Several groups want to collect as much of your personal data as possible. Here’s why, and some tips &/or suggestions if you want to decrease your exposure.
For AI [Artificial Intelligence] to be useful, it has to be trained on vast amounts of data – it was reported that Microsoft wanted to acquire TikTok, despite it being a poor match for the company, just for its huge data trove, that would be used for AI training. I’d guess that Oracle made its own bid for the same reason. Like so many other things, AI can be used for good or bad, so it’s up to you whether you’re for or against.
Services like Spotify or Amazon’s Music or Alexa, or just Amazon in general, make suggestions based on what they know about you. Facebook takes it to the max. It adds convenience but is a double-edged sword – people are only exposed to what they already know and like, which is something that critics say helped lead to polarization in societies and politics. Microsoft collects data on how we use Windows to aid prediction for things like word suggestions, to increase accuracy for handwriting recognition, voice recognition, and translation, and to know when things are going wrong, since they aren’t set up to offer individual support to millions of individual users.
Companies like data to help decide what products to develop and offer, but their marketing departments LOVE it. It lets them micro-target their sales pitch, so they can use the exact approach to trigger a positive response from a would-be customer – a technique that’s been extremely successful over the last half a decade in politics. Google and Facebook love it because they can charge more money for advertising that’s targeted – why waste money trying to sell baby care products to seniors?
The way that this targeting and micro-targeting is sometimes used on the internet, combined with TV and radio stations that also target specific groups of people, has led to a big expansion of a somewhat unique industry, making money by selling people ideas, expanding on and feeding into what they already believe. Given that there are far more people wanting to cash in on this bonanza than there are new ideas, or new information for that matter, many have taken to extreme exaggeration, interpretation, and just frankly, lying and making things up. Fear mongering is common, as is the focus on discouraging people from exploring Any other sources of information [for obvious reasons].
On 5/13/2021, GOTD hosted Privacy Protector for Windows 10, which is marketed using much the same techniques, focused on fear mongering and exaggeration rather than any facts. I think the dev thought he could get away with the inflated price because he indulged so deeply in a type of marketing that I personally deplore. So, I took a couple few days to chill before posting some basic, accurate info. I’m Not going to fact check – the last 5 years or so have proven that’s ineffectual… I think the only people who read fact checks are those who probably don’t need to read fact checks to begin with.
As far as Windows 10 goes, visit Settings -> Privacy, and you’ll find everything most people want/need. If that’s not good enough, use Win10 Ent un-activated, use Linux, use Chromium, use fake data for your Microsoft account. You’re identified online by the IP address used and your device’s MAC address, which is unique to every network adapter. In Windows you can change the MAC address with some network adapters or use a special app [some are free] – Google MAC spoofing – and some Linux distros, and VirtualBox let you change it too. Your IP address can’t be changed or none of the data you request online will find you or your browser. A proxy server forwards your requests as a middleman, so a web site for example only sees that proxy server’s IP address. A VPN works the same way, except that the connection between you and the VPN’s proxy server is encrypted, so no one can capture your traffic to see where you went, what you downloaded, what you did or said etc. Both proxy servers and VPNs *may* keep detailed logs however, and those logs may be turned over due to legal action. You can also use the TOR browser, which routes your traffic through a few anonymous [no logging] proxy servers. You can find out all about another alternative if you Google war driving – using someone else’s Wi-Fi connection and network [and IP address].
Online you’re tracked by several, sometimes ingenious methods. Most web sites show ads to pay the site’s owner, or at least help with costs, and they usually contract with a service rather than the individual advertisers themselves. Those services don’t really check out the advertisers that use them, so their ranks include cybercriminals. Ads can run code, and they can send a tracker to your browser that tells them what other sites you visit etc. Most browsers let you prevent some degree of tracking, but the stricter the controls you set, the greater the number of web sites that might not work or work well. Most browsers have a privacy mode, which also usually deletes any info stored when you close the browser – closing the browser after visiting a site in privacy mode, then starting it up again for the next site prevents most persistent trackers. You can also use one of many tracking blockers, e.g., the Privacy Badger extension at privacybadger[.]org. Some software will also install a tracker that doesn’t depend on the browser itself – be careful and check out [research] any app, or browser extension before you install it.
It doesn’t hurt to use some common sense. If you don’t want Google to track you, Definitely Don’t Sign In when you first open their Chrome browser. If you’re using Windows 10, and are logged into your Microsoft account, when you open the Edge browser, you’ll see your avatar in the upper right – you’re automatically logged in. If you want to avoid any chance of Microsoft tracking you, use another browser. Several browsers let you sync your copies of that browser across different devices – if you don’t want them to store all that data, don’t turn on or use that syncing. If you use a password manager, setting the app to automatically fill in your password means it can store the date, time, and where you logged in.
If you’re concerned about what records of your activity are kept on your device, there are a few ways to manage that, and loads of software making false or exaggerated claims. Research computer forensics to get an idea of just what is possible to recover – I question whether it’s even possible to remove Every trace of something when you’re using Windows. One relatively easy method is to use a RAM disk, usually by booting to an OS on a USB stick or DVD – the OS uses a hard disk emulated in RAM that disappears when the device is shut off or restarted. Reboot[.]pro has a few mods that will run a mini copy of Windows that way, and there are plenty of Linux Live CDs/DVDs. Another way is to use a VM [Virtual Machine] … the OS is stored on a VHD [Virtual Hard Disk], which is a single file, so store a virgin copy somewhere else, and get rid of the one you just used when you’re done. If you need persistent data, the OS, real or VM, can be stored on a microSD card, which can easily be destroyed or hidden. Veracrypt can encrypt either a hard disk or a VHD, and it also allows for a nested VHD. The way that works is you use one password to access the outer VHD, while another password gives you access to the inner one. The idea is that you can show anyone the outer VHD, say running a copy of Win10, and they’ll have no way of knowing about the inner VHD, which could also hold a copy of Win10.
I like Windows 10 in some of these more unusual or extreme cases because it works well on lower powered hardware and using the Compact mode can take up as little as ~10GB in the 32-bit version. XP could work, and is about the same size, but you might have to contend with hard and software compatibilities.
When it comes to security, comparing XP [or Windows 7] to Windows 10, 2 factors come into play… One is that because an older unsupported version isn’t getting patched anymore, it’s less secure, but I think that applies more to well financed cybercriminals explicitly targeting someone or some organization and taking advantage of unaddressed flaws in the older OS. That’s because two, cybercriminals tend to go for the largest possible group of targets – you’ll make more money stealing from thousands of people than you will stealing from a dozen – and most people frankly have abandoned old, unsupported versions of all OSes. I’d guess there might also be some thinking that people using those old OSes have less of value to steal from. If you search the CVE database [Common Vulnerabilities and Exposures], in 2021 so far, Win10 has 212, Win7 115, and XP 2 (!). Win10 seems to clearly be getting the most attention – there are undiscovered vulnerabilities in Win7 [so called zero days], and surely plenty in XP, but it takes time and effort to find them, and fewer cybercriminals are looking.
NOT related to this discussion, but to the comments on the 13th when the privacy app was offered… sadly, lots of people have found that by promoting fear and anger they can get their followers [victims?] to seem like they’ve abandoned reason in a highly emotional state. One example that had me chuckling was the implication that Win10 was less secure than earlier versions because of old code that’s persisted from earlier versions. If that’s the case, then Surely those earlier versions share the same vulnerabilities, since they share the same code(!). Another example, citing industry advances in technology as reason for antitrust action just baffled me. By that logic someone whose family owned a stable could sue GM. At any rate, people that are scared and angry can often seem, ummm, less rational than normal. IMHO that’s why they acted as they did – forgiveness as always is up to you. I prefer to blame the dev, who started it all with his grossly exaggerated marketing claims.