How to protect yourself online
We show you how to protect yourself while browsing the world wide web
How to protect yourself online
If you've noodled around with the anonymising network Tor at all, you'll probably have come across the Tor browser, a specially built version of Firefox with extra security layered in. It's actually a crucial part of the Tor's security, because there's more to protecting yourself than just hiding your IP address.
The same principal applies to VPNs. A VPN provides part of the privacy and security package, but it's not the whole deal. It hides your IP address and encrypts your traffic for part of its journey across the internet – but not the whole way.
With a VPN, the connection between you and the VPN provider is encrypted, but the part after that, the connection to the end website, is not. Nor does a VPN prevent your computer from transmitting too much information to end websites, and your browser can very easily leak too much information about you and your activity.
So we're going to look at some of the simple things you can do to stop that – that is, to make your regular browser work more like the Tor browser. We won't go quite as far as Tor (which disables plug-ins) or recommend doing things like disabling JavaScript, which cripples a lot of web sites.
The following tips are going to focus on a few things that you can do without any real impact on how you use the web. We'll focus primarily on Firefox and Chrome, since frankly IE has fewer tools at its disposal for protecting privacy.
Private and incognito browsing
No cookies, no history
Known as Private Browsing in Firefox and IE and Incognito browsing in Chrome, this is a feature that all the major browsers have built in. In Firefox to bring up a Private Browsing Window press 'Ctrl-Shift-P'; in Chrome, press 'Ctrl-Shift-N'.
Any browsing done in an incognito/private window has a special property: no history is recorded and (more importantly), no browser cookies are kept after a session ends. Take away cookies, and you take away a lot of power from sites looking to track you through them.
You can set Private/Incognito to be the default in both browsers.
- In Firefox, click on Tools->Option, then click on Privacy. Under the History section, there's a label Firefox will: and a drop-down box. Change the entry in the drop down box to 'Never remember history'. Although it won't have a private mode label, it will use the same settings as Private Browsing.
- In Chrome and IE, you'll need to add a modifier to the startup link. Find the link you click to start the application (not the one in the Taskbar, but in the Programs menu) and right click on it. Select Properties and you should be taken to the Shortcut properties window. Locate the Target field, where it shows the link to the executable file. For Chrome add -incognito to the end of the line. In IE, add -private.
HTTPS Everywhere
End-to-end encryption
Since a VPN only encrypts your connection between you and the VPN provider, the rest of the journey to the final web site is unencrypted. That's where you data can conceivably be intercepted and read.
Using HTTPS, as opposed to regular HTTP, however, creates an encrypted link between you and the end web site. Nobody can intercept and read messages passed between you and the web site, which is why eCommerce sites use it, for example. The thing is, a lot more sites can use it than actually do by default, which is where HTTPS Everywhere comes in. It attempts to force sites that support HTTPS to use it.
It's an add-on available for Chrome, Firefox (including Android) and Opera. It really requires nothing from you: just install it for your browser. It adds a widget in your browser bar, but generally work automatically.
Removal of tracking widgets and analytics
Disconnecting from web trackers
Disconnect is an add-on available for Firefox, Chrome and Opera and does an excellent job of excising tracking elements from the pages you visit. Tracking cookies, Facebook/Google/Twitter widgets, ad links and analytics are all removed from the page before they're downloaded.
It's available as a downloaded app, or you can go to the Extensions/Add-ons section for your browser and search for the Add-on.
It certainly has some overlap with HTTPS Everywhere (since it also tries to force HTTPS), but there's no harm in having both installed.
An incognito search engine
Because searches should be private
Google and Microsoft are rather notorious data gatherers and hoarders. Every search you do is logged and linked to your profile. An anonymous search engine is better. DuckDuckGo and Startpage are good choices.
Firefox includes DuckDuckGo as an option where you go to Options->Search and you can set it as you default. In Firefox, Chrome and IE, if you go to StartPage or DuckDuckGo, there's a link on the page that will add it to your list of search engines, and you can make it default in the browser settings.