Author

Topic: Why beginners should pay attention to their privacy (Read 1413 times)

legendary
Activity: 2268
Merit: 18711
But still we are having the browser fingerprint problem where the previous container information could be leaked based on our OS and hardware
Which is why I mentioned entirely different Firefox installations above. If you run one version of Firefox with certain add ons and settings via one IP, and a different version of Firefox with different add ons and settings (and maybe even spoof your user agent) via a different IP, then it becomes significantly harder for browser fingerprinting to link your two browsers. Even better if you run one from inside a VM.

Or go for the safest method and just use Tor.
legendary
Activity: 1974
Merit: 2124
But there is no reason to use Brave for either of reasons. Firefox is better option for almost everything. You can use container tabs or separate profiles to keep different usages of Firefox separate. If you really want, you can install Firefox more than once, or install different versions of Firefox (default, beta, developer, etc.) or even run a separate instance of Firefox in a VM to keep some use completely separate from other uses, and allow you to have a very hardened version of Firefox with appropriate browser extensions as well as a completely basic and out-of-the-box version of Firefox too.

And if you really need a Chromium based browser for a specific task, then as I've said before, Ungoogled Chromium is the best option.
I understand your point and if we are so concerned about our privacy then we should avoid these browser at all and yes Firefox container tabs is really useful option and switching on the different profiles like you have mentioned is quite useful keeping it all safe once you install them and works fine for us and will focus on them discarding Brave to the full.

But still we are having the browser fingerprint problem where the previous container information could be leaked based on our OS and hardware according to GitHub reports also but those who are unaware about their working can read them here :

Containers

But my most of the work is absolutely handled through Tor only so no need of chromium based browser to me although Ungoogled Chromium is best in that case.

I thought that was a joke. LOL!
These days privacy is becoming a joke for these self pro claimed privacy oriented browser also but soon they show their real face and only you need to be careful about yourself and for them your privacy is just a joke.
hero member
Activity: 510
Merit: 4005
{...} Regarding browsers' private mode, it can help somewhat, but I believe it is more helpful to use containers {...}

{...} You can use container tabs or separate profiles to keep different usages of Firefox separate {...}

Firefox container tabs [1] are really useful!

They won't do much to protect your privacy on their own but they can be very handy to reduce the usefulness of gathered data and I'm all for anything that makes life harder for the people trying to profit from invading your privacy.

You can (for example) be signed-in to YouTube in one tab and then use Google Search in another without the SSO (Single Sign-On) trying to automatically sign you in and "link" the two different types of activity.

I (mostly) use YouTube without signing in, but if Google ever decides to make that mandatory (knowing them, I'm guessing it's just a matter of time) then making a dummy account and using YouTube from a container will be the way to go! Smiley

[1] https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
I know you also recommended Tor Browser (which is great)
It's great privacy-wise, and probably the best option out there. I just want to note down the privacy tradeoff, for beginners or anyone who chooses it:

  • Far slower connectivity.
  • Some sites forbid access from Tor exit nodes (whose IP addresses are those you "exit" the Tor network to clearnet with).
  • Captchas can be annoying.

I thought that was a joke. LOL!
legendary
Activity: 2268
Merit: 18711
I also use Brave in rare cases like to just have some normal search and watch some add free YouTube if I want to nothing else.
But there is no reason to use Brave for either of reasons. Firefox is better option for almost everything. You can use container tabs or separate profiles to keep different usages of Firefox separate. If you really want, you can install Firefox more than once, or install different versions of Firefox (default, beta, developer, etc.) or even run a separate instance of Firefox in a VM to keep some use completely separate from other uses, and allow you to have a very hardened version of Firefox with appropriate browser extensions as well as a completely basic and out-of-the-box version of Firefox too.

And if you really need a Chromium based browser for a specific task, then as I've said before, Ungoogled Chromium is the best option.
staff
Activity: 3304
Merit: 4115
Honestly, a properly configured Firefox is probably the best way of going about things. A proven track record, and obviously Tor Browser is built on it for a reason. The latter being useful if you want even more privacy.

Sorry for the dumb question, but how can I install this on my Android device?

I have checked the github page and I noticed that there is a link under the custom F-Droid repository but the problem is upon clicking the link, it shows "403 Forbidden". On a sidenote, I've never done any custom build/installing on any device in my life, so I assume that installing it isn't just as simple as clicking the install button.

I just want to use this degoogled chromium to maintain the search results similar to using chrome but with an improved privacy aside from using DDG for casual(common) searches.
You can install F-Droid, and then add a custom repo directly in F-droid. That's basically how you download custom repo's from F-Droid directly, adding the repo will then allow you to see the applications inside of F-droid, and download whatever you want. Obviously, if the source is down you won't be able to do it. I'm not overly familiar with degoogled chromium as I use other alternatives, but give it go adding it to f-droid as long as you're comfortable with its safety.
legendary
Activity: 1470
Merit: 1049
Argentine representative on gambling board
Well well well, so finally Brave shows his real face?. Or their where pushed by goverment to do this?.

In the last time we are reading a lot of "news" saying instead of only click and give your opinion/taste for the marketing companies, sell them. I think this its the case, and maybe the people behind Brave or the BAT project (idont know if this was in the start but later when more people come around) its mading the first step of this.

Obviusly in our community this its a shit, because we dont like KYC so much and less in this kind of things, how the fuck you put this related to money laundry to  demand KYC?. If you (i refer to Brave browser) can know easily if a person earn the BAT by clicking or because he  receive a ton of that. This clearly have some backdoors opens....

legendary
Activity: 1974
Merit: 2124
I'm afraid I absolutely would not recommend Brave. They are better than Chrome, sure, but only because Chrome is literally the absolutely worst browser on the planet in terms of privacy and securing your data. Brave, while they run a very flashy marketing campaign about being very pro-privacy, are actually nothing of the sort. They take money from companies like Facebook and Twitter to whitelist their trackers and allow them to spy on you. They take money from various ad companies to specifically serve you their ads (which are of course still profiled to your information), but users seem to accept that because they get paid peanuts of some useless token in return. They take money from Binance to inject their code and widgets in to the browser, which again are used to track you. The secretly auto-direct your browser to URLs you didn't enter or click on and insert their referral codes in the process. They are entirely driven by making themselves money, and a lot of the things they once stood for in terms of privacy are not long forgotten in pursuit of more profits. And don't even get me started on a so called privacy browser asking for KYC. Roll Eyes
Yeah I am aware about those concerns you have mentioned about but was providing him with the alternative to Google chrome which is ofcourse the worst with full of spams and phising links to scam people always trying to track you with any activity you are doing.I also use Brave in rare cases like to just have some normal search and watch some add free YouTube if I want to nothing else.

The KYC was implemented on the BAT you have earned as reward points and was opposed by many and never interested in earning those shit tokens and after your post thinking to discard its usage completely.Sending tips to publisher is good idea but implementation of the KYC was a really poor one if you call yourself privacy oriented browser and there were lot of discussion about this also :

Brave KYC

So you are right on the part that if you are interested in more privacy options then you should avoid this one also and for me it was just one step ahead of chrome for making some normal work not like accessing forum from it.

For other privacy related searches ofcourse Tor is my default one browser which provides you complete anonymity not like the fake promises others made.
hero member
Activity: 510
Merit: 4005
{...} but if you are looking for some privacy focused browser then Brave is also the good choice {...}

I know you also recommended Tor Browser (which is great) but Brave is no good. o_e_l_e_o summed up the situation nicely (2 posts up). Sneaking their referral codes into URLs was the deal-breaker for me. If they're capable of doing that by "mistake" [1] then who knows what other garbage they'll attempt in the future.

They should have been upfront about it and included that as an off-by-default option in settings (e.g. "Support Brave by allowing affiliate insertion?").

[1] https://www.zdnet.com/article/privacy-browser-brave-busted-for-autocompleting-urls-to-versions-it-profits-from/
legendary
Activity: 1932
Merit: 1273
Something else in relation to browser fingerprinting?

You can't really escape from browser fingerprinting since it inherently happens because of how the web works. It can only be minimized.

If you have real concerns and are conscious of what browser fingerprinting could do/affect to you, it would be the best and easiest solution to join with the mob, which is, using a Tor Browser.
legendary
Activity: 2268
Merit: 18711
For me also Tor works exactly the best but if you are looking for some privacy focused browser then Brave is also the good choice
I'm afraid I absolutely would not recommend Brave. They are better than Chrome, sure, but only because Chrome is literally the absolutely worst browser on the planet in terms of privacy and securing your data. Brave, while they run a very flashy marketing campaign about being very pro-privacy, are actually nothing of the sort. They take money from companies like Facebook and Twitter to whitelist their trackers and allow them to spy on you. They take money from various ad companies to specifically serve you their ads (which are of course still profiled to your information), but users seem to accept that because they get paid peanuts of some useless token in return. They take money from Binance to inject their code and widgets in to the browser, which again are used to track you. The secretly auto-direct your browser to URLs you didn't enter or click on and insert their referral codes in the process. They are entirely driven by making themselves money, and a lot of the things they once stood for in terms of privacy are not long forgotten in pursuit of more profits. And don't even get me started on a so called privacy browser asking for KYC. Roll Eyes

Even though I can't install Chrome and have logged out of my Google account, does Chrome still keeps profiling (browser fingerprinting) me in the background despite the app not being used?
If the Chrome app isn't even installed then it can't track you, no. But depending on what OS your phone is running there could well be some deep rooted Google stuff in there that will be impossible to remove.
legendary
Activity: 1974
Merit: 2124
Here comes another prove why beginners should give more attentive ears to their privacy, using centralized exchanges has more demerits than the benefits it could offer, early this morning i come across this update on how every US crypto exchanges undergoing investigation by the Securities and Exchange Commission report gives a total of about 40 crypto exchange present in the US and they are all under investigation by the SEC including the largest exchanges Binance and Coinbase, but to my greatest surprise i still see some of the bitcoiners having their asset with centralized exchange, when engaged in using CEX it makes no difference from having the rule of government over commercial banks.
All these investigations going under SEC is to make sure that these exchanges are following their guidelines and data breach is very common among them but you would see not much big impact of these investigations as government wants them under their control which they will do.As you say of Binance and Coinbase then they are most famous CEX out there having most of the trading share in the market and not only some big chunk of people have their coins stored on these exchanges assuming them to be safe but are unaware of the risk associated with using their services.

Their is simple saying "Not your keys not your coins" but they have trust over these CEX easily and deposit their funds over them and when they are scammed they start to blame game but what's the fun afterwards?

Coinbase has said that in case of insolvency your funds will be treated to pay off the debts so what security your expect from them?

One cannot claim been decentralized in using a centralized exchange, this is more of another strong warning being a reminder to pay attention to our privacy especially the beginners, if you actually want to be free from government embargo and restrictions in having access to your digital assets in your finances then remain private.
This is what most people need to understand and this is what they are ignoring.
hero member
Activity: 714
Merit: 521
Because scammers could use their identity for unwanted incidents like scamming or any fraudulent activities and that's the reason why they shouldn't believe on anyone asking for their identity in exchange for free tokens or anything which they don't know if that one is safe for them.

Data breach is pretty common online so beginners should understand the huge risk of providing their personal details online.

Here comes another prove why beginners should give more attentive ears to their privacy, using centralized exchanges has more demerits than the benefits it could offer, early this morning i come across this update on how every US crypto exchanges undergoing investigation by the Securities and Exchange Commission report gives a total of about 40 crypto exchange present in the US and they are all under investigation by the SEC including the largest exchanges Binance and Coinbase, but to my greatest surprise i still see some of the bitcoiners having their asset with centralized exchange, when engaged in using CEX it makes no difference from having the rule of government over commercial banks.

One cannot claim been decentralized in using a centralized exchange, this is more of another strong warning being a reminder to pay attention to our privacy especially the beginners, if you actually want to be free from government embargo and restrictions in having access to your digital assets in your finances then remain private, example on how to remain decentralized with privacy is to: run a full node on the blockchain, use bitcoincore to run a coinjoin, use hardware wallets which are open source, or use a decentralized exchange like bisq exchange.
hero member
Activity: 2520
Merit: 783
Because scammers could use their identity for unwanted incidents like scamming or any fraudulent activities and that's the reason why they shouldn't believe on anyone asking for their identity in exchange for free tokens or anything which they don't know if that one is safe for them.

Data breach is pretty common online so beginners should understand the huge risk of providing their personal details online.
legendary
Activity: 1904
Merit: 1563
If your main goal is to receive Google search results with improved privacy then you can use Startpage as your search engine via any web browser. It searches Google on your behalf and returns identical results but without the privacy invasion.
I sincerely appreciate it. I recently added Startpage to my Android Firefox browser. It's a good thing though because I don't need to download another app since I'm temporarily following a "minimalist" approach since I don't have a degoogled phone or a custom rom installed.

Something else in relation to browser fingerprinting? Even though I can't install Chrome and have logged out of my Google account, does Chrome still keeps profiling (browser fingerprinting) me in the background despite the app not being used?
legendary
Activity: 1974
Merit: 2124
Damn. I never thought the data garage sale was that bad.

Some serious reforms have to be made in the IT industry, preferrably at the OS level. I mean, we don't want to keep talking about this forever without being able to do anything about it, right?

With the scams rising the data breaches have also grown substantially and your data is being sold on dark web with any third party we are sharing it with to be used for next illicit activities.This is only one example of the case being disclosed and there might be many same scenarios like these worth millions dollars.

Don't know if we would see improvement in IT sector but we should focus on more privacy oriented ways to secure our personal information without being sharing them on any social site we see out there as they are themselves making money from these data dumps and we don't have idea about big this is it.


I would suggest using Tor or Firefox if you can to avoid all things Chromium altogether. Otherwise, Bromite is a Chromium based android browser which gets decent reviews, although I've never used it myself. If your main goal is to receive Google search results with improved privacy then you can use Startpage as your search engine via any web browser. It searches Google on your behalf and returns identical results but without the privacy invasion.
For me also Tor works exactly the best but if you are looking for some privacy focused browser then Brave is also the good choice as it would also protect you from the Google ads we see out there solving lot of problem and little fast then Tor and in case you want to have complete privacy you can switch to the Tor window in it only and it's best in Android devices also.
legendary
Activity: 2268
Merit: 18711
Sorry for the dumb question, but how can I install this on my Android device?
No idea I'm afraid - I've never used it on Android. I get the same 403 error on both Tor and Firefox trying those links though.

I would suggest using Tor or Firefox if you can to avoid all things Chromium altogether. Otherwise, Bromite is a Chromium based android browser which gets decent reviews, although I've never used it myself. If your main goal is to receive Google search results with improved privacy then you can use Startpage as your search engine via any web browser. It searches Google on your behalf and returns identical results but without the privacy invasion.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
What many people don't know is that data brokers buy and sell every piece of data about you that they can, right down to your debts and your medical conditions, and they sell it to literally anyone who wants it. A broker called Epsilon settled for $150 million after selling data to people they knew were scammers for over 10 years. Data has been sold to domestic abusers and stalkers, allowing them to track down old victims. The video mentions a case of a murder after the victim's data was purchased for less than $50.

Damn. I never thought the data garage sale was that bad.

Some serious reforms have to be made in the IT industry, preferrably at the OS level. I mean, we don't want to keep talking about this forever without being able to do anything about it, right?
legendary
Activity: 1904
Merit: 1563
I would only use Degoogled Chromium if you really need to use a Chromium based browser for a specific task.
Sorry for the dumb question, but how can I install this on my Android device?

I have checked the github page and I noticed that there is a link under the custom F-Droid repository but the problem is upon clicking the link, it shows "403 Forbidden". On a sidenote, I've never done any custom build/installing on any device in my life, so I assume that installing it isn't just as simple as clicking the install button.

I just want to use this degoogled chromium to maintain the search results similar to using chrome but with an improved privacy aside from using DDG for casual(common) searches.
jr. member
Activity: 126
Merit: 4
A broker called Epsilon settled for $150 million after selling data to people they knew were scammers for over 10 years. Data has been sold to domestic abusers and stalkers, allowing them to track down old victims. The video mentions a case of a murder after the victim's data was purchased for less than $50.
OMG it's sounds terrifying. I'd never thought about data selling on this angle before. Well, thanks for information. Plus one more phobia  Embarrassed
legendary
Activity: 1904
Merit: 1563
Do you have a suggestion of what email service I can use that supports aliases?
I am using simplelogin[1] as my email forwarding/alias services. You can also use anonaddy as an alternative depending on your preferrence. But currently, I am paying for premium on simplelogin for about $30/year.

With premium, you can have unlimited alias, mailboxes, and custom domain if you bought a personalized one from namecheap or any other domain name services. Having unlimited alias means that you can create compartmentalized emails for every services you signed up while having a sense of control to see which companies sold your personal information to third parties because you have what they call a kill switch.

Other than masking your real email account which is more concerned about privacy, I think it serves as an additional layer of security for potential hackers. If they don't know about you, they can't attack you.

Of course, you can have as much email as you want for bitcoin related accounts (if premium).

[1] https://simplelogin.io/
hero member
Activity: 644
Merit: 661
- Jay -
-prune-
Thank you for sharing your privacy journey, it gave me more clarity after reading the first post about the dangers of exposing yourself on the internet. I would be following your steps to achieve a greater level of privacy.
Do you have a suggestion of what email service I can use that supports aliases? I am just learning about it now and plan to start using it.

Great read all through. The reference to "three lettered agencies" in the first post was very amusing and detailing too.
Thank you guys

- Jay -
legendary
Activity: 1974
Merit: 2124
Proud to say that I am making some progress in terms of privacy.

I know these are just small stuff and is considered to be basic for an average bitcoin joe, but hey it's fun doing it.
Average joe needs to be concerned about his privacy in this crypto space where small breach could end up draining your whole funds and it's really good that you are taking a step forward for your privacy in removing the whole private information we share with these online services providers which can be used against us so it's better to switch to some privacy focused services to be safe.

so protonmail is the best then?
It's quite a good option if you seek privacy and security while using the online services as you see most of them asks for mails so proton is best in that case rather then your regular mails and with seed phrase recovery option it's easy to change your password and recover it and save files on your computer but read them about carefully.
legendary
Activity: 1904
Merit: 1563
Proud to say that I am making some progress in terms of privacy.

A few days ago, I began by uninstalling all the programs I rarely use, tweaking or disabling all the unnecessary permissions of the installed apps, removing all the messages and call histories, and fabricating all of my personal data on the accounts I had created years ago before deleting them entirely.

Currently, I am in the process of swtiching the emails I used(gmail) for the services I registered for by moving to privacy-focused email providers and setting up email aliases that will allow me to hide and receive emails without disclosing the real one.It's a pain the ass though, since you'll have to do it individually. And if I may suggest, buying a custom domain from namecheap would be ideal incase the service(simplelogin) shuts down even though it's unlikely.

I am also planning to switch to custom roms, calyxOS for Android and Linux to my computer, sooner when I have all the time to educate myself with regards to this. After that, I would happily create my own node for bitcoin to actually preserve and maintain my privacy in the long run.

I know these are just small stuff and is considered to be basic for an average bitcoin joe, but hey it's fun doing it.
hero member
Activity: 882
Merit: 5834
not your keys, not your coins!
This is why i have no interest in any crypto services out there that usually ask kyc, i rarely use 1 exchange and that is kucoin which i never submitted any of my personal information yet for kyc.
From the very start i only made kyc to my local exchange where i convert crypto to fiat, so far no security and privacy related incident happened to them yet.

I don't know if it's a thing for other but I always use  private mode of firefox when accessing every website mobile or desktop.
So no history or cookies and everything will be saved on those browser and websites plus an ad blocker installed. I'm also a user who wont accept the cookies banner even it's annoying already as long as they will let me browse the website without accepting it.
For no-KYC BTC <> fiat exchanges, consider checking out Bisq.network.

Regarding browsers' private mode, it can help somewhat, but I believe it is more helpful to use containers, disable JavaScript as well as using a proper 'wide spectrum blocker' (https://github.com/gorhill/uBlock/wiki/Blocking-mode) instead of an 'Ad Blocker'.
https://pi-hole.net/ is also something worth checking out, especially if you have a little 24/7 machine running on your network anyway, e.g. for your full node. Just spin up a little VM with PiHole in it and DNS requests to lots of ad and tracker endpoints will be blocked. No matter if these requests come from a browser, a computer program or a smartphone application.
hero member
Activity: 1554
Merit: 880
pxzone.online
This is why i have no interest in any crypto services out there that usually ask kyc, i rarely use 1 exchange and that is kucoin which i never submitted any of my personal information yet for kyc.
From the very start i only made kyc to my local exchange where i convert crypto to fiat, so far no security and privacy related incident happened to them yet.

I don't know if it's a thing for other but I always use  private mode of firefox when accessing every website mobile or desktop.
So no history or cookies and everything will be saved on those browser and websites plus an ad blocker installed. I'm also a user who wont accept the cookies banner even it's annoying already as long as they will let me browse the website without accepting it.
full member
Activity: 1750
Merit: 186
so protonmail is the best then?
legendary
Activity: 1974
Merit: 2124
that's the best solution, no KYC at all, if it's not worth doing well then it's not worth doing at all, atimes i ask myself that why should someone even have to see through my transactions since they can't perform any alteration to it, it's of no need to them at all except for those under their KYC surveillance, i think i will go along with the preferable option to pass through chipmixer for more privacy.
Do you think they will leave you without doing KYC? Like you can make small transactions without going through these KYC norms and most of the exchanges have daily limit for it but don't believe them that they can't alter your transaction and restrict you from making transactions.The exchange have your database and possess the keys for your funds so do you think KYC matters in that case a lot?

A small but important correction here: If you are using a centralized exchange in which you store your coins on their wallets, then regardless of whether or not you have completed KYC, they can "alter" your transactions prior to them being made. These centralized exchanges aren't just spying on your previous and future transactions, but also determining whether or not you are even allowed to make transactions in the first place, and who you are and are not allowed to send your coins to. All centralized exchanges do this. The difference is whether they can link all that activity to your real identity via KYC, or whether they just sell your data alongside your email address and let some data broker make the link instead.

Avoiding KYC is obviously smart, but avoiding centralized exchanges entirely is even better.
The exchanges have all the restrictions they can put on you like banking services asking for all the documents to prove the ownership of your funds and then sell your data to government agencies and on dark web.

1) Coinbase having restrictions on Canada users above $1000 is well known to us that for transactions bigger then it you have to disclose the recipient details to them with full documentation so is this acceptable to users without KYC?

2) Coinbase disclosing in it's SEC filing that in case of insolvency user funds can be used to pay loans so what safety you expect from these exchanges?

At the moment you think of keeping your coins on these CEX your end up your privacy so make sure to avoid them if you can.
member
Activity: 498
Merit: 56
Buzz App - Spin wheel, farm rewards
That's why it's important for us beginners to watch things like this, considering that privacy must really be guarded for security, giving identity doesn't always need to be done openly, although sometimes some people think it's not important.

The scammers will take advantage of this privacy to carry out activities that are not needed, Thank you very much for this short video that is quite useful, you deserve to be called a master for beginners?
newbie
Activity: 4
Merit: 0
Loved this! I just posted a comment about one of John Oliver's shows!  Cheesy

Thank you for the input, btw!
legendary
Activity: 2268
Merit: 18711
that's the best solution, no KYC at all, if it's not worth doing well then it's not worth doing at all, atimes i ask myself that why should someone even have to see through my transactions since they can't perform any alteration to it, it's of no need to them at all except for those under their KYC surveillance, i think i will go along with the preferable option to pass through chipmixer for more privacy.
A small but important correction here: If you are using a centralized exchange in which you store your coins on their wallets, then regardless of whether or not you have completed KYC, they can "alter" your transactions prior to them being made. These centralized exchanges aren't just spying on your previous and future transactions, but also determining whether or not you are even allowed to make transactions in the first place, and who you are and are not allowed to send your coins to. All centralized exchanges do this. The difference is whether they can link all that activity to your real identity via KYC, or whether they just sell your data alongside your email address and let some data broker make the link instead.

Avoiding KYC is obviously smart, but avoiding centralized exchanges entirely is even better.
legendary
Activity: 1974
Merit: 2124
Different emails for different purposes. You should absolutely not be using the same email address you use for your utility bills to be signing up to bitcoin exchanges, and you should absolutely not be using either of those email addresses to register for scammy altcoin airdrops or similar. Whenever possible, use entirely disposable email addresses you can trash after they have served their single purpose. And of course, different passwords for each one.
Yes absolutely we should be using different mails for different purposes and it should not be like that you are using the same mail you have logged on your device on all places which is risk exposure.Creating new mails isn't hard so you should be having unique one's for the work you are doing and more security features enabled on the important ones.

Speaking of password then creating one yourself and then remembering it is hard for so many mails so pasword managers are good option in these case and can be utilised effectively to assist you and generating strong password.


If you are storing your coins with a third party, then you already have zero privacy there.
Sending them on exchange or trusting any third party software is already like giving them full access for your funds and control over your privacy also.


ProtonMail now offer account recovery using 12-word seed phrases. Go to Settings -> Recovery, then scroll to the bottom and hit "Generate new recovery phrase".
Was really not aware about this so thanks for letting me know about it and have found about the same that proton mails also generate random 12 words seed for recovery and we can also download recovery file but that should be stored on safe place so in case you need to change your password you will need that file to be uploaded.



That's nice feature addition to proton recovery methods but remember still you need to safely backup the recovery phrase and don't open recovery file.But you have option to increase your security with it.
hero member
Activity: 714
Merit: 521
The most disturbing part is the apparent disregard by the so-called governing bodies.
Not just disregard, but active encouragement. In the US at least, government agencies are not allowed to enter your premises and search your belongings or your devices without a warrant, but there are absolutely no laws preventing them from buying your data from data brokers, blockchain analysis companies, or other third parties.

you're right, using a centralized exchange is thesame as giving the government or any third party the search warrant to invade ones privacy at any point in time just as that will be required by the security agencies in real live, so i see using CEX as an automated warrant one gives a third party unaware to have certain control over his financial digital assets

Like dangerous KYC. Once linking your coins to KYC data, these transactions are tied to your name. Even mixing them afterwards doesn't change that. All transactions are stored forever in the public blockchain.
Exactly this. You can pass your coins through ChipMixer so no one knows where they end up, but if those coins were bought from a KYCed account then anyone with access to that data will still know you bought x amount of BTC, even if they don't know where it is now. The only safe KYC is no KYC at all.

that's the best solution, no KYC at all, if it's not worth doing well then it's not worth doing at all, atimes i ask myself that why should someone even have to see through my transactions since they can't perform any alteration to it, it's of no need to them at all except for those under their KYC surveillance, i think i will go along with the preferable option to pass through chipmixer for more privacy.
legendary
Activity: 2268
Merit: 18711
The scammers will have full access to your mails and then start the phising scam attempt with fraud emails and you will be giving them away your funds with entering your seed phrases.
Different emails for different purposes. You should absolutely not be using the same email address you use for your utility bills to be signing up to bitcoin exchanges, and you should absolutely not be using either of those email addresses to register for scammy altcoin airdrops or similar. Whenever possible, use entirely disposable email addresses you can trash after they have served their single purpose. And of course, different passwords for each one.

Mostly these things occur when your are storing your coins on exchange and they ask for these KYC norms ending up your privacy
If you are storing your coins with a third party, then you already have zero privacy there.

Proton is really cool alternative but remember the password as recovering it is hard because it's not your normal email that can be reset with anyone.
ProtonMail now offer account recovery using 12-word seed phrases. Go to Settings -> Recovery, then scroll to the bottom and hit "Generate new recovery phrase".
legendary
Activity: 1974
Merit: 2124
Very important topic, it's quite concerning how personal data is harvested everywhere just to be sold later. Even sold to some shady scammers or criminals on the darknet. As long as it's profitable, this will be done and selling data will get more profitable in the future.

Still have doubts that it's not an issue when your data is leaked / sold to the darknet?
Ledger's hack of personal user data resulted in people getting threats to be robbed:
This issue has been prevalent over the dark web from long time and your personal information is being sold for different illegal activities and we are aware about these issues so that's why we need to remain anonymous and there are different ways in which security is compromised and this thread throws light on it.

Ledger hack is another example that like they have your personal data outsource to third party software but it's really risky as we have seen some Employee Id being compromised of Mailchip and your data is at risk.The scammers will have full access to your mails and then start the phising scam attempt with fraud emails and you will be giving them away your funds with entering your seed phrases.So there is risk in these ways also.

I really like Bitcoin's public, pseudonymous nature and the fact, that it's up to us to protect our privacy. But at the same time we should be aware that it's crucial to protect our privacy.
Like dangerous KYC. Once linking your coins to KYC data, these transactions are tied to your name. Even mixing them afterwards doesn't change that. All transactions are stored forever in the public blockchain.
Once a criminal knows about your (high) Bitcoin balance and your physical address, it can end very badly, when the data is sold to local criminals in your area.
Mostly these things occur when your are storing your coins on exchange and they ask for these KYC norms ending up your privacy and then also they will have eyes on you putting restrictions on your account to withdraw the funds.

Not just disregard, but active encouragement. In the US at least, government agencies are not allowed to enter your premises and search your belongings or your devices without a warrant, but there are absolutely no laws preventing them from buying your data from data brokers, blockchain analysis companies, or other third parties.
The NSA related movies are inspired from these things only and they want to keep track record of everyone with surveillance and you can see most of the exchange providing them these data of the users and whole work is done by them but you know the reality.Like the last news of Binance selling data to Russian agencies was in talks.

If you can, run your own email server. If you cant, use ProtonMail. Use PGP to encrypt everything.
Proton is really cool alternative but remember the password as recovering it is hard because it's not your normal email that can be reset with anyone.

legendary
Activity: 2268
Merit: 18711
The most disturbing part is the apparent disregard by the so-called governing bodies.
Not just disregard, but active encouragement. In the US at least, government agencies are not allowed to enter your premises and search your belongings or your devices without a warrant, but there are absolutely no laws preventing them from buying your data from data brokers, blockchain analysis companies, or other third parties.

What email woul dyou recommend besides google?
If you can, run your own email server. If you cant, use ProtonMail. Use PGP to encrypt everything.

Like dangerous KYC. Once linking your coins to KYC data, these transactions are tied to your name. Even mixing them afterwards doesn't change that. All transactions are stored forever in the public blockchain.
Exactly this. You can pass your coins through ChipMixer so no one knows where they end up, but if those coins were bought from a KYCed account then anyone with access to that data will still know you bought x amount of BTC, even if they don't know where it is now. The only safe KYC is no KYC at all.
legendary
Activity: 2226
Merit: 6947
Currently not much available - see my websitelink
Very important topic, it's quite concerning how personal data is harvested everywhere just to be sold later. Even sold to some shady scammers or criminals on the darknet. As long as it's profitable, this will be done and selling data will get more profitable in the future.

Still have doubts that it's not an issue when your data is leaked / sold to the darknet?
Ledger's hack of personal user data resulted in people getting threats to be robbed:

Quote
In a Reddit post, a user with the account name Crypthomie shared the email coming from the blackmailers. According to a “Darrin Burlew”, he knows that this user holds a lot of cryptos and will “share all his info with the local thieves” if his demands are not met.

The blackmailer even furthered his threat by saying, “If I happen to do this, are you able to imagine all the possible consequences that can occur to you and your loved ones?”

Crypthomie also mentioned that his dad’s name, address, and phone number were written on the email he received.
https://coinquora.com/ledger-users-face-extortion-and-threats/
https://www.reddit.com/r/CryptoCurrency/comments/kx9sy0/my_dad_just_received_a_death_threat_on_his/

I really like Bitcoin's public, pseudonymous nature and the fact, that it's up to us to protect our privacy. But at the same time we should be aware that it's crucial to protect our privacy.
Like dangerous KYC. Once linking your coins to KYC data, these transactions are tied to your name. Even mixing them afterwards doesn't change that. All transactions are stored forever in the public blockchain.
Once a criminal knows about your (high) Bitcoin balance and your physical address, it can end very badly, when the data is sold to local criminals in your area.
full member
Activity: 1750
Merit: 186
With the issue of privacy today it is more complicated every day, for my part, as I am not a specialist in computer science or cybersecurity, I use very simple techniques, but they can be useful to many.
You've made a good start, but you can go further:

- Multiple email addresses, which do not coincide with different platforms. Example my personal Gmail account does not match my Gmail account on my cell phone. (I know that the same if they wanted to link me).
Multiple email addresses is a must, but avoiding Google is also a must. You should considering moving to a more privacy respecting provider. Even better, use different providers for the different addresses to prevent a single provider linking your accounts via IP addresses, browser fingerprinting, etc.

-Never use chrome (except when there is no other option left for some compatibility).
If you need to use a chromium based browser for compatibility issues, then the best one to use is Ungoogled Chromium.

Most are more dangerous than walking without one. There is a documentary (by a Spaniard) that shows how most of the (paid) VPNs belong to the same person and they all have ties to the IDF in Israel.
VPNs serve some specific purposes and uses, but anonymity is not one of them. Consider Tor instead.



What email woul dyou recommend besides google?
copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
That is an incredibly cringy video, and not because it's John Oliver.  The most disturbing part is the apparent disregard by the so-called governing bodies.  The surveillance state is bad enough without corruption making harder to secure our privacy.  I can't help but think that the rich are going to keep getting rich by ensuring the powerful gain more power.  That's the tradeoff and we're the chattel.
hero member
Activity: 812
Merit: 560
Does this also apply to online surveys? Cause I have always partook in many surveys and have provided many informations and data about my self and economic conditions alike.

Of course that's oart of all that is being said, you jave to caution yourself to the extent of how you reveal your private lives online, and to the matter of fact, going by surveys and other related things like that is just a waste of time and no reward attached than unrealistic promises, most are scam, they got your data, intrude into your privacy and spy on you.

Does this also apply to online surveys? Cause I have always partook in many surveys and have provided many informations and data
Secondly, does this article implies that I shouldn't always give the right informations about myself as this can affect my privacy in other areas of online businesses am involved in?

No, don't het it wrong, be diplomatic about yourself and any information about you, why must they require your data at first place, for what? Not every site, link and messages should be given first priority interest, instead put them detestable, i wish you never have an experience of scam or hack.
hero member
Activity: 1540
Merit: 772
Things that not many people know about a privacy that is very important to maintain and most do not understand how to protect it. John Oliver conveys clearly in the video with a humorous method. I watched the video to the end and it was really scary. John Oliver also shows a comparison between 2013, May 26, 2016, 2019 and 2021.


Out of the 25 minutes of the video, one statement that will stick with me after watching it is "how do they collect personal information and then resell it or share it with other people". This is clearly a very wide and most frightening ecosystem. I can't imagine what if things that many people don't want happen to my privacy considering that almost every activity of our work today is related to the internet.
legendary
Activity: 1974
Merit: 2124
A very useful and must topic for not only beginners but also those who are into this market but ignore the security and privacy aspects which is essential because we are dealing with highly risky and online market where our one mistake could easily lead to loss of funds and private data leak on the dark web.So useful topic explaining ways to tackle it and be safe from it.

Read the privacy policy of the survey sites you are using, but almost certainly they are sharing your data with third parties. What would be the point of you doing the survey if they can't share the information they collect from you? And if you are getting a reward or incentive for doing the survey, then your data is definitely being shared with even more third parties. They have to generate that revenue from somewhere, and that is from sharing or selling or data.
For sure sometimes the online surveys you are taking are from the direct company or most of time they outsource this service so your data is bound to go over the net and how come your personal information is circulated to many different sources you come across? The answer is simple that you fill up those survey forms and they intend on collecting your personal information from it to use it for their own purpose.

The paid part is interesting one like you get nothing out of it most of the times opposite to what they have promised or in crypto market you will get some shit tokens listed on some fake exchange with fake volumes and you can't get any liquidity for them to sell so your profit motives out of them is shattered and your data is also prone to leak.

If there is no consequence to you using fake information, then there is no real reason not to do it. If you give a fake name to a centralized exchange, for example, then you will end up having your account frozen and your coins seized. But if you are signing up for an email account, a mailing list, some sort of crypto giveaway, then there is no reason not to use a fake name, email address, or other information.
On the Centralised exchange you have to go through KYC and other verification process so giving out fake names is not going to work at all and if found suspicious your account gets freezed and you lose all your funds at once as you have agreed to the terms also.On the counter part it's never advisable to keep the funds over CEX in the first phase which is always prone to hacks and account freezing.But yes for the other giveaways you can use fake name and for SMS services you can use the mailing service as you suggested.But your privacy is in your hands and taking steps is required so be safe from all these things.
legendary
Activity: 2268
Merit: 18711
With the issue of privacy today it is more complicated every day, for my part, as I am not a specialist in computer science or cybersecurity, I use very simple techniques, but they can be useful to many.
You've made a good start, but you can go further:

- Multiple email addresses, which do not coincide with different platforms. Example my personal Gmail account does not match my Gmail account on my cell phone. (I know that the same if they wanted to link me).
Multiple email addresses is a must, but avoiding Google is also a must. You should considering moving to a more privacy respecting provider. Even better, use different providers for the different addresses to prevent a single provider linking your accounts via IP addresses, browser fingerprinting, etc.

-Never use chrome (except when there is no other option left for some compatibility).
If you need to use a chromium based browser for compatibility issues, then the best one to use is Ungoogled Chromium.

Most are more dangerous than walking without one. There is a documentary (by a Spaniard) that shows how most of the (paid) VPNs belong to the same person and they all have ties to the IDF in Israel.
VPNs serve some specific purposes and uses, but anonymity is not one of them. Consider Tor instead.
legendary
Activity: 1470
Merit: 1049
Argentine representative on gambling board
Sorry for being late to this post.

With the issue of privacy today it is more complicated every day, for my part, as I am not a specialist in computer science or cybersecurity, I use very simple techniques, but they can be useful to many.

- Multiple email addresses, which do not coincide with different platforms. Example my personal Gmail account does not match my Gmail account on my cell phone. (I know that the same if they wanted to link me).

-More different addresses for not so "official" sites and others for sites where I manage money.

-Never navigate from the computer with Gmail open and if I leave one open I leave one from a company.

-Never use chrome (except when there is no other option left for some compatibility).


Thus, I feel that there is a point that we cannot skip and that is our Achilles heel, which is under our own fingers and we always use it. YES the KEYBOARD.
Many times I feel that on the cell phone keyboard, no matter how much I use a special incognito VPN browser or whatever you want, I have that feeling that they are already seeing me write on the KEYBOARD itself, and here there is not much to escape from, or is it Android (GOOGLE) or Samsung's or Microsoft's Swiftkey.
obviously they gather a lot of information out there.

One last comment on the subject of VPNs.
Most are more dangerous than walking without one. There is a documentary (by a Spaniard) that shows how most of the (paid) VPNs belong to the same person and they all have ties to the IDF in Israel.
hero member
Activity: 882
Merit: 5834
not your keys, not your coins!
Does this also apply to online surveys? Cause I have always partook in many surveys and have provided many informations and data about my self and economic conditions alike.
Generally, anything that's offering a reward for information from you, is almost certainly sharing that data on the mass.
Heck, even most sites and services that offer no rewards at all collect and sell data! Of course anything people submit in these stupid surveys is sold for very good money. That's actually pretty much one of the worst things you could ever do for privacy - directly giving away your 'data about [yourself] and [your] economic conditions'.  Shocked

staff
Activity: 3304
Merit: 4115
Does this also apply to online surveys? Cause I have always partook in many surveys and have provided many informations and data about my self and economic conditions alike.
Almost certainly selling or sharing your data. For a start, companies tend to go to mass survey providers, and therefore any data you give that survey company, will then share it to the company that asked them to do a survey, so instead of having one company have your data, you now have two companies. Plus, survey companies I would argue have an incentive to share data between all of their clients, since they're basically a honeypot for data. Personally, I would steer clear of them, especially since the downsides outweigh the rewards.

Generally, anything that's offering a reward for information from you, is almost certainly sharing that data on the mass.
legendary
Activity: 2268
Merit: 18711
Does this also apply to online surveys? Cause I have always partook in many surveys and have provided many informations and data about my self and economic conditions alike.
Read the privacy policy of the survey sites you are using, but almost certainly they are sharing your data with third parties. What would be the point of you doing the survey if they can't share the information they collect from you? And if you are getting a reward or incentive for doing the survey, then your data is definitely being shared with even more third parties. They have to generate that revenue from somewhere, and that is from sharing or selling or data.

Secondly, does this article implies that I shouldn't always give the right informations about myself as this can affect my privacy in other areas of online businesses am involved in?
If there is no consequence to you using fake information, then there is no real reason not to do it. If you give a fake name to a centralized exchange, for example, then you will end up having your account frozen and your coins seized. But if you are signing up for an email account, a mailing list, some sort of crypto giveaway, then there is no reason not to use a fake name, email address, or other information.
member
Activity: 336
Merit: 41
Does this also apply to online surveys? Cause I have always partook in many surveys and have provided many informations and data about my self and economic conditions alike.

Secondly, does this article implies that I shouldn't always give the right informations about myself as this can affect my privacy in other areas of online businesses am involved in?
legendary
Activity: 2268
Merit: 18711
where is our right to privacy.
You don't have one, unless you fight for it and actively avoid companies and other entities which seek to violate it.

are there any justifiable reason to give out peoples data?.
There are some. Sharing your data with other third party services which are providing you a service is one example. For example, if my bank offered me preferential rates on some insurance product from a third party as a perk of being a customer of said bank, then they would need to share my data with that insurance provider so they can complete the deal, should I instruct them to do so. What absolutely isn't justifiable is the mass surveillance that most centralized exchanges take part in, and the sharing/selling of that data with absolutely any interested third party.

cryto being a decentralize market should have policies that help keep peoples private data.
Crypto isn't the problem here. There is absolutely no requirement for data collection or privacy invasion with bitcoin. You can use bitcoin completely anonymously, if you have the knowledge and desire to do so. The problem here is centralized exchanges, and privacy considerations is but one of the reasons you should avoid them if at all possible.
member
Activity: 372
Merit: 11
elysian.finance
this bring to mind the question, who is now save?. where is our right to privacy. i believe this is a bridge of trust which is the fundamental of any relationship. are there any justifiable reason to give out peoples data?. cryto being a decentralize market should have policies that help keep peoples private data. now we are not only worried about scammers but also government agencies and some organizations. honestly this post is very educating thanks
legendary
Activity: 2268
Merit: 18711
Use an open-source browser such as Firefox, degoogled Chromium or similar.
Firefox is a good starting point, but isn't super private by default. There are a variety of guides and tools (straightforward example, more complex example) you can follow to harden it up. Alternatively, there are open source forks which are more privacy orientated, such as LibreWolf. Obviously Tor is the best.

I would only use Degoogled Chromium if you really need to use a Chromium based browser for a specific task. Despite best efforts, it is impossible to fully remove all the Google spyware embedded in to Chromium.

The worst are crypto exchanges, where I have already completed KYC in order to gain full access to their services.
If you want to stop using a centralized exchange, don't just abandon your account. Go through the process of having your account formally closed, and contact their data handling department or similar and request that all your data on their system is deleted. Success will depend on where the exchange is incorporated and where you live, and most will likely have to keep some of your data for a minimum of 5 years to comply with various regulations, but it is still better than letting them continue to store, analyze, and monetize all your data indefinitely.
staff
Activity: 3304
Merit: 4115
While NoScript can be a massive change to normal browsing, I don't think it's overly complex. You allow the scripts you believe you can trust or are comfortable with, if you don't then you don't use that website, and go to another one with the same information. NoScript actually increases decentralisation of information, otherwise people would revert to their normal searching habits, and only go to certain websites, which they'll find a bunch of them are using Facebook scripts, Google etc without them actually knowing that before.

But how many people would bother buy Raspberry Pi and initially configure Raspbian OS/PiHole?
I have, and know several others. Yeah, it might be considered niche at the moment, but we've got to consider that advertisements are starting to take over our lives, you can't go anywhere without being subjected to them. I do believe if Pihole was a tad more supported, and easier to setup people would be willing to pay the £20 for a low powered Raspberry Pi to setup an effective network wide ad blocker.

I'm actually surprised that universities, and the like don't adopt this approach, since effectively blocking them you're also increasing the security of the network, which should be top priority when there's multiple students sharing a connection.
hero member
Activity: 882
Merit: 5834
not your keys, not your coins!
So vpn and TOR is a must then?  What about if you want to casually browse online but privately?  Let say you use it to visit forums like this or watch tv or movie stream online?
I believe we do have a thread somewhere in off-topic or so with resources on privacy, but a few easy, quick steps that already make a difference are:
  • Use a PiHole DNS to block ad tracking domains.
  • Use NoScript to block JavaScript.

I would hesitate those two to average person since NoScript could be tricky to configure (whether on global or website level) while PiHole only official support Linux and Docker Image.
Why though? I mean if they configure NoScript too 'open', worst case it can't be worse than without the plugin.
And PiHole is usually installed on a server or a RaspberryPi (as the name suggests) which always run Linux, and are always on. This way you can route all DNS requests in your local network through it.
hero member
Activity: 994
Merit: 744
I don't often/ever encourage people to watch videos, but this would be 30 minutes well spent, even if you don't like his humor: Data Brokers: Last Week Tonight with John Oliver (HBO)

Going through this video has made me fearful because I realize how careless I have been all this time while revealing my personal details/data on various websites. The worst are crypto exchanges, where I have already completed KYC in order to gain full access to their services. I am discouraged from performing KYC on any so-called exchange because no one knows where his/her personal data, which should be his/her privacy, is leading.

Quote
A good place to start taking back some control in general: https://www.privacyguides.org/
Peer to peer bitcoin trades, avoiding the privacy invasion of centralized exchanges: https://bisq.network/, https://localcryptos.com/, https://hodlhodl.com/
Run your own node, and avoiding leaking information about your addresses and transactions: https://bitcoin.org/en/bitcoin-core/
I have also gone through the links provided; I found them useful and will refer to them in order to understand how to properly take control of my personal data while also avoiding data leakage.
hero member
Activity: 882
Merit: 5834
not your keys, not your coins!
So vpn and TOR is a must then?  What about if you want to casually browse online but privately?  Let say you use it to visit forums like this or watch tv or movie stream online?
I believe we do have a thread somewhere in off-topic or so with resources on privacy, but a few easy, quick steps that already make a difference are:
  • Use an open-source browser such as Firefox, degoogled Chromium or similar.
  • Use a good non-tracking search engine. Depending on how much effort you're willing to put in, this can range from switching a toggle in the browser settings to just use DuckDuckGo (and trusting them to hold their promises), all the way to hosting your own searx search engine.
  • Use a PiHole DNS to block ad tracking domains.
  • Use uBlock Origin to block even more trackers.
  • Use NoScript to block JavaScript.
  • Use DecentralEyes to improve CDN privacy.
  • Use a privacy-friendly email provider or host your own email server, otherwise they can and will read all of your emails.

Most of these things you're either already doing or are easy to spin up within under half an hour for everything tops.

I would actually advise against a VPN for privacy in most cases, since it introduces a point of failure and it makes you 'stick out' more compared to looking like any other user in the regular internet traffic (smaller anonymity set, you could argue). They are also often hacked and their data leaked, or simply sell the data (if you look at the bottom of the barrel prices they're somehow able to offer). Anything that gives you a 80% off deal smells like scam to me.
Tor is good, but Tor alone is not enough and you can also achieve a good amount of privacy with the methods above and without Tor. If I don't want a website to know my IP, I do use Tor though. Better than VPN, free and easy to set up (just download Tor browser). On the other hand, if I'm targeted by a 3-letter agency, as I said, Tor won't be enough and you'll need good application-level encryption and such. For instance, you'd be looking at having a completely separate machine, bought with cash anonymously for transmitting sensitive info (if you're targeted as I said), since even with Tor and everything, you might get hacked or doxxed using various fingerprinting techniques if using your main machine.
full member
Activity: 1750
Merit: 186
So vpn and TOR is a must then?  What about if you want to casually browse online but privately?  Let say you use it to visit forums like this or watch tv or movie stream online?
legendary
Activity: 2268
Merit: 18711
For example;
  • Browsing with browser private mood: I do this with chrome by using the incognito mood. I thought I was safe but little did I know that my ISP still see my browsing activities
  • When I use VPN, I had the feeling that I was so safe and my data save till o_e_l_e_o said this  Re: Identity Security: A Newbies' Priority
  • More often people enjoy using known and popular search engines like Google instead of using anonymous search engines
All common mistakes that people make. Private browsing does literally nothing to protect your privacy, VPNs can hide your IP address by do not provide anonymity (Tor is a better option), and anything owned by Google is a terrible option. DuckDuckGo, Startpage, or Searx are good alternatives.

It's probably true that most of us have already leaked a metric tonne of information, and that information has probably reached someone who you never thought would've been able to gain access, but the older that data is, and the less its being renewed the less valuable it is.
Not only that, but avoiding linking new data to old data can be a very valuable exercise. Let's say you start searching for cancer symptoms. With a clean slate, maybe the data brokers know that someone in your IP range is searching for cancer symptoms and can't do much with that information. Without it, perhaps they know your full name and address, and then pass that information on to some insurance companies, and then suddenly your premiums triple in price. Or perhaps you are sending some bitcoin to a political party or cause that your government doesn't take too kindly to. With your new data being linked to all your old data, then your government agents maybe pay you a little visit. With your new data being separate, then perhaps they can't track you down quite so easily.

What I've found a useful tool over the years is using the feature of adding a "+" to your email address.
It's not a bad idea, but a better solution is to have different email addresses for different purposes.

However, all being said, I think the new crypto browser by "Opera" will be of better use here
This browser is designed to integrate wallets and NFTs directly in to the browser. It is not designed with privacy in mind, and it is based on Chromium, so I really wouldn't recommend it.
legendary
Activity: 1722
Merit: 5937
This is an educative piece of content, I watched the YouTube video and I must say I have learned a lot about how our activities can be monitored even without our prior notice on the internet, which is outrageous and preposterous. However, all being said, I think the new crypto browser by "Opera" will be of better use here, as its promise to offer top-notch internet security with a free VPN, Ad Blocker, and Tracker Blocker built into the browser. But actually, I don't know true their statement is as I'm not a tech wizard, but you can go try it.

So here is a picture of it on the Google Play Store for you to download and start using because that's what I'm using now.

Tor is a better option. Another advice: download applications directly from the website, don't trust Google PlayStore as they are known for lack of due diligence.
hero member
Activity: 1092
Merit: 747
This is an educative piece of content, I watched the YouTube video and I must say I have learned a lot about how our activities can be monitored even without our prior notice on the internet, which is outrageous and preposterous. However, all being said, I think the new crypto browser by "Opera" will be of better use here, as its promise to offer top-notch internet security with a free VPN, Ad Blocker, and Tracker Blocker built into the browser. But actually, I don't know true their statement is as I'm not a tech wizard, but you can go try it.

So here is a picture of it on the Google Play Store for you to download and start using because that's what I'm using now.

 
copper member
Activity: 2156
Merit: 983
Part of AOBT - English Translator to Indonesia
this article supposed to reach everyone not just begginer only  Cheesy and yes scammer getting smarter and involved everyday.

And as you can heard of that selling and buying identity is real, i just want to tell everyone especially newbie to stay decentralized right now there is couple of airdrop thay give u free money only with do KYC and this very danger "its like u give ur personal data for couple of dollar" and they can sell you data for hundred of dollar and we dont know what data for. is not worth the risk?

only do kyc if u really trust with the site and u are using frequently ex. i only using 2 exchange just for withdraw and trade even tho site like exchange have big security things and rarerly been hacked
staff
Activity: 3304
Merit: 4115
I know what most users are thinking, your data has likely already been compromised so why bother? Well, if you can completely detox, data six months ago could potentially be worthless, or inaccurate. So, if you can follow the privacy advise here, as well as change your personal details or anything that could have potentially been compromised to something else, then you've effectively almost got a clean slate.

It's probably true that most of us have already leaked a metric tonne of information, and that information has probably reached someone who you never thought would've been able to gain access, but the older that data is, and the less its being renewed the less valuable it is.

Unfortunately, things like addresses which unless you plan on moving aren't exactly easy to disassociate, however at the very least if you aren't renewing that information  i.e leaking out a recent address, then the malicious attacker who might have gained that information, would have to assume, and not know. That's quite a powerful thing, because more up to date information is more likely to be used, since there's a certain degree of accuracy to it.

Obviously, avoid from now on leaking any of your data that you might think compromises you in anyway, and be careful who you trust with your data. Unfortunately, in our world you will likely need to trust someone, but as suggested there's ways to at least limit it.

What I've found a useful tool over the years is using the feature of adding a "+" to your email address. For example, signing up to this forum with [email protected] instead of [email protected]. That way if your email is ever compromised or your data has been sold, you can find out exactly who sold it. If you get spam a couple of days after signing up addressed to "[email protected]" you can almost be sure that the website you signed up to using that email address has given your data away or been compromised. While this doesn't exactly prevent you from getting your data exposed, its a good way of trialling a company before inputting real information in if you absolutely need too. Otherwise, using temporary email addresses or throwaways is the way to go.
legendary
Activity: 1288
Merit: 1081
Goodnight, o_e_l_e_o 🌹


Plenty of companies say your data is anonymized, de-identified, or collated with other data before being shared or sold, and lots of people think that means they are safe. Not so. One study found that 99.98% of anonymized data could be de-anonymized and used to identify individual users. Anonymizing data is meaningless. Even simply visiting a website (but not actually doing anything on said website) still provided the website with enough information to personally identify the user in question, track down their contact information, and send them an email minutes later.

In most cases individuals on their own unknowingly will endanger their privacy, the companies are secondary. Ignorance is one of the reasons and cause of abuse of privacy. After I made this topic Identity Security: A Newbies' Priority I became very conscious of my privacy. In practice what an average Jeo does thinking it's safe, is still dangerous to privacy.
For example;
  • Browsing with browser private mood: I do this with chrome by using the incognito mood. I thought I was safe but little did I know that my ISP still see my browsing activities
  • When I use VPN, I had the feeling that I was so safe and my data save till o_e_l_e_o said this  Re: Identity Security: A Newbies' Priority
  • More often people enjoy using known and popular search engines like Google instead of using anonymous search engines

These mistakes will ensure in as much as we live along with the technology. It is quite sad that you you know that your data is traded, you can prevent it and yet you chose not to.
hero member
Activity: 2814
Merit: 576
I don't often/ever encourage people to watch videos, but this would be 30 minutes well spent, even if you don't like his humor: Data Brokers: Last Week Tonight with John Oliver (HBO)

The whole segment is pretty terrifying. Everyone knows (or should know) that most browsers, websites, and apps monitor you and collect your data. What many people don't know is that data brokers buy and sell every piece of data about you that they can, right down to your debts and your medical conditions, and they sell it to literally anyone who wants it. A broker called Epsilon settled for $150 million after selling data to people they knew were scammers for over 10 years. Data has been sold to domestic abusers and stalkers, allowing them to track down old victims. The video mentions a case of a murder after the victim's data was purchased for less than $50.

Plenty of companies say your data is anonymized, de-identified, or collated with other data before being shared or sold, and lots of people think that means they are safe. Not so. One study found that 99.98% of anonymized data could be de-anonymized and used to identify individual users. Anonymizing data is meaningless. Even simply visiting a website (but not actually doing anything on said website) still provided the website with enough information to personally identify the user in question, track down their contact information, and send them an email minutes later.

They sell your data to the government. Governments might need a warrant or other legal ruling to come and search your computer or devices, but they don't need any permission at all to simply buy that information from data brokers. Multiple three letter agencies are buying your data and using it for anything they please. This is a very similar situation to a variety of three letter agencies employing the services of various blockchain analysis companies to track your bitcoin addresses and transactions.

In addition, centralized exchanges provide all sorts of data to data brokers, especially if you willingly hand over your KYC information. So do blockchain explorers. So do servers of SPV and light wallets. So will sites like Coinmarketcap or various crypto news sites. All this bitcoin related and other crypto related information will be pooled with all the other information held about you and sold to anyone who wants it, including scammers and criminals. Remember that simply clicking on a website was enough for that website to identify that exact person. Do you really want the whole world to know how much bitcoin you are holding?

The amount of privacy invasion going on in our daily lives is staggering. Don't make it even worse by willingly violating your own privacy.

A good place to start taking back some control in general: https://www.privacyguides.org/
Peer to peer bitcoin trades, avoiding the privacy invasion of centralized exchanges: https://bisq.network/, https://localcryptos.com/, https://hodlhodl.com/
Run your own node, and avoiding leaking information about your addresses and transactions: https://bitcoin.org/en/bitcoin-core/
Thanks for the very informative article that makes it a very helpful advice. I guess we need privacy not just in our crypto investment, but definitely in all transactions that we made either in fiat or crypto. This is why we need not to easily trust the exchanges even those decentralized ones because we don't hold guarantees that brokers can't get our personal information because once they do it as a job, they will always find ways to track our personal details and maybe in the future, expose how many bitcoins we have. So lets not wait for that to happen. Be cautious in everything we do particularly in visiting websites because that will aid them to indulge on our own privacy without our awareness. Better be safe than sorry.
legendary
Activity: 2268
Merit: 18711
O_e_l_e_o, is there no how a company's database can be saved on the blockchain for optimum security?
I don't think that really solves anything here. Putting aside the fact that I'm not convinced that putting data on blockchain would help to prevent hacks when compared to a centralized database, the majority of the time data hacks or leaks aren't the problem. While these obviously do happen and they can be catastrophic when they do, the majority of the time your data ends up being spread across the internet is because it is being willingly shared, bought, sold, and traded, by the very companies you are trusting to look after it in the first place, rather than being accessed by some malicious hacker or thief.

The only way to be sure your data isn't being sold or shared is to not hand it over in the first place. As soon as you do, it is out of your control.

So maybe if the congress' privacy is at risk, would the laws with that be already past as fast as the video act?
Could be. Congress have the ability to act quite quickly when it serves their own interests. Whether they will is another matter. As mentioned in the video, data brokers spend just as much on lobbying as Facebook and Google do. There will be plenty of our politicians who won't want to place any limit on the harvesting of your data since it would mean less money in their own pockets.
copper member
Activity: 2940
Merit: 1280
https://linktr.ee/crwthopia
It's not just for beginners TBH, but also for everyone that cares about their information. It's not good that it's going to be used for marketing purposes or any other that could give harm towards anything.

It's really an eye-opener to have watched that latest video with John Oliver because he explains it clearly and has humor so that it doesn't get boring. The experiment is what makes me keep thinking about it about making it so specific that you can really pinpoint and know people's information or interests with targeted ads. That's just scary IMO that it's possible.

I do hope that the government, not just with the warrants and buying of data to get information about suspects or something, it's the information that people can get, like in the example where the rental history of the person can be exploited. So maybe if the congress' privacy is at risk, would the laws with that be already past as fast as the video act?



Thanks for the helpful links, o_e_l_e_o that you provided as well, it really helps a lot with all the open-source types of software and tools that we can use.

hero member
Activity: 1134
Merit: 643
BTC, a coin of today and tomorrow.
More often I have heard of data leak by large companies with huge data base. But I hardly hear of legal actions against these companies. I know victims have the right to sue the company that exposes their data, whether it is purposefully or not. Well, I still do not blame victims that doesn't take any action because most often, the victims will not know that their data has been compromised.

I was amazed at LeGualios case, where he was emailed to be informed about his data compromise. In as much as I will say that the company is being honest to him, I could also say that it may cause Brand and reputational damage to the company. More and more customers will lose trust and interest in a company that cannot secure the data of her customers. So it could be that honest companies do not deliberately sell out their customers data. Unless during attack or they are compelled by government to do so.

O_e_l_e_o, is there no how a company's database can be saved on the blockchain for optimum security?
legendary
Activity: 2268
Merit: 18711
In addition to the privacy risk when you click on a website, there is also a risk when you simply talk to someone as some device could be "inadvertently" activated and pick up your conversation; this was covered in this guardian article. This blurs out the limits to what information companies, brokers and who knows who else can acquire about someone.
Absolutely. I have more than one friend who has told me a story of some innocent conversation they were having with their partner, kid, parent, etc., and then later that day they start being bombarded with ads for some specific product related to that conversation which they had never searched for or so much as mentioned before in their life. Knowing that these devices are recording, storing, and analyzing everything that is said inside your home, I cannot for the life of me understand why people are happy to wiretap themselves like this.

This has been the reason I prefer to recommend only Electrum as the best SPV wallet but which people that do not to know much about privacy or anonymity can use poorly. Newbies are using SPV wallets without Tor and making use of it in a way central server can connect their bitcoin addresses and IP address together in a way the privacy or anonymity they can have is totally lost.
Electrum is a good wallet for having control of your own coins and for the additional features it offers, as well as being able to be used in an airgapped manner, but by default it is bad for privacy. We know that blockchain analysis run nodes and servers for various wallets to gather data, and Electrum is no exception. Whenever you connect to random Electrum servers, there is a non-negligible chance you are connecting to a server which is gathering data on, and linking all the addresses you are querying together, along with your IP address and any other unique identifiers they can find. And as we have seen above, often that will be enough to cross reference against other data from data brokers and identify you individually.

how will you get away trying to exchange your crypto to Fiat? Someone should please explain this to me.
I gave three links in my first post to decentralized, peer-to-peer, non-KYC exchanges, which you can trade fiat for bitcoin and back again in a private way without having to hand over your data to third parties.
member
Activity: 234
Merit: 35
Moon.win
Thanks for the advice, but there are many things in this world today that cant be purchased by any crypto and not all businesses allow crypto as means of payment, the reason why our privacy will always get fucked up is Fiat, how will you get away trying to exchange your crypto to Fiat? Someone should please explain this to me.
hero member
Activity: 882
Merit: 5834
not your keys, not your coins!
While it does not paint the full picture, and will make your browsing experience a bit more troublesome, just to prove what o_e_l_e_o is saying; I encourage everyone to install uBlock Origin and NoScript in your browser. Use the maximally restrictive settings and have a look at how much stuff is actually loaded in the background in terms of trackers and non-functional JavaScript. This is literally code, which is executed on your machine, just by visiting the website! It's actually shocking.

Especially when visiting mainstream news sites and such, you will sometimes notice dozens of those scripts being loaded, even though you just wanted to read some text about something.

I would really enjoy it if every website was more like bitcointalk or https://plaintextsports.com/!
Their plug:
hero member
Activity: 812
Merit: 560
The whole segment is pretty terrifying. Everyone knows (or should know) that most browsers, websites, and apps monitor you and collect your data.

This is a salient aspect users pay little or no attention to and it serves as the weak point attackers now use as entry point to gain access on user's data, i really appreciate your efforts towards emphasizing on this and making it loud, we got lot of newbies that had ugly experience about crypto in general on their first approach and incidents like this needed to be discussed.

Plenty of companies say your data is anonymized, de-identified, or collated with other data before being shared or sold, and lots of people think that means they are safe. Not so. One study found that 99.98% of anonymized data could be de-anonymized and used to identify individual users.

I see no reason why they should first demand for users data knowing fully that they will anonymize such, that gives an indication for doubts in securing our data with such entity, a zero KYC formation should not demand for data at first place because it must have been stated in their statement of policy and privacy, then why going against the standard, else it's not secured enough. This is just an instance of me demanding for your password and telling you i will delete it later and am not going to attack you by using it against you, that's stupidity, why must i request for it at first place? If truly i don't have a hidden agenda.

Even simply visiting a website (but not actually doing anything on said website) still provided the website with enough information to personally identify the user in question, track down their contact information, and send them an email minutes later.

You're right, i can count on several occasions I received messages on my mail without knowing how they got my email address, then i do wonder that its only the service providers that can send such unsolicited messages to me without knowing that any malicious site visited poses a risk on user's data, not to talk of apps and ads clicks which are the worse scenarios. Some websites will pop up a message requesting user to "grant access or deny access" to contacts, messages, gallery and files and so on, most users granted them such access unknowingly to them the implications thereof.
copper member
Activity: 2940
Merit: 4101
Top Crypto Casino
There are also situations in which even if personal data are not being sold, they can still be hacked. Companies can brag about how secure they are .... until they are exploited. There are hundreds of stories on the web with major companies.

But there are places where we have no choice. A few days ago I received a letter informing me that the National Health Service website had been exploited and my data leaked. My social security number is now known, as well as my name, first name, age, the list of the different doctors I go to, when I went to see them, the type of problem I have, and everything else you can imagine. I wonder what is the worst between this and the Ledger's data leak. LOL (or not)

Even ISPs can't be trusted. Look on google about Verizon and ATT giving data to the CIA. That's why they created the privacy patriot act in The US to help them to make it legal
Privacy is going to get harder and harder as the years go by because it's only going to get worse. The good thing is that we can reduce the footprint as much as possible: host your email, server, storage, bookmarking site, RSS,...and yeah your node
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
It will be good if beginners pay attention to what privacy is and know how deadly given out their identities to custodial exchanges, custodial wallets and other custododial services. I do always mention the days when people that can physical harm people will work in conjunction with hackers, this may seem not possible to some people until it will happen. KYC is extremely dangerous.

But beginners should also try and know much about the wallet they are using, over 90% of bitcoin wallets do not have some privacy enhancing features. Although, the wallets are SPV which are light clients, but the worst part of it is that they do not have coin control, address freeze and the wallets are automatically creating transaction inputs in a way many addresses can be connected together and be traced on blockchain. This has been the reason I prefer to recommend only Electrum as the best SPV wallet but which people that do not to know much about privacy or anonymity can use poorly. Newbies are using SPV wallets without Tor and making use of it in a way central server can connect their bitcoin addresses and IP address together in a way the privacy or anonymity they can have is totally lost.

I too will recommend using a decentralized exchanges for exchanging bitcoin to fiat and vice versa, https://bisq.network/ is the most decentralized among them while https://localcryptos.com/ and https://hodlhodl.com/ are far better than using centralized exchanges.

But to have privacy while using wallet, the best is to go for full client and run full node using Tor connection. I too will recommend https://bitcoin.org/en/bitcoin-core/, or going for other means like running your own Electrum server.
legendary
Activity: 2114
Merit: 2248
Playgram - The Telegram Casino
That was ~25 minutes well spent, or rather ~16 minutes if you count that I watched it on a faster playback speed.
Thanks for the channel recommendation, his mix of wit, humour and actually passing on useful information is something I would want to see more of..

To the topic in question, privacy; It is something I didn't care about before I stumbled into Bitcoin and this forum, I allowed permissions, agreed to ToC without reading the agreement, and accepted cookies without giving it a second thought, which is the same for a frightenly amount of people out there.

In addition to the privacy risk when you click on a website, there is also a risk when you simply talk to someone as some device could be "inadvertently" activated and pick up your conversation; this was covered in this guardian article. This blurs out the limits to what information companies, brokers and who knows who else can acquire about someone.

The issue I see is that the cost of keeping your privacy is constantly increasing. The populace is gradually being herded into grating access inorder to perform simple tasks, otherwise they would have to go through several hoops to remain somewhat anonymous.
full member
Activity: 658
Merit: 158
BTC Rocks
Thanks a lot for your informative article. It's really very necessary to have proper safety and privacy in every sector. Because Scammers are always waiting to make us fool and they are inventing new ways for stealing funds.
In crypto, it's more important to have proper privacy for our wallets otherwise any time we might lose all the assets by being scammed.
legendary
Activity: 2268
Merit: 18711
I don't often/ever encourage people to watch videos, but this would be 30 minutes well spent, even if you don't like his humor: Data Brokers: Last Week Tonight with John Oliver (HBO)

The whole segment is pretty terrifying. Everyone knows (or should know) that most browsers, websites, and apps monitor you and collect your data. What many people don't know is that data brokers buy and sell every piece of data about you that they can, right down to your debts and your medical conditions, and they sell it to literally anyone who wants it. A broker called Epsilon settled for $150 million after selling data to people they knew were scammers for over 10 years. Data has been sold to domestic abusers and stalkers, allowing them to track down old victims. The video mentions a case of a murder after the victim's data was purchased for less than $50.

Plenty of companies say your data is anonymized, de-identified, or collated with other data before being shared or sold, and lots of people think that means they are safe. Not so. One study found that 99.98% of anonymized data could be de-anonymized and used to identify individual users. Anonymizing data is meaningless. Even simply visiting a website (but not actually doing anything on said website) still provided the website with enough information to personally identify the user in question, track down their contact information, and send them an email minutes later.

They sell your data to the government. Governments might need a warrant or other legal ruling to come and search your computer or devices, but they don't need any permission at all to simply buy that information from data brokers. Multiple three letter agencies are buying your data and using it for anything they please. This is a very similar situation to a variety of three letter agencies employing the services of various blockchain analysis companies to track your bitcoin addresses and transactions.

In addition, centralized exchanges provide all sorts of data to data brokers, especially if you willingly hand over your KYC information. So do blockchain explorers. So do servers of SPV and light wallets. So will sites like Coinmarketcap or various crypto news sites. All this bitcoin related and other crypto related information will be pooled with all the other information held about you and sold to anyone who wants it, including scammers and criminals. Remember that simply clicking on a website was enough for that website to identify that exact person. Do you really want the whole world to know how much bitcoin you are holding?

The amount of privacy invasion going on in our daily lives is staggering. Don't make it even worse by willingly violating your own privacy.

A good place to start taking back some control in general: https://www.privacyguides.org/
Peer to peer bitcoin trades, avoiding the privacy invasion of centralized exchanges: https://bisq.network/, https://localcryptos.com/, https://hodlhodl.com/
Run your own node, and avoiding leaking information about your addresses and transactions: https://bitcoin.org/en/bitcoin-core/
Jump to: