Tech Talk #5 with Salina Media Connection! In this tech talk we cover increasing and maintaining your online privacy. We start with simple steps and work our way into some more complicated measures that support the most online privacy. We encourage you to check out the video! Below is a write up by our assistant manager, Zach, on the topic with links about what we discussed to follow.
Why worry about online privacy?
People often say, “I have nothing to hide so why should I care?” The truth of the matter is, while people may feel like they have nothing to hide, they handle a lot of important information on their devices. Would you be okay with a stranger looking at your credit card information? How about a stranger on the street, with no warning, picking up your phone and going through all your text messages? People, even the ones I have heard utter this statement, frequently use their devices for payment and banking, and private conversations/romance.
Another reason privacy is important is because big tech regularly makes billions of dollars off YOUR data, and you do not get a dime of it. These companies like Facebook, Microsoft…etc. use profiles they build off you because you accept their “terms of service.” They sell your data to companies in bulk for unfathomable amounts of money to then target it all back towards YOU through ads.
The following discussion and steps can help combat this! And do not fret, links for further information will be posted at the end.
Use privacy focused search engines like DuckDuckGo instead of Google and Bing.
Google and Microsoft’s Bing utilize targeted ads anytime you use their services. They build a profile for you and tailor your experiences using that profile. DuckDuckGo does not build a profile about you! They do not collect identifiable information from their users, and they do not place trackers on websites to aid in their profile construction. They also do not tailer search results based on a profile, like Google and Microsoft. On Google and Bing results will be specific to you. Two people searching the exact same thing will get different results because their profile is different.
Adjust Software settings of apps/social media.
Many popular companies that offer software enable data to be sent to them by default about usage and the device. Some of these companies: Microsoft, Google Chrome, Instagram, Reddit, Facebook…etc. This data is sometimes anonymous, but this isn’t always the case. Firefox, my favorite web browser, still does this, but it is anonymous. It can also be turned off completely. Some of the former cannot be turned off at all…Windows. Majority of current systems, programs, and apps can be adjusted in their settings to limit or disable the sending of this information.
Install anti-tracking add-ons to web browsers. Disable cookies/third-party cookies.
Web browsers can have add-ons installed into them that do various things. These things can range from changing the format and how the browser is presented, to blocking ads and trackers, which is what this will focus on. Popular ad blockers like “Ublock Origin” and “AdBlock” block the following:
Ads from showing.
Trackers and finger printers.
Third-party cookies.
Some web browsers are starting to implement built in blockers, like Firefox and Brave!
Cookies are a tool that web pages and big tech use to track your usage on the internet to better target ads to you. They are placed directly onto your computer. Cookies, or in this case 1st -party cookies, are not always used in this way. They save log in information for web pages, allow you to still access a saved cart on shopping sites…etc. Not using them at all can even prevent websites from working entirely. With Cookies, disabling all of them can make browsing the web more of a challenge depending on where you usually go. On the flip side, third-party cookies, however, should always be disabled. These 3rd – party cookies are cookies that services have placed on web pages in addition to the useful 1st-party cookies we discussed. These are primarily for tracking and advertising; the primary purpose being to harvest your data.
Ensure mobile device is clearing photo meta data before you post it.
When an image is taken, more than just what you captured is saved in that image. A digital print of where, when and the camera settings are also captured with the picture. If you do not remove this data, when you post the image online, that meta data is posted with it. You can check your photos for saved location data by swiping up on the image in the photo’s app on either iPhone or Google phones. You can check images on a desktop for metadata using programs like “exiftool”, which pulls the metadata and presents it to you within the exiftool program.
On mobile, to combat this, you need to limit the shared hardware and location data in the settings of your device. When you download phone applications, you give these apps access to various areas of your device. A lot of the time, apps ask you to give the permissions when downloaded, or if they do not, they are usually listed in the app store. Another note, it is good to pay attention to what an app is accessing when you download it. A mobile game probably does not need access to your camera, or photos. Apps that try to access parts of your device it should not need is indicative of that app doing more than what is advertised. This is NOT GOOD.
On desktops, metadata can also be cleared using meta data tools like exiftool. You may need to tailor how you do it based on your operating system, but a link of how to use the tool will be linked at the end of this post.
Use a VPN (Virtual Private Network)
On a local network, anyone with the right software can analyze the network and see what all the users are doing. Where they are browsing and, in some cases (HTTP websites), even information they enter on the website. HTTP is “Hypertext Transfer Protocol”. It is an application layer (OSI model) protocol that computers and web browsers use to communicate. The HTTP is not encrypted, which means anyone analyzing network traffic can see in plain text the information going back and forth from a computer to a website. If you log into an HTTP website, people on your network could see your log in name and password. Same goes for anything you communicate to the website.
HTTPS is the new standard. A lot of websites are now using HTTPS instead of HTTP, so most of the time you do not have to worry. HTTPS is the encrypted version of HTTP. When interacting with an HTTPS website, your network traffic to that website cannot be read in plane text, so there is little need to worry about people seeing your information through a sniffer. One way you can tell if you are on an HTTP or HTTPS website is to look for a small lock icon next to your URL address bar in your web browser. If there is a lock, HTTPS is in use. If there is not a lock, HTTP is in use.
A VPN or Virtual Private Network eliminates the ability of sniffing your network traffic entirely. All your traffic, instead of going to its destination, will first go to the host of the VPN and then from there it will go to its destination. People who are network sniffing will only be able to see that your traffic goes to the VPN host and not your destination. On the other end of the traffic, a destination website will not be able to identify (not without a lot of effort) where the traffic is originating from. They will see that the incoming traffic is coming from the host VPN and not your public IP address.
Use a different web browser.
As with everything, some services are better than others and some services have trade-offs. Google Chrome is a quick browser, but it is RAM intensive, and they collect a ton of your information. Try using Firefox or Brave, which are much more privacy focused than Google Chrome. Firefox and Brave have built in utilities that block trackers and are conscious about what happens with your data. As said above, data collection can entirely be turned off with these two web browsers, and Firefox, will delete anything it collects after 30 days. Apple’s Safari is also getting better about their privacy, but they still do a bit of data collection for themselves.
If you want to take this step to the next level, try using a deep web browser like Tor, Freenet or i2P. The most popular, Tor aka “The Onion Router”, uses a traffic routing system much like peeling an onion (hence its name). People set up relays all over the world. Internet traffic goes through three relays before arriving at its destination. These browsers can also access hidden internet services which people call The Deep Web. Normal browsers do not have the ability to access these, but Brave has Tor integrated into its browser. How well this works is still a bit in question by me, but I also have not tried very hard at getting it to work either. These services are very anonymous because of the relays involved. Tor acts a lot like its own VPN because of how it works. A small trade off using these kinds of browsers is the decrease in speed. Since the traffic must go to several places before it gets to its destination, it is much slower in comparison to Firefox or Chrome.
The deep web is notorious for illegal activity, but it is nothing to be afraid of!! A lot of illegal activity also happens on the clear net and a lot of normal activity happens on these hidden services. These web browsers are incredibly important for users who are ruled by oppressive governments. They allow these people to get out to the rest of the world to let everyone know what is happening. They can also enjoy the benefits of the normal internet, instead of their local web services. Accessing hidden internet services IS NOT ILLEGAL and using these kinds of browsers is not illegal either. They are perfectly legal, and trying them are great for learning, even if it is not something someone wanted to use permanently.
Use a different operating system.
Getting more into the weeds, you can switch operating systems entirely. Microsoft and even ChromeOS are not the only operating systems, and they are notorious for data collection. MacOS is better in its own way when it comes to privacy. They are incredibly good about keeping other people out, but Apple still collects information on their own customers.
Another operating system that holds a whopping <2% of the computer market is called Linux. Linux is the core of hundreds of different types of operating systems, many of which are free. These different types of Linux are known as distributions, or “distros” for short. Linux is open source, meaning that the code involved is available to be analyzed and edited by the users. This is also why there are so many different distributions. People take some from others, tweak it, and then release it as under a different name. People can also build their own Linux machine from complete scratch. Many of these Linux distributions have some incredible desktop environments and graphical interfaces, some I think, being better than the popular Windows. Linux, unless you want it to be, is not a command line operating system anymore. These desktop environments are also endlessly customizable. One day you can have a desktop environment that looks like Windows, and a couple hours later you can have something that looks like a Mac desktop! It is all up to the user, but I digress.
Linux tends to be much more privacy oriented because of its user base. A lot of people who use Linux want their computer to do what they want it to do and nothing more. They do not want the operating system sending information to a server about how it is used in the background. If a distribution of Linux is caught doing this, users will tell the community, and people who do not like this can stop using it. In a sense, they have a checks and balances system! Majority of Linux distros entail a lot more privacy than Windows, Chrome, and Mac by default, but there is a solution for people who want even more. Some distributions are extremely privacy focused. The distributions commonly associate with privacy are TailsOS, ParrotOS, and QuebesOS.
Use a privacy operating system on a USB drive.
People who want the absolute most privacy when it comes to computing combine all these previous steps into this last one. All the computing is done off a USB drive that clears its data every time the jump drive is disconnected. A popular combination is TailsOS running the TOR browser on a USB drive. There is no hard drive data stored, no web browsing data stored, and little traceability (not impossible though) as to what webpages you accessed.
The Wrap Up
A lot of information in a short period of time! You may be wondering, “okay, so what should I actually do?” I do not expect the ordinary everyday computer user to change their operating system and start using a browser that can access hidden services. What I do recommend though, is to switch your web browser to Firefox or Brave, install an ad blocking extension, and go through your current device and adjust its privacy settings to the most private options. For mobile devices, I recommend always keeping your location services off until you need them. It takes less than five seconds to flip it off and on using voice commands (on iPhones anyways).
A tech writer and Raspberry Pi enthusiast from Orange County, California.
This SSD buying guide helps you pair your business requirements and budget to the correct hardware for the job. You will determine the best SSD by comparing product specifications and benchmarks.
Read/write speeds and IOPS for an idea of the fastest SSDs.
Understanding how mean time MTBF relates to the most reliable SSDs.
Knowing that cheapest SSDs aren’t always the best fit—assessing and warranty and price per gigabyte.
How SSD architecture, controller technology, and NAND type factor into speed, reliability, and compatibility.
After years of stubborn SSD prices, supply and demand for the flash memory market currently favors end users. Throughout 2018, manufacturers have dropped pricing for consumer 2.5-inch SSDs across the board. Even m.2 and NVMe drives, which have historically resisted price decreases, have gradually lowered in price points.
If you’re weighing the HDD vs SSD data storage question for expanding disk storage, think of it like this. Installing an SSD into a legacy PC or laptop boosts performance enough to add another two or three years to its lifecycle. You will find that computers with SSDs boot up faster, and applications and large files open with less waiting. You get a snappier, more pleasing user experience.
What do you need to know to choose the best SSD for your business systems? Here is what you should know if you’re planning to buy SSD storage this year.
SSD form factors and interfaces
Five years ago, internal SSDs inside PCs and laptops connected over a SATA III interface, the same connection that an internal hard disk drive would use. Nowadays, faster motherboard connections have become mainstream. Once relegated to only the highest-end workstations and servers, PCI Express SSDs now make up a significant portion of the SSD market for consumers.
Without diving too deep into the circuitry, the PCIe interface is capable of speeds several times over what SATA can do. Accounting for encoding overhead, SATA III transfers happen at roughly 600 MB/s with a solid-state drive. While this is significantly faster than HDD capabilities, it’s significantly slower PCIe, which has a practical transference rate of 985 MB/s per lane—and PCIe SSDs support 2x or 4x lanes depending on the motherboard.
The high performance of PCIe SSDs is bolstered by NVMe (non-volatile memory express), a host controller interface and storage protocol. NVMe reduces latency in reading and writing data by working in parallel with the multi-core processors inside the host computer. In doing so, NVMe SSDs eliminate a bottleneck in performance by streamlining the command set used to process the transfer. If your computer uses a multi-core processor, and most do nowadays, you will feel a substantial performance upgrade with PCIe NVMe SSDs.
2.5-inch form factor
2.5-inch solid-state drives connect via SATA interface the same as HDD storage does. 2.5-inch SSDs are designed to fit inside laptop computers and they will work inside a desktop. If you’re installing them into a mATA PC case, your drive bays are probably designed for 3.5-inch HDDs. You will want to use a 2.5” to 3.5” HDD & SSD converter to secure a snug fit for your SSD inside your PC.
M.2 form factor
The M.2 form factor specification is a newer iteration for internal solid state drives. M.2 SSDs fit into a designated M.2 slot on a computer motherboard. Depending on the motherboard and SSD, the M.2 slot on a motherboard utilizes either the SATA interface or the PCIe interface. Or either—just never both at once. M.2 motherboard slot is used for other hardware, most commonly Wi-Fi / Bluetooth / cellular wireless networking adapters.
You want to pay attention to the lettered key notches of the M.2 slot. The key notches are identified with letters A through M, which indicate their position on the connector and the respective interfaces provided. For example a notch at position M indicates that up to 4 PCI Express lanes can be used with NVMe or a SATA storage device can be supported.
Note that there are several variants of M.2 SSDs. These vary by physical size and by the interface type they utilize.
Key
Card Measurement
Interface Compatibility
Usage
A
1630, 2230, 3030
PCIe x2 USB 2.0, I2C, Display Port x4
Wireless networking cards
B
3042, 2230, 2245, 2260, 2280, 22110
PCIe x2, SATA, USB 2.0, USB 3.0, audio, PCM, IUM, SSIC, I2C
SSD (SATA and PCIe x2)
E
1630, 2230, 3030
PCIe x2, USB 2.0, I2C, SDIO, UART, PCM
Wireless networking cards
M
2242, 2260, 2280, 22110
PCIe x4, SATA
PCIe x4
You also differentiate M.2 SSDs by the interface and bus they use to connect. When you’re upgrading make sure to know which your system uses by checking the specifications of your motherboard.
M.2 PCI-express NVMe SSDs – The NVMe protocol is a higher-performing architecture that connects over the PCI express bus in the PC motherboard. Older versions of M.2 PCIe SSDs connected over the PCIe 2.0 x 2 interface. Most current model M.2 PCIe SSD connect over PCIe x 4.
M.2 SATA SSDs – M.2 drives that use a SATA interfaces perform on par with 2.5-inch and mSATA drives. M.2 NVMe drives offer the fastest performance at a premium price point.
M.2 SSD AIC – AIC (short for add-in cards) are designed for older motherboards without an M.2 slot. One advantage that many M.2 SSD AICs have is a heatsink inside the build. Excessive heat isn’t a huge problem for most PC users, unless you are using your computer as a server.
Mini-SATA (mSATA) – The mSATA specification is designed for SSDs inside small laptops and tablets. It’s in large part obsoleted by M.2 drives, but if you have a legacy Ultrabook this is the form factor that fits inside your laptop.
NAND Type
The type of NAND used in a SSD matters—a whole lot, in fact. But what is NAND? NAND is a type of non-volatile flash memory, meaning it does not require power to retain or store data. Devices such as digital cameras, USB flash drives, smartphones, and SSDs utilize NAND flash memory for storage. NAND falls into several types: single-level cell (SLC), multi-level cell (MLC), enterprise MLC (eMLC), triple-level cell (TLC), Redundant Array of Independent NAND (RAIN), and the new 3D vertical NAND (3D V-NAND).
SLC NAND
A type of high-performance NAND flash memory that costs more than other types of flash memory to manufacture. SSDs with NAND memory chips never gained mass appeal due to high per-GB prices, and are found mainly in enterprise-grade SSDs. Also, SLC memory chips feature better write/rewrite endurance than MLC, meaning data can be written and rewritten before performance degrades. Few mainstream SSDs utilize SLC memory chips.
Pros: Faster performance, better write endurance
Cons: Higher price
MLC NAND
For the last few years, MLC was the go-to choice for storage manufacturers to use in solid state drives. While slightly slower than SLC memory, MLC could be produced at much lower cost and therefore was the primary type of NAND flash memory used in SSDs.
Pros: Lower price
Cons: Slower performance
eMLC NAND
A type of MLC NAND aimed towards light enterprise use or high-end mainstream use. Features higher write/rewrite endurance than MLC, but lower than SLC. A lower cost alternative to SLC.
Pros: Lower cost than SLC, faster performance than MLC
Cons: Higher price than MLC, lower endurance than SLC
TLC NAND
A type of MLC designed for use in budget-oriented SSDs. TLC flash memory features lower write/rewrite endurance than MLC. With a low per-GB cost, TLC SSDs make a strong case for value.
Pros: Lower prices than MLC
Cons: Performance slightly slower than MLC, lowest write endurance
QLC NAND
Quad-Layer Cell is the latest NAND architecture. Offers 33 percent more bit density over TLC NAND.
Pros: Stores more data on less material, lower SSD prices
Cons: Less reliable than previous architectures
3D V-NAND
The most common MLC technology found in SSDs. Instead of having flash memory cells stacked horizontally, V-NAND technology stacks memory cells vertically. To use an analogy, imagine a neighborhood. Traditional MLC SSDs represent a suburb with many single- or two-story houses. V-NAND is a neighborhood of high-rise apartment buildings. For the buyer, V-NAND allows for high SSD storage capacities without a dramatic increase in price.
Pros: Mid-range storage capacities, lower prices
Cons: Performance on par with TLC SSDs and slightly slower than MLC
(Click for Full Size)
Memory Controller
NAND flash memory cells do not exist in a vacuum inside a SSD. Every SSD features a controller chip that manages data on the memory cells and communicates the other components on the computer, such as the motherboard and other data storage devices. Memory controllers handle many prominent features found in SSDs, such as wear-leveling, reading data, writing data, data provisioning, and more. Because of that, the type of memory controller used can impact drive performance, reliability, endurance, and other extraneous features.
Determining the best memory controller can be difficult, especially as they generally perform well. However, it is wise to check forums or do a general web search for the memory controller used in a SSD you may be interested in purchasing. By doing this research, you may uncover reliability issues, necessary firmware updates, known compatibility issues, or more. For example, cursory research into SandForce flash memory controllers reveal that the first generation suffered from compatibility issues with the Intel® Haswell platform and some users of the SF-2000 series reported freezing and blue screens of death.
Drive Performance: IOPS vs latency
Consumers shopping for SSDs and hard drives frequently pay close attention to SSD throughput— commonly presented as maximum read/write—as the key factor in determining drive performance. While true, read/write rates do affect the speed of writing and reading files to and from the drive—they do not matter significantly. Read/write speeds matter primarily when transferring a large amount of data on or off the drive.
In most use cases for business, I/O per second, or IOPS, is the metric that best measures SSD performance. IOPS counts the random pings to the drive, and gauges performance you feel when booting up a computer and opening applications. Again, we will not deep dive into the physics here. IOPS indicates how often a SSD can perform a data transfer every second to fetch data randomly stored on a disk. For office applications and production software, IOPS serves as a better metric for drive performance than throughput. It translates into how often and quickly data can be accessed in a multiple user setting.
SSD storage capacity
How large should your SSD be? How much data do you want to store? Your ideal SSD capacity depends largely on your usage scenario. In the current market, SSDs generally range from 256 GB to 2 TB. As drives get more spacious, the cost per GB generally is less. Historically, a popular configuration for desktop computers is to have a smaller SSD (250 GB) to store the operating system and main productivity applications. The SSD is used in tandem with a larger HDD that stores work files and media. At this point, SSD storage prices have fallen low enough to where all-SSD storage is a sensible upgrade for most use cases.
SSD reliability and lifecycle
The common reliability rating for SSDs is mean time between failures, and it’s sort of a tricky concept to grasp. Wikipedia defines it like this: MTBF is the predicted elapsed time between inhere failures of a mechanical or electronic system during normal system operation. Now we’ll get into what this actually means.
You will find that MTBF ratings are in the millions of hours. If the MTBF is 1.5 million hours, this doesn’t mean that your SSD will literally last 1.5 million hours, which is more than 170 years. Instead, MTBF is a measure of likelihood of failure in the context of a large sample size of drives.
Say the MTBF rating is 1.2 million, and that drive is used eight hours a day. In a sample size of 1,000 drives you will find that, on average, one drive will fail every 150 days or so.
Let’s do the math:
1,000 drives @ 8 hours a day = 8,000 operational hours.
8000 operational hours @ 150 days = 1.2 million total operational hours.
Write cycles, also called program and erase or P/E cycles, are another important metric touching on SSD reliability. SSDs are able to endure a finite number of write cycles. When you write, erase, and overwrite data to the metal NAND of an SSD, the process deteriorates the oxide layer that holds electrons in the memory cell.
Different types of NAND architectures are more resilient than others.
Official Rules for the “Springbean Jellybean Contest” event. How to Enter Contest Event Information Event Prizes JAB IT LLC will be giving away over a thousan...
Increasing Online Privacy Tech Talk #5 with Salina Media Connection! In this tech talk we cover increasing and maintaining your online privacy. We start with si...
