Ensuring Online Privacy
p2pnet view P2P | Freedom | Security:- As more and more corporations and governments continue to jackboot your privacy to ensure you are a compliant cash cow, I figured that I would counter some of this abuse with some reality. With news that software companies are seeding unlicensed copies of their code to bittorrent in order to troll for violators, such as the class action suit against TransMagic 3-D, and Adobe’s attempts to make its Creative Suite subscription only, it is fairly obvious to me that software makers aren’t as much interested in creating a quality product for their consumers, as they are in maximizing profits from compliant cash cows.
Ironically, a movie was made about a good friend of mine who was a Lieutenant Colonel in Military Intelligence that helped develop the Carnivore Program for the FBI. I only knew him as “casper” online, but I helped support him when he was illegally arrested for leaking the software to the public in protest. Unfortunately, he was an elderly gentleman and died while incarcerated for treason. You may have heard of the movie “Swordfish”?
My point is, governments all over the world have been attempting to invade your privacy since 1995, only a few years after the internet itself came into popular use. First there was MySpace, with all good intentions, until it was bought out by Rupert Murdoch’s massive media empire. Then came Fa$eBook, which was forced to open its’ database to the NSA. What better way of keeping a “docket” of every single American Citizen, and Foreign National than scraping all the dirty little secrets sheeple post to their Fa$eBook account? Governments monitor everything, including Twitter, via what are called BBN’s.
All data transferred in and out of the US must pass thru one of the 11 BBNs here in the states, which is quite ingenious actually. Why bother monitoring all 350 million people on the internet when you can intercept data at a few key distribution points?
Point in fact, someone “tweeted” some outlandish snippet concerning bodily harm to a public official, and the FBI was knocking on his door within 45 minutes. Another someone posted a similar “topic” to Reddit and the FBI contacted the admins of Reddit within 15 minutes, wanting to know information about the poster. No warrant, no legal jurisdiction, no due process, just give up the information, namely the IP address of the offender.
I ask you, how is it even possible for the government to know about these apparent discretions in such a short amount of time? Even J. Edgar Hoover himself was not this paranoid. There once was a time when the 1st Amendment could only be suspended for dire threats against POTUS, apparently, not any more.
Here are a few tips to keep your government out of your business…
Twitter, FaceBook, MySpace - Some day they will all merge, and be called MyTwitFace. Your best efforts should be to get off these social networks, as they are a direct line to the government’s enforcement wing that only reports to the shareholders of the MAFIAA, and other anti-consumer corporations. This is one of the primary reasons that when you attempt to delete your account from FaceBook, it never goes away, it stays in their database at the behest of government agencies.
Firewall - There are numerous sources of government-blacklisted IP addresses that you can easily enter into your router firewall, your computer’s firewall, or in a software firewall. If anything, block IP addresses that end in .gov and .mil unilaterally.
Proxy - Not so much of a good idea these days. Once it was fairly simple to use a Proxy to hide your computer’s origin, however the Department of Defense has a tool that can trace back thru up to 5 proxy bounces in order to find the originating IP address. This is no longer used by the hard core users because of this.
VPN - Virtual private network usage is still covered by prior restraint, so the government cannot eavesdrop on it, and it is typically encrypted from the originating IP address to the VPN provider. Using a VPN allows you to ‘appear’ on the internet as if your IP address is somewhere else in the world, and provides you with an entirely different IP address than the one assigned to your router by your provider. This is typically a pay-for service, and worth every single penny in providing anonymity while surfing the internet. It also can be use to bypass the ‘region’ of content that is possibly not available in your area, such as Spotify. It allows you to appear to be in another country, depending on the VPN service your select. Typically a VPN service will have several servers to choose from in order to make it look like you are somewhere you are not.
PiggyBacking - This is not for the novice. This is a sophisticated hack that takes control of the ‘last mile’ router of your provider in order to gain access to the entire C-Class IP range your provider uses, and distributes your particular IP address to your router. With access to the last mile router, you can choose from any of the 255 IP addresses in the range, basically using someone else’s IP address supplied by your provider. This particular hack is being scrutinized much more closely by providers nowadays and is slowly becoming obsolete.
Outbound Blocking - As few know, a substantial amount of software on the market today “phone home” for a variety of reasons. Phoning home was invented and patented by Apple, and built into their first offering of MacOSX. During controlled testing we found that during bootup, MacOSX sends data about your computer to Cupertino, Apple’s headquarters. Adobe products have been phoning home since the inception of the Creative Suite program bundle, and it is being adopted by more and more software designers every day. To ensure that your computer works the way you want it to, use outbound blockers suck as Little Snitch, Zone Alarm, or Outpost Firewall.
Surfing - Surfing the internet is a typical activity, checking your mail, reading the sites you like, etc. To surf the internet safely use Firefox. It has numerous plugins like AdBlock and NoScript that will not only eliminate abusing your bandwidth, that you pay for, with unwanted (and unnecessary) ads, scripts, and tracking technology used to violate your privacy by keeping track of your surfing habits.
Encryption - Just like the enforcement agencies across the world have warned that continued legislation violating privacy rights will force end users to begin using encryption, well, we have. We began using AES256 encryption for all P2P transfers as far back as 2001, because its none of your fucking business what I am uploading or downloading. You can also setup a local VPN and allow your users to connect to your computer via this VPN that will encrypt data transfers for you. There is also built-in web sharing in all modern operating systems that you can configure to allow P2P access to your machine by trusted users, these are closed loops systems and cannot be monitored.
If you do nothing more than just put www.google-analytics.com in your firewall, you are doing yourself a great service. This particular domain name keeps track of what sites you visit so that google ads can be more precisely targeted. Many domains out there use APIs from Google that are intrusive and violate your privacy by not only tracking hits to a particular website, but sends additional data back to Google themselves for their own nefarious uses.
One thing is certain. Legislation will never overcome technology, as slow as they shut down sites like Limewire, new and improved versions appear, like Limewire Pirate Edition. To put this all into perspective, they still, to this day, have not been able to take down The Pirate Bay.
So, if you do not want to end up on the wrong end of some misguided lawsuit by some massive conglomerate for something as heinous as jaywalking, then do yourself a favor, and practice some proactive implementation of privacy on your part. In a world hell bent on destroying your right to privacy, you can fight back by literally taking your privacy into your own hands, and give them the one finger salute.
p.s. I even submit my articles to Jon using VPN.
surfer – p2pnet
Share the wealth
First they ignore you, then they laugh at you, then they fight you, then you win ~ Mahatma Gandhi
World War III will be a global information war with no division between civilian & military participation ~ Marshall McLuhan
Use free p2pnet newsfeeds for your site. Subscribe to p2pnet.net | rss feed: http://p2pnet.net/feed
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.
April 14th, 2011 at 11:24 pm
New Zealand Outlaws File Sharing
http://news.smh.com.au/breaking-news-technology/new-zealand-outlaws-internet-filesharing-20110414-1dg65.html
New Zealand passed a law against online piracy on Thursday which outlaws file-sharing and threatens repeat offenders with having their Internet access cut off.
The new law allows for penalties of up to NZ$15,000 ($12,000) to be paid to the copyright owner and if this is ineffective offenders can have their Internet account suspended for up to six months.
April 16th, 2011 at 3:01 pm
oh it’s worse than that Wozz
http://vitalfreedom.net/2011/04/15/breaking-news-obama-administration-unveils-beast-system-tracking-cyber-id/
April 16th, 2011 at 7:17 pm
Liz,
Update on how Jon is doing?
April 17th, 2011 at 11:50 am
I have to agree with you about Twitter, Facebook, and MySpace. I joined these networks thinking it was a good way to promote my book, “Tech Tactics Money Saving Secrets.” After hours of tweeting, posting, and posting in order to get my work in front of as many eyes as possible, I have yet to get ONE SINGLE hit on my Amazon page.
As far as firewalls are concerned, it is hard to block those who are trolling for violators. While there are known tolling I.P.’s Those seeking violators are turning more and more to common ISP user accounts. These are hard to block due to the fact that they blend in with the rest .
Proxy analysis is becoming more and more popular these days. It works by timing how long it takes a user to load a main web page and then a graphics beacon on the same page. However, there are several factors that also come into play here. These include timing influenced by network congestion, browser hangups, ad blocking software, etc. As more ISP start cooperating with government and industry officials, proxy analysis will become more and more effective.
VPN’s remain effective unless the VPN has an infiltrator from the government or one of the cartels. VPN will remain effective only as long as those running the VPN do a good job of screening out the infiltrators.
Piggybacking is still somewhat useful especially in rural areas. Many rural areas also have many unsecured WIFI networks. As these are hammered and abused by people, those who run these networks will start securing them.
Phone home software has to be one of the most insidious invasions of privacy. Use of Free, Open Source Software is one way to help prevent this. Another way to protect against this is to install such privacy invading software on computers that are not connected to the Internet. Information can be transferred to and from these computers with a flash drive.
The use of ad blocking software is generally a good idea. However Firefox and other browsers with such plugins or extensions also tend to phone home in order to check for updates, etc. People who write such software tend to be trustworthy, but the danger is that some government or copyright cartel may infiltrate somehow. I also block Google Analytics at my router.
One important thing has been overlooked. This is the fact that people should look for independent work to meet their needs before resorting to cartel products. In some cases, such work is pretty lousy. In other cases, it is as good as or even better than the cartel offerings. Doing a bit of researching can save an end user much much money. Unfortunately, most are still tuned to Madison Avenue and their ad campaigns. Another important thing about independent work is to support the creators. If you find an independent product useful, please donate to the project. A dollar or two won’t hurt anyone, but it sure will help the independent producer.
April 17th, 2011 at 9:53 pm
cyberscan:
you got some very good ideas
best case scenarios are VPN, Tor Project, encryption, remote browsing boxes, change your profile often
,
open wifi – we put up rural APs specifically for openness and sharing – major ISPs hate us
open source OS – like Linux, Triple login boxes – 3 or more boxes for login – user > password > password > password
ad blocker – script blocker – cookie blocker – autoupdates can be disabled,
blackhole servers – for elite users only,
Most important: know your rights and Common Law rights, don’t get sucked into laws of commerce / Admiralty Law
Things to stay away from: Microsoft!!!, phone home software, putting your info online – any info besides what’s absolutely necessary
April 19th, 2011 at 10:45 am
ironically this site is running google analytics…and another tracker called quantcast
April 19th, 2011 at 12:46 pm
“…this site is running google analytics…and another tracker called quantcast”
@Reader’s Write:
I think you’d better check your own configuration.
This site runs NO trackers, so if Google’s following you, it’s a result of your own activities outside of p2pnet.
April 20th, 2011 at 7:26 am
sorry its not picking up analytics – my mistake, but running firefox with the ghostery addon http://www.ghostery.com/ it does seem to pick up quantcast
April 20th, 2011 at 1:26 pm
“it does seem to pick up quantcast”
Again, since p2pnet runs NO trackers, you need to examine your own use, and determine why any particular tracker would have a hard-on for ya.
I’ll repeat…
p2pnet runs NO TRACKERS!
All Jon’s advertisers use *static* ads, with only *direct-to-site, click-through* linking. If you don’t click any of them, all you’re gonna be connected to is p2pnet. If you do click any, you’ll only go to the advertisers’ sites.
April 20th, 2011 at 1:26 pm
devil’s advocate:
ever so Wrong DA
p2pnet is running a google search engine. so, as soon as scripts are turned on for p2pnet.net then google-analytics.com tries to load
- you can see it via script blocker and page source code when p2pnet.net scripts are allowed
- doing google search for words within p2pnet brings up p2pnet pages http://www.google.ca/#hl=en&biw=1022&bih=836&q=ONLY+items+referencing+the+post+at+hand%2C+please.+No+links+to+personal+sites%2C+no+personal+attacks%2C+trolling%2C+freebie+advertising%2C+or+off-topic+posts.+Thanks.+And+Cheers&aq=f&aqi=&aql=&oq=&fp=5c57203f23eb54d1
- this means google is logging p2p2net and tracking user activity as well
here is the script within p2pnet pages:
var gaJsHost = ((“https:” == document.location.protocol) ? “https://ssl.” : “http://www.”);
document.write(unescape(“%3Cscript src=’” + gaJsHost + “google-analytics.com/ga.js’ type=’text/javascript’%3E%3C/script%3E”));
- it also means google is keeping a full log of any changes on p2pnet on their servers
April 21st, 2011 at 9:29 am
I have to agree with gabbi, I see google-analytics and quantserve in NoScript.
the quantserve can be explained, it is a WordPress utility to keep track of site traffic for awstats, or similiar.
April 21st, 2011 at 9:35 am
as for your link gabbi, c’mon, this is a result of bot searches, not internal tracking by p2pnet.net itself. p2pnet uses Scroogle search, not Google, which is used by wordpress to troll the archives. I think I see some paranoia showing…
besides, google logs everything..
April 21st, 2011 at 1:51 pm
Thanks, surfer, for explaining that.
I had a very similar reply ready for gabbi, but I haven’t been able to bring up p2pnet in over a day to post it (or release the comments).
April 21st, 2011 at 1:59 pm
All I can add is, if you guys are going to use utilities like a peer blocker or a script blocker, you need to get a good understanding of the results they show.
Geez, I still see people going right over the top about every little alert from their antivirus programs or their firewalls. Taking a little time to know how to interpret these messages properly surely would save a few grey hairs.
April 21st, 2011 at 4:21 pm
i’m partially wrong – my mistake about page searches
http://www.scroogle.org explains it in somewhat good detail on their main page
da:
google-analytics script IS in p2pnet pages, no doubt about it
i took a much closer look and google still does a google-analytics.com dig though, and records results on their servers
the amount of info it grabs right off each users box by p2pnet’s google-analytics script is actually pretty extensive, firewalls or not
it even grabs a good chunk of https and ssl traffic
i’d be typing for few days about all it’s [google-analytics, ga.js and rest of script] functions, and that wouldn’t be all due to google’s related code on their servers
best to block it via some kind of script blocker or your local hosts file, browsing speed increases by 30 to 75% with it blocked
April 21st, 2011 at 7:40 pm
@gabbi:
Rather than argue with ya, I’ll just tell ya this…
Google can’t (easily) track me. I’ve had Analytics and a few of their other “services” barred from ever connecting to me for quite some time. I don’t use their DNS service, or anything else that will give them any “implied permission” to start following me.
Anything you’ve done in the last few years that has allowed Google to get a “fix” on you will have already gotten you in their database, and they don’t give 2 shits if you’ve never given them permission for any of it. Once you’re on their radar, all sorts of connections to and from your machine will be attempted at various times, during every online action you initiate. At that point, it’s difficult to even determine if they’re independent connections, or facilitated by a website being visited.
Script is often indeterminate. WordPress may run a few of them for their own purposes (such as those that calculate raw traffic statistics, as surfer mentioned), but they wouldn’t be running something like Analytics as a component of WordPress-generated websites. That could even depreciate their own business model.
I have the very same “problem” as Jon has with Google, in that, I haven’t trusted any part of their agenda for a long time. Neither Jon nor I would ever qualify for the “Google Fanbois” label, that’s for sure. And, Jon simply would not knowingly allow any Google scripts to emulate through his site.
That’s not to say Google’s tentacles aren’t already probing every f’n connection without consent. We all know, they’re not above that one anyway.
April 22nd, 2011 at 4:56 am
pssst – hey DA:
this is not about you and me, or a pissing contest, this is about facts and what is
we are here to discuss protection of users and how to defeat powers that be – ok?
i’m happy you know how to protect yourself and hope you keep on doing it
as for me: i’ve been a hobby programmer since start of unix, cp/m, basic, pascal and rest of them. from projects i worked on most are still my friends – no need to tell me how to protect myself – i know of tech that you and most can only dream of
anyone not using triple layer encryption for their browsing and internet activities is being tracked, probed and recorded – why do you think i keep my comments dumbed down at teen level?
example; do you know that one can use regular house power outlets to access any company that’s connected on that line, access their fiber and be totally anonymous for up to a week?
do you know one can convert a microwave oven to be a wifi AP and receiver for up to 800 MBps with range of 200 km?
you know that there’s an OS out there that uses 10 bit code instead of 8 bit? 1 of those extra bits is for encryption – it runs parallel to internet and no-one can detect it unless they using same OS
this is only a small part of what is – and i know ppl who are way beyond me, i just don’t have the brains anymore to comprehend what they are up to, can’t keep up with them
in all seriousness there’s a war being waged against humanity by powers that be -that want to keep power over sheeple- that’s way beyond sharing MP3′s, movies and such – it’s an info war over patents, ideas, knowledge and what powers that be have hidden from public for last 7,000 yrs
April 22nd, 2011 at 12:07 pm
@gabbi:
(I honestly don’t know where you’re getting the “pissing contest” thing.)
The whole point of my last entry was to show you how difficult it is to assess something like the Analytics question, when you’re not seeing it yourself. It also reinforces what surfer said in the original post on this page – blocking Analytics at the ground level is definitely doing yourself a big favour.
Staying on that topic, it is the reason I suspect Google is attaching the script itself, and it’s only seen by those who are already on their radar. Truthfully, I don’t know, but I’ll give you this…
I’ve got a pretty good arsenal of protection, monitoring and tracing tools. I’ve used 3 browsers, while watching everything from NoScript in Firefox, to my computer’s front line connections. At the firewall level, I see Analytics trying to get in when I visit practically every site – except p2pnet. And my NoScript shows only quantserve. Perhaps it’s because I’m not totally on Google’s radar that I don’t see what others are obviously seeing? (Does Google “give up” on you in cases like mine, until you open another avenue and drop your guard?)
Because I don’t ultimately know what Quantserve is, I’m currently trying to find out if it’s a 3rd party, or simply a server application being used by WordPress.
As for the “war against humanity” you describe, you’re preaching to the choir on that one. I’ve been following that war for some time.
April 23rd, 2011 at 7:03 pm
guys install google sharing = problem solved
April 24th, 2011 at 3:28 am
“…install google sharing …”
The plug-in is certainly a good idea, however, it still has too many bugs in it as of yet. Should they clean that up, you’ve got something useful.