At Best VPN Analysis, we firmly believe in the internet users privacy and security and what belief is with no action? For the awareness of the internet users we have here published a comprehensive Privacy Guide, which covers most of the internet privacy aspects, questions, issues and solutions, as it is a detailed and long guide it is recommended to use the table of content below, so you don’t read the whole at once and can jump to your interested topic.
- 1 What is internet Privacy?
- 2 Privacy Threats
- 3 MAJOR PRIVACY CULPRITS – SUMMARY
- 4 Encryption- A Privacy Shelter
- 5 How Secure Encryption is?
- 6 What is End-to-end Encryption?
- 7 What is Metadata?
- 8 Using FOSS Software
- 9 How to Protect your Privacy?
- 9.1 You Need to Anonymise your Internet Connection
- 9.2 Do Secure Browsing
- 9.3 Secure your Mobile Browser
- 9.4 Make Payments Anonymously on the Internet
- 9.5 Secure your Social Networks
- 9.6 Get a Non-tracking Search Engine
- 9.7 Periodically Remove your Google History
- 9.8 Secure Your Email
- 9.9 Secure Your Personal Communication
- 9.10 Cloud Storage Management
- 9.11 Use a Reliable Antivirus, anti-malware and Firewall Software
- 9.12 Always use Strong Passwords or PINs
- 9.13 Never Use any US or UK based Services
- 10 SUMMARY: HOW TO SECURE YOUR PRIVACY?
- 11 Conclusion of the Ultimate Privacy Guide
What is internet Privacy?
Millions of people all around the world use the internet one their computers, smartphones, laptops etc. most of them are unaware or less concerned about their internet privacy and do nothing about it practically until they become a victim of their careless attitude towards their privacy.
If we talk particularly about the US, while using internet the your data is traveling across the network while you roam over the internet unknowingly that NSA and other government and security agencies are monitoring every step you take in the virtual world of internet and over the telecommunication networks, every email, phone call, all the instant messages sent and received ad all the calls made and received via VoIP are recorded and are under the monitoring. According to the Internet Security Threat Report there were over one million web attacks against people each day in 2015, 125% increase was noticed in zero-day vulnerability each week which is more than double than 2014, Spear-Phishing campaigns targeted on employees was increased 55%, threat of ransomware was 35% increased in most advanced and secure devices such a Mac, iOS, Linux etc. and all these must have increased in 2016. With these alarming statistics of almost all major types of cyber attacks, you can easily understand that how cyber criminals are getting stronger each year and using technology against internet users to fulfill their evil desires, according to a cyber attack statistics, the main motivation behind these attacks about 72.4%, is the cyber crime.
Privacy leads to Security
Privacy is the user right and security is the safeguard, to ensure the internet privacy is not compromised all the internet users must adopt and implement some security measures to protect their privacy and keep your private and confidential data intact without anyone’s access whether it is the ISP, NSA, hackers, spammers etc or any other intruder with whatever purpose. Privacy and security and linked and dependent on each other security steps are implemented to preserve and protect the internet privacy when there is no security implemented your privacy can be compromised. We aimed at your privacy in this article, so nothing can come between you and your internet privacy protection and there are numerous ways to protect it because the privacy has many leaks to mend, so it can be protected by numerous ways which are discussed later in the article, but before that you need to know how your privacy is at stake and what are the threats to the privacy.
There is no one threat that put your privacy in danger, there are many threats which weaken your privacy and put you at risk of cyber attack, these are discussed in detail below.
Unsecured Mobile Browsing
When millions of people use a smartphone to access the internet because of the ease and flexibility and it can be used anywhere anytime all the netizens use mobile browser which are specially designed apps for mobile which are technical weaker in term of security than a normal desktop browser version, which means it is more vulnerable and prone to the internet attacks. Hackers find it easier to attack a mobile device through the web browser of smartphones and tablets because of their weak interface and less protected security parameters.
Risks involved in using Web Browsers
We all use web browsers which snoop on and log your internet data and store your login information and other details which they use to track you throughout the internet and this is done to know your location, preferences, likes, dislikes etc. so that they can show you ads to sell the stuff based on this information and further share this information with third parties who use it to show ads they want to sell you. All the top ranked browsers like Google Chrome and Mozilla Firefox are designed in a way which disturbs your privacy and stores your information, browsing history, passwords, credentials, etc. For instance, if we talk about Google Chrome it has certain features which make it easier to use routinely, but it is not safe for your privacy. It creates certain files on your hard drive which stores the names, account numbers, emails addresses you use while browsing, it also stores the passwords, usernames, phone numbers, etc.
Demerits of using Social Media
Who doesn’t know about Facebook, Instagram, Twitter etc. the social media platforms which created a powerful medium over the internet which can change the masses perception on a large scale, and not only it is a source of information, connectivity but it is a big source many privacy issues. We all pay less attention when we use internet especially social networking platforms cause major identity theft, it is not recommended and never a good idea to put all your personal, private and confidential data on social networking websites like Facebook, Twitter, LinkedIn, Instagram etc. Hackers and snoopers can easily get the access to such data through all these social platforms and can exploit it against you, giving out important information like your phone number, social security number while using Facebook chats, Instagram messages etc. you conversations are not secure and can be intercepted easily by the evil hackers for the sake of identity theft which can cause you not only financial loss but a mental stress too. It is common and all the internet and social networking addicts and users know it well that there are millions of fake profiles on such popular social platform which are often managed by people interested in some sexual relationship which might turn into a criminal case and can put your life in danger. With all the alluring features like location check-ins, activity bar etc. which reveals your real location and address can be a real danger if someone plots a crime in your friends’ list (this might be not the case always, particular to personal grudges occasionally) and you are unaware of it. So double checking before you post anything like this on Facebook and make sure your privacy settings is up to the mark because all the popular social networking website have a default setting which shares you post with everyone. You may have heard criminals wanted by FBI was arrested after some help by Facebook, what does it even mean? Yes, you are thinking right, in this age of Edward Snowden where nothing is hidden from the internet users, Snowden has already revealed that Facebook and Google are the major partners of NSA is the surveillance law, which can leak and share all types of users’ data when asked by them.
Compromised Privacy on Public Wi-Fi
The public Wifi that we are fond of using, of course, who doesn’t like free lunch? However, the things which you don’t buy, make ‘’you’’ the product, due to poor security protocol, no encryption and authentication public Wifi is the most unsecured form of network which is an ideal place of all the cyber criminals like hackers, spammer and other snoopers who can easily get the access to your network if you aren’t secure and can exploit the data they get against you and tear your privacy off. A Wifi is not a secure connection to do sensitive transaction because of the open nature of the public Wifi networks easily allows snooping, there are many devices and some can be absolutely compromised and the biggest problem is that the hotspot itself can be malicious and by connecting to such Wifi can damage your security which is the ultimate threat to your privacy. The Wifi connection of your home is encrypted and even if someone in the range wants to access it they just can’t because it is encrypted with a Wifi password, but all the public networks are unencrypted because they require no password to connect so anyone on such network can track your online activities and the web pages you are browsing, and in any case if you use a public Wifi to access your bank, I would say never do it again. You might think how can people snoop on other people’s activities just by using the same public Wifi network, the answer is simple there are many tools by which such cyber criminals can easily track anyone’s online activities and can steal their personal data.
National Surveillance Agency (NSA)
Whenever you use any communication medium, it is the phone call, internet browsing etc. you are under the monitoring of the NSA. According to the mass surveillance the United State of American has been following since 2001, was enhanced in 2007 and named as PRISM which was implemented all over the state with new increased surveillance scope all over the US which allows the NSA and other security agencies of America to practise any possible steps to prevail surveillance in the name of state security and now US government and security agency can go to any limit to make sure everything is under their control and monitoring even if you are just another person living a normal peaceful life with no suspicious activities, I don’t want to offend anyone, but if you think you don’t come under the surveillance on NSA just because you have done nothing wrong or broke none law etc. then let me tell you that you are absolutely wrong. The monitoring span covers all the internet and mobile phone users because US government can go beyond any ethical and legal limits to implement security and well-being of its people.
Surveillance in Other Countries
It is not just the US government who follows and implements mass surveillance programs and according to Wikipedia a survey conducted in 2007 revealed that there 47 countries which have increased the surveillance laws and the scope of individual privacy has been dropped and compromised drastically. The top eight countries which are found to be following the most compromised user’s privacy and high surveillance scope includes China, Malaysia, Russia, Singapore, Taiwan, Thailand and the United States.
MAJOR PRIVACY CULPRITS – SUMMARY
SEARCH ENGINES-All the search engines including the most popular ones like Google Chrome, Microsoft Bing etc. they all have major privacy issues, they try to snoop on you and track you by making a profile of you and sell this to all the third-parties which then try to sell you their products based on the personal information your browsing history, your search preferences etc. the internet ads you almost see on every web page you browse, and all this for money of course.
SOCIAL NETWORKS & APPLICATIONS-Even the top-ranked and most popular social networking apps like Facebook, twitter, Instagram and all the other apps we regularly use, keep users personal information log stored and share it with their sponsors, and this is all done with your permission, yes the ‘’Allow’’ page with long and almost unreadable font size text, that we all avoid to read and allow anyhow without being bothered what’s the deal with it, it is actually the permission to sabotage your privacy and we all like a dumb say, yes please go ahead.
NATIONAL SECURITY AGENCY (NSA)-After the brave revelations by Snowden, no one on Earth can deny the fact that how cruel NSA and others like it, can be when it is about the privacy hunt, it can go to all the limits, unthinkable by the internet users to achieve what it is after and it got the supreme authority and technical capacity to do so. If you think you are the most innocent person and NSA has nothing to do with what you do online, then you live in a fool’s paradise but in the real world.
UNENCRYPTED, OPEN NETWORK (WIFI)- Using such unencrypted and open public network can degrade your privacy and using some tools and software anyone can see what are you doing online, your data can be at risk by using such network often, because there is no encryption and anyone can access to any user connected to the network currently, remember this public Wifi which is unsafe have no encryption password to connect, those who have a password and you know it, then it is alright.
INTERNET SERVICE PROVIDERS (ISPs)-All the ISPs around the world has the authority and capacity to snoop on your online activities which is a real slap in the face of the user’s privacy, however it varies country to country that how an ISP is supposed to log their users activities or not, some countries have strict and legal laws on it and some don’t have, but the possibility of tracking you online by your ISP is always there and anyone can snoop what you are up to over the internet.
HACKERS- Hackers are always trying to execute their evil intentions for their benefits and can sabotage your privacy by snooping on your personal and confidential information very easily with the help of any security flaw on your computer or device you use to browse the internet often.
OTHER CYBER CRIMINALS- As the technological advancements are beneficial for the world, it is also useful for the cyber criminals and help them in their criminal strategies, by using a lot of different software and tools they can send malicious files which may contain viruses, worm, malware etc and can transfer the access of your data to these cyber criminals which can steal your important data and can exploit it for their benefit, which is like murdering your privacy to all the level.
CARELESS INTERNET BEHAVIOR- One of the reason you are potentially vulnerable to any privacy breach by your end is that you don’t think and care much about your privacy, you use general public computers and never erase your login information or cache and browser history, which can be later stolen by anyone after you use that computer and can steal the data to use against you. You keep same and very easily guessable passwords for all the services, apps, and accounts you use on the internet which is not recommended and a weak privacy sign. If you have no encryption setup on your computer or the devices you use for the internet, which means anyone in your acquaintance can use your machine which is not good always for the privacy, you don’t know what is in everyone’s mind.
To be honest, the truth is that your can not be absolutely anonymous by any mean over the internet and if NSA or other security agencies want to get on you, they definitely will, nothing can come in their way, but nothing is lost yet. You still have some measures and ways by adopting them you can improve your privacy and enhance your security from all the above-mentioned privacy threats and culprits.
Encryption- A Privacy Shelter
Encryption is a method of securing your internet data traffic that travels all around the world wide web while you browse the internet, by this method your data is converted into a coded and unreadable scrambled form which is protected by and encryption key. The internet encryption or Virtual Private Network (VPN) encryption is little different that the data encryption is done on the computers and other devices, but follows the same basic method. It is done by encrypting the data from one end and decrypted at the other end which is the most effective and secure form of data transmission over the internet used by highly secure websites and servers like in banks for the protection of sensitive and confidential information. The encryption key used in this process is not a simple password, but various combinations of VPN protocols are used to achieve the level of security and privacy.
The encryption key is of two types, Symmetric key and Public key. In Symmetric key schemes, the same encryption key is used to encrypt and decrypt the message which is considered less secure, on the other hand in public key schemes is more secure which contains a pair of private keys known only to the authenticated person or owner.
How Secure Encryption is?
To take the command of the internet monitoring and surveillance NSA has reached beyond all the limits and ruined the concept of users privacy, to achieve it at all cost it even breaks many encryption levels provided by different internet security and privacy software and the services. This act by NSA made the basic level of encryption less secure than it was months ago, and now high-end encryption is needed to battle off such breaks by privacy intruders. As everyone knows that it is only NSA who can break the encryption level if they want to, below we have discussed briefly the technical details of how the things work between NSA or GCHQ and encryption which is really useful for every internet user to know.
Technical Aspects of Encryption
It is very important for you to know the basic technical procedure of how an encryption is done, I will try my best to keep the terms and tone of the text as understandable as I can so that all of you can read it without scratching your head in the end. As mentioned above, that encryption is the prime component of privacy protection and it is done by computers of course, what are some components of this process? How the are inter-linked? How they work together? How can encryption be broken and who can break it? All these questions are answered below in detail, which opens your vision of internet privacy and how it can be achieved which is discussed later in the guide.
Length of Encryption Key
According to Advanced Encryption Standard (AES) 2001, which uses the encryption key of 128 bits, 192 bits, and 256 bits, consist purely of raw numbers of zeros and ones.The length of encryption is the fundamental and basic method of determining and predicting how much time a cipher (coded form of the data) will take to break. So the two basic components of encryption are key length, which is like a protecting password consists of raw numbers of zeros and ones for cipher, which is the scrambled and coded data. Anyone with the intention of breaking the cipher must break the encryption key. The fundamental and basic method of breaking a key is called brute force attack (or exhaustive key search) which involves trying all the probabilities of key until finding the correct key, let’s take a look how much time is required to do a brute force attack by some supercomputers;
- In 2011, the Fujitsu K computer located in Japan, which is the fastest supercomputer in the world, determined with a figure illustrating that it would take it 1.02 x 10(18) (around 1 billion) years to break a 128-bits AES key by the brute force attack.
- The most powerful computer the NUDT Tianhe-2, which is three times faster than Fujitsu K computer concluded in 2014 that it would take only ⅓ of a billion years to break the AES 128-bit encryption key, wow! That is a lot of time just to break one key.
The above facts were just for 128-bit key, are you thinking about 256-bit key? Here it is, it would take 2(128) times more computational power to break AES 256-bit encryption and the required number of operation to crack 256-bit key is approximately 3.31 x 10(65), which is almost equals to the number of atoms in the entire universe, it is huge, isn’t it?
However, the above scenario in the computing world depicts the pre-Snowden time, thanks to the revelations made by Snowden which shocks the entire world including technical and computer experts and was a complete upside down situation for all the tech giants, developers and system administrators which afterward upgraded the length of the cipher keys. According to him NSA and GCHQ use Quantum computers to break the AES 128 and 256 bit keys which can be done not in billion years of course, but in the span of a night or day, yes one day, so you can imagine how powerful the Quantum computers are after all these are the most powerful and amazing computers made in the world so far. The level of security of 128-bit encryption, discussed above is still intact when we talk about the common world because the use of Quantum computers is limited legally, only to the government officials and security agencies around the globe. So in one line if we want to summarize the situation of breaking the AES 128 bit and 256 bit key, we can say that these are still the impossible to break (by anyone other than NSA and GCHQ) encryption level, because Quantum computing is not for general public so far, thankfully. All of you please note that we can confirm the trust level and reliability of AES keys as the US government itself use AES 256 bit key for it confidential data and 128 bit for regular encryption level.
Ciphers are the mathematical combinations used in the procedure of encryption, just as the key length is the combination or raw numbers, a cipher consist of mathematical codes generally called algorithms and only some flaw or weakness in these ciphers and not in the key length, can lead to a breach. Today the most secure ciphers are Blowfish and AES which are used by OpenVPN. Not only this the process of encryption has some more components like RSA is used to encrypt and decrypt the cipher’s keys while traveling across the network and to authenticate the data packets hash function of SHA-1 or SHA-2 is used. The trust on AES encryption is retained by the fact that US government itself is using it for their data protection system, so far AES is the most secure form of encryption.
National Institute of Standards and Technology (NIST) is a body which develops and certifies all the algorithms currently available and the whole technological world rely on these, despite the fact that it has been closely working with NSA which can be a matter of concern for the credibility and reliability of its developed and certified algorithms. It was accused several times of providing NSA the backdoor to weaken the algorithm so as to make it easier to break, by gaining the world’s trust of security certification by NIST. However, the world of technology depends on it so much that even after some acquisitions, which are still ambiguous and conflicted, they have nothing, but to trust it and go with its currently developed and certified algorithms.
Importance of Perfect Forward Secrecy (PFS)
Perfect Forward Secrecy (PFS) is the secure protocol used in encryption procedure which secures the past sessions keys even if the long-term keys are compromised, it protects the future session keys as well if PFS is used, it is impossible to retrieve past sessions of encrypted communications. According to the information explained by Snowden, 1024-bit RSA encryption (widely and commonly used to protect the certificate keys) and the SHA1 algorithm (widely used to authenticate SSL/TLS are weak and can be broken by the NSA’s and GCHQ’s supercomputers, faster than ever predicted earlier. However, by large the industry has shifted and still been shifting on to RSA-2048+ and SHA2+ hash authentication, which is the most secure in the current scenario (can’t predict the future). Due to such weaknesses mentioned above, the importance of perfect forward secrecy (PFS) in all SSL/TLS connections has been increased, as it is the system in which a new and unique encryption key is generated for each initiated session and by this it is impossible to restore and retrieve the past encrypted communications, in short, it creates multiple keys and not just rely on one or two pairs of keys for the encryption of the data. Sadly, most of the companies nowadays use just one pair of a private key for the entire session, which is a weak encryption tactic and can be broken easily. OpenVPN is considered as the most secure VPN protocol, because it is compatible with PFS and allows it, however, the scenario is quite frustrating that not all the VPN companies use PFS with OpenVPN and this is the cause it can’t be stated as the unbreakable level of encryption. If OpenVPN is used with PFS, this is the most secure encryption mechanism any company can adopt and provide to its customers.
So, Where Encryption Stands currently?
After all the discussions we have made earlier in the article regarding the NSA and its collaborators’ aims and actions towards encryption, we by no way can deny the fact that underestimating them is not a wise idea, however we still can conclude here important factors which still can save us in the world where trust and to put our faith in mathematics and computing is the only hope we have. So, if you eager to achieve the maximum privacy level in today’s scenario you must opt for strong ciphers (AES and Blowfish) and OpenVPN (with the combination of PFS), it is important for me to mention here that NSA is not the only privacy culprit, but yes the most powerful, others including cybercriminals and government organizations are also a potential threat to your privacy, but not as powerful and technologically equipped as the NSA, GCHQ etc.
What is End-to-end Encryption?
In general encryption process as discussed earlier, the encryption keys are generated and stored by the encryption service provider and not the users who are using the encryption service, which means the key to your safe is not in your possession, which carries a potential risk of snooping or eavesdropping by the third-party if it wants to (it is very rare scenario, but possible), so in such case the best type of encryption is end-to-end encryption.
Importance of End-to-end Encryption (e2e)
In end-to-end encryption, the data is encrypted in a way in which only the owner of the communication knows and hold the encryption keys, which means there is no involvement of any third-party holding the encryption keys for you which in any specific circumstance can be a privacy threat. For example; Microsoft provides encryption for all its services like emails, onedrive, photos etc. but in such case, encryption is not end-to-end and Microsoft has the keys for your encrypted data. In 2013, on the request of NSA, Microsoft has decrypted emails of 250 million users around the globe for some investigation required by NSA.
So, the point is that, services who use end-to-end encryption and encrypt your data on your computer or device should be preferred over the services which use generalized encryption procedure and encrypt your data on their own servers, to attain a better privacy structure.
What is Metadata?
Metadata means the information about the data, if we literally translate the word, it’s meaning is ‘’data for data’’, which is not exactly your actual data, but basic information of the data which helps in providing a set of information which is easier for tracking and working with the data. For example, on how the data is created? Like using which app or program, why the data is created? Means for which purpose, the timings, day and date of data creation, who created the data? means the name of the person who is the owner of the data, where the data is created stored in the computer or device, what is the file size? Means how large the data is etc. This is enough information to track a person’s activities even the actual content of the data remains hidden and unrevealed.
Disadvantages of Metadata
Everything has it’s limitation and certain capacity, unfortunately, encryption is unable to control the collection of metadata in most of the situation and it might not protect the internet user from their metadata collection by many websites, application, programs etc. metadata certainly can’t disclose your real content of the data, but has the capacity to tell a lot of sensitive information about a person that could be unnecessary for any third-person, for example, we all love using Facebook and WhatsApp, although the chat and other communication can be retrieved due to encryption, but these apps certainly collects some metadata of the users as mentioned above like, to whom you chat the most, the dates timings and other a lot of detailed information about your activities on such application can be analyzed which are enough for potential snooping and eavesdropping, but of course NSA doesn’t have the policy to monitor individual communication why the hell it would do that? However, the point of explanation here is that how metadata can leak your important information and if there is enough metadata, even though your actual data content is hidden, means what are you chatting about is totally encrypted, but the behaviour of using the app is visible to the apps or to your Internet Service Provider (ISP), if the metadata is collected by your ISP.
How to Avoid Collection of Metadata?
Where encryption has some leakage and limitations it is not necessarily true that you just can’t avoid collection of metadata by your ISP or services and applications you use. There are advanced technologies like a VPN or Tor which makes it harder and very difficult for the ISP to collect metadata of your internet browsing activities and etc. So if a person is using a tool of VPN or Tor the ISP of that person is unable to monitor his/her online activities and blocked from collecting the metadata because of the separate tunneling technology used by VPNs and Tor, but it is also important here to mention that some VPN services do log their users’ metadata and it is advised to check their log policy whenever you are up to getting a VPN service for privacy enhancement.
Using FOSS Software
A Free and open-source software (FOSS) is easier to understand by its name, free means it is available free for licensing to its users so they can use it, make changes in it, copy it and study it by any means they want, whereas open-source means the source code of the software is shared with the people so they can make their positive contribution and improvement in the design of the software. FOSS is the total opposite of the proprietary software, where there is only one owner or a company owns the software and the software is strictly protected by a copyright and the source code is generally hidden from the users.
Importance of FOSS Software
After several examples of incidents and reports which showed the terrible and shameful role of NSA manipulating and sabotaging the internet users’ privacy by interfering with any software they want to, even all the industry’s big and reliable names like Facebook etc. are collaborating with NSA. In such a scenario how can you build your trust for any proprietary software? which can be anytime and for any purpose ordered by the NSA to let it access the user’s data and to make amendments in the software structure as the source code is hidden and secret any flaw can be developed so that it is easier for NSA to snoop on the users. No one can be trusted now, but still, you have one option if you want to cross all the boundaries of your privacy, the Free and open-source software is what you can use. A FOSS software is normally developed by the separate individual and not owned by any company, which is a good sign because it is impossible for NSA to access that unknown individual. Even you can make improvements in the design according to your requirement which means the source code and the entire framework and infrastructure of the software are transparent and no flaw can be created by anyone with the intention of snooping. However there is still a slight chance that NSA has approached the developer’s’ group of such free and open-source software and have introduced some flaws and malicious security bugs into it, but despite that, the chances are very narrow as compared to the other widely used commercial and proprietary software.
How to Protect your Privacy?
Well, after the discussions which highlighted that nothing is perfect and you can’t achieve 100% privacy with the prevailing attitude of NSA towards surveillance and shutting the privacy wall down, all is not gone and you are still able to enhance and protect your privacy over the internet, let’s learn how.
You Need to Anonymise your Internet Connection
To anonymise means to be hidden and browse the internet secretly, this nothing has to do what you are doing on the internet, but to protect snooping and to enhance and boost overall privacy and it has tons of benefits as well. Using some tools and technologies to stay hidden and anonymous over the internet is a good idea until you choose the services wisely and you get it after a little research. Adopting some technologies can protect your anonymity while you browsing the internet as well it make you untraceable over the internet which saves you from many privacy issues and protect and enhance your privacy.
Use a Virtual Private Network (VPN)
VPN is a tool which provides you a separate and private network and makes you invisible online, not exactly invisible, but it alters your original identity and you appear as some other person (which really doesn’t exist) over the internet. A VPN provides you shelter from the monitoring and spying by your ISP, NSA, other government security agencies etc. by creating a private encrypted tunnel which transmits the entire internet data of yours via this tunnel so that no one can see your online activities, it let you evade and bypass all kinds of geographical restrictions and censorships by virtually altering your location, by which you are able to access all the blocked content from any region of the world with an ease and security, gives you protection from hackers and other cyber criminals on open public networks like Wifi etc. and makes you anonymous while downloading torrent and allows you to access all the torrenting website from anywhere in the world.
Use Tor Network
Tor is a privacy software which transmits your internet data traffic through at least three nodes, which acts as the three encryption layer within the Tor network and then connect you to your desired web server. It is used to attain untraceable level of privacy and by using Tor the encryption is done not just one time but minimum three times and make it difficult for anyone to track your original identity and data traffic while traveling over the internet, it encrypts the data several times including your real IP address which has the information of your original location. It makes you untraceable over the network and prevent snooping and unwelcomed monitoring by the privacy intruders. You can use Tor for visiting websites, online chats, for files uploads or downloads etc. It is important to mention that Tor can’t be used to attain absolute anonymity over the internet but rather it is used to lengthen the process of transporting the data through various random nodes in an encrypted form which makes it harder for anyone or any website to track you back over the internet, which however gives you a privacy edge.
Combination of Tor and VPN
You can use Tor with a VPN as well, to attain and avail the utmost say on privacy possible (if you are a privacy freak). However, using both together can slow down your internet speed especially if you are using an old machine with a poor internet connection. As compared to VPN, using Tor is viable for such users who really want to hide and dodge their identity over the internet and to explore the deep dark web, Tor has been accused to be used by many cyber criminals and for illegal web access of censored websites.
Please note that other than VPN and Tor, there are other inferior options as well to circumvent the censorship and to attain privacy over the internet. The reason I mentioned ‘’inferior’’ is that the proxy servers are popular, but not as successful practically as VPN services and has many flaws while using which kills the purpose of using it and that is ‘’Privacy’’ of course.
Do Secure Browsing
Most of the internet user may not aware of the fact that the browsers are also an enemy of your privacy, while you are freely browsing the internet all the details are stored in a form of a concrete profile which aids the advertisers who want to show you their ads so that they sell you their products and this profile get stronger by the time as you spend more time browsing the things which interest you or important for your work, your likes, dislikes, preferences, topic search etc. For instance; Have you ever notice that you see ads of many ‘’weight reducing programs’’ while on some internet pages? and you get interested in them because you frequently search and read articles related to weight management. How does the internet know that you want to lose weight or you are conscious about your weight? It is certainly not a magical story behind it but the little information that the browsers store in the form of HTTP cookies when you are busy exploring the internet. Some privacy minded and cautious users are aware of this and they do clear their HTTP cookies. Many browsers have updated their version and brought an option of private browsing which keeps these cookies blocked and don’t store such information, even though it is a minor step when it comes to secure browsing because there is a lot that needs to be handled which needs you attention for a better face of your internet privacy.
Cached DNS Management
While you use the internet there are a lot of things that are happening in the background of which you are totally unaware( at least a non-IT person), to speed up the connectivity process your browser keep record of the DNS caches which stores the IP addresses of the web pages you recently visit over the internet. It stores all the information from the URL of the website to time of the session, frequency of visit, data size etc. which can be used by the browsers to sabotage the privacy. However, if you care (of course you do, if you are reading this guide) then you can clear the DNS caches in Windows by simple steps;
- Go to search bar in the taskbar, type command prompt, and press enter a black window will appear. Type ipconfig/displaydns there and press enter. You will now see the page loads all the website and its related data that you frequently visit.
- To remove this, type ipconfig /flushdns in the command prompt window and press enter, all your DNS cache will be cleared from your machine.
Just like the regular cookies which have some data stored in them so to track you on the internet, Flash cookies are used abundantly these days. Flash cookies or generally referred as a local shared object, is a text file which is sent by the web server to the client (which is your machine) when the browser requests a content that is supported by Adobe Flash Player, a famous and widely used browser plugin. This is done so to remember the client information when it returns which helps the processing faster. However, these flash cookies can be deleted from the machine by a manual process which is usually done by using a Cookie cleaning software that is compatible with Windows and OS X both, named generally as CCleaner. It is a good tool to keep your machine clean and tidy and get rid of all the unnecessary files, temporary files, cookies and all the garbage that make an additional load on your machine.
Web Tracking Technologies & Solution
Internet marketing is a huge billion dollar industry, therefore huge investments have been made so as to fetch more user information and data to improve the advertising and ultimately to enhance their profit margins. To achieve this the aiding technology is unbelievable and create accurate user profile which has all the required user data by several data tracking techniques associated with your IP address, browser history, type of browser used, type of operating system used, your ISP, bandwidth, caches, cookies, internet search, websites visits, frequency of visit etc. by gathering all such information these intelligent and smart technologies evaluate your interests, your location, your likes, dislike, preferences, your shopping pattern etc. which later are used to display ads on the web pages targeting your interests, so that you might click and buy the product they want to sell you, remember clicking alone benefits such Doubleclick ads. These technologies are’
Also known as device fingerprint or machine fingerprint is a technology which collects, analyze and stores the user’s unique and almost accurate fingerprint which is a unique set of various data collected which is used to identify the user numerous times over the internet for the digital marketing and advertising purposes.
Etags means entity tag is related to HTTP which is a unique identification tag send by the web server to any specific machine (computer and other devices used for internet usage). The function of these tags are similar as of fingerprints and can be analyzed simultaneously to accurately cross-check the accuracy of the user identity.
HTML web storage
Web storage is a kind of cookie storage, but with more enhance data and accuracy. It stores information not only on the browser and web pages visited by the user, but also stores much more details on the local machine as well, and the purpose is to ease the load time for any already visited website, but can also be used as user data profile for advertising. It is a feature of all the current web browsers, including Google chrome, Mozilla Firefox, Internet Explorer etc. in Firefox and internet explorer it can be turned off by settings, and in Google Chrome it can be done by adding an extension named Google NotScripts.
This is the creepiest thing sitting silently somewhere in the corner of the room of our browsers. It works silently and steals and syncs the browsing details and history with your social networking websites and it can not be disabled or avoid while browsing, but you can bypass and dodge this if you use any privacy tool like a VPN or Tor for example.
Browser Extension for Better Privacy
To simply slap and block all the annoying ad pop-ups and banners, tracking and other privacy threatening activities and technologies use these browser extensions which are effective in blocking such unwanted things while you are busy over the internet they will do their job and keep up with your privacy.
As its name say it all, AdBlock Plus is a tool to keep the third party ads, scripts and banner pop-up away from you while you browse the websites over the internet, it filter out only the content of the websites blocking all the third-party advertisements which are not only annoying but usually misclicked which leads to severe privacy threat.
Disconnect a great and effective browser tool to stop the money makers and scammers track you online, it provides you protection against tracking, malware, and malvertising by blocking the third-party cookies accessing your browser and works for a better and cleaner privacy picture that is what we are after in this guide.
Secure your Mobile Browser
Unfortunately, mobile browsers are not as safe and modified against cyber attacks as the desktop browsers because of different design structure and framework that of desktop versions. The extensions we listed above are all for desktop PCs, but still, you can enhance your mobile browser security which is very important as we all spend more internet time on our smartphones and tablets than on our laptops and computers, due to the ease and flexibility of use. Now all new mobile browser updates have default features of, Do not Track, Private Browsing and advanced cookie management which is a good news for privacy geeks, time to update the mobile browser now or change the browser’s settings on point.
Make Payments Anonymously on the Internet
Online shopping trend has been increasing all around the world due to several factors, but mainly because of hectic life schedules which mean no time for driving both ways to shopping arena and then roaming all around to find the things you are looking for etc. This is not a bit of labor but also time consuming which is precious these days. On the other hand, online shopping is convenient, quick and flexible. However, privacy covers not revealing your real home address as well but in the case of buying any physical things online that will be required so the thing can be delivered to your home. Absolute anonymous purchases can only be done for the virtual products and online services which don’t require any delivery at your doorstep. Most of the online services and shopping websites include anonymous payment option these days which is a good and important step towards the conservation of your internet privacy.
Pay using Bitcoin
Bitcoin is an anonymous payment system and categorized as the first cryptocurrency developed with the intention of paying for the online services anonymous which do not ask for any real personal details and you can complete the payment procedure as an unknown and anonymous person over the internet, which is a good privacy indication. The details of using Bitcoin and the whole procedure of using Bitcoin as an anonymous payment method is a good idea to get started paying for the online stuff without hurting your privacy by your own hands.
Other Payment Options (Anonymous)
Even though the most reliable and popular anonymous payment method and cryptocurrency is Bitcoin, but there are some other options as well not as much popular, but they do exist if you are curious enough to know you can read the list of cryptocurrencies.
Secure your Social Networks
In a world, everyone with a smartphone and on average three social networking apps installed on it, no one can avoid being updated on social apps, but this can be a threat to your privacy which people realise mostly after they had the water crossed their fence and all they can do is, get drowned! I am not going to tell you that you should stop using all social platforms and delete all of your Twitter, Facebook etc accounts and why would you do that? even if it can’t remove all your past traces from the network. All I can say is that if you are really concerned about your privacy, then you must adopt some rules so secure it and prevent it from getting leaked on social media. Some golden rules to abide start with the very basic and common sense, what you don’t want to people know about, don’t share it or submit it on Facebook or Twitter etc. As Facebook is considered less private because it shares all your information to the third-party advertisers for cash and to NSA, now you know why. Always check and update your privacy setting of the posts you share, the pictures you upload, who can search your on Facebook etc. these settings make a lot of difference. Don’t take me wrong here, but it is really a good idea to use Facebook with a fake name than your real one to hide the identity, believe or not, it saves you from tons of problems especially if you have a friends list in which all the coworkers, friends, and family is spying on you. Don’t use Facebook Messenger chat, Instagram’s Direct Message (DM) or any other chats for private and confidential conversations as these are not encrypted and secure and anyone snooping on you can read that is meant only for you and your friend etc. It is better to use secure and encrypted conversation medium for this, like your mobile call.
Get a Non-tracking Search Engine
Most of the search engines that we use today, keep logs of user information like IP address, your search key terms, time schedule of your searches, cookie ID etc. This information is then just handed over to the third-party companies to put up the ads on the web pages you visit over the internet. The governments of many countries also request the mega search engine like Google, to hand them the user search data for different purposes. This is very hard to avoid such activities by the search engine by simple steps, and if you really don’t want to continue with this you can opt for the search engine which aren’t that famous and accurate like Google etc. but they are designed in a way which never tracks you, preserving your privacy over the internet.
List of Search Engines which don’t Track You:
Here I have carefully picked up some search engines which never track you;
Periodically Remove your Google History
The very basic thing a privacy geek must do on a routine is to clear the search history of your Google account. Google stores history of your requested search terms with the link, time of search and maintains a list of these item as ‘’History’’ in the setting panel and it is done separately for every account. To remove it, you just need to sign in with you Google ID, then go to ‘’Setting’’ panel at the top right corner of the window, settings page will appear, on the left side panel you will see a history section in the first place, click on it and in the very beginning you will see a button saying ‘’clear browsing data’’ click it and you are done. This is to prevent Google collecting profile out of your search data and the existing collected search history data will be removed.
Secure Your Email
Email has its own importance especially in a corporate world, where you simply can’t get the things done by sending the details on the text. It is important to keep track and record of every communication made officially, so the email might never lose its importance no matter how texting becomes easier. With the increasing privacy threats and NSA and the government has reached beyond their limits in privacy intrusion, it is very crucial to keep the email conversation secure. Not only in the corporate world but all the individuals are aware of the importance of email because of their layout, storage structure etc. However, securing your email is very important as it usually carries important messages like your financial transaction details, your bank account summary for the year or month, your social security details, your credit card and billing history, hence what not. And obviously, no person would ever want such sensitive details in the hand of any person with evil negative intentions. To overcome these email users fear, many email providers, like Gmail and Outlook etc., have established an SSL email system which implements secure communication while your emails are traveling via the internet and it is done by encrypting the mail data from starting point and decrypting it when it is at the other end of the communication channel, however it makes no difference if the email service provider is handling the data over to the NSA like Google and Microsoft have been doing this (thanks to Snowden, now we know). To avoid it there is an option of email encryption for those who think there emails carry sensitive and confidential data which no one should be able to read, but point to remember here that even in an encrypted email system not all the information is encrypted which means the email addresses of the sender and receiver, subject line of the mail and the date and timings of the message will remain visible to anyone spying on you. The encrypted email system is provided by many providers which implements end-to-end email encryption. Some well-known names are;
However, it is important to know that end-to-end email encryption has one limitation which affects its practical implementation on a wider scale is that, it is mandatory for both the parties (sender and receiver of the email) to have the encrypted email installed and set up on their machines, so as to decrypt the emails when it reaches to the receiver. It sounds pretty tough to convince any of friends, your customers or clients to get the same encryption done, awkward and surely time-consuming task.
Secure Your Personal Communication
As mentioned earlier in the article NSA and other like it like GCHQ, have gone beyond every limit to sabotage the face of individual privacy they surely monitors each and every communication of the citizens made on whatever medium, it is either on the internet or land phone call or the mobile call, in short, the snoop on everything you do, the internet communication can be secured somehow, like what we are trying to do in the guide, but let me tell you one thing very clearly that you can’t secure your conversations made via mobile or land phones. And even if you try to secure your landline and mobile calls (by using some anonymous and disposable burner phones) then you become more visible and suspicious in the eyes of the NSA and GCHQ considering as if your intentions are not right so that you went for something unusual (using a burner phone) unlike a regular citizen does, so don’t try to that at all and opt of VoIP calls instead which is still a better way to keep your private conversations, private.
Use VoIP for untraceable Call
Voice over Internet Protocol (VoIP) is a name given to technology which makes internet calling possible. Combined with end-to-end encryption VoIP is a best possible way of securing your private calls. VoIP let you call (voice or video) your friends and family using a free internet calling software, like Skype, Facebook Messenger, Whatsapp (voice only so far) etc. This technology became popular the moment it hit the internet as it provides cheap long-distance call for unlimited talk time to anyone in the world (obviously the same software is required for both the parties), However, some conspiracies of being handling the information to the NSA and GCHQ are attached with the Skype, as it is owned now by Microsoft, which literally damages the privacy face of the internet users around the globe. However, you can simply opt for the less popular and not intruded (so far) alternatives to Skype, if you think it is not wise to use a conspiracy linked software and kill your own privacy.
Secure (text, instant) Messages and Chats
Many VoIP software mentioned above, have the chat and messaging feature as well, but there are many instant messaging and chat software available dedicated only for messaging and chats, like the most popular Whatsapp, was initially started as a messaging app, then later introduced a voice call feature as well and now predicted to launch video calling features soon, which is a good option as Whatsapp recently upgraded the software and implemented end-to-end encryption mechanism for all the chats and conversation made. However, after being taken over by the Facebook, Whatsapp can’t be considered as secure as it could be without Facebook, due to the reason that Facebook, Google, Microsoft are on of the top contributing partners of NSA’s mass surveillance and data retention programs. The best can be done in the scenarios is to use better and secure alternatives to these messaging and chat software.
Cloud Storage Management
Data storage is now a totally different thing as compared to the past where we used to keep the files in our machines which later on runs out of storage capacity and we get worried. The new thing which is going to take the data storage by storm and already has taken up is Cloud storage. It is easier and much cheaper to keep all your data sync on a cloud provided by all the leading providers like Google, Microsoft, Amazon, Apple etc. but talking about privacy particularly we don’t trust even these big name as they all are compelled to fulfill orders by the NSA and other like it. Which means they can even share the data stored in your cloud if asked by NSA and others. So the simple solution is to encrypt your files and folders prior to the cloud storage. There are two possible option of encrypting your data before adding it to your cloud;
- Encrypt all the data on your machine manually, or
- Use an encrypted Cloud storage software.
Encrypt all the Data on your Machine Manually
The simplest way to keep your cloud data secure is to manually encrypt it before you store on the cloud. This can be done by following a files and folders encryption guide as per your machine or operating system. This way you can hold your own encryption keys and no one can decrypt the files or folders on the cloud but you, or the people you share the encryption keys with.
Use an encrypted Cloud storage software
If you want to be more on the privacy side, then you can easily opt for the encrypted cloud services which will automatically encrypt all the files and folders you store in the cloud and you can save tons of your time. These services offer a basic free package and premium packages for which you need to spend a few dollars per month based on the storage size limit you need.
Use a Reliable Antivirus, anti-malware and Firewall Software
The basic and most common way people get their privacy compromised and become the victim of hackers and other cyber attacks is not using or carefully updating the antivirus, anti-malware and firewall software on their devices (Windows, Mac, Android, iPhone/iPad, Linux etc.).
Which ever device or machine you use for the internet before anything you must get a good reliable antivirus software. All the major operating systems these days like Windows and Mac come with a default antivirus version that needs to be updated, because it is the basic version which has limited features, not enough to battle off advanced viruses, trojan, and worms etc. An antivirus must be regularly updated and a full machine scan must be scheduled for the ultimate safety of your device from the potential threats that can not only damage your device but also sabotage your privacy shelter. Some good and reliable antivirus software are; Avast! Free Antivirus and AVG AntiVirus Free Edition, these two are comprehensive and most popular software and are compatible with all the major OS.
Malware is the malicious code unlike the real viruses, which is mostly common in Windows only, which can be transferred to any web page or website you visit and sit in the background of any active program and can steal the privacy. So Windows user must install a good anti-malware in parallel with an antivirus to kill any risk of getting attacked.
All the machines come with a built-firewall by default, which acts as an internet filtering between you machine and the internet server, works on the settings you choose to keep, means the level of filtering; strict or lenient. It then allows or blocks the things while you browse the internet and manage the data traffic flow accordingly. It basically asks for the programs you install and if you permits it will install and run and if you don’t want to install ant program it totally blocks it from the machine, but determining that which program to choose or not it is not the firewall’s job, it is yours. The built-in firewalls are not enough to combat the enhance and stronger threats of the internet these days and you need to get advanced and additional internet firewall software to manage the incoming programs and web pages altogether.
Always use Strong Passwords or PINs
In the world full of cyber attacks encryption password is everything they need to access your phone, laptop, MacBook etc. The best way is to be cautious and keep a hard, unguessable password which must be long and do not contain any of your personal information which can be guessed easily by anyone who knows even just your name or birth date. It is recommended by many security experts worldwide that keeping the similar passwords for all the accounts you use can be like putting everything at risk at the same time which means if someone is able to guess password of any one of your accounts, it will then put all your accounts at risk and it is like keeping one key for all of your lockers full of money, jewellery, property documents etc.We are humans and it is hard for us to keep and remember a different password for so many accounts we generally use, but you can use password managers, which is the software able to generate unique passwords for you and secretly storing them for you with a strong AES or Twofish encryption, so you don’t need to remember so many different passwords.
Never Use any US or UK based Services
We all know the level of NSA surveillance throughout the US by its PRISM spying program, which is unbelievable shocking and intrusion is clear, which means all the US internet companies are compelled to provide users’ data to the NSA and other state security agencies. And it is not just about the US citizens, but all the internet data traffic that is anyhow linked or passes through US servers are going to be monitored and stored, similar practices of mass data surveillance and data retention are adopted by the NSA allies in the surveillance program, the Five Eyes countries which includes the UK,US, Australia, New Zealand and Canada, according to the agreement all these five countries share their users’ data if required by any one of the member countries. The rest of the countries are not lagging behind but enhancing the rules to increase internet censorship and monitoring programs and laws for instance China, which is in no way different than NSA and other like it. So, the punchline of the scenario is to avoid the services (the internet or other communication) owned by these countries, if it bothers you (of course it should).
SUMMARY: HOW TO SECURE YOUR PRIVACY?
ANONYMISE YOUR INTERNET CONNECTION-Hide your identity, use a VPN, Tor or both.
SECURE YOUR INTERNET BROWSING-Learn how the browser works, defeat it and stop it from collecting and storing your data.
SECURE YOUR MOBILE BROWSER- Upgrade the mobile browser, check settings and prioritize your security.
MAKE ANONYMOUS PAYMENTS ON THE INTERNET-Use cryptocurrencies like Bitcoin, gift cards etc. to make anonymous online payments (not for physical goods).
SECURE YOUR SOCIAL NETWORKS-Be reserve, cautious and keep an eye on your privacy settings while using social media or don’t use them at all (practically not possible).
USE SEARCH ENGINES THAT DON’T TRACK YOU- Get the search engine which is not freaky and leaves you alone on the internet and doesn’t track you by profiling you.
MANAGE YOUR GOOGLE HISTORY-Keep deleting and clearing your Google browser’s history, I mean do it, even if you are not a dirty person.
SECURE YOUR EMAILS-Use secure encrypted email providers to save the data in your emails.
SECURE YOUR PERSONAL COMMUNICATION– Use VoIP with end-to-end encryption, encrypted messaging and chat software, avoid phone and landline calls for private conversations (always tracked and you can nothing about it).
SECURE YOUR CLOUD DATA STORAGE-Manually encrypt all the files and folder prior to adding it to cloud or use auto-encrypted cloud storage.
USE ANTIVIRUS, ANTI-MALWARE & FIREWALLS-Use and update premium and comprehensive versions of antivirus, anti-malware and internet firewalls, they are your machine’s life saver and your privacy partners, believe me.
USE STRONG PASSWORDS-Keep long, difficult and unique passwords and pins or use a password manager.
AVOID UK, US BASED SERVICES– Nothing can beat the NSA, GCHQ and others like them when they want to do it, they will do it, avoiding these countries’ services will save you from being monitored and logged.
Conclusion of the Ultimate Privacy Guide
We have covered all the major and minor privacy aspects in this guide to help you prevent anything against your privacy and rather enhance your level of privacy which is beneficial for you. We totally understand all the things we discussed here and the actions we recommend you to take are not one-click job, but to strengthen your privacy you need to pay a little more attention towards it and put a tiny labor into it so that you can see a better picture of your enhanced level of privacy, which is, of course, the right of every internet user, that is unfortunately sabotaged by the privacy culprits (now you know who are they). We are confident this guide will help you to learn more about your internet privacy and the steps you can take to improve it, in this guide we have not claimed anywhere that all the measures to enhance privacy, recommended by us are fully fool-proof or will make you 100% private over the internet, but still you can work to improve if it is in bad shape now, so you don’t give chance to the privacy culprits to spy on you or hurt your privacy easily, give them a hard time, harder in fact.