How to maintain freedom and privacy using technology and Internet

Aphorisms

“Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say. It's a deeply anti-social principal because rights are not just individual - they're collective. The fact that you don't care about this or that freedom today doesn't mean you can't care about it tomorrow. What today may not have value for you, tomorrow may have value for an entire population, an entire people, an entire way of life. And if you don't stand up for it, then who will?” Edward Snowden, 2015

“When you say, ‘I have nothing to hide,’ you’re saying, ‘I don’t care about this right.’ You’re saying, ‘I don’t have this right, because I’ve got to the point where I have to justify it.’ The way rights work is, the government has to justify its intrusion into your rights.” Edward Snowden, 2015

“A person's true value is not measured by the values he claims to uphold, but by what he is willing to do to protect them. If you don't hold true to the values you believe in, you probably don't believe in them all the way.” Edward Snowden, 2015

“Privacy is not for sale, and human rights should not be compromised out of fear or greed.” Pavel Durov, 2018

“Every one of us is going to die eventually, but we as a species will stick around for a while. That’s why I think accumulating money, fame or power is irrelevant. Serving humanity is the only thing that really matters in the long run.” Pavel Durov, 2018

“Surveillance is the business model of the Internet.” Bruce Schneier, 2014

“Too many wrongly characterize the debate as security versus privacy. The real choice is liberty versus control.” Bruce Schneier, 2009

“The real psychological truth is this: if you’ve got nothing to hide, you are nothing.” Shoshana Zuboff, 2014

“Will we be the masters of information, or will we be its slaves? If the digital future is to be our home, then it is we who must make it so.” Shoshana Zuboff, 2014

“In a world where software influences virtually every single aspect of our lives, Free Software is a precondition for a free society.” Reinhard Müller, 2019

“Anytime someone puts a lock on something you own, against your wishes, and doesn't give you the key, they're not doing it for your benefit.” Doctorow's Law, 2009

“It's the actions that matter. Our thoughts, good as they may be, are false pearls until they are transformed into actions. Be the change you want to see in the world.” Mahatma Gandhi, unknown

"The Web is designed to be universal: to include everything and everyone." Tim Berners-Lee, 2007

"We need to start talking about the right to access the Web and the right not to be spied on. The Internet must remain free, open and neutral." Tim Berners-Lee, 2011

“If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged.” Cardinal Richelieu, 1641

“If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place, but if you really need that kind of privacy, the reality is that search engines including Google do retain this information for some time, and it's important, for example that we are all subject in the United States to the Patriot Act. It is possible that that information could be made available to the authorities.” Eric Schmidt, 2009

“The technology will be so good it will be very hard for people to watch or consume something that has not in some sense been tailored for them.” Eric Schmidt, 2010

“A squirrel dying in front of your house maybe more relevant to your interests right know than people dying in Africa.” Mark Zuckerberg, 2011

“It’s the gradual, slight, imperceptible change in your own behaviour and perception that is the product...That's the only thing there is for them to make money from. Changing what you do, how you think, who you are.” Jaron Lanier, 2020

“A world constructed from the familiar is a world in which there's nothing to learn...(since there is) invisible autopropaganda, indoctrinating us with our own ideas.” Eli Pariser, 2011

“Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.” Benjamin Franklin, 1755

What are the threats to our freedom and privacy?

Modern society is called the information society because technology and the Internet are used pervasively. These means are used for the dissemination of information and content for any purpose (popular, recreational, commercial, etc.). The most important thing is to be aware that our freedom as people is at risk in ways that are sometimes difficult to understand.

Government agencies continuously spy on us in the name of security through global surveillance programs (PRISM, Echelon, XKeyscore, Vault 7, Tempora, Cambdrige Analytica, Net Neutrality, TED with subtitles, TED with subtitles).

Service providers, in exchange for more or less useful free services, consider us as products for their own interests. The forms of abuse range from tracking user habits (TED with subtitles, digital merchandise fetishism and hidden exploitation) to not owning a good (application, film or disc) despite its purchase (DRM).

In order to be able to defend itself, a free solution is to use open source software better if free or designed to maintain the freedom of users. Open source software encourages the analysis and study of the source code in order to make corrections, changes and extensions. Free software adds to open source software respect for the freedom of users and the community; users have the freedom to run, copy, distribute, study, modify and improve the software. So it's a question of freedom, not price. To understand the concept, one need to think of "freedom of speech" and not "free beer".

The Free Software Foundation promotes the development and dissemination of free software through the General Public License (GPL). Free and open source software allows the revision of the source code by a large number of people. For this reason, it is more difficult for it to contain defects and malfunctions (bugs) or security holes and corrections are very quick. Moreover, since the source code is freely available, it is very difficult to intentionally insert spy functions (backdoors, trojans and spyware) without these being promptly discovered and eliminated differently from what happened for some commercial applications.

Furthermore, messages defined as "private" in e-mail services, social networks and communication applications are actually not. In most cases, messages are transmitted over the Internet and protected by encryption, but are readable by the service provider. To communicate in a truly private way through a digital device, different solutions based on end-to-end encryption are needed.

An unencrypted message is the same as a postcard while an encrypted message is the same as a traditional letter: in particular, end-to-end encryption ensures that only the recipient can open the envelope of the letter.

Finally, Term of Service (ToS) are the legal agreements between a service provider and the user who wishes to use them. In particular, they define the terms of use of a service in a legally binding manner and are essential for the protection of copyright on content and for protection against potential liability. The terms of service, due to their length and sometimes difficult to understand, are almost never read by the user who unconsciously accepts them.

Some simple rules to remember in order not to be overwhelmed

1. Proprietary software (closed source) protects the rights and the interests of the developer rather than the users;

2. Free software guarantees transparency and freedom to users and is a necessary condition for a free society;

3. A software that uses end-to-end encryption protects you from the collection of personal data and surveillance of mass media;

4. A free service/product or an unclear business model gains through user data or their lives;

5. It is better to pay for a service/product with a subscription or donation and be certain of its genuineness than to have it for free without any certainty.

The digital sovereignty

According to the inventor of the World Wide Web (WWW), Tim Berners-Lee, the priorities to keep open and free Internet are the following:

1. Resume control of our personal data;

2. Limit and, if possible, remove the spread of misinformation on the Web;

3. Create tools for transparency and understanding of online political advertising.

How live without Google (and GAFA (GAFAM e FAANG))

What information are large technology companies collecting from us?

How the Tech Giants Make Their Billions

The question: it is possible to abandon Google (GAFAM and FAANG) and remain in the world of today without falling from the frying pan to the fire?

It's not easy because "BigG" is no longer just a search engine. In fact, BigG provides a series of services (video and document sharing, maps, email, mobile operating systems, etc.) very useful, if not indispensable, in everyday life.

• The reasons: why complicate your life using N different applications and services instead of just one very functional?

  • Privacy. BigG sees everything you do and has been memorizing it for years. Lately, the combination of different services (in particular, Google Search, YouTube, Maps and Android) is creating a very worrying concentration of user data;

  • The ecosystem. Both technological and biological diversity is a source of wealth. Google in Europe manages 90% of online searches and 70% of advertising both growing and is shifting the network centre of gravity;

  • Knowledge. BigG is phenomenal, but it is frightening that most people see the net (the world) always through the same glasses (TED with subtitles, Filter Bubble, News).

• The problem: how to live without BigG without going back to the primordial era of the Internet? Why is it necessary to do so if its services are of high quality?

BigG has become too invasive. Also, unlike its competitors, its purpose is to sell advertising. It is not a search engine (like Yahoo), it is not a software manufacturer (like Microsoft, Adobe, Oracle, IBM, etc.), it does not live by selling licenses (like Microsoft, Adobe, Oracle, IBM, etc.) or devices (Apple, HP, Lenovo, etc.) or services (excluding some services to companies and individuals).

Its fundamental profit comes from advertising and from this derives the total profiling of its users. Its control is so pervasive that BigG can now be considered a quasi-monopolist (duopoly with Facebook) of Internet advertising.

There is no need to demonise Google, as this is its business model: the services offered are excellent in exchange for the massive collection of personal data. The final choice depends on ourselves. Unfortunately, some facts are very puzzling (for example, any data uploaded to its servers becomes its property or it is allowed to do whatever you want with our profiles, including selling them to third parties).

Everyone can evaluate their privacy as they wish and decide whether the transfer of much personal information is worth the level of services that are obtained in return from BigG (GAFAM and FAANG).

Figure 8: Google's restrictions (obligation to pre-install Google Search and Chrome, payment by device manufacturers and phone operators to use Google Search exclusively, obstacle to the development of new open source versions) on the Android operating system illegally protect its domain on the Internet search. Source

A few key points:

• Considering the number of BigG services, migrating from them means spending a considerable amount of time, therefore indirectly money, and limiting comfort at least initially. In fact, it is necessary to learn new concepts and renounce the integration of all services;

• BigG is no longer just a search engine and for this reason a brief overview of the most used services is given below.

Note: the list is not complete, but it allows you to understand how many BigG services it uses to profile its users. The Android operating system has allowed BigG to extend its user base in a viral way. Unfortunately, without awareness and the correct countermeasures such as those in this document, using an Android device makes it a prisoner of BigG's services.

The best solution is to buy a device (smartphone or tablet), even used, compatible with a free operating system, based on the Android Open Source Project (AOSP), such as Lineage OS. In addition to allowing greater customization, performance (speed and battery life) and privacy, it allows you to receive operating system updates throughout the life of the device.

Note: the activation of the root (administrator user) and the replacement of the original operating system with an alternative one does not cancel the legal warranty.

Note: the installation of Lineage OS, although not difficult, requires a minimum of computer knowledge; however, it is possible to learn this procedure through a lot of information and videos present on the net source and source.

Some of the shames of the high-tech giants

Privacy and respect for the freedom of users by information and communication services and applications

To make browsing safer and more confidential, you must use one of the following browsers:

• Brave is a new browser based on Chromium that revolutionizes the concept of browsing by automatically eliminating advertising and user tracking in favor of privacy. It also integrates a digital content management platform based on the Basic Attention Token (BAT) crypto currency. A very good guide on how to operate Brave and BAT;

• Firefox the open source and free browser managed by the Mozilla foundation, which deals with the respect of the rights and user privacy;

• The Onion Router (TOR) is a browser, based on Firefox, to surf the Web anonymously and fight censorship. TOR uses a series of alternative routes to increase safety at the expense of browsing speed;

• WebApps is an open source Android application available on F-Droid for securely browsing common WebApps (Google, Facebook, Twitter, etc.) while eliminating referrers, third-party requests, cookies and tracking.

Note: Chrome is the closed source version and owner of Chromium and is therefore considered not to be respectful of privacy. Google's business model, based on advertising, requires user data as payment for services.

Does your browser protect you against fingerprinting?

Firefox, Brave or Chrome: some very useful add ons to increase the browsing safety and privacy:

• HTTPSeverywhere forces the use of the HTTPS protocol and encrypts all connections that support it for the sake of safety of browsing (recommended);

• CookiesAutodelete automatically deletes the source tracking cookies of users in favor of the privacy of browsing (recommended);

• Ublock origin blocks advertising, a malware carrier, to the benefit of browsing speed and significant savings in data and battery traffic as well as greater privacy and security  of browsing (recommended);

• DecentralEyes limits requests to Content Delivery Network (CDN) in favor of the privacy of browsing (recommended);

• ClearURL automatically removes tracking elements from URLs in favor of privacy (recommended);

• Privacy Redirect allows to redirect YouTube, Instagram, Twitter, Google Maps, Reddit and Google Search requests to their open source advertising-free and privacy-friendly alternative interfaces Invidious, Bibliogram, Nitter, OpenStreetMap, Libredd and Searx or Presearch (recommended);

• Terms of Service; Didn’t Read provides a score to each Web site based on its terms of service and privacy policy. Analyses and assessments are published in a transparent manner by the community;

• PrivacySpy is an open project to evaluate, annotate and archive privacy policies (recommended);

• I don't care about cookies removes cookie alerts from almost all websites, saving you time while browsing. The component is useful when browsing anonymously or automatically deleting cookies (CookiesAutodelete);

• Disable WebRTC (Firefox) and WebRTC Leak Prevent (Brave and Chrome) disables the WebRTC communication protocol that can detect the IP address despite the use of a VPN. It greatly improves privacy of browsing;

• Privacy Badger prevents third-party advertisers and trackers from tracking browsing in favor privacy;

• Privacy Possum reduces and falsifies the data collected by tracking companies on browsing making it less profitable and promoting the privacy of browsing.

Firefox: additional add ons very useful to increase the privacy of browsing:

• Firefox Multi Account Containers allow you to confine the cookies of Web sites in different containers by eliminating the tracking of trackers on the Web (Facebook Container isolates Facebook and Instagram, Google Container isolates Google Search, YouTube and its services). In addition, the isolation of the containers allows you to have multiple identities and access with different users to the same Web site. It greatly improves the privacy of browsing (recommended).

• Canvas Blocker allows users to prevent Web sites from using certain JavaScript APIs to take fingerprints (fingerprint1, fingerprint2). Users may choose to block entirely (risky, may cause some Web sites to malfunction) or falsify the API for fingerprint reading. It greatly improves the privacy of browsing (recommended).

• Integrated page translator automatically translates Web pages in real time using Google or Yandex. In the future it should also support other translators such as DeepL Translator services and applications.

Note: xBrowserSync allows you to synchronize bookmarks between browsers and devices with end-to-end encryption and without registration.

Note: only Firefox and Kiwi on Android version support add ons, Chrome does not support them.

Figure 12: Welcome to the Google Botnet. There is nothing you can do with Google Chrome without it being transmitted to Google in some way...In addition, Google violates the GDPR.

The following search engines are respectful of user privacy and provide innovative features:

• Ecosia is a proxy search engine that uses Bing search engine results. Its characteristic is to donate 80% of advertising revenue to support reforestation programs;

• Givero is a proxy search engine that uses Bing search engine results. Its characteristic is to donate 80% of advertising revenue to support good causes;

• Searx is a meta search engine that uses the searches of the most used search engines Google, Bing, etc.. Its characteristic is to not track the user browsing, to be completely open source and to allow anyone to install a public server (decentralized);

• Presearch is an independent search engine and allows to uses the searches of various search engines including Google and DuckDuckGo. The project aims to create a decentralized search engine where users are rewarded with the Presearch cryptocurrency for the usage, contribution and promotion of the platform;

• Brave search is a private, independent and user-friendly search engine. Its characteristic is that it is one of the few real alternatives to Google Search and Bing;

• DuckDuckGo is an alternative search engine to the most used search engines Google, Bing, etc.. Its characteristic is to not track the user browsing;

• Startpage is a proxy search engine that uses Google Search engine results. Its characteristic is to be oriented to the user privacy;

• Qwant is a proxy search engine that uses Bing search engine results. Its characteristic is that it does not track the user browsing and that it has the servers legal location in Europe;

Note: Google, Bing and Yahoo (Bing) have a business model based on advertising and requires user data as payment for services.

Some open source applications for Android, availables only on F-Droid, which allow you to block advertising:

• DNS66: does not need to activate the root of the device and allows you to edit the DNS;

• AdAway: works with or without the root of the device;

• Yet Another Call Blocker blocks unwanted calls using a database of offline phone numbers without the need to share your contacts.

The main advantages of using an advertising filter:

• Ads blocking (including YouTube video and Facebook text), pop-ups and banners;

• Increased browsing speed, reduced data traffic and battery saving;

• Protection against malware and third-party tracking.

Note: browsing on a PC is via a browser which uses the add ons as an advertising filter. On the other hand, browsing on Android and iOS is done through applications that require an advertising filter at the operating system level provided by a specific application.

• Keybase is an open source and multi platform application that offers chat with end-to-end encryption not TOFU and public and private cloud storage (end-to-end encryption). It also offers a publicly verifiable service for managing encryption keys that can be associated with social network identities.

• Session is an open source and multi platform application that offers chat with end-to-end encryption not TOFU and allows anonymous registration and communication. In particular, Session uses a decentralized TOR-like network designed against censorship.

• Jami is an open source and multi platform application that offers chat, video calling and video conferencing with end-to-end encryption not TOFU and enables registration and communication. In addition, Jami is fully decentralized peer-to-peer.

• Briar is an open source application for Android that offers chat and forums with end-to-end encryption TOFU and allows for registration and anonymous communication via Bluetooth, WiFi and the TOR network.

• Ferdi is an open source, multi platform application (GNU/Linux, Windows, macOS) that allows you to use the most popular communication and e-mail applications. Ferdi is the free version of Franz.

• Rambox is a free, open source (Community Edition version) and multi platform application (GNU/Linux, Windows, macOS) that allows you to use the most popular communication and e-mail applications.

• Disa is a free, open source application (Android) that allows you to use the most popular communication applications (Facebook, Telegram, SMS/MMS, Whatsapp).

• Librem.one is a collection of open source services that use encryption to protect your privacy and communicate securely with others:

  • Librem Chat is a communication service protected by end-to-end encryption based on Matrix similar to Element.

Note: a good comparison in term of security and privacy features of the most commonly used communication services or applications.

Figure 13: The most widely used communication applications Monthly Average Users (MAU), 2018. Source

• Jami is an open source and multi platform application that offers chat, video calling and video conferencing with end-to-end encryption not TOFU and enables registration and communication. In addition, Jami is fully decentralized peer-to-peer.

• Element is an open source and multi platform service that offers chat, video call and video conference through the Jitsi project. Element supports end-to-end encryption TOFU, anonymous registration and server federation.

• Edu meet is an open source and multi platform service that offers video conferencing, chat and file sharing through the browser without the need for any registration. The service supports up to 200 users per conference, VP8/VP9 video codecs and Opus audio codec.

The following e-mail services are respectful of user privacy and some of them provide innovative features:

• Protonmail is an e-mail service founded at CERN in 2014. ProtonMail uses end-to-end encryption to protect messages before sending them to servers unlike other email providers. Protomail also supports the TOR network and offers additional services for paid version.

• Tutanota is a fully open source email service founded in 2011 that uses end-to-end encryption to protect messages before sending them to servers unlike other email providers. Tutanota is financed only through donations and premium subscriptions, i.e. without advertising.

• CTemplar is a fully open source email service founded in 2011 that uses end-to-end encryption to protect messages before sending them to servers unlike other email providers. CTemplar offers additional security and anonymity paid features over Protonmail and Tutanota.

• Disroot provides an email service, cloud and various online collaboration tools with encryption. Disroot uses server-side encryption, so the user does not have the encryption keys. However, it remains a better solution than traditional providers.

Note: Gmail, Outlook have a business model based on advertising and require user data as payment for services. In addition, messages can be read by service providers as the encryption keys are saved on the server. A simple way to secure these services is to use a browser like Firefox with the Mailvelope add on or an email client like Thunderbird. Both solutions add end-to-end encryption and make message content unreadable to service providers.

• Librem.one is a collection of open source services that use encryption to protect your privacy and communicate securely with others:

  •  Librem Mail is an email service with end-to-end encryption based on K9-mail and similar to Tutanota and Protonmail.

• NextCloud providers contains a list of cloud service providers that use the NextCloud platform. A great service that offers 1 GB of free storage, enough to host contacts and calendar, is Woelkli.

• Instant.io is an open source WebTorrent based file sharing service that requires no registration and allows you to transfer files of unlimited size for an unlimited time through your browser.

• Librem.one is a collection of open source services that use encryption to protect your privacy and communicate securely with others:

  •  Librem Tunnel is a VPN service with end-to-end encryption that uses OpenVPN.

• Connection verification tool:

  • Connection data (IP, ISP, location);

  • Loss of information during DNS requests→ use a public DNS from OpenNIC or Mullvad;

  • Disclosure of the IP address via WebRTC communication protocol → install disable WebRTC add on Firefox or ScriptSafe on Brave and Chrome;

  • BitTorrent connection data loss→install a torrent client like qBittorrent to perform the test.

• Edit DNS solvers:

  • Windows;

  • MacOS;

  • Ubuntu;

  • Android allows you to change only the DNS of the WiFi connection. To change the DNS for all WiFi/4G connections you need the Blokada or DNS66 application;

  • iOS allows you to change only the DNS of the WiFi connection. To change the DNS for all WiFi/4G connections you need the application Blokada o DNSCloak;

  • Router.

• nsupadte is a free and open source service that creates a dynamic DNS.

Note: a secure connection via VPN, automatically changes the DNS resolver.