Locking Down Windows

I’ve recently moved Back to Windows for my desktop computing. But Windows 10 comes with enormous privacy and security issues that people need to take into account…and get under a semblance of control. Here’s how I did it.

There has been much written on this subject, so what I’m including here is more of a digest of what I’ve found elsewhere with perspective on how it worked out for me over time.

Windows Tweaker

This is a pretty good tool that does what Windows should do out of the box: give you one-stop access to all Windows’ settings. As it is, Windows 10 has spread out many settings, including those for Privacy, to the Settings screen as well as Registry Editor and Group Policy Editor.

There are dozens of look and feel tweaks, including an easy way to force Windows to use the hidden Dark Theme.

The Privacy Tab, however, is the single most important. There, you can easily turn of all the nasty privacy holes in Windows 10, such as how the OS sends things like keystrokes (that’s right!) back to Microsoft. The list of holes it will close is long: Telemetry, Biometrics, Advertising ID, Cortana, etc.

Cortana

Speaking of Cortana, I was really excited that this kind of virtual assistant was embedded in Windows 10. I looked forward to trying it out. But then I read the fine print.

Cortana is a privacy nightmare. She can’t be trusted. She’s a blabbermouth and repeats back everything you tell her to not just Microsoft, but indirectly to all of their advertising partners. And who knows where all that data goes and how secure it is in the long run.

Yuck!

Turn her off. Pull the plug. Zero her out.

The easiest way to disable her is to set up a Local Account. But there’s more info out there, including this at PC World.

Local Account

When you first install Windows 10, unplug the ethernet and shut down wifi. Then, when you’re certain that all of MSFT’s listeners can’t communicate with your machine, go through the Installation Set Up process and when asked to create/log in to your Microsoft Account, don’t. Instead, use the Local Account option.

The down sides of going this route are that you can’t sync your experience, accounts and apps across devices. You also won’t be able to use Cortana.

The up sides are that using a Local account means you will be far more secure and private in whatever you do with your computer (as long as you maintain the many other privacy settings).

Reduce Risk and Streamline Your PC

Windows 10 comes crammed with many programs you may not want. Some of these may even be tracking and sharing, so if you don’t actually use it, why not lighten the load on your system and remove them.

You can do this the slow way, one app at a time, or you can use the Powershell nuclear option and kill them all at once.

I did this and haven’t regretted it one bit. So fire away…

Privacy Settings

I won’t go into all of this. There is plenty of solid advise on reducing your exposure on other sites (like at PC World) and some lengthy YouTube videos which you can easily find.

But it is critical that you go into the Settings panel and turn everything off at the very least. That’s my feeling. Some tell you that you even need to set up IP blocks to keep your machine from reporting back to Microsoft and its advertising partners.

Others say this is somewhat overblown, and not unique to Windows, like over at LifeHacker, so I’ll leave it to you to decide.

Conclusion

It’s really too bad that operating systems have gone down this road. Our PCs should be tools for us and not the other way around.

Imagine if everything that happened on your device stayed private. Imagine if it was all encrypted and nobody could hack into your PC or Microsoft’s servers or their advertisers’ databases and learn all kinds of things about you, your family, your work, your finances, your secrets. And yet, this is precisely what Microsoft (and iOS, Android and others) did, intentionally.

Frankly, I think its bordering on criminal negligence, but good luck suing when your data gets exploited.

Better safe than sorry…that’s my take. Do a little work and lock down your computer.

Good luck out there…

 

Private Email to Foil the Snoops – ProtonMail Review

As we’ve been learning over the past few years, privacy has been getting the thousand cuts treatment. Everyone’s been in the act. Et tu Google? You betcha.

Fortunately, you can stop inadvertently BCC’ing Google, the NSA, the Chinese government, hackers, marketers and other creepers of your personal content. That’s thanks to some good people who actually live by the mantra to “Do No Evil” who have created ways for email users everywhere to keep their messages between them and their recipients.

Over the past week, I’ve been exploring one of these, ProtonMail.

The True Cost of Free Email

Most email services are profitable because they sell everything that you type and attach in your emails to marketing companies. Vast profiles about you are generated from this content. Think about it: what diseases you talk to your relatives about, your political and religious beliefs, who you spend your time with, even documents you attach from tax info to intimate photos. It’s all in there, and it’s all for sale.

You might immediately wonder why your email provider is collecting all this. It’s none of their business, right? Well, it is because you made it their business when you agreed to the terms of service. Even down to the attachments, by using services like Gmail and Yahoo! Mail, you are granting that company to access and sell the content to ad companies and beyond.

Now imagine that this database on you was to be hacked. Can’t happen? It has. The Chinese government hacked Gmail and has likely gleaned a ton of information on the world’s Gmail users. Most likely, they were interested in what their own citizens were writing, but if you ever wrote anything critical of China or work for a company with exposure to China, they might find that interesting too. Who knows!

The US Government has also hacked into Google (and just about every other Western tech firm) as well.

And if these entities can do it, so can criminals and the mischievous. So, again, why are we letting these firms put our information at risk in the first place?

Good news: you don’t have to anymore…

Private and Secure Email

Alternatives to Gmail and other market intelligence-based email services include:

HushMail and StartMail were early services that took your privacy seriously. Both promised not to ever sell your data, but their business model made up the difference by charging you for the pleasure of living privately and secure.

Tutanota and ProtonMail, on the other hand, are free. Both use similar end-to-end encryption techniques and are quite similar in most respects. When I weighed which one to go with, I ended up choosing ProtonMail, only because their servers are based in Switzerland, a country that has outlawed the seizure of private computer content.

My ProtonMail Experience

ProtonMail was created by developers working at the CERN lab in Switzerland who were inspired by Edward Snowden and who were shocked at how weak online security was becoming, thanks to very aggressive and dangerous actions by global intelligence services.

ProtonMail uses encryption that is unlocked locally, on your machine, so even if anyone broke into ProtonMail’s servers, they would need a few more years than the age of the Universe to decrypt your content. Translation: it’s pretty damn secure, despite claims that the NSA can decrypt encrypted data. They would still need a lot of time and effort to do so, so it’s unlikely they’ll go to such an effort unless you’re an active terrorist (or the leader of Germany).

Best of all, you can send securely encrypted emails even to people using Gmail or Hotmail. You do this by checking a box, creating a password and an optional password hint for the recipient. They then receive an email with a link to ProtonMail. By following that link, they are taken to a secure web page inside ProtonMail where they can read and reply to your message by using the password. Or, if it’s nothing you’re worried about sending, you can just send it as regular, unsecured email to your Gmail friends, in which case it works as normal…but can be gleaned for any info you might have carelessly included.

Here’s how ProtonMail pans out.

UI and Functionality

This is more than just a bare bones email service. ProtonMail comes with a secure Contacts manager, email search and many other features you would expect in a modern email service.

The UI is clean and very straightforward.

Probably the hardest thing about using ProtonMail is the encryption, but not because it’s complicated…it’s drop dead simple…but only because it adds a step to your email creation if you plan on sending encrypted emails to people on Gmail, for example. In this case, you just have to come up with a good password and hint that your friends can figure out. It can actually be a little hard to come up with something that isn’t as easily hacked as “The city we met in.”

The other complication is that you have two passwords. One is used to access your mailbox and the other is used to decrypt the messages. So you have to enter two of these. In my case, I use KeePass password manager, so I just create super crazy, long, gibberish-based passwords for both of these and store them in the manager. Then it’s just a copy and paste action that I need to do twice when I log in…slightly easier, in fact, than using the two-factor authentication I use with Google, compounded by my non-use of cookies.

The Mom Test

I tested the recipient experience with my Mom (very non-technical) and some friends (generally non-technical) to see if any of this would keep people from reading and replying to me. So far, ProtonMail only snagged my mom, because she didn’t think of using caps on a name I was using for the password.

My mom also didn’t understand that she had to reply from within the browser window. Some caveats here: I believe she still thinks of email as something that she has to do in AOL.

My friends fared much better with no reports of trouble. So overall, I’d say there is a small learning curve for some recipients.

The Private Future

The hope here is that most people will gravitate over to ProtonMail or services like them, so that everyone’s on the same, private page. As I mentioned above, there are some extra steps with using ProtonMail with non-ProtonMail recipients. But if you’re communicating with friends that also use ProtonMail, the encryption is already there and you can relax…so obviously, I hope you all join ProtonMail.

Is Apple Pay Really Private?

Apply Pay, the new payment system unveiled by Apple yesterday was an intriguing alternative to using Debit and Credit Cards. But how private, and how secure, is this new payment system going to really be?

Tim Cook, Apple CEO, made it very clear that Apple intends to never collect data on you or what you purchase via Apple Pay. The service, in fact, adds a few new layers of security to transactions. But you have to wonder.

A typical model for data collection business models is to promise robust privacy assurances in their service agreements and marketing even though the long-term strategy is to leverage that data for profit. Anyone who was with Facebook early on knows how quickly these terms can change.

So, when we’re assured that our purchases will remain wholly private and marketing firms will never have access to them, how can we really be confident that this will always remain the case? We can’t. So, as users, we should approach such services with skepticism.

As with anything related to personal data, we should assume that enterprising hackers or government agents can and will figure out a way to access and exploit our information. Just last week, celebrities using Apple’s iCloud had their accounts compromised and embarrassing photos were made public. And while Apple has done a pretty good job at securing Apple Pay, it’s still possible someone could figure out a way in…and then you’re not just dealing with incriminating photos, you’ve got your financial history exposed.

So ask yourself:

  1. Can you think of things you buy that could prove embarrassing or might give people with malign intent a way to blackmail or do financial damage to me?
  2. If my most embarrassing purchases were to become permanently public, can I live with that?
  3. How would such public exposure impact my reputation, professionally and personally?
  4. Does the convenience of purchasing something with my phone outweigh the risks to my financial security?

Depending on how you answer this, you may want to stick with your credit card.

Or just go the analog route and use the most anonymous medium of exchange: cash.

Private Google Search Alternatives

Google NSA skin using Stylish Browser PluginA few weeks back, I dropped Google search in favor of DuckDuckGo, an alternative search engine that does not log your searches. Today, I’m here to report on that experience and suggest two even better secure search tools: StartPage and Ixquick.

The probelm with DuckDuckGo

As I outlined in my initial blog post, DuckDuckGo falls down probably as a consequence of its emphasis on privacy. Whereas Google results are based on an array of personal variables that tie specific result sets to your social graph…a complex web of data points collected on you through your Chrome Browser, Android apps, browser cookies, location data, possibly even the contents of your documents and emails stored on Google’s servers (that’s a guess, but totally within the scope of reason). This is a considerable handicap for DuckDuckGo.

But moreover, Google’s algorithm remains superior to everything else out there.

The benefits of using DuckDuckGo, of course, are that you are far more anonymous, especially if you are searching in private browser mode, accessing the Internet through a VPN or Tor, etc.

Again, given the explosive revelations about aggressive NSA data collection and even of government programs that hack such social graphs, and the potential leaking of that data to even worse parties, many people may decide that, on balance, they are better off dealing with poor search precision rather than setting themselves up for a cataclysmic breach of their data.

I’m one such person, but to be quite honest, I was constantly turning back to Google because DuckDuckGo just wouldn’t get me what I knew was out there.

Fortunately, I found something better: StartPage and Ixquick.

Google but without all the evil

StartPage is a US version of the Dutch-based search engine Ixquick.

There are two important things to understand about StartPage and Ixquick:

  1. Like DuckDuckGo, StartPage and Ixquick are totally private. They don’t collect any data on you, don’t share any data with third parties and don’t use cookies. They also use HTTPS (and no Heartbleed vulnerabilities) for all transactions.
  2. Both StartPage and Ixquick use proxy services to query other search engines. In the case of Ixquick, they query multiple search engines and then return the results with the highest average rank. StartPage only queries Google, but via the proxy service, making your search private and free of the data mining intrigue that plagues the major search engines.

Still some shortcomings remain

But, like DuckDuckGo, neither Ixquick or StartPage are able to source your social graph, so they will never get results as closely tailored to you as Google. By design, they are not looking at your cookies or building their own database of you, so they won’t be able to guess your location or political views, and therefore, will never skew results around those variables. Then again, your results will be more broadly relevant and serendipitous, saving you from the personal echo-chamber that you may have found in Google.

Happily private

It’s been over a month since I switched from DuckDuckGo to StartPage and so far it’s been quite good. StartPage even has a passable image and video search. I almost never go to Google anymore. In fact, I’ve used a browser plugin called Stylish to re-skin Google’s search interface with the NSA logo just as a humorous reminder that every search is being collected by multiple parties.

For that matter, I’ve used the same plugin to re-skin StartPage since where they get high marks for privacy and search results, they’re interface design needs major work…but I’m just picky that way.

So, with my current setup, I’ve got StartPage as my default browser, set in my omnibar in Firefox. Works like a charm!

Ed Sez – Tips from Edward Snowden on Foiling the Snoopers

At the recent SXSW conference, Edward Snowden supplied people with tips to complicate the lives, if not totally block, those that stick their noses in your online business.

Not to be confused with trying to ruin the chances of the NSA averting a nuclear strike by terrorists on my own country, I do feel there are some well-reasoned limits to what the US government should be doing, especially when it comes to figuring out ways to undermine secure Internet protocols. After all, when, as purported by Snowden, the NSA begins devising backdoor hacks into our web browsers, you can be certain that this only makes it easier for others (perhaps dangerous) individuals from doing the same.

In other words, in the name of the War on Terror, the NSA might actually be planting the seeds for the death of the Internet…or at least a 9/11 style assault on the world’s computer infrastructure. Students of the origins of Bin Laden and his connections with the US War on Communism might be right to feel a little déjà vu.

A related threat, of course, is that criminals might stand on the shoulders of the NSA’s good work and do some very bad work against you and your bank account and your identity.

Anyway, that’ my soap box speech on this.

But back to my recent spat of blogs on privacy and how to cover your virtual butts. Snowden did hand out a few treats for the kids at SXSW: two browser plugins that he regards as good ways to enhance your privacy against NSA or NSA-inspired hackers.

The first is Ghostery, which allows you to view what web services are collecting data on you when you visit a given web page. It goes further by letting you (Ad Block style) block, pause or allow such collection.

I’ve been using it for a few days and have found it fascinating just how many scripts are gathering info on me when I land on a given page. Right now, I have everything turned off, so that should take care of that.

I did experience one problem watching an embedded video on a website. In these cases, you can pause all of Ghostery or try to figure out which one of the dozen or so scripts it’s blocking is the required one for the video and then decide if it’s worth it.

The other plugin is called NoScript, which simply shuts down all scripts, including JavaScript, Flash, etc. I haven’t tried this out, but I’m expecting it be something I will only use sparingly given the amount of jQuery and other useful bits embedded in many web interfaces.

 

This Too Shall Pass – Deleting My Facebook Account

Screen Shot 2014-03-15 at 10.18.57 AMI’m killing my Facebook account.

And with it, I’m severing that company’s ability to collect data on my web habits, whereabouts, social connections (including off-Facebook connections) and financial transactions.

Apparently, I’ll also be reducing my exposure to NSA malware, as Mark Zuckerberg revealed in a public thrashing of Obama and the intelligence services that have been spreading malware through imposter Facebook sites.

This really won’t be that hard. Last year, I began experimenting with not using the social network, just to see how that was. This impulse was born from a general annoyance about FB’s murky privacy policies and the general tone of content on FB which had became increasingly irrelevant to my real social connections with people. (Remember when people started to appreciate that group emails were rude and began with the lines, “sorry for the group email!”…That’s how Facebook seems to me now, without the apologetic preface.)

BTW, if you’ve got your own suspicions about Facebook, the Electronic Frontier Foundation has put together a great timeline of Facebook’s shifting privacy policies. Reading their timeline is a great way to get your head around how free Internet services (FB, Gmail, etc.) are really about hooking you in with very clear and considered privacy policies that are planned to be revoked once they’ve got you dependent on them…or at least that’s how the timeline suggests this business model works.

Of course, deleting my Facebook account won’t be without costs.

If you’ve been a rolling stone like me, you have friends in many far-flung places. Facebook did make those connections feel stronger, so that aspect will be missed. But I’m online and quite findable, so if my pals from Japan or Europe want to find me, they only need know my name.

It turns out that completely deleting your account is a two-week process, described quite well on Digital Trends. The trick is that once you delete your account, you cannot log in for two weeks, or your account will be reactivated. That means you should first delete all apps from phones, tablets, etc. before deleting your account. You should probably delete your cookies too, just to be sure you don’t inadvertently reactivate it by triggering all those FB web beacons that mine the Interwebs.

Anyway, I’ll give my FB contacts a few days to run across my post and then I’ll zap it for good.

Better living through anonymity!

Back to Firefox – Update on Sync

This goes out to all you paraoid netizens out there, and if you’re not one, you should be…

As a follow-up to my last post on moving off Chrome and back to Firefox for privacy and security reasons, I wanted to document that I gave Firefox Sync a closer look.

Mozilla, the folks that develop Firefox, has a very detailed information page on Firefox Sync, but to sum up, this feature allows one to share add-ons, bookmarks, passwords, preferences, history and tabs across all your computers and other devices.

Firefox Sync PreferencesDouble-plus-good: you can decide what to sync and what not to. Because I’m trying to be extra careful with my data, I opted for syncing only my add-ons, bookmarks and preferences. One important note on syncing add-ons, this will install your add-ons across your devices, but not necessarily configure them, so you might have to do that part manually.

If you opt to sync your history, it will do so up to 60 days.

Reading over the security details of Firefox Sync, it seems like you’re in pretty good hands since sync uses an encryption key. I consider passwords and history going beyond my tolerance threshold, but these are likely pretty secure for most folks. My rule is to assume that hackers access my sync data: What can I live with leaking out to the public?

Add-ons? okay
Bookmarks? I guess so.
History? Not really
Passwords? Are you kidding?

When I set up sync, I also added Firefox as my default phone browser which I find no problems with yet and it’s nice to know that I’m surfing as privately on Android as on OSX.