DoNotTrackPlus Gives The Boot To Nosy Internet Trackers

Several weeks back, I received an invitation from CNET to join a dating website designed especially for those that are 50 years old – or more. OK, it wasn’t exactly an invitation  – it was, in fact, an ad inserted into one of my subscribed  CNET newsletters.

So what – no big deal you may be thinking. But from my perspective, it is a big deal – here’s why.

In the years that I’ve been Internet connected – 18 years or more – I’ve never referred to, or listed, my actual age (other than to make the point, from time to time, that I’ve been at the computing game for a very long time). Nor, have I ever referred to my marital status (other than in a humorous way in re-commenting on a reader’s initial comment – perhaps).

As it turns out – I am over 50, and I am a bachelor. So, in reality, CNET targeted me precisely. The question is – how did CNET know to target me so effectively and efficiently?

A partial answer is – CNET spies. The fact that CNET spies on site visitors is hardly news. Nor is it news, that the majority of commercial websites engage in spying on site visitors.

SPYING – such a loaded word. Instead of “spying”, let me use a series of descriptors handily thrown around by those engaged in spying on my privacy.

Predictive analytics, customer profiling, customer segmentation, predictive modeling, lifestyle clustering……. all done for my own benefit, of course (according to the intruders). There, now I feel better about being profiled, segmented, and clustered. Not!

I’m certainly not a Luddite and, I understand the cost/benefit associated with using the Internet. But, the rules (such as they were) have changed dramatically in the last year or two. The Data Miner is now on the scene, and gobbling up personal information at a prodigious rate.

Webopedia definition – The two most common forms of data miners are data mining programs that an organization uses to analyze its own data to look for significant patterns, and spyware programs that are uploaded to a user’s computer to monitor the user’s activity and send the data back to the organization, typically so that the organization can send the user targeted advertising.

In a real sense then, it isn’t so much that CNET is aware that I’m 50 plus, or that I’m single that is at issue – since CNET could not/did not develop the specific information I referred to earlier. Instead, this information was undoubtedly culled by any one, or more, of the data miners that have infected the Internet and, using “predictive modeling” rolled out a “best guess” that I’m in my fifties and single.

And that makes me feel not only “profiled, segmented, and clustered” but, as if I’ve been “diced and sliced”. I have, in essence, become a product. A product, I’m afraid, that’s closing in on its “best before date”.   

A product that LiveIntent, working on behalf of CNET, targeted based on (according to the company’s site), gender, age, geo, browser, and time of day. I should point out, that according to LiveIntent’s promotional material, the foregoing “is just the tip of the iceberg”. Of that, I have no doubt.

The other side of the coin is – and there is another side of the coin – Internet users (by and large), have been trained to accept a tradeoff in order to get access to “free” information and services. In return – they buy into the condition that each commercial site they visit has the right to spy and build a profile on their browsing habits – the type of sites they visit and revisit, time spent on sites, their shopping and spending habits, their political views, their marital status (it appears), and much more. Some tradeoff!

In the long term, the personal information gathered will be sold, bartered and traded (to bypass the disclaimer – “we will not sell your information”), so that it can be used in multiple ways that generate profit. And, that’s the upside. If there’s one thing the Internet has taught us, it’s – if information can be abused – it will be abused.

If you’re like me, and you staunchly oppose the collection of your personal information, then you’re likely aware of any number of Browser tools which claim to shutout nosy data miners. In fact, I’ve reviewed many of these tools here.

One free tool which I haven’t reviewed until now (although, I wish I had earlier) is DoNotTrackPlus – a free Browser add-on from Abine (the online privacy company).

In the several weeks I’ve been running with DoNotTrackPlus, I’ve found that this add-on lives up to it’s reputation for excellence.

The following screen captures emphasize just how pervasive online tracking has become. And, more importantly, how DoNotTrackPlus puts the boots to these invasive parasitic data miners.

A selected result, from earlier today, while reading my local newspaper online.

Cumulative results since installing this add-on. You’ll note, the rather staggering tracking company total.

Abine’s Internet privacy view:

There is a huge difference between sharing personal information and having it taken. That’s why we’ve created Internet tools and services for those who want a say in how and when their information is used. And since we think exercising your right to online privacy should be easy, our solutions allow regular people just like you to regain and maintain control over their personal information – while continuing to enjoy all the wonderful things the web has to offer.

If you find yourself agreeing with this concept – and, you want a say in how and when your privileged information is used – take DoNotTrackPlus for a test drive. I suspect that you’ll be reluctant, in future, to surf the Internet without DoNotTrackPlus in place.

Fast facts:

Free tool that puts you back in control of your information.

Stops more than 600 trackers.

When you visit a website DoNotTrackPlus blocks tracking technologies from:

· Seeing and collecting your web activity such as what sites you visit and what you view.

· Putting cookies on your machine that would continue to store information about your Internet browsing.

· Displaying ads with tracking capability, including the annoying ads that seem to follow you everywhere you go.

Compatible with Mac or PC for Chrome, Firefox, Safari, and Internet Explorer.

Automatically updates to catch new trackers.

Download at the developer’s site: Abine

Click on the graphic below to view a video of DoNotTrackPlus in action.

Additional information is available on the company’s FAQ site.

Trashmail – A Firefox and Chrome Disposable Email Address Add-on

Here’s a little something from Dave Brooks (popular guest author here and, the best computer Tech I know) – “Think I’ll give this (Tweak-SSD) a test drive! I would recommend a Google search and download it from someone other than the author, I’m not handing out my email address (which is required for download) for anyone’s free app, I get enough spam as it is.”

It used to be, that the problem Dave has described wasn’t much of a problem. Not so long ago, developer’s rarely required an email address as a requirement to download an application. How things have changed!

The cost of “free” on the Internet these days – amongst other things – is providing an email address which, far too often will trap users into a revolving game of “catch the spam”. The solution? Create a disposable email address and let someone else worry about the spam.

There are any number of services you can take advantage of – many of them free. For more on this you can checkout this Wikipedia page.

I recently came across something a little different – a Firefox/Chrome add-on – TrashMail. Using TrashMail you can create a disposable email address (or addresses for that matter), at Trashmail.net. All email to this address/s will be forwarded to your real email address for the number of times you have selected.

When that limit is reached, the Trashmail.net email address will be automatically deleted. Further emails to that address will be rejected at Trashmail.net.

Following installation – and, a Firefox restart, the first thing you’ll need to do is set up a new account (in other words, register) with  TrashMail.net, at the site – as illustrated below.

Once you’ve successfully completed the registration process, look for a confirmation email in your inbox.

You will need to click on the link in the email to confirm that you are “you”.

Which, will generate the following notification.

You’re now good to go. Revisit the site – login – and set up your first alias email account. Pay particular attention to “Number of forwards”. You must select a number (other than unlimited), in order to prevent an error code.

The following notification will be generated.

Once you’ve set up your first alias address, setting up additional addresses  becomes less complex. Signing in to the site brings up the following window in which a couple of clicks does the job.

You can change the default settings easily from the Firefox _ Tools – Add-ons – menu.

Additionally, clicking on the TrashMail icon (from the Firefox Add-on Bar) will give you access to Address Manager from which you can “Edit” or “Delete”, your alias email addresses.

By now, you may well be thinking that this is a complex process – and, to some extent, I suspect that it should be streamlined somewhat. But, here’s the real benefit.

From now on, anytime you’re asked to provide an email address – for whatever reason – you simple click in the email entry box – right click on “Paste disposable address”…….

which will bring up the selection window as shown below. Click on “Create email, and…..

…….your alias email address is automatically entered.

Fast facts:

Challenge response system – Filters incoming messages by a CAPTCHA system.

Send e-mails by web interface – You can send e-mails by a SSL secure web form with TrashMail Plus.

Address name reservation for 365 days – After a TrashMail address has been deleted, the TrashMail address name will be reserved for 365 days for the real e-mail address from which it was used last time before it will be released for other real e-mail addresses.

Multiple domain names – Currently there are 11 domain names available which can be used for TrashMail.

Address masking on reply – When someone replies to an TrashMail address, this option can mask the responders e-mail address by replacing the responders e-mail address by the TrashMail alias name (just as host name, domain name and IP addresses will also replaced by localhost, localdomain and the IP address 127.0.0.1).

Distinct e-mail source – Each user can define a key which is used in the TrashMail e-mail header to make sure the e-mail was actually sent by the TrashMail system.

Additional header information – To each e-mail forwarded to your real e-mail address, a few header lines will be added to provide some additional information for the TrashMail customer.

Backup mail server – If our main server smtp.trashmail.net would be offline, then our backup server mx1.trashmail.net will take over incoming e-mails. The backup server is located in a different datacenter for high-availability reasons.

Secure HTTPS requests – Web requests are handled by the encrypted HTTPS protocol.

Number of maximum active disposable email addresses – 300 for non Plus members. 2500 for Plus members.

Price – free with limited features. Alternatively, TrashMail Plus with all features for $12.99 USD per year.

Download the Firefox add-on at: Mozilla

A Chrome version is also available and can be downloaded at the Chrome Web Store.

The developer has provided an excellent video tutorial on how to install, configure, and use the TrashMail.net Firefox Add-On. Click on the graphic below to view.

Admittedly, there is some upfront work involved in setting up TrashMail, but once this one time task is completed – you’re cruising. There are a number of different ways to work with TrashMail, and in this review, I’ve described the method that worked best for me. With a little experimenting, you may well find a more appropriate method for your specific needs.

Lookeen – An Outlook Search Add-on That’s FAST!

Currently, there’s a BlackBerry commercial running here in Canada in which a young woman declares that she gets over 1,000 emails a day. I have to admit, that the 1,000+ emails that she purportedly receives daily, led me to do a little figuring. Truth in advertising and all that.

Assuming that each email takes one minute to read, that translates into 16+ hours devoted to just reading emails. Perhaps it takes less time than that but, even cutting the read time in half would result in a full 8 hour day devoted to just reading emails.

Riding this train of thought, led me to consider just how this young woman managed (assuming that what she claims is true), to handle the time constraints imposed by this massive volume of correspondence – assuming, that at least some of these emails would require an after the fact action plan.

How would she, for example, search for and find, relevant emails, attachments, appointments, tasks, notes and contacts in a rather extensive  email achieve? And, do so quickly and efficiently – no small task.

Coincidentally, at roughly the same time that I was putting myself through mental contortions in an attempt to break down the 1,000+ email claim, I was offered an opportunity to take Lookeen, an email search solution designed to integrate seamlessly into Microsoft Outlook, for a test ride.

Fast facts:

• Massive increase of E-Mail search speed
• Finds e-Mails, attachments, appointments, tasks, notes and contacts
• Supports Exchange Server, Public Folder and external PST-archives
• Integrated Desktop Search: Search in local and Network Files
• For enterprises: Central Indexing reduces Server and Network Traffic
• Over 500.000 installations worldwide
• Installation in a few clicks

Following an easy installation, the application launches into a brief tutorial as illustrated in the following self-explanatory screen captures.

Step one.

Step two.

Step three.

Step four.

Step five.

As shown in the following screen capture, you’ll note that Lookeen adds a simple, yet helpful, search box to Outlook.

Did I mention FAST?

In the following quick search, the application pulled up 697 related items in three tenths of a second.

In a more focused search, the application pulled up 79 related items in two tenths of a second.

In this brief overview, I’ve barely touched on the functionality of this super little Outlook add-on. You can also expect the following:

Lookeen will search everywhere in your Outlook data.

Have every email at your fingertips – no matter how much data you have!

The integrated real-time-indexing enables you to search your local emails (PST), Exchange Server, Public Folder, your complete desktop, and even network files, all while Lookeen is indexing your files.

Lookeen will find every mail – even in the largest of archives.

Execute parallel searches for e-mails, attachments, appointments, tasks, notes and contacts.

Integrated Desktop search enables you to search in documents and PDFs.

Install and manage Lookeen in your enterprise with group policies (Lookeen Business Edition) and use the Lookeen Shared Index feature to reduce server traffic (Lookeen Enterprise Edition).

You can download Lookeen and try it for free for 14 days.

Download at: Lookeen.

As for the young woman’s claim of 1,000 emails a day? Yeah, sure.  

A big “Thank You” to regular reader Lee Garber for taking the time to point me towards this application. Thanks Lee.

Collusion – Internet Trackers Are All In It Together

Look – every business organization has the right to generate income and make a profit – and, in the real world, most organizations generate that income and make that profit aboveboard, and in clear view. But, that’s not necessarily the process on the Internet. In far too many cases, companies generate revenue by staying far below a user’s horizon – in an underhanded and sneaky fashion.

The tool of choice – a tool, which by its very nature is sneaky and underhanded, is the appropriately named Tracking Cookie. A tool, which not only tracks a user’s footprints across the Web but, the data generated is then used to analyze the user’s online behavior.

It’s this behavior analysis (analyzing links I click on, the content I view, searches I make ….) where I draw the line. I find it disturbing that I have little or no say, in the manner in which I’m tracked as I surf the Internet. And, equally as important – how that information is used.

It’s fair to say, that many users do not object to being tracked. I wonder though, that if these same unconcerned users were aware of just how insidious and overwhelming tracking has become – if, they’d continue to be unconcerned.

Should an unconcerned user run the recently released Collusion Firefox add-0n – an add-on which graphs in real-time the “following behavior” of tracking cookies, they might feel less confident that their “I don’t care” perspective is the correct one.

Mozilla CEO Gary Kovacs, in describing Collusion at the recent Technology, Entertainment, and Design conference pointed out, that Collusion “allows you to see all the third parties that are tracking your movements across the Web. It will show, in real time, how that data creates a spider-web of interaction between companies and other trackers.”

Kovacs went on to say that “Collusion will allow us to pull back the curtain and provide users with more information about the growing role of third parties, how data drives most Web experiences, and ultimately how little control we have over that experience and our loss of data.”

I’ve been tinkering with Collusion for the past several days, and I must admit to a new level of unease with this “behind the scenes” look at the nature of tracking now been practiced.

Here’s a screen shot of a spider-web of interaction between companies and trackers, from a short hop around the Internet which I made this morning.

I think you’ll agree, that the connection between and amongst trackers and tracking companies, might be more insidious than you had previously considered.

The graphic below (captured from the Collusion site),  briefly explains the  connections illustrated.

The Collusion add-on is available for download at Mozilla.

Back to the previous graphic for a moment – you’ll notice that you can export the graph. Should you do so, you’ll end up with data which will look something like the following. What you see is a very small portion of the exported data from today’s test.

javascript”],”news.com”:[2855341,”image/png”]},”visited”:false},”adtechus.com”:{“referrers”:{“techrepublic.com”:[1070986,”application/x-javascript”],”cnet.com”:[2853754,”application/x-javascript”],”thestar.com”:[5351704,”application/x-javascript”]},”visited”:false},”adnxs.com”:{“referrers”:{“techrepublic.com”:[1071838,”text/javascript”,”image/jpeg”],”baselinemag.com”:[2084558,null],”cnet.com”:[2853938,”text/javascript”,”image/jpeg”,”image/gif”],”thestar.com”:[5352178,”text/javascript”,”image/jpeg”,”application/x-shockwave-flash”]},”visited”:false},”techrepublic.com”:{“referrers”:{“twitter.com”:[1077104,”text/html;charset=utf-8″]},”visited”:true},”stumbleupon.com”:{“referrers”:{“techrepublic.com”:[1073845,”text/html;charset=utf-8″],”pcmag.com”:[1466423,”text/html;charset=utf-8″],”webopedia.com

And yes, there are a truckload of free tools which, to some extent, can impact and reduce the effectiveness of tracking – but, the downside in running with these tools is often a less than enjoyable Internet experience.

Flash Cookies – Spyware By Any Other Name

I first wrote on the issue of Flash cookies back in September 2009, and since then, I’ve watched as these obnoxious web trackers and privacy invaders multiply like a virus. Based on the number of questions I continue to get on the Flash cookie issue, it’s apparent – confusion reigns when it comes to this underhanded privacy threat.

One of the better forum comments I’ve seen referencing Flash cookies:

“I think many people may not realize how serious it is. In many ways, I see it as the virtual equivalent of dumpster diving or taping together a shredded document. It is deliberately ignoring a data owners deletion of data by an entity that has no business doing so.”

This practice of  web sites dropping Flash cookies onto your computer, which occurs without your knowledge or permission, is akin to hacking – according to some in the security community. Frankly, I agree.

Continuing developments in tracking technologies, and a complete disregard for fundamental privacy rights, should be a major topic of conversation in the security community – until such time as the issue has been resolved in favor of consumers.

In the meantime, we’re on our own. It’s up to us, as individual consumers, to take the appropriate steps to safeguard our privacy (as best we can), while interacting with the Internet.

Here’s what we’re up against – and, this is just one small example.

From Disinformation.com

McDonald’s, CBS, Mazda, Microsoft Sued For Tracking Internet Users’ Histories

In a complaint filed Tuesday with the U.S. District Court for the Southern District of New York, Sonal Bose alleges that McDonald’s and the other companies “acted in concert with Interclick,” to mine users’ Web surfing history for marketing purposes. “Defendants circumvented the privacy and security controls of consumers who, like plaintiff, had configured their browsers to prevent third-party advertisers from monitoring their online activities,” Bose alleges.

The lawsuit alleges that the companies violated the federal computer fraud law, wiretap law and other statutes. She is seeking class-action status. This lawsuit comes several weeks after Bose sued Interclick for allegedly using history-sniffing technology and Flash cookies to track her online activity.

History-sniffing technology exploits a vulnerability in browsers to discover the Web sites users previously visited. Researchers from the University of California, San Diego recently brought the technique to light when they published a paper explaining the technique and naming 46 Web sites where history-sniffing technology was being deployed. In at least some cases, ad company Interclick reportedly used the technology without the publishers’ knowledge.

Bose also says in her complaint that she believes that the defendants used Flash cookies for tracking purposes. Flash cookies are stored in a different place in the browser than HTTP cookies, and therefore, require additional effort to delete.

Flash cookie quick facts:

They never expire

Can store up to 100 KB of information compared to a text cookie’s 4 KB.

Internet browsers are not aware of those cookies.

LSO’s usually cannot be removed by browsers.

Using Flash they can access and store highly specific personal and technical information (system, user name, files,…).

Can send the stored information to the appropriate server, without user’s permission.

Flash applications do not need to be visible.

There is no easy way to tell which flash-cookie sites are tracking you.

Shared folders allow cross-browser tracking – LSO’s work in every flash-enabled application

No user-friendly way to manage LSO’s, in fact it’s incredible cumbersome.

Many domains and tracking companies make extensive use of flash-cookies.

If you value your privacy, then without a doubt you need to control these highly invasive objects, and if you are a Firefox user there is a solution – BetterPrivacy – a free Firefox add-on.

From the BetterPrivacy page:

“Better Privacy serves to protect against not delectable, long-term cookies, a new generation of ‘Super-Cookie’, which silently conquered the internet.

This new cookie generation offers unlimited user tracking to industry and market research. Concerning privacy Flash- and DOM Storage objects are most critical.

This add-on was made to make users aware of those hidden, never expiring objects and to offer an easy way to get rid of them – since browsers are unable to do that for you”.

In the following screen capture (click to expand to original), you’ll notice BetterPrivacy has deleted a cumulative total of 6188 Super Cookies.

The Options and Help tab (shown in the following screen shot), will allow you to choose specific deletion methods. You should consider selecting “Disable Ping Tracking”, which will prohibit sites from following you as you surf the Net.

Download at: Mozilla

For a more detailed breakdown on flash cookies, and the danger they represent to personal privacy, checkout The Electronic Privacy Information Center.

Google Chrome users can take advantage of the Click&Clean Extension (works with Firefox as well).

The following screen capture of Click&Clean’s Options menu, illustrates the application’s ability to deal with Flash cookies.

Fast facts:

Delete your browsing history
Clear records from your download history
Remove cookies and Empty cache
Delete temporary files
Remove Flash Local Shared Objects (LSO)
Delete private data when Firefox closes
Automatically close all windows/tabs
Clean up your hard drives and Free up more disk space – including secure file deletion
Launch external applications, like CCleaner, Wise Disk Cleaner etc. on Windows – or Janitor, BleachBit, etc. on Linux

Download the Firefox version at: Mozilla

Download the Chrome version at: The Chrome Web store

You can read a full review of this application – Clean Up With Click&Clean Firefox and Chrome Extension, on this site.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Catch Your Online Grammar, Spelling, and Style Mistakes, With After The Deadline

Churning out two blog posts every day is hard on the eyes – not to mention the back, the wrists – well you get the point. As a consequence – I sometimes find myself looking (with crossed eyes) at words running into words, gross misspellings (easy to correct), or improper word usage (sometimes, not so easy to correct). Your versus you’re, and its versus it’s, for example, can be particularly difficult to pick up when used incorrectly.

Here’s a good example of this – recently pointed out by a reader.

Comment:

“You’re friends won’t – other than to deny that they watch it – or, perhaps to decry it’s prevalence” You’re means You are – so “you are friends won’t” doesn’t make sense, use “Your friends” instead.

“It’s” always means “It is” – so “decry it is presence” doesn’t make sense; use “decry its presence” instead.

Not a big deal, you might be thinking. Maybe not – but as often as not, common errors, particularly punctuation errors, can change the meaning of what you meant to say. I’m sure you’ve seen this example – Let’s eat, Mother. versus – Let’s eat Mother.

I write all my blog articles in open source LibreOffice (with grammar checker turned on), and then copy the articles to Windows Live Writer prior to posting into WordPress.

Despite an active grammar checker, proofreading, as time consuming as it can often be, is unavoidable. Still, I’ve learned that proofreading is no guarantee that the odd mistake will not slip through.

There is a partial solution (no technology is perfect), that can help you (and me), avoid the most common grammar mistakes, spelling errors (including contextual spelling errors), and style mistakes, in online interactions – including blog postings, emails (mistakes here can be deadly), Facebook, Twitter, etc.

After the Deadline – developed by the people behind WordPress – is an open source (free), language checker for the Web which is available as:

An add-on for Firefox.

An extension for Google Chrome.

A plugin for Windows Live Writer.

A plugin for self-hosted WordPress blogs.

An extension for OpenOffice.org Writer (still in Beta).

Following installation of After the Deadline on my system as a Firefox add-on, I found it to be reasonably accurate – but not perfect (more on this later). Nevertheless, I’ll keep it on my system – at least in the short term (for the second time).

Installation, in my case, was the usual automatic Firefox add-on install, followed by an easy Options set up as the following screen capture indicates.

The following screen shots (click to expand) show spelling errors (an unrecognized word), and style recommendations – in a previous post.

The type of recommendation shown in the screen shot directly above (change “terminate” to “end”, or “stop”), is the primary reason I deleted this add-on previously.

Consistently, higher level words were marked down as “complex expressions”. It may be popular to assume that “dumbing down” is in vogue, but not from where I’m sitting.

Fast facts:

Checks Spelling – Spell checker looks at context and uses artificial intelligence to make recommendations.

Detects Misused Words – Most spell checkers assume any word in their dictionary is correct regardless of context. This means all misused word errors go unnoticed.

Checks Style – Style checker has thousands of rules and uses context to choose the best suggestions.

Checks Grammar – The grammar checker in After the Deadline protects you from common writing errors. After the Deadline uses statistics to automatically find exceptions to its grammar rules, making it one of the smartest grammar checkers around.

Explains Errors – The misused word detector, grammar checker, and style checker explain the mistakes and suggestions to you. Click an error and choose the “Explain …” option.

Download at: After the Deadline

After the Deadline checks English, French, German, Portuguese, and Spanish text.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Who’s Tracking Your Internet Browsing? – Find Out With Ghostery

Picture this – you’re at your favorite grocery store and you can’t help but notice – no matter which aisle you’re in, you’re actions are being observed surreptitiously by a herd of people.

Each one carries a clipboard, in order to keep track of everything you throw into your grocery cart. On top of that, every grocery product you look at is noted and written down. Sound a little farfetched?

Alright, then try this – you’re cruising on CNET’s (download.com) Windows home page, and your every action is being observed – every action you take, every motion you make,  is noted and written down. Sound a little farfetched?

While the first scenario is just my imagination in overdrive, the second  certainly isn’t.

If you had Ghostery, the Firefox and Chrome add-on (which is designed to protect your privacy, by identifying who’s tracking your browsing) installed, you’d have access to the following information.

Screen shot of the trackers on CNET’s Windows home page.

Screen shot of the CBS Interactive individual links.

I’m not focusing on CNET particularly – you can expect to encounter this type of tracking on virtually every Web site you visit. This intrusive behavior is common, and should be expected.

It shouldn’t be common, but with little resistance being offered by the “sheeple”,  and a failure by regulatory authorities to enact appropriate consumer protection laws, we can expect privacy intrusions , like this, to accelerate. How sad is that?

If you object to this type of intrusion into your privacy, then consider installing Ghostery, and give these intrusive jerks the heave-ho. It may not be a perfect solution but, it’s a step in the right direction.

Fast facts:

DETECT – Ghostery sees the “invisible” web, detecting trackers, web bugs, pixels, and beacons placed on web pages by Facebook, Google Analytics, and over 400 other ad networks, behavioral data providers, web publishers – all companies interested in your activity.

LEARN – After showing you who operates behind the scenes, Ghostery also gives you the opportunity to learn more about each company it identifies, including links to their privacy policy and opt-out options.

CONTROL – Ghostery allows you to block scripts from companies that you don’t trust, delete local shared objects, and even block images and iframes.

Download for Firefox at: Mozilla.

Download for Chrome at: – Google.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Take Control Of Your Internet Privacy With BetterPrivacy Firefox Add-on

In the real world of Internet security push and shove, it seems everything has a “season” – a space in the spotlight. For example – each day we are bombarded with the latest, subjectively “most dangerous” – malware threat, cyber criminal operational techniques, application vulnerabilities, or irresponsible enterprise behavior – the latest being the negligent Epsilon data breach. All destined to become “old news” and seemingly irrelevant, within days

Just wait a few days and the Epsilon data breach will no longer be news worthy; it will simple fade away (just as if it never happened) – as have the other 20+ serious data breaches which have occurred in the last 30 days. Data breaches that have impacted governments, educational facilities, major enterprises ……

Test yourself – can you name one other security breach, application vulnerability, or dangerous malware threat, or technique, reported on in the last thirty days?

Internet privacy is a perfect example of this; in favor – out of favor, critical issue – non-critical issue cycle of Internet security push and shove. Lately, Internet privacy has been relegated to the back burner. Sort of like – hey, it’s not a big deal. Besides, there are newer and more exciting issues to report on – Internet privacy is old news!

But here’s the thing – Internet privacy is a substantial issue, and a more critical issue than ever. Developments in tracking technologies and a complete disregard for fundamental privacy rights, should be a major topic of conversation in the security community – until such time as the issue has been resolved in favor of consumers.

In the meantime, we’re on our own. It’s up to us, as individual consumers, to take the appropriate steps to safeguard our privacy (as best we can), while interacting with the Internet.

You can take a step in that direction by increasing your awareness of a significant threat to your privacy – Flash Cookies (also described as (LSO) – Local Shared Objects, and Smart Cookies).

Late last year, I wrote an article “BetterPrivacy Firefox Add-on Kills Flash Cookies”, centered on this stealthy and underhanded privacy threat, which I have now updated. I think you’ll find it’s worth another read.

If you hear something repeated often enough, then that “something” takes on a veneer of truth. It doesn’t necessarily mean that it is true of course – but, it appears to be true. The “truth” regarding Internet site cookies, falls into that category.

Most of us have heard that “truth” – without cookies (and now, Flash cookies), your Web experience would be terrible. You’d be starting from scratch each time you did anything on a given site online. Or, something along that line.

Nonsense! For years, I have deleted cookies at every Browser shut down, and have experienced no perceptible difference in performance when visiting the same 30 or so sites, that I visit every day

Here’s the reality:

Cookies are there for the benefit of advertisers; not the web site visitor – plain and simple. Keep in mind, that it’s critically important to advertisers to generate advertising that is specific to the web site visitor at the time of the visit – not later, but right then. And a cookie is the tool that facilitates this happening.

Luckily, Internet browsers can be set to allow full user control over cookies including accepting, rejecting, or wiping private data which includes wiping cookies. That is, until recently.

It appears that a user’s decision to control cookies, in this way, is simply not acceptable to advertisers and certain web sites, and so, we now have the Flash Cookie (LSO) – Local Shared Objects.

There is a major advantage for an advertiser to employ Flash cookies, not the least of which is; they are virtually unknown to the average user. Equally as important, from an advertisers perspective is; they remain active on a system even after the user has cleared cookies and privacy settings.

This practice of  web sites dropping Flash cookies onto your computer, which occurs without your knowledge or permission,  according to some in the security community, is akin to hacking. Frankly, I agree.

If you think this practice is restricted to shady web sites, you’d be wrong. Of the top 100 web sites, the majority use Flash Cookies. So, I was not particularly surprised, when I found some of my favorite sites involved in this invasive practice.

I first wrote on the issue of Flash Cookies back in September 2009, and since then, I’ve watched as these obnoxious web trackers and privacy invaders multiply like a virus.

Quick Flash cookie facts:

They never expire

Can store up to 100 KB of information compared to a text cookie’s 4 KB.

Internet browsers are not aware of those cookies.

LSO’s usually cannot be removed by browsers.

Using Flash they can access and store highly specific personal and technical information (system, user name, files,…).

Can send the stored information to the appropriate server, without user’s permission.

Flash applications do not need to be visible.

There is no easy way to tell which flash-cookie sites are tracking you.

Shared folders allow cross-browser tracking – LSO’s work in every flash-enabled application

No user-friendly way to manage LSO’s, in fact it’s incredible cumbersome.

Many domains and tracking companies make extensive use of flash-cookies.

If you value your privacy, then without a doubt you need to control these highly invasive objects, and if you are a Firefox user there is a solution – BetterPrivacy – a free Firefox add-on.

From the BetterPrivacy page:

“Better Privacy serves to protect against not delectable, long-term cookies, a new generation of ‘Super-Cookie’, which silently conquered the internet.

This new cookie generation offers unlimited user tracking to industry and market research. Concerning privacy Flash- and DOM Storage objects are most critical.

This add-on was made to make users aware of those hidden, never expiring objects and to offer an easy way to get rid of them – since browsers are unable to do that for you”.

In the following screen capture (click to expand to original), you’ll notice BetterPrivacy has deleted a cumulative total of 6188 Super Cookies. An amazing number, considering the OS on this machine was freshly installed on March 1, 2011.

The Options and Help tab (shown in the following screen shot), will allow you to choose specific deletion methods. You should consider selecting “Disable Ping Tracking”, which will prohibit sites from following you as you surf the Net.

Download at: Mozilla

Simple HTTP cookies (ordinary cookies), can be subject to attack by cyber criminals, so it won’t be long before flash cookies will be subject to the same manipulation. Better you should learn how to control them now – not later.

Privacy, in all areas of our life is under constant attack, but that shouldn’t mean that we give up. We need to learn to fight back with every tool that’s available.

For a more detailed breakdown on flash cookies, and the danger they represent to personal privacy, checkout The Electronic Privacy Information Center.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Spice Up Your Blog And Forum Comments With BBCodeXtra Firefox Add-on

I must admit – I love to pore over readers’ comments following articles I’m checking out on other sites. Courteous comments (which by their nature, raise the level of intellectual persuasion), will often elevate a mundane article above the crowd of similar articles. The article may be the main meal, but reader comments are, in many instances, the spices that give it the oomph, the zest and the zing…….

If you’re the type of Internet user who likes to express your point of view, or share your wisdom and your insight by commenting on forums, on Blogs, or on any site which engages with its readers by supporting comments – then you’ll find BBCodeXtra (which adds Bbcode, HTML, and XHTML context menu commands to Firefox), very useful.

With BBCodeXtra installed you can markup your comments to display bold, italic, or underlined text, and more. As well, additional submenus increase functionality substantially.

Here’s an example in which I’ve selected “cool application” for italicizing, “just one more” for underlining, “you” to reference a URL, “much more closely”, for a block quote, and finally, “Always good to see your comments), for bolding.

The BBCodeXtra context menu commands makes it very easy to add emphasis to your comments – without the need to learn coding.

Settings menu

You can create a custom tag to insert a fixed plain text or symbols like ©, ® e ™ (both HTML entity or UTF characters).

System requirements: Firefox, Seamonkey.

Download at: Mozilla

Note: A comment tip from regular reader Michael F. pointed the way to this terrific add-on. Thank you Michael.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Free G Data CloudSecurity – Blocks Known Malware And Phishing Websites

As we reported several days ago in Search Engine Results – More Malware Surprises Than Ever!, poisoned search engine results have proven to be a gold mine for the bad guys who, naturally, continue to be unrelenting in their chase to infect web searches.

Since drive-by downloads, which don’t require user action to create an infection, are resident on many of these compromised sites, this is unhappy news for the unwary Internet user.

To reduce the chances that you will be victimized by malicious search engine results, you should consider installing an appropriate Browser add-on, or if necessary, add-ons, to increase your safety margin. A list of recommended add-ons follows later in this article. But first, take a look at a new Firefox/Internet Explorer add-on, G Data CloudSecurity – passed on by regular reader Charlie L.

According to G Data, the plugin “effectively blocks access to known malware distribution and phishing websites – in real time. The plugin can be used alongside any other installed security suite and is ready for action after installing; no additional configuring required.”

Taking advantage of this service couldn’t be easier. Simply download the setup application, and execute. Following installation, you’ll notice a new icon in your browser which indicates  G Data CloudSecurity is up and running.

Clicking on the icon opens a dropdown menu which provides access to a number of functions.

The screen capture below shows G Data CloudSecurity in action – blocking a suspicious, or dangerous Web site.

Fast facts:

Compatible with all other security products

Prevents access to malware and phishing websites

Install once – no updates required

PC performance remains unaffected

Download at: Developer’s site. (G Data)

Additional Internet Browser Protection:

It’s not prudent to rely on only one form of protection, it seems to me, so take a look at the following browser security add-ons that are noted for their effectiveness.

It’s important to recognize that cyber-criminals are crafty, and there are no perfect solutions.

Web of Trust (WOT) – WOT is a free Internet Browser add-on (my personal favorite), that has established an impressive and well deserved reputation. WOT tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites. (installed on my computer)

Search Engine Security – Search Engine Security turns the table on the bad guys by using using a technique familiar to most hackers – appearing to be something you’re not. Or, more properly, appearing to come from a location you’re not really at. (installed on my computer)

Basically, the add-on changes the HTTP referrer (selectable by you), in the search string so that when you click on a returned link it appears to the link site that you have not arrived from Bing, Google, or Yahoo.

McAfee SiteAdvisor – A free browser add-on that adds small site rating icons to your search results as well as a browser button and optional search box. Together, these alert you to potentially risky sites and help you find safer alternatives. These site ratings are based on tests conducted by McAfee using an army of computers that look for all kinds of threats.

ThreatExpert Browser Defender – The Browser Defender toolbar allows you to surf safely by displaying site ratings as you browse the Internet. When you visit a site its address will be checked by our servers and a rating shown in the toolbar based on any malicious behavior or threats we have found associated with the site. The toolbar also integrates with the search results provided by popular search engines such as Google and Yahoo! so you can see if, in our view, it is safe to continue before you visit a site.

AVG Security Toolbar Free Edition – AVG’s unique Search-Shield, available with the AVG Security Toolbar Free Edition, marks all web pages which are infected by zero day exploits and drive-by downloads. This powerful LinkScanner based technology works in real-time to provide comprehensive protection. Other programs rely on static databases and cannot protect you at the only time that matters – the time you click on a link.

TrendProtect – TrendProtect is a free browser plug-in that helps you avoid Web pages with unwanted content and hidden threats. TrendProtect rates the current page and pages listed in Google, MSN, and Yahoo search results. You can use the rating to decide if you want to visit or avoid a given Web page. To rate Web pages, TrendProtect refers to an extensive database that covers billions of Web pages.

Bottom line:

While G Data CloudSecurity does what it says it will do, my personal preference is unchanged. WOT (Web of Trust), backed up by Search Engine Security, is a more appropriates solution.

I’ve reviewed and recommended a bag full of Browser security add-ons in the past few months, or so. No disrespect intended to those developers who have the public’s interest at heart when they develop Browser security add-ons, but…..

Am I the only one who thinks that building protection into my Brower in this potluck fashion, has reached the height of ridiculousness?

Isn’t it long past the time, when a Browsers should be built with the most appropriate form of protection already on board?

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.