My views on things
Articles
Original, longer posts, as opposed to quotes and micro-posts
Les campagnes d’extorsion de Logistep AG vont enfin prendre fin :)
01 year ago
Logistep AG, une société suisse vendant ses services à des lobbys dangereux (MPAA, RIAA), s’amusait à espionner les utilisateurs de réseau P2P et collectionnait les adresses IP des personnes qui téléchargeaient des fichiers protégés par les lois sur la propriété intellectuelle.
Une fois qu’ils avaient réussi à identifier à qui appartenaient les adresses IP, ils envoyaient des demandes de rançon aux résidents suisses. La plupart des gens recevant ces lettres paniquaient et payaient, mais tout ce cinéma va prendre fin.
Le tribunal fédéral a délibéré le 8 Septembre 2010 et les juges ont décidé de dénoncer et de poursuivre pénalement Logistep AG et de demander l’arrestation de son directeur dans les plus brefs délais.
Cela ne rend pas le téléchargement légal et d’autres moyens peuvent être mis en oeuvre pour arrêter les personnes qui violent les droits d’auteur, mais cela évitent les abus de sociétés de cowboys…
Reminder: You cannot surf anonymously using your regular computer or phone
01 year ago
Facebook has been in the news for not taking its users privacy seriously enough and some people have started to wonder what type of information about them is “out there”.
If this has been identified as a problem, the next step is for the user to try and prevent too much data about them to leak out and they may be using some super duper plugin in Chrome or Firefox that they think gets rid of all traces of their surfing habits.
More advanced users, have started to use VPNs (you have to if you’re on Wifi and don’t want all your data to be exposed to the world 
#hole196) and think they’ll be all right since their IP address is hidden.
They’re all wrong! 
It’s not enough.
Just got to http://panopticlick.eff.org and see how unique your fingerprint is.
It doesn’t matter how you’re trying protect your privacy. If the server at the other end is storing a unique signature linked to you, it’ll recognize you next time you pop round.
The solution…Use a virtual environment (VirtualBox is easy to use) and inside, keep the OS’ settings as standard as possible. Add some security and privacy plugins to your browser, but always check that it doesn’t give your identity away.
Once it’s configured, take a snapshot and use it to surf “anonymously”. Always go back to that snapshots. Don’t sync your bookmarks, passwords and what not.
A lot of companies get their contacts’ database stolen which leads to their customers being spammed
02 years ago
I came across quite a few companies that were either reselling my data
without my consent, got hacked or had rogue employees.
The offenders range from small online shops to large Telecom companies.
How can you find out?
It’s easy, if you’re not afraid of getting your hands dirty. You
“simply” need to register a domain name and get mail hosting with it
(shouldn’t cost more than £14/year). What that means is that you’ll buy
mynewdomain.com and will be able to receive emails that are being sent
to whatever@mynewdomain.com
Once you’ve bought the name, log into your control panel and define what
is called a “catchall”. Call it, per example,
mysecretaccount@mynewdomain.com.
All emails sent to mynewdomain.com will get delivered to that one
mailbox that you’ve defined and that you will monitor by adding it to
you email “client” (Thunderbird, Outlook, etc.)
Now…let’s say you want to buy shoes online at Schuh (one of the
offenders…). When you type in your email address, use something like
schuhstoreuk@mynewdomain.com.
This is a unique email address that only that company knows about. Make
sure you untick all the boxes that say that they can sell your data, etc.
When they send you the confirmation order, they will send it to
schuhstoreuk@mynewdomain.com and it will be transferred to
mysecretaccount@mynewdomain.com and you will get it in your inbox.
Two months later, you get an email from “your bank”, asking you to log
into your account because there was a security issue. It’s the typical
scam. A quick glance at the email address it was sent to and you notice
that it’s schuhstoreuk@mynewdomain.com. That’s not the email address
that your bank has on file which can only mean one thing: your data
leaked out of the Schuh IT systems. It doesn’t really matter how it
happened. They breached their obligations. You can decide to contact
them or to report them, up to you.
I read about this way of filtering emails a few years ago and it worked
really well for me.
The cons of this solution
Lots of spammers send emails to random email addresses like
johnsmith@mynewdomain.com. If your anti-spam filters are not up to date,
you may get quite a few of these spams delivered to your new inbox. You
can use additional techniques to make the difference between a random
spam and an email address that you use to fill up forms. Per example you
can always start your addresses with “abc-”, it would look like
abc-schuhstoreuk@mynewdomain.com. The chances of a spammer randomly
sending an email to this address are quite slim.
The other “problem” is when you need to get in touch with one of these
companies and they don’t provide an online form. You then need to send
an email from a real email account. I suggest you create one that you
will use to send those messages. something like
contactform@mynewdomain.com. And you can use the “reply-to” feature when
you compose your email and you would type in the email address that you
used when ordering from them.
I’ve probably lost many of you at “simply” , but felt like it could be
useful for those of you looking for a solution .
