Team-BHP > Shifting gears > Gadgets, Computers & Software


Reply
  Search this Thread
22,244 views
Old 30th November 2021, 09:02   #61
BHPian
 
Join Date: Jun 2015
Location: Hyderabad
Posts: 85
Thanked: 281 Times
Re: Protecting your online privacy & user data

Quote:
Originally Posted by earthian View Post
I was looking at the doosra website Seems interesting.

So do we give all e commerce sites and banks also the doosra number?
I wouldn't suggest using it for the banks as sometimes you have to call from registered mobile number. However, you can use it on anyother website. I'm personally using it for the below;

1) Uber
2) Ola
3) Zomato
4) All offline shopping stores
5) All websites which requires phone number for accessing content like policy bazaar and few others.
6) What's app and telegram are registered on this virtual number.

Also, if someone calls you back, you can securely call them from the app without revealing your actual number.
atulsian is offline   (1) Thanks
Old 30th November 2021, 09:11   #62
BHPian
 
earthian's Avatar
 
Join Date: Jan 2016
Location: Ahmedabad
Posts: 611
Thanked: 2,123 Times
Re: Protecting your online privacy & user data

Quote:
Originally Posted by atulsian View Post
I wouldn't suggest using it for the banks as sometimes you have to call from registered mobile number.
Sorry to be such a pest. But i need to understand. What prevents us from giving banks the 'doosra' number as the "registered " number?
earthian is offline  
Old 30th November 2021, 09:17   #63
BHPian
 
Join Date: Jun 2015
Location: Hyderabad
Posts: 85
Thanked: 281 Times
Re: Protecting your online privacy & user data

Quote:
Originally Posted by earthian View Post
Sorry to be such a pest. But i need to understand. What prevents us from giving banks the 'doosra' number as the "registered " number?
Np. UPI apps like phonepay or gpay will not work as they require physical sim to send the initial sms. If you are not using UPI payments, then you can go ahead and share the number with the banks.
atulsian is offline   (2) Thanks
Old 30th November 2021, 16:33   #64
Team-BHP Support
 
Chetan_Rao's Avatar
 
Join Date: Jul 2010
Location: Bangalore
Posts: 5,833
Thanked: 23,956 Times
Re: Protecting your online privacy & user data

Quote:
Originally Posted by earthian View Post
...What prevents us from giving banks the 'doosra' number as the "registered " number?
Quote:
Originally Posted by atulsian View Post
...UPI apps like phonepay or gpay will not work as they require physical sim to send the initial sms. If you are not using UPI payments, then you can go ahead and share the number with the banks.
It's not just UPI. Registering for a bank's app itself needs an outgoing SMS during setup (that's how banking apps currently validate registered numbers), and assuming one can't have two registered numbers with the bank, this method means no banking apps will be usable with this virtual number registered with the bank. Incoming alerts & OTPs will work fine.
Chetan_Rao is offline   (3) Thanks
Old 30th November 2021, 16:49   #65
Senior - BHPian
 
Join Date: Dec 2008
Location: Bangalore
Posts: 3,530
Thanked: 5,474 Times
Re: Protecting your online privacy & user data

Quote:
Originally Posted by Chetan_Rao View Post
It's not just UPI. Registering for a bank's app itself needs an outgoing SMS during setup (that's how banking apps currently validate registered numbers)
This is probably because many bank apps are also UPI apps (eg: Citi's gives you a mobile@citi VPA). These implementations are not very user friendly so I guess hardly anyone uses it.
binand is online now   (3) Thanks
Old 3rd December 2021, 01:04   #66
Senior - BHPian
 
Poitive's Avatar
 
Join Date: Apr 2011
Location: 3rdRockFmTheSun
Posts: 1,224
Thanked: 2,818 Times
Re: Protecting your online privacy & user data

Quote:
Originally Posted by atulsian View Post
1) Running ad blocking software at router level (pfsense). All devices are ad free now including ads on hotstar.
This sounds good.
  • Have you faced any issues with sites/apps breaking due to this firewall/adblocker?
  • If yes, how easy is it to rectify the situation from the phone itself?

Quote:
Originally Posted by atulsian View Post
I'm using the below provider.

https://www.doosra.com/

They allot a random mobile number which you can share with others.
benefit
Seems interesting.

Would this have any significant privacy benifit over using a spare sim slot with a cheap prepaid number, say from MTNL (approx Rs 1.1k p.a.)?

It intuitively feels more safe, and has some other benifits. A spare sim slot, of course, is needed.

Thanks for sharing
Poitive is offline   (3) Thanks
Old 3rd December 2021, 07:42   #67
BHPian
 
Join Date: Jun 2015
Location: Hyderabad
Posts: 85
Thanked: 281 Times
Re: Protecting your online privacy & user data

Quote:
Originally Posted by Poitive View Post
This sounds good.
  • Have you faced any issues with sites/apps breaking due to this firewall/adblocker?
  • If yes, how easy is it to rectify the situation from the phone itself?


Seems interesting.

Would this have any significant privacy benifit over using a spare sim slot with a cheap prepaid number, say from MTNL (approx Rs 1.1k p.a.)?

It intuitively feels more safe, and has some other benifits. A spare sim slot, of course, is needed.

Thanks for sharing

If any site or app doesn't work, I just login in to my portal, filter it by the IP and whitelist it. Did the same for Amazon app as it was not loading. I'm using a curated list and as such there are very few sites which I've to whitelist. Alternatively, you can use nextdns for adblock. Please let me know if you need any help on setting it up.


True. This service helps me control who can call me so that my phone doesnt ring at odd times. This is not possible when you are using a physical sim. If I activate the call blocker, all calls are diverted to a voicemail. I can control the call blocker based on time, location or permanently on.
atulsian is offline   (1) Thanks
Old 3rd December 2021, 15:45   #68
Senior - BHPian
 
Poitive's Avatar
 
Join Date: Apr 2011
Location: 3rdRockFmTheSun
Posts: 1,224
Thanked: 2,818 Times
Re: Protecting your online privacy & user data

Quote:
Originally Posted by atulsian View Post
If any site or app doesn't work, I just login in to my portal, filter it by the IP and whitelist it. Did the same for Amazon app as it was not loading. I'm using a curated list and as such there are very few sites which I've to whitelist. Alternatively, you can use nextdns for adblock. Please let me know if you need any help on setting it up.
Thanks for offering the help, atulsian . Might bother you after doing further reading, as otherwise I might have way too many questions.

I have been using system-wide blockers on my Androids, and browser-wise on my PCs. Browser wise, as aggressive blocking breaks some sites.

To start with:
For solutions like pfsense, does one have to buy another comparable router, or one flashes the one one already have (do ISPs allow this for routers they provode?), or is there another device one needs to have in the system to do the filtering.

Quote:
True. This service helps me control who can call me so that my phone doesnt ring at odd times. This is not possible when you are using a physical sim. If I activate the call blocker, all calls are diverted to a voicemail. I can control the call blocker based on time, location or permanently on.
True. Both approaches have their pros and cons. Finding an app which offers sim wise call blocking with further controls might be a good balance. Don't know if any exist.

There is also the added issue of blocking calls from the likes of delivery agents of Amazon/Swiggy etc, as it is often needed.

At times I wonder if a different number is viable and even helpful for privacy in a practical way. From the convenience perspective one could have a number to be distributed to all and sundry which is kept silent, and one for a select group (close family+friends and key work related people).
Poitive is offline  
Old 3rd December 2021, 21:00   #69
BHPian
 
Join Date: Jun 2015
Location: Hyderabad
Posts: 85
Thanked: 281 Times
Re: Protecting your online privacy & user data

Quote:
Originally Posted by Poitive View Post
Thanks for offering the help, atulsian . Might bother you after doing further reading, as otherwise I might have way too many questions.

I have been using system-wide blockers on my Androids, and browser-wise on my PCs. Browser wise, as aggressive blocking breaks some sites.

To start with:
For solutions like pfsense, does one have to buy another comparable router, or one flashes the one one already have (do ISPs allow this for routers they provode?), or is there another device one needs to have in the system to do the filtering.
For pfsense, you can use your old laptop or PC and add a nic to run your own router. As routers cannot run pfsense. You have to look for custom firmware like openwrt.

Most of the ISP provided routers aren't capable of running custom OS like openwrt or any other OS for that matter.
atulsian is offline   (1) Thanks
Old 3rd December 2021, 21:13   #70
Senior - BHPian
 
Poitive's Avatar
 
Join Date: Apr 2011
Location: 3rdRockFmTheSun
Posts: 1,224
Thanked: 2,818 Times
Re: Protecting your online privacy & user data

Quote:
Originally Posted by atulsian View Post
For pfsense, you can use your old laptop or PC and add a nic to run your own router
Thanks again. This saved me a lot of reading time. It would be major overkill and too much effort for my use case. Also considering I already have a fairly functioning system in place already, though not at router level and doesn't take care of Android TV/Box apps like Hotstar advertisements etc (which is what in your earlier post attracted me)

When on the comp, will share what I have tried and use for my devices, in case it helps others.

Edit: I've been hearing about pi-hole. I suppose it is a somewhat similar added PC based system. Is it?

Last edited by Poitive : 3rd December 2021 at 21:15.
Poitive is offline  
Old 3rd December 2021, 21:42   #71
BHPian
 
Join Date: Jun 2015
Location: Hyderabad
Posts: 85
Thanked: 281 Times
Re: Protecting your online privacy & user data

Quote:
Originally Posted by Poitive View Post
Thanks again. This saved me a lot of reading time. It would be major overkill and too much effort for my use case. Also considering I already have a fairly functioning system in place already, though not at router level and doesn't take care of Android TV/Box apps like Hotstar advertisements etc (which is what in your earlier post attracted me)

When on the comp, will share what I have tried and use for my devices, in case it helps others.

Edit: I've been hearing about pi-hole. I suppose it is a somewhat similar added PC based system. Is it?
If you have android box and watch hotstar over the box, then you can block ads. You may have to sideload app to block ads.

Pihole is what I use when I'm away from my home. Pihole is self hosted on a virtual server or at home on raspberry Pi or any other device. You can get a pi ( even the cheapest model) and install pihol and use the internal IP as your dns.
atulsian is offline   (1) Thanks
Old 3rd December 2021, 22:50   #72
Senior - BHPian
 
Poitive's Avatar
 
Join Date: Apr 2011
Location: 3rdRockFmTheSun
Posts: 1,224
Thanked: 2,818 Times
Re: Protecting your online privacy & user data

Quote:
Originally Posted by atulsian View Post
If you have android box and watch hotstar over the box, then you can block ads. You may have to sideload app to block ads.
Thanks. This should be simple enough.

Quote:
Pihole is what I use when I'm away from my home. Pihole is self hosted on a virtual server or at home on raspberry Pi or any other device. You can get a pi ( even the cheapest model) and install pihol and use the internal IP as your dns.
Though if I get down to it, I expect I'll be able to manage this, but the learning time spent for a non-techie like me might be way too much to justify. Right now, I don't even know where to source a Pi kit.

Thanks for all your help, @atulsian.

------------------
Next point
------------------

Quote:
Originally Posted by dark.knight View Post
If you're using a Google phone (Android), all keystrokes and searches on other engines are recorded too, Microsoft SwiftKey also records all keystrokes. DDG seems to be safe for now, but we have no idea what they're doing in the background.
(I'm a bit late on the thread)

Is this (recording of keystrokes) true even if one uses a third party keyboard without internet access in it's permissions?

Last edited by Poitive : 3rd December 2021 at 23:04. Reason: Merged a subsequent post as it was within 30 mins.
Poitive is offline  
Old 4th December 2021, 19:56   #73
Senior - BHPian
 
Join Date: Dec 2008
Location: Bangalore
Posts: 3,530
Thanked: 5,474 Times
Re: Protecting your online privacy & user data

Quote:
Originally Posted by atulsian View Post
For pfsense, you can use your old laptop or PC and add a nic to run your own router.
I use this one:

https://www.amazon.in/gp/product/B08BJQD4XY

It has dual NIC which is perfect for my purpose. I have it between my LAN router (a Netgear R7000) and the Airtel's ONT multipurpose Nokia device.

I just run a DNS-based blacklisting system. If a site doesn't work with the blacklist on, then I assume I don't need that site. Haven't yet needed to remove anything from the blacklist yet.

I also run OpenVPN on it and connect all my roadwarrior devices by VPN all the time. The Airtel 300 Mbps plan is brilliant that way.

Quote:
Originally Posted by Poitive View Post
Is this (recording of keystrokes) true even if one uses a third party keyboard without internet access in it's permissions?
Android by default grants Internet access to all apps. You can't turn this off.

Swiftkey earlier used to have an incognito mode that you could turn on and off at will. After the Microsoft takeover I believe it is gone? Anyway main thing, don't let it access your emails, and don't create an account. In general don't allow any of its features that it claims to help it "learn your typing style".

After WhatsApp pulled their stunt last January, I started off on a project of reducing my dependency on these information leeches. I had quit WhatsApp by end of that month (Facebook I already had, a long time before that), but Google has been very difficult to get rid of. Apart from the whole Android shebang, there are a number of Google products that are actually useful. Yet, over the past year, I have achieved the following:

1. Completely removed Google Chrome from my life, with little chance of going back. Now I have Firefox on all my computers and devices.

2. I search now with DDG, falling back to Google only when DDG's results aren't great (which is rare but not unusual).

3. Completely removed the Youtube app. Most of the videos I watch, I watch in Firefox while not logged in. If there is a video that I need to watch while logged in - an age controlled one, or one that is private, or one that I need to save to a playlist - I have an installation of Youtube Vanced on my phone.

4. Removed all other Google apps that I rarely if at all use - Duo, Meet, Gmail...

5. Most recently logged out of Google Pay and switched to the BHIM app instead. As a side benefit got a very nice VPA for myself (name@upi).

6. For emails - switched to a personal domain rather than Gmail. The domain is still hosted on Google Apps (I like the spam control) but I use various mail clients instead of the Gmail webapp or Android app. Migration from @gmail to @mydomain is still going on - it is rather painful because each site has a different procedure.

7. Still looking at how to get out of Google dialler (has call blocking facility), Calendar (aggregates my work & personal calendars and also various calendars of interest some of which I maintain and share with others), Maps etc.

Overall, I have taken some decent steps along the privacy route but still nowhere close to where I'd like to be.
binand is online now   (3) Thanks
Old 5th December 2021, 00:11   #74
Senior - BHPian
 
Poitive's Avatar
 
Join Date: Apr 2011
Location: 3rdRockFmTheSun
Posts: 1,224
Thanked: 2,818 Times
Re: Protecting your online privacy & user data

Thanks for the inputs, Binand.

Have many thoughts/questions. I hope they would not be bothersome. My understanding and information on such topics is highly erratic and may vary from highly aware to absolute noob.

Quote:
Originally Posted by binand View Post
I use this one:
This isn't available on Amazon anymore. I don't really feel the need for having a separate device, but in case you're aware: What is the cheapest device one could use for such filtering?

Quote:
I also run OpenVPN on it and connect all my roadwarrior devices by VPN all the time.
How does this work? When away from home, do your devices get routed though the internet to a device on your home, and then get routed to the site/server you're accessing? If so, does it impact speed significantly (especially ping time)?

Quote:
Android by default grants Internet access to all apps. You can't turn this off.
Someone pls answer this:
In their app permissions, some apps have "have full network access" and "view network connections" and a few do not. I thought the ones which did not, could not (at least directly) access the internet. Is my understanding incorrect?

Quote:
Swiftkey earlier used to have an incognito mode that you could turn on and off at will. After the Microsoft takeover I believe it is gone? Anyway main thing, don't let it access your emails, and don't create an account. In general don't allow any of its features that it claims to help it "learn your typing style".
There are keyboards which are perpetually in incognito mode. They do lack some features though. I suppose it is a matter of convenient features vs privacy.

Quote:
Completely removed Google Chrome from my life, with little chance of going back. Now I have Firefox on all my computers and devices.
I have (almost) never used Google Chrome in my life. Never beyond just installing it to test it. Have been a loyal user of Firefox and it's forks, however now even Firefox has been partly "infiltrated" by Google.

Off late, noticed that if Google's access has been blocked in the device, some regular sites do not work. I just got around to noticing and testing this, and it includes fingerprinting parts of Google. It appears to be the "amp" based sites (have typically been links on Google-searches). Even Netguard does not block them.

Quote:
Completely removed the Youtube app. Most of the videos I watch, I watch in Firefox while not logged in.
I have almost never used the Youtube App on my phone. It is removed in the first few steps of me setting up my phone. Also have almost never used Youtube signed in. Ever.

IMO, the algorithms/suggestions based on being logged in and one's profile can take one down a path to subvert one's mind and opinions, hence I really avoid it. Every now and then, also reset the app on my Android box to minimize that.

Quote:
Removed all other Google apps that I rarely if at all use - Duo, Meet, Gmail...
I suppose one would still be tracked if the other person uses Gmail, and that is a substantial percentage. Is my understanding correct?

Quote:
For emails - switched to a personal domain rather than Gmail. The domain is still hosted on Google Apps
Does this bypass their email scanning for keywords, and other privacy invasive approaches? I ask as I too have a couple of domains being used on Google apps.
Poitive is offline  
Old 5th December 2021, 08:55   #75
Senior - BHPian
 
Join Date: Dec 2008
Location: Bangalore
Posts: 3,530
Thanked: 5,474 Times
Re: Protecting your online privacy & user data

Quote:
Originally Posted by Poitive View Post
This isn't available on Amazon anymore. I don't really feel the need for having a separate device, but in case you're aware: What is the cheapest device one could use for such filtering?
This is your call. For my purposes I have been using a home server for decade+ now, and when the last (Alibaba-sourced Chinese no-name one) had a motherboard failure this was the best substitute I got. Its form factor was the best appeal to me, otherwise I was more or less resigned to building one myself.

Quote:
Originally Posted by Poitive View Post
How does this work? When away from home, do your devices get routed though the internet to a device on your home, and then get routed to the site/server you're accessing? If so, does it impact speed significantly (especially ping time)?
Yes. You can see the impact on speed and latency in these screenshots (the first one is with VPN on, second is with VPN off, both taken back-to-back). Latency is of course dependent on both ends, so I have chosen a site that is of particular interest to me this December.

Speed:

Protecting your online privacy & user data-speed.png

Latency:

Protecting your online privacy & user data-latency.png

Quote:
Originally Posted by Poitive View Post
In their app permissions, some apps have "have full network access" and "view network connections" and a few do not. I thought the ones which did not, could not (at least directly) access the internet. Is my understanding incorrect?
Here is how it works for Android. App developers have to declare upfront what all permissions they need. This list is then showed in the Play Store entry's Permission Details section. If you as an app developer do not declare a permission you will not get it (so presumably these apps that you talk of do not declare the INTERNET permission). And if you do not get it, you can't use that functionality.

Among the declared permissions, some Android grant automatically (INTERNET), some Android asks the end user whether to grant or not and some are denied automatically. There are some nuances here though - for example, apps that want READ_SMS permission have to demonstrate they are primarily SMS management apps (and are not asking for this just to read an OTP). Some permissions are marked "Signature" permissions and are granted (automatically) only for factory-installed apps. And so on...

Quote:
Originally Posted by Poitive View Post
Off late, noticed that if Google's access has been blocked in the device, some regular sites do not work.
As I mentioned previously - the reason we can't tell Google to stuff it is that they offer a host of actually useful products. For example they run a CDN for Javascript libraries which a lot of developers use. They offer one of the most popular captcha services (reCaptcha). And so on. If you block off Google, your web experience can be severely degraded.

Quote:
Originally Posted by Poitive View Post
I suppose one would still be tracked if the other person uses Gmail, and that is a substantial percentage. Is my understanding correct?

Does this bypass their email scanning for keywords, and other privacy invasive approaches? I ask as I too have a couple of domains being used on Google apps.
The UX and treatment are identical. The benefit is that when I'm ready I can simply change a DNS setting and cut myself free of Google (which is unlikely to happen, because of Google's superior spam control. But when a better spam control product arrives, I'm prepared). As far as tracking goes whether on @gmail or @mydomain the risks are the same. One benefit is that if Google for any reason suspends my email address my life will not be upended.
binand is online now   (1) Thanks
Reply

Most Viewed
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Copyright ©2000 - 2024, Team-BHP.com
Proudly powered by E2E Networks