Internet security/checks

I just came to Linux recently and my goal is to be as private as possible. This means my searches on internet wouldn't generate advertisements on my phone. I don't want anyone talking to anyone else across my platforms except what I allow.

Bearing that in mind, I've got Zorin Pro 16.3 and banished windows from my computer. I use Firefox as my browser and mostly Brave as my search engine. I have google still on my Samsung Galaxy phone and my smart Samsung TV that's about 5 years old now.

I use YouTube on my computer and watch it on my tv. So because I have an account, to sign-in only, it brings up my videos on my tv after I've been on my computer. At least I'm figuring that's how it links the two together.

Recently, I searched on Brave for additional fonts I can install for Linux. Then today I go to my tv and after accessing Youtube one of the videos it recommended (and never before have I seen it) was a video about downloading additional fonts for Linux.

What would connect my computer, without anything google on it, and my tv.

When I set up Firefox I even went into the additional tool Firefox has to customize things and removed any google name I found.

I use Riseup and I don't work in any clouds.

My router is a Gateway router from AT&T and there's a page I can go to to set anything I want. I left the settings as they were. I hardwire my computer via a DSL line when I'm online. On my computer I have turned the WIFI off and Bluetooth is disabled.

My HP printer's info is being read via WIFI for info because I'm set up with Instant Ink. With my current setup they said they can see my printer and that it's active and counting pages like it's supposed to. When I use my printer I have to hardwire it via the port in the back.

Any ideas, suggestions, thoughts? Even if you think "well it was a fluke" please indulge me and my hypothesis about Youtube knowing my search results.

I watch internet activity closely. My last year with windows/google I fought them and avoided the top heavy, structured online computer experience windows thought I must and will follow. I stopped using their signins, etc., started using more secure search engines.....more and more I would find it increasingly difficult to do everyday tasks because a road block would be put in my way. Towards the end my bookmarks disappeared (hundreds) and after having an account with them for 20 years, and in order for them to get them back, they didn't know who I was. Months later I got my bookmarks back. The latest was all of my icons in my bookmarks were wiped out. They do and did everything they could to remind me it wasn't really my computer, they were in control of it and would govern if it was a pleasant experience or not.

Thanks for allowing me my gripe session! I want to dot my i's and cross my t's with Zorin and try to get everything set up right so I don't have to worry about what I worried about with google.

Youtube is owned by Google. You can even see the transition line when ownership went to Google and the advertising on it increased dramatically.

Your location is your direct link. When you connect using the Ethernet, you are still connecting from Your Router at Your Location.

I experience this as well, where my sons searches of the web influence the advertisements that I get.

The unpleasent truth is that there are a myriad of factors that big companies like Google use and take advantage of for tracking people around. One of the most powerful is browser fingerprint which makes you stand out based on things like your browser window size, monitor size, specific hardware rendering artifacts, plugins installed, OS... using a VPN in order to hide your true identity is only one tiny bit of the puzzle.

It's also possible to infer certain information about a particular person based on pre-existing data, so there are no guarantees that stopping using Google's services will have an immediate effect either.

If your devices can be voice-controlled it means they have to listen to whatever is happening around them. Whether this information is later used for whatever other purpose or not, we will never know for sure. But you can be sure that there's a pretty big incentive to do exactly that, with very little chance of getting caught... and the punishment for it is laughable at best.

Firefox by default sends everything you type on the address bar to your default search engine, even if you don't actually end up submitting your query. If you typed something related to fonts before changing your default search engine from Google to Brave, it may have leaked. In addition to using a different search engine, you can explicity disable using the address bar as a search bar, by simply enabling the actual search bar.

When you visit websites or download files, Firefox sends this information to Google in order to verify they are safe. If you downloaded your fonts from a website, this may have been picked up as well by Google. Supposedly, all of this is very private and Google will deny ever using this information for their own benefit, but then again Google is not very trust worthy at all.

You mention you have a Samsung phone - you could see if there is an image available for your model at the e foundation:

It's why I bought a Fairphone from the e.foundation - my data is my data - which greets you when you turn on the phone. I also have Canon taking note of what I print. It needs to be connected to the internet for firmware updates.

If you don't mind not seeing images, then run Icecat browser which automatically blocks sites from infesting your machine with Java Script - biggest security vector issue for any OS. This is why I don't post images to the Cloud as pointed out to me on the Devuan forum so if I have issues with Devuan or wish to post images of what the current Devuan desktop looks like I use image.BB.

In terms of search engine, I used to use DuckDuckGo, but now I have ditched that in favour of https://www.mojeek.com - add it to Firefox, then make it the default search engine and remove Google, Bing, eBay etc. The other thing is to turn off analytics in Firefox:

image1920×1080 188 KB

I don't use VPN which is like trusting your keys for your house with a neighbour you know nothing about. i don't encrypt any of my drives as you increase the risk of data loss.

Check out pages 127-131 of the unofficial manual for Zorin 15 I wrote. As well as rkhunter you could also install chkrootkit in respect of security:

You should also consider installing Timeshift whch takes regular snapshots as often as you want snapshots to be taken so if something goes wrong you can boot Zorin in advanced mode, drop to a terminal with Root privileges and run:

timeshift --restore

If you wish to save timeshift snapshots to an external device you must format the device as the same file system used by Zorin, Ext4. Always create external backups when offline to prevent against ransomware threats.

Other things to consider are email accounts. I use Proton mail mainly for financial stuff and e.email (from the e.foundation) and use Evolution (instead of Thunderbird as this also has Google embedded into it), as my preferred email client. I use e.cloud.global for my cloud storage and unlike most cloud storage providers, the servers are based in Norway and use the latest Nextcloud technology.

As far as the Windows / MS account stuff - I know recently they started this thing where as you install, it reauires a net login from their stuff; easy workaround. When it asks you for the username and password, type no@thankyou.com - password: whatever you want - it'll give you an error and then take you to the local account setup That's just for that though..

For internet stuff, filtering and all - what DNS are you using? You can set a different DNS other than your ISP to have better ad filtering or better protection against DNS poisoning (highly unlikely, but still happens!) and tracking. I use Cloudflare public DNS: 1.1.1.1 and 1.0.0.1 - there is another option, better ad filtering, almost all of them. But, when I try to watch certain things on Hulu or Vudu, they won't load.. a little too good haha - it's calld AdGuard: 94.140.14.14 and 94.140.15.15 are their public DNS servers. Either Cloudflare or AdGuard can be set for local machine use, or on your router for all LAN traffic.

Another thing you could do, depending on your router version and model - instead of running the stock firmware, switch to OpenWRT. That's what I use on my Linksys router; it is way, way better now; 5.10 Linux kernel too! But, the coolest thing I think with having that flashed vs stock firmware - you can install extras like ad blockers and more. There is tons of software to install too,

There is indeed yet another option available (free) - PfSense! Though, you'll need some hardware, so not completely free. But, easy to build one out - have heard some running off a Raspberry Pi, just need a second Ethernet port..

If those are not an option though, I'd say switching DNS servers would greatly reduce the tracking in general. I have a free VPN on my Linux machines called RiseUp VPN - community driven, donations for support. You get some servers to choose from; works pretty well! They have an Android port too; not sure about apple though.

@swarfendor437 Second the de-Google-ing and DuckDuckGo! I'm waiting for VoLTE to become active on Ubuntu Touch so I can use that instead of Android patiently haha

I don't get any advertisements, on the computer, on YouTube, on the phone... nowhere.

I run a de-Google'd Android 12 phone from /e/Solutions (Murena Teracube 2e Emerald). They've got a Murena 2 out now... in the future, I'll upgrade to that.

I use the SRWare Iron browser (it's basically Chrome with all the corporate spyware neutralized). I use the uBlock Origin ad-blocker. I've set the browser to destroy all cookies and stored data when a tab is closed... it's less convenient in that I have to manually sign in each time, but...

I use qwant.com as a search engine.

I tend to avoid YouTube, preferring Rumble, but sometimes what I want to learn about isn't on Rumble.

That won't work with Comcast, they still hijack unencrypted Port 53 DNS requests and redirect them to the Comcast DNS servers... that's why I was trying so hard to get DoH (DNS-over-HTTPS) set up under Zorin OS... alas, I could only get it to run if I started it manually (and it was glitchy to boot). If it started automatically, it wouldn't resolve IP addresses. I'm not sure what the problem was, but I gave up on it.

I use Proton mail also. I did install Timeshift just the other day. I'm going to check out the chkrootkit and see what my analytics are set at in Firefox.

Another search engine that nobody mentions and I've used them for at least 15 years is Dogpile. They give results that aren't biased and they're a little known secret. I have my search set as default. Any time I see the word google, bing, yahoo I wipe it out including my search engine choices.

I see cloudflare in Synaptic software but which one? And, is it self explanatory after installing it?

Correction about Windows install, specifically Windows 11. Disconnect from internet allows you to install without having to setup a Microsoft account. I know this from finding answer on MS Community when updating eldest's PC.

Wow - that is interesting apparently they put out a statement on DoH but, that was second quarter 2020.. Are you able to use VPN's?? Jw if VPN use is affected or not.. definitely don't have any input on that lol

(edit) I just noticed something - were you talking about setting the DNS on your machine, instead of using the one in the router? Wondering if that would make a difference setting DNS in the router rather the machine..

@imakeyper - I didn't know that! If that's the installable DNS client, maybe; I haven't tried it to know anything about it though. I just have their public DNS IP's set in my router to use in place of my ISP ones all traffic on my network goes through that DNS - good for gaming too, better speeds (apparently).

There are some political issues around qwant which is why I stopped using it.

So I only use mojeek search engine even in Tor Browser.

Maybe a difference in full install vs update? I know using the obscure email / password works with both 10 and 11 install from USB.. it used to be, call CMD with Shift+F10 and running a command to bypass it - but of course, that's out too now lol I'll keep that in mind though - whenever the next 10/11 install is haha I'm all but completely not using Windows now - just a few apps that won't run in Wine, and that's it. Very proprietary OBDII flashing software..

I read that cloudflare is also a tracker.

Quad9 looks appealing:

Wow, thanks for that. Time to go looking for another search engine.

Guess it depends on who's writing the article! That one says Cloudflare is top, Quad9 second thought that was ironic.

But yeah, I'm assuming if not stated - they track in some way. I read for public Cloudflare users, 24hr cap on data storage and they don't sell / give out info to other parties. But, just what they said - I can't speak on their behalf lol hopefully true though! I'm sure that is a configurable item with a subscription. They're all pretty decent in their own ways - caveats with all of them as well, I've noticed. Location kinda steered me away from some - either high latency or no connection lots of trial and error here lol

Yes, I'm guilty of that too. I did look at some free DNS servers a while back and have lost the link but had issues getting them to work. Good article here:

Wow I'm going to have to do some homework with all this info.
Just the mere fact that there is so much info, contradictory, conflicting articles, etc. shows how microsoft/google/windows makes a mess of everything. They like it that way too!
As for Windows 11 info, I don't trust them no matter what they say. Were they crossing their fingers when they gave out this info? They probably have your info covered in so many other ways like google connection and all they don't need to bother anymore.

Privacy is important, but a big rabbit hole, be careful not to get sucked into it! Sometimes is best to just go with the flow... If you want to learn more, I recommend this website:

A lot of good recommendations, useful information (including for DNS services) and they also have forums if you want to ask questions or review discussions.