How to protect your privacy and PC online
By Alex Campbell http://www.pcgamer.com
Keeping your data to yourself on the internet is hard, and it’s getting tougher every day. With the recent decision by Congress to let internet service providers continue to run wild with your browsing data without you knowing, a lot of people are pissed (and the ones who aren’t probably should be). While it’s true that a lot of us give up data in exchange for services (think Google, Facebook, and other applications), an ISP is different. Without an ISP you can’t get online at all. Your wireless provider, cable company, or copper-wire telco generally set prices in a vacuum and are the first gatekeepers between you and your Steam account.
So if you’re not too keen on companies scooping up your data, there are some things you can do to protect your privacy. There are also some common practices that don’t do much at all—it’s important to know what works and what doesn’t when it comes to protecting yourself online.
Know your priorities
Protecting your privacy and securing your identity can very easily take you down a rabbit hole of computer science paranoia. Instead of mulling over what algorithms are going to break in the next ten years, you’ll benefit a lot more from concentrating on what your actual priorities are.
The first thing to do is know your adversary. Who, exactly, are you trying to protect your data from? If it’s a person who might be trying to break into your email account, that takes one set of privacy and security measures. If you’re looking to keep companies from selling your data, that’s another set of priorities. If you’re looking to evade a government’s surveillance, you’ll have to work a lot harder to keep yourself invisible online.
In this guide, I’m going to focus on keeping data out of the hands of companies who might want to resell it.
Incognito mode and Private Browsing aren’t enough
Private Browsing (Firefox) or Incognito Mode (Chrome) may make you feel safe, but they actually don’t do much to stop companies from tracking you. These browser features basically open up fresh tabs or windows without access to your history, cookies, or cache. If you’re usually logged into Google or Facebook, using Incognito Mode or Private Browsing will basically treat your browsing session as though you’re not logged into anything, and will clear any accumulated cookies or cache when the windows is closed. Just like any other session, a service can track you the minute you log in.
This mode is really useful when using public computers (like at a library or school campus). But if you’re trying to keep ISPs from snooping, it won’t help at all. Additionally, if you use Google for a search, Google can still use some information about you (search terms, geolocation, time of day), though it generally won’t be tied to your identity. That is, unless you use it at home.
A recent addition to Firefox’s Private Browsing includes a tracking protection feature similar to Privacy Badger, an add-on from the Electronic Frontier Foundation that „stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web.“
Do Not Track
Most modern browsers now come with a ‘Do Not Track’ signal that they can send to websites with every request. While DNT is often hidden in the options of your browser, enabling it lets a web server know that you don’t want cookies served up that can be used to track you. It’s a good step forward, and is generally transparent to the user.
A good VPN is your friend
Your first real tool in the privacy battle is the trusty virtual private network (VPN). A VPN is an encrypted connection that allows you to connect to a network over the internet in a way that treats your connection as though you were a part of that local area network (LAN). A VPN is really useful for companies, as workers can access shared drives, printers, and other resources from home. It’s also a great privacy tool.
Since a VPN provides an encrypted tunnel to a remote location, the traffic between your PC and the VPN cannot be read by an intermediary. However, any unencrypted internet traffic going in and out of the VPN could still be intercepted and deciphered. Additionally, all of your outgoing traffic will appear to come from the VPN server’s IP address. This makes the VPN an ideal method for getting around censorship and hiding most of your internet traffic. This is also why I recommend using a VPN when connecting to any open Wi-Fi hotspot, since open Wi-Fi does not encrypt your internet traffic.
There are plenty of pitfalls when dealing with VPNs, though. The first and most important thing to know is that a VPN provider can see all of your traffic. Needless to say, while you can use your employer’s VPN to hide your IP from your home, your employer can see everything you do while connected to it, so act accordingly.
When choosing a VPN, look for VPNs that don’t log traffic, and don’t retain or sell any data. Generally, all VPNs will have to respond to requests from law enforcement. However, a VPN provider that doesn’t keep logs won’t have much to show when authorities come knocking. I personally use Private Internet Access, but do your own research and read over privacy policies before choosing a provider.
You may be able to use a VPN for gaming, but some providers only allow traffic on commonly used internet ports (like HTTPS or IMAP, for instance). When choosing a VPN, be sure to find out if they open up TCP and UDP ports that games may need to communicate. Also, keep in mind that using a VPN while gaming can introduce latency.
Finally, the IP addresses of VPN providers are widely known, so a web service will know if you’re connecting via a VPN.
The Tor browser has widely been touted as a method to secure your browsing. Tor is short for The Onion Router, and basically hides your IP by relaying your web requests through a network of proxy servers called relays or nodes. When accessing a website outside of the Tor network (all Tor sites end in .onion), the only node that can see the outgoing traffic is called an exit node, which makes the request to the appropriate site (like google.com).
Tor is a great method for browsing anonymously, so long as you’re not trying to do something that would send the FBI right to your door. Since Tor is open-source and anyone can operate a Tor node, you better believe the U.S. government (and presumably others) operate Tor exit nodes. On top of that, using Tor can raise eyebrows from governments, which can attract closer scrutiny of traffic. Of course, the more people that use Tor for not-so-shady browsing, the less scrutiny it will warrant.
As long as you’re not trying to sell drugs or look up child pornography, using Tor is generally a good way to keep yourself anonymous. To use Tor, you’ll need the Tor browser, which is basically a modified version of Firefox. The Tor browser comes standard with Tails, a Linux distribution built for anonymity and security.
Keep that PC clean
Although I can’t remember the last time I had one of my PCs become bogged down with porno popups, malware is another thing to keep on the lookout for. Instead of selling you live sex shows, today’s malware aims to read your browsing data and resell it to third parties.
By keeping your anti-malware software up-to-date, you can reduce the chance of having your PC infected by this stuff. You should also keep your system updated with the latest Windows updates and browser software. Both Mozilla and Google are very proactive about keeping their browsers secure, and keeping them updated means that you have the latest patches to known exploits.