In any case, I tend not to worry too much. And I tend to not worry too much about all the digital data I hand over every minute of every day. That’s not to say I don’t care. I certainly do. And there are some companies I trust more than others. Cable company? Screw ’em. I’d unplug if I could. But I don’t think I’m quite ready to subject my wife and kids to that. Cell carrier? They’re only after one thing. (Except for when I’m on Project Fi. Those guys rock.)
But Google? Google probably knows more about me than anyone. Probably more than I know myself. That’s never been more apparent than when I scrolled through the first 100 pixels or so of the My Activity section on my Google account. Everything I’ve searched for. Apps I’ve used. Websites I opened. Destinations I’ve navigated to. All there, and pretty much in real time.
There really seem to be two groups of people: those that value the openness of Google regarding the data it collects, giving you insight and control over it, and those that value the secrecy of Apple, trying to keep everything on your device in a way that it can’t be tracked to you.
The debate passes me by, because I treat my devices as if they are public devices; I don’t put anything on there that I don’t want other to see, read, or know about. A device is not my mind, so I don’t treat it as such. I don’t trust any company – Google, Apple, my carrier, or whatever – and I have enough understanding of technology to know that nothing connected to the internet is really private or safe.
The idea of “trusting” a company with my deepest private data is wholly alien to me.
Agreed.
I even go so far as to split my different Google services across different accounts (ie. one for XMPP-accessed GTalk, one for IMAP-accessed GMail while I prepare to self-host, etc.) just to make them work that little bit harder to piece together a picture of my public persona.
Given that I use the Self-Destructing Cookies extension, uMatrix’s referrer forging and User Agent randomizing, and I haven’t logged into YouTube since they started requiring Google+ to comment (youtube-dl for age-gated videos), it’s actually kind of funny to watch them fall back to IP address matching and get recommendations in the house all mixed up.
(eg. If my brother starts seeing a lot of tech lectures or top 10 lists in his recommendations, he knows I must be doing a big spring cleaning again.)
Edited 2016-07-06 23:36 UTC
ssokolow,
I agree as well. It’s one thing not to care about privacy, but placing google on a pedestal above other service providers who have less effective (if any) tracking seems naive. We shouldn’t forget that google’s bugs still work with HTTPS.
I’ll recommend exim as my preferred mail daemon. It has good support for DNS-RBL, which is very handy to block the majority of spam. I use it to handle many virtual domains.
I needed to install some custom scripts for SPF and SRS (necessary to handle email forwarding), it can be a bit tricky if you don’t understand the ins and outs of it. But it’s definitely worth it since even without any black list SPF catches a good amount of spoofed spam.
Adding throttling at various points really helps in case someone breaks into a client account (ie via wordpress or oscommerce vulnerability) and tries to send spam from their accounts.
Unfortunately, last I checked, exim didn’t support the milter API and I want to write a custom extension (with some degree of cross-daemon portability to avoid locking myself in) that automates my currently semi-manual process of giving everyone a different e-mail alias and then treating them like revokable API keys. (in concert with SPF checking)
The milter will also make it feasible to give each alias its own sender whitelist with custom bounce messages for things like the aliases I gave to eBay and PayPal.
Because of that, I was planning to use Postfix.
As for the breaking into a wordpress account part, throttling is definitely a good idea, but an even better solution which I’m planning is to replace WordPress (the only system I’m currently running which is capable of sending mail to a non-hardcoded address) with a statically-templated blog hosted on GitHub Pages.
(The holdups there are my zero-tolerance policy for 404ing URLs within my own sites and my wariness around using a non-self-hosted comment system like Disqus.)
Edited 2016-07-07 00:39 UTC
ssokolow,
I used postfix originally. I had one client that had a large subscriber list, the server incurred so much overhead I was forced to look at alternatives. It’s a very “fork” heavy daemon (intentionally by design) and the server was crawling with literately 2000+ processes. Postfix allows this limit to be adjusted to stop trashing, but the issue was that SMTP traffic is chatty and blocks a lot, so reducing the processes meant the server was not effectively able to use all the bandwidth allotted to it. For most people with ordinary needs it should be fine though.
I searched but found nothing on “milter API”, so I don’t know what it is. If it’s a command line API I’d be surprised if exim couldn’t support it using it’s script processing.
Always be mindful of the risks of PHP privilege escalation, there are a lot of creative ways to install a PHP-shell and I have to admit I’ve learned new things from some attacks. If you scan the server logs, the buggers are persistent! Since attacks are generally from opportunistic automated bots, using non-standard urls is actually surprisingly effective.
You may have an advantage in that you don’t have to support clients running arbitrary code, even if it’s in a VM
Definitely. WordPress has been quite ill-fitted for quite a while (too much bother to extend for structured data and I hate babysitting my update notifications plugin) and it’s just been a matter of finding the time to migrate away with 0% URL breakage.
ssokolow,
While I don’t understand your specific requirements, it seems similar to SRS where both the sender and receiver must be mapped on the fly. But if you specifically want sendmail’s milter API, then yea exim’s API isn’t going to work without wrapping like that guy did. Another thing you could do is to put the mails into a maildrop for another process to run the milter-api, but what’s the point, it’d be easier to use an MTA that has has the milter-api built in.
I obviously never had this problem since I’d never even heard of this milter-api
I can see why I never heard of SRS. The documentation for exim’s implementation gives me the impression that half of my stuff would have to be written in exim config syntax rather than “Here’s a parsed message. Using any language with milter bindings, rewrite whatever you want and give it back to me.” like the milter API is designed for.
(And it doesn’t help that the docs are highly technical and I don’t have enough experience with SPF to determine how to force every message to get processed and remapped… nor whether SRS would allow custom bounce messages containing “If you’re a human, click this link to appeal” links.)
ssokolow,
SRS = Sender Rewriting Scheme and is used to rewrite the addresses so that forwarded emails can be delivered without violating SPF. It isn’t specific to exim.
https://www.unlocktheinbox.com/resources/srs/
If you naively forward an email, the standard practice years ago was to leave the return headers as is. However SPF explicitly broke this behavior. An email from [email protected] to [email protected] could be forwarded to [email protected], but if yahoo has SPF set to reject emails, then the legitimate forwarded email is flagged as spam.
The SRS standard replaces [email protected] with something like [email protected]. And since we have control over the spf records for website.com, it doesn’t get flagged as spam. In the event that a bounce occurs, the MTA will substitute the address in the opposite direction back to [email protected].
There’s also a cryptographic hash to prevent this from being exploited as a relay service.
Then there’s DKIM, domain keys, DMARK. In the real world you’ll have to deal with some SMTP providers that are misconfigured. I had a client who was having trouble getting email from a certain contractor, and instead of them fixing their end I was pressured to add them to a whitelist on my server. That’s the way these things go.
Put it all together and your head explodes! Still, if you are patient and learn all this stuff you’ll be well rewarded, right? right?! Sorry, I’m frustrated because a regular client of 8 years just left for an indian outsourcing shop. I’m kind of bummed with the lack of appreciation for my skills in my career.
Edited 2016-07-08 01:53 UTC
I must recommend Mail-in-a-Box: https://mailinabox.email/
Background info on me recommending it:
I’ve been a mailadmin a significant part of early 2000s, And I’ve always been selfhosting since 2000 until it came too time-consuming and I went full Google.
After Summer-of-Snowden and PRISM we all got a wake-up call and what we thought could be happening actually was happening on a large and highly utilitarian way.
Now, I tried coming back but due to time constraints (I may have less time than most of the readers), I wasn’t able to until I found about Mail-in-a-box.
I gave it a whirl and never had to touch it after initial setup.
If you’ve got more time you could go as far as doing this: http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/
And remember: scan your IMAP and SMTP TLS and make it A+ just as you would for your HTTPS.
The health care system in the netherlands is connected via Internet. So are police records, welfare systems, educational systems… you name it. These are all supposed to be safe (yeah, right)
So it’s not like you have a choice, Thom.
And this is relevant to my phone, how, exactly? Even without a phone, or a phone made dried grass, I am still in all those systems (except police records). I don’t have any control over that.
If you are worried that much about privacy, then also this site should not have log-ins! Everything should be anonymous etc…
In my opinion google knows still far too less about me.
1)
I wish he could tell me:
According to your blood-pressure (etc..) you should consult a doctor (or go to sleep earlier, or take a brake from working too much).
2) According to your weight, it would be recommended, to loose xyz kilo. This can be achived multiple ways, but since I know you, for you works best xyz diet and blabla exercieses etc..
With a lighter you can turn on the fire to warm your house, but you can also burn the house of your neighbor.
It depends if you use the lighter for legal or illegal stuff.
It’s the same with google. They are using the data for legal stuff.
Yes, and two people having sex is also legal, but not if one of them hasn’t consented explicitly and with full disclosure of what is about the happen. See the analogy?
I don’t buy it. Do you have email on your phone? Are you ok if your email was published for all the world to see? Do you text people? Are you ok if everyone you ever knew or didn’t know saw the texts you sent to everyone else? Do you ever handle any financial info on your phone? Mind publishing those login details?
If so you are either lying or not using a smartphone as anything more than an expensive paperweight.
Edited 2016-07-07 02:57 UTC
I actually use it mostly to catch up on RSS feeds during my downtime, and occasionally stream music with it. But I don’t use it like a PC, and probably never will.
Edited 2016-07-07 03:30 UTC
Hell to the fucking no.
I still don’t believe you would be comfortable with your texting and email history to be published to the world. You don’t use email for anything personal? What about business? OK with your business emails all being public?
As for financial data not on the phone, you are missing out on the utility of smartphones by not using them to their potential, all based on some completely unfounded paranoia about security. You phone is not in any way less secure than your desktop. So what you are saying is you never trust any online-connected devices with any private data. Not a logical position in the slightest, it’s pure luddite.
Edited 2016-07-07 20:47 UTC
He said he didn’t put anything on it that he didn’t want *OTHERS* to read. By others, I assume he did NOT mean the whole world, but just others.
If he uses his device for communication, that implicitly means his communications have been (or will be) read by others.
Maybe he just meant to say he doesn’t write his personal diary on his phone? I don’t know.
It ceases to be your life. You become part of the global ‘Truman Show’.
Everything you do/say/write becomes part of the Google AI and will be used in evidence against you, or at least sold to advert slingers and marketing companies.
If you are happy to live your life naked (from a data POV) then go for it. Live long and prosper.
Meanwhile those of us with at least half a brain will increase our efforts to keep some semblance of privacy.
After all doen’t even the Angel Zuck tape over the camera and microphone on his MBP?
Once you go down this road, there really is no coming back.
Edited 2016-07-07 05:42 UTC
I heard about that sort of snooping early on (including a case where someone tried to make putting tape over the camera an organizational policy violation with penalties… I think it might have been a school of some sort.) and I didn’t even know my camera had an activity LED until I lent it to someone with a Windows PC, so I bought some USB extensions to make it easy to leave our desktop PCs’ webcams and microphones physically disconnected when not in use.
From the article:
So this guys sees his history in Google and that fact is “creepy” (his words).
But then goes to blame himself!!
He’s lost. God damn it! Gates was right about software eating the world: It’s now going to be psychiatrists offering Digital and Privacy Therapy…
There has been a follow-up article on medium and it says this:
The full article:
https://medium.com/@guohuade/the-two-reasons-i-dont-trust-google-wit…
Bottom line: I side with this guy, not with the former.
He also has a nice and lengthy article about how you can migrate away from the grasp of the big tech giants:
https://medium.com/@guohuade/getting-rid-of-google-or-apple-or-micro…
That last article almost made me want to register for an account at DropBox and go cloudbased using file-level encryption, but then I looked further and saw that things like SeaFile exist where you can host your own cloud, which is preferrable.
Edited 2016-07-07 13:17 UTC
“The debate passes me by, because I treat my devices as if they are public devices”
Which law says that all devices should be public?
On being able to, Corps started a wave that now even they themselves can’t stop. Those Corps are made of people also uncomfortable with the Status Quo.
I’m old enough to remember that my devices used to be private. [Excepting for that old lady telephonist that liked to get into conversations, at my little town]
There are overreach. So extended and blatant that STASI is childs’ play. And not mad at Governments. This is NOT Govs Play field. Govs are for the lose also.
Of course, is Google the one honestly going forward and advancing the ‘conversation?’.[Not to forget that a former Google trespassed where not even Microsoft dared to].
“Google probably knows more about me than anyone. Probably more than I know myself.”
The man is right.
My memories are blurring as to be sure about anything, anymore. But somewhere I read that a good Japan custom was to keep a diary log. Purpose was to know oneself.
Such a profound -Soul exploratory- record couldn’t be anything but private. Families and Friend Circles also cultivate this explorations of the Soul. How those Corps dare to keep a record of all this conversations?