UR Blog

Privacy and security | UR Browser

Month: February 2017

Big Privacy Update

Version 55.1.2883.X. (PC)

This beta is filled with tons of privacy improvements and security upgrades. This update effectively cuts off all third-party tracking and reporting to Google that is native to Chromium.

To get the new beta, please uninstall your current version of UR and download the new beta from the website. (PC only – Mac version coming soon!)

Quick backstory: Google created Chromium, an open source browser project. Lots of browsers are built with this code because it’s very secure and frequently updated with security patches.

There’s a catch, though…Chromium began as an open source browser project within Google (this code is also behind many other browsers: Chrome, Opera, Yandex and more). Because of this, there are lots of built-in features, monitors and services that report back about you’re doing and where you are—and often. Your browsing data can then be used to serve you more targeted ads and to track you as you surf the web.

In this update, UR has cut out all tracking and reporting so you can enjoy a secure browser all the while protecting your privacy. Generally, browsers “out-of-the-box” purposely leave reporting on by default. UR has made privacy the default mode—anything that could compromise your privacy is disabled by default. You can, of course, change this in the Settings.

New features in this beta:

  • Third-party cookies blocked by default
  • Site data (cookies, local storage, etc.) only kept until exit, by default
  • Passwords not stored by default
  • Autocomplete prediction service disabled
  • RSA keysize increased to 2048 bits for self-signed certificates
  • Qwant is now our default search provider
  • Always send “Do-Not-Track” header

See the exhaustive list here.

 

Exhaustive List of Privacy Features in UR

UR is based on Chromium, a secure and continually-updated code that we know well. However, it calls home to Google a bit too much for our liking. We’ve fixed that!

Here is the exhaustive list of modifications we have made to Chromium to protect your privacy while you browse:

Privacy improvements

  • Block third-party cookies by default
  • Passwords not stored by default
  • Site data (cookies, local storage, etc.) only kept until exit, by default
  • Disable autocomplete prediction service when typing in Omnibox
  • Always send “Do-Not-Track” header
  • Disable “Use a web service to help resolve navigation errors”
  • Disable by default Network/DNS prediction
  • Disable by default input form autofill
  • For IPv6 probes, use a DNS root server instead of Google
  • Disable cookies for Safe Browsing background requests
  • Disable autofill download service
  • Disable the battery status API

Other privacy features

  • Qwant is default search provider
  • Let user confirm downloading translation dictionaries from Google
  • Don’t ask to send settings to Google by default on profile reset

Other disabled features

  • Disable background mode
  • Disable EV certificates, so they are shown just like “normal” certificates
  • Disable Google cloud printing
  • Disable Google hot word detection
  • Disable Google experiments status check
  • Disable Google translation service
  • Disable Google promotion fetching
  • Disable Google Cloud Messaging (GCM) status check
  • Disable Google Now
  • Disable automatic update check
  • Disable profile-import on first run

Networking Changes

  • Link auditing (<a ping=”…”>) disabled by default
  • Network/DNS prediction disabled by default

Security Improvements:

  • RSA keysize doubled to 2048 bits

 

This post will be updated to reflect the current development of UR. 

How Trump’s Executive Order Affects EU-US Privacy Rights

Donald Trump

What does the Trump Administration mean for the EU-US Privacy Shield?

 

It’s no secret that the Trump administration is causing a big stir in the global, political soup. Initially enacted in July 2016, the EU-US Privacy Shield set out to regulate what data can be shared between businesses on both sides of the Atlantic Ocean and how that data can be utilized. It is inherently designed so data protection laws can be sustained between European Union member states and the United States.

What is the Privacy Shield?

The Privacy Shield is crucial for both American and European businesses to guarantee citizens of both countries to have protected transfer of data that it is not subject to mass surveillance. The European Commission outlines it in their Citizen’s Guide:

“The Privacy Shield allows your personal data to be transferred from the EU to a company in the United States, provided that the company there processes (e.g. uses, stores and further transfers) your personal data according to a strong set of data protection rules and safeguards. The protection given to your data applies regardless of whether you are an EU citizen or not.”

On January 25th, just a few days into his presidency, Trump signed an Executive Order ensuring that “…privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information.”

The new administration brings up questions concerning privacy and what this means for technology companies based in the US.

Read more on TechCrunch.

With its headquarters in Europe, UR abides by strict EU laws which strongly favor user privacy. Your private data is yours—nothing is collected or stocked. Learn more here.

Image credit: Wikimedia Commons

Shield: Look For the Colors to Stay Safe

With Shield, use the colors to protect you while you browse!

Cross-Device Targeting and Those Shoe Ads That Won’t Go Away

Do you know why the shoes you looked at on Amazon suddenly appear on different sites around the web, even from your computer to smartphone?

Researchers from the School of Information Studies (iSchool) recently published a study that uncovers the general public’s blindness towards online behavioral advertising and the privacy implications behind information that advertisers collect.

converse-shoes

You didn’t buy them and now they’re going to follow you everywhere.

Consumers are generally in the dark not only about how much they are being tracked online but exactly how it works.

According to the research, a sweeping two-thirds of consumers did not realize that most online advertising involved third-party cookies. This research demonstrated that consumers are not well informed enough about just what types of information are being collected about them.

“These guys [third parties] have an agreement with Amazon, they are like, ’Oh, I’m just going to take information from this guy’. Facebook gets money by displaying the ads sent by these guys [third parties]…this branch [third parties] allows that to happen. So in a way it is a neutral third party.”

– One research participant, when explaining how she believes third-party cookies to operate

Advertisers are increasingly employing cross-device tracking, which presents additional privacy and security risks. Cross-device tracking actually allows ad companies and publishers to construct a consumer’s profile based on their activity throughout computers, tablets, smartphones, smart watches and various IoT devices.

What is cross-device tracking? 

Also referred to as cross-device targeting, this is in fact several different methods that are used to identify and track you across multiple devices—smartphones, tablets and desktop computers. The goal of this is to match your browsing data on one device with another. For example, knowing that Tablet X and Computer Y are the same person.

Publishers, platforms and ad tech companies want to know as much about you as possible, so they can target you across multiple screens. Imagine shopping for sunglasses on your computer, seeing an ad for them later on your tablet, and then receiving a text message with a special promotional code on your smartphone.

Offline data is often combined with online data to reveal consumer tendencies such as browsing history, physical location, retail purchases, watched TV programs, vacation plans and so on. This study confirmed that the majority of the people are more concerned about what types of personal information are being collected on them, rather than who is doing the collecting. The fear of consumer data falling into the hands of those with malicious intentions alludes to why consumers block advertisers and advertising networks from their browser in the first place.

While some advertising companies already offer the ability to reject behavioral targeting, internet users are generally not given any indication that they are being tracked, let alone how. If these blocking tools operated on an information-based blocking model, rather than a tracker-based model, consumers could decide the information to share, and advertisers could still receive some data from consumers, which would help them correctly target ads. It is indeed a compromise, yet it yields benefits to both parties involved.

Read the entire study here.

If you’re concerned about your online privacy, you’re not alone. UR is a web browser created specifically to keep your online data private and safe. Learn more here.

Sources

Federal Trade Commission, https://www.ftc.gov/system/files/documents/public_comments/2016/10/00030-129045.pdf

AdExchanger, https://adexchanger.com/data-exchanges/2016-edition-marketers-guide-cross-device-identity/ 

AdTriba, https://blog.adtriba.com/2016/06/28/cross-device-tracking-and-marketing-attribution/

Top 5 Malware Threats To Watch in 2017

Cisco recently published their Annual Cybersecurity Report and presented the most common malware threats.

Top 5 Most Commonly Observed Malware: 

1. Reconnaissance: attackers look for vulnerable spots in internet infrastructure or network weaknesses that will allow them to gain access to users’ computers and, ultimately, to infiltrate organizations.

2. Suspicious Windows binaries and potentially unwanted applications (PUAs): suspicious Windows binaries deliver threats such as spyware and adware. Malicious browser extensions are an example of PUAs.

3. Facebook scams: include fake offers and media content, along with survey scams. With nearly 2 billion monthly users, Facebook is the perfect territory for cyber criminals.

4. Trojan Downloader: opening links in spam emails or downloading an image in emails, which can attach to the victim’s computer.

5. Browser redirection malware: these infections can expose users to malicious advertising (malvertising), which attackers use to set up ransomware and other malware campaigns.

Read the entire Cisco report here (email required)

So, how to prevent malware?

Install a reputable antivirus software

It goes without saying that you should invest in a good antivirus software. Read reviews and decide on one that matches your needs and price range. It will be money well spent—believe us, getting rid of viruses can be more costly in the end!

Stay on top of those updates
Regularly check for updates not only for your computer, but also for your antivirus software. Updates are often security patches to keep you safe in between large updates. It is important to have these so your computer is protected from potential threats.

Secure your network
You’ve heard it before—strong passwords are really important! You should never have an unprotected wifi network at home. Opt instead for a WPA or WPA2-encrypted password. For optimal security, use a VPN when you visit websites to create an encrypted “tunnel” between your browser and websites.

Think before you click
Avoid websites that provide illegal and pirated material. If you receive email attachments from an unknown sender, do not open them. Bright “Download” buttons should be avoided, as they often lead to malicious software. One last trick: hover over a link and look in the bottom left corner of your browser to see where it’s really leading you.

Backup your files in multiple places
No one wants to think about it, but you should prepare for losing your data, even if you are safe online. Keep your files in multiple places—on a external hard drive, in a secure backup cloud, or even at a friend’s house.

If you’re concerned about your online privacy, you’re not alone. UR is a web browser created specifically to keep your online data private and safe. Learn more here.

Update: Homescreen, Qwant & News

Beta 51.1.2704.52

Homescreen:

  • Updated UI: minimalist theme, easier to navigate
  • Sidebar replaced with buttons in upper right corner
  • News widget redesigned—now with infinite scrolling!
  • Customization widget now lets you change wallpapers without going to the full catalog

News:

  • UR News page is now live—the news widget on the Homescreen pulls stories from here. All news agencies have been screened, and the news only comes from reputable sources (BBC, Agence France Presse, Reuters and more).

Search:

  • Qwant is now the default search engine—another company that respects user privacy!

Downloader:

  • You can now see where your downloads are located – simply click on the folder icon.

+ Lots of bug fixes

UR should roll out the beta updates automatically, but if you want to be sure to have it, uninstall your current version and go to the website to re-download the beta.

Got a problem? Contact us in our beta tester group, on our Facebook page or on Twitter.

How a VPN Can Help Protect Your Privacy

It's like an online seatbelt

Protect your online traffic with a VPN.

What is a VPN?

A Virtual Private Network (VPN) is a group of discrete, private networks linked together over a public network—namely, the internet. For anyone who is concerned about keeping his or her online data private, a VPN is a must-have.

A VPN scrambles all the data that passes through the networks by acting as a secure “tunnel” between your computer and the sites you visit online. By encrypting your computer’s internet connection, sites that you visit and data that you send and receive is safe from prying eyes.

Using a VPN encrypts your data.

Other uses for a VPN
  • Change your IP address and appear in another location
  • Make public wifi connections safe, which are often unprotected
  • Watch content from other countries without restrictions
  • Buy airplane tickets in a country with lower rates
  • For remote workers, to connect to a work server and share files
  • Bypass local internet networks, which can be slower than with a VPN

Overall, using a VPN secures your internet browsing and gives you more autonomy with the sites you can visit.

With a VPN built right into it, UR makes staying private online easy! Access the VPN with just a click—look for the ninja icon in the upper right corner of the browser.

Think of UR as an armored car for your online traffic. We respect privacy and created a web browser to keep you safe and private as you navigate the internet highways. 🚗 Learn more here.

Sources

Techhive http://www.techhive.com/article/3158192/privacy/howand-whyyou-should-use-a-vpn-any-time-you-hop-on-the-internet.html
PlanIT http://www.planitcomputing.ie/blog/?p=337
Technet https://technet.microsoft.com/en-us/library/bb742566.aspx

Search Engine vs. Browser

You know they’re related, but…what’s the difference again?

Do you know what the difference is between a browser and a search engine?

There is a lot of confusion around the two frequently-used words: search engine and browser.

A search engine is designed to search information on the Internet. The search results are usually presented in a list of results called “hits,” based off of the specific keywords you have entered. Examples of popular search engines include: Google, Qwant, Yahoo, Bing, DuckDuckGo and others.

A (web) browser is a software application that allows you to retrieve and display content from websites and information across the internet. You first open up your web browser, and then go to a search engine to find information.

Think of it this way: a browser is like a car and the search engine is the map that lets you search the internet—all the roads, houses and shops along the way.

🚗  For smooth driving, UR is a browser that transports you across the web, and in total privacy. Learn more here.

Beyond Cookie Tracking

The recent discussion about being tracked online is becoming increasingly prevalent. A new survey from a group of Princeton researchers of one million websites crops up new ways companies are using to follow your digital trail. Instead of placing a tracker on your browser, many sites are now “fingerprinting”—using information about your computer such as battery status or browser window size to identify your presence. One of the authors from the Princeton study, Arvind Narayanan, speaks of his research, the latest in online tracking and the world of pervasive surveillance that we are embarking upon.

“Everything that we look at online and click on is getting stored in a database somewhere. And it’s being data-mined and various decisions are being based on that. Targeted advertising is a relatively innocuous example, but there are a variety of other things that can and do happen.There is research that shows that when people know they are being tracked and surveilled, they change their behavior. We lose our intellectual freedom. As we move to a digital world, are we losing those abilities or freedoms? That is the thing to me that is the question. That’s the most worrisome thing about online tracking. It’s not so much the advertising.”

See the full study here.

© 2017 UR Blog

Theme by Anders NorenUp ↑