app 隐私 自我评估指南

by Iulian Gulea

由Iulian Gulea

在线隐私入门指南 (The Beginner’s Guide To Online Privacy)

We are living in remarkable times. We can make pictures of places and people we like by pressing a button on our phones; shop from our homes for literally anything from needles to cars; reach hundreds of thousands of people through social and blogging platforms, and consume information on any topic in any volume at any time of the day.

我们生活在非凡的时代。 我们可以通过按下手机上的按钮来拍摄我们喜欢的地方和人物的照片； 从我们的家中购物，从针头到汽车几乎所有东西； 通过社交和博客平台吸引成千上万的人，并在一天中的任何时间以任意数量消费有关任何主题的信息。

For a person from 30 years ago it might sound very futuristic. For us it’s just how things are. Common sense.

对于30年前的人来说，这听起来可能很有未来感。 对我们来说，事情就是这样。 常识。

But all that comes at a price. And that price is our privacy.

但是所有这些都是有代价的。 这个价格是我们的隐私。

为什么要保持私密性？ (Why stay private?)

I am a law-abiding citizen, I have nothing to hide.

我是守法公民，没有什么可隐瞒的。

Or this one:

或者这个：

Why to hide in a globally connected world?

为什么要躲在全球互联的世界中？

Many people think this way, which is understandable and is absolutely normal. We expect that some companies know a lot of info about us (mainly because we provide it to them ourselves), but it might be a huge surprise that other companies collect far more sensitive information about us that we might not want to share with anyone.

许多人以这种方式思考，这是可以理解的并且绝对是正常的。 我们希望一些公司知道很多关于我们的信息(主要是因为我们自己提供给他们)，但是其他公司收集到的关于我们的更敏感的信息却可能不想与任何人共享，这可能令人感到惊讶。

To make matters worse, advances in Artificial Intelligence in recent years enable companies to find very interesting patterns and create fine-grained physiological and psychological profiles of people based on their online behavior. There was a case in 2012, when a company knew a girl was pregnant even before her family knew that. Now imagine what can be done with AI and lots of data about people today.

更糟的是，近年来人工智能的进步使公司能够找到非常有趣的模式，并根据人们的在线行为创建人们的细粒度生理和心理特征。 在2012年的一个案例中，一家公司甚至在家人知道之前就知道一个女孩怀孕了。 现在，想象一下使用AI和当今有关人的大量数据可以做什么。

Hopefully, by the end of this article, you’ll review your thoughts about online privacy. Before moving on, take a moment and consider how would you feel if you had to share the following information about you with a group of 200 strangers:

希望在本文结尾处，您将回顾您对在线隐私的想法。 在继续之前，花点时间考虑一下如果您必须与200个陌生人共享以下有关您的信息时的感受：

• where are you located (geographically)
  您在哪里(地理位置)
• when do you surf the Internet and for how long
  您什么时候上网和上网多长时间
• what is the list of all sites you are visiting on each day
  您每天访问的所有网站的列表是什么
• what illnesses (if any) you have that you searched online
  您在网上搜索过哪些疾病(如果有)
• what types of products you buy online
  您在网上购买什么类型的产品
• what devices you use to connect to the Internet
  您使用什么设备连接到Internet
• what type of content you prefer to read
  您喜欢阅读哪种类型的内容
• what type of food you prefer to eat
  您喜欢吃哪种食物
• what your political views are
  你的政治观点是什么

The list can continue, but let’s stop here. Probably you wouldn’t share all this information with your friends, not to mention strangers.

该列表可以继续，但我们在这里停止。 可能您不会与朋友共享所有这些信息，更不用说陌生人了。

However, the reality is that today many people unwillingly and unconsciously are already sharing such data about themselves to “strangers” in companies who collect this data to benefit from it.

但是，现实情况是，如今许多人已经不知不觉地不知不觉地将自己的此类数据共享给收集这些数据以从中受益的公司中的“陌生人”。

您的“个人匿名个人资料” (Your “personal anonymous profile”)

Even if the majority of those companies who collect all that data about you do not know your real name, it’s not that important for them. It’s not your name that interests them, but rather your behavior and preferences. If they don’t have your name, they’ll just label you with an ID in their system.

即使大多数收集有关您的所有数据的公司都不知道您的真实姓名，对他们来说也并不那么重要。 使他们感兴趣的不是您的名字，而是您的行为和喜好。 如果他们没有您的名字，他们只会在系统中用一个ID标记您。

However, some companies do know your name and even your social security number, even though you didn’t explicitly share it with them.

但是，即使您没有明确与他们共享，有些公司的确知道您的姓名，甚至您的社会保险号。

The paradox is that we “share” most of that data, in our ignorance about what type of information is easily obtainable about us when we navigate the Internet.

自相矛盾的是，我们“共享”了大部分数据，因为我们不知道在浏览互联网时很容易获得关于我们的哪种类型的信息。

There is so much to privacy that I’m afraid it’s impossible to fully protect ourselves on the Internet from the eyes of amoral corporations, but we can minimize this risk. I invite you to find out how this can be done.

隐私太多了，恐怕不可能在不道德的公司眼中完全保护互联网上的自我，但我们可以最大程度地降低这种风险。 我邀请您了解如何做到这一点。

隐私金字塔 (The Pyramid of Privacy)

I would like to visually demonstrate what can protect your privacy and how effectively it can do that.

我想在视觉上展示什么可以保护您的隐私以及如何有效地保护您的隐私。

In order of significance, from bottom to the top:

按照重要性从下到上的顺序：

1.操作系统 (1. Operating System)

Without a solid foundation, you won’t be able to build anything useful. It turns out that even the choice of the operating system that people use can pose a risk to their privacy.

没有坚实的基础，您将无法构建任何有用的东西。 事实证明，即使人们选择使用的操作系统也会对他们的隐私构成风险。

风险 (The Risk)

If you are a Windows 10 user, then I have some bad news for you, because:

如果您是Windows 10用户，那么我对您有一些坏消息，因为：

• Your device is by default tagged with a unique advertising ID

  默认情况下，您的设备带有唯一的广告ID标记

• Data syncing is by default enabled (browsing history, app settings and wi-fi names and passwords)

  默认情况下， 数据同步处于启用状态(浏览历史记录，应用程序设置以及Wi-Fi名称和密码)

• Cortana can collect any of your data (like, literally any data you operate with on your computer, including credit card info, mic input, etc.)

  Cortana可以收集您的任何数据 (实际上是您在计算机上使用的任何数据，包括信用卡信息，麦克风输入等)

• Microsoft can collect any personal data about you

  Microsoft可以收集有关您的任何个人数据

• All that data about you can be shared, with any third-party and even without your consent

  与您有关的所有数据都可以与任何第三方共享 ，甚至无需您的同意

解决方案 (Solutions)

One possible solution here is to switch to another operating system like Linux or MacOS. And if in order to use MacOS you have to buy a Mac, you can install a Linux distribution of your choice on any computer.

这里一个可能的解决方案是切换到另一个操作系统，例如Linux或MacOS 。 如果要使用MacOS，必须购买Mac，则可以在任何计算机上安装自己选择的Linux发行版。

And in case you have heard scary tales about Linux, just check it out yourself. Here you can find a list of the most popular distributions, see how they look like and download and install them. Or, in case you don’t know where to start, just go with Ubuntu.

而且，如果您听说过有关Linux的恐怖故事，请自己检查一下。 在这里，您可以找到最受欢迎的发行版列表，查看它们的外观并下载并安装它们。 或者，如果您不知道从哪里开始，请使用Ubuntu 。

Still don’t want to switch from Windows? Then check out W10Privacy — a tool to help you disable some tracking settings in Windows.

还是不想从Windows切换？ 然后签出W10Privacy —一个可帮助您在Windows中禁用某些跟踪设置的工具。

2.网络层 (2. Networking Layer)

Now, once you at least have a chance to be anonymous and not have a unique ID stuck to your computer that you can’t get rid of, let’s talk about connecting to the Internet.

现在，一旦您至少有一个匿名的机会，并且没有一个无法摆脱的唯一ID贴在您的计算机上，让我们来谈谈连接到Internet。

Have you ever thought about how the Internet works? The navigation process is complex, but at the same time it reflects the power of engineering. However, I won’t dive right now into the internals of how it works, but will focus on privacy-related topics that you must have heard about before: IP and VPN.

您是否考虑过互联网的工作原理？ 导航过程很复杂，但同时也反映了工程的力量。 但是，我现在不会深入探讨其工作原理，而是将重点介绍您之前必须了解的与隐私相关的主题：IP和VPN。

风险 (The Risk)

As in the real world, each device that is connected to the digital World Wide Web has its own address, the IP address that is visible to any site you visit. Therefore, no matter what you do to hide your data and preferences, you will be easily identified by the address through which your computer is connected to the Internet.

与现实世界一样，连接到数字万维网的每个设备都有其自己的地址，该IP地址对于您访问的任何站点都是可见的。 因此，无论您做什么隐藏数据和首选项，都可以通过计算机连接到Internet的地址轻松识别。

That’s exactly why you see ads in your native language from the country you live in, even if you navigate to a foreign website.

这就是为什么即使您导航到外国网站，您仍会以自己的母语从所在国家/地区看到广告的原因。

That’s also the method by which some sites restrict access to visitors from specific countries. Here you can see where your IP address points on the world map.

这也是某些网站限制访问特定国家/地区访问者的方法。 在这里，您可以看到IP地址在世界地图上的指向。

解决方案 (Solutions)

1. Virtual Private Networks (VPNs)
   虚拟专用网(VPN)
2. WebRTC IP Leak Test
   WebRTC IP泄漏测试

Let’s discuss them one by one.

让我们一一讨论。

1. Virtual Private Networks

1.虚拟专用网

You can’t just hide your IP address, as you won’t be able to navigate the Internet. However, you can pretend you have a different IP address than your real one. This is where the Virtual Private Networks come into play.

您不能只隐藏 IP地址，因为您将无法浏览Internet。 但是，您可以假装自己的IP地址与实际IP地址不同。 这就是虚拟专用网发挥作用的地方。

A virtual private network (VPN) extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.

虚拟专用网络 ( VPN )将专用网络扩展到整个公用网络，并使用户能够跨共享或公用网络发送和接收数据，就像其计算设备直接连接到专用网络一样。

Source: Wikipedia

资料来源：维基百科

There are more than 150 VPN service providers available worldwide and choosing the right one may be tough, as each provider has their own features and limitations.

全球有150多家VPN服务提供商，由于每个提供商都有自己的特点和局限性，因此选择合适的提供商可能很困难。

There are, however, few critical things to take into consideration when choosing one and, surprisingly, it relates to some “eyes.”

但是，选择一个时几乎没有关键的事情要考虑，而且令人惊讶的是，它与某些“眼睛”有关。

Five Eyes, Nine Eyes, Fourteen Eyes

五只眼，九只眼，十四只眼

All these are global alliances with the goal of mass surveillance. They cooperatively collect, analyze and share data about citizens from different parts of the world. This started after the World War II, and now countries spy on each other’s citizens and share intelligence on people’s online activity, received/sent emails, Facebook posts and more.

所有这些都是以大规模监视为目标的全球联盟。 他们合作收集，分析和共享有关世界各地公民的数据。 这始于第二次世界大战之后，如今，各个国家互相监视彼此的公民并共享人们在线活动，已接收/已发送电子邮件，Facebook帖子等信息。

The countries that make up these groups are:

组成这些小组的国家是：

Five Eyes:1. Australia2. Canada3. New Zealand4. United Kingdom5. United States

五只眼： 1.澳大利亚2。 加拿大3。 新西兰4。 英国5。 美国

Nine Eyes (all of the above plus):6. Denmark7. France8. Netherlands9. Norway

九眼(以上所有方面)： 6.丹麦7。 法国8。 荷兰9。 挪威

Fourteen Eyes (all of the above plus):10. Belgium11. Germany12. Italy13. Spain14. Sweden

十四只眼睛(以上所有优点)： 10.比利时11。 德国12。 意大利13。 西班牙14。 瑞典

To keep it short, choosing a VPN provider based in one of these countries does not guarantee you privacy, as some entities (like NSA and alike) from the same or even different countries can force VPN (and basically any online service) providers to offer their data.

简而言之，在这些国家之一中选择VPN提供商并不能保证您的隐私，因为来自相同或什至不同国家的某些实体(例如NSA等)可能会强制 VPN(基本上是任何在线服务) 提供商提供他们的数据。

There is a nice list of over 150 VPN providers with all their features and limitations on thatoneprivacysite.net. Take some time to read and analyze what VPN fits you best. Then I would recommend that you use it for 1 month before buying a long-term subscription to see how it goes.

在thatoneprivacysite.net上有超过150个VPN提供商的列表，列出了它们的所有功能和局限性。 花一些时间来阅读和分析最适合您的VPN。 然后，我建议您使用它1个月，然后再购买长期订阅以了解其运行情况。

2. WebRTC IP Leak Test (even with VPN you may be visible)

2. WebRTC IP泄漏测试(即使使用VPN也可能可见)

Hold on! Even behind a VPN and with an encrypted DNS service you may still leak your IP address. And why should things be so complicated?

坚持，稍等！ 即使在VPN后面并使用加密的DNS服务，您仍可能会泄漏IP地址。 为什么事情会如此复杂？

Technology is always improving, and with every new thing that is being developed, there are either bugs or simply ways to exploit some features to obtain the required results. So it is with WebRTC — a new communication protocol that relies on JavaScript that can leak your actual IP address from behind your VPN. Check it out on privacytools.io and if you see any IP addresses identified, check out this section on the same privacytools.io and go through the steps enumerated there. Don’t forget to check again if WebRTC leaks your IP address!

技术一直在进步，并且随着每一个新事物的发展，都存在错误或者只是利用某些功能来获得所需结果的简单方法。 WebRTC也是如此。WebRTC是一种依赖JavaScript的新通信协议，它可能从VPN后面泄漏您的实际IP地址。 检查出来的privacytools.io ，如果你看到任何标识的IP地址，检查出这部分在同一privacytools.io和经过的步骤列举那里。 不要忘记再次检查WebRTC是否泄漏了您的IP地址！

3.浏览器 (3. The Browser)

Let’s discuss the surfing boards that we use to navigate in the digital cosmos of the Internet.

让我们讨论一下用来在Internet的数字宇宙中导航的冲浪板。

What browser is better?

哪种浏览器更好？

• Internet Explorer! (said nobody)

  IE浏览器！ (没有人说)

• Edge (*…whispered somebody…*)

  边缘 (* ...对某人说悄悄话... *)

• Opera! (said a couple of people)

  歌剧！ (几个人说)

• Safari! (said a bunch of people that have all the Apple products of the newest version the first day they appear)

  苹果浏览器！ (有很多人在第一天就拥有所有最新版本的Apple产品)

• Tor! (shouted an anonymous group from somewhere)

  托！ (从某个地方呼唤一个匿名团体)

• Яндекс Браузер! (said a group of Russian speaking people)

  ЯндексБраузер！ (一群说俄语的人说)

• Chrome!!! (cried a crowd for whom Google probably has their digital version of themselves)

  Chrome！！！ (激怒了Google可能拥有其数字版本的人群)

• Firefox!!! (cried another crowd with posters on privacy)

  火狐！！！ (用隐私权的海报使另一群人哭泣)

• Brave! (said somebody, but it wasn’t clear whether they referred to a browser, or just to be brave in today’s world?)

  勇敢！ (有人说，但是不清楚他们是指浏览器，还是只是为了勇敢地面对当今世界？)

There are several dozens of them, a list of which you can find on Wikipedia, but this doesn’t answer the above question…

它们有几十种，您可以在Wikipedia上找到它们的列表，但这不能回答上面的问题……

风险 (The Risk)

Any of the aforementioned browsers are complex pieces of software that provide you access to the Internet. And while surfing the World Wide Web, your browser interacts with other computers, exposing some information about itself to any site it visits. And this is where it gets complicated, as a combination of various browser settings can create your unique Device Fingerprint.

任何上述浏览器都是复杂的软件，可让您访问Internet。 在浏览万维网时，您的浏览器会与其他计算机交互，从而将有关自身的一些信息暴露给它访问的任何站点。 而且这变得很复杂，因为各种浏览器设置的组合可以创建您独特的设备指纹。

Wait, what? A fingerprint?

等一下 指纹？

A device fingerprint is information collected about a remote computing device for the purpose of identification. Fingerprints can be used to fully or partially identify individual users or devices even when cookies are turned off.

设备指纹是出于识别目的而收集的有关远程计算设备的信息。 即使关闭了cookie ，指纹也可以用来完全或部分识别单个用户或设备。

Source: Wikipedia

资料来源：维基百科

So, the bad news is that while surfing the Internet, you literally leave your digital fingerprints on each site you visit.

因此， 坏消息是，在浏览Internet时，您实际上会将数字指纹留在您访问的每个站点上。

The good news? Your device fingerprint can be not unique, if you change your settings to expose as little data as necessary to navigate.

好消息？ 如果更改设置以仅显示导航所需的数据，则设备指纹可能不是唯一的。

This is possible due to the fact that your device’s fingerprint is not a single piece of information, but is rather a set of different settings (e.g. your screen size, browser type, browser version, installed fonts, installed addons, etc.) that together can uniquely identify your browser.

这可能是由于你的设备的指纹不是单件的信息，相反却是一组不同的设置(例如屏幕尺寸，浏览器类型，浏览器版本，安装的字体安装插件等) 一起可以唯一地标识您的浏览器。

Remember the lady in red from The Matrix? She stands out because she has a very distinctive appearance in comparison to others around her. So it is with your browser — the more distinctive features it has, the easier it is to spot in the crowd.

还记得《黑客帝国》中的红色女士吗？ 她之所以能脱颖而出，是因为与周围的人相比，她的外表非常独特。 您的浏览器也是如此-浏览器越有特色，就越容易在人群中发现。

But if you dressed her in a black jacket and a white shirt, like the people around her, she wouldn’t stand out much.

但是，如果像她周围的人一样，穿着一件黑夹克和一件白衬衫给她穿衣服，她就不会显得特别突出。

There are more than a dozen pieces of information that your browser exposes about its settings, and our job is to make them as “common” as possible.

您的浏览器提供了许多关于其设置的信息，我们的工作是使它们尽可能“通用”。

Want to see what your device fingerprint is? Check out:

是否想查看您的设备指纹是什么？ 退房：

1. panopticlick.eff.org

   panopticlick.eff.org

2. amiunique.org

   amiunique.org

If you’ll choose panopticlick, you’ll see something like this:

如果您选择panopticlick，则会看到类似以下内容：

In the ”Browser Characteristic” column, you can find what type of information is being collected. Based on this information, your browser can be identified. Another interesting column is the “one in x browsers have this value,” which basically is the entropy of that browser characteristic. The smaller the number there the better, as it means that there are many other browsers with this exact setting.

在“浏览器特征”列中，您可以找到正在收集的信息类型。 根据此信息，可以识别您的浏览器。 另一有趣的列是“在x个浏览器中有一个具有此值” ，这基本上是该浏览器特征的熵。 数字越小越好，因为这意味着还有许多其他具有此精确设置的浏览器。

Also, above the table you can see how unique you are. The image above represent the results of the test run from my Chrome browser, which is not configured for keeping me private.

此外，在表格上方，您可以看到自己的独特性。 上面的图片代表了在我的Chrome浏览器中进行的测试结果，该浏览器未配置为不公开。

After tweaking some settings and installing some add-ons, here’s what you can achieve (this one’s from my Firefox browser, which I use on a daily basis):

调整了一些设置并安装了一些附加组件之后，您可以完成以下操作(这是从我每天使用的Firefox浏览器中完成的)：

Only 1-in-75,604 browsers from the panopticlick’s dataset have the same fingerprint as mine, which is much better (but not ideal).

panopticlick数据集中只有75,604个浏览器中的1个具有与我相同的指纹，这要好得多(但并不理想)。

解 (Solution)

The first thing is to select a browser. From a privacy perspective there are several of them that are widely recommended above others. Namely these are:

首先是选择浏览器。 从隐私的角度来看，其中有几个被广泛推荐。 即这些是：

1. Tor BrowserComes with pre-installed privacy add-ons, encryption and an advanced proxy. This one you can pretty much use as it comes out of the box.

1. Tor浏览器随附了预安装的隐私插件，加密和高级代理。 开箱即用，您几乎可以使用它。

2. Firefox Tweak the default configuration and install some privacy add-ons and you’re good.

2. Firefox调整默认配置并安装一些隐私加载项，一切都很好。

3. Brave Automatically blocks ads and trackers, making your navigation faster and safer.

3.勇敢自动阻止广告和跟踪器，使您的导航更快，更安全。

Configure your browser for increased privacyThere are 2 options here:

配置浏览器以提高隐私性这里有2个选项：

1. The easy path would be to follow the instructions here (only valid for Firefox, but you can search for similar settings in Chrome under “about:flags”).

   简单的方法是按照此处的说明进行操作(仅适用于Firefox，但您可以在Chrome中“ about：flags”下搜索类似的设置)。

2. If you’d like to have more flexibility and the possibility to have your privacy settings importable/exportable, check out the ghacks-user.js project on Github (also only for Firefox). It’s more comprehensive and requires some setup, but it’s worth it.

   如果您想拥有更大的灵活性，并且可以将隐私设置导入/导出，请查看Github上的ghacks-user.js项目(仅适用于Firefox)。 它更全面，需要进行一些设置，但这是值得的。

Setup additional add-ons for an increased privacyRead about this below.

设置其他附加组件以增强隐私性请阅读以下内容。

4.饼干 (4. Cookies)

Now probably you have heard about cookies on the web and that they are something not very good (otherwise why would sites inform you about their usage of cookies when you navigate to one of their pages?)

现在，您可能已经听说过Web上的cookie ，但它们不是很好(否则，当您导航到其页面之一时，为什么网站会通知您cookie的使用情况？)

The reality is that cookies are a nothing but a tool, and only some uses of this tool are questionable from a privacy standpoint.

现实情况是cookie只是一种工具，从隐私的角度来看，仅对该工具的某些使用有疑问。

So, cookies are small strings of text that a site can store in your browser. They cannot install anything (they are just text) and are visible only to the site that stored them (so that no site can see all of your cookies for 20 other sites you’ve visited).

因此，Cookie是网站可以在您的浏览器中存储的一小段文本字符串。 他们无法安装任何内容(它们只是文本)，并且仅对存储它们的网站可见(因此，没有网站可以看到您访问过的其他20个网站的所有cookie)。

Moreover, cookies are sent with each request and this is what makes them a potential threat to privacy.

此外， Cookie随每个请求一起发送 ，这使它们成为对隐私的潜在威胁。

Let’s take a simple example: suppose you visit a site that has light and dark themes. The default one is the light theme, but you’ve selected the dark one. Anytime you enter on that site, even if you don’t log-in or register, it displays the dark theme.

让我们以一个简单的示例为例：假设您访问的主题是浅色和深色的网站。 默认主题是浅色主题，但是您选择了深色主题。 每当您在该站点上输入时，即使您没有登录或注册，它也会显示深色主题。

In this case, the site could have saved a cookie in your browser theme=dark and whenever you load that site, this cookie is sent to the server, which then serves the corresponding .css file with the dark theme.

在这种情况下，该站点可能已经在您的浏览器theme=dark保存了一个cookie，并且每当您加载该站点时，该cookie就会发送到服务器，然后该服务器会为相应的.css文件提供深色主题。

The fact that you are constantly logged in on sites when you open them even after rebooting your computer is also possible due to cookies storing the data about your session.

即使在重新启动计算机后，即使在打开站点时仍会不断登录站点，这也可能是由于cookie存储有关会话数据的事实。

风险 (The Risk)

Now that was an innocent example, and it’s probably not very clear how one could benefit from these cookies. So let’s see another example that can infringe on our privacy:

现在这是一个无辜的例子，可能还不清楚如何从这些Cookie中受益。 因此，让我们来看另一个可能侵犯我们隐私权的示例：

Let’s see a specific example.

让我们来看一个具体的例子。

1. The User decides to visit siteA.com.

   用户决定访问siteA.com 。

2. SiteA.com, in order to make some money, shows ads from siteB.com, by placing a specific piece of code within its own pages.

   为了赚钱， SiteA.com通过在其自己的页面中放置特定的代码段来显示来自siteB.com的广告。

3. When siteA.com receives the request from User, it sends to him/her the HTML code of the page the User requested, which, in this case, contains an <iframe> HTML tag. This tag loads another page, the ad page, within the current one.
   当siteA.com收到来自用户的请求时，它将向他/她发送用户请求的页面HTML代码，在这种情况下，该页面包含<iframe> HTML标签。 此代码会在当前页面内加载另一个页面，即广告页面。

4. When the User’s browser receives the HTML code from siteA.com, it starts rendering the page and making subsequent requests to get everything that is needed to properly load the page. Thus, the browser will make a request to retrieve the ad from siteB.com, sending the cookies related to siteB.com. But because there are no cookies yet in User’s browser, siteB.com instructs the browser to store the cookie with key __uId and the value abc1.

   当用户的浏览器从siteA.com接收HTML代码时，它将开始呈现页面并进行后续请求，以获取正确加载页面所需的一切。 因此，浏览器将请求从siteB.com检索广告，并发送与siteB.com相关的cookie。 但是因为用户的浏览器中还没有cookie，所以siteB.com指示浏览器使用键__uId和值abc1存储该cookie。

   At the same time, siteB.com creates a profile in their database with

   同时，siteB.com在其数据库中使用

   abc1 ID, which will collect all the data about our User. It does so with the help of the Referer header, which contains the URL that initiated the request. In this case, the Referer Header would have the value www.siteA.com.

   abc1 ID，它将收集有关我们用户的所有数据。 它是借助Referer标头实现的， Referer标头包含启动请求的URL。 在这种情况下，“引荐来源标头”的值将为www.siteA.com 。

5. After some time (or right after siteA.com) the User navigates to siteC.com.
   一段时间后(或紧接siteA.com之后)，用户导航到siteC.com。
6. SiteC.com, which is completely unrelated to siteA.com, shows ads from the same advertising company (siteB.com).
   与siteA.com完全无关的SiteC.com会显示来自同一广告公司(siteB.com)的广告。

7. When the browser receives the HTML code for siteC.com and makes a request to retrieve the ad from siteB.com, this time it automatically sends the cookie __uId=abc1 to siteB.com, which is User’s unique identifier. This, together with the Referer Header that now contains the value www.siteC.com , tells siteB.com that the User is already in their database. So they update his/her profile with the latest visited website, which is siteC.com.

   当浏览器收到siteC.comHTML代码并请求从siteB.com检索广告时，这一次它将自动将cookie __uId=abc1发送到siteB.com，这是用户的唯一标识符。 这与现在包含值www.siteC.com的Referer Header一起，告诉siteB.com用户已经在其数据库中。 因此，他们使用最近访问的网站siteC.com更新了他/她的个人资料。

And thus, bit by bit, advertising companies collect tons of data about people’s online activities.

因此，广告公司会一点一点地收集有关人们在线活动的大量数据。

解 (Solution)

Here you have 3 possible options:

在这里，您有3种可能的选择：

• Completely disable cookies (but this will break some sites and they won’t work). This can be done in browser settings;

  完全禁用cookie(但这会破坏某些站点，它们将无法工作)。 这可以在浏览器设置中完成。

• Limit the cookies to “first party,” which means only the site you are currently navigating to will be able to write cookies into your browser and no other “third-party” cookies from ad companies will be used (this may still break some sites, but very few). This also can be done in browser settings;

  将Cookie限制为“第一方”，这意味着只有您当前导航到的网站才能将Cookie写入浏览器，而不会使用广告公司的其他“第三方” Cookie(这可能仍然会破坏某些网站，但很少)。 这也可以在浏览器设置中完成。

• (Recommended approach) Install an add-on that will handle cookies, with custom rules defined per each site (this approach requires some setup, but is the most flexible).

  (推荐方法)安装一个可处理Cookie的加载项，并为每个站点定义自定义规则(此方法需要一些设置，但最灵活)。

You can find some add-on recommendations at the end of the article.

您可以在本文末尾找到一些附加建议。

5.脚本 (5. Scripts)

Sadly, the saying “with great power comes great responsibility” is not very popular among today’s corporations…

可悲的是，在当今的公司中， “强大的力量伴随着巨大的责任”这一说法并不流行。

JavaScript is the quintessential building block of websites as it offers many possibilities to do various things. You can build games, engaging interactions, animations, and a myriad of other cool stuff on a web page.

JavaScript是网站的典型组成部分，因为它提供了做各种事情的许多可能性。 您可以在网页上制作游戏，进行互动，制作动画以及其他许多有趣的东西。

JavaScript can also get your screen size, battery charge level (in case of laptops), list of installed add-ons on your browser and other information that can be used to uniquely identify you.

JavaScript还可以获取屏幕尺寸，电池电量(如果是笔记本电脑)，浏览器上已安装的附件列表以及可用于唯一标识您的其他信息。

风险 (The Risk)

So what happens on many sites that you visit? In order to make money, site owners put scripts of ad companies on their sites and once you load the page, the browser loads third-party scripts as well. Those scripts then extract the potentially identifying information about you and send it over to ad companies along with your actions on the page you loaded.

那么在您访问的许多站点上会发生什么？ 为了赚钱，网站所有者在其网站上放置了广告公司的脚本，一旦您加载了页面，浏览器也会加载第三方脚本。 然后，这些脚本提取有关您的潜在标识信息，并将其与您在所加载页面上的操作一起发送给广告公司。

Of the many types of information that JavaScript can get about your browser, its Canvas Fingerprint is by far the most powerful, as it provides the most entropy. It mainly does so because several factors that can greatly vary, like your GPU, graphic drivers, OS and browser, all contribute to its creation.

JavaScript可以获取有关您的浏览器的多种信息，其中包括Canvas Fingerprint 到目前为止，它是最强大的，因为它提供了最熵。 之所以这样做，是因为GPU(图形处理器)，图形驱动程序，操作系统和浏览器等多种因素都可能对其产生很大影响。

Thus, bit by bit, companies collect information about your actions, sites you visit, and your clicks, and create your digital profile based on which tailored ads are served to you. This is further adjusted by your continuous actions on the Internet.

因此，公司会一点一点地收集有关您的操作，您访问的网站以及您的点击的信息，并根据向您投放量身定制的广告来创建您的数字资料。 您可以通过在Internet上持续执行操作来进一步调整。

解 (Solution)

Disabling JavaScript is not a solution, as you won’t be able to use half of the sites on the Internet. However, what you can do is block scripts from specific vendors so that they won’t load with the page and block requests to ad companies with potentially identifiable information. There are several add-ons described in the part 6 below.

禁用JavaScript不是解决方案，因为您将无法使用Internet上的一半站点。 但是，您可以做的是阻止来自特定供应商的脚本，这样它们就不会加载该页面，并阻止具有潜在可识别信息的广告公司的请求。 在下面的第6部分中描述了几个附加组件。

6.杂项和附加组件 (6. Miscellaneous and Add-ons)

The above steps are fundamental for online privacy, but, unfortunately, they are not sufficient — there are still enough bits of information that sites can collect and use to construct someone’s digital profile.

上述步骤是实现在线隐私的基础，但遗憾的是，这些步骤还不够—网站仍然可以收集和使用足够的信息位来构建某人的数字资料。

In this section, you will find a list of basic add-ons for Firefox Quantum (version ≥ 57) that will let you browse safely. In case you’ve chosen another browser, you can search for alternatives in their corresponding add-on lists.

在本节中，您将找到Firefox Quantum (版本≥57)的基本加载项列表，可以安全浏览。 如果您选择了其他浏览器，则可以在其相应的加载项列表中搜索替代项。

Please note that this is by no means an exhaustive list, so feel free to add your suggestions in the comments. Also, some features might be present in more than one add-on, which for most cases won’t cause any conflicts, but just be aware that sometimes things might not work. That’s why I would recommend installing them one by one and loading several pages to test whether everything works as expected.

请注意，这绝不是详尽的清单，请随时在评论中添加您的建议。 此外，某些功能可能会出现在多个插件中，这在大多数情况下不会引起任何冲突，但要注意，有时情况可能不起作用。 这就是为什么我建议一个接一个地安装它们并加载几页以测试一切是否按预期工作的原因。

So, here we go:

所以，我们开始：

1. Cookies

1.饼干

There are plenty of add-ons in this category. I personally use Cookie AutoDelete, but you might like something else. Just activate it to delete the cookies either on closing the browser, or once a predefined period of time has elapsed.

此类别中有很多附加组件。 我个人使用Cookie AutoDelete ，但您可能还需要其他东西。 只需在关闭浏览器时或在经过预定时间后激活它即可删除cookie。

Thus, sites and ad providers won’t be able to track you easily with cookies, as for them you’ll be like a new visitor each time you visit a site. The other side of the “privacy blade” is that you’ll have to log-in each time you open the browser, because the session cookies will also be deleted.

因此，网站和广告提供商将无法使用Cookie轻松跟踪您，因为对于Cookie而言，您每次访问网站时都会像新访客一样。 “隐私刀片”的另一面是，每次打开浏览器时都必须登录，因为会话cookie也将被删除。

It might be a bit annoying, but hey, nobody told you it would be daisies.

可能有点烦人，但嘿，没人告诉您这将是雏菊。

2. Script Blockers

2.脚本阻止程序

There are several popular add-ons to block unnecessary tracking scripts (in no particular order): uMatrix, NoScript, uBlock Origin, AdBlock, and others.

有几种流行的加载项可以阻止不必要的跟踪脚本(无特定顺序)： uMatrix ， NoScript ， uBlock Origin ， AdBlock等。

The first two provide you with more flexibility, but require some learning and setup. By default they “break” lots of sites, as they simply block all scripts and you need to define some rules regarding what to allow and what to block. Personally, I used both NoScript and uMatrix but prefer uMatrix (currently using it).

前两个为您提供了更大的灵活性，但是需要一些学习和设置。 默认情况下，它们“破坏”了许多站点，因为它们仅阻止所有脚本，并且您需要定义一些有关允许和禁止哪些内容的规则。 就个人而言，我同时使用了NoScript和uMatrix，但更喜欢uMatrix(当前正在使用它)。

The uBlock and AdBlock are best if you don’t want to spend time learning how they work and just want to start navigating more securely. These work out of the box, but sometimes may provide less privacy than uMatrix or NoScript.

如果您不想花时间学习它们的工作原理，而只是想更安全地进行导航，则uBlock和AdBlock最好。 这些功能开箱即用，但有时提供的隐私性低于uMatrix或NoScript。

3. User Agent

3.用户代理

There are also plenty of add-ons on User Agent header switcher (that’s the information about what Operating System and Browser you are using).

User Agent标头切换器上还有很多附加组件(即有关您所使用的操作系统和浏览器的信息)。

The problem is that there are so many OS and browser versions, that this header alone can be a useful source of information for those who want to identify you.

问题在于操作系统和浏览器版本太多，仅此标头就可以成为想要识别您身份的人的有用信息源。

The purple color on the OS chart are iOS versions. According to this chart, the most common operating system is Windows 7. The situation is not that “common” on the browsers side, as the vendors are literally stamping new versions like hotcakes:

OS图表上的紫色是iOS版本。 根据此图表，最常见的操作系统是Windows7。这种情况在浏览器端并不常见，因为供应商实际上是在盖章印制新的版本，例如热蛋糕：

On the left you can see Firefox browser version distribution among people in the amiunique.org dataset, and on the right there is Chrome browsers distribution.

在左侧，您可以看到amiunique.org数据集中各人之间的Firefox浏览器版本分布，在右侧 ，是Chrome浏览器分布。

I don’t have a strong favorite for this feature. Currently I use User Agent Switcher, as it allows you to set your own custom User Agent header value as well as it has a random mode which switches between different user agents in time.

我对此功能没有强烈的偏爱。 当前，我使用User Agent Switcher ，因为它允许您设置自己的自定义User Agent标头值，并且它具有随机模式，可以在不同的用户代理之间及时切换。

4. Encrypted Browsing

4.加密浏览

Have you spotted that some URL addresses start with http:// and some start with https://? HTTP stands for HyperText Transfer Protocol, which is the protocol that defines how computers communicate over the Internet.

您是否发现某些URL地址以http://开头，而某些地址以https://开头？ HTTP代表超文本传输​​协议，该协议定义了计算机如何通过Internet通信。

Add Secure at the end and you’ll know what HTTPS stands for. When you access a site that starts with https://, the contents of the requests you make are encrypted, making it very hard to understand what are you sending even if someone intercepts the request.

最后添加安全 ，您将知道HTTPS代表什么。 当您访问以https://开头的网站时，对您发出的请求的内容进行加密，即使有人拦截了该请求，也很难理解您发送的内容。

Sadly, not all sites implement automatic redirection of HTTP links to HTTPS links, making your online navigation visible for those who may intercept your traffic.

遗憾的是，并非所有站点都实现将HTTP链接自动重定向到HTTPS链接的功能，从而使那些可能拦截您流量的人可以看到您的在线导航。

Luckily, HTTPS Everywhere solves that problem and automatically redirects you to the encrypted version of the sites (if these exist).

幸运的是， HTTPS Everywhere解决了该问题，并自动将您重定向到站点的加密版本(如果存在)。

5. Canvas Fingerprinting

5.画布指纹

There are two solutions to approach canvas fingerprinting:

有两种解决方案可用于画布指纹识别：

1. Block any attempt this API.2. Alter the resulting fingerprint each time it is accessed.

1.阻止此API的任何尝试2。 每次访问时都要更改最终的指纹。

In the long run, the first option is best, as it doesn’t provide additional information. However, because few people are aware of it and have chosen to block canvas API, the lack of a canvas fingerprint in your browser is in itself a source of identifying information about you.

从长远来看，第一种选择是最好的，因为它不提供其他信息。 但是，由于很少有人意识到这一点，因此选择阻止画布API， 因此浏览器中缺少画布指纹本身就是识别有关您的信息的来源。

The other option is to alter the canvas fingerprint and occasionally change it, so that each time you will have a different fingerprint, as though different people were navigating.

另一个选择是更改画布指纹并偶尔更改它，以便每次您都有不同的指纹，就像不同的人在导航一样。

For this purpose CanvasBlocker works pretty good. It has both described options and it’s up to you to decide which one to choose.

为此， CanvasBlocker效果很好。 它既描述了选项，又由您决定选择哪个。

6. Referer Header (without double ‘r’)

6.引荐标题(不带双“ r”)

This header is sent with each request, indicating from where that request came (which site has referred the page you’re requesting). It can be used to track your online navigation and to see which sites you access from which sites.

该标头随每个请求一起发送，指示该请求来自何处(哪个站点引用了您所请求的页面)。 它可用于跟踪您的在线导航并查看您从哪些站点访问哪些站点。

But it can be altered to hide your online navigation routes for your eyes only (or whoever is using your computer as well).

但是，可以对其进行更改以仅隐藏您(或使用计算机的人)的在线导航路线。

If you’ll use the aforementioned uMatrix add-on, it comes with Referer Header spoofing. Otherwise, just search for “referer spoof” among the add-ons of your browser and choose one.

如果您将使用前面提到的uMatrix插件，则它带有Referer Header欺骗。 否则，只需在浏览器的附件中搜索“引荐来源的欺骗”，然后选择一个即可。

7. Link Cleaner

7.链接清理器

The Referer Header is an advanced way to get to know where the person came from, but one of the most common approaches to tracking your engagement is Query String parameters. These parameters are parts of URLs that come after the ? character and they hold various types of data.

Referer Header是了解此人来自何处的一种高级方法，但是最常用的跟踪参与度的方法之一是Query String parameters 。 这些参数是URL后面的部分? 字符，它们保存各种类型的数据。

Take this link: http://meyerweb.com/eric/thoughts/2017/03/07/welcome-to-the-grid/?utm_source=frontendfocus&utm_medium=email&page=2

采取此链接： http : //meyerweb.com/eric/thoughts/2017/03/07/welcome-to-the-grid/？ utm_source = frontendfocus＆utm_medium = email＆page = 2

The key=value pairs on the right of the ? character are query parameters. When you click on such a link, the values of query parameters are sent to the server.

?右侧的键=值对? 字符是查询参数。 当您单击这样的链接时，查询参数的值将发送到服务器。

Have you ever wondered what are the utm_medium and other related utm_* parameters in URLs mean? These are related to Google Analytics.

您是否想知道URL中的utm_medium和其他相关的utm_*参数是什么意思？ 这些与Google Analytics(分析)有关。

Not all query parameters are infringing on privacy. Some of them are necessary for the site to work properly (e.g. the page parameter).

并非所有查询参数都侵犯隐私。 为了使站点正常工作，其中一些是必不可少的(例如， page参数)。

You can use Link Cleaner which will remove most of the query parameters used for tracking.

您可以使用链接清除程序 ，该链接清除程序将删除大多数用于跟踪的查询参数。

后续步骤 (The Next Steps)

I tried to cover the main aspects of online privacy that should lay a solid foundation for further investigation and learning about this topic.

我试图介绍在线隐私的主要方面，这些方面应为进一步调查和学习此主题奠定坚实的基础。

But there is so much to privacy that it’s hard to cover everything in one article, and there are things that haven’t been mentioned. Feel free to add them in comments so that those people who want to learn even more will have the chance to do it!

但是隐私太多了，很难在一篇文章中涵盖所有内容，而且有些事情没有被提及。 随时在评论中添加它们，以便那些想学习更多的人有机会这样做！

Also, I have mainly focused on safe and private browsing on the Internet, but privacy should be a thing to consider for each of the online services we use as well, including email, file sharing and other services we use on a daily basis.

另外，我主要关注Internet上的安全和私人浏览，但是对于我们也使用的每个在线服务，包括电子邮件，文件共享和我们日常使用的其他服务，隐私都应该考虑。

And remember: It’s one thing to consciously share our information with others and it is completely different to have sensitive information collected without our knowledge and consent.

请记住：有意识地与他人共享我们的信息是一回事，而在没有我们的知识和同意的情况下收集敏感信息则完全不同。

Stay private!

保持私密！

有用的链接 (Useful Links)

PrivacyTools — a comprehensive resource on privacy. Contains links and recommendations to service providers as well.

PrivacyTools-有关隐私的全面资源。 还包含指向服务提供商的链接和建议。

BrowserLeaks — makes analysis of your browser on several dimensions related to privacy, including IP addresses, canvas fingerprinting, Flash and more.

BrowserLeaks-在与隐私相关的多个维度上对浏览器进行分析，包括IP地址，画布指纹，Flash等。

Panopticlick — checks how safe is your browser against tracking and comes with a report on the things that reveal the most information about you.

Panopticlick-检查您的浏览器在跟踪时有多安全，并附有一份报告，可揭示有关您的最多信息。

AmIUnique — an alternative to Panopticlick. Has some general statistics about their dataset as well.

AmIUnique -Panopticlick的替代品。 也具有有关其数据集的一些常规统计信息。

Firefox Hardware Report — a weekly report of the hardware used by a representative sample of the population of the Internet.

Firefox硬件报告 -每周一次的Internet人口代表性样本使用的硬件报告。

Screen Resolution tracking — an interesting thread on how the browser/screen size can let you down.

屏幕分辨率跟踪 -有关浏览器/屏幕尺寸如何使您失望的有趣话题。

Firefox getting smarter about Third-Party Cookies.

Firefox越来越了解第三方Cookie 。

If you found this article useful, please give it some claps so that other people can also learn about their privacy online. Thanks!

如果您觉得这篇文章有用，请鼓掌，以便其他人也可以在线了解他们的隐私。 谢谢！

翻译自: https://www.freecodecamp.org/news/the-beginners-guide-to-online-privacy-7149b33c4a3e/

app 隐私 自我评估指南