“If you are paranoid, this does not mean that you are not being watched...” - one well-known character used to say, and there really is a grain of truth in this. The information age has given us a lot, but in return our privacy has been threatened. Geolocation applications, social media, Instagram, tracking services, viruses and many other spying tools are a direct threat to privacy and peace of mind.
So what should you do to protect yourself from unauthorized surveillance? You must find the answer to this question for yourself, because there are many on the Internet who will happily take advantage of your ignorance and carelessness.
There are quite a few protection recipes and almost all of them are quite simple. For greater convenience, we will consider options for stopping surveillance by type of equipment that can be used.
- Geolocation services. Very many mobile applications and desktop programs have in their arsenal functionality for determining the user’s location. You can disable detection of your computer's location directly in program settings or, alternatively, simply report inaccurate coordinates during the initial installation of new applications. For example, for Firefox there is a convenient Geolocater application that allows you to set coordinates yourself, and in Chrome browser you should activate the developer tools and change the current geodata directly in the “Emulation” tab.
- Camera. Filming and visual surveillance is one of the most dangerous and unpleasant types of unauthorized surveillance. And it doesn’t matter what you do at the computer, what you look like, what’s open on the screen and how the recordings can be used in the future - each of us always needs a feeling of security. If this is not the case, there is no peace. But this type of surveillance is very easy to control. It's very simple: cover the camera with a neat piece of dark tape. If necessary, it can be easily peeled off, but this is the only way to truly prevent possible information leakage. This approach is simple, but it is many times more effective than any programs and applications.
- Microphone. Like the built-in camera, the microphone can collect a lot of information about the owner of the computer or smartphone, and the option with adhesive tape will not work here. Unlike the image, sound penetrates quite easily through a mechanical obstacle, so different protection is needed here. For almost every operating system, you can select an application that blocks access to the microphone for any installed programs: Windows owners should pay attention to Webcam Blocker Pro, and Micro Snitch and its analogues will be relevant for Mac. All programs work in the background, their work is invisible, but very effective.
- Keyboard. To track data entered using the keyboard, nothing supernatural is needed, since there are currently dozens of small programs that easily implement this type of monitoring. How to prevent data leakage in this case? Firstly, you can use abbreviations or assign special key combinations to each of the entered passwords, secondly, in especially important cases, use an on-screen analogue of the keyboard, thirdly, regularly check your computer with antiviruses, without neglecting updates.
Modern technologies dictate new rules of behavior for us online and a more serious approach to personal data and information in general. To neglect this means to jeopardize your material well-being, privacy and career. Antiviruses, careful attention to information published online, and the protection measures described here will help reduce the likelihood of secret collection of information and make it possible to safely continue work, business, and online communication.
Fortunately, advanced technologies are in service not only with villains, but also with good people. Now full swing The 3D scanning and printing industry is developing. If you want to find out the latest news in this area, then I recommend that you attend a thematic conference. You can find out about the conference on the website 3dprintconf.ru. In the IT field, everything happens so quickly that if you hesitate a little, you will fall out of the mainstream. To prevent this from happening, educate yourself.
Video.
Continuing the topic, I suggest watching a simple but practical video on the topic of how to get rid of surveillance on the Internet.
It is clear to everyone that your provider is aware of all your movements on the Internet; there are often stories about company employees monitoring customer traffic. How does this happen, can it be avoided?
How are you being watched?
Providers in the Russian Federation are required to analyze user traffic for compliance with standards Russian legislation. In particular, clause 1.1 the federal law dated 07.07.2003 N 126-FZ (as amended on 05.12.2017) “On Communications” states:
Telecom operators are required to provide authorized government agencies carrying out operational investigative activities or ensuring security Russian Federation, information about users of communication services and about communication services provided to them, as well as other information necessary to perform the tasks assigned to these bodies, in cases established by federal laws.
The provider itself, of course, does not store the traffic. However, it does process and classify it. The results are recorded in log files.
Analysis of basic information is carried out in automatic mode. Typically, the traffic of the selected user is mirrored on SORM servers (tools for operational investigative measures), which are controlled by the Ministry of Internal Affairs, FSB, etc., and the analysis is carried out there.
An integral part modern systems SORM-2 is a cyclic data storage buffer. It should store traffic passing through the provider for the last 12 hours. SORM-3 has been implemented since 2014. Its main difference is the additional storage, which should contain a three-year archive of all billing and all connection logs.
How to read traffic using DPI
Example diagram from VAS Expert
DPI (Deep Packet Inspection) can be used as part of SORM or separately. These are systems (usually hardware and software systems - hardware with special software) that operate at all except the first (physical, bit) levels of the OSI network model.
In the simplest case, providers use DPI to control access to resources (in particular, to pages of sites from the “black” list of Roskomnadzor under Federal Law No. 139 on amendments to the law “On the protection of children from information harmful to their health and development” or torrents) . But, generally speaking, the solution can also be used to read your traffic.
Opponents of DPI say the right to privacy is enshrined in the Constitution, and the technology violates net neutrality. But this does not prevent us from using the technology in practice.
DPI easily parses content that is transferred via unencrypted HTTP and FTP protocols.
Some systems also use heuristics - indirect signs that help identify a service. These are, for example, temporal and numerical characteristics of traffic, as well as special byte sequences.
It's more difficult with HTTPS. However, in the TLS layer, starting with version 1.1, which is often used today for encryption in HTTPS, Domain name site is transferred to open form. This way, the provider will be able to find out which domain you visited. But he won’t know what they did there without the private key.
In any case, providers do not check everyone
It's too expensive. But theoretically they can monitor someone’s traffic upon request.
What the system (or Comrade Major) has noted is usually examined manually. But most often the provider (especially if it is a small provider) does not have any SORM. Everything is searched and found by ordinary employees in a database with logs.
How torrents are tracked
The torrent client and tracker usually exchange data via the HTTP protocol. This is an open protocol, which means, see above: viewing user traffic using a MITM attack, analysis, decryption, blocking using DPI. The provider can examine a lot of data: when the download started or ended, when the distribution started, how much traffic was distributed.
Siders are harder to find. Most often, in such cases, specialists themselves become peers. Knowing the seeder's IP address, the peer can send a notification to the provider with the name of the distribution, its address, the start time of the distribution, the seeder's IP address, etc.
In Russia it is safe for now - all laws limit the capabilities of the administration of trackers and other distributors of pirated content, but not ordinary users. However, in some European countries, using torrents is fraught with heavy fines. So if you're traveling abroad, don't get caught.
What happens when you visit the site
The provider sees the URL that you opened if it analyzes the contents of the packets that you receive. This can be done, for example, using a MITM attack (“man-in-the-middle” attack).
From the contents of the packages you can get the search history, analyze the request history, even read correspondence and logins with passwords. If, of course, the site uses an unencrypted HTTP connection for authorization. Fortunately, this is becoming less and less common.
If the site works with HTTPS, then the provider sees only the server IP address and domain name, as well as the connection time to it and the volume of traffic. The rest of the data is encrypted, and without a private key it is impossible to decrypt it.
What about the MAC address
The provider sees your MAC address in any case. More precisely, the MAC address of the device that connects to its network (and this may not be a computer, but a router, for example). The fact is that authorization with many providers is performed using a login, password and MAC address.
But MAC addresses on many routers can be changed manually. And on computers, the MAC address of the network adapter is set manually. So if you do this before the first authorization (or change it later and ask to reassign the account to a new MAC address), the provider will not see the true MAC address.
What happens if you have VPN enabled
If you use a VPN, the provider sees that encrypted traffic (with a high entropy coefficient) is sent to a specific IP address. In addition, he may find out that IP addresses from this range are sold for VPN services.
The provider cannot automatically track where the traffic from the VPN service goes. But if you compare the subscriber's traffic with the traffic of any server using timestamps, you can perform further tracking. It just requires more complex and expensive technical solutions. Out of boredom, no one will definitely develop and use something like this.
It happens that suddenly the VPN “falls off” - this can happen at any time and on any operating system. After the VPN stops working, the traffic automatically starts flowing openly, and the provider can analyze it.
It is important that even if traffic analysis shows that too many packets are constantly going to an IP address that could potentially belong to the VPN, you will not break anything. It is not prohibited to use a VPN in Russia; it is prohibited to provide such services to bypass sites on the Roskomnadzor “black list”.
What happens when you enable Tor
When you connect via Tor, the provider also sees encrypted traffic. And decipher what you are doing on the Internet in this moment, he won't be able to.
Unlike a VPN, where traffic is usually routed to the same server over a long period of time, Tor automatically changes IP addresses. Accordingly, the provider can determine that you were likely using Tor based on encrypted traffic and frequent address changes, and then reflect this in the logs. But according to the law, nothing will happen to you for this either.
At the same time, someone can use your IP address on the Tor network only if you have configured Exit Node in the settings.
What about incognito mode?
This mode will not help hide your traffic from your ISP. It is needed to pretend that you did not use the browser.
In incognito mode, cookies, site data and browsing history are not saved. However, your actions are visible to your ISP, system administrator, and websites you visit.
But there is good news
The provider knows a lot, if not everything, about you. However, the budget of small companies does not allow them to buy DPI equipment, install SORM or configure effective system monitoring.
If you perform legal actions on the Internet openly, and for actions that require confidentiality, use VPN, Tor or other means of ensuring anonymity, the likelihood of being targeted by your ISP and intelligence services is minimal. But only 100% legal actions provide a 100% guarantee.
Update your operating system regularly. Attackers spy on users by installing viruses on their computers or hacking computers. Regular system updates will eliminate vulnerabilities and neutralize malicious codes.
Update your programs regularly. Latest versions programs add new features, eliminate vulnerabilities and fix bugs.
Update your antivirus regularly and do not disable it. If you do not update your antivirus database, it may not be able to detect some viruses. Also, do not disable your antivirus (let it constantly run in the background) and regularly scan your system for viruses. We recommend that you enable automatic updates of your antivirus or always allow it to update when prompted.
- Antivirus programs look for viruses, spyware, rootkits and worms. Most antispyware programs are no better than good antiviruses.
Use only one antivirus program. If you install several antiviruses on your computer, they will conflict with each other, which will slow down your computer. In the best case, one of the antiviruses will trigger falsely, and in the worst case, the antiviruses will interfere proper operation each other.
- The exception to this rule is antispyware, such as Malwarebytes. They can effectively work simultaneously with an antivirus program, providing an additional level of security.
Do not download files from unreliable or suspicious sites. For example, if you want to download VLC media player, do so on the official website of the media player (www.videolan.org/vlc/). Don't click on links to random or unofficial websites, even if your antivirus doesn't warn you.
Use a firewall. The firewall checks all incoming and outgoing connections. A firewall prevents hackers from finding your computer and also protects you from accidentally visiting dangerous websites.
- Most antivirus programs include a firewall, and all major operating systems there's also a built-in firewall, so you probably don't have to worry too much about the firewall.
Do not use an administrator account. Please note that if you log in as an administrator, any software, including viruses, may gain administrative rights. This will allow malicious codes to wreak havoc on your system and spy on your activities. If you use a “guest” account, the virus must be much more powerful in order to penetrate the system and work on it. From a guest account, malicious code will be able to send information about you, but nothing more.
Hello everyone When I worked in support of an ISP, sometimes they called me and asked the following question: can the Internet provider see what sites I visited? Well what can I say. Then, working in support, I of course answered that no, this is impossible and that the provider does not see anything like that. Well, that is, he said that he sees only when you connect to the Internet and that’s it... But it’s clear that I said that so that users would not rebel, would not ask even more questions... well, that is, so that they would be calm
What can the provider actually see? I will try in simple language explain what he can see and what he cannot see.
Let's first understand what a provider is. Well, to put it simply. The provider is a building from which wires come, there are also all sorts of dishes sitting on it, well, satellite ones, and inside there are cash desks for payment, and everything else is darkness and the darkest forest..
A provider is essentially a node that sells Internet at a higher price and buys it at a lower price. Cheaper, you could say, backbone Internet, there are very high speeds.
A provider may have tens of thousands of users, or even hundreds.. I am hinting that he cannot monitor everyone, but at the same time he does not deny himself this.
To follow or not is a matter of honor. Joke. This is a state-level matter. There are some laws that oblige providers to pass traffic through a special device. In any case, the provider is obliged to provide, at the request of the police, all data about a subscriber who is suspected of committing a crime on the network. Simply put, there are a number of standards that a provider must comply with in order to obtain a license and provide services
- Can my provider see what sites I visit? If necessary, the provider in most cases can obtain a list of all visited sites. But as a rule, this is a list of IP addresses or domains for some recent period of time. It could be a month, three months, six months, a year...
- If I use a VPN, will the provider not know that I am torrenting? Well, this is the moment. Yes, if you do everything correctly, I mean connecting to a VPN, then he won’t see everything that’s in it. Torrents will also be hidden. But the VPN server itself will be visible. It will also be clear that there is a suspiciously large exchange of traffic with just one IP address (that is, with the VPN server). And if the admin looks through the IP, looks, and sees that it is an IP, for example, from the Netherlands, and if the activity lasts for hours, days, then this will of course raise suspicions. But this is if there is a reason to look for something. Usually no one cares where you go or what you download there..
What does the provider see?
- Does the provider see HTTPS? He only sees the fact of using a secure connection, but he does not see the content itself.
- Well, what about HTTP then? Here the provider sees almost everything, because there is no encryption. Packet headers, what you sent and where. It can see, for example, that you visited a torrent tracker, and it will have a list of all pages.
- Does the provider see TOR? The provider sees only the TOR server; he is unlikely to be able to decipher what you are doing there; if necessary, they will come home. But for this to happen, you must take over planet Earth on the Internet.
- Does the provider see the MAC address? Yes, he can see it. Thanks to the Mac, providers are often tied to the user’s equipment. Well, that is, so that someone cannot use your Internet, even if he knows the login and password.
- Does the provider see search queries? Well, that's actually what's going on here. He can basically see. He sees the addresses themselves, all this is entered into the log, that is, all this is recorded. But in order to see requests, you need to connect additional technology that will process packets and pull requests from them. All I mean is that it takes a lot of power to keep track of this and that’s why the provider doesn’t see search queries.
- Does the provider see the proxy? It can only see that you are connected to some server (which is actually a proxy). That is, it actually sees it, but you still need to find out whether it is a proxy or just a server with which some program works. Although, by and large, this is the same thing.
- So does the provider see where I am going? Yes, he sees it. That is, if a provider has hundreds of thousands of clients who can generate a million or even more visits to certain sites per day, then the provider sees all this as a large mountain of traffic. Of course, he won’t watch anything on purpose. This is for statistics and nothing more.
- Does the provider see what I'm downloading? I don’t even know what to say here. Information about what you are downloading and where it comes from in the first place is contained in the first package, which is sent to the server to start the download process. And so the provider only sees that you are receiving data from a specific IP address.
- Does the provider see what I do on the Internet? Well, as I already said, in general we can say that he sees what you are doing there. It can even create a picture, that is, understand what kind of user you are, what you are interested in, where you go, and so on. The provider sees the entire visit history. But it’s just not interesting to anyone.
- Okay, but does the provider see which sites I visit in incognito mode in the browser? Incognito mode is not a mode for the provider in the first place, but for other people and sites. That is, incognito mode allows you to make it look as if you were not using the browser. This can trick websites into not collecting information about you. confidential information well, and friends, so that they cannot see what sites you visited.
When I wrote, you see, I meant the provider, but from the point of view not of a person, but of a machine! A person sees little there. Because there are terribly few employees compared to the number of users and their traffic. A person can see everything, but only upon request from above...
But in fact, the provider won’t care what you do at the computer. There is no such thing as someone specially sitting in a room and watching what they are downloading there... There are simply a lot of users and it is impossible to monitor everyone manually, everything is recorded. And it is recorded to a minimum, because there is a lot of traffic and even here you need to save money, although it is just text.. If you just use sites, then you have nothing to fear. Even if you constantly use VPN or Tor, no one will tell you anything, unless of course you do something devious.
But what's the big deal with movies? The funny thing is this. In Germany there is some kind of law, in short, that you can’t download movies without paying. So. How does this scheme work? You are downloading a torrent. And some policeman starts pumping him. And he sees in the torrent itself from whom he is downloading the film. And then, by analyzing these statistics, he can understand who can be fined. Well, that is, you understand that a VPN would be appropriate here.
That's all, I hope that I wrote everything clearly and accessible. If something is wrong, then sorry, good luck and all the best
18.07.2016Despite the cancellation of Snowden's first public appearance in Russia, his advice on maintaining privacy on the Internet is becoming more relevant every day. Life has collected recommendations from the most famous former US intelligence officer on how to protect yourself on the Internet.
1. Encryption of voice calls and text messages. Snowden is an absolute proponent of encrypting all content stored and transmitted. Nowadays there are many applications that have encryption functions. Moreover, among them there are common and well-known instant messengers, such as WhatsApp, Telegram, ICQ. By the way, the most popular - WhatsApp - introduced full end-to-end encryption in April 2016.
Snowden himself calls Signal his favorite messenger for communication (available for iOS and Android), which, as he wrote on Twitter, he uses every day. The application is being developed by Open Whisper Systems, which also offers call encryption.
2. Hard drive encryption. In addition to protection mobile devices the former CIA agent also advises securing your computer, in particular your hard drive. You can find instructions on how to do this on the Internet. Usually special software is used. For example, for Windows there is a program preinstalled in extended versions of the OS - BitLocker, for Mac - FileVault. This way, if your computer is stolen, an attacker will not be able to read your data.
3. Password managers. A useful thing that most people don't even think about. Such programs allow you to keep your passwords in order - create unique keys and store them. According to Snowden, one of the most common problems of online privacy is leaks: for example, a service for which a user registered in 2007 was attacked and data leaked to the Internet - just remember the recent reports about the sale of millions of passwords from accounts on Twitter. , “VKontakte”, MySpace, LinkedIn. There are different password managers in the market such as 1Password, KeePassX and LastPass.
4. Two-factor authentication. Control words previously suggested on major services and allowing you to recover your password using them are becoming a thing of the past. Now all popular online platforms - Facebook, VKontakte, email clients, Twitter, Dropbox - have switched to two-step authentication. It allows you to link a phone number to your account, which will be used for additional authorization when logging in. account. It will also help you recover your lost password. True, you will have to “highlight” your mobile phone, which makes it possible to identify you with specified number(as Facebook does, for example, allowing you to find a user by his phone number).
5. Tor. Anonymous network Tor (abbr. The Onion Router) former employee The NSA calls “the most important technological project to ensure confidentiality of those currently in use.” He stated that he uses it on a daily basis. Tor allows you to “cover your tracks” on the Internet, that is, it provides anonymity and makes it difficult to determine a person’s IP address and location. This is accomplished by connecting through a chain of intermediate computers belonging to different Internet users. The project is supported entirely by volunteers. The easiest way to use the system is through the browser of the same name (Tor Browser).
6. And once again about passwords. Snowden advises using not words like onetwothreefour (“onetwothreefour”) or even password (“password”) as a key to an account, but something more intricate that even a computer cannot pick up, but at the same time memorable - margaretthatcheris110%SEXY (“MargaretthatcherSEXUALNA110%”) ").
For the specially paranoid
In the video below, a former NSA agent demonstrated to a journalist how to avoid total surveillance by intelligence agencies, which can remotely turn on the microphone or camera on a smartphone and start listening. The answer is simple - remove the microphone and camera modules from the device. Instead, it is proposed to use an external accessory and wean yourself from selfies.
Loading...
