTP proposal, nor is it any different from both companies agreeing on open standards. The only way a standard can be widely deployed is to get every player on board - regardless of each player’s intention and business model – and pushing for this means getting the biggest players to sit down and agree.

Does recognizing your competitors mean legitimizing their business models? Does working with your competitors on a standard automatically legitimizes their business models?

Currently, Apple and Google will be implementing this contact tracing APIs. So, if LineageOS, Purism, GrapheneOS and all other privacy-centric mobile OS out there, join and implement the same APIs, does it mean that they legitimize Google’s surveillance capitalistic nature?

Is it the users' fault? Of course, not! However, if the users push back by not participating and contributing to these companies' revenue generator, then it will help change something, until governments do their job at regulating (as in enforcing the law to its fullest - as I have seen governments with privacy laws that are not being implemented!). www.fastcompany.com/90447583/…

The new Chrome has a setting that will check URLs in real-time, i.e., Google will know each and every URL that you visit. They claim to anonymize it, but don’t fall for it. Security != Privacy. They will offer topnotch security, but privacy is another matter (they need the data to earn revenue). I ditched Chrome a long time ago, you should, too. www.zdnet.com/article/c… notochrome.org

This is actually why I am overly concerned about the Philippine National ID initiative. Knowing how the government works - budget, personnel, procurement - there is a high chance of citizens' data will be breached/hacked/exploited externally, or worse, internally (think of one of the gov’t owned and controlled corporations).

If I am not mistaken, the model used by lawmakers is India’s Aadhaar, which does not have a great track record in securing their data as well.

Before embarking on something like a national ID registry, maybe a thorough IT security audit of critical infrastructure needs to be done first. Audit BIR, PhilHealth, LTO, Local Government Units, COMELEC (oops, already breached!), GSIS, SSS, as a start. Ensure that they are standards compliant in securing data at the very least.

Viber CEO, Djamel Agaoua, wrote an op-ed, “Do The Right Thing”, technology.mb.com.ph/2019/04/1… , with a proposed Privacy Pledge and calling on Facebook and the rest of the industry to join him.

While it is a start, the fact that he did not include “NO collection of personal data”, and “NO collection of METADATA, including, but not limited to location”, just goes to show that unnecessary data collection is still the norm for his company, and the encourages the rest of the industry to continue doing surveillance.

Accounts from Dubsmash, MyFitnessPal, ShareThis, Animoto, EyeEm, and 500px, among others, are available on the dark web. Tsk tsk. Some accounts' passwords were hashed by MD5 only. NOOOOO. Change your passwords immediately. https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/

Publishers should stop using Facebook. Facebook is taking advantage of them for Facebook’s profit. adage.com

Facebook to publishers: We are not here to save you