2013 was a bad year in general for me. I lost my father to cancer and the NSA has been reading my mom’s emails. No doubt in an attempt to steal her famous five and three quarter’s alarm chili recipe. It should tickle me to death to see so many news networks talk about internet privacy night after night but it doesn’t because while the media is focused like a laser on policy they are missing perhaps the best chance there has ever been to educate the public on how to go about protecting their online privacy in the post Snowden era. So to help fill in the gap we have come up with our top tips to protect your online privacy in 2014. Most of these steps are very simple to implement and most will have minimal effect on your overall experience on the internet.
Think before you click
It is hard to say one item on the list is more important than the others but when we are on users’ desktops one of the biggest problems we see is the sheer amount of grayware we find on users systems. This type of software will get past your antivirus software and will often times install or enable features that are detrimental to your internet privacy and security. At the very least these applications are annoying and at the worst are downright dangerous. Whenever you’re installing an app be on the lookout for options to install some other “recommended software” and always click no if you are not 100% sure the software is something you need.
Mind your DNS P’s & Q’s
DNS is the interwebs phonebook but that’s not completely accurate because it’s more of a cross between the Yellow Pages and that little black book that every male actor keeps under his mattress in those Hollywood chick flicks we all hate. What I am trying to say is if you are not careful Sandra Bullock will end up finding all of your ex’s phone numbers. She might even find the grades you assigned each girl one night after heavy drinking. All joking aside you should always be choosing your own DNS servers whenever possible. Your ISP provides DNS functionality but I know from firsthand experience that they log ALL requests on those servers. Even if you’re always connected to a VPN and you are using their DNS you still need to modify these settings otherwise you will always be one DNS leak away from giving your ISP an insight into what you are doing. I frequently change my DNS even when connected to my own VPN because lefts face it why put all your eggs in 1 basket.
To find a good non logging public DNS server you should be using OpenNIC tier 2 providers. To find a non-logging DNS server from the OpenNIC project use this link. If you are just worried about your ISP tracking you then you can even use Google DNS 220.127.116.11 and 18.104.22.168 but we recommend OpenNIC.
Surf the web, don’t let the web surf you.
Now that your browser is setup to protect your online privacy it is time to rethink search. Unless you have been living under a rock you have heard about PRISM. Think about all of the logging Google/Bing/Yahoo does on each search query and ask yourself is it worth the risk? Enter DuckDuckGo a search engine that promises not to track you or provide a filtered internet experience based on what it thinks you like.
Set it and Forget it Password Management
It is hard to believe that in 2013 the most popular passwords are still “123456” and “password” but it’s true. For several years now I have used unique passwords on every website. My passwords are 32 characters in length and the important ones are changed every month or so. I do this with the help of KeePass Professional Edition. With the help of a few simple plugins it will automatically save, enter and generate passwords on websites for you. You can even have it enter putty passwords, certificates and sync the encrypted database to the cloud. All of this is completely free and is fairly simple to setup.
Safety through Mitigation
I get it. You want to encrypt your email and instant messaging but your family and friends are not technical so implementing PGP & OTR encryption is not a viable option. It is the same in my circle of friends. So the rule I live by is this. If I am not comfortable telling it to a total stranger then I am not sending it via email or instant messenger. I wish there was a silver bullet here but there is just not. Until these communications platforms build encryption into their software and enable it by default encryption’s use will remain limited. It is up to us the consumer to demand default encryption with their email and messenger clients.
Encrypting the cloud
The cloud is slowly storing more and more of our personal data. It is quickly becoming the go to medium to store and distribute files to our friends and family. Wuala is an encrypted cloud storage service that provides all users with 5 GB for free. I personally have 100 GB and I only pay 11.99 per month. I keep all of my highly sensitive data there that must not be lost or deleted. We are talking everything from tax documents to my backups and KeePass database is stored there. There are two reasons I feel comfortable enough to keep this sensitive data in the Wuala cloud. First is the fact that the encryption is all done before sending the data to the cloud which is something most cloud services do not do. The second reason is because I use TrueCrypt to create a virtual disk that is then synced to Wuala.
One thing that is missing here is the use of a VPN service to encrypt your communications, hide your location and protect your online privacy. I purposely left this out because you’re reading this at LiquidVPN a VPN service provider so I am assuming you already know the importance of using a VPN service. You may be asking yourself why I didn’t include anything about privacy mode and that is because with the setup described in this post I rarely find myself using privacy mode for daily browsing.
There are many alternatives to the technologies and services I have outlined above that will help protect your online privacy but you should use this post as a starting point and do your own research. If you feel I have missed something or would like to add something leave a comment.