Privacy Is Dead—Long Live Privacy! (A How-To Guide)
It has become a common refrain that privacy is dead, especially online. After all, people give out all manner of personal information on social media—these days, it seems like no one really minds having most of the Internet know where they ate for lunch. “If I’m not doing anything wrong, I have nothing to hide,” right? Well, there are many problems with this attitude.
One problem is the accuracy of the data which large targeted marketing aggregators have assembled about you. Even though these companies claim it has been anonymized, the sheer volume of it forms a total picture of you. That picture can be essentially de-anonymized by large-scale data mining and used to attribute behaviors to you which may or may not be accurate, or anyone’s business. Maybe you don’t care when you get a targeted ad for the “Ronco 250 Pet Hair Vacuum,” even though you own a Mexican Hairless. But, what happens when you become subject to government scrutiny because the “total picture” of data puts you in a group of undesirables?
In addition, this information is often stored insecurely: the companies themselves can’t be trusted with it. In just the latest of a long line of examples, the personal data of 1 million Facebook users was just purchased online by an IT consultant. This data was probably hacked from the network of a third-party Facebook App developer.
Even if you still don’t feel your own privacy is valuable, there are many whose privacy is worth protecting: political activists, human rights workers, victims of domestic violence, and children, to name a few. Privacy and anonymity is not something only lawbreakers want. For at-risk groups, the ability to turn off or resist tracking methods is paramount. Even if a person doesn’t consider himself part of an at-risk group, he might want to write a blog about Stuxnet, for example, without being tagged as a cybercriminal.
In this spirit, I have put together a how-to guide to online privacy. I did this partly to inform those who might want to improve their privacy, and partly to educate people on the extent of the problem. Once I get into the technical details, you will start to understand exactly how many, and how pervasive, are the methods which exist to track you online. Most people are appalled by the level it reaches and how much knowledge it requires to resist the various tracking methods.
That being said, perfect anonymity on the internet is extraordinarily difficult, and probably impossible. This “how to” will stop well short of any attempt of it. Even with all the tools in the world, anonymity requires rigorous discipline and fairly deep technical knowledge. However, with that caveat in mind, a tangible level of personal privacy is achievable with a relatively small amount of effort.
Browser Choice and Settings
Choice of Browser. For maximum control over your privacy settings, you probably need to be running a browser other than the stock default Internet Explorer. IE has some control over privacy settings, but much less flexibility as to add-on tools.
I suggest either Mozilla Firefox or Google Chrome, and, depending on what you want to do, possibly both. Both have great speed, reliability, a rich extension market, and frequent updates to patch security holes quickly. I myself prefer Chrome because it integrates best with several other tools I use, including my Android device. I will use Chrome to illustrate most of the instructions about settings I will talk about, but they have analogues in Firefox, so once you understand the reasons behind them, you can turn on the corresponding features and extensions in Firefox.
Automatic Browser Updates. This is usually set to “on” by default. The setting insures that new updates which patch security holes will be pushed to your machine and installed seamlessly when you restart the browser.
Settings. Once you have installed Chrome, go to the settings page. At the bottom click “show advanced settings” then click “content settings” under “privacy.”
Cookies. The first item in the list will be “Cookies.” Cookies are little bits of data that websites are allowed to put on your computer which help the website identify you as you move between pages on the site (“session state”) or when you return again to the site on a different day (“persistent state”). They might contain your userid, a unique identifier, page settings, your zip code preferences, etc. The positive side of Cookies is that they keep us from having to re-enter preferences and other settings each time we visit. The negative is that they can be, and are, used by websites, advertisers, and other entities to keep track of us as we move around the web. Here’s what the settings mean:
- Allow local data to be set (default). Cookies are accepted from websites and will be persistent throughout restarts of the browser.
- Keep local data only until I quit my browser. Cookies are allowed for session state, but are all cleared when you close the browser; next time you visit the site, it will be as if starting over.
- Block sites from setting any data. Just like it sounds—cookies are not allowed.
- A check box which says “Block third-party cookies and site data.”
The most important of these settings is “block third-party cookies” and it should be checked. Just as the site itself can have a cookie, so can an advertisement. If you visit another website which hosts ads by a large ad network, the cookie in the ad can essentially be shared, allowing the ad network to monitor what you are looking at as you move from site to site around the web (hence, “third-party”). What this setting does is prevent the browser from accepting a cookie from a party that is not from the domain of the website you are visiting. It is the lowest-level privacy you can have from third party commercial tracking. There are many more things you need to do, but this first step is essential.
The other two settings provide higher security than the default, but have a few usability consequences. “Block sites from setting data” can make many modern websites difficult to use. The second option (“keep local data only…”) can be a useful compromise, so long as you don’t mind re-entering passwords and other basic information each time you close your browser. The other thing you can do is choose one of the higher options and then specifically place your favorite, trusted websites (e.g., your bank) in the “Manage Exceptions…” list, which will have the effect of allowing cookies for those websites.
You can also clear all the cookies (or selected ones) from here at any time using the “All cookies and site data” button, which you should do if your system has been unprotected up until now.
Other Settings. Scroll down the “Content settings” list further and you will see several other options, many of which are fairly obvious: One is “Location,” which concerns whether you want websites to track your physical location. You probably want to set that to at least, “ask me.” Other, similar settings allow you to control whether sites can turn on your camera or microphone and so forth. Make intelligent choices here….
Private Browsing Mode. Each browser has a private mode which allows you to surf the web without the browser saving the information to your browsing history. In Chrome, this is called “incognito mode” and in Firefox, “private browsing.” If you forget to use it when surfing something private, you will have to clear history afterward, or, in Chrome, you can go to the history page and manually delete items out of the list without clearing your entire history.
For Google Users
If you use Google for mail or other services, and especially if you also use Chrome, there are several other settings you will want to consider to keep the behemoth from conducting universal tracking and storage. These settings are found on your Google account itself.
Web History. If you like, Google will store (on its servers, not in your browser) your entire web history of every website ever visited while you were logged into Google! In fact, it is probably already doing it. For your privacy, this is something of a bad idea because it means you have no private browsing history if the data is subpoenaed from Google in a lawsuit or other proceeding. Google will probably give up the data immediately, and probably without even notifying you that it has done so. At least if this information were demanded from your local browser web history, you yourself would have to be notified. Privacy buffs should turn it off.
Click the link “Go to Web History.” If it is on, then first click “Delete All,” then turn it off. Note that any “smarter predictions” and “more relevant results” may be impacted. Also, you will not be able to log in from a remote computer and use any saved bookmarks. I myself find this an acceptable trade-off.
Dashboard. Another interesting tool is the Google Dashboard. Click “Products” then select “dashboard.” It allows you to see all the Google products and services you use and to modify and, in some cases, clean up the data which those services store.
Browser Extensions are add-on tools, usually developed by third parties, that give you control over your browser’s behavior. A number of these are useful to improve your privacy; remember however, that browser extensions themselves often have full access to your browsing data because they have trusted integration with the browser itself. Don’t install them willy-nilly, read the reviews, and be suspicious. The ones I have listed here are generally considered safe and effective because they are open source or have been rigorously scrutinized. Extensions for Chrome are available in the Chrome Web Store.
Adblock Plus – link. This is an open source tool which blocks advertising and certain other tracking devices employed by websites. Installing it will not only improve your privacy greatly, it will also make most websites far less annoying because advertisements will no longer be popping up, spinning, and distracting you as you view the web. ABP is a generic blocking device which receives its instructions via blocking lists, which are created by user communities. The “EasyList” group is one such community. This model allows blocking to be dynamic and adaptive to changes in advertiser methods.
After installing ABP, go to the subscription page. The first item on the list is called “EasyList.” Click the “Subscribe: EasyList” link and then click the “+ Add” button on the screen that appears. Scroll down to EasyPrivacy and subscribe to this in the same way. Another one you can add is called “Antisocial,” which blocks various forms of social media integration from third-party sites. If you are really into “Like” and “Tweet” buttons, however, you may wish to avoid this one; they will disappear from most sites after enabling this list.
Note that this mechanism will completely block most ads and will deprive the websites you use of ad revenue resulting from your eyeballs viewing the page. This bothers some people, and it probably should: like property taxes, no one really likes ads—but schools and streetlights have to get paid for somehow. On the other hand, no one wants to have their online life recorded in a massive behavioral profile stored by dozens of web data conglomerates, either.
ABP has two solutions to this moral dilemma. First, keep the “Allow some non-intrusive advertising” checkbox checked. This allows certain “acceptable” ads to continue, which means ads that are static, unobtrusive, and do not interfere with the viewing of page content. Second, you can click on the “Whitelisted domains” tab and selectively add back the websites for which you would like to let through ads. In addition, you can always support your favorite websites by subscribing to their premium services or donating.
Ghostery – link. The problem is that there are more than just visible advertisements tracking you as you move around the web. There are also Analytics, Beacons, and Widgets to help online marketing vendors assemble profiles of your online behavior.
- Widgets are typically trackers that serve a functional purpose on a web page, such as a social networking button or comment form. An example would be Facebook Connect. Needless to say, if you click one of these, you are tracked. But, you are also tracked if you don’t because most have beacon-like functionality.
Ghostery is an opt-in system. When you install it you first have to select the trackers that you want to block by checking the boxes and clicking save. It updates frequently with new blockers, but all new blockers must be opted-into. Then, when you first go to a page, Ghostery displays a purple pop-up box with a list of the trackers that were blocked and a counter on the Ghostery toolbar button. Prepare to be surprised at how many there are!
Do Not Track Plus – link. Unlike Ghostery, in DNT+ the trackers are usually enabled by default. DNT+ blocks many of the same trackers as Ghostery, but a few are different, and each also analyzes the web page in a slightly different way and updates its tracker list on a different schedule. I run both to be safe.
Install this tool and a browser toolbar icon will appear. Like with Ghostery, the number changes in the icon to show the number of web trackers being blocked. Clicking on the button lets you see exactly which ones.
Collusion – link. This tool is interesting because it displays a graph or map of all the shared marketing data connections between the various sites you have visited. Explore it and see just how pervasive web tracking really is!
“Referer” [sic] Header Control – link. Every time you visit a website, the header for the HTTP request gives the newly visited website information about the last page you were on when you clicked the link. Many websites will log the referring website in an effort to track their users. This control allows you to spoof the referring website or, more usefully for our purposes, to block the referrer on all outbound web requests from your browser. Install the tool and click “Block” on the settings page for the “default referrer.”
Keep My Opt-Outs – link. Permanently sets the browser to opt-out of online ad personalization, so that Google and other advertisers will not display targeted ads.
IBA Opt-out – link. Use this extension to permanently opt out of the DoubleClick cookie, used by Google and others. It will allow the opt-out to remain in force even if you clear all cookies in your browser, since opting-out of the cookie is itself a cookie.
HTTPS Everywhere – link. This extension will automatically redirect your browser to the HTTPS encrypted browsing protocol whenever possible, helping you remember to be secure when browsing over public wifi and keeping your ISP from snooping on your data.
The Next Level: Hiding Your IP
You might think now that, with all the work you’ve done, people and companies wouldn’t be able to track you. Unfortunately, you’d be wrong. We’ve set up the browser to secure you from certain types of behavioral tracking—nothing else. Your Internet Service Provider, the provider of your Domain Naming Services (DNS), and the websites you visit can still log you by IP address.
This kind of tracking happens on multiple levels. Starting at the bottom, each and every website logs visitors to the site by public IP address, which is just a numerical representation of a particular connection you have on the Internet. You get an IP address automatically by assignment from your ISP (the company which provides your connection, e.g., Cox Cable), or by the owner of whatever network you are currently connected to. If you are using public Wifi in a coffee bar, for example, the public IP address will be that of the establishment itself and will be shared among everyone there. We’ve already seen that websites can use this address to analyze traffic, but they will also divulge this information in response to a subpoena or court order—as will the ISP and other parties in the chain of connection.
If you are connected at home, your ISP logs the IP address it assigns you, for what period, as well as the MAC address of the cable modem you connected on. Hence, later when parties wish to know your identity, they can subpoena the ISP to know which particular customer possessed that IP at that time.
Your ISP also can snoop on your traffic in other ways, however. If you conduct your web browsing using unencrypted protocols, such as HTTP instead of HTTPS, they can use filtering tools to dissect and analyze your traffic. This includes the full content of any pages you visit, images you view, or any data you send out, like your credit card number. If your ISP isn’t doing this already, it will be soon: most ISPs have agreed to analyze the traffic of their customers (including over the Torrent network) to help enforce the “six strikes” copyright infringement alert system.
However, even if you encrypt using HTTPS, the ISP still knows which sites you visit. HTTPS, firstly, does not encrypt the website domain name. Secondly, you are probably using the ISP’s DNS server, so the requests are being logged. (DNS is the method by which website addresses locate the server they need to run from. For example, www.amazon.com is really a huge group of web servers running in several data centers around the country. How does your browser find it? By using DNS to route the name to the proper IP address, which then gets routed to the proper group of servers on the proper subnet in cyberspace.)
How to avoid these problems? A few methods exist, but none are flawless. Furthermore, for some people, this level of protection might seem overkill. Feel free to use it or not depending on your desires.
Change your DNS Provider. One fairly easy way to make your DNS more private is to remap from the ISP’s DNS server to a third party, unlogged DNS provider such as OpenDNS. How to do this specifically will vary by router. Take a look at the website for more information.
Anonymous Searching. Of course, Google knows what you’ve been searching for because it logs you by IP. However, you can do anonymous searching using websites which submit the search request through Google for you, maintaining the anonymity of your IP address. A couple of them are Duck Duck Go and IxQuick, but a longer list is available here.
VPNs and Tor. Even so, your ISP can still look at where you visit and even see the traffic if it is unencrypted. And, the websites you visit can still log your IP address. Even further steps are necessary to prevent these two outcomes.
A VPN (virtual private network) creates an encrypted tunnel through your internet connection which hides not only the traffic, but all requests for DNS through it. On the remote website, the IP address will be the one temporarily assigned by the VPN service for that particular connection; each time you connect it will be different. All the ISP or a wireless snooper can see is an encrypted stream of data with no discernible information. On the other hand, a VPN provider has to be trusted for this to work, otherwise the snooping is just moved back a level. Further, if the VPN logs connections, then that information can always be divulged. For that reason, it is important to pick a VPN provider that does not log (usually these are in foreign countries). There is also usually a small cost for a VPN (about $5-10/month).
Tor accomplishes the same goals, but differently. In a nutshell, Tor is a local software application on the user’s machine combined with a worldwide network of volunteers who set up “nodes” to accept traffic. When connecting through the network, traffic is bounced from node to node, with each node encrypting the traffic so that each layer is isolated from the prior and future nodes. Tor is free.
VPNs and Tor serve similar functions in many ways – both provide encryption of the traffic and a certain level of anonymity. Both are subject to drawbacks, however. Various types of attack can be used against Tor, at least in theory. Both are much slower than direct browsing. And, as alluded to, VPNs are subject to the whims of the provider with respect to logging. Of the two, Tor’s encryption and anonymization methods are probably more resistant to attack because of the multiple layers of encryption and multiple points of compromise, but Tor is also far slower than most VPNs.
There’s a Lot More…
Of course, there is a lot more you need to know to keep your information private. You have only secured your internet browsing. The data on your computer is not private unless you encrypt the disk or important files. If your computer is stolen, hacked, or seized—or if you sell it without wiping it—all that data is just sitting there to be taken: the cached pages and images of every website you’ve visited, the data in cookies, and the files themselves.
Your Wireless Router’s security can also be hacked, exposing your computer to further snooping. Not only has WEP encryption not been secure for several years, WPA (with WPS enabled) is also insecure if a hacker has a few hours.
Alas, even your browser has a “fingerprint” which is readily divulged via simple header information your browser hands out with each visit to a web page. The unique combination of fonts, browser plugins, time zone, and screen size exposes a large degree of variability in the browser. This fingerprint can be stored and used by trackers to identify you, regardless of what you do to block cookies. To see how unique yours is, click here on Panopticlick.
And, even if you go back to paper, there are still printer dots – tiny secret codes added by printer manufacturers at the behest of the U.S. government to uniquely identify the printer of origin.
A little awareness can go a long way, but it is difficult to be completely safe regardless of what you do. Further, the methods and the defenses are constantly evolving. Above all, keep educating yourself because knowledge forms the backbone of any movement to resist the downward spiral which ends with us having no reasonable expectation of privacy online. Good luck and hope (not to) see you online!