Tool in the Spotlight: HTTPS Everywhere

This month’s Tool in the Spotlight: HTTPS Everywhere, a Firefox extension by the good folks over at the Electronic Frontier Foundation (EFF) that encrypts your communications with many major websites, making your browsing more secure. It checks whether websites you visit offer encrypted browsing and if they do, automatically switches you to the encrypted version of the website.

Check out the tool’s website at https://www.eff.org/https-everywhere for download instructions.

NOTE: we are entirely unaffiliated with whoever produces this tool, we receive no compensation whatsoever from them.

2016-SEPT-16 – 04:00 UTC to 06:00 UTC

IvyDNS will undergo maintenance starting on Friday, September 16th, 2016 starting at 04:00 UTC. The service window will extend over 2 hours at most. While we expect no actual downtime during this maintenance window, you will likely experience a temporary increase in latency for the duration of the maintenance and will fall back, as designed & intended, to your secondary server.

In the event that IvyDNS does not respond to your requests at all, wait a couple of seconds and re-run the updateIvyDNS script before retrying. Verify that the script’s log contains ‘OK’.

Windows 10 “telemetry” blatantly disregards your choice and your privacy

With Windows 10, Microsoft blatantly disregards user choice & privacy. That’s not (just) us saying this, these are the good folks over at the Electronic Frontier Foundation.

Head over to the EFF’s page for the full article, which is most definitely a worthwhile read.

The amount of data that Windows 10 ‘telemetry’ sends back to Microsoft has, without exaggeration, never been greater: which apps you use, how long you use them, when you use which one, which sites you go to, how long you spend on them, even including your text input (yes, that’s what you type), etc… The list of data points that is collected on you and sent back to Microsoft goes on and on and on…
And sadly, one of the main purposes of this all is to profile you and be able to present you with advertising. You can turn if off now if you want, but unfortunately that’s not a guarantee that your devices will obey you nor does it mean that it will stay off when new ‘critical updates’ are pushed onto your devices.

Fortunately, even if you installed Windows 10 (be it willingly or unwillingly) IvyDNS still protects you and your privacy to a large degree against the spying and data collection. IvyDNS monitors the domains in use by this ‘telemetry collection’ and prevents your devices from connecting to them! In fact, IvyDNS keeps a special eye on these telemetry domains… because if your devices can’t reach these domains, they also can’t send the data back to them!

On-line advertising is theft of your security

Advertising networks like Google AdSense, DoubleClick, Bing Ads and many others have a huge reach and that makes them very interesting to anyone trying to spread malware. Many mainstream sites give these networks real estate on their pages. When you visit your favorite site, which serves ads from such a network, in effect this network touches you and your device directly.

Advertising is not the only thing that advertising networks serve to passers-by. Increasingly frequently, those with less-than-honorable intentions are and have been using them to distribute drive-by download malware.
All you have to do is visit a website where this ‘advert’ is served and if you have no other protection, you get infected without ever having to do a thing: it downloads automatically, infects you automatically, and you would never have known, all you did was visit a site. It could be a virus, spyware or in a worst case scenario, ransomware.

Once again, Google AdSense is being abused to distribute Android spyware. This isn’t the first time that this is happening and it won’t be the last. It’s just too easy for these networks with their huge reach to be exploited this way.
The way this works is that someone buys advertising space through the network and submits something that looks and behaves entirely genuine as an ad. Once approved, the benign ad is switched out for the malware which now is served to a very specific set of people, namely those that the advertiser specified as being the target audience. Surprisingly, one can be remarkably specific in who you want to display your adverts to, as specific as saying “here’s a list of e-mail addresses of the people I want to show this specific ad to“. Google calls this particular form of targetting “Google CustomerMatch”.

This is just another reason why it is unwise to just allow any unvetted code coming from the internet to run on your devices. Especially not if it comes from a source that is known to be used as a distribution vector for malware.

With IvyDNS, you are protected you from these types of attacks. It not only blocks your devices from pulling down anything from advertising networks, it also blocks other known malware-related domains, be they exploits, phishing, hijacked domains, scams or other forms of undesirables. IvyDNS specifically hunts these domains down and makes sure you don’t get in contact with them.

IvyDNS is different from an ad-blocker

IvyDNS does ad-blocking and while this is not the only thing it does, it is the one that stands out most. With claims, or should we say ‘hopes’, by the IAB (Internet Advertising Board) that usage of ad-blockers is plateauing, they are still trying to get you to absorb as many ads as possible, fortunately IvyDNS is right besides you to protecting against the theft that is on-line advertising.

One of the newest trends that we are observing, and surely you’ve seen this as well, is that certain websites will be passive-aggressive and in most cases just plain aggressive in telling you that you can’t access the site unless you turn off your ad-blocker. How do they even know that you are running an ad-blocker? Well, these websites look for ad-blockers installed as extensions in your browser either by behavior or just by enumerating your extensions and when one is detected, trip the logic that complains to you.
But IvyDNS does not have a detectable footprint on your machine and it is not detectable in the same way ad-blockers are detected. This means that with IvyDNS, you keep flying under the radar, never to be seen by anything that is trying to steal away your attention or your bandwidth.

Traditional ad-blockers run inside your browser and only deal with HTTP/web traffic. Anything outside of that limited space is not something where they are even capable of protecting you. IvyDNS is different from your run-of-the-mill blocker, it works on a much deeper and more comprehensive level than traditional ad-blockers which protects you and your device from ever getting in contact with known advertising networks or domains associated with other undesirable content.
IvyDNS is much more effective in protecting you against this undesirable content than regular ad-blockers: it prevents ahead of time instead of dealing with it afterwards!

Why privacy matters

Over the last 16 months, as I’ve debated this issue around the world, every single time somebody has said to me, “I don’t really worry about invasions of privacy because I don’t have anything to hide.” I always say the same thing to them. I get out a pen, I write down my email address. I say, “Here’s my email address. What I want you to do when you get home is email me the passwords to all of your email accounts, not just the nice, respectable work one in your name, but all of them, because I want to be able to just troll through what it is you’re doing online, read what I want to read and publish whatever I find interesting. After all, if you’re not a bad person, if you’re doing nothing wrong, you should have nothing to hide.” Not a single person has taken me up on that offer.

Glenn Greenwald in Why privacy matters – TED Talk

2016-AUG-12 – 14:00 UTC to 16:00 UTC

IvyDNS will undergo an upgrade of its services starting Friday, 2016-AUG-12 at 14:00 UTC. The service window will extend over 2 hours.
We expect no downtime during this window, and IvyDNS will remain available throughout but it is possible that you experience a slight decrease in how fast IvyDNS responds to your queries for the duration of the upgrade window.
In the event that IvyDNS does not respond to your requests at all, wait a couple of seconds and re-run the updateIvyDNS script before retrying. Verify that the script’s log contains ‘OK’.

UPDATE: The service window has been extended to 20:00 UTC

We do not use google analytics

Have you noticed that we don’t run Google Analytics on this site? If you’ve ever used it, you’ll be very well aware of the level of detailed in the information it gathers. When used and activated, it knows who you are, tracks you as you browse from page to page, knows how far down a page you scroll and much, much more, it even follows you from one site to another, because everyone else is using it. All of this information is used to build up a detailed profile of you based on your behavior and habits, all for a single purpose: to sell you on as a ‘known quantity’ to advertisers.

At Fundamental Software, we take privacy very seriously and we think that Google Analytics is a huge invasion of privacy. We therefore do not use it (Take a look at the requests sent by your device when you pull up this website, you’ll notice that those requests only go to our servers and not some set of unknown third parties that hitch a ride to display advertising or collect metrics.).
But if you use IvyDNS, then you are protected by default from Google Analytics’ (and other’s) prying eyes, even on sites that do use it or other metric-collection (e.g. New Relic). With IvyDNS, you literally stay under the radar of most of the prying eyes on-line.

This is just one of the ways that we walk the walk and don’t just talk the talk!

On-line advertising is theft of your Attention

Attention is the allocation of limited processing resources, it is a finite resource and once spent, it is forever gone. If you want to think of attention in terms of a commodity, then attention is one of the most valuable ones since it drives & influences our actions, behaviors & thoughts so deeply. We pay attention to something and thus use up a currency. This is something that advertisers know all too well. The battle for your attention is full-on. As the source of this finite pool attention, you are the target and the aim of the game is to steal as much of your attention from you as possible, only to be redirected to the whoever gives the harvester the highest bid!

The reason money is spent on advertising is because it changes your behavior, but only if the cost is lower than what you will bring in through your change in behavior, namely spending your money with the advertised product or service.
In order to change your behavior, the first thing that needs to happen is that your attention must be stolen and redirected towards the advert. An effective advert is designed specifically to accomplish this task quickly and effectively. In a blink of an eye, it must steal your attention and then retain it at least long enough so that its message can be conveyed to you.

Every time that your attention is stolen from you, the price you pay is not just limited to this direct attention that was stolen away from you but it is also in the time, effort and energy required to refocus your attention back on your original task. You really do pay the price of losing your attention multiple times.

On-line advertising is portrayed to us, the eye-balls, as being totally unobtrusive and subtle: “On-line advertising is something that you shouldn’t worry about; it won’t interfere with you too much & you’ll never notice it’s there, we won’t steal your attention, promise…!” That is what advertisers are telling us and what they will have us believe.
But these same advertisers then turn around and tell a very different story to their real customer: those buying display time from them to serve their adverts. They sell their advertising locations and present it as the most effective way to capture the attention of a specific audience that will most likely act on the advertising. “Capture the attention of”, indeed…
Advertisers know all too well that these adverts steal your attention away from your chosen way of spending it, and many research studies confirm that on-line advertising is superbly effective at stealing our attention.
Similarly, those paying (in money) for on-line advertising also confirm these findings. If advertising didn’t work, the vast amounts of money being spent on on-line advertising would be effect-less. Yet this expenditure on behalf of those advertising isn’t for naught & it is effective because it does indeed steal away your attention in order to refocus it on the advert.

On top of all of this, advertisers behave as if attention is an “unrealized resource” which is used to indicate that “it is ours but we just haven’t taken it yet and preventing us from taking it is stealing”; their position is that it unquestioningly belongs to them, even before it is willingly given to them. By guarding your own property, you are somehow depriving them of something that they consider already theirs, protecting something that is & was yours all along, is contorted into being theft. But a thief claiming that all your belongings are just his ‘unrealized assets’ & that securing your home deprives the thief thereof, wouldn’t be able to count on much public support, and neither should advertisers.

Attention theft is not without consequences. Long term effects of it fall under Attention Control Erosion. Attentional control refers to the ability to consciously determine what to pay attention to and what to ignore. On-line advertising conditions us into an artificial new-normal where it is normal for your attention to jump from one thing to another by constantly bombarding us with new things, each screaming for what it considers its fair share of your attention. In the long run, you build up an attention deficit because it becomes normal to pay only cursory attention to everything instead of paying close attention to anything. In effect, through information pollution, your future attention is being stolen from you as well as your present attention.

We know that all of these things are true. For instance, we have strict spam-filters in place already because spam distracts us from what we’re trying to accomplish. Yet when it comes to the Internet, we don’t have a solid defense against this yet. IvyDNS gives you this defense! It prevents advertising from interfering and restores your power in your determination of what to pay attention to. It blocks advertising from being downloaded by your device(s) and it gives you your control over your attention back!