Privacy Checkup Webinar
«Accept all cookies» is the first thing Internet users read on almost every website. Many users automatically agree – either because the dangers of tracking are invisible and the consequences hard to grasp, or because the alternative is deliberately designed to be cumbersome. But how does this affect privacy on the Internet? And how can users’ data and devices be protected? This webinar provides you with answers to these questions and practical solutions.
Recording
The webinar «Regain Privacy: How to Protect Your Data on the Internet» was held in collaboration with Threema on September 4, 2024. Oliver Parker, responsible for the Privacy Checkup at StarApps GmbH, hosted this live event.
To protect Oliver Parker's privacy, his voice was altered with a voice distorter.
Are you and your devices sufficiently protected?
Contact us for a privacy training. We are happy to prepare a non-binding offer and training tailored to your needs, target group, and budget.
Questions and Answers
General
Which providers and services are recommended?
On the Privacy Checkup website, we have compiled a list of current recommendations for different categories.
Can I ask further questions?
We are delighted by the interest and will be happy to answer questions on the topic. It is best to ask us your question via Mastodon or X so that other people can also benefit from the exchange.
How can I use this recording?
The recording is intended as a reference for webinar participants. The website may be shared with other private individuals. Downloading and distributing the recording and slides is not permitted, as they are the property of StarApps GmbH.
Cookies
Does rejecting cookies restrict the functionality of the website?
Can I selectively delete cookies?
Are there hidden cookies that can’t be deleted?
Which browsers are recommended?
Ad/Content Blocker
How can I protect myself against fingerprint technology?
In addition to cookies, other technical features can also be used to identify the device. To protect yourself effectively against fingerprint technologies, you need to install an appropriate browser. Our current recommendations are listed here: Privacy Checkup
Doesn’t blocking advertising harm the provider’s revenue?
Generally, advertising is okay if websites offer their services for free. Nowadays, however, ads are no longer only displayed, but a lot of data is collected in the background for further use or sale.
User Account
Does it make sense to use separate email addresses?
Using a different email address for each website prevents cross-website association. There are providers that allow you to create different email addresses. However, the privacy policy should be read very carefully. We recommend addy.io and SimpleLogin.
Can I object to parts of the privacy policy?
Normally, this is not possible. Only occasionally are there sections that allow you to object to the use of data for marketing or other purposes.
Which two-factor authentication apps are recommended?
We clearly recommend using the «Authenticator (TOTP)» method. This works across all websites, is independent, and can be used with various apps. We recommend Ente Auth and FreeOTP.
Should I use email instead of SMS for two-factor authentication?
Using email is better than using SMS. However, the aim of two-factor authentication is also that the authentication code is received on a different device and is therefore physically separated from the device on which you want to log in. This is usually not the case with codes sent by email.
Payment
What is the best payment method for online purchases?
If cash payments are not accepted, it is advisable to pay with a gift card, cryptocurrency, or prepayment/invoice. In most cases, the latter reveals the name and address.
What data does PayPal share with other companies?
This varies from company to company. An overview is provided by PayPal itself: list of third-party providers
Software Updates
How many security vulnerabilities does Linux or other software have?
The figures for the Linux kernel can be viewed here. On the CVEDetails.com website, you can also find figures for other software.
What is code execution, privilege escalation, and information leakage?
Code execution means, for example, that a website can execute unauthorized code on the device. Privilege escalation allows software to use administrator rights, for example, even though it does not have them. With information leakage, software can access more data on the device than permitted.
Passwords
Which password managers are recommended?
We have tested various password managers and included different aspects into the evaluation. Our current recommendations are listed here: Privacy Checkup
Isn’t diceware more susceptible to brute force attacks?
Ultimately, the number of possible combinations is what counts when attacking passwords. When creating a diceware password, a dictionary with 7,776 entries is usually used. The number of combinations is therefore much higher than with 94 available characters.
Networks
Can my neighbor track my activities if I use their router?
The router receives technical details of the connected devices and can also record data traffic. For example, details about the websites accessed can be read. The transmitted content cannot be viewed when using TLS encryption (https).
What data does my Internet service provider (ISP) see?
The Internet service provider can see when which websites were accessed or which services were used. In addition, data packets can be analyzed in more detail, allowing conclusions to be drawn about usage. Mobile service providers also receive the exact location of the device and other technical details.
Should I trust a VPN provider more than my Internet service provider (ISP)?
This question cannot be answered universally. The fact is that ISPs comply with local laws and therefore have to store metadata depending on the country. Reputable VPN providers are located in countries where no such laws exist. In addition, we are not aware of any Internet service providers that specifically claim to protect the data.
Which VPN providers and DNS resolvers are recommended?
We have tested various VPN providers and DNS resolvers and included different aspects into the evaluation. Our current recommendations are listed on Privacy Checkup: VPN Providers / DNS Resolvers
Should public networks be avoided despite today’s TLS encryption (https)?
Public networks are often not well protected and allow the provider and others to analyze the data traffic. Even if TLS encryption protects the content, metadata can be collected and analyzed. Public networks should be avoided or only used with a VPN.
What are the pros and cons of using Tor?
Tor routes data traffic via various servers and thus disguises its origin. It also prevents fingerprinting and reduces other metadata to a minimum. It can be useful for circumventing censorship and surveillance or for anonymous research. However, Tor slows down data transmission and is often blocked by websites.
Links
How can tracking parameters be recognized?
The naming of URL parameters can be very different on each website. In most cases, however, the name reveals the function. To avoid having to deal with this, we recommend activating the «AdGuard URL Tracking Protection» filter list in uBlock Origin.
What should I do if I have clicked on a malicious link?
A malicious link can theoretically infect a device. However, this is rather unlikely, and you will usually be redirected to websites that offer malicious software or ask for access. In this case, closing the website and deleting the cache is sufficient.
Check your Privacy Level
Find out how well you are protected against online surveillance, what the risks are, and what measures you can take to better protect yourself and your data.