Ghostery’s GDPR Privacy Fail

I guess, somewhere along the way, I had registered an account with Ghostery when I was using their privacy plugin.

Today, I got a GDPR update notification from them, along with a ton of other users. The thing is, they failed to use the BCC field when they sent the email, so everyone’s names and email addresses were exposed to everyone else.

I suppose they better practice their GDPR habits a bit harder.


 

Facebook, Privacy, and Staying Safe Online

Care about your privacy in the wake of all the Facebook news?

Switch to Mozilla Firefox as your main browser. It is now faster than Chrome or Internet Explorer, it uses less memory, and it goes a lot further to care for your privacy online and keep you safe. https://www.mozilla.org/en-US/firefox/new/

Use Facebook in a restricted container to prevent it from tracking you when you are not on Facebook: https://blog.mozilla.org/fire…/facebook-container-extension/

Install the uBlock Origin add-on for Firefox to prevent trackers, ads (which are in and of themselves trackers), malware, and other nasties from harming you online. https://addons.mozilla.org/en-…/firefox/addon/ublock-origin/

Install EFF’s Privacy Badger add-on for Firefox to prevent even more tracking that uBlock doesn’t necessarily cover. https://addons.mozilla.org/…/firef…/addon/privacy-badger17/…

This setup will not only help you keep Facebook at arm’s length, it will help you in general to avoid malicious advertisements, malware, ransomware, and various types of web browser hijacking while surfing the Internet.

Enjoy, and stay safe!

The Power Of Privacy

The online world is both weird and wonderful. It’s safe to say that the internet has opened us up to so many possibilities, it’s incredible. We can connect with family around the world, do business deals from our bedrooms, and shop for just about anything, from anywhere – all before sunrise! But there is a flip side to having such much access. Not only are you able to access pretty much everything that you can, but the internet also has access to you. And it’s this side of the online world that can be pretty worrying to most of us. When you think about it, how much privacy do you really have online? Sometimes, not much! But you can change that by working with the right tools.

Domain Privacy

If you have a website or a blog, or any kind of online space that you have your own personalized domain for, you can often feel pretty great. You have your own corner of the internet to share the things that interest you, and owning your own domain can be a cool part of that. But it’s not always private. When you register your domain, your personal details such as your name and address can be visible to anyone. And that can be quite scary. So, you should opt for domain privacy when you’re buying your domain. That way, the details are the company, such as Bluehost, details, not yours.

Online Anonymity

When you’re browsing the internet, you can often assume that you’re safe and that nobody can see what you’re doing – even if you’re just looking on Facebook. But that’s not always the case. You can often be seen, even by the CIA or FBI! So you might want to use a VPN to keep your activity private. Take a look at some VPN reviews to see if they’re for you. You may feel more comfortable knowing that companies can’t always access your search history if you do.

Cookies

We all know about cookies. We often clear them regularly to keep our computers working well and to avoid too much of a trail online. But if you find that advertisers are still tracking you with what you’ve browsed, then why not think about blocking third-party cookies? You can do this in the settings, and it will allow advertisers to stop tracking you altogether, for a bit of peace of mind.

Social Privacy

Then you’ve got your social accounts to think about. Are you happy with anyone and everyone being able to see your social accounts? If not, then you’re going to want to go private. That way, your online social life can be kept to those that you’re happy to share it with.

SSL

Finally, you may also want to check that you’re secure online. We often see SSL when we’re logging into financial accounts, for example. But not everyone uses it. If you want to keep your privacy up, you need an SSL connection. Not every browser users them, but you can get extensions such as HTTPS Everywhere that can put that SSL connection onto a range of websites for you, just for extra measure!

Just In Time, the Brave Browser Becomes My Default

Last night I saw a respected security professional I follow on Twitter mention the Brave web browser, and how good he thought the mobile version is. Brave was started by the Mozilla Project co-founder Brandon Eich, and is based on Chromium, the open-source base that Google Chrome is constructed upon.

Today, I caught wind that Chrome is soon going to prevent you from doing things such as disabling its DRM management feature called Widevine. The problem with this is summarized here:

…a single browser may now require two different DRM plugins to play all DRM content. These plugins have their own security issues, but unlike with the Flash vulnerabilities, security researchers are banned from looking for them, due to Section 1201 of the Digital Millennium Copyright Act (DMCA). That means malicious hackers, who already engage in other criminal activities, may freely take advantage of all the vulnerabilities they find in these DRM plugins before companies discover them on their own.

In short, because of the closed nature of the DMCA, we end users are at risk unnecessarily, and we will soon have no ability to disable this plugin should we wish to do so.

Enter The Brave

Brave offers a browser that works on all platforms (Windows, Mac, Linux) and on mobile. It blocks ads by default, blocks malware, and is lean and fast. Putting user privacy and security at the forefront, along with speed, this thing is a powerhouse as it forces https on websites and prevents malware-serving advertisement networks from invading your workspace.

But the difference is the paradigm shift in supporting advertisers, as opposed to simply blocking them out completely:

Brave intends to keep 15% of ad revenue for itself, pay content publishers 55%, ad partners 15% and also give 15% to the browser users, who can in turn donate to bloggers and other providers of web content through micropayments.

I have yet to figure out how or if that will work, exactly, and it doesn’t seem to be fully impemented in the browser yet, but it seems like a great way to solve the elephant-in-the-room problem the Internet faces today: how to earn money and keep users safe at the same time, so that they don’t need to run ad blockers and anti-tracking plugins?

Stay tuned for more info as I learn it, and as I figure out Brave.

Let’s Revisit: Sending Mass Emails The Right Way

envelopes photoThe concept of sending an email to multiple people the right way seems to have eluded the populace as a whole lately. I’m looking at you, schoolteachers, soccer coaches, and party invitation senders. I write to you today because, in recent months, it seems I’ve been included on more and more emails where I’m one of 50 people whose email address is awkwardly stuffed into the CC: field of the email you sent, right there with all the others for everyone in the list to see. I even got an email from the manager of the local Sears store I had recently purchased an appliance from, that got sent to all the people who had bought something there recently, and everyone’s name and address were easily viewable in the CC field.

The problem here is that you are being inconsiderate towards peoples’ privacy, and you are sending around a large list of real email addresses to possibly be harvested by spammers.

There is a way to do this that protects peoples’ privacy, doesn’t annoy the nerds and geeks in your email list, and makes you look like you know what you are doing. What trifecta could be better than that?

The easiest way to do this is by using the BCC: field instead of the CC: field. BCC stands for “Blind carbon copy,” which means that any email address entered in it will not show up to the recipients of the email. The CC: field does show them, so don’t use it.

The trick is that you should enter your own email address in the To: field of the email, then enter the long list of room parents or party invitees in the BCC field. That’s it! Now you too can look cool.

There are some detailed instructions, with pictures, available here, in case you need more info.