There is no real default privacy on the internet. Even many of the tools explicitly designed to protect your privacy don’t work quiet as well as advertised. Our personal information is eroded through a combination of user information-driven commerce (since nearly every company sells your personal data), weak governmental protections, leaky products, hacked records and a society that, in general, feels indifferent towards privacy in the first place.
And unless you’ve been living ‘off the grid’ – and we mean truly off the grid – your entire life, it’s impossible to erase yourself from public records, let alone the internet. But just because your privacy isn’t protected by default doesn’t mean you can’t take steps to improve it.
To truly avoid your information getting out there, you would either had to have never logged onto a website in your entire life, or been accepted into the Witness Protection Program, both of which options are pretty far-fetched for the average person. However, you can get pretty close to eliminating all evidence on the web that you ever existed, as suspicious as that might seem. Although, you’ll have to be extra careful not to expose yourself in the process, there are a number of steps you can take towards complete online anonymity. For one thing, as more and more people grow weary of their digital lives, it makes sense that developers have taken it upon themselves to create utilities with this specific exhaustion in mind. Likewise, there are non-proprietary measures you can take to extinguish the flame of your virtually connected persona as well. Here we’ll take a look at the pros and cons of all the various measures you can take in the quest to take your data back.
- Get an anonymizing operating system: For good encryption, you’ll need an anonymizing operating system that runs on a resettable virtual machine (VM) running on secure portable media. The portable media device should use hardware-based encryption or a secure software-based encryption program. One of the top products for this is Ironkey Workspace, which locks out users who enter too many unsuccessful passwords and comes with Microsoft’s portable OS, Windows to Go, on several USB key models. Other privacy advocates prefer a Linux Live distro, such as Tails or ZeusGuard. Just to prove that these systems are effective, the U.S. National Security Agency has stated in an internal, leaked presentation that Tails and Live OSes are a threat to its eavesdropping mission.
- Use an anonymous VPN: This will allow you to connect to the internet using an anonymous method. The best approach would probably be to jump around different open wireless networks, public or otherwise, as much as possible, rarely repeating at the same connection point. This is where a virtual private network (VPN) comes into play. There are dozens, if not hundreds of VPNs that are specifically built to make your internet connection more difficult to identify and track. Or, you can consider using devices that are explicitly designed to protect your privacy, like Anonabox and ProxyGambit. These devices protect your device without ever revealing your true location or IP address.
- Use Tor: Tor is an entire system of tools, browsers, APIs and networks, dedicated towards helping users and connections remain anonymous. Once you enter a Tor network path, the traffic to and from your destination will be routed through a random set of “Tor nodes.” However, some systems can beat through Tor. Nevertheless, it remains one of the best ways to stay anonymous when combined with other hardware solutions like Anonabox.
- Stay away from plug-ins: Today, many browsers promote the use of plug-ins, that help optimize your internet usage. However, all plug-ins leave clues that reveal your identity and location. However, there are some exceptions to this. There are some plug-ins designed specifically to enhance your online privacy, such as Privacy Badger and Ghostery which stop advertisers and third-party trackers from tracking your web browsing, including which pages you visit.
- Stick with HTTPS: Whenever you are trying to connect to the internet, try to always use HTTPS. When working with it, use only handpicked, trusted certificate authorities that don’t issue “fake” identity certificates.
- Keep your webmail private: For those that are very paranoid or skeptical of online activity, will want to create anonymous email addresses. These email accounts are protected with encryption and don’t keep IP logs that can be traced to your account. There are a few email services that explicitly advise as being anonymous, such as ProtonMail, CounterMail, or HushMail.
- Avoid using credit cards online: If you plan to buy anything on the internet, you can’t use a normal credit card and stay anonymous. You can try to use money transfer services such as PayPal, but most have records that can be stolen or subpoenaed. Better use of e-currency such as bitcoin or one of its competitors. E-currencies are starting to gain widespread validity and are accepted in more and more places every day. You’ll need a bank or service to convert your real money into one of these alternative forms (and to get it back out), but once you’re using the currency, buying anonymity is easier to maintain.
- Test for DNS leaks and browser tracking: One way to test whether you’re keeping yourself anonymous is to check whether you have a domain name server (DNS) leak. DNS servers translate domain names such as hobi.com to the numeric IP addresses the Internet uses, such as 184.108.40.206. Internet Service Providers (ISPs) generally use their own DNS servers, and those servers can be used to identify your and log and track its Internet activities. If you want to make sure you’re protected against DNS leaks, go to www.DNSLeakTest.com. Run the extended test. If you see your ISP’s DNS servers, you’ve got a DNS leak.
- Use a search engine that doesn’t track your behavior: Popular search engines like Google and Bing keep track of your searches so they can target ads at you. For maximum security, use one that won’t keep track of your results. DuckDuckGo is a great option for this. It offers plenty of useful features including region-specific searching; Safe Search, which omits potentially objectionable material; keyboard shortcuts; and more.
- Delete cookies and your privacy browsing history: It’s a good practice to regularly clean out cookies that websites use to track you, and your browsing history, which can be used to identify where you’ve been.
Each of these anonymizing methods can be defeated in some way or another, but the more of them you add to your privacy solution, the harder it will be for another person or group to identify you. Of course, everything you do to protect your privacy causes inconvenience in your online life. Serious privacy advocates don’t mind going to this trouble, but most of us aren’t willing to do what it takes to accomplish even a modicum of privacy, such as configuring settings in our OS or on social media sites. Most people simply accept the defaults — which rarely protect privacy.
The people who hack and monitor us for a living hope the majority of us will take the easy way out and do little or nothing to prevent our online identities from being discovered, hacked, and revealed. You can be part of the solution.