Privacy Policydlutek.com

General remarks

Before you start the daily use of your new computer, it is necessary to make some preparations that will allow you to work at ease, without big surprises, avoiding viruses and using the Internet as safely as possible. The same protections should be used at every stage of use – even if the computer is not new. It is never too late. Remember that the most important safeguards always apply to the computer and the operating system. Their lack or insufficient level cause the most serious consequences.

When purchasing a new computer, make the necessary additional purchase, which is a spare external drive. Make sure the drive is of the right type and with the appropriate connectors, so that it can work with your computer. This drive will be intended for nothing else but making regular and most common copies of everything on your computer (including the operating system). Therefore, the capacity of this drive must be at least the same as the internal startup-disk capacity of the computer. There are special programs that automatically copy at a specific time. In the event that the main internal drive fails (which must happen sooner or later), you will not lose anything when your backup was properly and recently made.

Preparation for use

The first step after buying a computer should be to protect it with an administrator password, which is easy for you to remember, but difficult to guess by other people (do not use the same password for different purposes). Therefore, passwords such as names of children or pets, dates of birth, place of residence, etc. should not be used. An intelligent approach and a bit of imagination are always the best ways to reduce the threat of all types of computer attacks.

If the computer is intended for use by more persons than just the owner, everyone should have separate accounts installed with separate passwords and have access only to the content they have created.

The second step is to check all operating system settings and make sure that they match the rules of common sense. All processes that you do not need should be turned off. Not only will that provide more security, but it will also speed up your computer's performance.

If the computer's operating system allows the use of encryption of content, you should use this (IMPORTANT: be sure that the password for encryption/decryption is properly secured – if you lose it, you can permanently lose access to your documents).

The third step should be to "clone" the entire contents of the new computer to the backup drive. Later, over time, regular backups will ensure that in the event of failure, fire, robbery, or other unforeseen circumstances, you will never lose the latest version of your computer's contents. It should be remembered that only copies of the encrypted content are also encrypted. If the computer's content was not encrypted, the backup copy also remains unencrypted, in which case the access by unwanted persons to the backup copy is equivalent to the access to the computer's content itself.

The first program that should be installed and used on every new computer should be the best antivirus program you can afford. No free program should even be considered, as some of them are a threat in themselves (especially from companies such as Kasperski or Avast).

Before you connect your computer to the Internet for the first time, you should check all system settings of your computer, as well as the settings of your web browser, to make sure there are no surprises that can help hackers access your account on your computer and your browser's accounts.

The most important thing is to disable all operations that occur automatically, including automatically installing any updates (if possible). A large proportion of attacks on your computer use these automated processes. Automatic opening of files downloaded from the Internet should also be blocked. For a similar reason, automatic access to your address book should be blocked. Of course, it is very important to regularly manually update the operating system and software, including the web browser.

Next, you should disable Java software (not to be confused with JavaScript, which is secure and is required to view most websites, including this one).

Uninstall some programs, such as Adobe Flash Player, which is one of the worst sources of continuous threats since its creation – two decades ago. You can live without this program, because it is being replaced by newer and more secure technologies, although there are still many websites that require its use. I would try to avoid those websites. If you encounter the need to install the Flash Player app, make sure you download it directly from the source, that is from the website belonging to the Adobe company. The same applies to all other programs – the only sources to download them to a computer should be websites belonging to the creators of these programs and the Apple Store and Google Store. All other sources are a potential threat.

Preparations before getting rid of your computer

All the above steps should be done at the very beginning – before you start using your computer on a daily basis. Whereas, the last steps before getting rid of the old computer (scrapping, selling or gifting) should ensure that it will be "cleaned" of all information about its owner and users.

First, it is necessary to make a complete copy of the contents of the administrator's account and the accounts of other computer users (a copy of the internal disk) in order to be able to transfer this content to the new computer.

Secondly, you must log out of all programs that impose a limit on the number of users or the number of computers on which they can be installed. If you do not, these programs will likely not work on your new computer.

Thirdly, keep in mind that simply dropping files into the trash and emptying the trash can not delete information stored on the disk. They can be easily recovered using a special program. Therefore—in accordance with the procedure for your particular operating system—reformat the internal drive of the computer. For greater security, the disk should be erased in a way that prevents retrieval of old information. This is done by writing zeros and ones to the whole disk. There are special programs for this purpose, and even your operating system should be able to do so. After completely cleaning the disk, reinstall the operating system. This will additionally protect you against retrieving the old information.

Of course, the safest and the most recommended method is to remove the internal drive from your computer – if you know how to do it. This last method is especially important in case when your computer is equipped with a solid state drive (SSD), i.e. a device containing non-volatile flash memory, used instead of a hard disk. One of the characteristics of an SSD drive is that it is not possible to completely erase everything that has been written on it. That is why it is important to use automatic encryption of content – provided that your computer's system allows it.

Everyday use of a computer

Between the initial preparations for using the computer and the final preparations for getting rid of the computer, which I described above, there should be certain rules for everyday use.

Even a computer without an Internet connection should be protected against access by unauthorized persons. Examples include co-workers, computer technicians who "help" us get rid of viruses and even friends, children and other family members.

Under no circumstances let anyone connect to your computer any devices, such as external drives, portable memory, or even CD, DVD and BlueRay disks, unless you absolutely trust that person (both personally and technically). Each of these devices may contain viruses that can be automatically installed on your computer. Even connecting a "Thunderbolt" cable can be a threat under certain circumstances.

Thus, there is the issue of access to information on the computer by technicians who repair the computer or assist in installing and running specific software. Such services should be performed only by reputable companies known for their reliability, professionalism and accuracy. Free or extremely cheap services are always a potential threat.

Usually, technicians need access to an administrative account, which—in practice—gives them the same privileges to read and write (and delete) information that the owner of the computer has. That is why it is important to use the system of encrypting the content of your account on the computer. No one except you has access to the encrypted content without knowing the key. And, of course, before each computer repair the internal disk must be fully cloned.

Browser recommendations

I strongly recommend installing the latest version of whatever browser you use. Old versions of browsers may pose a risk in terms of security against hacker attacks and leaking private information.

I remind you that the following browsers have my recommendations (links lead to external websites) – not only to view our PORTAL, but also for general use (in order of suitability):

If, for any reason, you can not or do not want to use the Safari browser (the best all-around browser that does not spy on its users), at least try Brave, Firefox or DuckDuckGo, which are next well-known browsers commended for their privacy and security.

Brave browser is built upon the 'Chromium' base, therefore, it shares same general vulnerabilities as the Google Chrome browser. Taking this into account, I would rather use the brand new DuckDuckGo browser which is built from scratch on its own base. It is designed in the way that makes users' privacy the ultimate goal. For now, the new browser is still not quite ready for mass-adoption by Internet users. However, DuckDuckGo search engine is the ultimate one—for few years now—which is why I can recommend it wholeheartedly. It is much preferred to Google search engine, who shamelessly spies your pants off.

If you do not know what browser and which version (always use the latest version available) is installed on your computer, you can visit the Detective page, where you will find the data about the browser you are using.

General remarks on using the Internet

First of all, you have to realize that if you use the Internet, then—to great extent—your privacy no longer exists, and sometimes, your computer's security is vulnerable to attacks by hackers, government agencies and cyber-criminals.

The Internet is a very dangerous place. You move in a jungle full of predators and all kinds of criminals. Most people using the Internet do not recognize that fact. Danger is lurking when you open an email from an unknown source (and sometimes even from a source that looks familiar), when you click on a link that will lead you to a trap and even when you go to a website that you know well, but that is not protected against hackers.

The largest Internet companies such as Google, Facebook or Instagram use these more or less covert methods of getting all information about you. The main business of these companies is gathering the maximum possible information about Internet users. They created entire ecosystems comprising of free products and services to entice unsuspecting users to divulge all the information they can obtain legally (and sometimes illegally). The most covert and perfidious ways are used by Facebook, because they are designed in such manner that their users can't resist sharing their most intimate information with an entire world.

This is an established tactic of an established business, whose legality, unfortunately, is not regulated by laws or government rules, especially in the USA. Probably because government agencies use similar tactics.

Government agencies, Google, Facebook and other companies specializing in compiling and analyzing data about users, know more about you than you know yourself. They know, with great accuracy, what is your age, skin color, sex, sex preferences, how often do you brush your teeth, whether you are pregnant, whether you are considering the possibility of divorce, what are your political views (often they know it sooner than you do) and other details of this type, which you've never even consciously revealed to anyone. This is no exaggeration. This is documented in many studies and statistics related to the flow of information on the Internet.

All this information is harvested without your knowledge and mostly without your consent. You are not paid for any of it, while big Internet companies are making millions of dollars. For some of them, harvesting and analyzing user data is their biggest source of income.

The well-known novel by George Orwell titled "1984" presents the world of the future in which "The Big Brother" (dictator) controls the thoughts and deeds of all citizens. Orwell's prediction is now a reality, and in some aspects, has already been surpassed by reality.

Every computer should have the best available program installed and used to detect and avoid the traps to which you are directed by hackers.

In the old days of Microsoft's "glory", viruses and malware existed almost exclusively on the Windows platform. Apple's Mac platform did not have this problem, because for hackers it did not pay to waste time creating viruses that would affect only a tiny percentage of computers. Therefore, Apple computers were almost completely safe for use without any anti-virus programs. Those times are long gone. Apple platform began to acquire an increasing part of the computer market. As a result, for at least 8-10 years, more and more malware designed specifically for Apple computers has started to appear. Still, on the Windows platform there are a thousand times more viruses and malware (modestly counting) than on the Mac platform, but at the current stage, the use of any computer without anti-virus software is tantamount to asking for trouble.

The subject of security on the Internet is like an ocean. New threats arise almost every day. It is not possible to cover the whole problem without writing daily updates.

Therefore, in the following chapters, I will try to only briefly describe these threats and general ways to avoid or eliminate them, but—as always—the surest defense against all the dangers lurking on the Internet is your common sense, vigilance and gaining knowledge about how a computer and the Internet works.

E-mail

Most people use email on a regular basis. A large part of them do not realize that billions of e-mails are sent daily by advertising agencies, hackers and spies – mainly for three reasons: either someone wants to sell you something, or extort your private information, or remotely install malware on your computer, to take control over it.

You must realize that hackers are constantly working on inventing new ways to mislead unprepared and unsuspecting recipients of e-mails. They do everything they can think of to fool the recipients with the content and appearance of their e-mails, to create the illusion that you receive those e-mails from legitimate sources like banks, credit companies, Internet providers, telephone companies, insurance and government agencies and myriads of other legitimate sources.

Anti-virus and anti-spam programs protect us against these threats to some extent, but hackers are always one step ahead. It is impossible to predict what their next trick will be.

The general rule is: never click on any buttons or links in your e-mail without first checking where these links lead. Another rule: do not give away your e-mail address, unless you really have to, or completely trust somebody.

Websites

The latest versions of web browsers give you new methods of protection against Internet traps. They warn you against entering websites that are known to spread viruses and malware. But, as I mentioned earlier, the hackers do not fall asleep for a second. Each detected page is replaced by two or three new pages that are not yet detected.

Since mid-2017, browsers have also begun to warn viewers before entering websites that are not protected against hacker attacks. Such websites allow hackers to "inject" viruses or spy instruments in such a way that they are invisible and difficult to detect.

If the website address begins with https, it means that it is at least in a basic way protected against hackers. If, on the other hand, it starts with http (one letter of difference), it is open to hacker attacks.

First example of "fishing":

My cousin Janek told me how his intuition allowed him to avoid installing a Trojan horse on his computer.

When he turned on his computer and browser, a warning appeared on his screen that his computer had a virus and that he must phone a company that would give him instructions on how to get rid of the virus. Still not suspecting anything, Janek called them. He was told that he must change some settings on his computer. Then it became clear to him that someone wants to "put him on a horse" (of the Trojan variety).

It’s unbelievable that such primitive attempts still find naive people who are willing to accept them as truth and follow the instructions of criminals. These types of monkey business are in use for years. Unfortunately, the new methods are much more sophisticated, perfidious and more difficult to detect.

Second example of "fishing":

– this time from my own experience.

I received an e-mail from what looked like the Apple "Technical Support" located in Poland. Besides being written in Polish, not in English, it looked almost exactly like the ones that come from real American branch of Apple "Technical Support". The difference could be seen only in the case of a direct comparison of the legitimate e-mail with the one I am writing about.

This Polish e-mail alerted me that my password and e-mail address on my Apple account has been changed. In addition, I was warned that if it was not me who changed my data, I should click on the provided link (which looked like the real address belonging to Apple) and change my data as soon as possible. Of course, the link was crafted in such a way that it led to a fake website pretending to be belonging to Apple. If I changed my password and email address on this site, hackers could use it to break into my real account on the Apple website.

Instead of using a link that was "conveniently" provided in an e-mail, I went directly to the Apple website, I entered my account and changed my password in there (just in case).

This example illustrates the principle of not using direct links in unverified e-mails. Instead of clicking on a link, always go directly to the legitimate site and only then change your account details or your personal data.

Conclusion

Try never to fall into the trap of "free" products or services. Realize that nothing is for free. If someone offers something "for free", it means that he has hidden intentions towards the gullible users of his offer. Of course, there are exceptions to this rule, but it is not easy for an average Internet user to find out which free offers are safe. The situation is further complicated by the fact that giants such as Google and social media have created free programs and services which are difficult to dispense with (eg Gmail). Therefore, even people who are fully aware of the risk of losing their privacy decide to voluntarily waive their rights, if it is a condition for using free services.

If you want to find out what information is available about you on the Internet, open any browser and enter your name. The result can surprise you and even frighten you – depending on how much you value your privacy.

Facebook

is the largest and most nefarious social media company. Why? Because the company's business model takes advantage of the ignorance of the huge majority of Internet users and is structured in such a way that users voluntarily and eagerly supply Facebook with their personal data and pictures of themselves, their newborn children, family and friends. The entire Facebook system is designed exclusively to extort the most personal and intimate information about its users and then use that information to make gigantic profits. All their "free" services and features are only there to lure the maximum quantity of naive users.

It is almost impossible to adequately describe the perfidy and deception of this model with sufficient depth, and—at the same time—in an easily understandable way for naive consumers who have an itch to share with the world everything that is personal and what should be their exclusive secret.

Only fools and adolescents who can't wait to spread their trollings and selfies around the world can be forgiven for using Facebook. But even they will be sorry one day, when they realize what they've done.

A similar situation exists for other "social media" such as Tweeter, Instagram and for Google eco-system (Google G-Mail, Chrome browser, YouTube videos and Maps are examples).

Below are links to two PDF documents on "digital gangsters": Facebook and Google. Clicking a link will download a document to the default folder on your computer.

• "RD-Why-is-anyone-STILL-on-Facebook.zip" – This document contains, among other things, instructions on how to cancel your Facebook account and how to check that your personal data has been sold to British digital gangsters from Cambridge Analytica.

• "RD-Compilation-Digital-Gangsters.zip" – This is a very extensive collection of articles, mainly from privacy and security companies on the Internet.

Since about mid-April 2017

—when using a modern browser you visit websites that are not secured—you can see a warning saying that these websites are not "safe". This is not necessarily completely true. Most of these "dangerous" websites are still relatively secure. And some websites that are not flagged as dangerous, in fact are. Paradox?

So what's this warning about? The reason for the warning is the change in rules that govern web browsers. For starters, only Firefox and Chrome warn you, but soon the rest of browsers should follow suit. All unsecured websites are considered dangerous by the browsers. And the only difference between safe and dangerous pages is a single letter in their addresses. All pages whose address begins with http are considered dangerous, while those whose address begins with https are considered safe. The condition for using the address starting with "https" is to obtain a special certificate from an Internet organization that is entitled to grant them.

I have obtained such a certificate in March 2017. Our addresses start with "https" and show a small padlock in the browser's address bar. "Https" in the address means that the page is secured. Usually this part of the address is not visible to the human eye, but it is visible to the web browser.

And here comes the next part of this paradox in new rules that govern Internet browsers.

The mere fact that the site is secured by a padlock is not a guarantee that it is completely "safe" for people who visit it. Hackers have ways to add or change scripts (code) on a padlocked page. As a result, people who view such a "secured" page can be sent without their knowledge to another site, where hackers steal your personal data, passwords, credit card numbers, etc, etc. They can also intercept your cookies and use them for various types of evil deeds (some cookies are required for the proper and efficient operation of our PORTAL). These types of hacker attacks can be prevented or significantly reduce their risk. For this purpose, the person who administers the Internet domain (i.e. myself, in case of the dlutek.com domain) must put in place special directives, which are included in a document located on the server and to which hackers have no access.

I am proud to announce that by June 10, 2017, I have already implemented most of the aforementioned directives. As an outcome, I achieved a significant improvement in the results of PORTAL testing for resistance against hacker attacks. Immediately after obtaining the certificate, my test result was rated "F" (only 15% of tests were passed). My latest rating is "B +" (80% passed tests). I will continue to work on improving this assessment, although a full 100% is almost unachievable utopia, because these new directives in some circumstances limit or prevent the functionality of some features of websites.

In addition to all things mentioned above, since May 2018, I have implemented further security and privacy measures, according to new rules imposed by European Union, known as GDPR.

How does this affect the use of our portal?

The remaining 20% of failed security tests are caused by our PORTAL using resources from other web sites (for example YouTube videos). That's why viewers of our PORTAL like you must decide themselves whether or not to trust those external sources and express their decision by using enabling/disabling buttons that can be found in the COOKIE MANAGEMENT subsection.

Unwanted guests and persistent hackers

In my opinion, the only way to completely secure any website, after implementing all measures described above is to password-protect it. You can read more on this subject in the next chapter entitled, as you may have guessed, MEMBERSHIP SYSTEM ON OUR PORTAL.   

The level of security of our PORTAL

—both against hackers and unwanted guests—was raised through implementation of the membership system, which I introduced in January 2018.

Since then, only the home page, PRIVACY, HOW TO USE THE PORTAL, INTERNET SECURITY news, WHAT'S NEW? blog and LOGIN page, are available to all viewers without any restrictions. The main part of the PORTAL (the FAMILY section and all its subsections) is available only to invited and logged-in people. There are two categories of these viewers: family members and family friends.

If you want to invite family members or trusted friends to participate in our family portal, you can do so. Invited people will be qualified into one of the above two groups.

The only difference between these groups is the privilege of viewing the entire content of the portal. Family friends do not have access to family albums, documents and family tree, which are visible only to logged in family members.

People who would like to open an account on the portal should send me an e-mail with their full name and surname. After this action, they will receive an invitation from me that will initiate their membership in the FAMILY section of this portal.