Quiet Time

Whether you do your business with Microsoft, Apple, Google, or Facebook, large IT companies are eager to collect any information that you happen to toss their way. It is not for charity that corporations operate their own webmailers, search engines, network storage, and online communities: The data from these services can deliver highly-targeted advertising worth billions of dollars.

But it isn't just the big high-profile companies that are testing the limits of user privacy. For example, a smartphone app by a Spanish pay TV provider secretly enabled the GPS function and the microphone of the device and transmitted data (in a poorly anonymized form) to the company's servers. The TV station wanted to identify football bars that broadcast the game without paying royalties, and they enlisted thousands of unwitting football fans as involuntary undercover spooks [1].

Today's devices and Internet services are quite complicated, and unless you wrote the software yourself, you can never be totally sure exactly what it is doing. This article introduces you to some small hacks that you can use to secure your online privacy in just a few easy steps without having to do anything drastic like encrypting you hard drive (which, by the way, only protects you if your computer is not running).

Disabling the Webcam and Microphone

A computer's webcam and microphone are often abused for attacks and privacy violations. Thanks to modern web technology such as HTML5 with WebRTC [2], a browser is all it takes to transfer the image and sound from your living room to the web. For example, video chats with AppRTC [3] can be handled directly in the browser (Figure 1); a web page could also tap the webcam for other purposes.

Figure 1: Thanks to WebRTC, Skype is no longer necessary: HTML can access a computer's webcam, which has led many users to protect their privacy by covering the lens.

Although a browser requires the user to confirm that the website is allowed to enable the webcam and microphone, errors (on the part of developers, as well as users) occur from time and time again. And with a locally installed application – installed voluntarily or by a trojan – you might not even be prompted to confirm. Apart from a small light in the bezel, there is usually nothing to indicate that the device is recording. With some devices, the program can even turn off the webcam LED.

With a classic desktop PC, you can usually simply unplug the camera and microphone to stop the possibility of video spying. This solution is not available for portable systems with integrated input devices. Users with laptops and smartphones therefore often apply stickers to the webcam and the internal microphones. Even Facebook founder Marc Zuckerberg demonstrated this practice [4] (but probably by mistake).

Alternatively, you can disable the webcam in the system settings – so that programs can no longer call it. On Linux, you have to disable the uvcvideo kernel module, which is normally loaded automatically at boot time. In principle, you can do this manually (Listing 1, line 1), but very often, some program will have claimed the module (line 2), forcing you to go for the heavy artillery (line 3). Applications such as Cheese will then no longer find a webcam on the system (Figure 2). If necessary, you can reload the module later (line 4). You will need administrative privileges on the system for all of these commands.

Figure 2: If the kernel driver for the webcam is missing, no image from the camera is displayed. You can save yourself the workaround of an ugly sticker on the lens.

To prevent the Linux system from loading the kernel module responsible for the webcam, add it to the /etc/modprobe configuration file with the blacklist option in the /etc/modprobe.d/blacklist.conf configuration file (Listing 2). If the file does not yet exist on your computer, simply create it. Theoretically, you are free to choose the name, such as disable-webcam.conf; the only important thing is the file extension .conf. After a restart, the webcam should not work, which you can test with Cheese or Skype. If necessary, load the kernel module manually, as shown in the last line of Listing 1.

Things are a little different with a microphone built into the device. Theoretically, as with a webcam, you need to disable the necessary kernel module, which you can determine quite easily using cat/proc/asound/modules (Listing 3). However, switching off snd_hda_intel not only takes down the microphone, but also the entire internal sound card. In this case, therefore, you need to compromise between sound or perfect privacy. If necessary, you could still connect a USB headset (even with an integrated microphone) – these devices use the snd_usb_audio kernel module.

Alternatively, you should also scan the BIOS or UEFI for an option to disable the integrated devices. Working at the BIOS or UEFI level gives you even more security: Theoretically, a blacklist created through the operating system can be reversed by software running with administrative privileges.

Securely Deleting Files

The old adage "gone is gone" is true in a buffet line, but not for computers. If you delete a file using the file manager, it does not exactly disappear. In most cases, it falls into the recycle bin, from which it can be quickly restored. But even if you empty the trash, the supposedly deleted data can still be reconstructed.

How much effort it takes to truly delete a file depends on how much data was written onto the medium and which filesystem is used. On FAT partitions, only the reference to the location of the file is actually removed during the so-called "deletion." The data, therefore, will be lost to the operating system, but it will still exist on the data carrier.

If you want to share hard disks, memory cards, or USB sticks with third parties, you need to delete the private data stored on them securely. Linux supports two console tools, shred (often installed on the system by default via the coreutils package) and Wipe – both of which securely delete files, directories, or entire partitions. In practice, however, you will rarely want to launch a terminal to wipe a file off your hard disk.

Alternatively, file managers can be equipped with similar functions. For example, the Gnome Files manager (formerly Nautilus) has Nautilus Wipe [5], an extension that lets you securely delete files with a single mouse click (Figure 3). Nautilus Wipe is often used with a privacy- and security-conscious Live distribution such as Tails [6].

Figure 3: Nautilus Wipe is an extension that securely deletes files in Gnome Files.

After installing the package (Ubuntu calls the package nautilus-wipe, and Arch has the same extension with the same name in the AUR), restart the file manager by running the nautilus -q command . Two new options are then available in the context menus of files and folders. The first (Secure Delete) overwrites the objects selected in the file manager with random data. The application lets you choose the number of deletion passes (Figure 4). Two passes are typically sufficient; further repetitions do not improve security.

Figure 4: As a rule, it is sufficient to overwrite the data twice.

After that you should also use the second option, Secure deletion of available disk space, which overwrites the space marked as free on the partition and ensures that backup copies and shadow files of the previously edited documents are securely overwritten and thus permanently deleted. See the "Secure Deletion on SSDs" box for more information on deleting data stored on flash memory devices.

Canonical Phone Home

In Ubuntu 18.04, Canonical introduced Ubuntu Welcome, a feature that sends a whole bundle of hardware and metadata to the manufacturer the first time the user logs onto the system [7]. This data includes information about the Ubuntu version, the computer's hardware equipment (CPU, GPU, RAM, screens), the location (based on the locale settings chosen during the install), and a number of other settings. You can view this data by clicking on the Show the First Report button. By switching to No, don't send system info, you can prevent the system from sending any data to Canonical (Figure 5).

Figure 5: Since Ubuntu 18.04, Canonical has tried to collect telemetry data from users. To find out what is transmitted, click on Show the First Report.

By switching to the Gnome desktop, Canonical has not only abandoned its own Unity desktop, but also an additional source of revenue that has caused the company much trouble in the past. In Ubuntu 12.10, developers integrated a shopping function that displayed goods and media from the Amazon catalog in the Unity dashboard to match the input. A click on one of the hits took the user to the Amazon portal, and after a purchase, commission was paid to Ubuntu's vendor. In addition, the developers initially implemented the feature so that both Canonical and Amazon were aware of all input in the Dash.

In Ubuntu 18.04, only an Amazon starter icon reminds users of this past feature (see Amazon icon on the left in Figure 6). A click on the icon loads the /usr/share/ubuntu-web-launchers/amazon-launcher script, which determines the location of the user via the public IP address and opens the country-specific Amazon page in the browser. It attaches an affiliate tag to the link, so that a share of the sales is assigned to Canonical if you make a purchase. Private data is not routed via the web; similar links are also used by numerous website operators and bloggers on the Internet (but most of them are clearly marked as ads).

Figure 6: You can completely delete Amazon affiliate links and the often verbose bug reporting from the Ubuntu system.

You can simply delete the icon from the sidebar using the context menu and the Remove from Favorites option. The Amazon entry will still appear in the application menu. But if you uninstall the ubuntu-web-launchers package with the package manager (Listing 4, first line), the Amazon icons disappear completely from the system, also for all user accounts created on the system.

Another feature that many users disable due to privacy concerns is the automatic submission of crash reports to Canonical. As a rule, such reports do not contain any personal data, but you can't really be sure [8]. Therefore, check whether automatic Problem reporting is enabled below Settings | Privacy. If in doubt, remove the whoopsie package to throw the background service off the system (Listing 4, last line).