Re: Yes! Someone's remembered TrackMeNot
When I describe my concerns to people, I always get the whole "nothing to hide/fear" nonsense or, worse yet, the "nobody's interested in me/you" thing. And then I have to explain about Yahoo and Equifax and the person working for the company that promises to only share your data with 'trusted partners" not knowing about the guy working for one of those trusted third parties (who has gambling debts/alimony payments/kids to put through college/a yen for something really expensive that he can't afford on his regular salary, or even works for a criminal organisation and this is his currently assigned task) who doesn't care about your agreement you entered into by clicking on "I Agree". He wants the money and he's selling/passing on your details to a fourth party and the legality of it is of no more concern to him than it is to the burglars who break into your home and steal your stuff - they're absolutely right, the burglars don't care about me personally and neither does the guy stealing my data; they both still do it though, don't they? Just like the people who hacked the Equifax database didn't care about me personally. Just like the people who found Yahoo had failed to secure 3 billion accounts didn't care about even one of those 3 billion users either.
I'm of no interest to state actors; they've already checked me out thoroughly and I've been allowed to do some very interesting things in some very interesting places as a result - they know more about me than I can remember myself and it hasn't caused me any problems.
The slurping of my data that is then improperly secured and subsequently falls into the hands of the criminal fraternity, however, so that they know where I go, when, why, how frequently, how long for, how long it will take me to get back home, how valuable my car is, how much I pay in home contents insurance and the likely value of them as a result, help themselves to ten or twenty credit cards in my name and max them out, create five false identities in my name? Yeah, I think they're a legitimate concern and that what I know about IT after 35 years in the game qualifies to me to state that, no, it's not paranoia, it's knowing more about this stuff than many, if not most, other people do.
Obviously, there's no guarantee that any soft solution won't be subverted by sufficiently sophisticated means but, personally, I use a microphone blocker, a camera blocker, a localhost-VPN-based application and transport layer firewall, a Bluetooth 'firewall', automate Bluetooth and WiFi so that they toggle off when I'm not making/taking a call or near a network I've registered on my phone, spoof my GPS and keep my contacts/calendar data local (synchronise them with my computer over the local network and never use any 'cloud' based services for that purpose). All permissions are locked down to the absolute bare minimum for an app to provide all I need from it and no more. As many as possible function offline - knowing where the bus/train/metro is won't make it get here any quicker and all I really need to know is what route it takes so that I can decide if it's the bus/train/metro for me or not (and a static map will do just fine for that, thanks).
Really, I'd like to be able to do without it altogether, but that ain't gonna happen any time soon (if ever again), so, it's a matter of taking what precautionary measures I can and creating as much fake data as I can.
I'm looking into the viability of offering a service to people that will place them in two (or more) real world locations simultaneously - but the implications for me as an accessory to a crime are a bit disconcerting to say the least and I'm not sure it's worth the risk just to enhance a few people's privacy from the private sector data-slurpers or even the criminal underworld.