Online privacy is the goal of many of us who surf the web. Unfortunately, it is a fluid concept that is only partially achieved in most cases. Who, might you ask is storing or collecting my private data?
Who is spying on me?
- Your local device (ie. your computer or smart phone)
- Your local ISP and those connected to it
- ISP’s that are connected to your network (Those in between you and your destination)
- Owners of the service that you are connecting to (the website or service)
- Third party trackers – Ad companies and others tracing your movements thorough the internet
Although this is not a complete list of everyone, you should get the point. This list does not include those who legally or otherwise want to gain access to your device.
How do I get more online privacy?
- Remove your true IP address: This is the point at which you access the internet (Usually your ISP) it also gives your physical address. A VPN is suggested to alleviate this worry.
- Obscure your hardware and software: When you connect to a site a snapshot of your hardware and software can be taken. Your IP and MAC address as well as what software you are running can be taken. It is recommended that you change your MAC address each time you log onto the internet to avoid hardware tracking. A MAC address is a hardware address for your network card.
Changing your MAC Address
WINDOWS:
Control Panel -> Device Manager ->Network Adapters (Choose the one you have and Right Click) -> Properties -> Advanced Tab -> Network Address (Look for the value and change it) -> Press OK
LINUX:
Go to a command prompt and type in the following (You can use any MAC address you want)
Footprints in the sand
When we visit a website data is kept on our visit. It is kept locally and on the servers of the visited site. If you use “incognito” mode you lessen the footprint that you leave on your local machine. You can also use TAILS (a live Linux distribution designed to just use your RAM to run. Thus, no footprints.).
Using a VPN is recommended so that your local ISP will not spy on your online activities. A VPN is also good when you are connected to any public WIFI. Anyone can “Listen in” on your online activities unless you are using a VPN when in public.
Many of the sites that are accessed now offer HTTPS. Encrypting DNS requests offers the advantage of hiding which domains your are requesting resources from. It still will be logged by the destination and also may be kept by third parties so caution is still the watch word.
Two-factor authentication (2FA) for the accounts that have it is a good idea, besides having a good password or passphrase that is complex. This gives you a more robust authentication sequence that is much better than just a password alone.
Testing your privacy
To ensure that your browser is not leaking information you can visit browserleaks.com and go through their tests. Obviously if you are going through a VPN you don’t want a few lines of JavaScript to give your real geolocation. Leaks can also come from extensions, scripts and browser fingerprinting.
Reducing fingerprinting is a very tricky business. You alter your browser with plugins to protect your privacy, this makes it unique. The Electronic Freedom Foundation (EFF) has setup a site where you can test your browser’s fingerprint – coveryourtracks.eff.org. You want to be just a face in the crowd and not stand out in anyway.
The TOR browser also tries to mitigate this fingerprinting by default, so using TAILS and a VPN is a good idea. In a future article I will be talking about TAILS in more detail. Take a look at my article on securing Firefox for some tips on making it better. Remember, no one values your online privacy – except you. Take the needed steps to ensure that you are safe out there.