This is a follow-up to my presentation in class about Social Media and the Death of Privacy. After the presentation, and in the comments, a lot of people asked what specific steps they should take to ensure their data is secure. Through this blog I intend to, hopefully, provide the first few basic steps that anyone can and should take towards ensuring their privacy on the internet. This is a continuing list from after the takeaways from the presentation. Some of these are very basic and hence provide very basic protection but if used in conjunction with others in the list can be very useful to protecting your data.
Now that we know the NSA is watching our every move online, it seems almost pointless to try and avoid it. But try we do, as a new data suggests from recent surveys.
Eighty-six percent of U.S. Internet users have, at some point and at least once, used some method to cover their tracks online. Problem is, even as solid majorities say people should be able to surf the Web anonymously, not many of us are confident that that’s possible. Just 37 percent of U.S. Web users say complete anonymity can ever be achieved.
The good news is that there’s a big gap between people’s expectations and what most have already tried.
Cache-clearing and cookie-disabling is a fairly common behavior. But for whatever reason — inconvenience, maybe, or unfamiliarity with the tools — the share of Americans that have tried protecting their privacy in other ways is pretty low.
So what can be done? Here are a few options that don’t involve cracking open a computer science textbook.
Use Start Page instead of Google. It takes less than 30 seconds to setup ‘Start Page” as your default search engine. To refresh your memory, start page is a search engine that uses Google but it makes your searches anonymous and makes it impossible for anyone to keep track of your search history. Except maybe the NSA ( I wish I could say this is a joke)
Encrypt your e-mail. This is by far the scariest-sounding technique, but if you have a set of step-by-step instructions, you’ll be up and running in no time. The basic idea is that for every e-mail account you own, you can create a set of public and private keys that will turn your plain-text e-mails into unreadable gibberish.
Encrypt your chats. Instead of using texts, Hangouts or Facebook Messenger, try switching to a chat application that supports encryption out-of-the-box. A lot of people on Windows prefer Pidgin (the Mac analogue is called Adium). Illustrated instructions for setting up your first encrypted chat can be found here (Windows) and here (Mac). Other messaging clients such as Whatsapp have now started providing end-to-end encryption for all texts. Whatsapp is available on IOS, Android, Blackberry, Symbian (Nokia) and Windows phone. Its also available on your desktops through Whatsapp Web.
Enable incognito mode on your Web browser. Most browsers come with a private browsing or incognito mode that won’t log your search or browsing history and won’t retain cookies that sites use to track your behavior. While it won’t encrypt the traffic you send over the networks, it’s a good way to hide your activity from others who might use the same computer later.
Use a traffic anonymizing service like Tor. Tor routes your traffic through the Web in ways that makes it very hard for someone else to track. When the service is turned on, your Internet traffic looks to outsiders like it’s coming from one of Tor’s exit relays, which can be located anywhere in the world (read: not where you are). You can download Tor here.
Pay for a private VPN. This option is a lot like using Tor in that your Internet traffic is masked, but depending on your provider, it could come with more features. For the privacy-conscious, TorrentFreak quizzed a number of VPN providers on how they operated their business and only listed those that returned satisfactory answers.
Use a password manager. This is piggybacking over Jonah’s presentation but this is crucial. Part of the point of encrypting your Internet traffic is to reduce the likelihood of someone gaining the passwords to your online accounts. So why not beef up the security of those accounts in the first place? As Microsoft’s Troy Hunt writes, the strongest password is the one you can’t remember. To help you keep track of them all — and you’ll have a lot, if every password is different — use a password manager like LastPass or 1Password. Browser extensions, integration with Dropbox, mobile versions and strong-password generators are all examples of features that help make these tools less of a burden and more useful.
Hopefully this can help you feel more in control of your online life. Please feel free to reach out to me if you have any additional questions on any of these. I also supply free tin foil hats. :-)