Promote your Onion site with the Onion-Location HTTP header
A new HTTP header enables websites to redirect their visitors using the Tor Browser to their more secure Onion site.
Privacy
I’m an advocate of digital privacy rights. I blog about regulatory and technical solutions to improve people’s online privacy.
Promote your Onion site with the
How to block web browser-based localhost port-scans
Websites are port-scanning your localhost. Here’s how to stop random websites from knowing what services are running on your device.
First impressions of the Scroll news subscription service
Scroll wants to be your one-stop subscription service for news published all over the web. How does it work? and can one subscription save journalism?
Bluetooth privacy and the FreeStyle Libre 2 glucose monitoring system
The FreeStyle Libre 2 can push critical glucose level alerts to your phone. Great for managing diabetes, but it also makes you trackable out in the world.
How to test if your Bluetooth devices support BLE Privacy
Some Bluetooth Low-energy (BLE) devices support the BLE Privacy extension that makes their location harder to track. How to test if your devices support it.
Google should auto-delete aging user data by default
Users can now opt-in to have some of their personal data be deleted after some months. The GDPR says this should be the default, however.
Safari’s Beacon API problems
You must implement the Beacon API the way WebKit deems to be “the right way” to make it work on iOS, Safari, and WebKit browsers.
My thoughts on Firefox blocking tracking/ad cookies by default
A small AdSense publishers’ perspective on Firefox’s new cookie-blocking policy change.
Goodbye FastMail
The Australian government’s new privacy-unfriendly anti-encryption interception and surveillance law succeeds in undermining trust in Australian tech companies.
Opt-out of Gogole AMP with this extension
A new browser extension for Firefox and Chrome that gives people the choice to opt-out of Accelerated Mobile Pages (AMP) in favor of the open web.
Extension enhances privacy of all embedded YouTube videos
Ensure better privacy for YouTube videos embedded around the web with this new Firefox browser extension.
Windows Timeline browser add-on raises few privacy concerns
New browser extension integrates Firefox and Chrome browser histories with Windows Timeline. Well-received by the press despite negatively impacting user privacy.
Personal data should be auto-delete after a few months by default
The General Data Protection Regulation (GDPR) makes it clear that apps and services must delete their customers’ data when it’s no longer useful.
How to detect Brave even though it doesn’t have its own User-Agent
Brave browser pretends to be Google Chrome to avoid being blocked. You can, however, still detect it by analyzing its uniqueness.
GDPR in Practice: Flattr now deletes your history within 3 months
Flattr improves customer privacy protections by automatically deleting collected data when its no longer needed for its core service.
I’d welcome usage reporting in Fedora Linux
Debian and Ubuntu have benefitted from good package reporting and analytics. It’s time Fedora Linux started collecting some more usage metrics.
Feed readers can be uniquely fingerprinted
Your list of RSS subscriptions is unique and it can be used to create a trackable and persistent device fingerprint.
New AdSense APIs for gathering user-consent
A look at the new Google AdSense APIs for obtaining GDPR and ePrivacy consent with custom-built data-sharing consent-screens.
What breaks if you use First-Party Isolation in Firefox
Firefox’s FPI system keeps websites from tracking your movements across websites. This gives excellent privacy protections but at a cost of web compatibility.
How to limit tracking in software downloads
Here is what you can do to protect yourself against websites injecting tracking-code into the software installers you download.
Software downloads now contain unique tracking identifiers
Popular software vendors inject unique tracking identifiers when you download their installers to track you all the from the web and onto the desktop.
Vilfo review: Not designed for security or privacy – Part 3/4
I found several privacy and security issues with the Vilfo VPN router during my week-long review.
On using Coinhive CAPTCHA instead of reCAPTCHA by Google
Google reCAPTCHA has a near-monopoly on CAPTCHAs. Coinhive CAPTCHA wants people to spend a few seconds mining crypto-currencies instead of solving puzzles.
EU GDPR and personal data in web server logs
Web servers store access and error logs by default. These can be a liability as they may contain personal data as per the General Data Protection Regulation.
Reduce the max cookie lifetime from decades to days in Firefox
Improve your privacy by reducing how long Firefox retains cookies. Who needs to store them for decades? Firefox can cap it at a custom interval.
Mozilla celebrates 1M new non-Gecko users
Firefox Focus browser, built on WebKit, for Android has been downloaded 1 million times in a month. Whatever happen to Mozilla’s commitment to GeckoView?
Embed a JavaScript CDN in your web browser with Decentraleyes
Browser extension mirrors popular JavaScript library content delivery networks locally to improve load-performance and your privacy.
Private bug trackers leak data on security and other known issues
Many bug tracking software leak information about your organization’s security problems through HTTP referrer headers.
Fluxfonts 2.0 for Windows 10
Fluxfonts — the open-source anti-font-fingerprinting program — is now available for Windows 10.
–
Stop it with the aggressive remarketing campaigns already!
Online marketers are being too aggressive with their remarketing campaigns – pushing low-value goods at a loss.
Privacy Badger improves privacy but breaks the web
The EFF’s Privacy Badger extension auto-detects and blocks websites that track you across websites. It also breaks more websites the more you use it.
Fluxfonts – font fingerprint cloaking
Protect against device fingerprinting using installed fonts by automatically cycling through a set of randomly installed fonts.
Photos on the gay dating app Grindr are by no means private
Grindr doesn’t use HTTPS-encryption allowing network operators and man-in-the-middle attackers to intercept private pics in the app.
CyanogenMod’s one big advantage over stock Android
An Android competitor has much better security and privacy tools than the original Android from Google.
Do you trust Microsoft with all your passwords?
Windows has become your password manager, but it also syncs all your credentials to Microsoft. Should you trust it with the keys to your digital kingdom?
Multiple accounts required to keep Windows private and secure
You shouldn’t use a Windows Administrative account for your everyday use. Setup one basic and one admin account to increase security.
Not all web analytics is bad
First-party analytics on websites generally isn’t a privacy problem. However, third-party analytic platforms tracking you across different websites is.
IE11 Preloading-feature sends browsing history to Microsoft
The new Preloading feature in Internet Explorer 11 is designed to speed up your web browsing. It also transmits a lot of information to Microsoft.
Host It Yourself: Stop embedding external content on your site
Don’t rely on third-party hosts like YouTube and embedded widgets create privacy risks for your visitors. Host it yourself!
Location sharing policies and private browsing
I investigated how web browsers treat your configures location sharing permissions and policies in private browsing mode.