Online privacy: 3 ways to ward off cyber criminals and snoops

Keep yourself safe with these online security tips.

thinkstockphotos 177110711

It’s easy to forget why online privacy is important until something salacious, like last year’s Ashley Madion hack, brings the risks to the forefront. The fact is, our increasingly connected lives make us sitting ducks for bad actors. While there’s no such thing as 100-percent security, there’s still plenty you can do to protect your privacy online.

Cloak your browsing

Your web browsing habits reveal a lot about you, and the trail you leave through your history and cookies can be easily exploited by a ne’er-do-well. Your first stop, therefore, should be Tor, or The Onion Router. This browser directs all internet traffic through a network of computers, or “nodes,” encrypting data along the way, which obscures your browsing habits.

Tor is equal parts famous and infamous. While it’s been used for illicit activities like selling drugs, a la The Silk Road, it’s also favored by whistle-blowers, journalists, and activists who want to anonymously share vital information. The network is currently managed by the nonprofit Tor Project, where you can download it now.

tor

The Tor Project offers an anonymous browser, as well as guidance on your browsing habits. 

Like Tor, virtual private networks (VPNs) mask your IP address. With VPN software, a user can connect to a remote server on a VPN provider’s network, which changes the user’s IP address and location accordingly. As with Tor, there are good and bad uses for this tech: VPNs’ ability to grant access to geo-restricted sites has made them popular among Netflix pirates, prompting the streaming giant to crack down on them. PayPal, too, has restricted some VPNs from accepting payments. Nevertheless, VPNs are a handy tool if privacy is a concern.

“By using a VPN and frequently changing the location, plus browsing the internet in incognito or invisible mode (most browsers have this feature), the amount of data that is collected about you decreases,” Dan Gurghian from ibVPN told me.

reddit vpn

The VPN subreddit has a wealth of info on the topic.

VPNs are particularly helpful when using free public Wi-Fi, which can be the Wild West of cyber-threats. Public connections aren’t secure, and your browsing can be snooped on if sites aren’t using HTTPS, says Amit Bareket CEO of SaferVPN.

“Hackers can also use this opportunity to install software on your computer, which can capture confidential information like usernames, passwords, credit card numbers, and email exchanges,” Bareket says.

As you consider the several VPN providers on the market, avoid networks that keep data logs on users. Always check a provider’s terms and conditions. I recommend checking out several VPN review sites—but be wary of affiliate programs that may be biased. Likewise, r/VPN on Reddit usually has a pretty vibrant and critical discussion on VPNs and their privacy and security promises.

Encrypt your communications

The Apple-FBI fight has put the spotlight on encryption, because it can render data inaccessible to anyone, even law enforcement. Of course, that’s exactly what makes it a valuable privacy tool. Applied to email, encryption keeps your communications private.

PGP (Pretty Good Privacy) has set the encryption standard for many years. The software scrambles and unscrambles messages that can only be sent and received with the use of public and private keys. In its early days, the process of using PGP was too cumbersome for most users, but the tech has gradually become easier to use. Mailvelope, for example, is a browser extension that integrates with your webmail account (Gmail, Yahoo, etc.) to generate public and private keys. Secure Gmail by Streak is another popular option but is only available for Chrome. Thunderbird users can check out the Enigmail add-on.

Startups have sprung up, offering dedicated web-based clients and mobile apps that make encryption more user-friendly. ProtonMail, founded by former CERN scientists, allows end-to-end encryption to avoid interception. It’s still in beta but you can reserve an account now. A similar option, Hushmail, charges $34.99 annually.

effscorecard

Is your messaging app up to snuff when it comes to encryption? Check out the Electronic Frontier Foundation’s scorecard

There are also a number of encrypted messaging apps for smartphones. The Electronic Frontier Foundation carried out an exhaustive survey of messaging apps, judging them on criteria such as whether messages are encrypted along all links of their path, and whether the provider can access your messages.

Telegram, from Russia, is one of the top-rated messaging apps and has grown in prominence. Recently, it announced a self-destruct feature that will allow users to remotely kill off their account if they believe it has been compromised. The feature was spurred by the arrest of a journalist in Iran who was using the app.

Other encrypted messaging apps the EFF scored well include CryptoCat, a web and mobile chat platform, and Chatsecure for Android and iOS.

Stay proactive

There are plenty of ways you can stay proactive in managing your online security. You can use DNS Leak Test to check whether your IP details, which are associated with your browsing, are leaking online. When you’re using something like a VPN, you should take this test regularly to make sure there are no flaws in your software.

Achieving the highest degree of privacy is difficult. It requires things like replacing debit/credit card payments and PayPal with cryptocurrencies like Bitcoin—a practice that can make day-to-day transactions difficult.

Covering the basics is key here, but the human element is still important. Be mindful with your security, and wise when it comes to things like changing passwords and avoiding unsecured Wi-Fi networks. Remember: nothing is 100-percent secure. 

For more privacy-related tips, see our article on covering your tracks online.

Related:

Subscribe to the Best of PCWorld Newsletter

Comments