Finally ready to get off the grid? It's not quite as simple as it should be.

If you're reading this, it's likely your personal information is available to the public. And by "public" I mean everyone everywhere. The start of a new year is a good time to get your internet privacy ducks in a row and effectively "delete" yourself from the internet. But how can deleting yourself from the internet stop companies from getting hold of your info? Short answer: It can't.

Unfortunately, you can never completely remove yourself from the internet, but there are ways to minimize your digital footprint, which would lower the chances of your personal data being out there. Be forewarned, however: Removing your information from the internet, as I've outlined below, could adversely affect your ability to communicate with potential employers. Still interested? Here are some ways to disappear your digital self.

Think about which networks you have social media profiles on. Aside from the big ones(Facebook, Instagram, Twitter, LinkedIn), do you still have old accounts on sites like Tumblr? MySpace? What about your Reddit account? Which shopping sites have you registered on? Common ones might include information stored on Amazon, Gap.com, Macys.com and others.

Receive expert tips on using phones, computers, smart home gear and more. Delivered Tuesdays and Thursdays.

Using a service like DeleteMe can make removing yourself from the internet less of a headache.

To get rid of these accounts, go to your account settings and look for an option to either deactivate, remove or close your account. Depending on the account, you may find it under Privacy or Security, or something similar.

If you're having trouble with a particular online account, try searching online for "How to delete," followed by the name of the account you wish to delete. You should be able to find some instructions on how to delete that particular account. (Here's how to permanently delete your Facebook account without losing your photos.)

If for some reason there are any undeletable accounts, change the info in the account to something other than your actual info. Something fake or completely random.

Read more:Best VPN service of 2021

Now playing: Watch this: Get off the grid

3:43

There are companies out there that collect your information. They're called data brokers, and they have names like Spokeo, Whitepages.com and PeopleFinder, as well as plenty of others. They collect data from everything you do online and then sell that data to interested parties, mostly in order to more specifically advertise to you and sell stuff.

Now you could search for yourself on these sites and then deal with each site individually to get your name removed. Problem is, the procedure for opting out from each site is different and sometimes involves sending faxes and filling out actual physical paperwork. Physical. Paperwork. What year is this, again?

Anyway, an easier way to do it is to use a service like DeleteMe atjoindeleteme.com.For just $129 per year, the service will jump through all those monotonous hoops for you. It'll even check back every few months to make sure your name hasn't been re-added to these sites.

Be warned: If you remove yourself from these data broker sites, you'll also mostly remove yourself from Google search results, therefore making it much harder for people to find you. DeleteMe also gives you a set of DIY guides on how to remove yourself from each individual data broker if you'd like to do the process yourself.

First, check with your phone company or cell provider to make sure you aren't listed online and have them remove your name if you are.

If you want to remove an old forum post or an old embarrassing blog you wrote back in the day, you'll have to contact the webmaster of those sites individually. You can either look at the About us or Contacts section of the site to find the right person to contact or go to http://www.whois.com and search for the domain name you wish to contact. There you should find information on who exactly to contact.

Unfortunately, private website operators are under no obligation to remove your posts. So, when contacting these sites be polite and clearly state why you want the post removed. Hopefully they'll actually follow through and remove it.

If they don't, tip No. 4 is a less effective, but viable option.

If someone's posted sensitive information of yours such as a Social Security number or a bank account number and the webmaster of the site where it was posted won't remove it, you can send a legal removal request to Google to have it removed.

You may have to exercise Google's legal powers to get your personal information removed from a stubborn site.

The removal process could take some time, and there's no guarantee it'll be successful, but it's also your best recourse if you find yourself in this vulnerable situation.

Google's URL removal tool is handy for erasing evidence of past mistakes from the internet.

Let's say there's a webpage with information about you on it you'd like to get rid of -- like your former employer's staff page, months after you've changed jobs. You reach out to get them to update the page. They do, but when you Google your name, the page still shows up in your search results -- even though your name isn't anywhere to be found when you click the link. This means the old version of the page is cached on Google's servers.

Here's where this tool comes in. Submit the URL to Google in hopes it'll update its servers, deleting the cached search result so you're no longer associated with the page. There's no guarantee Google will remove the cached info for reasons, but it's worth a try to exorcise as much of your online presence as possible from the internet.

Depending on the type of email account you have, the number of steps this will take will vary.

You'll have to sign into your account and find the option to delete or close the account. Some accounts will stay open for a certain amount of time if you want to reactivate them.

An email address is necessary to complete the previous steps, so make sure this one is your last.

Remember to be patient when going through this process, and don't expect to complete it in one day. You may also have to accept that there are some things you won't be able to permanently delete from the internet.

Read the original here:
Remove all your personal info from the internet: 6 steps to disappear for good - CNET

In 2010, EFF launched its campaign to encrypt the entire webthat is, move all websites from non-secure HTTP to the more secure HTTPS protocol. Over 10 years later, 2021 has brought us even closer to achieving that goal. With various measurement sources reporting over 90% of web traffic encrypted, 2021 saw major browsers deploy key features to put HTTPS first. Thanks to Lets Encrypt and EFFs own Certbot, HTTPS deployment has become ubiquitous on the web.

For more than 10 years, EFFs HTTPS Everywhere browser extension has provided a much-needed service to users: encrypting their browser communications with websites and making sure they benefit from the protection of HTTPS wherever possible. Since we started offering HTTPS Everywhere, the battle to encrypt the web has made leaps and bounds: what was once a challenging technical argument is now a mainstream standard offered on most web pages. Now HTTPS is truly just about everywhere, thanks to the work of organizations like Lets Encrypt. Were proud of EFFs own Certbot tool, which is Lets Encrypts software complement that helps web administrators automate HTTPS for free.The goal of HTTPS Everywhere was always to become redundant. That would mean wed achieved our larger goal: a world where HTTPS is so broadly available and accessible that users no longer need an extra browser extension to get it. Now that world is closer than ever, with mainstream browsers offering native support for an HTTPS-only mode.

In 2020, Firefox announced an HTTPS-only mode feature that all users can turn on, signaling that HTTPS adoption was substantial enough to implement such a feature. 2021 was the year the other major browsers followed suit, starting with Chrome introducing an HTTPS default for navigation when a user types in the name of a URL without specifying insecure HTTP or secure HTTPS. Then in June, Microsofts Edge announced an automatic HTTPS feature that users can opt into. Then later in July, Chrome announced their HTTPS-first mode, which attempts to automatically upgrade all pages to HTTPS or display a warning if HTTPS isnt available. Given Chromes dominant share of the browser market, this was a huge step forward in web security. Safari 15 also implemented a HTTPS-first mode in its browsers. However, it does not block insecure requests like in Firefox, Chrome, and Edge.

With these features rolled out, HTTPS is truly everywhere, accomplishing the long-standing goal to encrypt the web.

SSL/TLS libraries are heavily used in everyday critical components of our security infrastructure, like transportation of web traffic. These tools are primarily built in the C programming language. However, C has a long history of memory safety vulnerabilities. So the Internet Security Research Group has led the development of building an alternative to certain libraries like OpenSSL in the Rust language. Rust is a modern, memory-safe programming language and the TLS library built in Rust has been named Rustls. Rustls has also been integrated for support in popular networking command line utilities such as Curl. With Rustls, important tools that use TLS can gain memory safety and make networks ever more secure and less vulnerable.

Since 2015, EFFs Certbot tool has helped millions of web servers deploy HTTPS by making the certificate process free and easy. This year we significantly updated the user experience of Cerbots command-line output for clarity. We also translated parts of the website into Farsi in response to user requests, and now we have the Instructions Generator available in this language. We hope to add more languages in the future and make TLS deployment in websites even more accessible across the globe.

Even as we see positive movement by major browsersfrom the HTTPS-by-default victories above to ending insecure FTP support and even Chrome adopting a Root Store programwe are also watching the potential dangers to these gains. Encrypting the net means sustaining the wins and fighting for tighter controls across all devices and major services.

HTTPS is ubiquitous on the web in 2021, and this victory is the result of over a decade of work by EFF, our partners, and the supporters who have believed in the dream of encrypting the web every step of the way.

Thank you for your support in fighting for a safer and more secure internet.

This article is part of our Year in Review series. Read other articles about the fight for digital rights in 2021.

Read the original post:
We Encrypted the Web: 2021 Year in Review - EFF

Web3 has become the latest buzzword to get tech and cryptocurrency enthusiasts talking. While some are excited at what is being dubbed as the next phase of the Internet, others, including Elon Musk and Jack Dorsey, have voiced their concerns over it.

But what is Web3 and can this decentralised vision of the Internet work?

Put simply, Web3 is an umbrella term for an online ecosystem that cuts out the big middlemen on the Internet. So, platforms on Web3 are not owned by central gatekeepers and you wouldnt navigate the Internet through search engines such as Google.

It uses blockchain, the same system used by cryptocurrencies and non-fungible tokens (NFTs).

The first version of the world wide web was launched by Sir Tim Berners-Lee in 1989. Back then, the few people who had the knowledge to could put information online in a decentralised way.

Web 2.0 came some 10 years later and started with the development of tools that were easy to use, allowing anyone to upload content online via the tech giants such as Google, Twitter and Facebook (now Meta).

But these free tools supplied by the tech companies, that allowed everyone to become publishers, was also harvesting our personal data to be used for tailored advertisements and marketing campaigns.

In theory, Web3 will be a combination of the two earlier versions of the Internet but will take the power away from the tech giants and corporations and put it back into the peoples hands.

And instead of exchanging our data to upload content online, users can become participants and shareholders by earning tokens on the blockchain system, which will allow you to have a say over a network.

Web 2.0 is the transmission of information but Web3 is the transmission of values, said Pascal Gauthier, CEO of the crypto hardware wallet Ledger, one of Frances unicorns.

We can see that currently on the Internet, your experience becomes bad as soon as you have to take out your credit card, he told Euronews Next, adding, Web3 basically fixes issues such as payments.

How does it work?

In the Web3 world, search engines, marketplaces and social networks will have no overriding overlord.

So you can control your own data and have a single personalised account where you could flit from your emails to online shopping and social media, creating a public record of your activity on the blockchain system in the process.

A blockchain is a secure database that is operated by users collectively and can be searched by anyone. People are also rewarded with tokens for participating.

It comes in the form of a shared ledger that uses cryptography to secure information. This ledger takes the form of a series of records or blocks that are each added onto the previous block in the chain, hence the name.

Each block contains a timestamp, data, and a hash. This is a unique identifier for all the contents of the block, sort of like a digital fingerprint.

The idea of a decentralised Internet has been in the works for the last decade with the explosion of cryptocurrencies and blockchain, and there are arguably some early Web3 applications that already exist. But we are not officially in the Web3 world.

Is Web3 too idealistic?

The idea of a decentralised internet may sound far-fetched but big tech companies are already betting big on it and even assembling Web3 teams.

But even if power is taken away from the tech giants, the people currently shaping Web3 are software developers and venture investors. Meanwhile, blockchain networks are not equally distributed and are in the hands of venture capitalists and early adopters.

This week, the former Twitter CEO Jack Dorsey suggested that Web3 is under the control of the venture capital industry, particularly the firm Andreessen Horowitz, an early Facebook backer and a Web3 advocate.

You dont own Web3. The VCs and their LPs do. It will never escape their incentives. Its ultimately a centralized entity with a different label, the Squares CEO tweeted.

On Thursday, Dorsey tweeted in response that he had been blocked on Twitter by Marc Andreessen, co-founder of Andreessen Horowitz.

Meanwhile, Tesla chief Elon Musk says Web3 is more of a marketing buzzword than reality.

"Im not suggesting web3 is real seems more marketing buzzword than reality right now just wondering what the future will be like in 10, 20 or 30 years. 2051 sounds crazy futuristic," he wrote on Twitter.

Musk also asked where it was, to the annoyance of Web3 devotees.

What are the challenges?

Experts have expressed concerns over how to regulate a decentralised internet, which would make it even more difficult to prevent cybercrime, hate speech and misinformation.

Web3 can also be hard to use but Gauthier says the challenge is not if people can access it easily but if they know how to manage their data securely.

Anyone on the planet can access Bitcoin or Ethereum today, as long as you have an internet connection. So there are billions of human beings that can access Web3 systems while the same human beings cannot necessarily access the banking system, he said.

To understand how Web3 works, there are some mistakes you should be aware of and you have to pay attention to your safety.

Before, in the financial world, security was provided by your bank. All of a sudden, now, you have to do it yourself since you own the privileges and you can manage your money online. So that means that there is a whole education and understanding part of the security issues that are important.

Building the technology to make Web3 fully decentralised, which has never been done before, is also one of the challenges.

Creating decentralised tools is not easy. Centralised systems are easier to build but less transparent, said rsula OKuinghttons, director of public relations of the blockchain infrastructure company Parity Technologies, who also works with the Web3 Foundation.

Some blockchain hybrids are a combination of centralised and decentralised systems but creating 100 per cent decentralised tools is the hardest and the longest part. But this is what Web3 is truly about, she told Euronews Next.

Go here to see the original:
What is Web3, is it the new phase of the Internet and why are Elon Musk and Jack Dorsey against it? - Euronews

LSE law graduate Hui Ting Tan considers the case for reform

In the past year, there have been a spate of hacking attacks on cryptocurrency exchanges, which are exchanges which allow people to trade digital currencies such as Bitcoin and Ethereum. Last September, a hacker managed to take out $610 million (460 million) worth of customers coins from Poly Network, a Japanese cryptocurrency exchange.

Interestingly, the hacker returned all of the stolen assets, claiming that the hack was just an attempt to highlight the vulnerabilities in Poly Networks system. When the heist was discovered, Poly Network immediately published the addresses to which the digital assets had been transferred, and asked centralised crypto exchanges to stop all asset flows stemming from the specified addresses. Tether, a stablecoin operator immediately froze $33 million of the stolen assets, while other major exchanges such as Binance agreed to look into the matter. In the meantime, internet sleuths sprung quickly into action to piece together information about the hacker. A cyber security firm called Slowmist even claimed to have personal information relating to the hacker, such as the hackers IP address and email information.

Regardless of whether the hackers motivations can be taken at face value, what is evident is that identifying errors in the code of a crypto exchange is one thing, but actually laundering those ill-gotten gains into money in the real world is another. Due to the transparency of the blockchain technology upon which the cryptocurrencies are built, every transaction in the digital markets is publicly transparent on blockchains, and as proponents of De-Fi (decentralised finance) like to argue, this creates a crowdsourced imitation of a self-regulating banking system.

What are the inherent or systemic problems with having a self-regulatory banking system however? For one, how do you draw the line between an ethical white hat hacker, who is just exploiting a bug in the system, and a self-interested criminal? There is of course an argument distinctive to the De-Fi and blockchain context. The unique strength of an open-sourced technological system is that improvements to the system itself are built upon community improvements and ingenuity. On the other hand, what is clear is that ethical hacking cannot be without scope. No ethical hacker would risk the assets or data of thousands of users. One might imagine that if every firm that were a victim of a hack were to legitimise these actions by labelling these acts as whitehats, then ethical hacking would be devoid of any meaning.

What I find more concerning is the notion that criminality and the commensurate level of punishment can be outsourced to a private company, like Poly Network. Hypothetically, imagine if a group of armed robbers organised a traditional bank heist, and was able to steal a significant sum of money, which it eventually returned, although it had broken numerous criminal laws along the way, such as criminal trespass, common assault, and other public crimes. Lets imagine as well that the bank is unable to print or obtain more money, and was thus compelled to offer the robbers criminal immunity and a monetary reward if the money was returned. That the money eventually came to no harm is irrelevant, it would even be irrelevant if the armed robbers were not eventually found to be guilty of those accompanying crimes. In my opinion, what is problematic is the idea that a private company is able to arbitrarily dictate the criminality of a hack, or to even whitewash a criminal hack for commercial reasons.

Want to write for the Legal Cheek Journal?

Things havent ended on a sour note because the assets have been returned, but shouldnt it be time to consider the implications if a similar situation were to happen again? What happens then if a significant number of consumers of a hugely popular crypto-asset exchange were to lose their life savings through the brilliance of an unscrupulous hacker? What are the legal protections available to consumers, and how robust is the regulatory and compliance regime in place to prevent crypto-assets from being laundered?

From a consumer protection perspective, there are unsurprisingly no guarantees of reimbursement in a largely unregulated sector. In fact, a haircut has become a term used to describe partial compensation in the wake of a cyber-attack. For example, in the wake of a hack on Bitfinex () in August 2016, which caused a loss of 120,000 Bitcoin, worth around $75 million at the time, its users faced a 36% haircut regardless of whether they held any Bitcoin.

In terms of Anti-Money Laundering (AML) and Know-Your-Customer (KYC) regulation, the UK Financial Conduct Authority (FCA) is the regulator of crypto-asset companies in the UK. Crypto-asset companies have to comply with the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017, which includes the requirement of having to be registered with the FCA in order to continue business. The FCA also introduced a Temporary Registration Regime for firms that had applied to be registered before, but whose applications were still being processed. As it turns out, the FCA had to extend the deadline for the Temporary Registration Regime (for existing businesses when the requirement was first announced) to 31 March 2022, due to the unprecedented number of firms which could not meet these requirements () and had to withdraw their applications. Since the need to register with the FCA was introduced in January 2020, only five companies have successfully registered with the regulator. In short, the issue isnt really that of a lack of regulation, but that the sector as a whole has yet to catch up in terms of cyber-security and AML practices.

This seems to suggest therefore that there is a good chance that retail investors and consumers of such crypto-asset exchanges are using products with significant cybersecurity risks. The need to raise regulatory standards therefore seems like a natural answer. On the other hand, it has been argued that stricter regulatory rules only drive criminals towards exchanges in jurisdictions with looser regulatory requirements. However, as pointed out by Michael Philipps (), chief claims officer at cyber insurance group Resilience, these exchanges usually have lower liquidity, which makes the laundering process more difficult. If what we are concerned about is preventing large-scale hacking heists amongst the most widely used exchanges in the UK, then imposing a level of regulation commensurate with the increased level of risk makes sense.

The other libertarian counter-argument would be to argue that investment decisions are personal commercial decisions that inherently involve some level of risk, and that excessively regulating these exchanges would not prevent the ignorant, the gullible, or the fearless from similar decisions that would be equally risky or dangerous. Ones right to plunge ones entire life savings into Bitcoin should be zealously guarded, no matter how crazy such a decision may seem, so the argument goes. However, I think a distinction needs to be made between raising regulatory standards to better inform consumer choice, and banning these exchanges outright. The desire for the UK to grow into a global fintech hub should also be balanced with the consumer risks inherent to these platforms. The priority should not be to discourage the flourishing of fintech businesses and start-ups, but to ensure that any crypto-asset exchange legitimately operating in the UK measures up to a rigorous and sufficient AML/KYC regulatory regime, which would in turn protect consumers.

The reality of course is that while the FCA continually warns retail investors that they risk losing all their money by transacting on these unregulated exchanges, there will always be those who choose to ignore these warnings. But by actively regulating these exchanges and presenting a stark choice between the legitimate and the unregulated, retail traders on unregulated exchanges would have to take stronger ownership of their personal choices, and whatever risks these choices may entail.

Hui Ting Tan is a law graduate and LLM student at the LSE. He is an aspiring commercial solicitor.

Read the original:
How to tackle cyber hacks on crypto exchanges - Legal Cheek