Mobile Browsing -vs- Desktop Browsing

Ever since Edward Snowden, privacy has been an issue on many peoples minds.  Who sees what about you?  Beyond all the NSA hype over Mr. Snowden’s revelations, for those of you who own an iPhone, Android phone, Windows phone or some other internet connected mobile device, the answer is more than you think.

I’ts possible Apple or Google know as much about us as we know about ourselves.  Not only do they know our entire digital life but they know much more about you ‘off line’ life than you thought.

The mobile devices today are so sophisticated they know if your standing still, walking or running and with gyroscopes some can tell if your standing, sitting or lying down.  With the GPS data they collect they can literally build a profile of your off line life.  What stores you shop, what types of restaurants you eat at and how often and what times, whether you go to the movies or theaters, fitness clubs or other clubs such as Rotary, Kiwanis, Lions, Junior Chamber or whether you go to church or not and what church you attend and how often you go.  You put all this together with the digital data they collect, and they do collect a lot.  Think about the last time you installed an app on your phone.  Do you remember that it said it needs access to A. B. C. D and so on?  They can put together a pretty good profile of you.  Interested in seeing your own location history?  Just head on over to Google Map location history page and take a look.

Now of course they will tell you it’s to provide you with a better user experience and perhaps to some degree this is true.  For example Google or Apple know you visit a fitness center twice a week (and yes they know what time) so you suddenly start seeing fitness adds when your surfing the web.  Or ads for nutrition supplements or such.

Pay close attention to what Google says below the Location options:

“Google’s location service uses Wi-Fi and other signal to determine location more precisely and quickly, often with lower power usage than GPS. Some data may be stored on your device. Data may be collected even when apps aren’t running.”

On your phone if you check out the second Location option on the setup screen, you see that it can even scan Wi-Fi signals when Wi-Fi is off, and it can do this with a minimal hit to your battery.

The problem though are the words “anonymous” and “collected.” As you will see, it is not really anonymous because it is tied to your account and your phones UID, and that it is collected, means that your movements are being recorded.

Now even if you delete your location history it is not deleted from Google servers.  Though you can no longer see it they can and do continue to use it for marketing purposes.

Now browsing at home is a bit different.  Chances are you desktop computer doesn’t have any of the GPS or location services (some laptops do) but your every online move is tracked by someone somewhere.  Did you ever hear about someone getting arrested for doing something illegal on the net?  Chances are you have.

They always give the lame excuse “someone must have hacked my Wi-Fi” or “someone hacked my computer or on-line account” but they are convicted anyway.  Sometimes it’s because they found incriminating evidence on the computer but more often it’s because of something you don’t hear about…“Browser Fingerprinting” it’s like digital DNA  See these two articles on browser fingerprinting.  Here and here.  Want to test your browser?

According to the EFF “Assuming that you can use TOR or a VPN or an openshell anywhere to tunnel away your IP address, the “safest” practice would be to fire up a virtual machine, install a stock Windows Seven on it, and still use Tor and / or a VPN and use that for any privacy-sensitive operation. Do not install anything unusual on the machine, and it will truthfully report to be a stock Windows Seven machine, one between a horde of similar machines.”  You have also the advantage of the machine being insulated inside your true system, and you being able to snapshot/reinstall it in a flash.  This can be very useful, in that you could keep a “clean” snapshot and always restore it before sensitive operations such as home banking. Some VM’s also allow ‘sandboxing’, i.e., nothing done in the VM will actually permanently change its contents — all system changes, malware downloaded, virus installed, keyloggers injected, disappear as soon as the virtual machine is powered down.

But others say that the technology is ever evolving and almost impossible to defeat.