Friday, 20 April 2012

Top 10 ways to protect your privacy and avoid the government’s prying eyes

Be careful what you do online. The government is proposing web snooping plans to monitor, record and understand every site you visit, every email you send, and even every phone call you make.

These plans have been met with howls of derision and dissension, with everyone from the inventor of the web Sir Tim Berners-Lee and the co-founder of Google, Sergey Brin, bemoaning this growing censorship from governments.

To help, we has put together a list of ways to help you avoid the prying eyes of the government, and any other nefarious sorts, so you can stay safe online. And it's just in time for the security industry's annual Infosec bash in London. Perfect.

Honorary mention: Wear a tin foil hat
A tin foil hat will solve all your security concerns

The tin foil hat is a terrible way to keep the sun off, but in some circles it's the best way to keep the heat away.
As protection against gloating alien proctologists, black op helicopters, 'the Man', internal voices and talkative dogs, it is unbeaten.

It is also very cheap. All it needs is a few sheets of tin foil - we recommend using new sheets as opposed to the one off the grill - a few careful folds and a head to fit it on.
Any good conspiracy theorist or paranoiac will have measured themselves for such headgear at some time in their lives, and while some will favour a bowl or pointed style others, while others may opt for the pirate or cowboy.

Because tin foil hats have become the source of some derision, we would suggest that the simpler style you choose the better.

The important thing, however you style your hat, is that you keep it on at all times when you are not under some other form of other protection.

This will ensure that no government brain-wave penetration signals can read your thoughts, steal your ideas and tell you over and over again that "You Love the State, You Love the State, You Love the State".

10. Get off social media sites
Facebook, Twitter, Foursquare: such sites are a trove of personal information (including occupations and even your religious views), as well as photos of family, friends and acquaintances.

There's even information on events you've been too and events you're going to, making your life one giant open diary to the surveillance services, as this video on The Onion demonstrates excellently (embedded below).

Of course, the simple thing to do is simply leave these sites. Get off, ensure your data is deleted, and never return.

Never update a status, never reveal personal information, never let the wider powers know where you are, who you're with, or what you're thinking.

9. Don't open unknown emails and ignore odd friend requests
On this issue, it's also vitally important to avoid all suspicious forms of communication, including emails, texts and, worse, friend requests from complete strangers.

The motives may be harmless - perhaps the stunning blonde really does fancy you and wants to meet up, but it's unlikely.

What's likely happening is some Russian gangster has thrown together a program that churns out thousands of fake accounts that spin out spammy links in an effort to infect your computer, steal your credit card details, and live a life full of caviar and vodka.

Or, if we're really getting paranoid, the innocent, fun sounding-filly wanting to befriend you is actually Agent Lewis Smith from Langley, tasked with tracking potential dissidents, and what better way to do this than pretend to "Like" your inane statuses on Facebook? It's a trap, run for it!

8. Avoid smartphones and go back to basics with a feature phone
Nokia 3310
Proving there's still life in the classic Nokia 3310 yet, another easy way to protect your personal data is to use a feature phone instead of a smartphone.

Putting aside fancy encryption, intelligent passwords and a careful approach to apps, the feature phone is so basic it can help protect you because it doesn't actually store certain key bits of information, like passwords and emails, and doesn't really allow you to visit even the most basic websites.

Well, there is WAP, but that's too slow for even the most committed ne'er-do-well.

While many won't want to give up the fancy features housed in a Apple, Android or Windows powered smartphones, using a phone that just does that - makes phone calls - is perhaps the safest option.

Although with the government considering monitoring phone records, perhaps no phone is the best bet.

7. Use encryption technologies to lock your data down
Digital encryption key
If you want to protect your data from others, one of the best ways is to use encryption so the content is scrambled, even if snoopers intercept or steal it.

There are two separate issues to consider with encryption; protection of communications and protection of data at rest.

Encryption of communications is already used when you visit a site using HTTPS, which creates a secure channel over the open internet via the SSL or TSL protocols.

Encryption of files means no-one can read your data if they hack your PC and steal documents, or somehow access data stored in the cloud on repositories such as Dropbox or an FTP site.

Many encryption tools are available that allow you to encrypt files uniquely, or in groups (such as creating an encrypted ZIP file). The danger, though,  is if you lose or forget the key, you lose access to your own encrypted files.

Of course, routinely encrypting all your information could arouse suspicion that you have something to hide, and the government can compel anyone to hand over encryption keys under the Regulation of Investigatory Powers Act (RIPA), but you're only likely to find yourself in this situation if you're suspected of criminal activity.

6. Turn off GPS connectivity on your smartphone
GPS is a great technology, no doubt. It enables you to find out exactly where you are, within detailed maps, to help you find your way when lost in a big city, or strange surroundings.

However, such data is also a goldmine to the authorities, as it would enable them to monitor your movements, work out where you've been, who you've been visiting, and make it a doddle for them to pick you up.
The simple answer is of course to just turn off your GPS connection (you may get lost a bit more, but that's a small price to pay for liberty and security).

Then again, with mobile phone signal triangulation technology also able to pinpoint your location to the powers-that-be, perhaps there really is nowhere to hide.
5. Don't have a physical hard drive
SanDisk micro SD card
When they knock down your front door, to quote The Clash, how you gonna come? With your hand on your hard drive or eating your microSD?

As any good script kiddie knows, the first thing any would-be snooper wants is your hard drive. Computer forensics can quickly reveal all your online secrets.

So when Forbes spoke to infamous Anonymous hacker Kayla in early 2011, she had an interesting take on protecting her secrets: she claimed to have no physical hard drive, instead booting her computer from a microSD, which she intended to "chew into a million pieces" in the event she got busted.

It's a neat take on staying anonymous online. One can only wonder whether the two British teenage men that were arrested later that year on suspicion of being Kayla, had taken the '16-year-old girl's' advice.

4. Turn off cookies and turn on private browsing modes
The words "cookie monster" carry more than one connotation. As well as the blue monster on Sesame Street, cookies are the tools used by websites to monitor internet users' movements, and can indeed be a monster when it comes to electronic privacy.

Admittedly not all cookies are bad, but some cookies can collect your personal data and track your browser hobbies to see how best to target you with advertisements and for who knows what other reasons.
Since this is entirely legal, it's up to consumers themselves to address their cookie settings, and disabling them is a sensible option if the practice concerns you.

However, new legislation that will be enforced from next month, will force firms to gain explicit permission from web users to install cookies on a machine when visiting a site, so that should offer some protection to the public.

While we're on the subject of web browsing, using private browsing options is also a good idea. Private browsing stops others from seeing your online history and also ensures no cookies are left behind at the end of your browsing session.

3. Consider using a proxy to stay hidden
Ninja in black outfit
Proxies are not only a good way to protect your anonymity online, they are also a way for people in many regions to avoid state-sponsored censorship of the web.

Web proxies can allow users to bypass some of the filters and blocks put in place by governments who are looking to block access to certain content or restricted web access altogether.

Free speech groups such as Reporters Without Borders have long recommended their use as a means of protecting citizen journalism and access to international media reports.

They're also a great way of protecting your data online, as they help to thwart tracking and data-harvesting attempts. Those who are feeling particularly eager to protect their data can take the idea step further by using Tor, a free network which bounces a user's connection multiple times and provides even strong protections - see number one.

Users should beware, however, as authorities are growing wise to the practice and in some cases have taken measures to block access to such networks

2. Be paranoid with your bank details
Mobile phone and credit card
Online banking has revolutionized the way many of us handle our accounts, but it has also made financial fraud easier than ever.

Some journalists that have covered cyber crime refuse to even use online banking services, having seen just how insidious criminals can be.

You don't need to go that far to protect your data. To combat the threat, however, it might not hurt to become a bit, well, paranoid with how you guard your information.

For starters, you can avoid phishing attacks by never clicking on a link embedded in an email or alert message and instead manually typing in the URL or opening a bookmark for your bank's online management site.
What's more, if your banking site asks you to submit unusual information such as your mobile carrier or national insurance number (or social security number for our US readers), close the window and scan your system for malware such as Zeus, then call your bank on the phone and alert them to the situation.

1. Use the Tor network to stay underground
Surfing the web doesn't just leave a breadcrumb trail for snoopers to follow, it's more like leaving them a series of brightly flashing beacons.

Those that wish to remain anonymous online - and that's something that matters to political dissidents and victims of abuse, as much as teenage hacktivists - need a better way of surfing the web, without making their activity easy to follow.

Here's where Tor comes in. Tor is client software that routes internet traffic through a vast sea of network servers, which encrypt and re-encrypt data as it is bounced through multiple layers of Tor's so-called "onion routing" network.

The Tor Browser Bundle provides a quick and easy means of accessing the Tor network, preventing anyone watching your internet connection what sites you've visited and stopping those sites knowing your location.
Tor is not perfect - repressive regimes do their utmost to stop citizens accessing the anonymous network. Nor is it the only anonymous browsing system available. But if you're serious about ensuring your online privacy, it's the best place to start.

No comments:

Post a comment