I'm a developer, seeking a job in the woods

Go Ask Moonalice; I Think She'll Know OR Down the Rabbit Hole and What a Modern Luddite Found There

This is not an MRA post. I happen to like The Matrix and Alice in Wonderland for unrelated reasons. I wasn't even aware of what an MRA was at the time of writing. This piece was originally written as an email in April 2020. Following a webinar hosted by the wonderful team at Dating Kinky, I decided to reproduce it on Fartloaf, considering some of the questions being asked therein. Having seen some disturbing comments about FOSS development using Google technologies (on Discord, no less), I decided to reproduce it here. Please feel free to reproduce it elsewhere, as you see fit. I officially give you permission to do so under the Creative Commons Attribution-Share-Alike 3.0 license. To that effect, I am perfectly happy to receive no tips for this post (unless you receive money/crypto for sharing it). Go on; reward yourself for taking the time to get informed!

"This your last chance. After this there is no turning back. You take the blue pill, the story ends. You wake up in your bed and believe whatever you want to. You take the red pill, you stay in Wonderland, and I show you how deep the rabbit hole goes. Remember, all I'm offering is the truth. Nothing more."
— Morpheous; The Matrix; The Wachowski Starship

Go Ask Moonalice; I think She'll Know

There are two statements to take into consideration:

"Don't talk to strangers or take sweets from them." — Received Parental Wisdom

Did your parents or teachers ever drill that into you? If so, good; they were right to. That advice/admonishment applies to the Internet too. "But social media's full of strangers. Must I not talk to anyone?", you cry. Well, you can and will, but take reasonable precautions first.

"Just because you're paranoid doesn't mean they aren't after you."
Joseph Heller, author of Catch 22 (often misattributed to Kurt Cobain).

Heller may have said/wrote that as a half-joking garbled semi-aphorism, but he was right, unfortunately. I've been paranoid about using the Internet for communications since I was in high school and my friends were pressuring me to get MxIt (see footnote #1), the forerunner to BBM and WhatsApp. (Anybody else remember using that?) The worst thing about being paranoid is being justified for being so.

"A paranoid is someone who knows a little of what's going on. A psychotic is a guy who's just found out what's going on."
― William S. Burroughs; Author

Let's skip forward about sixteen years. It's not only agents of the Chinese government, shadowy cracker script kiddies and warez d00dz trying to "pwn your b0><3n 4 teh lulz and pr0n" you've got to worry about; they're small fry. The real baddies are the monopolistic surveillance capitalism tech giants: Amazon, Facebook, Google, Pinterest, Twitter, Verizon/Yahoo and their subsidiary/affiliate companies, free from or circumventing (woefully inadequate/outdated) government regulation. Amazon, Google, and Facebook own and deploy approximately 90% of all the tracking scripts and media on the Internet, more than the other 499 tracker-using companies there (including PornHub, by the way).

At this point, you probably already think that I'm nuts. Too bad, so sad. I am. Ask my shrink if in doubt. Worse, you might also be thinking "So what? I don't have anything to hide. Why should I care?" That's a specious sentiment. Here's why you do have something to hide and why you should care:

  • As far as you know, do your parents, friends and siblings know about your kinks and/or sex life? Do your grandparents and their friends? Would you want them to? If you have them as friends/contacts on Facebook, you're using Google Chrome or Microsoft Edge to access your Web-based email account (GMail), or have bought anything kinky/sexy from Amazon, they probably already know. If not, it's only a matter of time until they find out. (Thank Facebook Beacon/Connect and Amazon for this. I'm not sure if oAuth plays a role anywhere.)
  • Do you walk down the street naked and alone at night? I'm pretty sure you don't, because it's not safe to. Going on the Web without a secured browser (Tor, Brave or Firefox Focus for phones) is effectively doing that.
  • Do you feel comfortable bathing/showering or going to the toilet and leaving the door open while you're in there? Are you OK with strangers looking through your windows or walking through your front door, uninvited? Probably not; you've got privacy concerns, even in your own home.

Going onto the Internet without strong defense is tantamount to doing these things in front of over 2.2 billion strangers (Facebook's global user base as of late 2019).

Google, Oracle and thousands of other unsavory advertising companies (including brokers) and data warehouses (whorehouses?), have refined their tracking and targeting techniques to the point where they can identify individual people and know whatever they care to based on the harvested data: Your age, sexual orientation, medical records, health status, marital status, income, credit score, home base, place of work, favorite restaurant, how many kids you do/don't have, which medical aid you're on (which health ensurer you're with), who your insurer is, how much you've got in your bank account (not that you should have one any more) … If you can name it, they've probably got data on it and are revising/updating it every time you click something or watch a video online.

Reading Material

Now, this is a rabbit hole that gets very deep very quickly if you take the red pill and dive down it. I suggest you do, by reading all of the following:

Also listen to Mozilla's IRL podcasts. I suggest you do all of this to get up to speed, because it would take me a few weeks to lay it all out. As it is, I've only finished Zucked and listened to some of the podcasts.

This is just the tip of the Zucker-iceberg; Roger MacNamee lists a lot of further reading in Zucked.

In case I have to repeat myself, do not buy these books from Amazon! Visit your local bookstore (or its Website) if you can.

More Importantly: What can you do to protect yourself in the mean time?

The short answer is "Short of completely disconnecting from the Internet, throwing away your smart phone and laptop and employing someone willing to use these technologies on your behalf, not much." Becoming a hermit, living in the woods making furniture and reading Walden (and prepper/wilderness survival books) isn't such a bad life, after all.

The long answer is more complex and significantly more detailed, because the short answer is not practical (or at least, very difficult). Being connected to the Internet is (almost) essential to functioning in the modern world. You can't avoid/escape the trackers, but you can significantly decrease the size of your online fingerprint.

Caveat: YMMV; potential breakage and disruptions to your lifestyle and habits.

  1. Depending on how anonymous you want to be, use a Linux OS such as TAILS or whonix, which uses Tor to anonymize your activity (or Qube to place different things in containers).
  2. Use a VPN or bridge, something like NordVPN, which is based in Panama (which is outside the jurisdiction of the eyes of the world) and accepts payment in Bitcoins (themselves not a guarantee of anonymity, but a step in the right direction). A VPN does nothing to make you anonymous and should not be used with Tor. The only thing it does is stop your ISP (and government) knowing from exactly where you're connecting to the Internet (unless they force the VPN provider to keep logs and hand them over).
  3. For your Web browser, use the Tor Browser Bundle on your PC/Mac and
    Tor/Orfox with Orbot on your phone. Tor uses "onion routing" (layered anonymity to bounce your traffic between at least three nodes) to ensure your anonymity. One of the limitations of this is that it's noticeably slower and is not suitable for torrenting, watching videos or logging into your accounts. You're trading convenience for security here. Do not use a VPN with Tor; doing so will compromise your anonymity.
  4. For watching videos and logging into your accounts, you can use Brave or Firefox, both for PC and phone. (On your phone, use
    Firefox Focus if you prefer it to Brave). Firefox by itself with default settings isn't adequate. Here's how to change that:
    • In "Privacy Protections", set the protection level to "Strict" and "Do Not Track" to "Always". FF warns you that this might break the functionality of some sites, but I have yet to see it happen.
      • Check "Delete Cookies and Site data when Firefox is closed". Uncheck "Ask to save logins and passwords"
    • Install the following addons: HTTPS Everywhere (EFF), Privacy Badger (EFF), Ghostery, Multi-Account Containers (Mozilla), AdBlock Plus, Webmail Ad Blocker, Adblocker Ultimate, Adblocker for YouTube, Always in Container, Block Facebook Outside Container, Container Color Theme, Canvas Fingerprint Defender, WebGL Fingerprint Defender, AudioContext Fingerprint Defender and Font Fingerprint Defender (Untick "Show/Hide Desktop Notifications" after installation).
    • Intall the Presearch plugin, which will set your default search engine to Presearch.org (and earn crypto for doing so). Delete Google and DDG from your list of search engines.
    • Make sure you explicitly create "Google" and "Facebook" containers. You absolutely do not want these two sharing anything with each other (or anything else). Keep all your Google-based content (Gmail, Docs, Drive, etc.) confined to the Google container. Ditto with Facebook and Instagram in the "Facebook" container.
  5. Migrate as much as you can away from Google, Twitter, Facebook, LinkedIn, Yahoo! and Amazon, then delete everything and close your accounts:
    • ProtonMail offers zero-access and PGP-encrypted mailboxes for as little as 5 EURO per month. What this gives you is a mailbox not even they (the providers) can access, the ability to password-protect emails sent to non-users and other ProtonMail users. However, Protonmail has made changes to its Website to include browser fingerprinting scripts and doesn't seem interested in removing them. It also uses Electron (a Google technology) for its Thunderbird Bridge. There are other IMSPs offering for-pay PGP email. I'll probably add them here in an edit. At present, I'm in discussions with the Arweave team regarding the state of WeaveMail (the mail protocol) and we[a]ve (the Web client). I might even build an Enigmail-compatible bridge plugin for Thunderbird (or fork it to make WeaverBird), but I'm getting ahead of myself here.
    • Mastodon.social is a replacement for Twitter.
    • Diaspora, 500px and PixelFed are alternatives for Flickr, Instagram and Google Photos
    • Use local shopping sites (such as Loot, Exclus1ve Books and Takealot in SA) in preference to Amazon and Wish.
    • The really difficult one to replace is Facebook. There's no real one-size-fits-all alternative, but there are some.
    • Replace WhatsApp, Telegram, Facebook Messenger, KiK, BBM and other messaging clients with Signal from Open Whisper systems. According to the EFF's deprecated/archived scorecard: Signal and WhatsApp don't hand your encryption keys to the provider, while the others do. However, WhatsApp's source code is not open-sourced and your messages, although encrypted, are stored on FB's servers.
    • Don't forget to delete your files/emails and close your accounts!
  6. If you can't leave Facebook for some valid reason, lock it down:
    • Go through all your privacy/security and sharing settings. Set them as restrictive as you can.
    • Erase as much personally-identifying information in your profile as you can.
    • Go through the process of downloading an archive of your Facebook data. This can take a few hours to a day to complete.
    • Delete every past post, comment or like that you can.
    • Unfriend people who are not actually your friends IRL. Invite them to use Signal. Notify those that accept that you're leaving Facebook and that they'll have to contact you by old-fashioned means (phone/text messaging through Signal). Snub the rest; they're a liability.
    • Do not share your email address or phone number with people through FB or with those who will allow FB to scan their address books!
    • Close your FB account. (The process takes 30 days, during which time FB will hound you, trying to tempt you to sign back in. As soon as you do, the account cancellation process is cancelled and you'll have to start again.)
    • Caveat: You can't get rid of the shadow profile data FB has on you, only the information you handed over. FB keeps what it steals from you and Zuck's not sorry, because he claims to not know about it.
  7. Don't buy Google Home/Echo, Nest, Amazon Alexa or Ring smart doorbell devices. These are always listening and collecting data that gets sent back to one or more of Google, Amazon, the FBI and the NSA.
  8. Don't use "free" services. As the old maxim about advertising goes, "If you're not paying for it, you're not the customer; advertisers are. You're the product (or at least your data is)!"
  9. When sending files to others, use 7zip or PeaZip for password-protected archives. Do not send them the password with the archive; use a separate means (such as Signal from Open Whisper; it has a desktop client). For extra security, you can use VeraCrypt or KeePassXC with a password and a key file. The linked Python script will write random bytes of a specified length to a specified file, which can be used as a key. (See footnote #2).
  10. Use the source, Luke!: Microsoft owns GitHub. Migrate your repos to GitLab. (They responded well/appropriately when there was an outcry from the user base when they implemented data mining practices, which were subsequently reverted/removed.)
  11. Electroshock Therapy: No Electron, no MEARN, no V8, no Google technologies. Rust/WASM and GTK+/Qt FTW!

Your Phone

If you're using a smart phone tracker (who isn't?), here are some pointers:

  • It's better to use an iPhone instead of an Android phone. However, it's even better to use a Linux OS on your phone: Pine64 or E-Foundation, possibly with F-Droid or APK-Pure. (These are not necessarily stable/production ready.)
  • Turn off Location broadcasting (looks like a pin on a map) when not in use.
  • Turn off data, Wifi and Bluetooth connectivity when not in use.
  • Put your phone in airplane mode when not in use. (This will prevent you from receiving some Signal messages and calls because your phone is not communicating with cell towers.)
  • Uninstall all apps you haven't used for at least three months. You probably don't need them.
  • Disable all Google apps on your phone if on Android. Do not uninstall them as this can potentially break your phone's functionality and you might need to re-enable some.
  • Disable background data/WiFi usage for all apps that don't need it. (This has to be done per app, which is why it's best to uninstall unnecessary ones).
  • Change your phone's unique advertising ID on a regular basis (three to six months). The steps for this differ depending on whether you're using an iPhone or Android device.

The End

If you've done all this, no doubt at some expense, your Internet footprint is much smaller, but so is your bank balance (not that you should have one of those any more). Unfortunately, complete security/privacy and anonymity are impossible in the modern world. Increasing it to an acceptable level comes at a cost. That cost is both convenience and money.

  • Them: Chat to us for hours, at only 60c per hour! What do you not like about that? Me: There is a hidden catch somewhere; I am sure of it.
  • Aim for a key length of at least 4090 bytes (4KB). The longer, the better. I am not an expert in cryptography; I just use it. Use the script at your own risk.

How do you rate this article?


Great White Snark
Great White Snark

I'm currently seeking fixed employment as a S/W & Web developer (C# & ASP .NET MVC, PHP 8+, Python 3), hoping to stash the farmed fiat and go full Crypto, quit the 07:30-18:00 grind. Unsigned music producer; snarky; white; balding; smashes Patriarchy.

Cryptographic Anarchy: (Mis)Adventures in Crypto
Cryptographic Anarchy: (Mis)Adventures in Crypto

The content of this blog is exclusively to do with online privacy/security, cryptography and cryptocurrency: Understanding it, investing in it, mining it (in groups/crowds), developing/programming it, the social problems it aims to solve and the various ways to make more of it (or not, as various losses and failures happen). Let's get away from banksters, Capitalists and fiat, to an anarcho-syndicalist commune. Banner image: Blogger's own. Contemplating making an HD NFT version if there's interest.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.