Linked by Thom Holwerda on Wed 6th Jul 2016 22:42 UTC
Google

In any case, I tend not to worry too much. And I tend to not worry too much about all the digital data I hand over every minute of every day. That's not to say I don't care. I certainly do. And there are some companies I trust more than others. Cable company? Screw 'em. I'd unplug if I could. But I don't think I'm quite ready to subject my wife and kids to that. Cell carrier? They're only after one thing. (Except for when I'm on Project Fi. Those guys rock.)

But Google? Google probably knows more about me than anyone. Probably more than I know myself. That's never been more apparent than when I scrolled through the first 100 pixels or so of the My Activity section on my Google account. Everything I've searched for. Apps I've used. Websites I opened. Destinations I've navigated to. All there, and pretty much in real time.

There really seem to be two groups of people: those that value the openness of Google regarding the data it collects, giving you insight and control over it, and those that value the secrecy of Apple, trying to keep everything on your device in a way that it can't be tracked to you.

The debate passes me by, because I treat my devices as if they are public devices; I don't put anything on there that I don't want other to see, read, or know about. A device is not my mind, so I don't treat it as such. I don't trust any company - Google, Apple, my carrier, or whatever - and I have enough understanding of technology to know that nothing connected to the internet is really private or safe.

The idea of "trusting" a company with my deepest private data is wholly alien to me.

Order by: Score:
Comment by ssokolow
by ssokolow on Wed 6th Jul 2016 23:33 UTC
ssokolow
Member since:
2010-01-21

The idea of "trusting" a company with my deepest private data is wholly alien to me.


Agreed.

I even go so far as to split my different Google services across different accounts (ie. one for XMPP-accessed GTalk, one for IMAP-accessed GMail while I prepare to self-host, etc.) just to make them work that little bit harder to piece together a picture of my public persona.

Given that I use the Self-Destructing Cookies extension, uMatrix's referrer forging and User Agent randomizing, and I haven't logged into YouTube since they started requiring Google+ to comment (youtube-dl for age-gated videos), it's actually kind of funny to watch them fall back to IP address matching and get recommendations in the house all mixed up.

(eg. If my brother starts seeing a lot of tech lectures or top 10 lists in his recommendations, he knows I must be doing a big spring cleaning again.)

Edited 2016-07-06 23:36 UTC

Reply Score: 4

RE: Comment by ssokolow
by Alfman on Thu 7th Jul 2016 00:26 UTC in reply to "Comment by ssokolow"
Alfman Member since:
2011-01-28

ssokolow,

I agree as well. It's one thing not to care about privacy, but placing google on a pedestal above other service providers who have less effective (if any) tracking seems naive. We shouldn't forget that google's bugs still work with HTTPS.


I even go so far as to split my different Google services across different accounts (ie. one for XMPP-accessed GTalk, one for IMAP-accessed GMail while I prepare to self-host, etc.) just to make them work that little bit harder to piece together a picture of my public persona.


I'll recommend exim as my preferred mail daemon. It has good support for DNS-RBL, which is very handy to block the majority of spam. I use it to handle many virtual domains.

I needed to install some custom scripts for SPF and SRS (necessary to handle email forwarding), it can be a bit tricky if you don't understand the ins and outs of it. But it's definitely worth it since even without any black list SPF catches a good amount of spoofed spam.

Adding throttling at various points really helps in case someone breaks into a client account (ie via wordpress or oscommerce vulnerability) and tries to send spam from their accounts.

Reply Score: 3

RE[2]: Comment by ssokolow
by ssokolow on Thu 7th Jul 2016 00:39 UTC in reply to "RE: Comment by ssokolow"
ssokolow Member since:
2010-01-21

Unfortunately, last I checked, exim didn't support the milter API and I want to write a custom extension (with some degree of cross-daemon portability to avoid locking myself in) that automates my currently semi-manual process of giving everyone a different e-mail alias and then treating them like revokable API keys. (in concert with SPF checking)

The milter will also make it feasible to give each alias its own sender whitelist with custom bounce messages for things like the aliases I gave to eBay and PayPal.

Because of that, I was planning to use Postfix.

As for the breaking into a wordpress account part, throttling is definitely a good idea, but an even better solution which I'm planning is to replace WordPress (the only system I'm currently running which is capable of sending mail to a non-hardcoded address) with a statically-templated blog hosted on GitHub Pages.

(The holdups there are my zero-tolerance policy for 404ing URLs within my own sites and my wariness around using a non-self-hosted comment system like Disqus.)

Edited 2016-07-07 00:39 UTC

Reply Score: 2

RE[3]: Comment by ssokolow
by Alfman on Thu 7th Jul 2016 01:35 UTC in reply to "RE[2]: Comment by ssokolow"
Alfman Member since:
2011-01-28

ssokolow,

I used postfix originally. I had one client that had a large subscriber list, the server incurred so much overhead I was forced to look at alternatives. It's a very "fork" heavy daemon (intentionally by design) and the server was crawling with literately 2000+ processes. Postfix allows this limit to be adjusted to stop trashing, but the issue was that SMTP traffic is chatty and blocks a lot, so reducing the processes meant the server was not effectively able to use all the bandwidth allotted to it. For most people with ordinary needs it should be fine though.


I searched but found nothing on "milter API", so I don't know what it is. If it's a command line API I'd be surprised if exim couldn't support it using it's script processing.



As for the breaking into a wordpress account part, throttling is definitely a good idea, but an even better solution which I'm planning is to replace WordPress (the only system I'm currently running which is capable of sending mail to a non-hardcoded address) with a statically-templated blog hosted on GitHub Pages.


Always be mindful of the risks of PHP privilege escalation, there are a lot of creative ways to install a PHP-shell and I have to admit I've learned new things from some attacks. If you scan the server logs, the buggers are persistent! Since attacks are generally from opportunistic automated bots, using non-standard urls is actually surprisingly effective.

You may have an advantage in that you don't have to support clients running arbitrary code, even if it's in a VM ;)

Reply Score: 2

RE[4]: Comment by ssokolow
by ssokolow on Thu 7th Jul 2016 08:24 UTC in reply to "RE[3]: Comment by ssokolow"
ssokolow Member since:
2010-01-21

I searched but found nothing on "milter API", so I don't know what it is. If it's a command line API I'd be surprised if exim couldn't support it using it's script processing.


This is the API I'm talking about:

https://en.wikipedia.org/wiki/Milter
https://pythonhosted.org/pymilter/milter_api/index.html

The problem is that the only way I've found to support milters in exim is a hack which can't give me the message rewriting I need:

https://utcc.utoronto.ca/~cks/space/blog/sysadmin/EximMilterHookup

(I need to be able to rewrite From and To addresses on both inbound and outbound messages so the mail client need not be aware of the the complex system of aliases and a new alias can be automatically generated the first time I send a message to someone)


Always be mindful of the risks of PHP privilege escalation, there are a lot of creative ways to install a PHP-shell and I have to admit I've learned new things from some attacks. If you scan the server logs, the buggers are persistent! Since attacks are generally from opportunistic automated bots, using non-standard urls is actually surprisingly effective.


*nod* My blog is hosted on NearlyFreeSpeech.NET and they go out of their way to help users keep their WordPress installs secure by providing a guide to securing it as well as a system to watch for brute-force attacks, warn the user, and chmod the login and/or XML-RPC endpoints inaccessible.

You may have an advantage in that you don't have to support clients running arbitrary code, even if it's in a VM ;)


Definitely. WordPress has been quite ill-fitted for quite a while (too much bother to extend for structured data and I hate babysitting my update notifications plugin) and it's just been a matter of finding the time to migrate away with 0% URL breakage.

Reply Score: 2

RE[5]: Comment by ssokolow
by Alfman on Thu 7th Jul 2016 14:13 UTC in reply to "RE[4]: Comment by ssokolow"
Alfman Member since:
2011-01-28

ssokolow,

This is the API I'm talking about...


While I don't understand your specific requirements, it seems similar to SRS where both the sender and receiver must be mapped on the fly. But if you specifically want sendmail's milter API, then yea exim's API isn't going to work without wrapping like that guy did. Another thing you could do is to put the mails into a maildrop for another process to run the milter-api, but what's the point, it'd be easier to use an MTA that has has the milter-api built in.

I obviously never had this problem since I'd never even heard of this milter-api ;)

Reply Score: 2

RE[6]: Comment by ssokolow
by ssokolow on Thu 7th Jul 2016 23:44 UTC in reply to "RE[5]: Comment by ssokolow"
ssokolow Member since:
2010-01-21

While I don't understand your specific requirements, it seems similar to SRS where both the sender and receiver must be mapped on the fly.


I can see why I never heard of SRS. The documentation for exim's implementation gives me the impression that half of my stuff would have to be written in exim config syntax rather than "Here's a parsed message. Using any language with milter bindings, rewrite whatever you want and give it back to me." like the milter API is designed for.

(And it doesn't help that the docs are highly technical and I don't have enough experience with SPF to determine how to force every message to get processed and remapped... nor whether SRS would allow custom bounce messages containing "If you're a human, click this link to appeal" links.)

Reply Score: 2

RE[7]: Comment by ssokolow
by Alfman on Fri 8th Jul 2016 01:51 UTC in reply to "RE[6]: Comment by ssokolow"
Alfman Member since:
2011-01-28

ssokolow,

I can see why I never heard of SRS. The documentation for exim's implementation gives me the impression that half of my stuff would have to be written in exim config syntax rather than "Here's a parsed message. Using any language with milter bindings, rewrite whatever you want and give it back to me." like the milter API is designed for.

(And it doesn't help that the docs are highly technical and I don't have enough experience with SPF to determine how to force every message to get processed and remapped... nor whether SRS would allow custom bounce messages containing "If you're a human, click this link to appeal" links.)


SRS = Sender Rewriting Scheme and is used to rewrite the addresses so that forwarded emails can be delivered without violating SPF. It isn't specific to exim.

https://www.unlocktheinbox.com/resources/srs/

If you naively forward an email, the standard practice years ago was to leave the return headers as is. However SPF explicitly broke this behavior. An email from joe@yahoo.com to sales@website.com could be forwarded to sam@gmail.com, but if yahoo has SPF set to reject emails, then the legitimate forwarded email is flagged as spam.

The SRS standard replaces joe@yahoo.com with something like SRS0=R7E4KR=yahoo.com=joe@website.com. And since we have control over the spf records for website.com, it doesn't get flagged as spam. In the event that a bounce occurs, the MTA will substitute the address in the opposite direction back to joe@yahoo.com.

There's also a cryptographic hash to prevent this from being exploited as a relay service.


Then there's DKIM, domain keys, DMARK. In the real world you'll have to deal with some SMTP providers that are misconfigured. I had a client who was having trouble getting email from a certain contractor, and instead of them fixing their end I was pressured to add them to a whitelist on my server. That's the way these things go.

Put it all together and your head explodes! Still, if you are patient and learn all this stuff you'll be well rewarded, right? right?! Sorry, I'm frustrated because a regular client of 8 years just left for an indian outsourcing shop. I'm kind of bummed with the lack of appreciation for my skills in my career.

Edited 2016-07-08 01:53 UTC

Reply Score: 2

RE: Comment by ssokolow
by pysiak on Thu 7th Jul 2016 09:16 UTC in reply to "Comment by ssokolow"
pysiak Member since:
2008-01-01

while I prepare to self-host

I must recommend Mail-in-a-Box: https://mailinabox.email/

Background info on me recommending it:
I've been a mailadmin a significant part of early 2000s, And I've always been selfhosting since 2000 until it came too time-consuming and I went full Google.
After Summer-of-Snowden and PRISM we all got a wake-up call and what we thought could be happening actually was happening on a large and highly utilitarian way.

Now, I tried coming back but due to time constraints (I may have less time than most of the readers), I wasn't able to until I found about Mail-in-a-box.

I gave it a whirl and never had to touch it after initial setup.

If you've got more time you could go as far as doing this: http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/

And remember: scan your IMAP and SMTP TLS and make it A+ just as you would for your HTTPS.

Reply Score: 3

Comment by albertp
by albertp on Thu 7th Jul 2016 00:05 UTC
albertp
Member since:
2016-06-13

and I have enough understanding of technology to know that nothing connected to the internet is really private or safe.


The health care system in the netherlands is connected via Internet. So are police records, welfare systems, educational systems... you name it. These are all supposed to be safe (yeah, right)

So it's not like you have a choice, Thom.

Reply Score: 0

RE: Comment by albertp
by Thom_Holwerda on Thu 7th Jul 2016 00:10 UTC in reply to "Comment by albertp"
Thom_Holwerda Member since:
2005-06-29

The health care system in the netherlands is connected via Internet. So are police records, welfare systems, educational systems... you name it. These are all supposed to be safe (yeah, right)

So it's not like you have a choice, Thom.


And this is relevant to my phone, how, exactly? Even without a phone, or a phone made dried grass, I am still in all those systems (except police records). I don't have any control over that.

Reply Score: 2

RE[2]: Comment by albertp
by cipri on Fri 8th Jul 2016 09:23 UTC in reply to "RE: Comment by albertp"
cipri Member since:
2007-02-15

If you are worried that much about privacy, then also this site should not have log-ins! Everything should be anonymous etc...
In my opinion google knows still far too less about me.
1)
I wish he could tell me:
According to your blood-pressure (etc..) you should consult a doctor (or go to sleep earlier, or take a brake from working too much).
2) According to your weight, it would be recommended, to loose xyz kilo. This can be achived multiple ways, but since I know you, for you works best xyz diet and blabla exercieses etc..

With a lighter you can turn on the fire to warm your house, but you can also burn the house of your neighbor.
It depends if you use the lighter for legal or illegal stuff.
It's the same with google. They are using the data for legal stuff.

Reply Score: 1

RE[3]: Comment by albertp
by Gargyle on Fri 8th Jul 2016 12:39 UTC in reply to "RE[2]: Comment by albertp"
Gargyle Member since:
2015-03-27

If you are worried that much about privacy, then also this site should not have log-ins! Everything should be anonymous etc...

Not logging in is not enough. The moment you request this site, you will have communicated with this server and the server will know all those details about your request.

In my opinion google knows still far too less about me.

Good, but you know what they say about opinions: they are like dungholes...

1)
I wish he could tell me:
According to your blood-pressure (etc..) you should consult a doctor (or go to sleep earlier, or take a brake from working too much).

That's stupid for multiple reasons: 1) if you want medical advice, go see a doctor. 2) don't be a lazy bum, take responsability for your own wellbeing. Maybe if you have evolved enough, you can take on the responsability of others as well and function in a proper society instead of being the eternal burden that has to be looked after, like a child.

2) According to your weight, it would be recommended, to loose xyz kilo. This can be achived multiple ways, but since I know you, for you works best xyz diet and blabla exercieses etc..

Same principle stands.

With a lighter you can turn on the fire to warm your house, but you can also burn the house of your neighbor.
It depends if you use the lighter for legal or illegal stuff.
It's the same with google. They are using the data for legal stuff.

Yes, and two people having sex is also legal, but not if one of them hasn't consented explicitly and with full disclosure of what is about the happen. See the analogy?

Reply Score: 1

BS
by leos on Thu 7th Jul 2016 02:56 UTC
leos
Member since:
2005-09-21

I don't put anything on there that I don't want other to see, read, or know about


I don't buy it. Do you have email on your phone? Are you ok if your email was published for all the world to see? Do you text people? Are you ok if everyone you ever knew or didn't know saw the texts you sent to everyone else? Do you ever handle any financial info on your phone? Mind publishing those login details?

If so you are either lying or not using a smartphone as anything more than an expensive paperweight.

Edited 2016-07-07 02:57 UTC

Reply Score: 2

RE: BS
by WorknMan on Thu 7th Jul 2016 03:28 UTC in reply to "BS"
WorknMan Member since:
2005-11-13

Do you have email on your phone?


No. Then again, spam ruined email a long time ago so I don't even have a personal email address anymore. (I have one that companies can use, but I have absolutely no need to get these on my phone.)

Do you text people? Are you ok if everyone you ever knew or didn't know saw the texts you sent to everyone else?


You mean, like if the stuff leaked? I wouldn't lose any sleep over it. Like Thom, I consider my devices as pretty much public, because privacy on the Internet doesn't exist. In fact, until I got my Nexus 5X, I didn't even have security enabled on my phone. But the fingerprint scanner is too convenient not to use.

Do you ever handle any financial info on your phone?


Not only no, but HELL no.

If so you are either lying or not using a smartphone as anything more than an expensive paperweight.


I actually use it mostly to catch up on RSS feeds during my downtime, and occasionally stream music with it. But I don't use it like a PC, and probably never will.

Edited 2016-07-07 03:30 UTC

Reply Score: 2

RE: BS
by Thom_Holwerda on Thu 7th Jul 2016 08:14 UTC in reply to "BS"
Thom_Holwerda Member since:
2005-06-29

Do you have email on your phone?


Yes.

Are you ok if your email was published for all the world to see?


I don't use email for anything personal.

Do you text people? Are you ok if everyone you ever knew or didn't know saw the texts you sent to everyone else?


I don't use texting for anything personal. I have face-to-face contact with my lovely friends for that.

Do you ever handle any financial info on your phone?


Hell to the fucking no.

Reply Score: 1

RE[2]: BS
by leos on Thu 7th Jul 2016 20:47 UTC in reply to "RE: BS"
leos Member since:
2005-09-21

I still don't believe you would be comfortable with your texting and email history to be published to the world. You don't use email for anything personal? What about business? OK with your business emails all being public?

As for financial data not on the phone, you are missing out on the utility of smartphones by not using them to their potential, all based on some completely unfounded paranoia about security. You phone is not in any way less secure than your desktop. So what you are saying is you never trust any online-connected devices with any private data. Not a logical position in the slightest, it's pure luddite.

Edited 2016-07-07 20:47 UTC

Reply Score: 2

RE[3]: BS
by Gargyle on Fri 8th Jul 2016 07:17 UTC in reply to "RE[2]: BS"
Gargyle Member since:
2015-03-27

I still don't believe you would be comfortable with your texting and email history to be published to the world.

He said he didn't put anything on it that he didn't want *OTHERS* to read. By others, I assume he did NOT mean the whole world, but just others.

If he uses his device for communication, that implicitly means his communications have been (or will be) read by others.

Maybe he just meant to say he doesn't write his personal diary on his phone? I don't know.

Reply Score: 1

shotsman
Member since:
2005-07-22

It ceases to be your life. You become part of the global 'Truman Show'.
Everything you do/say/write becomes part of the Google AI and will be used in evidence against you, or at least sold to advert slingers and marketing companies.

If you are happy to live your life naked (from a data POV) then go for it. Live long and prosper.

Meanwhile those of us with at least half a brain will increase our efforts to keep some semblance of privacy.
After all doen't even the Angel Zuck tape over the camera and microphone on his MBP?

Once you go down this road, there really is no coming back.

Edited 2016-07-07 05:42 UTC

Reply Score: 3

ssokolow Member since:
2010-01-21

After all doen't even the Angel Zuck tape over the camera and microphone on his MBP?


I heard about that sort of snooping early on (including a case where someone tried to make putting tape over the camera an organizational policy violation with penalties... I think it might have been a school of some sort.) and I didn't even know my camera had an activity LED until I lent it to someone with a Windows PC, so I bought some USB extensions to make it easy to leave our desktop PCs' webcams and microphones physically disconnected when not in use.

Reply Score: 2

Privacy Stockholm Syndrome
by pysiak on Thu 7th Jul 2016 09:27 UTC
pysiak
Member since:
2008-01-01

From the article:

"little creepy, yes. But that last part's my fault."


So this guys sees his history in Google and that fact is "creepy" (his words).
But then goes to blame himself!!

He's lost. God damn it! Gates was right about software eating the world: It's now going to be psychiatrists offering Digital and Privacy Therapy...

Reply Score: 3

Gargyle
Member since:
2015-03-27

There has been a follow-up article on medium and it says this:


1. I don’t want to, because I can’t predict the future. There are a thousand different things that could happen where you would regret having your entire life tracked by a single entity. As long as you’re in the system and have “track everything” turned on, this is a real risk and there is simply no way to mitigate it.

2. I don’t need to, because there are better alternatives. This didn’t used to be the case, but I think that, especially within the last year or two, alternative privacy-oriented solutions for every one of Google’s core services (search, mail, maps, etc.) have improved usability to be competitive with Google. If you can keep the usability & user experience and regain your privacy, why wouldn’t you?


The full article:
https://medium.com/@guohuade/the-two-reasons-i-dont-trust-google-wit...

Bottom line: I side with this guy, not with the former.

He also has a nice and lengthy article about how you can migrate away from the grasp of the big tech giants:
https://medium.com/@guohuade/getting-rid-of-google-or-apple-or-micro...

That last article almost made me want to register for an account at DropBox and go cloudbased using file-level encryption, but then I looked further and saw that things like SeaFile exist where you can host your own cloud, which is preferrable.

Edited 2016-07-07 13:17 UTC

Reply Score: 1

Comment by dionicio
by dionicio on Thu 7th Jul 2016 14:23 UTC
dionicio
Member since:
2006-07-12

"The debate passes me by, because I treat my devices as if they are public devices"

Which law says that all devices should be public?

On being able to, Corps started a wave that now even they themselves can't stop. Those Corps are made of people also uncomfortable with the Status Quo.

I'm old enough to remember that my devices used to be private. [Excepting for that old lady telephonist that liked to get into conversations, at my little town] ;)

There are overreach. So extended and blatant that STASI is childs' play. And not mad at Governments. This is NOT Govs Play field. Govs are for the lose also.

Reply Score: 2

RE: Comment by dionicio
by dionicio on Thu 7th Jul 2016 14:44 UTC in reply to "Comment by dionicio"
dionicio Member since:
2006-07-12

Of course, is Google the one honestly going forward and advancing the 'conversation?'.[Not to forget that a former Google trespassed where not even Microsoft dared to].

Reply Score: 2

RE: Comment by dionicio
by dionicio on Thu 7th Jul 2016 15:06 UTC in reply to "Comment by dionicio"
dionicio Member since:
2006-07-12

"Google probably knows more about me than anyone. Probably more than I know myself."

The man is right.

My memories are blurring as to be sure about anything, anymore. But somewhere I read that a good Japan custom was to keep a diary log. Purpose was to know oneself.

Such a profound -Soul exploratory- record couldn't be anything but private. Families and Friend Circles also cultivate this explorations of the Soul. How those Corps dare to keep a record of all this conversations?

Reply Score: 2