You are living in tough times when it comes to online privacy and security – and it’s only getting worse.
Here are a few examples illustrating the overall trend:
- Global surveillance – mass surveillance technology continues to strengthen and expand around the world – particularly in the United States, United Kingdom, Australia and other Western countries. (See also the Five Eyes, Nine Eyes & 14 Eyes surveillance alliances.)
- ISP Spying – Internet service providers and telecom companies are now recording user activity in the United Kingdom (Investigatory Powers Act), United States (Senate Joint Resolution 34), and most recently Australia (mandatory data retention). Depending on which country you’re in, the data is saved for government agencies and/or sold to third parties and advertisers.
- Censorship – Many authorities and governments do not want a free and open internet. Whether it is China, Turkey, or the United Kingdom, authorities are working hard to censor content online. This is particularly the case in Europe. The UK is now considering 15 year jail sentences for people who view websites hosting “terrorist” or political “propaganda” that the thought police deems to be offensive. (If you are reading this in the UK, protect yourself from the thought police.)
- Malicious ads & tracking – Websites are increasingly hosting invasive and malicious advertisements (malvertising). Pop-ups and dangerous “click-bait” ads can also deliver malware and take your device over for ransom (ransomeware). Malicious ads (delivered through third party ad networks) have affected major websites, such as the New York Times and BBC. Ads are also used to track users around the web and record their activities and browsing habits.
Bottom line: you are being watched, but you don’t need to surrender your privacy.
You can protect yourself right now with the privacy tools below.
Virtual Private Network (VPN)
Using a good virtual private network is one of the simplest and most effective ways to protect your privacy, secure your devices, and also access blocked/censored content online (such as in China or the Middle East). While VPNs are gaining popularity, be careful to avoid the various VPN scams and gimmicks.
Below are some of the best performing VPN services based on testing and reviews:
- Combine a VPN with an ad blocker on all devices. Ads are often malicious and track/record your browsing history and habits. (See TrackStop from Perfect Privacy)
- Consider using a multi-hop VPN configuration. VPN servers can be monitored by adversaries and then matched up with incoming/outgoing IP addresses. A multi-hop VPN will help to conceal incoming/outgoing traffic and give you a much higher level of anonymity. VPNs offering multi-hop configurations include:
- Check out NeuroRouting – a dynamic multi-hop that works server-side and can be used with any device from Windows to Linux, Mac OS, Android, iOS and even routers.
- For a basic overview of VPNs, see the Ultimate VPN Guide.
- To check your VPN for problems and leaks, see the VPN Tests Guide.
- Avoid free VPNs and VPN scams.
Private internet browser
Standard internet browsers are deeply flawed from a privacy and security standpoint. This is often the weakest link when using a VPN. Installing various add-ons and extensions will not fix all vulnerabilities. What’s worse, the more add-ons you install and changes you make to the browser, the more easily you can be identified and tracked due to browser fingerprinting.
Tor browser with a VPN (Tor network disabled)
The Tor browser is a hardened and protected version of Firefox. By default, it’s configured to be used with the Tor network. While the Tor network may be useful in certain situations, it also suffers from very slow speeds and a host of other vulnerabilities (see here and here and here).
A good solution is to use the Tor browser with a VPN (and the Tor network disabled). This will give you the speed, security and privacy of a VPN, and all the protections of the Tor browser.
Here’s how to download the Tor browser and disable the Tor network (see images):
- Download the Tor browser for your operating system. After downloading, you should be prompted to connect to the Tor network, which you can do to get access to the settings.
- In the Tor browser go to the Menu button (three lines in the top right corner) and then select Options (Windows) or Preferences (Mac OS) – (image).
- Select Advanced > Network > Settings (image)
- Select No proxy > OK (image)
- Type about:config into the URL bar and hit the enter/return key. You will get some kind of warning message (“This might void your warranty!”) – just click continue or “I accept the risk!”.
- In the search box enter network.proxy.socks_remote_dns and then double click to disable; value = false (image)
- To completely disable the Tor network, go to the search box again and enter extensions.torlauncher.start_tor and then double click to disable; value = false (image)
- To ensure these changes don’t revert to the default settings when you close out the browser you need to disable TorLauncher. To do this go to Options > Add-ons > TorLauncher [Disable] and then restart the browser for the changes to be implemented.
Now, when you open the Tor browser, it will not connect through the Tor network. This will prompt a warning screen (“Something Went Wrong”), which you can just ignore.
- Brave browser – The Brave browser blocks ads and third party tracking by default. Drawbacks: It is built on Chromium, which means it inherits the privacy vulnerabilities (WebRTC leak problems).
- Firefox – Firefox is an open-source option that many use with various add-ons. While more add-ons create problems (browser fingerprinting), this may be the best option if you find the Tor browser to be overkill. Some good Firefox add-ons to consider include:
Advertisement, tracking, and malware blocker
Using a good ad-blocker is important due to the dangers of online ads and tracking. Many ads are malicious (malvertising) and are tracking your activity and browsing history.
- Use an ad-blocker through a VPN (such as TrackStop). Drawbacks: only works if you are connected to the VPN.
- Use various browser add-ons. Drawbacks: makes identification easier due to browser fingerprinting. Some free ad blockers collect and sell user data.
- Use ad-blocking hardware (such as eBlocker or Raspberry Pi with Pi-Hole). Drawbacks: will only work on devices connected to the home network.
The dangers of ads – In 2016, Google took down:
- over 900,000 ads containing malware
- 112 million “trick to click” ads that install dangerous software/viruses onto your device
- 80 million fraudulent ads that “deceived, misled, or shocked” users
Of course, Google is the largest advertising network online (AdSense) and uses their ads and products to track users as well.
Secure messaging apps
Below are different secure messaging applications. Keep in mind, many popular messaging services, such as WhatsApp, are not secure. Consider these alternatives:
Private search engine
The big search engines (Google, Yahoo, Bing) record and track everything you do with their products. But there are a few better, privacy-friendly search engine alternatives:
- Searx – A very privacy-friendly and versatile search engine.
- DuckDuckGo – This is a great privacy-friendly Google alternative that doesn’t utilize tracking or targeted ads. They also have a zero-sharing policy and other good features.
- StartPage – StartPage is basically Google, but without the tracking. This is a good option if you want Google search results, without using Google.
Insecure email providers like Gmail, Yahoo and iCloud are all bad options when it comes to privacy and security. You regularly read about these providers and their users getting hacked, or cooperating with surveillance authorities (PRISM program). Here are some alternative options:
Secure/encrypted router (with a VPN)
If you’re looking for a relatively simple way to secure your entire home network and all devices, a VPN on a router is an excellent option. A good VPN router will:
- extend the benefits of a VPN to all your devices without installing software
- protect you against mass surveillance and internet service provider (ISP) spying
- secure your home network against attacks, hacking, and spying
- unlock the entire internet, allowing you to get around geographic restrictions, blocks, and censorship
The only brand that currently offers a large selection VPN-enbaled routers is Asus. The default Asus firmware, which is called ASUSWRT, supports OpenVPN, PPTP, and L2TP, right out of the box (no flashing required).
When choosing a router, the biggest consideration is processing power (CPU). Running a VPN on a router is a very CPU-intensive task requiring the router to process lots of encrypted data. For these reasons, it’s typically good to go with a router that’s at least 800 Mhz or more.
For an in-depth overview of all the different VPN router options, see this Ultimate VPN Routers guide.
I have also put together three different setup guides using the AsusWRT firmware with different VPN providers:
- VPN Router Setup – Simple Guide (with VPN.ac)
- Ad Blocker on a Router with a VPN (with Perfect Privacy)
- VPN on a Router – Step by Step (with VyprVPN)
Consider using the free and open source Linux operating system. There are many different versions of the Linux operating system designed for different types of users:
- If you want the look and feel of Mac OS or Windows, check out Elementary OS.
- Ubuntu and Mint are two other popular options.
Tails is another privacy-focused operating system that can be run live on a USB drive, CD, or SD card.
Problems with Windows and Mac OS
Windows – The latest version of Windows (Windows 10) is a platform built for total surveillance – giving corporations and governments complete access to everything you do on your machine. The basic problem is that the operating system is entirely built on data collection.
Mac OS – While Apple may be slightly better in terms of privacy, it too has many problems. Just like Microsoft, Apple has configured its operating systems to collect vast amounts of your private data.
Restore your privacy