Google Chrome’s “incognito” mode used to open up with a warning that, even while you were supposedly surfing anonymously, secret agents could still be tracking your online activity. Most of us smiled and dismissed the idea as fantastical; then Edward Snowden broke cover and wiped the smiles from our faces. That specific disclaimer no longer appears, perhaps because we’ve all learned our lesson. It certainly doesn’t mean the issue has gone away. Online surveillance is still a constant threat, and there are plenty of legitimate reasons for wanting to stay anonymous online. So how can we ensure that what we do in the privacy of our browser really does stay private? The short answer is that we can’t What we can do, however, is minimise our exposure and make life as hard as possible for would-be snoopers.
SIGN UP TO A VPN Perhaps the simplest and most effective step you can take to protect your privacy is to sign up with a reputable VPN provider, preferably one based overseas. This acts as an encrypted conduit for your internet activity, so that your ISP and other Australian-based bodies can’t monitor what you’re doing and it makes it a lot harder for the sites to trace where your connection is coming from. There are plenty of services to choose from, but our advice has always been to pay for a reputable VPN service. Free providers are by no means universally illegitimate, but we’ve heard stories of user data being accidentally leaked, or deliberately sold to fund operations which undermines the whole point. Free providers may also insert their own content into your traffic, replacing third-party ads with their own, which isn’t always transparent and raises some troubling questions. At the end of the day, you need your VPN service to be 100% on your side, since they have the capability, should they choose, to see everything you do, from reading your emails to tracking your purchases on Amazon. As long as you have picked a service you can trust, however, a VPN offers great peace of mind. There’s a supplementary benefit, too: you can normally route your connection through servers in a variety of different countries. This allows you to access content that’s not generally available to Australian browsers, or see how your own site looks to international visitors an easy way to check there are no issues with page loading times, rendering or censorship. TURN TO TOR Tor stands for “The Onion Router” a name that hints at the multilayered way it works, routing internet trafi c through multiple servers before finally passing it on to its destination. There’s nothing new about the general idea of forwarding traffic around in this way that’s basically how the whole internet operates. But Tor adds an encryption element, with each node that your data passes through decrypting a little more of the packet, like peeling away another layer of onion skin. By the time your request reaches its destination (the website you want to visit), it will have been fully decrypted, but anyone trying to intercept it en route won’t have a complete record of your activity. For the same reason, even the nodes that handle your request won’t know precisely where it came from. Tor sounds like the perfect tool for espionage so it perhaps makes sense that it’s at least partly the product of the United States federal government, having been originally developed at the United States Naval Research Laboratory and refined by DARPA prior to its public launch in 2003. There are questions, however, over whether Tor is really secure. Earlier this year, a vulnerability was found in the Tor web browser that could result in users accidentally connecting directly (and traceably) to their requested sites, without the benefit of Tor’s obfuscation. University researchers have found ways to work out the origins of Tor packets, and Europol has recently made some high-profile arrests by successfully exposing the identities of Tor users though, understandably, the agency hasn’t gone into detail about its methods. If you want to give Tor a go, it’s easy: visit torproject.org and you can download a browser (based on Firefox) for Windows, macOS and Linux that routes all of the traffic through the Tor network, as well as clearing out cookies and browsing history automatically. However, if you prefer to stick with Chrome, you will find a selection of Tor extensions in the Chrome Web Store. Like a VPN, Tor doesn’t just encrypt your data: it also conceals your location and other details about your connection. When we used the Tor Browser running on a Mac just outside Sydney to visit iplocation.net, we were identified as a Windows 7 user in Auckland. Subsequent attempts located us in Melbourne and Singapore, so it’s going to be pretty hard for anyone to reliably track your ongoing activity. The only catch is that Tor’s convoluted routing has a big impact on browsing speed using it can feel like a trip back to the days of the dial-up modem. For Android users, another option is Orweb Private Web Browser, which routes requests over the Tor network. FLUMMOX FINGERPRINTING Staying anonymous online isn’t just about ensuring your traffic can’t be intercepted. The sites you visit can keep records of your visits and build up an alarmingly detailed profile of your interests and activity even if you’re using a supposedly private browser that doesn’t store cookies from one session to the next. They do this by recognizing the device you’re using to connect. After all, there probably aren’t many PCs out there with the exact same combination of browser, memory, graphics hardware, screen resolution and so forth. The distinctive configuration of your computer acts like a fingerprint, so you can be identified each time you come back to the site and there’s not much you can do to change it. Even if you switch browsers, you’re only altering one element of your unique technology mix. Unless you also swap out the graphics card, processor and several other elements at the same time, it’s likely you’ll still be recognised as the same person. The thing that’s sinister about fingerprinting is that it’s not limited to a single site: fingerprint data can be shared and sold, so even sites you’ve never visited before can identify and track you as you move around the web even if you’re not accepting cookies. There are ways to defeat fingerprinting. As we’ve seen, when you surf with the Tor browser, the server you’re connecting to sees the details of the exit point of your connection, rather than the computer you’re sitting at, so it can’t build up a profile. Using a VPN isn’t so safe, though: your apparent location changes, but information about your computer configuration is forwarded to the site you’re visiting. You can reduce your exposure to fingerprinting by disabling JavaScript, because many servers use JavaScript routines to gather their data. Unfortunately, this will also stop many sites from working properly. It’s also worth looking for browser extensions that can block specific fingerprinting techniques. This post is an extract from upscaleexistence blogspot.
0 Comments
Leave a Reply. |