Internet security involves the use of programs. In this article I will give a short overview of such programs (plugins).

The problem of total surveillance of a user on the Internet was discussed earlier. The previous article was devoted to tools that allow you to manage and erase cookies that are used to track the user. However, deleting cookies is not enough because... they will arise again. Therefore, in addition to removal, it is important software for blocking and other methods of tracking you online. I will list some of them.

Review of anti-tracking plugins for your browser

Keep my opt-outs plugin (Chrome,IE, Firefox) - product Google. Disables personalization of online advertising based on cockies. The plugin works immediately after installation and does not require configuration (at least for Chrome).

Disconnect (Chrome, Firefox, Safari) - prevents Twitter, Facebook, Goole and other web resources from following you online.

Do not track (Chrome,IE9, Firefox,Opera, Safari) - does not allow data about you to be sent

Ghostery ( Internet Explorer, Firefox, Google Chrome,Safari) is the most feature-rich plugin. Provides an easy way to control websites that track you. Makes it possible to identify and block any tracking carried out not only through cookies, but also using scripts and other methods. Shows you which companies are following you on a specific website and gives you the opportunity to learn more about them.

It’s up to you personally to decide whether to use such plugins or not, but you should at least know about their existence.

Protection against computer surveillance via the Internet

Now, probably, no one will dispute the fact that numerous Internet services track user actions in order to then load it with a stream of targeted advertising. Let's consider the main tools with which you can get out from under the “cap” of advertisers.

Browser settings

Recently, the DNT (Do Not Track) function has appeared in all popular browsers. Its purpose is to notify visited sites that the user does not want to be tracked. Unfortunately, turning on the DNT feature does not guarantee that sites that have received a request to not allow users to follow them will not stop spying. Let's figure out how to activate DNT.

Firefox

Open the main menu “Settings”, then “Privacy”. In the “Tracking” section, check the “Use tracking protection” checkbox and click “Change blocking list.” In a new window, select the desired option.

Chrome

Open “Settings”, click at the bottom of the window “ Additional settings" In the “Personal Information” section, check the “Send tracking denial with outgoing traffic” option.

Opera

In the main menu, select “Settings”, then go to “Security” and in the “Privacy” section check the “Send a “Do Not Track” header to sites.”

Installing plugins

As you might have guessed, turning on DNT is not enough to stop advertisers from following you. Installing the Ghostery plugin will help block advertising cookies. There is a version for Chrome and Firefox.

After installation, the plugin icon will show the number of bugs found and blocked. By clicking on the icon, you can disable services that have installed bugs.

The Adblock Plus plugin copes very well with the function of blocking unnecessary advertising.

Google services settings

Search

Don't forget that Google saves everything you searched for before. This setting can be disabled: on home page search engine, select the menu, “Search settings” in it.

Let's go to the appropriate section, where there is data on the history of surfing.

Each record of a visited resource can be deleted.

Personalization

Don't want to receive personal information in search results? Go to search settings and disable this option.

Social media

By liking or reposting a publication on social networks, you thereby provide information about your interests to advertisers. Here, too, you can try to correct the situation.

Facebook

Go to the main menu, select “Settings” and then the “Advertising” section.

By clicking “Edit”, set the desired Facebook advertising settings.

Twitter

Click on your profile icon and select “Settings”. Go to the “Security and Privacy” section.

We make the necessary changes in the “Individualization” and “Advertising” items.

If all else fails

Do you want to be 100% sure that surfing the Internet is anonymous and that your connections will not be visible to annoying advertisers? Install free browser Tor, which works on the principle of a chain of proxy servers built between you and the site. The servers are selected randomly each time, the intermediate data is encrypted - it is impossible to obtain information about the user.

The security of computer data and ours, the user's, is measured by the absence of viruses - Trojans, worms and other nasty malicious programs designed to slightly or seriously spoil the lives of you and me. However, the last couple of years have shown that viruses of the past, and even the present, are a child's 8-bit squeak on the Super Mario lawn compared to what really threatens each of us.

Well, what can a virus really do? Force the owner of a computer to download, after parting with his hard-earned fifty dollars, a licensed antivirus? Reinstall the operating system? Change passwords on Facebook? Fix a hole in Wi-Fi? Run around to offices engaged in data recovery? Scared! All this can be solved and is not scary.

It’s much worse that all that seemingly harmless information that we share every day with curious friends, boastful colleagues and annoying relatives can end up in the hands of criminals at any moment. Who, how and why is constantly watching us and how to prevent this vile fact - this is what we will talk about today.

Would you like some cookies?

Smartphones can enter the coordinates of the point where the photo was taken into the system fields of a photo file. When you post a photo to in social networks online resources can automatically compare coordinates and provide the exact address of the shooting location.

Facebook and Email have become an integral part of every morning for many. But think about it for a minute! After all, you and I constantly send so many intimate details of our lives to the World Wide Web that no spy is needed. It’s enough to record the actions we perform on our devices 24 hours a day: which club and with whom Sveta visited Facebook for the fifth time that night, what size shoes Alexey bought and how much, when Irina is going to a conference in Poland, which children’s club Sergei took his son, at which metro station Katya got off, what GPS coordinates Andrey assigned the tag home sweet home.

And who will write down all this seemingly useless nonsense, you ask? There is such a James Bond, and it is also installed on your computer. This is our own carelessness, hiding under the cute name “cookie” or cookies.

“C is for cookies and it’s good enough for me,” sang the cute blue plush Gingerbread Monster in the Sesame Street educational program, not even suspecting that he would serve as an ideological inspiration for the creators of the first “cookies,” Netscape Communications. Old geeks may remember that before Google Chrome, before Internet Explorer, before Opera and, of course, Safari, there was a browser like Netscape Navigator, the “grandfather” of modern Mozilla Firefox, and it was the most common until the mid-90s. It was Netscape that first introduced support for cookies. They were invented in order to collect information about visitors and store it not on crowded company servers, but on hard drives the visitors themselves. To begin with, the cookies recorded basic information: it checked whether the visitor had already been to the Netscape site or was visiting for the first time. Later, programmers realized that cookies can be trained to record almost any information about the user that he himself wants to leave on the Internet. They gathered, of course, without the knowledge of the peaceful visitors.

Imperceptibly introduced into Netscape Navigator in 1994, and into Internet Explorer in 1995, the “cookies” remained unknown workers until 1996, when, thanks to a journalistic investigation, the entire respectable Internet public learned about them, and an international scandal broke out . The public was shocked: the brother, while not very big, but still the brother, it turns out, was watching all the actions every minute and, moreover, recording everything. The creators' claims that all data is stored securely (namely on own computer each user) and cannot be used by attackers, were weakly reassured. But it soon became clear that these statements were not reliable.

As it turned out, with a strong desire, an attacker can intercept a “cookie” file sent to the site that created this work of computer culinary art, and, pretending to be a user, act on the site at his own discretion. This is how emails, accounts in online stores, banks, etc. are hacked. But, let's admit, this is not so easy to do.

Moreover, despite the declared anonymity of cookies, even marketers themselves admit that the classification of users, that is, you and me, has reached perfection. We are looking for all Safari owners, 25-35 years of age, male, with a Citibank card, graduated from the Moscow Aviation Institute, unmarried, suffering from myopia, wearing long hair, fans of the Star Wars series and the Nickelback group, with an annual income of $50-100 thousand, frequent visitors to the Rolling club Stone, living near the Novogireevo metro station? Please, these three people.

Who is buying this information? How will he want to use it? Our paranoia pours herself a glass of something with orange juice and refuses to answer this question. The mass scale of the phenomenon has long gone beyond any acceptable limits.

An experiment conducted by the Wall Street Journal in 2010 showed that the 50 most popular sites in America installed 3,180 spyware files (the “cookies” we already mentioned and their younger advanced brothers “beacons” or “beacons”) on their behalf on a test computer. , recording literally everything for serene users. Only less than a third of the files were related to the operation of the sites themselves - recording passwords, remembering the preferred section to start with next time, and so on. The rest existed only to learn more about a particular visitor and sell the information collected about him at a higher price. The only site that did not install a single unpleasant program was Wikipedia.

In addition to cookies, as we have already said, there are also “beacons”. They do not send themselves to users, but are placed directly on the site as a small picture or pixel. “Beacons” are capable of remembering data entered from the keyboard, recognizing the location of the mouse cursor, and much more. Comparing them together with the “cookies”, we get a picture worthy of a paranoid’s nest.

Using the Privacychoice.com service, you can find out exactly who is monitoring your actions, whether only general or also personal information is recorded, how long it is stored and whether its anonymity is guaranteed. Unfortunately, the unpleasant statistics were collected only for the main American sites.

What can this information be used for?

Fig 1. Approved list of words, phrases and expressions, the use of which may entail increased attention to your actions on the Global Network

Intelligencer Mark Zuckerberg

The American public, unlike ours, is not asleep and, having caught wind that the DHS is furiously spying on ordinary people, created an organization opposing this with the modest name EPIC. In one of their counter-investigations, EPIC employees managed to find out that the Ministry of Foreign Affairs had developed a certain list of surveillance activating words. You type, say, into Google the innocent phrase “Guadalajara, Mexico.” And the Ministry of Foreign Affairs immediately includes you in the list of potential bin Ladens and begins to record all your actions on the Internet, just in case. Suddenly you decide to blow something up, you never know...

A complete list of extremely strange words, many of which we use in online communication every day, can be found on pages 20-23 of this document.

In addition, as EPIC found out, the vast majority of at least somewhat significant domains, such as Facebook, Twitter, news email sites, cooperate with all known security services, giving them access to correspondence, personal data, location and even appearance users without a court order. According to one of the MIA employees, for every real suspect there are a dozen suspects on completely unfounded grounds. It is not clear how data transfer occurs in such a situation, how secure it is, and how the received information is disposed of if it is no longer needed.

Another blatant fact of the introduction of Johnsons, Petersons and Sidorsons into computers under the auspices of the fight against piracy was made public in the United States in July of this year. The fact is that the US Recording and Motion Picture Association has developed a project according to which providers will automatically report cases of media piracy. We are, of course, against piracy, but such an initiative means surveillance of users. The punishments seem especially strange: from soul-saving conversations and limiting the speed of the Internet channel to banning access to two hundred major websites in the world.

Even if you have a separate computer for work, from which you, like a decent paranoid person, never access the World Wide Web, we hasten to disappoint you. There are ways to monitor it even bypassing “cookies”, “beacons”, words from the terrorist list, etc. After all, you regularly update your antivirus anyway, right? What kind of signatures are sent to your computer? An antivirus creator who is interested (either by the government or by third parties) can, thanks to his program, search for anything on your hard drive. All you have to do is declare it a new virus.

Why is there an antivirus, your GPS, your smartphone, which is about to acquire a fingerprint sensor, Google Street View, programs for recognizing faces in photographs - there is simply no limit to the introduction of unauthorized strangers into our daily lives. Your supervisor at the FBI or MI6 is aware, they have already been told to him.

Dancing with pigs

But who gave it? We passed it on to you. Look how we treat our own information! Look at your Facebook settings: How many third-party apps have you allowed to use your data? Try installing a new program from Google Play Store in Android and for a change, read what powers you promise it (access to phone book? use the Internet as needed? making calls to your grandmother?). Take a look at Instagram's user agreement - by signing up, you've given full ownership of all your photos to Facebook! Create an account in the Amazon cloud and ask what you agreed to: Amazon has the right to change, delete the information you upload at its discretion, and also terminate your access to the site.

Computer science guru and Princeton University professor Edward Felten aptly dubbed what was happening “the dancing pig syndrome.” If a friend sent you a link to a program with dancing pigs, you will probably install it, even if license agreement it will be written about the possibility of losing all data, sense of humor, guilt, conscience, reason and average income.

What to do?

1. Make sure your home Wi-Fi have a good password and never use a suspicious Internet connection.

2. Change passwords more often, make them longer and stronger. We remain skeptical of password management programs and are torn between the fear of forgetting our twenty-three-digit alphanumeric password, the fear of email, Facebook, Twitter and other cute sites being hacked, and the fear of someone writing down our passwords if we keep a record of them in specialized program. As they say, here's your poison to choose from. If you choose the latter option, our paranoia recommends RoboForm and Last Pass.

3. Install CCleaner and don’t forget to use it (ideally, every day). If you don’t know where to get it, go to our website www.computerbild.ru and look in the “Download” section.

4. Install anti-tracking plugins in your browser. In Google Chrome, for example, we like the Keep my opt-outs Plugin. It removes data about you from more than 230 sites. After that, install Do not track plus - this plugin prevents “cookies” from sending information about you again. In Chrome, by the way, we recommend using the Incognito function. In this mode, you can only be watched from behind your back, so don’t forget to look around or hang a mirror behind your computer. Joke.

5. Use an anonymous VPN. A good and fast one may cost a little money, but the service is usually worth it. Of the free ones, we like HotSpot Shield.

6. Turn off Google history. To do this, type google.com/history and, using your gmail.com account, delete everything that Google has recorded about you. After this operation, Google will stop recording (probably), unless you ask otherwise.

7. You can also switch to the now popular TOR browser, which uses a volunteer network of computers to achieve maximum anonymity of transmitted encrypted data.

8. If your last name is Navalny or Nemtsov and you need to communicate with friends and colleagues via an unwatchable channel, install an anonymous file sharing program such as GNUnet, Freenet or I2P. In this case, we recommend doing it regularly backups data and store them on different clouds, accessing them through an anonymous VPN.

9. And, most importantly, read the user agreements of the programs you install. Before installing the next cats, think carefully about whether you need this program if it undertakes at any time, like a mother-in-law, to use the Internet and telephone on your behalf, check who called you, find out where you are, pay for purchases of your credit card and change your ringtone.

Other news

Imagine the picture: May, you come to the supermarket and buy a rake. A week later you come in again, and a horde of sales consultants runs out to meet you, vying with each other to offer to buy different kinds rake. The most advanced of them are trying to sell you hoes, and some even shovels. And none of your explanations that you have all the equipment left over from last season and in fact you came to buy a lawn mower, do not work.

You somehow fight off the consultants, making your way with the help of a shovel, which they managed to foist on you, and leave. But on the way home, you notice an advertising poster on the fence that says that all owners of rakes bought last week at three o’clock in the afternoon, and shovels bought today at 5:40, receive a discount on a wholesale batch of radish seeds, which are sold by a company from neighboring city.

This is how targeted advertising and user tracking on websites works. You go to the site, it assigns you an ID and starts tracking your actions. If this system only works within one website, that's okay. But there are a lot of companies (mostly, but not only advertising networks) that can track your movements across many sites and create a whole map of your online adventures and interests.

In addition to privacy, speed also suffers. Each tracking script placed on the site slows down the loading of the web page, and when there are many of them, such a slowdown becomes noticeable even to the naked eye. A couple of years ago, Mozilla developers tested the loading speed of sites with and without protection mode enabled and found that the average page loading time in tracking protection mode was reduced by 44%. On mobile devices Blocking tracking also has another advantage: less data received.

User tracking methods

In this article we will look at how to deal with tracking, but first we will understand how it works. Tracking is the tracking of a user using various browser identification techniques. There are at least five techniques: Cookie, Evercookie, fingerprinting, IP, behavioral analysis.

Cookie

The oldest and most intelligent way of tracking. Cookies were specifically designed to identify the user. The principle of operation is very simple: the user opens the site, it requests information from the cookie; if there is no information, the site decides that the user is on the site for the first time, generates a unique identifier and records it (with some additional information about the user) in cookies.

Now (in theory) on subsequent visits, the site will be able to recognize the user by a unique identifier that was recorded in cookies on his computer. It is clear that after clearing all cookies, the user becomes anonymous for absolutely all sites. However, besides HTTP Cookie, there are also Flash Cookie and Silverlight Cookie. And they need to be cleaned separately.

Evercookie

This type of tracking can be safely called a “Internet de-anonymization project.” It stores the user ID wherever possible. Both standard storages are used: HTTP, Flash, Silverlight Cookie, as well as various tricks like PNG Cookies (the server gives the browser an individual image with an identifier recorded in it, it ends up in the browser cache, and when the user next visits, the site inserts the image into the canvas and reads the recorded information into it), as well as HTML5 storage (Session Storage, Local Storage, Global Storage, Database Storage via SQLite, and so on), a log of visited web pages (only for older browsers), ETag header, java persistence API. Everything that can be used is used.

Removing Evercookie is very difficult. However, it has one drawback - just as in the case of cookies, the data is stored on HDD(or to the NAND memory of the phone). And this means that normal mode Incognito is invulnerable to Evercookie.

Browser fingerprint

In this case, the user is recognized by reading data about the browser, its settings and the device from which the user accesses the site. Is there a lot of this data? Yes very many. The simplest ones: user agent (name, version and bit depth of the browser and OS, type of device on which the browser is installed, functions supported by the browser, etc.), browser language, time zone, screen resolution, color depth, support for HTML5 technologies (hello, fans of digging V hidden settings browser), the presence of doNotTrack, cpuClass, platform, installed plugins and information about them, fonts available in the system.

Various tricky techniques are also used: Canvas Fingerprint, WebGL Fingerprint, WebRTC Fingerprinting. According to the creators of the scripts, the probability of recognition already exceeds 90%. And in some cases it is 99.(9)% (not many people like to install the Canary version of Google Chrome and delve into the chrome://flags settings to activate new HTML5 features). Disadvantage of the technology: in practice, recognition cannot be one hundred percent, because it is based on statistical data and there will always be a possibility of error.

IP Tracking

Using your IP address, you can find out the location (often with an error) and the name of the provider. However, due to the periodic change of IP in both wired and wireless networks this method is extremely unreliable and in practice is used only for approximate location determination.

Behavioral analysis

Identification based on the individual behavior and tastes of the user: mouse movement speed, favorite search filters, preferred products, image viewing speed, click frequency, and so on. The disadvantages are obvious: to track actions you need to use heavy scripts, which will not only load the channel, but also slow down computers. Recognition accuracy is too variable and depends too much on various factors.

How browsers combat tracking

As you can see, there are only two reliable methods to identify a user: Cookie and Evercookie. To protect yourself from them, it is enough to go to all sites in incognito mode, which is available in almost any modern browser. But then you'll run into another problem: besides tracking, cookies are used for many other useful tasks. For example, to store an authorization token, which allows you not to enter your login and password every time you enter the site. You won’t be able to save on traffic and page loading speed using incognito either.

Anti-tracking browsers work differently: they use blacklists of tracking scripts (like these) and simply block their execution.

In most browsers for anonymous surfing (Firefox Focus, Yo Browser, InBrowser, Ghostery, Cliqz and some regular browsers) it is also possible to automatically clear private data when exiting. For a smartphone, such cleaning is quite enough to deal with Evercookie.

With a browser fingerprint, things are more complicated, because the browser transmits most of the information not out of a desire to tell more about itself, but so that the web page is displayed correctly. As a protection option, the browser can send information about itself that will be similar to the maximum number of other browsers.

Test bench

A smartphone was used for the browser test Samsung Galaxy S7 and the following pages:

• https://site
• https://site/2017/08/15/mobile-mesh/
• https://www.svyaznoy.ru/
• http://www.theworldsworstwebsiteever.com/
• http://www.samsung.com/ru/

Brave

“Brave is on a mission to fix the web by providing users with a safer, faster, and more seamless user experience through a compelling new rewards ecosystem. Brave is more than a browser, it's new way thinking about how the Internet works."

After such loud statements, you expect something special, but a couple of minutes after installing the browser you understand what’s wrong. The browser is Chromium with ad blocking and tracking prevention features with the ability to enable/disable blocking for a specific site.

The main difference from Chrome is that there are no news on the main page and no traffic saving mode.

• Engine: Blink
• ROM consumption (excluding application data): 108 MB
• RAM consumption (open only Homepage): 130 MB
• RAM consumption (five test sites open): 372 MB
• Number of blocked trackers (for five test sites): 29

Continuation is available only to members

Option 1. Join the “site” community to read all materials on the site

Membership in the community within the specified period will give you access to ALL Hacker materials, increase your personal cumulative discount and allow you to accumulate a professional Xakep Score rating!

Update your operating system regularly. Attackers spy on users by installing viruses on their computers or hacking computers. Regular system updates will eliminate vulnerabilities and neutralize malicious codes.

Update your programs regularly. Latest versions programs add new features, eliminate vulnerabilities and fix bugs.

Update your antivirus regularly and do not disable it. If you do not update your antivirus database, it may not be able to detect some viruses. Also, do not disable the antivirus (let it always work in background) and regularly scan your system for viruses. We recommend enabling automatic update antivirus or always allow it to update when prompted.

• Antivirus programs look for viruses, spyware, rootkits and worms. Most antispyware programs are no better than good antiviruses.

Use only one antivirus program. If you install several antiviruses on your computer, they will conflict with each other, which will slow down your computer. In the best case, one of the antiviruses will trigger falsely, and in the worst case, the antiviruses will interfere proper operation each other.

• The exception to this rule is antispyware, such as Malwarebytes. They can effectively work simultaneously with an antivirus program, providing an additional level of security.

Do not download files from unreliable or suspicious sites. For example, if you want to download VLC media player, do so on the official website of the media player (www.videolan.org/vlc/). Don't click on links to random or unofficial websites, even if your antivirus doesn't warn you.

Use a firewall. The firewall checks all incoming and outgoing connections. A firewall prevents hackers from finding your computer and also protects you from accidentally visiting dangerous websites.

• Majority antivirus programs include a firewall, and all major operating systems there's also a built-in firewall, so you probably don't have to worry too much about the firewall.

Do not use an administrator account. Please note that if you log in as an administrator, any software, including viruses, may receive administrative rights. This will allow malicious codes to wreak havoc on your system and spy on your activities. If you use a “guest” account, the virus must be much more powerful in order to penetrate the system and work on it. From under account guest malicious code will be able to send information about you, but nothing more.