Protecting your privacy on the web

“You can’t have 100% security, while still having 100% privacy.” – President Obama in 2013, when speaking about the NSA’s surveillance program that Edward Snowden blew the whistle on which was secretly spying and data mining people’s private information. And it is true, it today’s modern government, you cannot have 100% privacy out-of-the-box, but you can achieve it with a little extra work on your end if you care about your freedom of privacy.

If you don’t care about this, you can stop reading now. For those that do value their freedom of privacy and want to protect it, here are a few simple steps to keep you and your information private on the internet. It’s important to note though, nothing is fool proof but the tools below will make it nearly impossible when used correctly to break your right to privacy.

TOR

The Onion Router (TOR) is free software that helps enable anonymous browsing on the web. TOR is simply a web browser that you download, and it anonymizes your location through a network of relays across the world using encryption; essentially making it appear as though you are browsing the web from another country. TOR is one of the tools that Snowden used to anonymize himself when disclosing the NSA leaks. You can read more about TOR on their website: torproject.org

TAILS

The Amnesic Incognito Live System (TAILS) is for more advanced users, but helps in protecting your privacy. TAILS allows for all its outgoing connections to be forced to go through Tor and direct connections are blocked. TAILS is an operating system which leaves no digital traces (fingerprints) on your operating system. Again, this is a more advanced option for protecting your privacy which would require you to do a fresh install of the operating system. You can read more about TAILS on their website: tails.boum.org

PGP

Pretty Good Privacy (PGP) is a way to encrypt messages between people. People like Snowden used PGP along with TOR to make sure they were anonymous and their messages were not being read by anyone else other than the person they were sending them to. Using cryptography, PGP encrypts your data that you send to a specific person, and only that person can decrypt it; and vice versa. PGP is not breakable (at least at this time) and is used by many including the NSA to send secure messages. There are a few PGP software options available online, but I suggest as a good starting point to use gpg4usb, which is a portal PGP software that you can use which works on most operating systems. Here is a demo video below on how to use gpg4usb:

NYMS

Including privacy protections above, it’s also a good practice to create an alternative profile for your online activities. This may sound strange, but if you tie everything you do online (social media, forums, etc) to your real name and identity, it’s not hard to figure out what you have been up to online. If you create a pseudonym (nym), it can make it very difficult, especially when using the tools in this article, to tie an online identity to your true name.

BITCOIN

When you pay for something online, using your credit card, your real identity is tied to that transaction immediately and forever. When you are in the real world, you can use cash to pay for things and can achieve almost zero traceability to your real identity. So why not use cash in the digital world? The way to do it is by using digital cash (Bitcoin). Digital cash (Bitcoin) in the past few years has become very popular, more developed, and more widely accepted. Bitcoin which is digital cash, when used with the tools in this article, allow you to have privacy and protects your identity. Bitcoin by itself is not completely anonymous, but when used correctly in combination with these tools will help facilitate privacy against bad actors and bad governments. You can learn more about Bitcoin here: bitcoin.org

HTTPS

HTTPS is a secure protocol for your browser. Basically when you visit websites with HTTP (missing the “s”), the data being sent from your browser to the websites, and back, is not secure and visible to anyone who may be trying to read it. By using websites that have HTTPS, the data is encrypted. Unfortunately, not all websites use HTTPS (we don’t either, YET!), but more and more websites are moving to HTTPS. To ensure that your browsing websites with HTTPS, you can use a Chrome extension called HTTPS Everywhere. The extension automatically switches “HTTP” websites to secure “HTTPS”.  It will protect you against many forms of surveillance and account hijacking, and some forms of censorship. You can read more about HTTPS Everywhere here: eff.org/https-everywhere

Two Factor Authentication

Two Factor Authentication (2FA) is when you enable a second form of authentication when logging into websites (that support 2FA). Passwords alone aren’t enough anymore, so it’s important that you use 2FA to make sure nobody can log into your accounts online except you. An example would be a website that maybe has sensitive data, such as your email program or financial website. Not all websites that you can log into have 2FA technology, but the ones that have it, you should take advantage of it. Facebook for example allows for 2FA logins, and another good example is Gmail. Google has a good page on 2FA that you can read about here: google.com/landing/2step