Online privacy concerns (and what we can do about it)

1. June 20, 2013Online PrivacyConcernsPhil Cryer(and what we can do about it)

2. Phil Cryer

3. better known online as...@fak3rPhil Cryer

4. better known online as...@fak3rPhil CryerOpen Source Technologist

5. better known online as...@fak3rPhil CryerOpen Source TechnologistInfosec Speaker+Researcher

6. better known online as...@fak3rPhil CryerOpen Source TechnologistInfosec Speaker+ResearcherPrivacy Advocate

7. “With social media,users’ vanity hastrumped previously heldmores concerningprivacy” me, 2011

8. http://urania-josegalisiﬁlho.blogspot.com/2012/06/interview-with-willian-gibson-by-larry.html

9. People’s data on socialnetworks becomespermanently shared.

10. So what will companiesdo to monetize all of thisdata they collect?

11. Use it to better targetyou with ads, of course.

12. To you, your socialprofile

13. To you, your socialprofile =

14. To you, your socialprofile = data

15. To you, your socialprofile = your data

16. But to the social mediacompanies

17. But to the social mediacompanies your data

18. But to the social mediacompanies your data =

19. https://christian3200.ﬁles.wordpress.com/2011/04/moneyyyyy.jpg

20. http://cheezburger.com/View/2362193664

21. So, how much shouldpeople worry about theloss of online privacy?

22. http://online.wsj.com/article/SB10001424052970204190704577024262567105738.htmlDanah Boyd “People want to share. But thatsdifferent than saying that people want to beexposed by others.”Protecting privacy is about making certain that people have theability to make informed decisions about how they engage inpublic. I do not think we’ve done enough.That said, I am opposed to approaches that protect people bydisempowering them. I want to see approaches that forcepowerful entities to be transparent about their data practices.And I want to see approaches that put restrictions on how datacan be used to harm people.

23. http://online.wsj.com/article/SB10001424052970204190704577024262567105738.htmlChris Soghoian “...we now regularly trade ourmost private information for access to social-networking sites and free content”The dirty secret of the Web is that the free content and servicesthat consumers enjoy come with a hidden price: their ownprivate data.Many of the major online advertising companies are notinterested in the data that we knowingly and willingly share.Instead, these parasitic firms covertly track our web-browsingactivities, search behavior and geolocation information. Oncecollected, this mountain of data is analyzed to build digitaldossiers on millions of consumers, in some cases identifying usby name, gender, age as well as the medical conditions andpolitical issues we have researched online.

24. http://www.adweek.com/news/advertising-branding/whose-life-it-anyway-137537Whose Life Is It Anyway? Consumers are learningtheir data is a kind of currency.

25. http://www.adweek.com/news/advertising-branding/whose-life-it-anyway-137537Whose Life Is It Anyway? Consumers are learningtheir data is a kind of currency.Each year, companies in the U.S. spend more than $2 billion onthird-party consumer data, according to Forrester Research.[...] growing at such a fast clip that the World Economic Forumand other futurists have called personal data the “new oil.”

26. Companies’ ‘free’ services comeat the cost of your privacy

27. Could your privacy bebought from you?

28. http://www.forbes.com/sites/kashmirhill/2012/02/09/your-online-privacy-is-worth-less-than-a-six-pack-of-marshmallow-ﬂuff

29. http://www.forbes.com/sites/kashmirhill/2012/02/09/your-online-privacy-is-worth-less-than-a-six-pack-of-marshmallow-ﬂuffGoogle [...] wants “panelists” for a program called Screenwisewho will add a browser extension in Chrome “that will sharewith Google the sites you visit and how you use them” —information that Google will study in order to improve itsproducts and services.

30. http://www.forbes.com/sites/kashmirhill/2012/02/09/your-online-privacy-is-worth-less-than-a-six-pack-of-marshmallow-ﬂuffWhat’s in it for you? Up to $25 in gift cards. [..] a $5 Amazon.comGift Card code instantly when you sign up and download theGoogle Screenwise browser extension. [...] $5 Amazon.com GiftCard codes every three months for staying with it. It’s our wayof saying “Thank you”

31. http://www.forbes.com/sites/kashmirhill/2012/02/09/your-online-privacy-is-worth-less-than-a-six-pack-of-marshmallow-ﬂuff$25 USD per year

32. “New research finds people fork over $5,000 worth of personalinformation a year to Google in exchange for access to its “freeservices” such as Gmail and search. While many view this as a fairtrade, privacy experts say the Internet giant’s latest plan to pooluser data from its various sites make it less so”http://blogs.smartmoney.com/advice/2012/01/25/who-would-pay-5000-to-use-google-you

33. If you’re not paying for theproduct, you are the product

34. • 1.1 billion monthly active users• 751 million daily active users of mobileproducts• More than 65% login daily (655 million)• Average user has 130 friendshttp://newsroom.fb.com/content/default.aspx?NewsAreaId=22

35. • More than 70 languages available on the site• Over 300,000 users helped translate the sitethrough the translations application• 79% of users are outside of the US/Canadahttp://newsroom.fb.com/content/default.aspx?NewsAreaId=22

36. $ _curl -s http://graph.facebook.com/4 | python -mjson.tool{"first_name": "Mark","gender": "male","id": "4","last_name": "Zuckerberg","link": "http://www.facebook.com/zuck","locale": "en_US","name": "Mark Zuckerberg","username": "zuck"}http://graph.facebook.com/4

37. http://graph.facebook.com/4

38. $ curl -s http://graph.facebook.com/4 | python -mjson.tool{"first_name": "Mark","gender": "male","id": "4","last_name": "Zuckerberg","link": "http://www.facebook.com/zuck","locale": "en_US","name": "Mark Zuckerberg","username": "zuck"}http://graph.facebook.com/4

39. Mark Zuckerberg starts Facebook at 19 while stillat Harvard, but early messages don’t show a stronginterest in privacy...

40. An early instant message session with a friend...Zuck: Yeah so if you ever need info about anyone at HarvardZuck: Just ask.Zuck: I have over 4,000 emails, pictures, addresses, SNS[Name Redacted]: What? How’d you manage that one?Zuck: People just submitted it.Zuck: I don’t know why.Zuck: They “trust me”Zuck: Dumb f***shttp://articles.businessinsider.com/2010-09-13/tech/30033368_1_ims-mark-zuckerberg-facebook-ceohttps://en.wikiquote.org/wiki/Mark_Zuckerberg

41. http://www.guardian.co.uk/technology/2010/jan/11/facebook-privacyPrivacy no longer a social norm, says Facebookfounder“People have really gottencomfortable not onlysharing moreinformation ... with morepeople,” he said. “Thatsocial norm is justsomething that hasevolved over time.”

42. https://www.nytimes.com/interactive/2010/05/12/business/facebook-privacy.htmlFacebook Privacy: A bewildering Tangle ofOptions“To manage your privacy on Facebook, you will need tonavigate through 50 settings with more than 170 options.Facebook says it wants to offer precise controls for sharingon the Internet.”

43. https://www.nytimes.com/interactive/2010/05/12/business/facebook-privacy.html

44. https://www.nytimes.com/interactive/2010/05/12/business/facebook-privacy.html

45. http://facebook.com

46. http://online.wsj.com/article/SB10001424052970204190704577024262567105738.htmlChris Soghoian “Facebook’s covert surveillanceof your browsing activities on non-Facebookwebsites...”Although consumers knowingly share information viaFacebook, the privacy issues associated with that company arenot related to the way consumers use it, but rather the otherthings the company does.These include the tricks the company has pulled to expose users’private data to third-party app developers, the changingprivacy defaults for profile data, as well as Facebook’s covertsurveillance of your browsing activities on non-Facebookwebsites, as long as a “Like” button is present (even if you don’tclick on it).

47. Facebook has cut a deal with political website Politico that allows theindependent site machine-access to Facebook users messages, both public andprivate, when a Republican Presidential candidate is mentioned by name. Thedata is being collected and analyzed for sentiment by Facebook’s data team, thendelivered to Politico to serve as the basis of data-driven political analysis andjournalism.The move is being widely condemned in the press as a violation of privacy but ifFacebook would do this right, it could be a huge win for everyone. Facebook couldbe the biggest, most dynamic census of human opinion and interaction inhistory. Unfortunately, failure to talk prominently about privacy protections,failure to make this opt-in (or even opt out!) and the inclusion of privatemessages are all things that put at risk any remaining shreds of trust inFacebook that could have served as the foundation of a new era of social self-awareness.https://www.readwriteweb.com/archives/why_facebooks_data_sharing_matters.php

48. https://www.readwriteweb.com/archives/why_facebooks_data_sharing_matters.phpFacebook has cut a deal with political website Politico that allows theindependent site machine-access to Facebook users messages, both public andprivate, when a Republican Presidential candidate is mentioned by name. Thedata is being collected and analyzed for sentiment by Facebook’s data team, thendelivered to Politico to serve as the basis of data-driven political analysis andjournalism.The move is being widely condemned in the press as a violation of privacy but ifFacebook would do this right, it could be a huge win for everyone. Facebook couldbe the biggest, most dynamic census of human opinion and interaction inhistory. Unfortunately, failure to talk prominently about privacy protections,failure to make this opt-in (or even opt out!) and the inclusion of privatemessages are all things that put at risk any remaining shreds of trust inFacebook that could have served as the foundation of a new era of social self-awareness.

49. https://www.readwriteweb.com/archives/why_facebooks_data_sharing_matters.phpFacebook has cut a deal with political website Politico that allows theindependent site machine-access to Facebook users messages, both public andprivate, when a Republican Presidential candidate is mentioned by name. Thedata is being collected and analyzed for sentiment by Facebook’s data team, thendelivered to Politico to serve as the basis of data-driven political analysis andjournalism.The move is being widely condemned in the press as a violation of privacy but ifFacebook would do this right, it could be a huge win for everyone. Facebook couldbe the biggest, most dynamic census of human opinion and interaction inhistory. Unfortunately, failure to talk prominently about privacy protections,failure to make this opt-in (or even opt out!) and the inclusion of privatemessages are all things that put at risk any remaining shreds of trust inFacebook that could have served as the foundation of a new era of social self-awareness.

50. https://www.facebook.com/about/ads

51. Leaked Details of How Facebook Plans ToSell Your Timeline to AdvertisersWhat most users don’t know is that the new features being introduced are all centered aroundincreasing the value of Facebook to advertisers, to the point where Facebook representatives havebeen selling the idea that Timeline is actually about re-conceptualizing users around theirconsumer preferences, or as they put it, “brands are now an essential part of people’s identities.”Disguising ads as your friends’ updates is being offered up as an antidote to the dismal click-through rates for traditional web advertising. Sponsored stories in your feed and sidebar adsbased on your friends’ likes will become ubiquitous. Indeed in marketing materials, Facebook saysthese new premium ads are 90 percent accurate, compared to the industry average of 35 percent.“When people hear about you [the brand] from friends, they listen.”http://www.betabeat.com/2011/12/23/exclusive-leaked-details-of-how-facebook-plans-to-sell-your-timeline-to-advertisers

52. http://www.betabeat.com/2011/12/23/exclusive-leaked-details-of-how-facebook-plans-to-sell-your-timeline-to-advertisersLeaked Details of How Facebook Plans ToSell Your Timeline to AdvertisersWhat most users don’t know is that the new features being introduced are all centered aroundincreasing the value of Facebook to advertisers, to the point where Facebook representatives havebeen selling the idea that Timeline is actually about re-conceptualizing users around theirconsumer preferences, or as they put it, “brands are now an essential part of people’s identities.”Disguising ads as your friends’ updates is being offered up as an antidote to the dismal click-through rates for traditional web advertising. Sponsored stories in your feed and sidebar adsbased on your friends’ likes will become ubiquitous. Indeed in marketing materials, Facebook saysthese new premium ads are 90 percent accurate, compared to the industry average of 35 percent.“When people hear about you [the brand] from friends, they listen.”

53. http://www.betabeat.com/2011/12/23/exclusive-leaked-details-of-how-facebook-plans-to-sell-your-timeline-to-advertisersLeaked Details of How Facebook Plans ToSell Your Timeline to AdvertisersWhat most users don’t know is that the new features being introduced are all centered aroundincreasing the value of Facebook to advertisers, to the point where Facebook representatives havebeen selling the idea that Timeline is actually about re-conceptualizing users around theirconsumer preferences, or as they put it, “brands are now an essential part of people’s identities.”Disguising ads as your friends’ updates is being offered up as an antidote to the dismal click-through rates for traditional web advertising. Sponsored stories in your feed and sidebar adsbased on your friends’ likes will become ubiquitous. Indeed in marketing materials, Facebook saysthese new premium ads are 90 percent accurate, compared to the industry average of 35 percent.“When people hear about you [the brand] from friends, they listen.”

54. Timeline Is mandatory for allFacebook usersWith No Opt-OutOption

55. Timeline Is mandatory for allFacebook users With No Opt-OutOption

56. http://business.ﬁnancialpost.com/2011/11/29/facebook-settles-privacy-case-wtih-ftcFacebook settlesprivacy case with theFederal TradeCommission

57. http://business.ﬁnancialpost.com/2011/11/29/facebook-settles-privacy-case-wtih-ftcFacebook settlesprivacy case with theFederal TradeCommissionFacebook has agreed to settle an investigation by the Federal TradeCommission into deceptive privacy practices, committing to ceasemaking false claims and to submit to independent audits for 20 years.The FTC said the world’s largest Internet social network had beenrepeatedly deceptive. For example, Facebook promised users that itwould not share personal information with advertisers, but it did, theagency said.Also, the company failed to warn users that it was changing itswebsite in December 2009 so that certain information that usersdesignated as private, such as their “Friends List,” would be madepublic, the FTC said.“Facebook’s innovation does not have to come at the expense ofconsumer privacy,” FTC Chairman Jon Leibowitz said in a statement.

58. http://business.ﬁnancialpost.com/2011/11/29/facebook-settles-privacy-case-wtih-ftcFacebook settlesprivacy case with theFederal TradeCommissionFacebook has agreed to settle an investigation by the Federal TradeCommission into deceptive privacy practices, committing to ceasemaking false claims and to submit to independent audits for 20 years.The FTC said the world’s largest Internet social network had beenrepeatedly deceptive. For example, Facebook promised users that itwould not share personal information with advertisers, but it did, theagency said.Also, the company failed to warn users that it was changing itswebsite in December 2009 so that certain information that usersdesignated as private, such as their “Friends List,” would be madepublic, the FTC said.“Facebook’s innovation does not have to come at the expense ofconsumer privacy,” FTC Chairman Jon Leibowitz said in a statement.

59. http://venturebeat.com/2011/11/28/facebook-advertising-euFacebook’s businessmodel came under firein the EU

60. http://venturebeat.com/2011/11/28/facebook-advertising-euFacebook’s businessmodel is under fire inthe EUhttp://www.telegraph.co.uk/technology/facebook/8917836/Facebook-faces-EU-curbs-on-selling-users-interests-to-advertisers.htmlThe EU is considering a ban on Facebook’s practice of sellingdemographic data to marketers and advertisers without specificpermission from users.Now, however, the EC is planning to ban such activity unless usersthemselves specifically agree to it. The EU’s data protection workinggroup is currently investigating how Facebook tracks users, storesdata and uses that information to serve targeted ads.[...] The European Commission is planning to stop the way the website"eavesdrops" on its users to gather information about their politicalopinions, sexuality, religious beliefs – and even their whereabouts.Viviane Reding, the vice president of European Commission, said theDirective would amend current European data protection laws in thelight of technological advances and ensure consistency in howoffending firms are dealt with across the EU.

61. http://venturebeat.com/2011/11/28/facebook-advertising-euFacebook’s entirebusiness model is underfire in the EUhttp://www.telegraph.co.uk/technology/facebook/8917836/Facebook-faces-EU-curbs-on-selling-users-interests-to-advertisers.htmlThe EU is considering a ban on Facebook’s practice of sellingdemographic data to marketers and advertisers without specificpermission from users.Now, however, the EC is planning to ban such activity unless usersthemselves specifically agree to it. The EU’s data protection workinggroup is currently investigating how Facebook tracks users, storesdata and uses that information to serve targeted ads.[...] The European Commission is planning to stop the way the website"eavesdrops" on its users to gather information about their politicalopinions, sexuality, religious beliefs – and even their whereabouts.Viviane Reding, the vice president of European Commission, said theDirective would amend current European data protection laws in thelight of technological advances and ensure consistency in howoffending firms are dealt with across the EU.

62. http://www.zdnet.com/facebook-threatened-by-german-consumer-group-over-app-center-privacy-info-7000003309/Facebook threatened byGerman consumergroup over App Centerprivacy info

63. http://www.zdnet.com/facebook-threatened-by-german-consumer-group-over-app-center-privacy-info-7000003309/Facebook threatened byGerman consumergroup over App Centerprivacy infoThe problem, according to the consumer protection group, is in the"non-exhaustive" information that the App Center shows in small greywriting before the user chooses to click "play game", "send to mobile"or "visit website".[The Verbraucherzentrale Bundesverband] VZBV said on Monday thatFacebook was breaking European data protection law by not explicitlyinviting the user to give their consent.

64. http://techcrunch.com/2012/08/25/5-design-tricks-facebook-uses-to-affect-your-privacy-decisions/

69. design choices are intended tomake you part with yourpersonal informationhttp://techcrunch.com/2012/08/25/5-design-tricks-facebook-uses-to-affect-your-privacy-decisions/

70. http://techcrunch.com/2009/11/05/google-gives-you-a-privacy-dashboard-to-show-just-how-much-it-knows-about-you

71. http://techcrunch.com/2009/11/05/google-gives-you-a-privacy-dashboard-to-show-just-how-much-it-knows-about-youGoogle gives you a privacy dashboard to show justhow much it knows about you

72. https://proﬁles.google.com“Your profile is the way you present yourself onGoogle products and across the web. With yourprofile, you can manage the information thatpeople see - such as your bio, contact details,and links to other sites about you or created byyou.”

73. http://www.washingtonpost.com/business/technology/google-tracks-consumers-across-products-users-cant-opt-out/2012/01/24/gIQArgJHOQ_story.htmlGoogle changes privacy across all products“Google said [...] it willrequire users to allow thecompany to follow theiractivities across e-mail,search ... and otherservices, a radical shift instrategy that is expectedto invite greater scrutinyof its privacy andcompetitive practices.”

74. Google’s new policy replacesmore than 60 existingproduct-specific privacydocuments for servicesincluding Gmail, YouTube andGoogle Docs (plus Picassa,Blogger, Google Talk, GoogleEarth, etc.)Google says the unified termswill provide better searchresults and serve up ads thatare more likely to be ofinterest.http://www.scientiﬁcamerican.com/article.cfm?id=how-googles-new-privacy-p

75. http://blogs.smartmoney.com/advice/2012/01/25/who-would-pay-5000-to-use-google-you“...[Google] said it may combine the information users submit under their email accounts withinformation from other Google services or third parties. What people do and share on the socialnetworking site Google+, Gmail and YouTube will be combined to create a more three-dimensionalpicture of consumers’ likes and dislikes, according to reports. Google did not return calls seekingcomment.”

76. “If Google received a warrant to disclosedocuments, and your business and personal docsare intermingled — that’s a problem,” he said.“Some would like to say, “No, thank you” andkeep their accounts separate.”“Google should make it easy for people to set upand manage separate accounts if they wish to doso,” Kurt Opsahl, senior staff attorney for theElectronic Frontier Foundation.http://www.scientiﬁcamerican.com/article.cfm?id=how-googles-new-privacy-p

77. http://motherjones.com/kevin-drum/2012/01/end-privacy-googlehttp://www.ﬂickr.com/photos/47691521@N07/4638981545The End of Privacy?If Google can change itsprivacy policy today, itcan change it tomorrow.And it will. [...] This iswhats motivating theirpolicy change this week,and someday its likely tomotivate them to sell mypersonal informationafter all.

78. https://en.wikipedia.org/wiki/All_your_base_are_belong_to_us

79. Google changes privacy policyacross All products With NoOpt-Out Option

80. Google changes privacy policyacross All products With NoOpt-Out Option

81. http://www.ftc.gov/opa/2011/03/google.shtm

82. On the day Buzz was launched, Gmail users got a message announcing the new service andwere given two options: “Sweet! Check out Buzz,” and “Nah, go to my inbox.” However, the FTCcomplaint alleged that some Gmail users who clicked on “Nah...” were nonetheless enrolled incertain features of the Google Buzz social network.For those Gmail users who clicked on “Sweet!,” the FTC alleges that they were not adequatelyinformed that the identity of individuals they emailed most frequently would be made publicby default. Google also offered a “Turn Off Buzz” option that did not fully remove the user fromthe social network.http://www.ftc.gov/opa/2011/03/google.shtm

83. On the day Buzz was launched, Gmail users got a message announcing the new service andwere given two options: “Sweet! Check out Buzz,” and “Nah, go to my inbox.” However, the FTCcomplaint alleged that some Gmail users who clicked on “Nah...” were nonetheless enrolled incertain features of the Google Buzz social network.For those Gmail users who clicked on “Sweet!,” the FTC alleges that they were not adequatelyinformed that the identity of individuals they emailed most frequently would be made publicby default. Google also offered a “Turn Off Buzz” option that did not fully remove the user fromthe social network.http://www.ftc.gov/opa/2011/03/google.shtm

84. In response to the Buzz launch, Google received thousands of complaints from consumers whowere concerned about public disclosure of their email contacts which included, in some cases,ex-spouses, patients, students, employers, or competitors. According to the FTC complaint,Google made certain changes to the Buzz product in response to those complaints.When Google launched Buzz, its privacy policy stated that “When you sign up for a particularservice that requires registration, we ask you to provide personal information. If we use thisinformation in a manner different than the purpose for which it was collected, then we willask for your consent prior to such use.” The FTC complaint charges that Google violated itsprivacy policies by using information provided for Gmail for another purpose - socialnetworking - without obtaining consumers’ permission in advance.http://www.ftc.gov/opa/2011/03/google.shtm

85. In response to the Buzz launch, Google received thousands of complaints from consumers whowere concerned about public disclosure of their email contacts which included, in some cases,ex-spouses, patients, students, employers, or competitors. According to the FTC complaint,Google made certain changes to the Buzz product in response to those complaints.When Google launched Buzz, its privacy policy stated that “When you sign up for a particularservice that requires registration, we ask you to provide personal information. If we use thisinformation in a manner different than the purpose for which it was collected, then we willask for your consent prior to such use.” The FTC complaint charges that Google violated itsprivacy policies by using information provided for Gmail for another purpose - socialnetworking - without obtaining consumers’ permission in advance.http://www.ftc.gov/opa/2011/03/google.shtm

86. https://plus.google.com

87. http://www.zdnet.com/blog/identity/ftc-asked-to-probe-google-search-integration/143

88. http://www.zdnet.com/blog/identity/ftc-asked-to-probe-google-search-integration/143EPIC says a review should take place given an ongoing FTC investigation of possible antitrustviolations related to the way Google compiles search results, as well as, an April 2011 settlementGoogle made with the FTC regarding deceptive privacy practices.EPIC claims the integration of Google+ and Google search, called Search plus Your World, raisesconcerns over fair competition and the search giant’s adherence to the FTC settlement.EPIC said in its letter to the FTC, “Google’s [search] changes make the personal data of users moreaccessible.” The letter was signed by Marc Rotenberg, executive director of EPIC.EPIC’s concerns were over personal data - photos, posts, and contact details - being gathered fromGoogle+ users and included in search results. “Google allows users to opt out of receiving searchresults that include personal data, but users cannot opt out of having their information found bytheir Google+ contacts through Google search,” the letter said.

89. http://www.zdnet.com/blog/identity/ftc-asked-to-probe-google-search-integration/143EPIC says a review should take place given an ongoing FTC investigation of possible antitrustviolations related to the way Google compiles search results, as well as, an April 2011 settlementGoogle made with the FTC regarding deceptive privacy practices.EPIC claims the integration of Google+ and Google search, called Search plus Your World, raisesconcerns over fair competition and the search giant’s adherence to the FTC settlement.EPIC said in its letter to the FTC, “Google’s [search] changes make the personal data of users moreaccessible.” The letter was signed by Marc Rotenberg, executive director of EPIC.EPIC’s concerns were over personal data - photos, posts, and contact details - being gathered fromGoogle+ users and included in search results. “Google allows users to opt out of receiving searchresults that include personal data, but users cannot opt out of having their information found bytheir Google+ contacts through Google search,” the letter said.

90. http://marketingland.com/faq-google-search-plus-your-world-3533Search Plus is combining personal signals — your search andweb history — along with social signals to create a new form ofpersonalized results. It’s not just who you are that nowinfluences what you see. It’s who you know. What your friendslike, share or create can influence what shows up first when yousearch for something.

91. http://www.google.com/privacy/adsGoogle may use your Google account information, such as itemsyou +1 on Google properties and across the web, to personalizecontent and ads on non-Google websites.

92. http://www.macrumors.com/2012/02/17/google-under-ﬁre-for-circumvention-of-cookie-settings-in-safari-for-ios-to-track-usersGoogle Under Fire for Circumvention of CookieSettings in Safari for iOS to Track Users

93. http://webpolicy.org/2012/02/17/safari-trackersSafari’s cookie blocking feature is unique in two ways: its defaultand its substantive policy.Unlike every other browser vendor, Apple enables 3rd partycookie blocking by default. Every iPhone, iPad, iPod Touch, andMac ships with the privacy feature turned on.Apple’s Safari web browser is configured to block third-partycookies by default. We identified four advertising companiesthat unexpectedly place trackable cookies in Safari. Google andVibrant Media intentionally circumvent Safari’s privacy feature.Media Innovation Group and PointRoll serve scripts that appearto be derived from circumvention example code.

94. http://webpolicy.org/2012/02/17/safari-trackersSafari’s cookie blocking feature is unique in two ways: its defaultand its substantive policy.Unlike every other browser vendor, Apple enables 3rd partycookie blocking by default. Every iPhone, iPad, iPod Touch, andMac ships with the privacy feature turned on.Apple’s Safari web browser is configured to block third-partycookies by default. We identified four advertising companiesthat unexpectedly place trackable cookies in Safari. Google andVibrant Media intentionally circumvent Safari’s privacy feature.Media Innovation Group and PointRoll serve scripts that appearto be derived from circumvention example code.

95. Safari’s cookie blocking feature is unique in two ways: its defaultand its substantive policy.Unlike every other browser vendor, Apple enables 3rd partycookie blocking by default. Every iPhone, iPad, iPod Touch, andMac ships with the privacy feature turned on.Apple’s Safari web browser is configured to block third-partycookies by default. We identified four advertising companiesthat unexpectedly place trackable cookies in Safari. Google andVibrant Media intentionally circumvent Safari’s privacy feature.Media Innovation Group and PointRoll serve scripts that appearto be derived from circumvention example code.http://webpolicy.org/2012/02/17/safari-trackershttp://www.macrumors.com/2012/02/17/google-under-ﬁre-for-circumvention-of-cookie-settings-in-safari-for-ios-to-track-users

96. http://webpolicy.org/2012/02/17/safari-trackershttp://www.macrumors.com/2012/02/17/google-under-ﬁre-for-circumvention-of-cookie-settings-in-safari-for-ios-to-track-users+• Google used a loophole to make Safari allowcookies (which it will only do IF a user interactswith an ad)• an ad from DoubleClick (owned by Google) sentan invisible form, so Safari would think the userwas interacting with the ad• thus, cookie accepted, tracking occurred• Google discouraged Safari users to opt-out+

97. https://www.competitionpolicyinternational.com/google-to-settle-safari-suit-for-22-5-million/Google settles Safari suit for $22.5 million

98. Google Publicized User’s privatedata and also worked aroundBrowser security settings

99. https://www.google.com/transparencyreport/governmentrequests/US/?p=2011-06&t=USER_DATA_REQUESTLastly, Google produces a laudable transparency report, but...“Google complies with 93 percent of the 6,000 requests it receives for user data fromlaw enforcement agencies is very different from the approach news organizationswould take to handing over sources.”

100. http://allthingsd.com/20130611/google-wants-permission-to-disclose-how-many-national-security-requests-it-gets/Text

101. http://allthingsd.com/20130611/google-wants-permission-to-disclose-how-many-national-security-requests-it-gets/Text“We therefore ask you to help make it possible for Google to publish in our Transparency Reportaggregate numbers of national security requests, including FISA disclosures—in terms of both thenumber we receive and their scope. Google’s numbers would clearly show that our compliancewith these requests falls far short of the claims being made. Google has nothing to hide”Google Wants Permission to Disclose How Many National SecurityRequests It Gets

102. Google challenges U.S. gag order, citing First Amendmenthttp://www.washingtonpost.com/business/technology/google-challenges-us-gag-order-citing-ﬁrst-amendment/2013/06/18/96835c72-d832-11e2-a9f2-42ee3912ae0e_story.htmlText“Google asked the secretive Foreign Intelligence Surveillance Court on Tuesday to ease long-standing gag orders over data requests the court makes, arguing that the company has aconstitutional right to speak about information it is forced to give the government. [...] A high-profile legal showdown might help Google’s efforts to portray itself as aggressively resistinggovernment surveillance, and a victory could bolster the company’s campaign to portraygovernment surveillance requests as targeted narrowly and affecting only a small number ofusers”

103. “...all these concerns about privacytend to be old people issues.” ReidHoffman, the founder of LinkedIn, ina segment during last year’s WorldEconomic Forum at Davos,Switzerlandhttp://www.businessinsider.com/privacy-is-for-old-people-says-linkedin-founder-2011-10

104. http://www.businessinsider.com/privacy-is-for-old-people-says-linkedin-founder-2011-10

105. http://fak3r.com/2011/10/12/linkedin-is-spamming-all-of-my-gmail-contacts

106. http://fak3r.com/2011/10/12/linkedin-is-spamming-all-of-my-gmail-contacts• people I didn’t know well personally• people that I work with from other countriesthat aren’t on LinkedIn• technical mailing lists that I subscribe to• myself, four times• and in one case, a deceased relative

107. http://fak3r.com/2011/10/12/linkedin-is-spamming-all-of-my-gmail-contacts

108. http://fak3r.com/2011/10/12/linkedin-is-spamming-all-of-my-gmail-contacts• so yes, I did opt-in• but they didn’t use the data in the manner Iapproved• plus support didn’t provide any help

109. ...and let’s not forgetabout file sharing

110. http://www.dropbox.com

111. http://paranoia.dubﬁre.net/2011/04/how-dropbox-sacriﬁces-user-privacy-for.htmlHow Dropbox sacrifices user privacy for costsavings• claimed no Dropbox personal could access your files• but the way they do de-duplication of files proved thiswasn’t true• Dropbox has the encryption keys, not the user• other services do encrypt their users data with a keyonly known to the user

112. http://paranoia.dubﬁre.net/2011/04/how-dropbox-sacriﬁces-user-privacy-for.htmlHow Dropbox sacrifices user privacy for costsavingsOn April 1, 2011, Marcia Hofmann at theElectronic Frontier Foundation contactedDropbox to let them know about the flaw, andthat a researcher would be publishing theinformation on April 12th.At 6:15PM west coast time on April 11th, anattorney from Fenwick & West retained byDropbox left Marcia a voicemail message, inwhich he reveled that: "the company is updatingtheir privacy policy and security overview thatis on the website to add further detail."

113. http://www.dropbox.comDropbox Privacy Policy change“All files stored on Dropbox servers areencrypted (AES 256) and are inaccessiblewithout your account password.”

114. http://www.dropbox.comDropbox Privacy Policy change“All files stored on Dropbox servers areencrypted (AES 256) and are inaccessiblewithout your account password.”

115. http://getcloudapp.com

116. http://getcloudapp.com“CloudApp allows you to share images, links, music, videos andfiles. Here is how it works: choose a file, drag it to the menubarand let us take care of the rest. We provide you with a short linkautomatically copied to your clipboard that you can use to shareyour upload with co-workers and friends.”

117. http://getcloudapp.comUnfortunately the weak entropy of charactersused for their shortened URLs leads to (very) lowprivacy

118. http://getcloudapp.com/[0-9][a-zA-Z][a-zA-Z0-9][a-zA-Z]

119. http://cl.ly/2a3ehttp://getcloudapp.com

120. http://getcloudapp.comhttp://cl.ly/2a3e

121. http://cl.ly/3l1khttp://getcloudapp.com

122. http://getcloudapp.comhttp://cl.ly/3l1k

123. http://cl.ly/4g8dhttp://getcloudapp.com

124. http://getcloudapp.comhttp://cl.ly/4ety

125. http://cl.ly/4etyhttp://getcloudapp.com

126. http://getcloudapp.comhttp://cl.ly/4g8d

127. http://getcloudapp.comThis is fun...until you find personal documents

128. http://getcloudapp.comI wrote a script that can randomly downloadgigabytes of users’ data, by guessing, or “bruteforcing” different URL combinations

129. http://getcloudapp.com• plenty of pictures, mp3s, graphics• credit card receipts, court documents, W9forms, personal emails, Facebook posts,instant messages, passport scans• ...and everything was unencrypted

130. http://getcloudapp.comPeople don’t know they’re sharing this data.Responsible Disclosure: I reported my findings toCloudApp, they said they have a notice on theirsite that it may not be secure... but they still allowthis kind of convenient ‘sharing’

131. http://getcloudapp.comI have released the script to demonstrate thisvulnerability.https://github.com/philcryer/ca-harvester

132. Companies are not going to lookout for, or protect, your data

133. How else could all of thissocial media data be used?

134. To fight crime

135. http://www.forbes.com/sites/kashmirhill/2012/01/17/facebook-unmasks-koobface-gang-aided-by-their-foursquare-check-ins-and-social-networking-photosFacebook Unmasks Koobface Gang (P2P botnets)Aided By Their Foursquare Check-ins And SocialNetworking Photos

136. http://www.forbes.com/sites/kashmirhill/2012/01/17/facebook-unmasks-koobface-gang-aided-by-their-foursquare-check-ins-and-social-networking-photos“...security researchers and members of the Facebook securityteam tracked digital breadcrumbs to expose the five menresponsible for Koobface [...] they tracked them down basedon IP fingerprints, Foursquare check-ins, Twitter activity,friend lists on a Russian social networking site, Flickr photosshowing the gang vacationing across Europe.”Facebook Unmasks Koobface Gang (P2P botnets)Aided By Their Foursquare Check-ins And SocialNetworking Photos

137. For good, humanitarianpurposes

138. http://chronicle.com/blogs/percolator/twitter-tracks-cholera-outbreaks-faster-than-health-authorities/28205Twitter Tracks Cholera OutbreaksFaster Than Health AuthoritiesNow researchers have shown that, forthe 2010 cholera epidemic in Haiti,social media like Twitter can trackoutbreaks as much as two weekssooner than official health reports,especially when used by people withmobile phones.

139. For nefarious purposes

140. https://xkcd.comhttp://sylviamoessinger.wordpress.com/2011/05/04/h807-online-privacy-an-illusion-a10-1

141. http://www.spokeo.comSpokeo is a people search engine“...organizes vast quantities of white-pages listings, social information, and otherpeople-related data from a large variety of public sources. Our mission is to helppeople find and connect with others, more easily than ever”

142. http://www.spokeo.com“Not just Name, Age, Sex, but they also include Race, Politics, Religion, Cost of yourhome, Occupation, Education level, Salary, Hobbies... even your Zodaic sign” (?)Spokeo is a people search engine

143. http://cheezburger.com

144. Understand why privacymatters

145. https://spideroak.comhttp://zeroknowledgeprivacy.org/library/why-privacy-matters/

146. Communication Security; Riseups primer onsurveillance and security. Why security mattershttps://help.riseup.net/en/security• Because network surveillance is so pervasive, it is a socialproblem that affects everyone all the time. In contrast, deviceand message security are important for people who are beingindividually targeted by repressive authorities.• Improving your network security is fairly easy, in comparisonto device or message security.

147. The Right to Anonymity is a Matter of Privacyhttps://www.eff.org/deeplinks/2012/01/right-anonymity-matter-privacy• Privacy from employers• Privacy from the political scene• Privacy from the public eye• Achieving anonymity online is a right

148. http://www.theﬁlterbubble.comThe Filter Bubble"Internet firms increasinglyshow us less of the wide world,locating us in the neighborhoodof the familiar. The risk, as EliPariser shows, is that each of usmay unwittingly come to inhabita ghetto of one."http://bit.ly/filter-bubble

149. http://www.wired.com/opinion/2013/06/why-i-have-nothing-to-hide-is-the-wrong-way-to-think-about-surveillance/“If everyone’s every action were being monitored,and everyone technically violates some obscurelaw at some time, then punishment becomes purelyselective. Those in power will essentially have whatthey need to punish anyone they’d like, wheneverthey choose, as if there were no rules at all.We’re not dealing with a balanceof forces looking for the perfectcompromise between security andprivacy, but an enormous steamroller”Why ‘I Have Nothing to Hide’ Is the Wrong Way to Think AboutSurveillance

150. Understand that privatebrowsing isn’t private

151. http://donottrackplus.com/learn/pbrowsing.php

152. Know what you are sharing

153. Do Not Track Plushttps://www.ghostery.comhttp://donottrack.ushttp://donottrackplus.comBlock trackers before they get your information– social sites, ad networks, companies,(governments?)

154. https://addons.mozilla.org/en-US/ﬁrefox/addon/ﬂashblockBlocks ads, flash and javascript trackershttp://adblockplus.orghttp://noscript.net

155. Opt-out of sharing

156. Via browser pluginshttp://google.com/settings/ads/onweb

157. http://www.google.com/ads/preferences/plugin/browsers.htmlOr opt-out manuallyhttp://bit.ly/optout

158. Remove Your Google SearchHistory

159. https://www.eff.org/deeplinks/2012/02/how-remove-your-google-search-history-googles-new-privacy-policy-takes-effect1 Sign into your Google account

160. https://www.eff.org/deeplinks/2012/02/how-remove-your-google-search-history-googles-new-privacy-policy-takes-effect2 Go to https://google.com/history

161. https://www.eff.org/deeplinks/2012/02/how-remove-your-google-search-history-googles-new-privacy-policy-takes-effect3 Click "remove all Web History"

162. https://www.eff.org/deeplinks/2012/02/how-remove-your-google-search-history-googles-new-privacy-policy-takes-effect4 Click "OK"

163. https://www.eff.org/deeplinks/2012/02/how-remove-your-google-search-history-googles-new-privacy-policy-takes-effectThis pauses web history, and it will remain offuntil you enable it again, but this won’t stopGoogle’s other tracking methods

164. https://www.eff.org/deeplinks/2012/02/how-remove-your-google-search-history-googles-new-privacy-policy-takes-effectOops, my history was saved back a few years :)

165. Don’t share Too Much

166. http://www.npr.org/blogs/thetwo-way/2013/06/17/192646711/cringe-miss-utah-fumbles-on-income-inequality-question?utm_source=npr&utm_medium=facebook&utm_campaign=20130617http://www.npr.org/blogs/thetwo-way/2013/06/17/192646711/cringe-miss-utah-fumbles-on-income-inequality-question?utm_source=npr&utm_medium=facebook&utm_campaign=20130617

167. http://www.theonion.com/video/nation-demands-new-photograph-of-edward-snowden,32831/?utm_source=Facebook&utm_medium=SocialMarketing&utm_campaign=standard-post:other:default?utm_source=Facebook&utm_medium=SocialMarketing&utm_campaign=standard-post:other:defaulthttp://www.theonion.com/video/nation-demands-new-photograph-of-edward-snowden,32831/

168. http://www.politico.com/story/2013/06/nsa-keith-alexander-cyber-shield-92880.html#.Ub9NiDLHxwA.twitter#.Ub9NiDLHxwA.twitterhttp://www.politico.com/story/2013/06/nsa-keith-alexander-cyber-shield-92880.html

169. Browse securely

170. http://alexmillers.wordpress.com/2011/05/11/https-is-your-friendHTTPS is your friend

171. HTTPS for the entiresession. Why?

172. Session hijacking akasidejackinghttps://en.wikipedia.org/wiki/Session_hijacking

173. You login with https butthen drops you to httphttps://en.wikipedia.org/wiki/Session_hijacking

174. http://codebutler.com/ﬁresheepFiresheep

175. “HTTPS Everywhere is an extension for Firefox and GoogleChrome, created by EFF and the Tor Project. It automaticallyswitches thousands of sites from insecure "http" to secure"https". It will protect you against many forms ofsurveillance and account hijacking, and *some* forms ofcensorship”https://www.eff.org/https-everywhere

176. Encrypt your DNS queries

177. http://dnscrypt.org/“A tool for securing communicationsbetween a client and a DNS resolver[...] significant because it encrypts allDNS traffic between Internet usersand OpenDNS*. This [...] thwartsefforts by attackers, MiTM, or evenInternet Service Providers (ISPs),from spying on DNS activity, orworse, maliciously redirecting DNStraffic“* can be used with any DNS provider, not just OpenDNSDNSCrypt

178. Use Better passwords

179. Use more passwords

180. http://www.slashgear.com/slashgear-101-basic-password-security-16209438SlashGear 101: BasicPassword Security“The simplest way to keep yourself secure on the internet is touse different passwords on each ‘secure’ site you interact with.”

181. http://money.cnn.com/2012/01/16/technology/zappos_hack/index.htmZappos hacked, 24million accounts

182. http://money.cnn.com/2012/01/16/technology/zappos_hack/index.htmZappos users here are the subject matter simply because it’s themost recent attack, but it’s true for whatever set of services youuse on the daily. If you’ve got an eBay account, an account foryour online bank account, and an account for Zappos, youneed, need, NEED to have a different password for each ofthem. What you do when you keep the same password for eachof these sites is to open yourself up to a MUCH wider array ofhackers than if you change your password for each.Zappos hacked, 24million accounts

183. Forget your passwords

184. NOT

185. Did You Forget Your Password?

186. http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all/Mat Honan

187. http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all/“In the space of one hour, my entire digitallife was destroyed. First my Google accountwas taken over, then deleted. Next myTwitter account was compromised, and usedas a platform to broadcast racist andhomophobic messages. And worst of all, myAppleID account was broken into, and myhackers used it to remotely erase all of thedata on my iPhone, iPad, and MacBook.”

188. http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all/“In the space of one hour, my entire digitallife was destroyed. First my Google accountwas taken over, then deleted. Next myTwitter account was compromised, and usedas a platform to broadcast racist andhomophobic messages. And worst of all, myAppleID account was broken into, and myhackers used it to remotely erase all of thedata on my iPhone, iPad, and MacBook.”

189. Forget your passwords

190. https://lastpass.com

191. https://lastpass.com

192. 9Z!de*NM2y7%yZwtwZx7CC@utHyVD@5KcP$arcQTkt2Fhntu#8cET!pDqDXq9HcV

193. Not a perfect method, trusting a 3rdparty9Z!de*NM2y7%yZwtwZx7CC@utHyVD@5KcP$arcQTkt2Fhntu#8cET!pDqDXq9HcV

194. 9Z!de*NM2y7%yZwtwZx7CC@utHyVD@5KcP$arcQTkt2Fhntu#8cET!pDqDXq9HcVWorks, but looking for a more secure wayNot a perfect method, trusting a 3rdparty

195. 9Z!de*NM2y7%yZwtwZx7CC@utHyVD@5KcP$arcQTkt2Fhntu#8cET!pDqDXq9HcVWorks, but looking for a more secure wayNot a perfect method, trusting a 3rdpartyIdeally an Open Source option

196. Search more securely

197. Take a deep breath. Youre safe here.Click here to learn how Ixquick protects you fromgovernment surveillance.https://ixquick.de/

198. Take a deep breath. Youre safe here.Click here to learn how Ixquick protects you fromgovernment surveillance.https://ixquick.de/

199. https://duckduckgo.comSearch anonymously. Find instantly.

202. TheAnonymousInternet:PrivacyToolsGrowinPopularityFollowingNSARevelationshttp://business.time.com/2013/06/20/the-anonymous-internet-privacy-tools-grow-in-popularity-following-nsa-revelations/

203. TheAnonymousInternet:PrivacyToolsGrowinPopularityFollowingNSARevelationshttp://business.time.com/2013/06/20/the-anonymous-internet-privacy-tools-grow-in-popularity-following-nsa-revelations/“[DuckDuckGo] ...search queries almost double since June 6, when Google wasidentified as one of nine companies that are part of Prism, a secret data-gatheringprogram the government uses to target foreign threats. Its 3 million daily directsearches is still a drop in the bucket compared to the billions Google executes everyday, but CEO Gabriel Weinberg says the site’s privacy features are steadilyattracting more users. [...] “That aspect of our site has been more attractive to agrowing portion of users,” Weinberg says “It was pretty creepy when you thinkabout how much the search engine actually knows about you because it’s arguablythe most personal set of data that you share on the Internet.”

204. TheAnonymousInternet:PrivacyToolsGrowinPopularityFollowingNSARevelationshttp://business.time.com/2013/06/20/the-anonymous-internet-privacy-tools-grow-in-popularity-following-nsa-revelations/“Kobeissi points out that even if these tools help with anonymisation, they can’tcompletely deter dedicated government surveillance. “The real solution is not justtelling people to depend on these tools. The real solution is to get an honest politicaldiscussion going on to limit or get rid of these surveillance tactics.”

205. “A peer to peer (P2P), distributed, anonymous search engineanyone can run and contribute to”"[...] we cannot rely on a few large companies, and compromise our privacy in the process,"says Michael Christen, YaCys project leader. "YaCys free search is the vital link betweenfree users and free information. YaCy hands control over search back to us, the users."http://yacy.nethttp://www.theregister.co.uk/2011/11/29/yacy_google_open_source_engine

206. Pay Differently

207. http://bitcoin.org

208. • a P2P digital currency• a protocol and software that enables instant peer-to-peer transactions and worldwide payments• it is open source under the MIT licensehttps://bitcoin.org/http://business.time.com/2013/06/20/the-anonymous-internet-privacy-tools-grow-in-popularity-following-nsa-revelations/

209. • a P2P digital currency• a protocol and software that enables instant peer-to-peer transactions and worldwide payments• it is open source under the MIT license• has burst into the mainstream consciousness this year• now being accepted everywhere from New York bars todating website OKCupidhttps://bitcoin.org/http://business.time.com/2013/06/20/the-anonymous-internet-privacy-tools-grow-in-popularity-following-nsa-revelations/

210. • a P2P digital currency• a protocol and software that enables instant peer-to-peer transactions and worldwide payments• it is open source under the MIT license• has burst into the mainstream consciousness this year• now being accepted everywhere from New York bars todating website OKCupidBuyer beware though:Bitcoin values areextremely volatilehttps://bitcoin.org/http://business.time.com/2013/06/20/the-anonymous-internet-privacy-tools-grow-in-popularity-following-nsa-revelations/

214. Share more securely

215. https://spideroak.com/

216. Provides similar functionality to DropBox and Google Drive...BUT is a “zero-knowledge” client, meaning the company can’t seethe content of user files, which are automatically encryptedTaking your data into your own hands has its pros/cons:SpiderOak can’t retrieve your password for you if you forget ithttps://spideroak.com/http://business.time.com/2013/06/20/the-anonymous-internet-privacy-tools-grow-in-popularity-following-nsa-revelations/

217. https://spideroak.com/http://business.time.com/2013/06/20/the-anonymous-internet-privacy-tools-grow-in-popularity-following-nsa-revelations/Provides similar functionality to DropBox and Google Drive...BUT is a “zero-knowledge” client, meaning the company can’t seethe content of user files, which are automatically encryptedTaking your data into your own hands has its pros/cons:SpiderOak can’t retrieve your password for you if you forget it

218. https://spideroak.com/http://business.time.com/2013/06/20/the-anonymous-internet-privacy-tools-grow-in-popularity-following-nsa-revelations/Provides similar functionality to DropBox and Google Drive...BUT is a “zero-knowledge” client, meaning the company can’t seethe content of user files, which are automatically encryptedTaking your data into your own hands has its pros/cons:SpiderOak can’t retrieve your password for you if you forget it

219. Use open source tools toprotect yourself

220. https://torproject.org

221. https://torproject.orgOriginally called The Onion Router, and started out as a US Naval projectProtects you by bouncing your communications around a distributed network ofrelays run by volunteers all around the worldPrevents somebody watching your Internet connection from learning what sitesyou visit, and it prevents the sites you visit from learning your physical locationAllows users to surf the Internet (...almost...) anonymously by making IPaddresses difficult to traceDownloads increase between 20% and 30% following the NSA newsIt has been downloaded 36 million times in the past year and has more than halfa million daily users

225. https://www.torproject.org/projects/torbrowser.html.enThe Tor BrowserBundle lets you useTor on Windows, MacOS X or Linux withoutinstalling anysoftware.

226. https://torproject.orgInstall Tor on a serverto contribute to thenetwork’s robustness,and connect yourself

227. https://cloud.torproject.org• a user-friendly way of deploying Tor bridges to helpusers access an uncensored Internet• runs on a Amazon EC2 micro cloud computingplatform• Amazon has introduced a free usage tier for a year

228. http://fak3r.com/2012/08/11/howto-run-a-tor-node-in-the-cloud-for-free/fak3r.com post: HOWTO run a tor node in the cloud for free

229. Don’t forget about Mobilecommunications (the NSA isn’t)

230. https://guardianproject.info/apps/orbot/Orbot“The official version of the Tor onion routing service forAndroid. Orbot is a free proxy app that empowers otherapps to use [...] Tor to encrypt your Internet traffic and thenhides it by bouncing through a series of computers aroundthe world. Any installed app can use Tor if it has a proxyfeature”

231. “True anonymity on the mobile Web just came a few stepscloser for tens of millions more smartphone users.he firstofficial implementation of Tor for iPhone and iPad. Tortriple-encrypts data and then routes it through threedifferent computers around the world, each one removingonly one layer of encryption.”https://itunes.apple.com/us/app/covert-browser/id477438328?mt=8Covert BrowserCovertBrowser

232. “Whipsersystems - Secure your communication with our mobileapplications. Its that simple. Encrypted Communication AndStorage [...] easy to use tools for secure mobile communicationand secure mobile storage. Open Source Software”https://whispersystems.org/

233. “Free, secure, unlimited messaging with your friends overFacebook Chat, Google Chat & Jabber Works with Android,iPhone, Mac, Linux or PC. [...] iPhone with ChatSecure, Macwith Adium, Linux with Jitsi, Windows with Pidgin”https://guardianproject.info/apps/gibber/Gibberbot

234. https://crypto.cat/Crytocat

235. https://crypto.cat/CrytocatEncrypted IM can be easy and accessibleCryptocat is an open source experimentWorks right in your browserGoal is to provide the easiest, most accessible way to chat while maintaining your privacy onlineIts useful for everyoneFriends use Cryptocat to talk without revealing messages to a third partyActivists use Cryptocat to keep private matters privateJournalists use Cryptocat to keep their stories and research confidentialCryptocat is not a magic bullet. You should never trust any pieceof software with your life, and Cryptocat is no exception

239. DIY, run your own services,instead of using others

240. http://drupal.orghttp://wordpress.orghttp://joomla.org

241. http://octopress.com

245. http://jekyllrb.com

246. http://github.com

247. Open source, Jabber/XMPP instant messaging server, offers Off-the-Record (OTR) Messaging, more secure, SSL for encryptedcommunications, note that Google uses this same service forGoogle Talkhttp://www.ejabberd.im

248. http://identi.caOpen source microblogging software (think Twitter),run your own host, keep your own information, and itpowers Identi.cahttp://status.net/open-source

249. An open, distributed, federated, social network, mirrorsfunctionality of Facebook, Google+, signup on an officialserver, or host your own and have full control over whatyou sharehttps://joindiaspora.com

250. A lightweight command line service that securelysynchronizes your data http://lipsync.info

251. “...javascript based authentication, uses remoteStorage, across-origin data storage protocol separating applicationservers from data storage, your stuff on remote servers, butyou still hold the keys“

252. Get involved and demand change

253. Focusing public attention on emerging privacy and civil liberties issuesProtecting Civil Liberties in the Digital Age

254. In conclusion...

255. Question How companies save, store and useyour personal data

256. Question How companies save, store and useyour personal dataLearn about online privacy and know your rights!

257. Question How companies save, store and useyour personal dataLearn about online privacy and know your rights!Share what you discover, educate others viablogs, social networks, or just talk about it

258. Question How companies save, store and useyour personal dataLearn about online privacy and know your rights!Share what you discover, educate others viablogs, social networks, or just talk about itExplore Run your own server, use open sourcetools to protect yourself while helping others, it’s fuN!

259. ContactSlidesFollowphilcryer.combit.ly/pc-slides@Fak3r

260. St louis Linux Users GroupContactSlidesFollowThanksSBS CreatixEffphilcryer.combit.ly/pc-slides@Fak3r