Promote your Onion site with the Onion-Location HTTP header
A new HTTP header enables websites to redirect their visitors using the Tor Browser to their more secure Onion site.
Privacy
I’m an advocate of digital privacy rights. I blog about regulatory and technical solutions to improve people’s online privacy.
Promote your Onion site with the
How to block web browser-based localhost port-scans
Websites are port-scanning your localhost. Here’s how to stop random websites from knowing what services are running on your device.
First impressions of the Scroll news subscription service
I got early access to Scroll, the one-stop subscription service that wants you to pay-up to save journalism.
Bluetooth privacy and the FreeStyle Libre 2 glucose monitoring system
The FreeStyle Libre 2 can push alerts to your phone when your glucose level goes out of the target range. This is an incredibly useful tool for treating diabetes, but it also broadcasts a unique identifier that makes you trackable.
How to test if your Bluetooth devices support BLE Privacy
Some Bluetooth Low-energy (BLE) devices support the BLE Privacy extension that makes their location harder to track. How to test if your devices support it.
Google should auto-delete aging user data by default
Users can now opt-in to have some of their personal data be deleted after some months. The GDPR says this should be the default, however.
Safari’s Beacon API problems
You must implement the Beacon API the way WebKit deems to be “the right way” to make it work on iOS, Safari, and WebKit browsers.
My thoughts on Firefox blocking tracking/ad cookies by default
A small AdSense publishers’ perspective on Firefox’s new cookie-blocking policy change.
Goodbye FastMail
The Australian government’s new privacy-unfriendly anti-encryption interception and surveillance law succeeded in undermining my trust in Australian tech companies.
AMP opt-out extension for Firefox
A new browser extension gives people a choice about using Accelerated Mobile Pages (AMP) versus the open web.
Extension enhances privacy of all embedded YouTube videos
Ensure better privacy for YouTube videos embedded around the web with this new Firefox browser extension.
Extension adding Windows Timeline support to third-party browsers should have raised more privacy questions
New browser extension integrates Firefox and Chrome browser histories with Windows Timeline. Well-received by the press despite negatively impacting user privacy.
Apps and services should auto-delete personal data after a few months by default
The General Data Protection Regulation (GDPR) makes it clear that apps and services must delete their customers’ data when it’s no longer useful.
How to detect Brave even though it doesn’t have its own User-Agent
Brave browser pretends to be Google Chrome to avoid being blocked. You can, however, still detect it by analyzing its uniqueness.
GDPR in Practice: Flattr now deletes your browsing history within 3 months
Flattr improves customer privacy protections by automatically deleting collected data when its no longer needed for its core service.
I’d welcome usage reporting in Fedora Linux
Debian and Ubuntu have benefitted from good package reporting and analytics. It’s time Fedora Linux started collecting some more usage metrics.
Feed readers can be uniquely fingerprinted
Your list of RSS subscriptions is unique and it can be used to create a trackable and persistent device fingerprint.
New AdSense APIs for gathering user-consent
A look at the new Google AdSense APIs for obtaining GDPR and ePrivacy consent with custom-built data-sharing consent-screens.
What is First-Party Isolation in Firefox and what breaks if you enabled it
Firefox’s FPI system keeps websites from tracking your movements across websites. This gives excellent privacy protections but at a cost of web compatibility.
How to limit tracking in software downloads
Here is what you can do to protect yourself against websites injecting tracking-code into the software installers you download.
Unique tracking identifiers are embedded into your software downloads
Popular software vendors inject unique tracking identifiers when you download their installers to track you all the from the web and onto the desktop.
Vilfo VPN router review: Not designed for security or privacy – Part 3/4
I found several privacy and security issues with the Vilfo VPN router during my review.
On using Coinhive CAPTCHA instead of reCAPTCHA by Google
Google reCAPTCHA has a near-monopoly on CAPTCHAs. Coinhive CAPTCHA wants people to spend a few seconds mining crypto-currencies instead of solving puzzles.
EU GDPR and personal data in web server logs
Web servers store access and error logs by default. These can be a liability as they may contain personal data as per the General Data Protection Regulation.
Reduce the max cookie lifetime from decades to days in Firefox
Improve your privacy by reducing how long Firefox retains cookies. Who needs to store them for decades? Firefox can cap it at a custom interval.
Mozilla celebrates 1M new non-Gecko users
Firefox Focus browser, built on WebKit, for Android has been downloaded 1 million times in a month. Whatever happen to Mozilla’s commitment to GeckoView?
Embed a JavaScript CDN in your web browser with Decentraleyes
Browser extension mirrors popular JavaScript library content delivery networks locally to improve load-performance and your privacy.
Private bug trackers leak data on security vulnerabilities and other known issues
Many bug tracking software leak information about your organization’s security problems through HTTP referrer headers.
Fluxfonts 2.0 for Windows 10
Fluxfonts — the open-source anti-font-fingerprinting program — is now available for Windows 10.
Stop it with the aggressive remarketing campaigns already!
Online marketers are being too aggressive with their remarketing campaigns – pushing low-value goods at a loss.
Privacy Badger improves privacy but breaks the web
The EFF’s Privacy Badger extension auto-detects and blocks websites that track you across websites. It also breaks more websites the more you use it.
Fluxfonts – font fingerprint cloaking
Protect against device fingerprinting using installed fonts by automatically cycling through a set of randomly installed fonts.
Photos on the gay dating app Grindr are by no means private
Grindr doesn’t use HTTPS-encryption allowing network operators and man-in-the-middle attackers to intercept private pics in the app.
CyanogenMod’s one big advantage over stock Android
An Android competitor has much better security and privacy tools than the original Android from Google.
Do you trust Microsoft with all your passwords?
Windows has become your password manager, but it also syncs all your credentials to Microsoft. Should you trust it with the keys to your digital kingdom?
Multiple accounts required to keep Windows private and secure
You shouldn’t use a Windows Administrative account for your everyday use. Setup one basic and one admin account to increase security.
Not all web analytics is bad
First-party analytics on websites generally isn’t a privacy problem. However, third-party analytic platforms tracking you across different websites is.
IE11 Preloading-feature sends browsing history to Microsoft
The new Preloading feature in Internet Explorer 11 is designed to speed up your web browsing. It also transmits a lot of information to Microsoft.
Host It Yourself: Stop embedding external content on your site
Don’t rely on third-party hosts like YouTube and embedded widgets create privacy risks for your visitors. Host it yourself!
Location sharing policies and private browsing
I investigated how web browsers treat your configures location sharing permissions and policies in private browsing mode.