Since internet has taken over practically every aspect of our lives, it is important to consider the impact that technology has on our privacy. Social Media websites have become crucial for communication, entertainment, news and business, but they are also controversial due to the fact that information that used to be private is now widely available. Many people are willingly sharing personal details and even those who are not, are still vulnerable to privacy invasion. In recent years, new information about the threats to our privacy has been revealed. These details have shown that we are not safe when we connect to internet and unfortunately, we cant expect anonymity or freedom to express our opinion and access information.
Although the NSA and the GHCQ are the most recognized names when it comes to extensive online surveillance, there are other organizations across the world that impose monitoring programs over internet users. As part of these programs, there are regulations that aim to collect as much information as possible. Your online conversations, emails, texts and phone calls can be monitored and it is not absurd to think that in many cases, every single thing we do or say is being tracked. British newspaper The Guardian, published a document that revealed the programs established by the NSA to collect and to store data form US citizens.
The document shows that while the agency collects and scans large amounts of information, it only keeps the data that could potentially include suspicious content. They give particular attention to data that is encrypted and they archive it until they can make it intelligible. There are not warrants required in order to carry on these actions and what is worst, internet service providers and software developers are known for assisting (willingly or by force) with mass data collection. While things look bleak under these circumstances, the fight to defend your right to privacy is not a lost cause. There are some solutions that can help you to protect your information from this invasion. We will go through different aspects of online privacy and the options available to keep it safe.
Thanks to encryption, you can ensure that your online activities remain private but as previously mentioned, government agencies are particularly interested in encrypted data as they think that it may be used to hide something important. All data collected and deemed as irrelevant is discarded but when it comes to encrypted information, they consider that it is worth keeping it until it can be decrypyted. In fact, just the fact of browsing information about online privacy can get you unwanted attention from these agencies.
The length of the encryption key will determine how challenging it will be to decode the information because it represents the number of ones and zeros used in a cypher. Attacking a cypher is known as exhaustive key search or brute force attack and it involves attempting every possible combination until the right one is found. While breaking encryption cyphers is very difficult and can take a lot of time, it is not impossible. Still, exhaustive key search depends on multiple factors to work and it also requires advanced resources.
How Secure is Encryption?
To get an idea of how difficult it is to break a cypher with brute force, you can consider this: The most advanced supercomputer available nowadays would need a third of a billion years to break 128-bit AES key. It would take even longer to crack 256-bit key and a higher computing capacity would be required. While supercomputers may advance throughout the years, it is estimated that in about a decade, the most powerful machine would still take over one hundred and sixty thousand years to break 128-bit key with brute force.
That doesnt mean that we can take AES encryption for granted and assume that it will remain secure for many years. The information exposed by Edward Snowden showed that the NSA was able to crack older encryption algorithms in 2010. Furthermore, millions of dollars have been spent to make sure that tech companies implement back doors or take steps to decrease the security of their system to allow online surveillance. Taken this information into account,existing protocols are not fully reliable and there is a high risk that they are compromised in the near future, if they havent been already.
Security experts have highlighted the urgency of upgrading encryption systems and cypher key algorithms. Thank to the way encryption works, strong mathematical algorithms can always be created and as long as they are developed ethically and with transparency, you can still rely on encryption to keep your information secure. Even though online surveillance organizations have impressive technology to target users and you would be better off using top security protocols, low level encryption is usually good enough to prevent attacks from online fraudsters.
While encryption key length is the amount of raw numbers, cyphers are the mathematics applied for the encryption. One of the main reasons why encryption may be cracked is that the algorithms used in the cypher are not strong enough. Blowfish and AES, which work with OpenVPN are the most popular cyphers. RSA is used to encrypt and decrypt cypher keys and SHA-1/SHA-2 are used to authenticate the data. AES is recognized by many as the most secure cypher to use and it is also the option implemented by the US government to safeguard its information. However, there are some concerns about the organization that created and that is in charge of the maintenance of AES encryption.
The United States National Institute of Standards and Technology or NIST, is an organization that works closely with the NSA in the creation of cyphers. RSA, SHA-1, SHA-2 and AES were developed/certified by the NIST, which is why many security experts have concerns about these standards. The NIST has claimed that they would not make a cryptographic standard weak on purpose and it has made attempts to restore trust on their ethics and transparency. In spite of that, their reliability remains in doubt, which is likely to lead to new and improved encryption efforts, although there is not significant change in the horizon yet.
NIST came under fire when it was confirmed that the Dual Elliptic Curve algorithm, a cryptographic standard that they certified, was compromised twice by the NSA. The security of the standard had been questioned for years but in 2013 it was revealed that the NSA had paid to ensure that a back door was installed by developers RSA. The publication of these practices, damaged the reputation of the NIST and a large number of reports and alerts regarding the security and integrity of their protocols surfaced. However, this didnt affect the involvement of the organization with giant tech companies.
The reality is that large companies continue following the standards implemented by the NIST in order to comply with requirements by the US government. If NIST encryption standards are not in place, companies would not be able to operate legally and within the industry code. The frightening truth is that cryptographic standards from the NIST are widely used around the world and many companies rely on its standards. There are only a few services that have taken the step to leave NIST standards behind.
You may have heard about Lavabit, an email service that is now extinct and that was believed to be used by Edward Snowden. Lavabit endured pressure from the FBI and there were attempts to get the provider to hand over their SSL encryption keys. The company took the difficult but brave decision of closing down before compromising the privacy of all their users. Silent Circle followed the same path and it shut down Silent Mail in order to prevent issues for their users. The good news is that Lavabit and Silent Mail are collaborating to create Dark Mail, an innovative and secure email platform that supports end-to-end encryption.
Encryption Vulnerabilities of RSA & VPN
Following the revelations from Edward Snowden, it became evident that some programs were designed to highlight encryption keys (certificates) that could be cracked by the GCHQs supercomputers. This showed that 1024-bit RSA encryption that is generally used to secure certificate keys could be weaker than it was previously thought and it may be broken sooner than expected. Once a certificate key is decrypted, all data transferred becomes vulnerable unless ephemeral (temporary) key exchange is implemented. It is not difficult to see that the NSA and the GCHQ have the required technology for this purpose. Taking this into consideration, it can be predicted that any forms of encryption that use certificates and non-ephemeral keys including SSL and TLS certificates, can be broken and most likely they have been already compromised.
While it is difficult to determine how fast and easily this can be done, at this stage, it can be said that PPTP over VPN can be decrypted by government organizations. However, PPTP is still being used and although it is not the right solution when it comes to protecting your privacy, it can be practical in some situations and if it is the only option available, it is always better to use some level of encryption than none. L2TP/IPSec has been upgraded and is more solid than PPTP but it has also come under scrutiny. A report published by John Gilmore, founding member of the EFF (Electronic Frontier Foundation) revealed that NSA employees had important roles in the IPSec standards committee and were able to deliberately weaken the standard.
When it was disclosed that the NSA and the GCHQ were able to crack 1024-bit RSA encryption, a large number of VPN services increased their key encryption to 2048-bits and some even went as far as 4096-bits. Something else that should be taken into consideration regarding encryption is Perfect Forward Secrecy or PFS, which is a system that generates a new and individual private encryption key for every session. PFS helps to solve some of the vulnerability concerns for SSL and TLS connections and some companies started implementing the use of ephemeral keys to reinforce their security, following the infamous Heartbleed Bug.
The good news is that OpenVPN uses ephemeral key exchanges so it hasnt been compromised. Ephemeral key exchanges create new key for every exchange, which means that they dont depend on certificates to set up protection. Even if someone is able to get the private key of a certificate, they will not manage to get the date decrypted. When a private key is compromised, an OpenVPN connection can still be targeted by an interceptor or man in the middle attack, but in order to be successful, the attack would need to be quite specific. OpenVPN uses OpenSSL library and while older version may be more vulnerable to security issues, it is still the safest protocol and should be preferred over other options. Since it is an open-source platform, it can be constantly upgraded and security vulnerabilities can be addressed by the community of developers.
If End-to-End encryption or E2EE is implemented, all the data is encrypted at your end and it can only be decrypted at the intended recipients end. This guarantees that the data cant be intercepted or affected by middle-man attacks, ensuring that it reamisn secure and private. With end-to-end encryption, no one else except you or the intended recipient have the key to get the data decrypted. Any service that encrypts your data on their servers, instead of giving you the possibility of encrypting it on your own computer, should be avoided. Keep in mind that if the providers are located in the United States or United Kingdom, it is likely that they hold keys to your data.
While encryption is essential to protect your privacy, it is important to be aware that you may still be vulnerable to metadata collection. Encryption ensures that your communications cant be read by third parties but that doesnt mean that they will not be able to collect data such as location, recipients and regularity of these communications. However, technologies like Tor and VPNs can help you to ensure that this collection of metadata is more difficult for any third party. They may be able to identify the fact that you are using a VPN, but they wont get access to information such as your online activity and location.
Even though there are concerns over the reliability of AES due to issues with NIST certification, it still is considered as mostly secure at the time. The same can be said about OpenVPN, which offers a high level of security, although it is not immune to attacks. Encryption does not guarantee complete security and the resources and technology of government organizations should not be dismissed. However, it still is worth using encryption as it is the most solid way to protect our data and defend our privacy. Besides, we should keep in mind that we are not only under surveillance from these organizations but also need to protect ourselves from attack from cuber-criminals and large corporations involved in mass data collection. Encryption is a powerful tool to prevent online fraud and identity theft.
We previously refereed to the Hearbleed Bug, which broke havoc in 2014 and resulted in hundreds of service providers having to request their users to change their passwords. It is believed that it had been affecting systems even before it was publicly announced, Heartbleed Bug is still remembered because of its devastating effect on online security and the fact that it compromised some versions of OpenSSL, which is the most popular cryptographic library on the internet. OpenSSL is used by online storage services, banks and VPN services. At the time, it was determined that the bug affected at least two-thirds of the internet and the most worrying thing was that it was only detected after nearly one year and a half. This meant that even if a system had been impacted by the bug, it wouldnt have been possible to know about it. There were rumors indicating that the NSA was behind the bug and news channels reported that there sources claiming that the organization knew about the big at least two years before it surfaced publicly.
If an attacker took advantage of the bug, they would have been able to access users passwords and SLL keys to take over someones account.In order to prevent this, millions of users were asked by service providers to reset their passwords. In the aftermath of the bug, most services and websites using OpenSSL updated their libraries to prevent issues. SSL certificates were re-issued as it was believed that they may have been compromised. It is important to mention that any website that implemented PFS was mostly immune to the bug, regardless if their were using one of the OpenSSL versions impacted.
How to Increase Privacy and Security
We have exposed that while there are ways to enhance your privacy online, there are not solutions that are 100% effective, keeping in mind that there are aspects like metadata that can still be exploited. Nevertheless, these options allow you to keep yourself protected against identity theft and online fraud so they are worth implementing in order to add a later of security and privacy to your connection.
Free Open Source Software
As previously mentioned, the NSA is known for deliberately weakening widely used international encryption standards, which has cast a serious shadow over the reliability of proprietary software. The NSA and the GCHQ have worked together and have paid or forced tech companies to ensure that they implement backdoors in their software or compromise their security of their own programs to give these organizations easy access. In most cases, the companies that have been affected by these strategies are located in the US and the UK, but it wouldnt be absurd to think that other companies across the world have also complied with these requests.
Additionally, a secret program known as PRISM is thought to have provided the NSA, FBI and GCHQ, backdoor access to users data across some of the most recognized US platforms including Google, Apple, Facebook, Microsoft, YouTube, Skype, Yahoo and more. Newspapers in the UK and the US reported that PRISM allowed US and UK surveillance organizations to bypass legislation that protects citizens from being spied on by their own government. They just needed to have each country spying outside of their own jurisdiction and then they could exchange the data without legal restrictions. PRISM us said to be running since 2007 and it has been decisive to gather data such as emails, photos, chat conversations, videos and more. While service providers have denied their knowledge or participation in the program, the leaked information has proven the contrary.
These massive surveillance programs and privacy breaches are not something new, unfortunately. In 1999,security researchers found out about an alleged coding mistake by Microsoft engineers, which resulted in the NSA being able to set a backdoor to all Windows 95 systems. In that year, Lotus also made the headlines for disabling security and installing back doors in their Notes software to allow access for the NSA. Nowadays, the security concerns have increased as the latest platforms are designed to collect data with every task. There are many challenges to address when it comes to proprietary software, including the fact that since the technology is created by a company, it is easy for the NSA to approach them directly with their requirements. Additionally, since the source code is not openly available, they can hide any modifications or back doors from the public.
Keeping these issues in mind, it is not hard to see why free open source software (FOSS) offers a better alternative. Multiple developers work on the software and they are not associated to each other, they simply collaborate to improve the source code. The public can access the source code, which means that there is less risk of modifications going unnoticed. That being said, it is possible that due collaborative and open nature of FOSS, the NSA has looked for ways to infiltrate the development groups to try to suit the code to their needs. To prevent the inclusion of back doors, FOSS should be ideally work with other implementations. While open source offers many advantages, it should also be noted that there is a large amount of code in every open source project and many of the people who collaborate in them, have little experience or are not able to dedicate much time to work on the code. This is why it is difficult to review the code in details to identify possible issues, but that doesnt mean that it is not possible and while FOSS is not a perfect solution, it is the most reliable one in many
Since open source software is less likely to be infiltrated by the NSA and similar organizations, many people trust in Linux as a more secure alternative to proprietary platforms like Apples OS X or Microsofts Windows. Linux has its shortcomings and it is not a completely secure system, but it does offer a more reliable option against surveillance. The main issue with Linux is that it is not as simple as Windows or OS X, which is why it is not as popular or widely used as these platforms. Still, there are user-friendly builds such as Ubuntu, which are becoming more popular and if you are looking for a way to enhance your privacy, Linux would be the best technology to choose when it comes to operating system.
Anonymous Payment Methods
Another important step to protect your privacy is to use anonymous payment methods. You would still need to provide a shipping address if you order intangible items, but if you pay for services or digital goods, you have a greater chance to keep your identity and your privacy protected. Bitcoin has earned a high level of popularity over the last few years, but there are many online services that also accept cash posted anonymously.
What is Bitcoin?
You have probably heard about Bitcoin but may not be sure about what it is. Bitcoin is a decentralized virtual currency that works in a P2P way, similar to BitTorrent. There are not intermediate bodies regulating the currency, which is an innovative idea. For many people Bitcoin has come to be a profitable investment opportunity, although there is high risk involved due to the fact that its value can significantly decrease or increase over time. Some regard it in a negative way due to the fact that it is not regulated and that it has been associated to illegal activities. However, there are also many advantages for people who simply want to protect their right to privacy.
Bitcoin is currency that can be bought, exchanged, invested and that can be used to pay for services, which means that it moves freely through the market as any other currency. The popularity of Bitcoin continues growing and while it is not as commonly accepted as other options, it is the preferred method for many services, including VPNs. It is important to keep in mind that to ensure that you remain anonymous when using Bitcoin there are some tips to follow. One of the things that you can do is to use anonymous, temporary emails when acquiring Bitcoins. Also make sure that you use a different Bitcoin wallet/address for each purchase and never provide personal information that can lead to your true identity.
Pre-Paid Credit Cards
Although this payment option is not widely available, if you can get a pre-paid card in a shop, this would be another way to pay without exposing your privacy. You can purchase a pre-paid card with cash money, which removes any traces that may lead to you. A good option to enhance the protection to your privacy would be to use the pre-paid card to but Bitcoins anonymously, using a temporary email address to complete the transaction.
Making Your Internet Anonymous
VPN services and Tor are the most common, practical and effective solutions to protect your information and to ensure that your online activity remains private. These two options can disguise your actual IP address and secure your internet traffic using encryption. Another option to access content that is restricted in your region is to use a proxy, which can change your IP address. However, a proxy doesnt encrypt your data and doesnt offer the level of security that you can expect from a VPN or Tor.
Using a VPN
With a VPN you can ensure that your privacy stays protected as it creates a secure connection between your device and a remote server. When you are not using a VPN, your online traffic goes through your Internet Service Provider and then is directed through Internet. If a VPN is in use, your traffic is sent from your device to your ISP and then it is routed through a VPN server to internet. Once data enters the VPN tunnel, encryption is applied to ensure that it cant be accessed by other parties, not even your ISP. The information is only available to the devices at each end of the VPN tunnel so only you and the intended recipient will be able to see it.
You should bear in mind that US and UK based providers are more vulnerable to come under pressure by authorities to provide information about their users online activities. There are many good providers that operate in jurisdictions that are not subject to data retention laws. That being said, there are trustworthy providers based in the US that are known for their commitment to privacy but just remember that they would still be obliged to comply with request from the authorities if approached by them.
Advantages of a VPN
As long as you are using a provider that does not keep logs of your online activity, there are many advantages of using a VPN. One of the reasons why you should consider this technology is that it provides security and anonymity when you are connected to internet. You can establish a secure connection even if you are using public Wi-Fi in a coffee shop, a hotel or anywhere else. This is very important because public Wi-Fi is known for its security vulnerabilities and it can be a haven for cyber criminals who prey on personal information. Another benefit of using a VPN is that it allows you to bypass geo-location restrictions in order to get access to online content that is not available in your country. It also gives you the possibility of overcoming blocks and firewalls implemented in some countries as online censorship tools. Since you can change your server location to the country of your choice, you will be able to enjoy content and visit websites that are usually not available in your region. A VPN is also a convenient option for P2P file sharing.
Downsides of a VPN
In spite of the benefits that you can enjoy with a VPN, it is not a a risk-proof technology. First of all, you need to depend on the security and reliability of your VPN provider. Furthermore, your ISP and surveillance agencies would be able to recognize the fact that a VPN is in use as they can tell that the traffic is being encrypted. This is why, you should opt for OpenVPN or other protocols that offer the same level of security to keep your data safe. Another disadvantage of using a VPN is that you can experience loss of speed due to the encryption applied and the distance of the server you connect to. While it is possible to connect to servers located anywhere in the world to access local services, the further away you are from that server, the slower the connection may be. If you are looking for quick transfer speeds, check that your VPN supports short route for fast service.
Tor or the Onion Network, is a free solution managed by volunteers and that also enables you to browse internet anonymously. When you connect through the Tor network, you are connecting through no less than three relay points or nodes that are randomly chosen. The volunteer node computers are in charge of masking the traffic, preventing the website from finding out who is really visiting and where they are located, while keeping the fact that the website was visited, hidden from the ISP. The data is encrypted every time, regardless of the fact that each node is only capable of recognizing the source of the data and where it is going but is unable to trace the entire route. The main downside of Tor is that the final node, the one that establishes the connection to internet is also the most vulnerable. Those who run exit nodes are at risk of being prosecuted for the activity of another Tor user who accessed the network for illegal purposes. This is because the IP address of the offenders can be associated to the exit node’s IP address.
That explains why there are not many public exit nodes available and why countries like China, have managed to restrict access to them once they have been identified. You can still find nodes to connect to but in many cases, Tor users would need to reconnect multiple times and test different nodes until they can find one that has not been blacklisted yet. Another issue with Tor is that since the data is routed through multiple servers located across the world before establishing a connection to internet, Tor can be painfully slow. As such, it wouldnt be the ideal solution for P2P downloading or content streaming. Additionally, there is a large selection of websites that can identify the use of Tor and may not allow access. Nevertheless, there are many good reasons why you should consider using Tor. For instance, the service is secure, anonymous and free, not to mention that it lets you connect securely, even if you are using public Wi-Fi and you can also bypass firewalls and geo-location restrictions. To find out more about Tor, you can visit the official website: TorProject.org
Securing Your Browser
Surveillance from government organizations is not the only threat you face when you connect to internet. There is also the risk to be targeted by corporations that aim to access your data for their own benefit. Some advertisers are willing to employ dubious tactics to follow your activities online in order to be able to identify your habits. Many companies intend to use this data to sell goods and services. Alternatively, they can sell information about your interests and online habits to others that may use this information for their own profit. Privacy concerned users should be aware about HTTP cookies and the importance of clearing them. It is also necessary to keep in mind that most browsers support a Private Browsing mode that ensures that your online history is not saved and that can also block HTTP cookies. Whenever you are looking for information on internet, it is advisable to use Private Browsing. However, this is not the only measure that you need to take to make sure that your activities are not tracked online because there are other traces that they may follow.
This are the details that are left once your browser caches the IP address that it gets from your default DNS server with the purpose of speeding up your internet access. If you use Windows, you can do the following to find the DNS information that has been cached. Just enter “ipconfig/displaydns” at the command prompt (cmd.exe). You can clear this cache in Windows by opening the command prompt and typing this: “ipconfig/flushdns” then just press Enter. Those who use OSX (up to 10.4) can open Terminal and enter the following: “lookup-flushcache” and if yiu are using OS X 10.5 and up will need to enter: “dscacheutil – flashcache”.
This is another common way to keep track of your online activity. Flash cookies are not always blocked, even if cookies are disabled in your browser. They are capable of keeping track in the same way as regular cookies. It is possible to to find them and remove them manually in Windows if you go to this directory: C:\Users\username\AppData\Local|Macromedia\Flash Player\#SharedObjects. If you use OS X 10.4 and below, you will be able to locate them by going to User directory, then Library, Preferences/Macromedia/Flash Player\#SharedObjects. Those with higher OS X versions would need to go to User directory, then Library/Preferences/Macromedia/Flash Player/macromedia.com/support/flashplayer/sys/ to find these cookies.
If you want to make sure that you got rid of Flash cookies, you can use the CCleaner utility, which works with Windows and OS X. Apart from removing Flash cookies, it can also clean your computer from anything else that may be used to track your online activities and that could be affecting the performance and speed of your device. Just make sure that CCleaner is set up correctly to complete this task without issues. Flash cookies are not as common as they used to be due to the fact that more users are aware of their existence and also know about similar issues like zombie cookies. These are bits of persistent Flash code that generates regular cookies again once they have been modified or deleted. They still represent a risk for privacy.
Browser Add-ons / Extensions
A large number of companies are actively seeking for ways to gather information that can provide commercial benefits. In order to obtain this data, they are prepared to apply any methods available and they are ready to invest money and resources to come up with new ways to track every aspect of online user activity. There are other forms of web tracking such as Browser Fingerprinting, a method designed to identify your browser, based in its unique features. Information about your Operating System and browser configuration, give third parties the possibility of identifying your browser accurately.
Browser Add-ons / Extensions
A large number of companies are actively seeking for ways to gather information that can provide commercial benefits. In order to obtain this data, they are prepared to apply any methods available and they are ready to invest money and resources to come up with new ways to track every aspect of online user activity. There are other forms of web tracking such as Browser Fingerprinting, a method designed to identify your browser, based in its unique features. Information about your Operating System and browser configuration, give third parties the possibility of identifying your browser accurately.It is worth noting that when plugins are used, there are more possibilities of your browser being tracked. Thankfully, there are ways to prevent this such as the Privacy Badger browser add-on launched by online privacy advocacy group EFF (Electronic Frontier Foundation). This add-on aims to protect users from fingerprinting.
HTML web storage is another web tracking technology and it is built into HTML5. It is considerably more powerful than cookies and it offers the possibility of storing data in web browser. It also has a larger storage capacity and is more persistent. Plus, it is not possible to identify it or monitor it and you cant selectively remove it from your browser. Although web storage is a default option in all browsers, you can disable it in Firefox and IE. Users of Firefox can configure add-ons like Click&Clean and BetterPrivacy, which give them the possibility of removing web storage often. In Chrome, you can also use Click&Clean. Just remember that as previously mentioned, these browsers are more likely to be fingerprinted.
ETags should also be kept in mind as these markers are part of HTTP, the Word Wide Web protocol and are used by the browser to trace resource changes at a specific URL. Websites are able to compare the changes in these markers to create a fingerprint to keep track of you. HTTP and HTML5 cookies can also be regenerated and once they are implemented on a website, they facilitate online habits monitoring by associate companies. Unfortunately, this kind of of cache tracking is not easy to identify meaning that it can be difficult to find a good solution to prevent it. Although it is possible to clear your cache after visiting every website and you can also disable your cache completely, these are not the most convenient options to address the issue and may affect your online browsing.
History stealing, also known as history snooping is another tracking technology that causes a lot of concern. This gives a website that you have previously visited, the possibility of accessing your previous browsing history. The data collection can be combined with social media profiling to get access to personal information and it is quite challenging to avoid this type of threat. Thankfully if you use a VPN or connect to internet using Tor, you will be able to mask your IP address in order to keep your identity protected.It is possible to find some convenient extensions that allow you to improve your online privacy. One of the most convenient options available is AdBlock Plus, which is compatible with Firefox, Chrome, Opera and Android. This is a useful extension that lets you block all types of ads, including those in social media and online streaming sites. It also let you know you when you are visiting hosting websites that contain malware and it is capable of removing third party cookies and scripts. Even though it has advanced features, it remains user-friendly.
Another good solution is BetterPrivacy, which is an extension that allows you to block Flask cookies in Firefox. Furthermore, nowadays most browsers include a Do Not Track function that can instruct websites to disable tracking when you are nvisiting them. This is a practical option but you need to keep in mind that in order for this to work, it should be implemented by website owners.
Disconnect is another option and it is more suitable as it provides anti-tracking and anti-cookie extension. It is available for Chrome, Firefox, Internet Explorer and Safari. It has an updated database of tracking cookies and it also offers convenient features like analytics tools, page load optimization and Wi-Fi encryption. This extension lets you manage all the elements of a website and you can also block third party tracking cookies, which means that you can avoid tracking from social media websites. There is a premium version that features a VPN.
You can also consider HTTPS Everywhere, which is an extension created by the EFF and it is compatible with Firefox and Chrome. This option gives you the possibility of accessing a website using secure HTTPS connection, whenever available. This will help you to enhance your security and since it was developed by the EFF, you can see it as a reliable solution.
Mobile devices seem to be everywhere these days and they provide a practical solution to connect to internet on the go. It is possible to find Wi-Fi hot spots pretty much anywhere but in order to ensure that your data is protected from online attackers, you need to secure your mobile browser. This is not an easy task, but it is possible to find options to do it. Some of the options available are AdBlock Plus, Private Browsing and Do Not Track.
Flash Player Settings
Flash Player is not exactly secure and can be compromised so you need to take a look at the settings and make sure that almost all the options available are turned off to improve the security of your online browsing. The majority of security plugins disable Flash by default to keep you protected but if you still want to access Flash content, the bets option is to only use it on websites that you trust. To access Flash Player Settings, you can right-click on any Flash content and select “Global Settings.
Opt for a Private Search Engine
It cant be denied that Google is the most recognized and widely used search engine in the world. Unfortunately, it is also known for storing data from users, including search history and IP address. Usually, this information is transferred to the requested website and to advertisers who run the banners that appear on that website. The purpose of collecting this information is to target you with ads that may interest you, based on a profile created following your browsing activity. However, that is not the worse part as Google and other search engines hand this data to the government whenever they are required to do so.
Delete Your Google Search History
What you can do to prevent Google from profiling you is to delete your search history. While this will not stop surveillance organizations or other eavesdroppers from collecting data based on previous searchers, it will allow you to deter Google from creating a profile based on your searches. To clear your Google History, you can sign up into your Google account and go to www.google.com/history
Once you get there, a list of your recent searches will be available and you can select what you want to delete. There is also a checkbox at the top of the page that you can tick to delete everything. By clicking the gear icon at the top right side of the screen and selecting Settings, you can turn off Search History. If you are worried about Google or other popular search engines getting access or sharing any queries that you want to keep private, the best thing would be to use a search engines that doesnt keep track of your online browsing.
These days, it is possible to find a large selection of private search engines designed to help you to protect your right to privacy. DuckDuckGo is one of the most practical solutions and it promises not to collect any information from its users. They delete data and IPs linked to search queries without using any artificial identifiers that can be associated to queries. The way in which DuckDuckGo works, ensures that nothing can be tracked so that you can enjoy anonymity while you browse internet.
StartPage is another good alternative and it is committed to respecting the privacy of its users. They dont track users or store/share any data and allows to get search results from Google privately. You can also opt for is Ixquick, from the same creators of StartPage. Ixquick uses the same proxies to allow you to get results from Google and other search engines at the same time. StartPage and Ixquick stand out for featuring video search options, which is not common in private search sites.
Gibiru also enables you to carry online searches securely because thanks to the use of proxy servers, it doesn’t link your query to your IP address. Gibiru deletes all records instantly to avoid storing any data. YaCy is a decentralized engine that works with P2P technology and that also offers a suitable alternative to Google.
Improve Email Security
Most email services offer a secure SSL encrypted connection from the senders side to the email servers and from the email servers to the recipient. However, this doesnt ensure that the privacy of your emails is protected. Popular email providers are vulnerable to requests from government surveillance organizations and they could hand your data to third parties. This is why, it is important to choose end-to-end encryption to guarantee that the message can only be accessed by the sender and the intended recipient. However, in order to work, an encrypted email system requires that both the sender and recipient implement this type of encryption. This can be challenging as you would need to make sire that all your contacts adopt this security measure.
Furthermore, it is worth noting that email encryption can only secure the content of a message. That means that other details like the email addresses involved, subject, time and date of sending are not encrypted. As such, you are still exposed to collection of metadata. Not to mention that using email encryption will draw attention from government organizations, which are likely to keep your emails to try decrypt them at a later stage. Regardless of these issues, end-to-end email encryption is worth considering if you want to keep the content of your emails protected including any attachments sent or received. If you are looking for end-to-end email encryption solutions, you can consider GNU Privacy Guard. This is the open source alternative to Symantec’s PGP, which stands for Pretty Good Privacy. GNU PrivacyGuard or GnuPG/GPG is available for free and it works with Windows, Linux and OS X. It is also compatible with Android.
Choosing an end-to-end encrypted webmail service is a good way to keep your privacy secure. However, many of these services are not exempt from third-party intervention. Authorities can demand information from providers and in some cases, they would hand over information from their users. In 2007, Hushmail handed over data following a Canadian court warrant against suspected criminals. Recently, many users have opted for ProtonMail, a free and secure email service that is based in Switzerland, which means that it is not subject to request from international government bodies. There was such a demand for ProtonMail upon its launch that users would need to register their interest in order to book an account.
If you prefer to secure your Gmail inbox, you can encrypt it with the help of a free Firefox extension called Encrypted Communication. This option is easy to use and it provides 256-bit AES end-to-end encryption. Keep in mind that you and your recipient must have the extension installed. The content of the email will be protected by a password that only you and the other person should know. Ideally, this should be exchanged in person but if this is not possible, you can share it through another encrypted messaging channel. You can also use Mailvelope, a browser extension for Chrome and Firefox that provides another option to encrypt your emails. Mailvelope gives yo the possibility of applying full-end-to-end encryption over Gmail, as well as Hotmail and other popular email services.
Protecting the Privacy of Your Online Conversations
The privacy of your emails is under threat but the same can be said about other communication platforms used on internet such as Instant Messaging, SMS text services and VoIP, which stands for Voice over Internet Protocol. This service enables you to make free or cheap local and international phone calls and it also offers the option to send instant messages online. Without a doubt, Skype is one of the most popular names when it comes to VoIP. Millions of users around the world rely on this service thanks to its convenience and affordability.
Unfortunately, the service is likely to be affected by eavesdropping and it is very likely to be targeted by government surveillance agencies. In fact, it was revealed that under the PRISM program, Skype video and audio conversations were collected by the NSA. With this in mind, it is important to protect the privacy of your voice conversations online. For this purpose, you need to use VoIP with end-to-end encryption. You can rely on the encryption provided by a VPN and combine it with a secure VoIP service. There are many alternatives to Skype that offer the same functionality but with a higher level of security.
Secure Skype & Messaging Alternatives
Available for Android, iOS, Windows Phone, Windows OS, Mac and Linux, Linphone is a versatile and practical free open source option that offers identical features and design to Skype. You can make audio and video calls with advanced conferencing and call waiting features. It supports filesharing, chat and a wide selection of customization settings. There is great support for mobile devices. In terms of security, Linphone provides secure protocol options including zRTP, TLS, and SRTP.
Telegram is the favorite option for many users thanks to the high level of security that it provides. It works with Windows OS, Mac, Linux, Android, iOS, Windows Phone and more. Security concerned users have turned to Telegram as it is a more reliable communication service than WhatsApp and Facebook Messenger. It offers great compatibility and the service works on a cloud platform with API support to provide secure encryption and even self destruct features.
Another convenient and free open source software that applies encryption to protect your conversations and file transfers with ZRTP and OTR. The service is available for Windows, OS X, Linux and Android. It is easy to use and functions like video and voice calls with conferencing, as well as chat and file sharing options are supported. It is a secure alternative to Skype that offers strong encryption.
Available for Windows, OS X, Android and iOS, Silent Phone was created by the same team behind Silent Mail. It has become a popular and secure VoIP service that provides support for voice, video and text communications. File transfers of up to 100MB can also be carried through the platform. It offers features like scheduled message history deletion and there us a paid version available that supports additional features.
Previously known as RedPhone, Signal was created by Open Whisper Systems and it is another free and open source system that allows you to encrypt your communications. You can use your regular phone number while encrypting your text messages and calls. Signal stands out thanks to the fact that you can use your actual phone number with end-to-end encryption for callers using the app. This would make it a caller encryption service more than a VoIP app, although it offers full support for video messages without additional charges. It is available for Android and iOS.
Pidgin and OTR
Windows and Linux users can opt for Pidgin, a practical open source service that allows you to combine all your IM accounts under one secure platform. It supports MSN, AOL, ICQ, IRC and more and you can import your contacts from these services. Linux users can also use Pidgin, although pre-built packages are not available. OTR, which stands for Off-The-Record is a plugin that can be used with Pidgin to enhance its security. It applies a layered protection with AES encryption, SHA-1 hash function, as well as PFS to provide top level security for your communications. While you will need to spend some time setting it up to ensure that it works correctly, there is a step-by-step guide available that will allow you to configure Pidgin with OTR encryption without major hassle.
Android and iOS are the most popular mobile platforms and they are supported by ChatSecure, which also uses OTR as part of its features to keep your conversations secure. It also uses PFS and a strong level of encryption. It is possible to connect Facebook and Google accounts and you can also create new accounts on XMPP servers with Tor. As part of the advanced options that ChatSecure provides, you can even use your own server and the application also works with other OTR services.
Setting up secure passwords for all your applications and services is a basic step to protect your privacy. This is often taken for granted but in reality, many people are still making the mistake of creating passwords that make them more vulnerable to online attacks. Choosing a weak password is likely to leave you exposed to identity thefts and increases the chances of becoming a target for cyber criminals. There are many things that you can consider to improve the security of your password and to keep your information safe.
The first rule is to avoid using the same password for all your sensitive accounts. It is advisable to include punctuation, exclamation marks, numbers or a random space in your password. A good option would be to use a sentence that you can remember. This will make the password longer, more complex and therefore, more difficult to crack. Alternatively, you can use password management programs like StickyPass, KeePass or Firefox password manager.
Computer and Device Security
In order to apply and additional layer of protection for the sensitive information stored in your computer, you can choose locally encrypt your data. This solution will help you to protect your data in case of loss or theft. Just keep in mind that additional steps are required for this purpose. You can add a password to your BIOS/UEFI and OS account that can help to prevent online fraudsters from accessing your information. Windows system administrators can consider Enhanced Mitigation Experience Toolkit or EMET. This is a Microsoft tool designed to help you to stop attacks on their software.
One of the most worrying threats to privacy and security are viruses. There are new malicious programs menacing the security of your data, which is why a strong anti-virus solution is crucial to protect your system. While paid software provides better support and contact options, there are many solid free options. Two of the most convenient ones are Avira, which works for Windows, Mac, iOS and Android and Avaast, which is compatible with Windows, Mac, iOS and Android.
Although many people ignore the importance of anti-malware software, the truth is that it is an essential element to ensure that your system remains in good condition. You should combine it with the power of an anti-virus. Although malware and viruses are the same in essence, there are other malicious programs that need to be addressed with the help of anti-malware software including spyware, trojans, ransomware and more. Adware is another threat that tracks you using cookies and it can also affect the speed of your computer.
Anti-malware software can detect suspicious code that may not be identified by an anti-virus and the same goes the other way around. This is why you need to use anti-virus and anti-malware software together to ensure optimal system performance. You can also find free anti-malware applications that can offer a good level of protection. In order to increase the security of your system, you can use multiple tools in separate scans to get the highest level of defense against malware. Here are some of the best free solutions:
ComboFix, RKill, which are available for Windows, Mac and Linux, MalwareBytes, available for Windows, Mac and Android and CCleaner, which supports Windows and Mac.
A firewall is another practical layer of security to a server or personal computer. This will monitor all in and outbound traffic and will also block packets depending on how it is set up. A personal firewall can be very flexible but configuring it can be a complicated process. However, if properly set up, a firewall can be a great solution to protect your data against external attacks. It can also offer internal protection by stopping apps from accessing the web when they shouldn’t be able to.
It is possible to enhance your security with the help of a Virtual Machine. This is a software that works as a hard drive in which an operating system such as Linux or Windows is installed. The virtual machine can work just like a regular computer in software, using the operating system that you use on a regular base. The Virtual Machine set up ensures that all files are self-contained, which means that your physical computer will not be exposed in vase any viruses attack the virtual machine. To enhance your privacy even further, the Virtual Machine can be encrypted. Some of the Virtual Machine options that you can opt for include VMware Player and VirtualBox. The latter, offers support for
anonymous operating system Whonix, which works inside the VM and features options like Tor network gateway and DNS leak protection.
Secure Cloud Storage
Cloud storage services have earned the attention of millions of users due to the increase of digital data that needs to be secured. There are many providers available, which means that customers have more options to find a service that suits their needs and budget. Thanks to cloud storage services, it is possible to store important data securely and to get access to it whenever needed. Your files can be retrieved in case of loss or theft and they can be available from any device you connect from. However, there are concerns about the privacy and security of the files that are stored in the cloud.
Unfortunately, some of the most popular cloud storage services have been compromised by the NSAs monitoring programs and providers may hand over your information if required by law enforcement. Thankfully, there are some things that you can do to keep your information secure. For instance, you can encrypt your files on your computer, prior to uploading them to the cloud. It is also advisable to use a secure encrypted cloud storage service.
How to Protect the Privacy of the Files You Store in the Cloud
Manually encrypting your files is a convenient way to make sure that your files remain safe, no matter what Cloud storage service you are using. It is possible to sync files on your desktop easily because you just need to add your encrypted folder to your Cloud storage folder. The downside is that you wouldnt have the possibility of accessing your files anywhere you are. Instead of using manual file encryption, you can opt for a cloud service that supports automatic file encryption.
SpiderOak is a service that encrypts your files before they are uploaded to the cloud. However, services of this kind, store your password on their servers temporarily with the purpose of verifying your identity before giving you access to your files. After a session is finished, the password is deleted from the log. The other problem is that the vast majority of cloud service providers are not open source. The good news is that SpiderOak is considering to become open source at some stage.
Another option is BitTorrent Sync and while it is not actually a cloud storage service, it gives you the option to synchronize files and folders across your devices without involving Cloud storage. It is still in its experimental phase but it is free and easy to use. Furthermore, it offers compatibility for major platforms like Windows, OS X, Linux and Android.
You just need to select a folder that you want to share and BitTorrent Sync will set up a password or secret that you will be required to access the data. In order to access files on the go, you can link the folder that you want to share with a folder on another device, but BitTorrent would also need to be installed. In terms of security, BitTorrent Sync uses P2P protocol with 256-bit encryption to transfer the data.
US and UK-Based Online Services
As previously mentioned, it is advisable to take into consideration the fact that companies based in the United States and the United Kingdom are more likely to be infiltrated by the NSA and the GCHQ. Some of these companies collaborate with these government organizations willingly, while other ate forced to hand over formation from their users, no matter where the user or its data are located. The information leaked by Edward Snowden made the general public aware of the extent of the monitoring programs carried out by these agencies. Taking into account these revelations, it is not difficult to imagine that the companies based in the US and the UK are involved in these programs. Due to their location, they are subject to legislation that facilitates privacy intrusion. If you are worried about how your data may be handled by these companies, it would be best to avoid using their services and to choose international providers instead.
Social Media Privacy
Social networking sites are a popular method of communication and they have also become the main news source for many people. Today, we see how many of our own contacts or even ourselves end up sharing many aspects of our lives on Facebook, Twitter and other sites. Although there is a lot of information that is provided willingly by users, there are also many details that are obtained through invasive methods employed by these websites. In fact, the role of Facebook in online monitoring cant be denied and the company has earned money by compromising your privacy. They sell users data to advertisers and are also known for handing it over to government organizations without remorse. The same applies to other social media sites as their business is designed to profit from getting access to your information and using it for their own benefit.
Keep Your Information Safe on Social Network Sites
If privacy is your main concern and you want to keep your personal information secure, you would be better off not using social media websites. However, since these sites have become a practical solution for personal and business purposes, in many cases it is not possible to avoid them completely. The reality is that they are an important channel for communication, entertainment, business and information so many people are not prepared to give them up for good. There are some alternatives that offer a better level of security for instance, you can opt for Diaspora. This is an open source, non-profit social network that is owned and run by its users. If you still want to use Facebook, Twitter and other popular social networking services, here are some things that you can do to enhance your privacy on these sites.
Use an Alias Instead of Your Real Name
Users encourages users to sign up using their real name but you can chose an alias instead. This will allow you to avoid unwanted friend requests and can also help you to ensure that your Facebook profile is not accessed by others. Something else to consider when you set up or edit the information on your social media profile is to avoid entering accurate data about your interests or location. In summary, dont reveal too much about your identity to avoid that others learn everything about your life just by visiting your profile.
Keep an eye on Your Privacy Settings
Facebook regularly updates their privacy settings and policies. Furthermore, their policies are not as clear and transparent as they should, which prevents users from having control over the information that is shared. Checking your privacy settings on a regular basis is a good idea as it will allow you to make any necessary adjustments to keep your data protected. Keeping an eye on these settings, will ensure that your photos, posts and other details that you dont want to share, remain concealed.
Be Careful With What You Share
This should be an easy thing to keep in mind but many social media profiles include private information and posts that should not have been made publicly. Information or comments have been posted without thinking about the consequences. It is crucial to remember that whatever you shared on these sites, will be seen by others and of you are not careful with the privacy settings, it can be accessed by people outside your circle of friends. There are countless stories of social media users whose posts landed them into serious trouble. Furthermore, sharing too much information is like giving away your privacy in a silver plate to cyber criminals.
Ensure that your Conversations remain Private
Be mindful of your interactions with friends and other users in social media websites. There are things that are not meant to be discussed through these channels and in many cases, Twitter and Facebook have become a battlefield in which crucial information or personal details are shared unwittingly. If you need to talk to someone, use private messages and DMs and even then, be careful because your data is still vulnerable to online surveillance.
Internet has improved our lives in many ways and it has helped us to advance in many fields. In a way, the fact that we provide more information about us, has ensure that technology can become smarter in order to address our needs more effectively. However, there is also a dark side to it and we have sacrificed a great part of our security and privacy in the process. We need to consider how much more are we ready to give up in favor of convenience. While technology has opened the door to many privacy concerns, it also offers solutions that help us to protect ourselves from privacy invasion. We need to ensure that technology continues evolving, but at the same time, we have to discuss its impact on our right to privacy and freedom.
There are many benefits of using internet and we have been able to shorten distances by stating in touch with our loved ones, no matter where they are, meeting new people around the world and being able to make business anywhere. However, we cant ignore the fact that technology has also increased our vulnerability to surveillance since the information we exchanged can be accessed bu third parties. Many people ignore that their data is being monitored, while others dont seem to care.
We all need to consider that unless we give privacy the importance that it deserves and take steps to protect it, we may end up living in a society in which we cant freely express our opinions and where the information that we can access is controlled by others. Sadly, this is already a reality for many people and while many of us think that we are not subject to online censorship or surveillance, the truth is that we are just less aware of it. In this guide, we have mentioned some useful methods to defend your privacy online. While these solutions will not guarantee complete safety, they will give you valuable tools to maintain your privacy.