I’ve been a heavy Google services user. I used on a daily basis Google Search, Gmail, Google Calendar, Picasa, Google Reader and Google Maps. And as I stated before, this dependency is not good, so eventually I got rid of it. On this post I want to explain the alternatives I’m currently using, and how happy I am with them. It could have been a “30 days without Google”, but it has been more than 30 days since I’ve been living with not-so-much-Google-in-my-life and I didn’t a detailed follow-up of the migration process, so it was a bit out for this title. Continue reading
Category Archives: Privacy
Privacy is very important. Learn about it.
Simple virtual user mail system on Debian
On this post I will explain how to set-up an e-mail server on Debian using Postfix, Cyrus, Courier, PAM, PostfixAdmin and Roundcube. I’m not going to explain nothing completely new or revolutionary neither reinvent the wheel. To be clear, what I did to implement the server was following this guide: Simple Virtual User Mail System. But, it’s for Arch Linux, so if we want it to work on Debian there are several changes that we have to take into account. So, instead of repeating everything, I will just highlight the changes. Continue reading
Dropbox + Truecrypt: your files everywhere, and safe
If you work with several computers, sharing data between them, you probably:
- Go around with a memory stick all the day.
- Use a online file-sync service.
For convenience, I use the second option. I have some files in the cloud, so they are always accessible and updated from any PC I use (three PCs at work and my laptop at home/wherever). In fact, I can even access them from my phone. For that, I greatly recommend Dropbox. I’ve already talked about it, but in Catalan, so I will make a short summary for English speakers (the Google translation is not so good).
How Dropbox works
- Create an account.
- Install the software on one computer (be the OS Linux, Windows or Mac).
- Link the software to your account.
- Decide which folder you want to sync. All the contents of the folder are uploaded to Dropbox servers, in real-time (well, as fast as your connection allows). Any modification/deletion/addition of files is automatically updated, with no user intervention.
- Install the software on another computer.
- Link again to your account.
- Decide which folder to share. The contents of the folder are synchronised with the server, or what is the same: the two folders of your computers are always synchronized between them as soon as they have access to the network (usually, at boot up).
- Repeat steps 5,6, 7 in many computers as you want.
Pros:
- No need to manually sync every time you modify the files, it is automatically done (you can check the sync status).
- You have local copies of the files, so you can work if network is not available.
- You can even access to your files via a web browser.
- Data transfer between server and clients is encrypted.
Cons:
- You have a local copies of the files on each computer, so it could be considered “wasted space” for some people (I prefer to say redundancy :) ).
- Dropbox workers could have a look at you files, even if they say they are not going to. They are on their servers, so…
Making Dropbox safer: Truecrypt is your friend
If you like the idea of using Dropbox, but you are worried about your privacy, or you have to store sensitive/confidential data, there is a solution to the dilemma. Do not share files; share encrypted files.
Truecrypt allows you to create encrypted partitions or containers. A container is a file which can be used as a partition or disk drive, encrypted and protected with a password. Actually, it can be encrypted with a password + a key file, but then you always need to have at hand this file for accessing to it. As I like lists a lot, I will explain how to use Truecrypt in this way.
To create your encrypted container:
- Install Truecrypt software on you computer.
- Execute it, and follow the wizard to create a virtual volume.
- That’s all! :D
How to use the container:
- Run Truecrypt.
- Select the file (container) you have created before, and mount it.
- Now you should have a new disk drive/partition available on you system. Copy files to it as you would normally.
- Unmount the volume using Truecypt.
Quite simple, right? So, what’s the deal with Dropbox? You can put the encrypted container inside the Dropbox shared folder, so instead of getting access to all the files, they only receive a single encrypted file with no idea of what’s in there. Sure that they could try to crack it, but its like if somebody would like to hack your server by brute force (not impossible, but at least quite difficult).
To be sincere, there is a couple of drawbacks on that:
- You have to manually mount and unmount the encrypted file each time you want the data to be synced. While the volume is open, Dropbox will not sync it as it is considered to be “used by another application”.
- The sync is slower, as instead of just updating the files you have changed, it has to update the whole encrypted file.
I have found a balance between convenience and privacy putting on the encrypted volume just the sensitive files or personal data (e.g., pictures and documents), and outside of the container (but still inside the shared folder) the files that are not important but I want accessible and updated at all times.
Search for me, my little duck.
Before starting with my brick of words, I would like to advise you that if you try my proposal, it’s going to have a big impact on your internet habits. Actually, I’m going to propose you to use a different search engine from the one you are used to, and I’m sure that at the beginning you will feel uncomfortable with it and you will be very keen to come back to your previous tool. But, honestly, give it a try for at least a month. The more you use a new tool, the more you discover how to use it correctly, and the more you enjoy it. After that pseudo-disclaimer, let’s begin with the interesting content.
Nowadays we use search engines a lot. They have become the standard way of finding websites on the jungle of information that the WWW is today. Web directories are a resource of the past, we just input our words of interest in a textbox, hit the Enter key, and rely on the answers of Google, Bing or Yahoo. They seem to work quite well, and they are free, so what’s wrong with them?
Just two things:
- You are getting a biased view of the web.
- Your telling A LOT about you to a company (and it’s third parties). Probably more than you would under other circumstances.
There is more out there.
When using a search engine, you are getting results according to its criteria. At the beginning, the results were sorted according to more or less objective parameters that measured the quality of the sites. But it has changed. You have probably noticed that you get different results for the same search when you use other computers or compare it with the results that other persons get. I could explain here why this happens, but the web page Don’t Bubble Us explains it with a lot of pictures, not much text and in a funny and easy to understand way. So, before continuing, please have a look at it (and then come back ;) ).
Done? Are you a bit disappointed about the search engine you use? I was. You have probably read the last part about DuckDuckGo, but I’ll talk about it later.
Searching for “herpes” is telling them (and other companies) that maybe you have it.
This is how it works. They know about your interests, your problems, what you are shopping… your life. Again, and in order to do not repeat what others have explained better, I recommend having a quick look at Don’t Track Us.
So, now you could just be in the mood of “I don’t care about all this bullshit, you are a paranoid” or “OMG! I’m selling my life and having a distorted view of the world! I’ll never use it again.” Or something intermediate, just a bit worried and willing to find a better search engine that keeps your privacy while providing a good service.
Emergency services use dogs. I use ducks.
That’s the search engine I’m using, and the one I recommend: DuckDuckGo (DDG from now on). The have a very nice privacy policy, and I’m quite happy with the results. Actually, what they do is using other search engines to get a bunch of results, and then rank them according to its parameters of quality. So, we could say that they are acting as an anonimizer between you and several search engines.
In addition to that, they have some tricks that make the experience more enjoyable. One is the red box, also known as zero-click info. It is a red box (d’oh!) shown at the beginning of the search results, containing a topic summary or related topics. It could be the explanation of an acronym, the result of a mathematical operation or conversion between units, a short definition, etc. I’ve solved several of my quick searches just with that, with no need to go inside other sites.
Next tip I love is the !bang. There are a set of keywords that allow you to perform specialized searches. You can !python to look at python documentaion, !mineforum for minecraft forum, !images for Google images (yes, they don’t provide this service yet), !filestube for search in filestube, etc. So, kind of shortcuts for other sites. And the list of options is huge.
To sum up this short review, to get an idea of the overall capabilities of DDG, try the searches on the goodies page.
Putting a duck in your life.
If you have decided to give DuckDuckGo a try, do not rely just on opening the web page each time. You are not going to do it. You will just use the search box in Firefox or the omnibox in Chrome/Chromium, therefore relying again on you previous search engine. To force yourself to use it for a while, you have to configure it as you default search engine on your browser. Fortunately, it’s really really easy, just a couple of clicks. If you visit the DDG homepage, you’ll see a link with the instructions to do it. So, do it. Now. If you don’t like it, you can always come back. But I haven’t ;)
Happy searching!
I don’t like cookies from strangers
I will start the set of articles about privacy with something simple: avoiding cookies from third parties. So, let’s remind what is a cookie.
Cookies not for eating
Citing wikipedia, we have:
A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is used for an origin website to send state information to a user’s browser and for the browser to return the state information to the origin site. The state information can be used for authentication, identification of a user session, user’s preferences, shopping cart contents, or anything else that can be accomplished through storing text data on the user’s computer.
The part about user’s preferences and shopping cart sounds quite useful, doesn’t it? Actually, cookies are useful. Thanks to them we can autologin to sites where we have logged in before, keep our preferences if the website has some personalization, etc. So, the concept is not completely evil. If you visit a site and accept their cookies, you’re accepting that they keep track of you in exchange of some services.
Cookies from strangers
So, we agree on accepting cookies from a website, but do you know that by default you are also accepting cookies from other sites apart from the one you are visiting? Maybe the website you are visiting has ads, from a third party, and these ads are storing cookies in your PC so that they can track you. Or if it has a Like button from Facebook (like I have in the blog… should I remove it?), Facebook is using it to put a cookie on your browser to track you even if you are not in the social network. These cookies are called Third Party Cookies, because they don’t belong to the domain/website you are visiting.
Do not eat the bad cookies
Fortunately, blocking those cookies is easy with most of the browsers. In some very rare cases not accepting these external cookies could affect the navigation experience (that’s what they say), but I’ve never had any problem. An easy step-by-step guide for Firefox can be found on the Firefox Help, with nice screenshots and everything. For Google Chrome/Chromium, it’s not so well explained on the official Chrome Help (it’s hidden in the “Block cookies by default” section), but it’s just going to Preferences > Under the Hood in the left panel > Content Settings button on Privacy section > Check Block third-party cookies from being set.
And that’s all, Folks. If you research a bit you will find that there are plug-ins and extensions to improve even more your privacy regarding to cookies, but this is a good starting point.
Privacy, I want you back
I have to admit it: Google has been doing his work very well. I’ve been seduced by its services, embracing its technologies… and therefore providing them a lot of data about myself. Actually, not only to them. I’ve become lazy, caring less and less about my privacy and becoming easily trackable and telling too much about my life. And no, I’m not worried about what I’ve posted in this blog or said in Twitter, I have nothing to hide in these places.
But it’s time for changes. A few weks ago, an innocent comment of a friend awoke something inside me. During the next days I deeply thought about how I’ve been managing my digital life, and the conclusion was that I’ve been screwing it up. Time to take action. Time to be like it was before, when it started with a 28800 bps modem (I really miss that sound) and paying per second of connection.
I’ll try to write posts about different topics: search, mail, web services, online calendar, file sharing… Actually, I’ve already changed several of my habits and I’m very happy with the results, so writing about it shouldn’t take long. Stay tuned.