Tuesday, July 30, 2013

5 simple methods to improve your privacy online.

It wasn't long after the Internet came into widespread use that online privacy became a growing concern. After all, anytime people are connected through their computers and sharing resources online, there's the potential for prying and abuse.

1). Browser Settings
There are some easy things that can be done to configure a browser for better security and privacy. Among the basics, go into your Web browser's preference settings and set the browser not to accept cookies from sites you haven't visited, also known as third-party cookies. Generally, you'll want to accept cookies from the sites you visit.

Apple's Safari blocks third-party cookies by default; Mozilla intends to make this the default setting soon in Firefox, but for now you'll need to opt for the setting. You have to choose these settings in Microsoft's Internet Explorer and Google's Chrome.

Also, the newest versions of Internet Explorer, Mozilla Firefox, Google Chrome and several others offer settings for "Do Not Track," a proposed header field that requests that a Web application disable its site and/or cross-site tracking of user activity.

Consider setting your browser preferences to automatically clear cookies when you close the browser.

2). Cloud Storage
Storage of anything private and personal in the cloud should use the strongest form of encryption possible. Strengths of encryption come in various standards. RSA 2048-bit key encryption provides the best possible strength when used with public key infrastructure. The chance of cracking an RSA 2048-bit private key is not nil, but it would take so long that attempting it is not practicable using today's raw computing power.

A strong cipher is the most important consideration. Close behind, however, are the questions of where you should use encryption and with what method.

If you have any data stored on the Internet that you would like to ensure never gets seen by anyone other than yourself, then this is a good candidate for encryption.

The strongest and safest method today for encryption of cloud data is Zero Knowledge. Zero knowledge means that your cloud ISP will have no knowledge of what is being stored on their site. The private key to unlock your data will be created by you on your local drive. Thus only you will have the ability to unlock the data -- not even the cloud ISP will be able to do so.

SpiderOak and Wuala are two examples of ISP Software as a Service sites that offer ZK data encryption.

There are now quite a few SaaS encryption vendors from which to choose, but those that support Zero Knowledge are the safest bet for those with privacy in mind.

3). Two-Factor Authentication
The use of hack-prone password-based access is being gradually replaced by technologies like fingerprint scan, keyfob-generated keys and two-factor authentication methods.

If your ISP uses password-based access, make sure you maintain strong passwords. A password's strength is measured by its ability to avoid being guessed. Many ISPs and portals will test the strength of your password as you create it. Pay attention and be sure that the test returns "strong."

Do not use the same password for multiple accounts. Instead, use strong passwords that are unique to each account - and that's particularly important for your most sensitive online accounts, such as for banking, email, and social networks.

Two-factor authentication is another method that's growing in popularity. Google Gmail now offers a free two-step authentication service. The goal is to avoid having your login stream (which includes your password) from being intercepted by a "man-in-the-middle" attack. Criminals equipped with programs called packet analyzers (also known as "sniffers") can see your streaming data and steal your password.

With two-factor authentication, in addition to entering a password, the system will send to your phone a unique ID number that must be input for authentication as well. Using such a method means the "man-in-the-middle" cannot and will not know what is on your personal phone and so cannot intercept such information.

If your ISP offers two-step authentication, you'd be wise to use it.

4) Encryption for Chat and Email
With Google Talk and Google Hangouts, one can set the chat session to "off the record" to ensure that the chat session is never permanently stored on Google's chat servers.

Also, installing Pidgin for both Windows and Linux - it's a popular multiprotocol messaging software application - along with its "off the record" plugin will ensure that your chat session will remain encrypted and private. This ensures that an additional encryption layer is added to the stream using OTR, regardless of what the underlying protocol provides.

The same encrypted vs. nonencrypted concept applies to email. If you don't want your email read, then it is imperative that you encrypt it. The good news is that encrypting email is technically feasible using GnuPG, PGP or S/MIME standards, for example. The bad news is that few software applications are in circulation that make preparing and sending encrypted email "drop-dead" simple and foolproof in terms of usability by the general public.

5) Surf the Internet Anonymously
Finally, if you really feel strongly about keeping your Internet surfing habits anonymous, you may consider using a proxy for your Internet surfing - though even that won't guarantee complete anonymity.

A more difficult-to-trace method for surfing the Web is called Tor. Essentially, when you install Tor software, you log onto a peer-to-peer (P2P) network representing millions of people, much in the way BitTorrent works. It is encrypted and fully decentralized, meaning not only that it is self-sustainable but also that there is no central server which, if shut down, will stop its Internet activities.

What happens in the Tor scenario is that your IP travels in a random path along the Tor encrypted tunnel and reaches a random endpoint, where your traffic then jumps on the Internet using one of the P2P computing devices as its proxy. That endpoint proxy could be a node anywhere in the world.
If you do try Tor, just go to Google and note which country shows. It will vary from minute to minute - an indication of Tor's anonymity at work.

No comments:

Post a Comment