Privacy in Linux

PcBuilderEd

Member
Joined
Jun 30, 2017
Messages
78
Reaction score
42
Credits
0
Good evening all, I have a few questions regarding privacy in Linux. One of the reasons im getting involved with Linux is privacy. Ive always had issues with Google, but Windows pushed me over the edge though when it hijacked the wireless switch on my computer so I can no longer shut it off...
What are some things I can or should do to protect my privacy when web browsing in Linux? Im assuming firefox is an improvement over Chrome or internet explorer? Ive been using Startpage as my homepage which im sure helps but ive heard about many other things which are new to me. For example I know there are privacy focused distros (TA ILS) that are only bootable from the USB. That seems a bit overkill to me. I remember Jarrett posted something regarding this in the previous forum. Ive also heard about VPNs (these sound promising), adblockers, uorigin, etc. In my mind, ideally one would be able to search anonymously. I'm not as concerned with circumnavigating some government agency, more like I dont want any of the companies a having all my info and raising my insurance rates because I searched for some diasese, or getting advertisements, or having it affect my credit score, or job prospects... Are there tools which I can plug into Linux Mint for example, or are these best used with a specific distro?
 
Last edited:


At work so can't get too deep into this. I think that security/privacy is always a bit of a tradeoff for convenience. But there are some simple things that help, like enabling your firewall, and using some specialized browser extensions. A few of those that I use in Firefox are AdBlock Plus, HTTPS Everywhere, and NoScript.

NoScript requires some time to discover and set exceptions for websites that you trust to run Java scripts. I think this is a great tool, but it is easy for people to get tired of the inconvenience and allow more scripts on a site than what they really need, thus diminishing their security.

There is no perfect solution, only vigilance on your part. Even Tails warns that they are not completely anonymous. Watch reporting on the Equifax hack in the days and weeks ahead... already one of the prime things you can do to protect yourself is to "freeze" your credit with all three major credit bureaus, but again, this will cause you some inconvenience in the future when you need to open some new credit line yourself, like moving or buying a car or getting a mortgage.
 
Firefox is a great browser.
Sure, it might not be quite as fast as Chrome, but you can be sure that your usage isn't being tracked by google.

WRT: Privacy - there are a lot of browser extensions for Firefox that can improve your privacy.

Ad-blockers like "Adblock Plus" and "ublock" are great for blocking pop up adverts and even in-page adverts and video adverts. With ublock you can even explicitly choose elements on a page and block them too.

These help you to avoid trackers placed in adverts used by certain ad-providers and also avoid malware embedded in some ads.

Some other useful extensions that can help increase privacy and reduce tracking are:
Privacy Badger (from the Free Software Foundation) tries to stop sites from tracking you. It automatically blocks known trackers and will let you know which trackers were blocked on each page you visit (and the level of blocking applied) and which domains are possible trackers.

You also have the ability to change settings for individual tracking domains - So you can either completely block certain domains - or if they provide vital functionality for a website, you have the choice to allow them, but stop them from storing cookies, or you could allow them completely. In the settings for each detected domain - it uses a traffic-light style system. So a Domain that has its slider set to red is blocked, a domain that is set to orange/amber is allowed, but cookies are blocked and a green domain is completely allowed.

https everywhere - ensures that you have a secure https connection to every website that you visit. If a site doesn't have a valid ssl certificate, then https everywhere will block you from accessing that site, warn you that a secure connection could not be made and then give you the choice of whether or not to open the page. Ensuring that you are connected to sites via SSL helps to avoid "Man In The Middle" attacks.

And finally, there is noscript - which will allow you to block javascript on all web-pages that you visit.

After installing noscript, it prevents ALL scripts running by default. So the first time you visit a web-page, it will prevent all scripts from running on that page. It will also display a bar at the bottom of the browser telling you how many scripts it has blocked and will present you with an options button. Clicking the options button will list each script that was blocked and give you a whole bunch of options. You can temporarily, or permanently allow individual scripts, or you can explicitly block them, or you can block all, allow all etc...

And when you open a page and see how many 3rd party scripts some sites are using - it can be quite mind boggling!

Noscript can be a bit of a chore at first, but it does give you fine-grained control over which scripts on a web page are ran. It can take a little trial and error to determine which scripts are needed for a page to work properly and which ones are completely unnecessary. But once you have it set up for the websites you visit most often, you won't need to change any settings.

Between Adblock Plus, ublock, Privacy Badger and Noscript you can avoid pretty much any nasties that are out there.

From there, you can take things a litte further to improve your privacy.
You could switch to using duckduckgo as your default search engine. Duckduckgo do not collect or share personal information about users or their search histories etc. Though reading back through your post - I see you are using startpage.com - I hadn't heard of them before, but from a quick look, they seem to be more or less equivalent.... Hmm - I might give them a go myself!

Also take a look at the settings for Firefox as there are some settings in there that can improve your privacy and security.

Oh and enabling your firewall will help too. Linux has a built-in firewall - iptables. iptables deals with network packets at the kernel level, but some distros leave it configured to allow all network traffic by default and don't set any additional rules for it.

You can manually define rules for iptables, but most users prefer to use a front-end like firestarter, ufw/gufw etc.

On Debian I installed ufw and gufw. Also I think fresh installs of Mint already have ufw installed anyway, but I don't know whether it is activated.

You can check by using :
Code:
sudo ufw status verbose

If the output from the above command says that ufw is already running - great. Your firewall is already configured and running. You don't need to do anything more.

If it is not enabled, you can enable it like so:
Code:
sudo ufw enable

The default set of rules used by ufw should be good enough for most home users.
 
Last edited:
Working on a couple things, but i'll also put in a good word for duckduckgo as your search engine.. i'm so entwined with google at the point now though I think i've given up on the whole privacy thing :/
 
Im also excited because, as best im able to tell, Atanare and Wizard havent posted on this yet...
upload_2017-9-13_12-26-52.png

Why start up a thread and have to maintain it when I can wait for someone enthusiastic such as yourself (lol) to start one, whereby I can just swing through and put in my 2 cents?

I endorse virtually all of the comments made above.

I have been with Firefox since Version 1.0 Release Candidates, end of 2004. Used it on XP, Vista, and Windows 7, until my epithany to totally run Linux, where I found to my delight that it was the browser of choice, shipping with more Distros than not.

Just a clarification on NoScript, and you can see it in my screenshot below, as an Extension incorporated under FF Addons

md0TzsN.png


NoScript should not be confused with No-Script Suite Lite, which is an independent product shipping through Chrome Web Store for the Chrome Browser.

And that reference (to Chrome) leads to

WIZARD’S RECOMMENDED READING

here https://en.wikipedia.org/wiki/Chromium_(web_browser) which explains the differences and similarities between

  • Chromium Browser and

  • Google Chrome Browser
If you are content to just explore one Linux at a time (or embrace it for years), then having a 2nd browser available in case one crashes is a good option, and mine of choice is Chromium, although I explore others from time to time. But I have not evaluated their security features (yet).

Back to NoScript and that screenshot of mine above -

You’ll note the references to “Legacy”, and these are explained here

https://support.mozilla.org/en-US/kb/firefox-add-technology-modernizing?as=u&utm_source=inproduct

… so that is a heads up that from FF 57.0 on (the nightly release is available now ), we may have to rethink our Addons strategy, or else wait until our favourite developers catch up with the new FF.

Cheers all

Wizard
 

Attachments

  • upload_2017-9-13_12-26-42.png
    upload_2017-9-13_12-26-42.png
    105 bytes · Views: 531

Members online


Latest posts

Top