Music in the “Cloud”… Just say No

March 31, 2011 at 17:38 | Posted in Privacy/Security, thoughts | Comments Off
Tags: , , , ,

Since Amazon’s announcement of their “Cloud” based music service (“Cloud Drive”) the blog-o-sphere has been all a buzz with this hot new idea.

Regular readers of my blog will know that I think “Cloud” services are a trap and only good for the person that is offering the service.

This is no exception. Most of these “Cloud” services are charging something like $10/mo for unlimited streaming. It might sound good on the surface but once you think about it you realize that…

  1. You’ll own nothing
  2. Your ability to stream will depend on connectivity.. Your bill will not (you’ll be charged $10/mo whether you could stream or not.)
  3. It is fairly trivial to set up your home computer to offer this same service for free and with all the music you already or will ever own.
  4. These services will most likely insert advertising into the music either now.. Or in the future once people are hooked.
  5. By connecting to their servers to stream your music these companies will be able to track all kinds of information about you.
    1. what you listen to
    2. where you listen from (device and location)
    3. How often you listen
    4. etc

Considering that with less than two hours work you could have exactly this for free why would anyone opt to pay $10/mo. to own nothing, be tracked and profiled, and advertised to. It is just a bad deal all around and people should just say no.

Note: In a future post (soon) I will detail how to set this up for yourself for next to nothing. Certainly for less then $120/year and your privacy

Browsing at the Speed of Text

February 9, 2011 at 17:50 | Posted in Life, Privacy/Security, thoughts, Tutorials/Howtos | Comments Off
Tags: , , , ,

I recently started using the ‘links’ browser for various things and was impressed with both the speed and the highly increased signal-to-noise ratio. Suddenly I could get to the information I wanted quickly and easily. This prompted me to set all of my other browsers to: no images, no scripts, no plugins

The difference was breathtaking. Suddenly I was back to the Internet I first fell in love with, a place where you can quickly find and share information. No blinking ads. No annoying scripted effects. No over done glitz. Just the info I was after.

I have found that I am getting things done much more quickly since my switch to text-only browsing.

The breath of fresh air that text-only browsing was got me nostalgic for the “old” days of the Internet when it was all text-only. I started using “Mutt” to read and send e-mail. I loaded up “Irssi” for IRC chat. I switched to a text only RSS feed reader for my morning and evening headlines/news. Again my productivity increased. So now I want to share how others can do the same. So try it out and see if your experience is similar.

The best place to start is probably the browser. For most people these days it is (sadly) the main, if not the only, way that they interact with the Internet.

I refer to a standard browser that has been configured to render only text as a “Stripped” browser.

To strip your browser find it in the list below and follow the steps. To un-strip it just reverse the steps

Internet Explorer:

Dont bother to try. IE is just too much of a mess and it’s likely you’ll break something trying to “Strip” IE.

If you are an IE user I’d suggest downloading Firefox or some other browser and “Stripping” it.

Firefox:

On Windows:
open Firefox
click tools -> options -> content
uncheck load images
uncheck enable JavaScript
click ok

click tools -> addons -> plugins
highlight each plugin by clicking on it and then click disable. (You’ll be able to “enable” them later)
Close the addons manager when done.

On Linux:
The same as above except the first options are under
edit->preferences->content

You now have a nice text only browser. Take it for spin and enjoy. Yes it will break some sites (YouTube naturally wont work) you may be surprised to see what sites fail to function. Many sites however will work just fine and be a lot easier to read.

If people know the steps to “strip” other browsers that I do not have access to please feel to post a comment.

If you have a browser not listed you basically want to search through the settings and do the following.

Disable all scripting
Set the browser to not load images
Disable (not uninstall) all media/rich content plug-ins

Once you have played with a stripped browser for a while you might get brave and decided to check out a true text-only browser like Lynx, elinks, links2, w3m, etc

I’d also suggest installing a second small/light browser to use as your stripped browser. As this way you can easily hop over to the other “Main” browser if you need to go to a page that just does not work right in a stripped or text-only browser.

As this post is getting a little on the long side I’ll cut it short and talk about doing other things on the Internet in a text centric way in another post.

More info on text centric use of the Internet can be found at the Ascii Ribbon Plus Campaign’s website. (Which I will also talk about in an upcoming Blog entry)

posted with Maemo WordPy from my N800

Google’s Cloud Printing… Just Fricking Insane…

April 18, 2010 at 11:24 | Posted in Privacy/Security, thoughts | 6 Comments
Tags: , , , , ,

O.k. people know I’m no fan of Google. In fact I’ve taken great strides to eek out a Google Free life on-line and off. People also know that I think the whole “Cloud” thing is the biggest pile of marketing crap in years, designed to put a nice spin, “oh! its soft! it’s fluffy! it’s free! it’s like a cloud!” on a huge step backwards to a time when people had to pay through the nose for server time to do any computing. “Cloud” is about stripping away your power and autonomy so that the owners of the “cloud” servers can sell it back to you.

This is exactly the case with Google’s cloud printing. They are going to make your life easier.. Or so they say.. and it’ll only cost you.. oh… all your privacy.

The first thing I’d like to clear up is a lot of people are claiming that this will do away with printer drivers and having to install them. If you read the documentation from Google this is plainly not the case, unless you are talking about an (at this point mythical) cloud aware printer. For “legacy” (a.k.a every printer out there today) printers you will not only need to install the drivers you’ll need to install a “proxy” on your computer to make the printer cloud aware. Oh and then you’ll have to leave the computer with the proxy on it powered up and on-line 24/7 if you want to use the print from anywhere anytime functionality.

Still a good deal you say? All that convenient printing and all you had to do was put a Google proxy on your machine and install printer drivers that you would have had to install anyway. Not so, Say I. You have to consider that now everything you print via this “cloud” is flowing through Google’s servers, and you can be 100% sure they will be scanning them and using what they learn to sell ads aimed directly at you. (Oh, and storing the info for who knows how long.)

As witnessed above I have two major problems with this whole idea and one that hasn’t be talked about yet. This takes a local and generally secure activity, printing, and turns it into an on-line and thus potentially insecure activity. It also is completely unnecessary. There already exists a “print from anywhere” over the Internet technology, and Hey, it doesn’t go through Google’s scan everything servers. It’s called “Internet Printing Protocol” and is supported by CUPS out of the box, and readily available on Microsoft machines too. You could set this up almost as easily and have all the joy of a Internet facing printer (including the security concerns). The ONLY reason Google isn’t promoting this is that it doesn’t send the data through their servers.

The third and as yet unmentioned annoyance about all this is that Google is clearly looking to have this technology “embedded” in printers and routers so people will only see the “print from anything anywhere” and not realize the cost in bandwidth, security, and privacy.

“This current requirement is why we are excited about working with the industry to build native support for cloud print services into their printers. We are also hoping some clever folks in the community will build proxies-in-a-box (like routers with print server abilities) so users get all the benefits of the proxy without needing to leave their PC powered on.”

Poor Chrome OS users are going to be bolted into using Google Cloud Printing.

” Google Chrome OS printing

Google Chrome OS will use Google Cloud Print for all printing. There is no print stack and there are no printer drivers on Google Chrome OS!

When users print from a web app that directly integrates with Google Cloud Print, then that works as described earlier with no involvement from Chrome OS. When users are printing a web page that is not making use of Google Cloud Print (such as a boarding pass, movie tickets, a magazine article, etc.), the app that is printing is the Google Chrome browser on Chrome OS. In this case, Google Chrome on Chrome OS is a native app that uses Google Cloud Print and common print dialog. The content to be printed is uploaded to the Google Cloud Print along with the job ticket information and then sent to the printer. More details are in the design document.”

So to sum up. Google Cloud printing:

  • Bad for autonomy (takes something you can do yourself and make you depend on Google for it).
  • Bad for privacy (sends what would other wise have been local data out to the Internet, scans it, stores it, and sends it back again.)
  • Bad for security (sends local data over the internet.Increases your “attack surface” but having the Google print proxy open to the net.).
  • Ignores IPP that offers many of the same features without Google in the middle.

Just plain BAD.

Google Free…

March 17, 2010 at 19:10 | Posted in Life, Privacy/Security, thoughts | 9 Comments
Tags: , , , , ,

This was originally just going to be an “WooHoo!! I’m finally Google free…” post. However when I posted on identi.ca about finally becoming Google free many people wanted to know more.. and several people have responded to me due to my Blogging on such things asking for more info. This has led to a complete re-write of the original post to make it more instructive.

But First…… WooHoo.. I’m Google Free (fireworks here). I finally went ahead and deleted my Google account. (took a while to get the stragglers away from my old gmail account). But that’s it. I’m done. No more Google, Ever.

People that have been following my journey away from Flash, and Google and towards total software freedom (and enhanced privacy) Will be aware that getting Google free is something that has been in the offing for a while now. But now that I’m there I’d like to take a moment. and talk a bit about where the Journey has taken me.

The first thing I’d like to say is that If you can’t live without things like YouTube then this journey (at least to the extent that I’ve gone). Probably isn’t for you. But stick around and read on.. even if you don’t plan to follow in my footsteps you can learn about options that abound that you may have been unaware existed.

One of the loudest questions I have been getting is What did I replace “Google this” or “Google that” with. So, I’m going to make a list and talk about what I like and dislike about them.

Google Search:

I have replaced Google Search with a combination of Scroogle.org and IxQuick.com both return good results. Both offer https: connections to shut my ISP out of my searches. Scroogle is just a Google scraper and as such I may try to move away from it down the road. The further from Google the better. I’d go completely with Ixquick if it weren’t for the fact that they seem to be in love with javascript and that makes their landing page heavier then I like my homepages to be. However I recently tracked down their mobile start page and it is much lighter so I may just start there from now on.

I looked at a few other search options but none were as nice as the two above. Yacy is a very interesting project. A distributed search engine that isn’t owned by anyone. The problem with it was that the results it is currently returning weren’t overly useful for the grand and immense internet. Sadly they may be caught in a catch 22 situation. If more people used Yacy it would end up returning better results but it is hard to get people to donate resources (bandwidth for crawling etc) when they are getting questionable and limited results back. I’ll definitely re-visit Yacy in the future and see how the project is progressing.

Google Reader:

I got quite hooked on Google Reader. I’ll admit it was nice having one central place to go and read my headlnes. It however was not nice feeding Google such huge amounts of info on my interests and my thoughts on those interests. I replaced Google reader with an RSS reader built into my e-mail client claws-mail. It was quite handy having all my RSS headlines right there with my mail. It was also nice because I could set claws-mail up to read them as just text, no images, fancy formatting yelling at me. Just the info I needed and links if I wanted to delve deeper and get more info. I have recently purchased an Nokia N800 and am now using it’s RSS reader to read my morning headlines. Having it right in my hand is a huge plus and being able to read headlines without getting out of my toasty bed is a luxury I quite enjoy.

Google Mail:

This is the service that took me the longest to ditch. Not because I was overly attached to it or anything but because it takes a while to change all the listserves and forums so they now send to the new e-mail and then there was the process of waiting for all the stragglers to update their address books. even with all the time I waited and had the account sitting dormant with an auto responder telling people to use the new account I had a persons call me not 24 hours after closing the account complaining that they couldn’t send me mail Well I guess one last straggles isn’t too bad.

I replaced Google mail with Fastmail. They are paid by me and not by advertising. They offer many added features some of which I have yet to take full advantage of but one of the upshots of the services they add is a reducing of addresses people need to remember for me. Having my instant messenger address being the same as my e-mail address is just wonderful. Being able to have a web address that is extremely similar to the e-mail address I am sure will come in useful even if I haven’t made good use of it yet.

Fastmail is completely affordable. has been rock solid on the reliability front. offers pop3, smtp, ldap, imap, XMPP, and more so accessing things from my mobile device is no problem even thought I have my main laptop sucking down permanent copies of my e-mail via pop3. Their webmail interface is light and easy to navigate. and works well on light computers and without javascript. If you are thinking of moving e-mail providers I’d strongly suggest taking a look at Fastmail.fm

Google Docs:

Never used it. I found OpenOffice years ago and have never looked back. I also am opposed to storing personal info online if I don’t need to and for 99.9% of the documents I work on there is no sane reason for them to live on some anonymous computer, controlled by someone that isn’t me, in a legal jurisdiction that has less privacy rules. Do I sometimes need to have remote access to my documents? Sure. That’s what SSH is for. secure access to my home computer from any wifi hotspot.

Google Groups:

This one I never understood. This is primarily just a wrapper for the Usenet which anyone can access free, and much more privately with a news reader like Pan, or countless others. I read the few news groups that I follow with the usenet functionality of Claws-mail ( have I mentioned that I really like Claws-mail).

Google Talk:

I like to get my Identi.ca updates via Instant message. To that end I had fallen into using Google talk (well a Linux XMPP client hooked up to Google “Google talk” servers) to meet my instant messaging needs. When I switched to fastmail they also offer a federated XMPP server so it was a truly trivial matter to redirect my identi.ca updates to my new address. it was also quite easy to migrate other XMPP buddies. basically I just had to add them back once I had set up the new account in my XMPP client (psi). They’d get a one time message asking to re-authorize me at the new address and once they did that it was like nothing had changed.

Jaiku:

This was one of the first things I ditched, I was actually on Jaiku before Google took an active interest in it but once they did I bailed and bailed fast. One of the first things Google did was introduce a new “privacy policy” which I wrote about at the time because I was horrified by some of the clauses in it. Ditching Jaiku led me to the then very new identi.ca which has turned into a fantastic service, is open source, you can even run your own server is you wanted. The servers are federated so that people on different servers can still follow each other.

Gizmo5:

This is one of the more annoying moves Google has made. I didn’t use the Gizmo5 client as it was closed source but they had an very solid SIP backbone that I used for my occasional VoIP needs. I was quite annoyed when Google bought them out. I am currently transitioning to using VoipStunt. (not the software just the SIP backbone). I’ll let people know how this goes. One of the most annoying things about the whole deal is that Google has tossed Gizmo5 into a real state of limbo and so there is currently no way for me to officially cancel my account. I have completely discontinued using it but It would be nice to be able to terminate the account.

Google maps:

There are many alternatives to this some that were around before google such as mapquest.

Onto the Flash free front.

Several people have enquired about my now Flash free life.

Just to recap for those that have not been following. Due to the closed nature of Flash and it insistence on ignoring privacy settings in both the browser and itself. I decided a while ago to abandon using flash. For a while I was using Gnash an open source Flash software which does not suffer from the same privacy concerns. As time went on and with the release of Flash 10 and most sites now insisting that you have flash 10 or they wont talk to you I decided to totally abandon Flash. So now none of my devices have the ability to render Flash in any way. Perhaps more so then my move away from Google this is a step that may not be for everyone. Flash is currently pervasive on the world wide web and not having it breaks many things. (of course one could argue, and quite successfully, that Flash is outside of the HTML, and W3 standards and thus it is the web developers use of flash that is breaking things not my standards compliant browser.) As far as I am concerned Flash is the biggest bane to the world wide web rivaling even the once dreaded tag.

With the release of HTML5 that supports standards for Video streaming there is no longer a compelling reason for Flash other then using it to evade privacy settings.

So how is Life Flash Free. I think it is best described as, “a lot quieter”. There is instant decrease in blinky advertising noticed more on my mobile device as my main laptop had adblock. It is also a lot easier to focus on the meat of an article as the impulse to skip down and just watch the embedded video sound bite has now been removed. I definitely find I am having more time for other things as I simply can not waste time on Youtube or other Flash based distractions.

Does this mean that I can never watch video on the web until everyone has migrated to a proper (this means you Youtube… use Theora, not H264) implementation of HTML5. Not at all. It does mean that there are more steps involved and so I tend only to take the time for more “important” videos as the common and distracting ones are just not worth the effort. Using sites like tinyogg.com let me watch videos that otherwise wouldn’t work. There are also sites like blip.tv that offer video in other standards and I can often find the video there or an different video on the same subject.

Some things are however just plain broken. (I re-iterate that the brokenness is at the server end which is insisting on using methods outside the Web standards). A quick list of things that are borked without flash

Any Flash based video chat site:
ustream.com
snapyap.com
tokbox.com
chatroulette.com
paltalkexpress.com
etc.

Some webmails that insist on flash though many of those have a fall back to a more standard interface.

Any flash based game sites
popcap.com and many, many others

Most children’s sites are either crippled or totally borked. If your kids have “petz” you wont want to go Flash free just yet. A sad example of this is that if you go to sesamestreet.org without Flash all you get is pictures of Elmo decrying that “F is for Flash” and providing a link to the Flash download site. (a.k.a. now be a good little consumer drone and let us shoehorn you into this box)

Many miscellaneous sites. even some that one wouldn’t expect.

For me. life with out flash is enhanced. I’m less distracted, more productive and no longer is my web browsing polluted with noisy, blinky, irrelevant , crap. For me the reclaiming of my personal freedom and privacy is worth the annoyance of losing a few sites (that are flying well outside the web standards). But then one must bare in mind that I’m the type of guy that participated in the “ascii ribbon campaign” and still sends all his e-mail in plain text. (you know. so anyone can read it no matter what computer or e-mail reader they have). I would still strongly suggest that those without kids try going Flash free. You don’t need to uninstall flash to do so, just disable it in your browser for a couple weeks (I suggest a couple weeks because the first several days will be a painful awakening as you start to see just how pervasive flash has become). I’m guessing that most that can make it past the pain point of the change will see the same benefits that I have.

What flash thinggy do I miss the most.. The Stats graph on wordpress.com. But again I must say, not having it there has shifted my focus away from the numbers and back to the content. So even though I miss the thrill of watching the hits dance up and down. The loss of it has only improved things.

Going Flash Free (or Flash reduced Diet #4)

February 20, 2010 at 18:31 | Posted in Life, Privacy/Security, thoughts | Comments Off
Tags: , , , ,

It finally happened today. I finally just got totally fed up with the draconian and proprietary nature of Flash on the web. The result of this is that I have decided to go completely Flash free.
Now, those that have been following my “Flash reduced diet” Line of posts, will know that I have been using Gnash instead of Flash for a while now.
A recent turn of events that has driven this decision is that many websites now REQUIRE Flash 10 or above, and even though Gnash is quite compatible with flash (up to Flash version 8 ) these websites refuse to talk to me. No Backwards compatibility. Also using Gnash I have been able to watch and learn that many, many, websites will use flash just to put up an image. The only reason to do this is that the websites wants to set a Flash super cookie and circumvent users browser privacy settings. As I mentioned before Gnash as a wonderful option to send all the LSO’s (super cookies) straight to /dev/null/ (a special black hole from whence nothing returns for those not familiar with *nix systems).
With the advent of HTML 5, which my browser supports there is no longer any NEED for Flash. (unless a website needs to try and circumvent users privacy). I therefore have decided to vote with my virtual feet. If a website requires Flash to a point that it will not function. Then they can forget about my viewership. I refuse to be forced to use a piece of proprietary software that goes against my beliefs (I firmly believe in the four fundamental freedoms as enumerated by the FSF), and most likely is there to remove my privacy, and in many cases my security (Flash has had several major security holes over the years).
Even though Gnash is trying valiantly to make a free (as in speech) version of Flash (thanks Guys) I feel the time has come for people to start abandoning Flash in droves. Insist on your right to privacy, security and freedom! Insist that websites start using HTML 5 and the free/open Vorbis/Thoera codecs (that means you YouTube). Insist that websites stop trying to set super cookies that ignore the browsers settings. Insist that you shouldn’t need the latest version of some proprietary software that wont work on many older machines just to view a simple web page that should work on all machines.
How do you do this? Uninstall Flash and anything that supports Flash (sorry Gnash guys), and when you hit a page that refuses to work with your browser either write the page owner and complain or lie and say your and iPhone.
That is enough for now. I’ll let you all know how my now Flash Free life goes.

Google’s disingenious DNS offering

December 5, 2009 at 23:00 | Posted in Privacy/Security, Tech, thoughts | Comments Off
Tags: , , , ,

I saw an announcement about Goggle offering DNS and wandered over to see what value-added scheme they had come up with. To my surprise at present it is a very vanilla DNS offering. A modern implementation of DNS to be sure but still very vanilla.

Don’t get me wrong. Vanilla is what you want in a DNS. Landing Pages and other “features” are seen as a broken DNS offering by many in the tech field (a good old NX domain will do nicely thank-you).

So, I found myself pondering.. If Google isn’t offering anything new why offer DNS. The answer is simple and obvious. TRACKING.

The moment you log in to a Google property they know who you are and can associate your IP address with your account. Heck if you are the type to click the “Remember me” or “keep me logged-in” buttons you don’t even have to log into a Google property any page with google-analytics can probably read the Google cookie and bang… Google knows your IP address and can tie it to your account.

Now if you go ahead and use their DNS server they can see that the DNS request came from your IP address which they can associate with your account and thus they will know EVERYWHERE you go on the web.

But wait.. there’s more. DNS is used by more than just the browser. They will know what messenger you use and how many hours you ran it for. If you are using a SIP client. What E-mail servers you use. How often you check them. If you are running Skype. What P2P software you use. What software on your system is checking for updates and how often. The list goes on and on.

I have become increasingly leery of Google and their pervasive tracking over the years. For me this is a step to far and shows Google’s real intention to try and track everyone everywhere. (Chromium O/S is just more of this tracking madness).

A while ago I wrote about kicking the Google habit. Now I think it is time for me and anyone that values their privacy to kick Google to the curb. My Gmail account will be set to auto respond to people to inform them of my new Address and after a week or two it will be shut down. I am going to close my Google account permanently and I’m going to file a formal request to have all my info deleted.

I hope that others do the same. It is time to stop the invasion of our lives in the name of profit. I refuse to sell my soul for a few value added treats. You should too.

Kicking the Google Habit

August 25, 2009 at 18:08 | Posted in Life, Privacy/Security | 2 Comments
Tags: , , , ,

With my current move towards using totally free (as in speech) software, joining the FSF (Free Software Foundation), and all the things that are driving these decisions, I find myself questioning my use of Google.

Now, before people write me off as an anti-Google nut-bar, let me clarify my position. I do not think that Google is evil or trying to take over the world. I do think that Google has become a behemoth and despite the wonderful ethos of it’s founders it is now a publicly traded company and that means answerable to the shareholders and thus the bottom line. People shouldn’t fool themselves. Google is profit driven, not peace and goodwill driven. I have watched as their privacy policies on new services have become increasingly invasive. I have seen them use their very successful model of offering “Free” services to get a large user base that they can mine. I have watched as they add ever more services to broaden the scope and breadth of their data mining capabilities.

Due to the above I, like others, have become increasingly concerned about the concentration of data. Consider if you will, what Google can learn about a person using their services:

  • What you Read → Google Books, Google news, Google Reader, Google Scholar, Google Groups
  • Who you talk to → Google Talk, Google Groups, Gmail, Okurt, Google sites, Google Docs
  • What you say,write,create → Blogger.com, YouTube.com, Google Sites, Google Groups, Google Talk
  • Where you spend you money → Google finances, Google checkout, Google product Search.
  • What you are interested in → Google search, Google Alerts, Google Bookmarks, Google WebHistory

As you can see from the list above Google could quickly build a fairly complete dossier on anyone using their services. Add to this the fact that the above list doesn’t take into account Google tracking and analytic services (which operate on thousands of non-Google sites) which I am sure benefit from people that use a Google account and fail to logout before they go browsing the web.

If a person sat and really thought about it they might well end up feeling a little paranoid and they might be right to feel that way.

As for me, I do not think that Google has any vested interest in me other than trying to get advertising in front of me (good luck guys :) ). I have long ago blocked google adsense, google-analytics, and other google tracking and advertising systems that google runs. I use Scroogle or ixQuick for my searches to keep my privacy. On the rare occasions I watched YouTube videos I did so without going to the YouTube site when possible. I was working to protect my privacy.

But then I slipped and got a gmail account just to “check it out” at first. It became my main account over time. (it really is one of the nicest webmails out there). I rationalized that since I used POP access and regularly completely flushed the account, that I wasn’t giving away too much. None of the “Free” webmails are truly free. They all advertise and I suspect that most track and collect information on the people using them.

The problem was that Gmail was my gateway service, to get it I had to set up a Google account and that led to me using other Google services. I soon found myself using Google Reader. I have 2 laptops and it was nice to be able to read my morning headlines from either. Then I found myself using Google talk. Not a lot. Just as the service that my Microblog updates flowed in through… But you can see the trend starting.

Luckily due to this recent push in my life to be “Free” as in speech and due to my normally abnormal (for this day and age) attachment to my privacy, I woke up and realized “Egad”. Here I am just giving my information away. It is truly interesting to see how “just checking out Gmail” had started to turn into giving away all my privacy.

Now, due to who and how I am I’d never have used all of Google’s services. The thought of using Google Docs is anathema to me. I’ve been around since the early days of the Internet so I prefer to actually read the Usenet (Google Groups is mostly just a front-end for the Usenet) directly. And other services just don’t appeal to me. Where they got me, and in truth might have continued to pull me in further is with new services (Gmail was new when I signed up). I’m sure that when Wave comes out the “techie” part of me will want to go and check it out. This time however I think the “sorry, no, that’s my privacy we’re talking about..” side will win.

I have now taken steps to correct my slip. I’m quickly phasing out Gmail. I’ll phase out Google Talk also. I have moved my RSS feeds off of Google reader and into a feed reader on my laptops. I’ve moved my Microblog updates to come in on my Jabber account thus depriving Google of that stream of information. It feels good. I’m well on my way to kicking the Google habit. My goal is to be 100% Google free before the end of the year. I hope to nuke my Google account in less then 3 month. (I have to make sure I didn’t miss changing my e-mail some place so that nothing breaks on me).

I’d like to challenge others to try and do the same. I know that many people will not feel inclined to completely remove Google from their lives.. But take a few moments and think about just how much information you’re streaming through Google. Then think about how you can go about reducing that. Perhaps start by dropping the services that feel like they are giving away too much personal information first and go from there.

I’ll write more on this journey as it evolves, It will be interesting to try to be 100% Google free.

Another great article about why you might want to be Google Free can be found here

Privacy and the XOs BrowseActivity

February 5, 2009 at 15:23 | Posted in Privacy/Security, XO | 2 Comments
Tags: , , , , , , , ,

As mentioned in earlier posts I have been looking into ways for users to increase the Privacy/Security stance of the BrowseActivity. My biggest annoyance in this field so far has been the lack of a way to clear cookies and the browsing history. I was further miffed to find that the BrowseActivity completely ignores some of the About:config settings related to the history and p cookies.

I have found the the following do work:

using about:config and setting:

network.cookie.cookieBehavior to  1 will indeed block third party cookies.

network.cookie.lifetimePolicy to 2 will make all cookies “session only” clearing them when the browser closes.

The above two settings will only effect cookies that come in after the settings are changes third party and persistant cookies that came in before will be uneffected. But we’ll clear thous out in a sec.

you can control Java and JavaScript with:

security. enable_java and javascript.enabled . They can be set to true to allow or False to disallow either java or javascript. Keep in mind that the XO does not ship with a Java run time environmentso the effects of security. enable_java are meaningless unless you install Java. Disabling JavaScript will break many sites but is also a lot safer so you might what to write that down some place if you think you might ever take your XO to risky websites.

Now for the History and Cookies.. After some poking around I found that the XOs Browse Activity stores cookies and the history in sqlite databases. These can be tricky to track down, but not to worry. if you have a G1G1 XO. (I’m guessing that is most of you). you can:

open the Terminal Activity

Become root with either the “become root” button or by typing su – at the commandline

change back to the olpc directory with: cd /home/olpc

then type: find isolation/ -name places.* -delete

that will find and delete your browsing history (where you’ve been)

now type: find isolation/ -name cookies.* -delete

you guessed it, that will clear out all the cookies.

If I have the time I may write a quick Activity that will flush the cookies and the Browsing history, If I get really clever with it it might even be able to remove all of the “Browse Activity”s from the journal. But at least you have this for now.

If you are worried about Browsing privacy on the XO you might also want to check out my post on Privoxy on the XO

Happy and safe computing :)

Blocking Ads on the XO’s Browse Activity

January 6, 2009 at 16:28 | Posted in OLPC, Privacy/Security, XO | 1 Comment
Tags: , , , , , , ,

I have been noticing several post by people wondering how to block ads on their XO’s. Being familiar with Privoxy and it’s ability to block ads I decided to go ahead and try setting it up. It was fairly easy so here is a Quick Howto.

On your XO make sure you are connected to the net and then…

Open a terminal activity

Click the “become root” button (or enter the command: su - )

Enter the command:

yum install privoxy

Once it is done installing you will need to make one quick change to the config file. So type

nano /etc/privoxy/config

Scroll down till you see the line:

logdir /var/log/privoxy

change it to:

logdir /tmp

I had to do this because the /var/log/privoxy directory doesn’t survive the machine restarting.

Press CTRL+X to save and exit

You’ll now be back at the Terminal Activity prompt.

We need to tell Privoxy to start-up at boot time so type:

chkconfig privoxy on

We should also start privoxy now so type:

service privoxy start

Alright, now it is time to set up the Browse Activity. Exit the Terminal Activity. Start the Browse Activity and in the address bar type:

about:config

A rather daunting page will come up tht looks like this:

config settngs page

The about:config settngs page

In the filter line type: proxy

The Screen will chance to look like this:

config Proxy settings

about:config Proxy settings

Now we need to change a couple of the settings.

double click on network.proxy.http

a dialogue will pop up letting you enter the new setting.

Enter localhost and click ok.

Now using the same technique change

network.proxy.http_port to    8118

network.proxy.ssl to   localhost

netwok.proxy.ssl_port to   8118

network.proxy.type to  1

After doing so your screen should look like the image above (may not be exactly the same but the 5 settings I mentioned should now all be bold, have a status of “user set”, and the appropriate values).

Now we can test the settings.. in the address bar type p.p and you should get a screen that looks like this:

Privoxy Sucessfully set up

Privoxy Sucessfully set up

If instead you get a screen that looks like this:

Failed To Connect to Privoxy

Failed To Connect to Privoxy

Then either privoxy is not running or you entered one of the proxy settings incorrectly. Double check the setting in about:config. If they are fine go back to the Terminal Activity, become root, and type:

service privoxy restart

and watch the output carefully for errors.

Once you have it up and running I suggest giving it a couple of days on the default settings as privoxy is configured by befault to block may ads. If you find there are some annoying ads still getting through you can  add extra rules to privoxy. Please read the documentation on the privoxy website before you embark on making changes. The built-in interface at http://p.p lets you add/modify rules if you change the approrpiate line in the config file (see the docs on the Privoxy website).

Enjoy!!

My next blog entry will be on using about:config to make browsing on the XO more private/secure.

Get you head out of the clouds

November 12, 2008 at 13:25 | Posted in Privacy/Security, Tech | 6 Comments
Tags: , , , ,

This will be a posting on why I, like and others, think this movement to “cloud computing” is a bad idea.

Privacy

Why, for gods sake, why would people willingly had over their sensitive personal documents to some corporation that can then do with it as it pleases? Scan it for key word, so they can advertise to you better, or to see if you are a threat to their business model, etc. Then there is the fact that all this glorious, wonderful, information will be sitting in one pot begging over zealous governments to go snooping. “Hey Google, this is the NSA. We suspect that terrorists might be using Google Docs. We are invoking the Patriot Act. Please hand over all the files stored in the Google Docs servers.” It can happen. The US government already went fishing for search histories a few years back.

Even if you totally trusted your government and large corporations to be completely hands off with all this data. There remains the fact that this huge pool of data will be a big target for malicious hackers. these individuals must be salivating at the thought of millions of files accessible in one place. Not just for the wealth of information, although that would be enough to get them interested. But imagine the possibilities. hack an account, change the password, and then ransom the data back to the owner. Hack an account, deposit illegal materials, call the cops on the owner of the account. hack business accounts and silently watch what goes on selling the important bits to competitors. Write themselves into someones will, or just be a nuisance and corrupt data is a manner that they find humorous. It is just a bad idea to make all your data network accessible.

Fees

Right now, many of these offerings are free. But I suspect that once enough people are on-board and their precious data is tied up in another companies servers we’ll start to see access fees. The companies that are offering to host the cloud aren’t doing it as a civil service. They are doing it because they perceive some way to monetize either your access or your data. Sure, you might say, well if that start then then I’ll pull my data and run.. But then what was the whole point of this cloud exercise.. other then giving some corporation a peek at your data.

a step back to client/server model

This is a conceptual step backwards. This is going back to the old Server/Client way of doing things, just with a shiny new name. This dis-empowers the individual and empowers the corporation. Which brings us to my next point.

Tenuous benefits

I can see few benefits to this “cloud” concept. I don’t see a Utopia of accessibility in this what I see is a world where my data is locked behind proprietary web applications and interfaces and I’m forced to pay a fee every time I want to edit a document, or a monthly fee so my data doesn’t go in the bit bucket when my account runs out. I see a world where a failure of the electrical grid (black out of 2003), failure of some part of the net, or even a DDOS attack on the hosting companies servers means I can’t get at my data.

Most of all I see no reason for it all. Hard drive storage is insanely cheap right now. I can get a 1TB external USB drive for $200. Laptops are cheap portable and powerful, free Peer-to-Peer technologies exist that make data collaboration easy. If I keep my data on my laptop, or my external drive my privacy concerns are hugely reduced. if I host things on a SVN server accessible through a VPN, my colleagues can collaborate on the documents with ease. And still the data is totally in my control and far less susceptible to power failures, etc.

In short, the “cloud” makes data less accessible, less private, less secure, less reliable, and less cost effective. Why, Why, Why would anyone go this route.. unless they have their head stuck in the clouds.

Next Page »

Blog at WordPress.com. | The Pool Theme.
Entries and comments feeds.

%d bloggers like this: