"Dan Jenkins" <***@plusnet.uk> wrote
| Does this test plan sound reasonable?
| 1. Go on VPN.
| 2. Download & install Epic stub.
| https://www.epicbrowser.com/encrypted_proxy/
| 3. Optionally, put epic web sites in the hosts file as 127.0.0.1
| 4. Save the full offline downloader
| C:\Users\<user name>\AppData\Local\Epic Privacy Browser\
| Application\<version>\Installer\chrome.7z
| 5. Uninstall Epic
| 6. Disconnect from the net
| 7. Unzip that "chrome.7z" file in your app directory
| 8. Start Wireshark
| 9. Go online
| 10. See what happens when you use that offline Epic
|
Sounds complicated, but I can see the logic.
| There is the strategy: You can't trust anyone.
| There are the tactics: Yet, you must browse.
|
| Hence, one approach is to spread out your browsing history.
| Epic is just one of those that you can spread it out to.
| VPN is another.
| Proxy is another.
| Opera is another.
| Tor is another.
|
| (Are there any other ways to spread out your browsing history?)
|
You bring up some interesting ideas.
It's an interesting strategy. There may be
someone at the NSA scratching his head....
He's spends all his time reading news...
No, he spends all his time shopping...
No, he never leaves ESPN... :)
I guess it's a good approach given that you
also use a HOSTS file. And script blocking? I
think the biggest factor is the spying is the ubiquity.
The average person is allowing a number of
companies to track their moves online just
by acting normally.
I guess there are a lot of ways to do it and people
have different priorities. For people who use the
likes of Twitter, Facebook, LinkedIn, etc -- they
probably feel they have no choice and thus they
can't afford realistic concerns about privacy.
I don't use any of those things. I don't download
illegal files or plot bank robberies. For me the
issue is mostly one of maintaining reasonable
privacy and enforcing some semblance of dignity.
I don't want to actively accept a norm that says
any company online has a right to your data.
(I was just reading the other day that in Estonia
it's a very serious crime for someone else to
look at your data without cause because it
belongs to you. And gov't authorities' access is
recorded.)
So I wouldn't consider using anything like gmail.
The basic deal is "we give you a freebie and you
agree to let us spy on you and co-own your files".
That's simply dishonest at the core. It can't
be made decent/dignified except by changing
it to: You pay by seeing ads but we won't spy.
Google have no basic ethics. They act sleazy
and rationalize it to themselves as the inevitability
of tech. There's no clean deal there. I also don't
consider it ethical the other way around: If you
try to steal the service and avoid the price then
you become part of the sleaze. Stealing from a
pickpocket is still stealing. Unfortunately, for now,
there are not many options. The whole Web is turning
into a number of spyware walled gardens.
I'm also wary of VPNs. It's allowing an unknown
company to track you. I've seen rumors about
VPN faults and also about VPNs cooperating with
the NSA. But that does mean that my IP address
is distinct. For now I accept that. I just try to block
3rd-party files, script and tracking as much as
possible. I figure that if more people would just
block the basics and set up a HOSTS file, spyware
advertising would become untenable and companies
like Google would have to settle for the billions
they used to make with context advertising.
I don't actually block ads and don't see a need to.
If a website needs ads to support their operation
that's fine. I'll decide whether I want to go to that
site. If I do then I'll see any *honest* ad they have.
In other words, if the ad is actually on their
website I'll see it. If they're going to try to trick
me into being tagged and involuntarily going to
Google/Doubleclick then I'm going to block that
and they won't get to show me any ads at all.
But just blocking Google is a big project. Google
fonts. Google jquery. Google tag manager. Doubleclick.
It goes on and on. I block everything I find of
theirs except the search and the maps API. I
occasionally use their search. And they show ads
at the top. Normally I use duckduckgo.
This is my HOSTS file list for Google alone.
(Using wildcards through Acrylic DNS proxy HOSTS file.)
127.0.0.1 *.googlesyndication.com
127.0.0.1 *.googleadservices.com
127.0.0.1 *.googlecommerce.com
127.0.0.1 *.scorecardresearch.com
127.0.0.1 *.1e100.com
127.0.0.1 *.1e100.net
127.0.0.1 *.doubleclick.net
127.0.0.1 *.doubleclick.com
127.0.0.1 *.googletagservices.com
127.0.0.1 *.googletagmanager.com
127.0.0.1 *.google-analytics.com
127.0.0.1 google-analytics.com
127.0.0.1 fonts.googleapis.com
127.0.0.1 googleadapis.l.google.com
127.0.0.1 ssl.gstatic.com
127.0.0.1 plusone.google.com
127.0.0.1 cse.google.com
127.0.0.1 www.google.com/cse
127.0.0.1 www.youtube-nocookie.com
127.0.0.1 *.appspot.com