DIY with Privacy

January 16, 2019 0 By admin

Guys, do you like experimenting with your smartphone? Are you looking for ways to improve it and find useful productivity applications?

Me, too.
I have recently stumbled upon one article that has recommended using the Dragon Mobile Assistant. The company offers the application for free. The majority of users are very happy with the quality of voice commands and how the app works.

I am just curious if anyone of those happy users asked the question: why the company is so generous that gives the application for free and is not asking for an upgrade ($$)?

I found the answer when I have tried installing the app. Since it works like a virtual assistant similar to Google assistant, it needs access to virtually EVERY feature of the phone including unrestricted access to your private data: location, Wi-Fi connection, your contact list and calendar, SMS, phone, call logs, Bluetooth, and more.

And it means that the Dragon folks know everything about you: who your contacts are, where you drive during a day, your usual location, who you have recently called to and for how long, the copies of your texts, where you do prefer to shop, and many, many more details.

Guess what the company does with your personal data?
Correct! It sells it to anyone who pays top dollar. Do you know who the buyers are?
The retailers, insurances companies, and the government. The only difference among them is that the government doesn't pay - it either hacks the data (like NSA) or requests to submit them over for free. The location-targeted advertising is reaching an estimated $21 billion this year.

If you are comfortable with the lack of privacy, that app is for you. As to me, the convenience (that usually saves a few minutes a day on typing vs. voice recognition) cannot prevail over my privacy.

For instance, if you shop for some products to smoke, the health insurance company will have the data about you as a smoker. They even would know how much of that stuff you are buying. Do not be surprised if you will be inserted in their shareable database as a smoker, and your health policy premium will never be the same.

So, the next time you see that “cool” free application, understand that you are giving up a lot more than you might have bargained for.

I know some folks that have installed Google speakers in every room. They work similarly to Amazon's Alexa. Whenever you have any question or desire to listen to the music, you just say something like " OK, Google, play Beatles". And voila, it plays the music.

Those folks have dropped their jaws when I have explained that they have the spy in each room.
The speaker is listening you!
Even if you are not talking to a speaker it sends your conversations back to Google!

If you have discussed with your wife which dining table to buy, tomorrow, your Google page might display the ads about furniture at your location or online stores (a real story that happened with my friends whose smartphone was not even using Google apps at that moment).
What if you have discussed some politics or your finances, or something you don't want anyone to know?

Hey, it is not up to you but it’s up to Google! Google builds the full profile on you, your buying habits, political preferences, health conditions, and even something you really don't want anyone to know (like your sexual orientation or habits,
or your frequent attendance of some private clubs).

Try using Google search for your first and last name, like “Jo Doe” in quotes, and you might be surprised that there is likely some database on the Internet that stores your home address attached to your name. You may be surprised to find out that Google knows all your family members are their home addresses. No big deal, right?

But this is how the person who is interested to find out more about your private life for any reason would start. He can track you down by following your daily habits.

Today, your private life is an open book that any social media company or individual with despicable motives can exploit. With just a few dollars, a few clicks, and a phone call, almost everything someone wants to find out about you can quickly be put together into a complete profile.

I have recently booked the flights to DR for a short vacation. I have received the email confirmation from Southwest airlines by Google email. Guess what?
A few days later Google (not Southwest) sent me the email with a reminder about my flights.
How did they know?

The answer is right in a front of your eyes: Google scans your emails WITHOUT your permission and collects even more data about you. The data is being sold. This is how they make money on your personal data.

Amazon's Alexa is the same spy.

In fact, your telephone with numerous applications is also the walking spy that never leaves you alone even during night hours. You place it on the bedside table, don't you? If your installed application has access to your microphone, it can record the conversation even if you do not unlock the phone. Do you have the guarantee that it wouldn't?

When I talk to my kids about privacy, they argue that these companies will “just” use this data to advertise to you, and monitor your buying behavior patterns. The problem with this thinking is that someone has access to the raw data, including the ability to find out your name and attach it to that data.

That “someone” is a real person who you don’t know.

Maybe this person notices that you have left for vacation using the location data (your home vs. your current location, like in the Dominican Republic). Then they could decide to “keep an eye on your house,” seeing what kind of house you have by using Google Maps. They could use public records to find out who else is there. Then, who knows what could happen next?

Marketing and advertising aren’t everything that can be done or is being done in reality, with your location data.

No questions, an agency like NSA won’t actively be looking for you if you didn’t do anything wrong. But it is up to the agency to interpret what means “doing something wrong”. Again, it is not up to you to determine. Another danger is that it is possible that your activity could be located close to a person who is doing something wrong, or anyone you might know could do something wrong… and you could get caught up in their investigation.

There was an article on New Your Times in December 2018: “Your Apps Know Where You Were Last Night, and They’re Not Keeping It Secret”. Per the article, your apps know what you do 24/7/365, tracked every 21 minutes on average.

What should you do if you want to protect your privacy?

Several steps can be taken to, perhaps, minimize the exposure of your private data.

#1. Get educated about computer security. Read the articles, posts, and tiny font text about privacy before you activate any application.

#2. Avoid Google as much as you can. Switch to another independent email provider. Maybe even choose the one that is not offering a freebie but is asking for a small fee. There is a better chance that the company is not going to sell your data because they make money on subscription fees. Read what the company said about your privacy and shared data.

#3. Don't buy the “spy” devices from Google or Amazon (Alexa and Google speaker). If you have already bought them, I recommend you use the remote switch that can power up or down your device remotely. Power it up if you need to ask Alexa or Google about anything but power it down immediately thereafter.

#4. If you are installing any apps on your smartphone, read the requirements about access rights to your phone. Avoid installing any apps (even the best) if they request too much data from your phone.

Disable most of the Google apps on your smartphone. I have left only Google maps but I have restricted collecting data about my destinations. Google allows to "pause" collecting the data. Thank you, Google, you are so generous!
Remember, if you have the GPS turned constantly on, Google records your itinerary. Turn it on only when you need the map, not to mention that the GPS is draining the smartphone battery down heavily.

#5. Create several disposable email addresses to be used for various forms with fake names (like Joe Google or Marta Booble). Use your primary email address for important emails only.  Do not read emails from unknown senders and NEVER-EVER opens the attachments from them. Your curiosity may cost you a lot of trouble and money.

#6. Get the encrypted emails. I personally prefer Proton email. I can send the password-protected email to my recipients and let them know about the password either by texting or calling.

#7. Use VPN (encrypted channel) as much as possible. Your ISP (Internet Service Provider) also has the way to collect your data and the website destinations. Using VPN, you, perhaps, limit access to your browsing info and emails that are normally sent in plain text. You can find plenty of low-cost VPNs that don’t collect the data (like Private Internet Access VPN).

#8. Now, let's go a little more technical. I can tell you in advance, if you are not technical enough in computer networking, find someone knowledgeable who can do this for your home internet router.

Every home router must have the default DNS (Domain Name Server) settings. That setting allows the router to direct your request for a website address to the root DNS servers that hold the huge table of worldwide web sites addresses.
Upon your request, the root DNS server responds with the right address that is being forwarded to your home router over several other routers on the way back.

The fact is that many home routers have the following default DNS settings:
what belongs to Google DNS servers. Google is here, too! And as a habit, it keeps the log of your requests and, correspondingly, the list of websites you were interested in. Even if you don’t use Google’s Chrome browser, you still allow Google to collect your browsing history.

I would recommend changing the default DNS settings to which belongs to the Open DNS.

What am I doing now? Moving my email folders out from Google to email.

Man, never assume that the right thing is being done with your application data. If you have installed the app with a lot of access rights to your phone, you have traded your privacy away. Anything can be done with that information. It may not happen today, or even next few months.

However, at some point, access to your private location data may be worth exploring by a company, identity thief, or government agency.

I have more recommendations to improve the security of your PC and the smartphone, not to mention Social Media. Just ask me.

Safe computing, man!

If you like what you read and want to be notified about future articles, please subscribe for FREE (at the bottom of a page)