Please visit the new Mac-Forums Facebook page:
Join Us @ Mac-Forums Facebook Page



Page 2 of 4 FirstFirst 1234 LastLast
Results 16 to 30 of 46
  1. #16
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    pm-r's Avatar
    Member Since
    Oct 16, 2010
    Location
    Brentwood Bay, BC, Canada
    Posts
    12,526
    Rep Power
    20
    @PGB1
    Thank You for explaining the steps you have taken and are using to help prevent this from happening again. I appreciate learning them.
    Here's some more info that might interest you:
    How cookies track you around the web & how to stop them | Privacy.net



    - Patrick
    ======

  2. #17
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    macgig's Avatar
    Member Since
    Mar 15, 2006
    Posts
    1,037
    Your Mac's Specs
    2015 Retina 4k iMac. Mojave. 8GB RAM
    Blog Entries
    1
    Rep Power
    14
    all websites track us. facebook tracks us even if we are on other sites, even if we don't have a facebook account! Its not just cookies that track us, its far more complicated and sneaky than I ever realized... see the list below how we are tracked... using the private incognito window does little to prevent it from what I understand... (you can delete Java, flash, and Silverlight to get rid of 3 things used to track us)...

    check this site out: https://panopticlick.eff.org/

    Methods used to track us online:



    • IP address
    • 3rd party connections
    • http referrer
    • cookies
    • scripts
    • super cookies
    • mobile tracking headers
    • browser fingerprinting
    • canvas fingerprinting
    • browser volunteered information
    • browser functionality
    • java
    • javascript (disabling this causes many websites not to work).
    • microsoft silverlight
    • flash
    Last edited by macgig; 11-24-2019 at 05:55 PM.


  3. #18
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    PGB1's Avatar
    Member Since
    Dec 05, 2008
    Location
    Detroit
    Posts
    544
    Your Mac's Specs
    2007 Mac Book Pro 2.2 Ghz 4 GB RAM SSD OSX 10.11 & 2006 MBP Stuck At 10.6.8
    Rep Power
    12
    Thanks Patrick & Macgig for taking time to reply. Those are interesting articles, although scary.
    It is amazing to me how important it is to companies that they be able to track us and how much work they must put into it.

    The article that Patrick linked, as well as Macgig's list, explain so many things can be used to identify the user it seems hopeless to stop.
    I'd learned about persistent cookies long ago and thought that Safaris' Develop - Empty Cache got rid of them. Wow was I wrong! It seems "Permanent" or "Ever" means "Permanent" and "Ever".
    From reading that article, plus many others, it seems that even if one nukes those persistent cookies, they will come back next time the site is visited. This is one tough cookie to crumble!

    The result from the Panoptticlick that Macgig linked were unsettling. It gave a list of the unique identifiers that can be used to track this particular computer and I see how every computer can be unique when all the tracked things are added together. The items on the list were ones I never would have thought were being used behind our backs to identify us. Fonts? Display Settings? I guess it all adds together to make us unique. Techno-DNA?

    I also tried various setting in Safari and re-tested. The results were the same each time. If Apple can't make us private, it seems that no one can.

    Panopticlick also showed Supercookies in DOM LocalStorage and DOM SessionStorage. If I could find those on the computer, I'd delete them, the assumption being that DOM LocalStorage is not cleared after the browser history is deleted.

    It would be interesting to take 2 fresh-from-the-factory computers on the same network and try the test.


    Next, I'll experiment with some of the privacy extensions (if I can figure out which ones are safe and which ones are trackers in disguise). It will be interesting to return to Panopticlick and test again.

    For fun, I went to a web site, via a DuckDuckGo search, that sold snow throwers. It had an ad on the side for replacement windows. As an experiment, I clicked on it. When I returned to the snow thrower selling page there were a bunch more window selling ads now specifically mentioning the Detroit area. I'll bet that if they wanted to, they could narrow it down to my particular house. (PS: I'm sticking with my 30 year old shovel. It doesn't track me, just makes me tired!)

    Next, we can wonder about all the RFID tags we are wearing and near field scan chips that we are carrying in our wallets. And my dog's ID chip...

    Other than finding it quite rude, I suppose most of this tracking is harmless. If a vendor wants to track me visiting "Egg Plant Recipes" or "Size Large Cotton Pocket Tee Shirt", have fun! But if bad guys track our bank account private stuff- Yikes!

    I'm on a mission to stop as much of this tracking as possible, maybe more for the education than the privacy- since privacy seems hopeless.
    Step one sounds like it should be a trusted VPN- at least for banking.

    Ditching all Google stuff, as Jake mentioned earlier, certainly should help. I do have Android, so Google is built into the OS. I'll be sure to (try to) get the phone data and its Google account off this computer- if that is even possible.

    I have the computer on the router's main network and our phones and televisions on a guest network. I'm curious if somehow by using the phone on our guest WiFi, Google or someone can link it to our real WiFi network. And there is no doubt that the TV tracks the heck out of us. There sure are a lot of obviously targeted ads when I stream Green Acres reruns.

    It sure is a project protecting what is ours!

  4. #19
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    krs's Avatar
    Member Since
    Sep 16, 2008
    Posts
    1,279
    Rep Power
    12
    I tried panopticlick with Brave and ended up with this mess:

    Screen Shot 2019-11-24 at 7.42.51 PM.jpg

  5. #20
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    krs's Avatar
    Member Since
    Sep 16, 2008
    Posts
    1,279
    Rep Power
    12
    Mac became really unresponsive.
    So I ran Malwarebytes just in case - but it came up clean.

  6. #21
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    pm-r's Avatar
    Member Since
    Oct 16, 2010
    Location
    Brentwood Bay, BC, Canada
    Posts
    12,526
    Rep Power
    20
    I tried panopticlick with Brave and ended up with this mess:
    Hmmm...??? Back to the drawing board for a decent browser for you to use I guess.. ;-)


    - Patrick
    ======

  7. #22
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    krs's Avatar
    Member Since
    Sep 16, 2008
    Posts
    1,279
    Rep Power
    12
    Maybe I should go back to iCab.

    It did just as well as Brave in this test and seems to be quite fast - the app is only 16.8 MB

    iCab test_800.jpg

  8. #23
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    macgig's Avatar
    Member Since
    Mar 15, 2006
    Posts
    1,037
    Your Mac's Specs
    2015 Retina 4k iMac. Mojave. 8GB RAM
    Blog Entries
    1
    Rep Power
    14
    if you want to learn more about cyber security from an expert, this guy is the man. 4 courses are $50. best $50 I ever spent. This guy covers everything... over 50 hours of video, lifetime access. free certificate of completion. this is not a affiliate link so I get paid nothing for sharing this... I just feel strongly that every mac user can benefit from this course... regardless of your skill level you will learn something.

    The Complete Cyber Security Course! - Station X | The StationX Cyber


  9. #24
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    PGB1's Avatar
    Member Since
    Dec 05, 2008
    Location
    Detroit
    Posts
    544
    Your Mac's Specs
    2007 Mac Book Pro 2.2 Ghz 4 GB RAM SSD OSX 10.11 & 2006 MBP Stuck At 10.6.8
    Rep Power
    12
    Thanks for the link to StationX Cyber, Macgig. It seems to be well worth looking into.

    Your iCab result looks a whole lot better than my Safari results, KRS -
    Safari Set To: Private Browsing with DuckDuckGo extension. Preferences are set for Cookies from web sites I visit only.

    Safari also shows No Extensions, but I have at least the DuckDuckGo extension. I don't know what others are hidden in here somewhere (none that i've added). There isn't a setting I have found for blocking ads, so I guess that is wide open. Also it's set for Never Save Passwords for any site.

    Opera Browser with Private Window gave identical results as Safari.

    Panopticlick screen shots for Safari are attached. The fingerprint entries with white rectangles, I blocked out.

    Then I went to Safari - Preferences - Privacy - Manage Website Data. There are a zillion entries for trackers on the computer. Ironically, one is called "Do Not Track". So much for all of that "privacy" stuff. Even Twitter & Facebook are tracking, although I've never been to either domain.

    When I opened Opera it went to a page telling me that Yahoo, Verizon and Google will track me and supply my data to "partners". It had a link to Opt Out, but the link was in German. I translated as well as I remember how and there was absolutely no place to opt out. Greedy, greedy, greedy.

    It will be interesting to try other browsers, such as iCab that KRS mentioned and repeat Panopticlick.

    It is quite amazing how little privacy we have in the Connected World.
    Attached Files Attached Files

  10. #25
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    PGB1's Avatar
    Member Since
    Dec 05, 2008
    Location
    Detroit
    Posts
    544
    Your Mac's Specs
    2007 Mac Book Pro 2.2 Ghz 4 GB RAM SSD OSX 10.11 & 2006 MBP Stuck At 10.6.8
    Rep Power
    12
    This entry isn't related to a browser privacy, rather to tracking and privacy- so I'm writing it separately. I think you all might find it interesting:

    My bride of over 30 happy years is turning 65 next month, thus newly eligible for Medicare (senior health insurance) in the United States, where we live. Her iPad has been receiving pop ups and e-mails about Medicare plans from private vendors. No surprise there. She goes on Facebook & shops and I'm sure they all sell her stuff.

    But...

    Her phone has been getting text messages & voicemails for Medicare supplement & advantage plans. (These are private vendors, not the government.)
    They are surprisingly personalized: "Hello Grace-Marie, here are your supplement plan links..." or "Grace- Marie, you're soon eligible for fill it in Medicare Advantage plan".

    These messages are quite a surprise- especially the personalization, complete with her name. They also apparently know her birthdate.
    My wife doesn't even use her full, real name on any documents- not even Social Security or Secretary of State. The Marie half of her first name never appears anywhere. She's never been in the military, or worked for the government, so that's out. (Social Security & the IRS know her birthdate by law, but not her real first name. And I am certain they are not selling her data.)

    Why Am I So Surprised?
    1) My wife has an AT&T "Go Phone". It has no contract. The only paperwork was to pay for it & get a telephone number (in my name, not hers). The was several years ago.
    2) The only person or entity having this phone number is me. She absolutely, positively guards this phone number like a dog guarding a steak. (She uses our home phone instead, and uses it very rarely. The home phone service is in no way linked to the cell phone. It's Ooma in my name and on my company credit card.
    3) Her name appears nowhere on any AT&T paperwork. She just, plain does not exist to AT&T. (Nor to any other cell carrier)
    4) Anything related to the phone is in my name, but nothing else. No address, no personal data- nothing.
    5) The payments are with my company credit card- again no name.

    6) Her phone number is not even in my computer or phone's Contacts list. It's just on a piece of paper in my wallet.
    7) My wife has never even set up a Google account for the phone or linked the phone to anything, so Big Daddy Spy is out.

    8) She has never, ever turned on Location nor WiFi in the history of having a cell phone. Actually, the only app on the whole phone that she has opened is the one you open to make a phone call. She's not opened Messaging, but sees the messages on her home screen automatically. (Android 5.?)

    9) She has never texted anyone, nor has she opened a text message. (Or deleted them.)

    10) She has never even taken the phone out of the house when it was on, or turned it on while out of the house.
    11) No one has her number except me. No One! (At her request) She only has a "car phone" at my insistence.
    12) She's never used the phone to check voicemail. I use the home phone dial in for her so I can press "7" a billion times to delete bunches-o- messages.

    13) The entire history of the time that my wife has had this phone she has made exactly 5 phone calls. All were to my cell phone. She's received 3- each from my cell phone.
    She's never cleared History, so that one was easy for me to figure out. It's also on AT&T web site when I add money to her phone. (One has to add money every 3 moths even if the phone wasn't used. She's got a huge pile of minutes stored up.)

    I thought that perhaps the call to my cell phone were the weak link, but it would only show the caller and callee are the same person.

    14) My wife has no contacts in her address book on the phone & no contacts in her address book on the computer nor iPad.

    All she knows how to do, or cares to know, is to turn it on, enter the unlock the PIN, get to the Dial Pad & dial a number (or answer a call).

    I would love to figure out how these vendors found not only this quite guarded phone number, but my wife's name and age. It will be interesting to learn (and unsettling, I'm sure).
    Last edited by PGB1; 11-28-2019 at 10:18 AM.

  11. #26
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    MacInWin's Avatar
    Member Since
    Jan 01, 2009
    Location
    Winchester, VA
    Posts
    7,284
    Your Mac's Specs
    MBP 15" Mid 2015, iPhone 11 Pro, an iMac, plus ATVs, AWatch, MacMini
    Rep Power
    28
    You have her in your contacts list? Then that is the vector for them to find it. And if you have her birthday in the contact list...

    There are a number of ways for your contact list to get into the internet. Facebook, for example, accesses your contacts list and mines the data so that they can link you to your "friends."

    So it's not what SHE has done, but what YOU have done, or your children (if any) or friends (if any) or acquaintances (if any) have done. Once it's out, the rest is easy.
    Jake

  12. #27
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    IWT's Avatar
    Member Since
    Jan 23, 2009
    Location
    Born in Scotland, Worked in Scotland then England, Now live in Wales
    Posts
    6,171
    Your Mac's Specs
    iMac 5K Retina 27", August 2019, 3.6GHz Intel Core i9, Memory 32GB, 2TB SSD, macOS Mojave 10.14.6
    Rep Power
    21
    PGB1 said
    Her phone number is not even in my computer or phone's Contacts list. It's just on a piece of paper in my wallet.
    Ian
    Ian

  13. #28
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    MacInWin's Avatar
    Member Since
    Jan 01, 2009
    Location
    Winchester, VA
    Posts
    7,284
    Your Mac's Specs
    MBP 15" Mid 2015, iPhone 11 Pro, an iMac, plus ATVs, AWatch, MacMini
    Rep Power
    28
    Ian, it has to be somewhere. Somewhere in the internet her name is associated with that number. Some friend she trusted with the number, some place he trusted to have that number, maybe the AT&T account, bank, anywhere. They don't make this stuff up out of thin air. He says he's texted her, that could be the link. Could be their network service, or whatever the phone is linked to. Assuming she has ever travelled out of the home with the phone, it could be that she connected to a non-AT&T tower and the phone was listed. And even if she hasn't, if the nearest tower has ever had an issue and the phone connected through a different tower, that could be it. Or if her phone ever connected to the WiFi in the house. The situation described by Paul is simply impossible. There was, or is, some link between her name and that number, otherwise the texts are not possible. Something he and/or she has long forgotten that they did, but the internet never forgets. And the phone OS is Android, so it's reporting to the mothership everything ever done on that phone. Put together that he has texted and called her, Google knows that (through Android), and Google knows he is married to her (public record). And if he has an Android phone, too, Google knows who is in his contacts, including maybe her. Not much to deduce that this phone is for her, and even if it's for him, no harm in selling the information to health care providers as if it were hers. They send a text using the name for her they have on record, kind of like getting junk mail (which I did when I got to that point myself, way back when). Birth records are public, so every person getting into the age window for Medicare gets contacted. Bingo...she gets email that looks like it's to her, when it's a fishing expedition based on the logic Google had.

    It doesn't take much to build a profile.
    Jake

  14. #29
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    IWT's Avatar
    Member Since
    Jan 23, 2009
    Location
    Born in Scotland, Worked in Scotland then England, Now live in Wales
    Posts
    6,171
    Your Mac's Specs
    iMac 5K Retina 27", August 2019, 3.6GHz Intel Core i9, Memory 32GB, 2TB SSD, macOS Mojave 10.14.6
    Rep Power
    21
    Totally agree, Jake. Frankly, it comes as no surprise to me. My guess (and remember I'm not acquainted with US medical customs), is that Medicare, or similar, have access to DOB and medical records via Family Doctors or hospitals.

    Ian
    Ian

  15. #30
    A Web Site Mysteriously Knows Who I Am & Details About My Last Visit. Scary!
    MacInWin's Avatar
    Member Since
    Jan 01, 2009
    Location
    Winchester, VA
    Posts
    7,284
    Your Mac's Specs
    MBP 15" Mid 2015, iPhone 11 Pro, an iMac, plus ATVs, AWatch, MacMini
    Rep Power
    28
    Ian, what the topic is about is Medicare supplemental insurance, which is provided by private insurer's to cover what Medicare doesn't. So the texts are not from the Government or Medicare, but insurance companies. They buy the information from Google (and other sources) to sell to folks as they near the age to receive Medicare, and every November/December when the options open again. The government has all that data, but doesn't sell it. Google assembles it, applies analytics and forensics to it and sells it to the insurance companies. It is hard to be "hidden" today.
    Jake

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. A very scary story
    By IWT in forum Schweb's Lounge
    Replies: 4
    Last Post: 07-31-2017, 02:23 PM
  2. This is a scary tale...
    By cptkrf in forum Schweb's Lounge
    Replies: 18
    Last Post: 08-07-2012, 10:00 PM
  3. Scary Wallpaper
    By jmullenberg in forum Schweb's Lounge
    Replies: 0
    Last Post: 10-28-2008, 09:47 PM
  4. Is This Scary - or What?
    By hughvane in forum Schweb's Lounge
    Replies: 6
    Last Post: 10-25-2008, 05:55 PM
  5. G5 mysteriously sleeping
    By zzlaz in forum Apple Desktops
    Replies: 3
    Last Post: 02-03-2005, 09:37 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •