background preloader

Six Tips to Protect Your Search Privacy

Six Tips to Protect Your Search Privacy
By Peter Eckersley, Seth Schoen, Kevin Bankston, and Derek Slater. Google, MSN Search, Yahoo!, AOL, and most other search engines collect and store records of your search queries. Recent events highlight the danger that search logs pose. Disclosures like AOL's are not the only threats to your privacy. Search companies should limit data retention and make their logging practices more transparent to the public,4 while Congress ought to clarify and strengthen privacy protections for search data. The Electronic Frontier Foundation has developed the following search privacy tips. 1. Don't search for your name, address, credit card number, social security number, or other personal information. If you want to do a "vanity search" for your own name5 (and who isn't a little vain these days?) 2. Because your ISP knows who you are, it will be able to link your identity to your searches. 3. Search engines sometimes give you the opportunity to create a personal account and login. 4. 5. 6. Conclusion

HTTPS and Tor: Working Together to Protect Your Privacy and Security Online This week EFF released a new version its HTTPS Everywhere extension for the Firefox browser and debuted a beta version of the extension for Chrome. EFF frequently recommends that Internet users who are concerned about protecting their anonymity and security online use HTTPS Everywhere, which encrypts your communications with many websites, in conjunction with Tor, which helps to protect your anonymity online. But the best security comes from being an informed user who understands how these tools work together to protect your privacy against potential eavesdroppers. Whenever you read your email, or update your Facebook page, or check your bank statement, there are dozens of points at which potential adversaries can intercept your Internet traffic. By using Tor to anonymize your traffic and HTTPS to encrypt it, you gain considerable protection, most notably against eavesdroppers on your wifi network and eavesdroppers on the network between you and the site you are accessing.

Find Other Web Sites Hosted on a Web Server Find other sites hosted on a web server by entering a domain or IP address above. Note: For those of you interested, as of May 2014, my database has grown to over 100 million domain names. I am now offering this domain list for purchase. A reverse IP domain check takes a domain name or IP address pointing to a web server and searches for other sites known to be hosted on that same web server. Background All web sites are hosted on web servers, which are computers running specialized software that distribute web content as requested. As of 2003, more than 87% of all active domains names were found to share their IP addresses (i.e. their web servers) with one or more additional domains. While IP sharing is typically transparent to ordinary users, it may cause complications for both search engine optimization and web site filtering. Concerning SEO (search engine optimization) Conversely, search engines value links from web sites hosted on different IP addresses. Concerning web site filtering

New Year's Resolution: Full Disk Encryption on Every Computer You Own The New Year is upon us, and you might be partaking in the tradition of making a resolution for the coming year. This year, why not make a resolution to protect your data privacy with one of the most powerful tools available? Commit to full disk encryption on each of your computers. Many of us now have private information on our computers: personal records, business data, e-mails, web history, or information we have about our friends, family, or colleagues. Encryption is a great way to ensure that your data will remain safe when you travel or if your laptop is lost or stolen. Best of all, it's free. Here's some basic info about full disk encryption. Full disk encryption uses mathematical techniques to scramble data so it is unintelligible without the right key. Without encryption, forensic software can easily be used to bypass an account password and read all the files on your computer. Choosing a Disk Encryption Tool Make a Strong Passphrase and Don't Lose It

Is Keyword Search About To Hit Its Breaking Point? As the Web swells with more and more data, the predominant way of sifting through all of that data—keyword search—will one day break down in its ability to deliver the exact information we want at our fingertips. In fact, some argue that keyword search is already delivering diminishing returns—as the slide above by Nova Spivack implies. Spivack is the CEO and founder of semantic Web startup Radar Networks and is pushing his view that semantic search will help solve these problems. But anyone frustrated by the sense that it takes longer to find something on Google today than it did even a year ago knows there is some truth to his argument. “Keyword search is okay,” he says, “but if the information explosion continues we need something better.” Today, there are about 1.3 billion people on the Web, and more than 100 million active Websites. At a certain point, with billions and billions of Web pages to sift through, keyword search just won’t cut it anymore. Spivack explains:

S.F. team wins paper shredder puzzle prize To most people, 10,000 slivers of shredded paper are as good as trash. To three coders in San Francisco, they're a challenge - especially when the jumbled mass of paper once made up five classified government documents. The three were not hackers trying to steal state secrets, but participants in a contest run by the Defense Advanced Research Projects Agency, the government group that funds high-tech military research. In October, DARPA offered $50,000 to the first group to piece together the shredded documents or the one that made the most progress by Dec. 4. "I figured I know enough really damn good programmers that I could get a few people together and we might be able to win it," said Otávio Good, the entrepreneur behind the iPhone app Word Lens, which translates foreign-language text as it's viewed through the phone's camera. "I knew there would be crazy people to try to do it all manually and crazy people to try to automate the whole process," Good said.

Google Image Ripper v.0.1.9 The public version of Google Image Ripper has been discontinued. ✱ September 19 2004 - † April 29 2012 Modified Google Image Search results.No more thumbnails, straight to the good stuff! Features: Up to 100 full resolution images instead of thumbnails Search for all image sizes & types or specific ones All results on one easy-to-scroll page Includes links to image source pages Allows you to save all high resolution images in one go This is what you would get when searching for 'bike': Access is members only You can get a personal 6 months membership for $10. Any questions? Technology Research and Development EFF's technology development and research projects aim to improve the rights of free expression, security, and privacy on the internet. All of our work is released under free and open source licenses such as the GNU General Public License or Creative Commons licenses. We welcome your code patches and other contributions! HTTPS Everywhere is a browser extension that ensures you use HTTPS to the greatest extent possible, for sites that support HTTPS. It is part of our larger mission to Encrypt the Web in its entirety. The SSL Observatory is a view of the state of HTTPS deployment in the IPv4 address space. Panopticlick shows how easy it is to uniquely identify browsers on the web, even without cookies. Surveillance Self-Defense and SSD International provide advice on how to protect your electronic privacy, in legal and technical terms. Total Election Awareness helps people report voting booth anomalies and abuses. MyTube protects people's privacy from third-party video hosting providers.

Anonymous Versus EFF? Corporate Donation Riles Activists | Threat Level This snippet from the leaked anti-WikiLeaks document shows U.S. journalists to be targeted in the proposed disinformation campaign. Online freedom advocates blasted the Electronic Frontier Foundation, on Monday, angry that the digital rights group accepted money for its annual awards ceremony from Palantir, a secretive data mining software firm involved in a convoluted plot to bring down Wikileaks. Palantir, which has made hundreds of millions of dollars selling high-end data analysis tools to secretive govenerment agencies, was exposed in February as being party to an attempt to win a federal contract to wage a disinformation and hacking campaign against Wikileaks and its supporters, including journalists and Anonymous. The company is the premier sponsor of the EFF’s award ceremony Tuesday. In a presentation unearthed by Anonymous hackers, someone at Palantir used the company’s powerful software to create a visualization of a Wikileaks support network. Godwin was hardly alone.

Iranian Man-in-the-Middle Attack Against Google Demonstrates Dangerous Weakness of Certificate Authorities Commentary by Seth Schoen and Eva Galperin What’s worse than finding a worm in your apple? Finding half a worm. What’s worse than discovering that someone has launched a man-in-the-middle attack against Iranian Google users, silently intercepting everything from email to search results and possibly putting Iranian activists in danger? Discovering that this attack has been active for two months. People all over the world use Google services for sensitive or private communications every day. The certificate authority system was created decades ago in an era when the biggest on-line security concern was thought to be protecting users from having their credit card numbers intercepted by petty criminals. This latest attack was reportedly caught by a user running the Google Chrome browser in Iran who noticed a warning produced by the “public key pinning” feature which Google introduced in May of this year. EFF's own SSL Observatory aims to find attacks of this kind in the wild.

and Bitcoin For several months, EFF has been following the movement around Bitcoin, an electronic payment system that touts itself as "the first decentralized digital currency." We helped inform our members about this unique project through our blog and we experimented with accepting Bitcoin donations for several months in an account that was started by others. However, we’ve recently removed the Bitcoin donation option from the Other Ways to Help page on the EFF website, and we have decided to not accept Bitcoins. We decided on this course of action for a few reasons: 1. We don't fully understand the complex legal issues involved with creating a new currency system. 2. 3. We appreciate the outpouring of support we have received from the Bitcoin community and we share that community's commitment to privacy and innovation.

What is Traitorware? Your digital camera may embed metadata into photographs with the camera's serial number or your location. Your printer may be incorporating a secret code on every page it prints which could be used to identify the printer and potentially the person who used it. If Apple puts a particularly creepy patent it has recently applied for into use, you can look forward to a day when your iPhone may record your voice, take a picture of your location, record your heartbeat, and send that information back to the mothership. This is traitorware: devices that act behind your back to betray your privacy. Perhaps the most notable example of traitorware was the Sony rootkit. Traitorware is sometimes included in products with less obviously malicious intent. Traitorware is not some science-fiction vision of the future.

On Locational Privacy, and How to Avoid Losing it Forever August 2009 By Andrew J. Blumberg and Peter Eckersley, August 2009 Over the next decade, systems which create and store digital records of people's movements through public space will be woven inextricably into the fabric of everyday life. Here are some examples you might already have used or read about: Monthly transit swipe-cards Electronic tolling devices (FastTrak, EZpass, congestion pricing) Cellphones Services telling you when your friends are nearby Searches on your PDA for services and businesses near your current location Free Wi-Fi with ads for businesses near the network access point you're using Electronic swipe cards for doors Parking meters you can call to add money to, and which send you a text message when your time is running out These systems are marvellously innovative, and they promise benefits ranging from increased convenience to transformative new kinds of social interaction. Unfortunately, these systems pose a dramatic threat to locational privacy. Opting out