fbpx

What would you do if your most private information was suddenly available online, for anyone to see? Just imagine: picturesvideos, financial information, emails...all accessible without your knowledge or consent to anyone who cares to look for it.  We've probably all seen news items come out about various celebrities and political figures who have been less careful than they should be with information that was not meant for public consumption.

Without proper oversight of this sensitive information, it can become available to anyone with an Internet connection.

Keeping information safe and protected online is a growing concern for many people, not just political figures and celebrities. It's smart to consider what privacy precautions you might have in place for your own personal information: financial, legal, and personal. In this article, we're going to go over five practical ways you can start protecting your privacy while online to guard yourself against any potential leaks, avoid embarrassment, and keep your information safe and secure.

Create Unique Passwords and Usernames for Each Online Service

Many people use the same usernames and passwords across all their online services. After all, there are so many, and it can be difficult to keep track of a different login and password for all of them. If you're looking for a way to generate and keep track of multiple secure passwords, KeePass is a good option, plus it's free: "KeePass is a free open source password manager, which helps you to manage your passwords in a secure way.

You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish)."

Don't Assume Services are Safeguarding Your Information

Online storage sites such as DropBox do a pretty good job of keeping your information safe and secure. However, if you're concerned that what you're uploading is especially sensitive, you should encrypt it - services like BoxCryptor will do that for you for free (tiered pricing levels do apply).

Be Careful Sharing Information Online

We're asked to fill out forms or log into a new service all the time on the Web. What is all this information used for? Companies make a lot of money analyzing and using the data that we are freely giving them. If you'd like to stay a little bit more private, you can use BugMeNot to avoid filling out unnecessary forms that ask for too much personal information and keep it for other uses.

Never Give Out Private Information

We should all know by now that giving out personal information (name, address, phone number, etc.) is a big no-no online. However, many people don't realize that the information that they are posting on forums and message boards and social media platforms can be put together piece by piece to create a complete picture. This practice is called "doxxing", and is becoming more of a problem, especially since many people use the same username across all of their online services.

In order to avoid this happening, be extremely cautious in how much information you're giving out, and make sure you don't use the same username across services (see the first paragraph in this article for a quick review!).

Log Out of Sites Often

Here's a scenario that happens all too often: John decides to take a break at work, and during that time, he decides to check his bank balance. He gets distracted and leaves the bank balance page up on his computer, leaving secure information out for anyone to see and use. This kind of thing happens all the time: financial information, social media logins, email, etc.

can all be compromised extremely easily. The best practice is to make sure you're on a secure computer (not public or work) when you're looking at personal information, and to log out of any site you might be using on a public computer so that other people who have access to that computer will not be able to access your information. 

Prioritize Online Privacy

Let's face it: while we'd like to think that everyone we come in contact with has our best interests at heart, this is sadly not always the case — and especially applies when we're online. Use the tips in this article to protect yourself from unwanted leaks of your personal information on the web. 

Source: This article was published lifewire.com By Jerri Collins

Categorized in Internet Privacy

When Congress voted in March to reverse rules intended to protect Internet users’ privacy, many people began looking for ways to keep their online activity private. One of the most popular and effective is Tor, a software system millions of people use to protect their anonymity online.

But even Tor has weaknesses, and in a new paper, researchers at Princeton University recommend steps to combat certain types of Tor’s vulnerabilities.

Tor was designed in the early 2000s to make it more difficult to track what people are doing online by routing their traffic through a series of “proxy” servers before it reaches its final destination. This makes it difficult to track Tor users because their connections to a particular server first pass through intermediate Tor servers called relays. But while Tor can be a powerful tool to help protect users’ privacy and anonymity online, it is not perfect.

In earlier work, a research group led by Prateek Mittal, an assistant professor of electrical engineering, identified different ways that the Tor network can be compromised, as well as ways to make Tor more resilient to those types of attacks. Many of their latest findings on how to mitigate Tor vulnerabilities are detailed in a paper titled “Counter-RAPTOR: Safeguarding Tor Against Active Routing Attacks,” presented at the IEEE Symposium on Security and Privacy in San Jose, California, in May.

The paper is written by Mittal, Ph.D. students Yixin Sun and Anne Edmundson, and Nick Feamster, professor of computer science, and Mung Chiang, the Arthur LeGrand Doty Professor of Electrical Engineering. Support for the project was provided in part by the National Science Foundation, the Open Technology Fund and the U.S. Defense Department.

The research builds on earlier work done by some of the authors identifying a method of attacking Tor called “RAPTOR” (short for Routing Attacks on Privacy in TOR). In that work, Mittal and his collaborators demonstrated methods under which adversaries could use attacks at the network level to identify Tor users.

“As the internet gets bigger and more dynamic, more organizations have the ability to observe users’ traffic,′ said Sun, a graduate student in computer science. “We wanted to understand possible ways that these organizations could identify users and provide Tor with ways to defend itself against these attacks as a way to help preserve online privacy.”

Mittal said the vulnerability emerges from the fact that there are big companies that control large parts of the internet and forward traffic through their systems. “The idea was, if there’s a network like AT&T or Verizon that can see user traffic coming into and coming out of the Tor network, then they can do statistical analysis on whose traffic it is,” Mittal explained. “We started to think about the potential threats that were posed by these entities and the new attacks — the RAPTOR attacks — that these entities could use to gain visibility into Tor.”

Even though a Tor user’s traffic is routed through proxy servers, every user’s traffic patterns are distinctive, in terms of the size and sequence of data packets they’re sending online. So if an internet service provider sees similar-looking traffic streams enter the Tor network and leaving the Tor network after being routed through proxy servers, the provider may be able to piece together the user’s identity. And internet service providers are often able to manipulate how traffic on the internet is routed, so they can observe particular streams of traffic, making Tor more vulnerable to this kind of attack.

These types of attacks are important because there is a lot of interest in being able to break the anonymity Tor provides. “There is a slide from an NSA (the U.S. National Security Agency) presentation that Edward Snowden leaked that outlines their attempts at breaking the privacy of the Tor network,” Mittal pointed out. “The NSA wasn’t successful, but it shows that they tried. And that was the starting point for this project because when we looked at those documents we thought, with these types of capabilities, surely they can do better.”

In their latest paper, the researchers recommend steps that Tor can take to better protect its users from RAPTOR-type attacks. First, they provide a way to measure internet service providers’ susceptibility to these attacks. (This depends on the structure of the providers’ networks.) The researchers then use those measurements to develop an algorithm that selects how a Tor user’s traffic will be routed through proxy servers depending on the servers’ vulnerability to attack. Currently, Tor proxy servers are randomly selected, though some attention is given to making sure that no servers are overloaded with traffic. In their paper, the researchers propose a way to select Tor proxy servers that take into consideration vulnerability to outside attack. When the researchers implemented this algorithm, they found that it reduced the risk of a successful network-level attack by 36 percent.

The researchers also built a network-monitoring system to check network traffic to uncover manipulation that could indicate attacks on Tor. When they simulated such attacks themselves, the researchers found that their system was able to identify the attacks with very low false positive rates.

Roger Dingledine, president and research director of the Tor Project, expressed interest in implementing the network monitoring approach for Tor. “We could use that right now,” he said, adding that implementing the proposed changes to how proxy servers are selected might be more complicated.

“Research along these lines is extremely valuable for making sure Tor can keep real users safe,” Dingledine said. “Our best chance at keeping Tor safe is for researchers and developers all around the world to team up and all work in the open to build on each other’s progress.”

Mittal and his collaborators also hope that their findings of potential vulnerabilities will ultimately serve to strengthen Tor’s security.

“Tor is amongst the best tools for anonymous communications,” Mittal said. “Making Tor more robust directly serves to strengthen individual liberty and freedom of expression in online communications.”

Source: This article was published princeton.edu By Josephine Wolff

Categorized in Internet Privacy

Tor is a popular tool for activists, hackers, journalists, and anyone who doesn't want their actions online to be tracked to the finest detail. Wochit

Question: What exactly is the "deep Web" and how do you get to it?

Answer: Despite many representations of a nefarious underground operating out of sight, the so-called "deep Web" is actually mostly benign private databases and Web resources not meant to be accessed by the public.

The "surface Web" is essentially what can be indexed by search engines such as Google or Bing, while the deep Web consists of items that can’t be accessed using a search engine on a standard Web browser.

Protected Internet databases such as those for banks and anything past a log-in screen, such as your private files stored in the cloud and data stored by private companies, aren’t indexed by search engines. Websites can also specifically tell the search engines that they don’t want to be indexed, making them relatively "invisible" to the average user.

According to most estimates, the deep Web makes up about 90 percent of the entire Internet, because so much of what is stored online is protected information that requires some form of authentication or knowledge of a hidden Web address.

The 'dark Web'

There is a very small percentage of the deep Web where secret and sometimes nefarious activity is taking place, often referred to as the "dark Web" or the "darknet." The tools used to access the dark Web focus on anonymity by incorporating encryption and specialized privacy browsers such as Tor.

Tor, also known as "The Onion Router," uses a large network of relays to bounce Internet traffic through; it’s much like the layers of an onion, making it much more difficult for anyone conducting any type of surveillance to see who is doing what.

The core technology used in Tor was actually developed by the U.S. Naval Research Lab in the mid-1990s for the intelligence community to protect online communications. To this day, Tor and other similar tools are used by governments, activists and whistleblowers to communicate anonymously.

The Tor Project states: "Tor users include 'normal people' who wish to keep their Internet activities private from websites and advertisers, people concerned about cyber-spying, users who are evading censorship such as activists, journalists, and military professionals."

Using Tor alone doesn’t mean you’re completely anonymous and, for most users, the trade-off in slow performance isn’t worth the increase in privacy for daily surfing.

Tor's dark side

Tor and other similar tools are also used for illicit activities such as buying and selling drugs, stolen credit-card numbers and IDs; money laundering; and more via black markets only accessible on the dark Web.

One of the most famous dark-Web marketplaces was called Silk Road, which was shut down by the FBI in 2013. The site’s founder, Ross Ulbricht, was sentenced to life in prison without possibility of parole.

Despite law enforcement's attempts to control illegal underground marketplaces, when one is shut down, two more seem to pop up.

To be fair, not all dark-Web resources operate in an illegal manner, and much of the activity is vital to our law-enforcement and intelligence community’s efforts. As with any technology, it’s impossible to control its uses for only legal purposes so, as always, it’s the good with the bad.

Ken Colburn is the founder and CEO of Data Doctors Computer Services. Ask any tech question at: Facebook.com/DataDoctors or on Twitter @TheDataDoc.

Categorized in Deep Web

How much information does Google have about me?

Our lives have become more integrated online than in any other time in history. We interact with each other online via social mediaemail, and forums; we conduct business via complex, data-driven channels and innovations; and the culture we encounter online is fundamentally linked to that we come across in real life.

As the world’s most popular search engineGoogle has created an enormously popular service – search -  with many peripheral platforms (YouTubeGmailGoogle Maps, etc.) used by hundreds of millions of people.

These services are easy to use, deliver fast and relevant results, and are the primary search destinations for many worldwide.

However, with this ease of use comes privacy concerns, especially in the realm of data storage, search tracking, and use of personal information. Vital concerns about the right to privacy, especially in regards to Google and the amount of information that they track, store, and ultimately use, are becoming increasingly important to many users.

In this article, we’ll go into detail on what kind of information Google tracks about you, how it uses this information, and what you can do to better protect and safeguard your Google searches.

Does Google Track What I Search For? 

Yes, Google definitely tracks all of your search history. If you want to use any of Google’s services, and utilize their personalization of the services that you receive, you must be signed in with a Google account in order for this to happen.

Once you are signed in, Google begins actively tracking

  • What you are searching for
  • How you are searching
  • Your search patterns
  • What ads you’re interested in
  • What you click on
  • What images you view
  • What videos you watch

This is all detailed out in Google’s terms of service, as well as the Google privacy policies.

While these are dense legal documents, it's wise to at least give them a quick look if you are at all concerned about how Google tracks and stores your information.

Does Google Track My Search History Even if I'm Not Signed In?

Every single time we log onto the Internet, we leave traces of our identity via IP addressesMAC addresses, and other unique identifiers. In addition, most web browsers, sites, and applications require the user to opt in to the utilization of cookies – simple software that basically make our web browsing experience more enjoyable, personalized, and efficient.

If you’re not logged into Google, there is still a wide variety of information that you’re making available to Google simply by being online. That includes:

  • Where you are in the world geographically
  • Your IP address
  • Information about the Google services you use and how you might be using them based on your activity patterns
  • What ads you might click on
  • What device you are using
  • Server information
  • Identifying information gleaned from your use of partner services.

This information is used for targeted ad placement and search relevancy. It’s also made available to people who own sites that are tracking data via Google’s statistics tool, Google Analytics; they won’t necessarily be able to drill down and see from what neighborhood you’re accessing their site, but other identifying information (device, browser, time of day, approximate geo, time on site, what content is being accessed) will be available.

What are Examples of Information That Google Collects?

Here are a few examples of what Google collects from users:

  • Information that users give to Google, including personal information such as name, email address, phone number, credit card, and photo
  • Information gleaned from use of Google services, including usage data, personal preferences, emails, photos, videos, browsing history, map searches, spreadsheet and documents, etc.
  • Information from the device you are using to access Google  and Google services, including hardware model, mobile network information (yes, this includes your phone number), even what operating system you might be using
  • Server log information collated from when users are actively using Google services, including search queries, phone information (time and date of calls, types of calls, forwarding numbers, etc.), IP addresses, cookies that are uniquely linked to your web browser or Google account, and device activity information (crashes, what settings are on your hardware, language, etc.)
  • Location information about where you are in the world, including your city, state, neighborhood, and approximate address
  • Peripheral services and apps can also provide what is called a “unique application number” that provides more identifying information to Google when queried
  • Search history, including personal information found in Google services such as YouTube, Google Maps, and Google Images
  • User interactions with other sites and services are also tracked, especially when the user interacts with ads (read Why Are Ads Following Me Around Online? for more on how this works). 

Why Does Google Track So Much Information, and Why?

In order for Google to deliver the amazingly detailed and relevant results that many millions of people have come to rely on, they need a certain amount of data in order to deliver targeted results. For example, if you have a history of searching for videos about training a dog, and you’ve signed into Google (aka, opted in to sharing your data with Google), Google infers that you would like to see targeted results about dog training on all the Google services that you use: this could include Gmail, YouTube, web search, images, etc.

Google’s primary purpose in tracking and storing so much information is to deliver more relevant results to its users, which isn’t necessarily a bad thing. However, growing privacy concerns have motivated many people to carefully monitor their data, including data shared online. 

How to Keep Google From Tracking Your Data

There are three different approaches users can take if they are concerned about Google tracking, saving, and utilizing their data.

Cut everything off: By far the simplest way to disallow your data being tracked by Google is to simply not use any Google services – there are alternative search engines out there that do not track your search history, or collect any of your personal information.

Don’t sign in, but recognize that some relevancy will be lost: People who want to continue using Google without getting tracked can definitely do so, simply by not signing in to their Google accounts. This option is somewhat of a double-edged sword: your information will not be tracked, but your search relevancy could see a decline because of this.

Use Google with caution and common sense: For users who want to continue using Google, don’t want their information to be tracked, but want to take advantage of its competitive search results, there are ways to go about this.

  • Check your Google settings on a regular basis. You, as the user, have complete control over what data you choose to share (or not to share) with Google. You can do this for each service you use with Google, from Gmail to YouTube to general search settings. Click here to update your Google account activity settings. 
  • Check your Google dashboard. Everyone who has an account at Google has what is called a “dashboard”, which is simply a way to see all your Google activity, settings, and profile information in one convenient place. Here’s where you can see what email(s) Google might have, change passwords, see connected applications and sites, view all accounts, manage active devices, manage  your contacts, and much, much more. There’s even an option to have a reminder sent monthly to make sure all your settings are where you want them to be for each individual Google service. Click here to access your Google dashboard.
  • Take power over the ads that you are shown. Did you know that you can review and control the kinds of ads that Google shows you? Most users don’t take advantage of this amazing convenience, but it’s very easy to do. Click here to view, edit, and even opt out of the kinds of ads you see on Google.
  • Do periodic privacy checkups. Not sure which Google services are using what information, how much of your personal information is being shared, or what information Google already has gathered on your search habits? One way to tackle this somewhat overwhelming data is to use the Google Privacy Checker. This simple tool helps users to methodically check exactly what is being shared, and where. For example, you can choose  how much information is shared in your Google+ profile, both publicly and privately. You can edit how much information is available if someone clicks on your YouTube user profile. You can opt out of Google using any publicly shared photos in background images, edit any endorsements of products you might have given in the past, keep all your Google subscriptions (YouTube videos, for example) private, manage your Google Photos settings, and more. You can even personalize your Google experience here, from how you view directions to how your search results are displayed. The user is ultimately in charge of how they experience Google – all the tools are in your hands.  

Overwhelmed? Here’s Where to Start

If this is the first time that you’re learning about how much information Google is actually tracking, storing, and using, you might be a little overwhelmed as to what to do first.

Simply taking the time to educate yourself about what one of the most popular search engines in the world is doing with your online data is a valuable first step.

If you’re looking for a virtual “clean slate”, the best thing to do would simply be to clear your Google search history completely. You can find a detailed step by step on how to accomplish that here: How to Find, Manage, and Delete Your Search History.

Next, decide how much information you are comfortable with giving Google access to. Do you care if all your searches are tracked as long as you get relevant results? Are you okay with giving Google access to your personal information if you receive more targeted access to what you’re looking for? Decide what level of access you are comfortable with, and then use the suggestions in this article to update your Google settings accordingly.

How to Protect Your Privacy and Anonymity Online

For more on how to manage your privacy online, and stop your information from being potentially tracked, we invite you to read the following articles:

Privacy: It's Ultimately Up To You 

Whether or not you’re concerned about the information in your Google searches, profile, and personal dashboards being used to enhance the relevancy of your queries online, it’s always a good idea to make sure that all information shared on any service is within the bounds of personal privacy that you are most comfortable with. While we should certainly keep the platforms and services we use accountable to a common standard of user privacy, the safety and security of our information online is ultimately up to each one of us to determine. 

 Source: This article was published lifewire.com By Wendy Boswell

Categorized in Internet Privacy

Privacy is more important than ever. The Internet may be the best thing since sliced bread, but as we come to rely on it more and more in our daily life we risk exposing our data to attackers. Here at Cloudwards.net we figured we would help out our readers with a thorough online privacy guide that will keep you safe while your browse the world wide web.

We’ll look at the steps you can take to ensure your privacy, whether you’re just browsing or downloading torrents. However, we’re not here to help you hide from three-letter agencies that are actively searching for you: if you’re the next Edward Snowden, you’ll have to take extraordinary measures that are well out of the scope of this article.

With that said, let’s first take a look at the threats the average user will face while on the Internet.

Privacy Under Attack

According to the Pew Research Center, half the U.S. population do not trust the government or social media to protect their data and 64 percent have experienced a major security breach of some description.

It’s not just hackers and scammers that we have to worry about. Governments around the world seem to want to get their hands on citizens’ data, too. Claiming a desire to thwart future terrorist attacks, some politicians want to require corporations to backdoor their software and purposefully weaken or break encryption so that law enforcement can more easily eavesdrop on users.

For example, the FBI wanted Apple to provide them with a backdoor to access encrypted iPhones, a request which Apple, thankfully, declined. As encryption becomes easier to deploy and use, cases like this will continue to crop up in the news until lawmakers learn that all back doors are simply another vector for criminals to attack innocent users — or for ISPs to sell customer data.

The upshot is that your privacy is at risk, whether from politicians or hackers, and it’s futile to rely on corporations or lawmakers to safeguard your private data. Your privacy is your responsibility and you need to grab this bull by the horns yourself if you want your data to stay yours.

Threat Models

A threat model is used to establish what steps to take to keep something secure. Software developers and security researchers use threat modeling when writing software or designing security systems, deploying servers or other hardware. It’s useful for users as well, since security and privacy can seem like a fuzzy gray area for home users.

You need a threat model because there is no single tool to keep your data safe online or to protect your privacy. To begin, ask yourself two basic questions:

  • What do I want to protect?
  • Who am I protecting it from?

Security is situational, meaning someone backing up cat pictures faces very different threats than someone backing up sensitive documents for a business. Do you need to protect those cat pictures? Are they a likely target for attackers? Not really, so you wouldn’t want to expend too much effort on the task.

Documents, on the other hand, are definitely a target for attack. Hackers love to go after them as they contain a wealth of information, so sensitive documents are worth the extra effort it might take to make sure they remain private and secure.

By asking those two questions — what am I protecting, and from whom — we establish a threat model. Ask yourself what the consequences are if you fail to protect something and decide if it’s worth the risk. Even if it might seem like extra work, the tools and tips we provide here will make it easier to keep your data safe and help maintain your privacy.

Common Online Threats

Now that we know what a threat model is and how to establish one that meets your needs, let’s take a look at some of the most common threats online.

Ads and Tracking

Many users find ads to be annoying at the very least and PageFair released a report that shows the use of adblock software to be increasing rapidly. Ad blocking is a good thing as you’re not just making browsing more pleasant, you’re also preventing those ads from tracking you.

Some people don’t mind this, since such data is often used to create targeted advertisements for users. If the idea of your Internet activity being tracked doesn’t bother you then you don’t have to include this in your threat model.

For those who don’t want to be tracked, it’s important to understand how it works. A web browser creates a “fingerprint” that can be used to identify a user with great accuracy. Websites can request specific information from your browser, such as screen resolution, language or installed add-ons.

You can get an idea of how unique your browser fingerprint is at Panopticlick and Am I Unique?. Fingerprinting is hard to prevent, since installing more add-ons or tweaking your browser simply results in a more singular setup than you started with.

There is a way to minimize fingerprinting: use at least two separate browsers.

Let’s say you’re logged into Facebook on Chrome. You leave Facebook, and browse the web for a while. Any page that has a Facebook “like” button automatically reports back to Facebook and you’re still logged in so any pages you visit with a “like” button are tied to your account. You’ll see content and advertisements based on all the tracking data Facebook has accumulated.

By using two browsers — one for Facebook, say, and another for everything else — you keep your activities separate. That way, Facebook and google will have trouble linking your party pics to your WebMD searches. We’ll touch on this more in depth later on in the article, but for now simply decide whether tracking and advertisements are on your threat model.

Public WiFi

WiFi is available almost everywhere these days and many people connect their mobile phone or laptop to the first hotspot that pops up, often without a second thought. However, fake hotspots are easy to set up and often hard for users to distinguish from legitimate ones.

We’ve written in-depth about the dangers of public WiFi and it’s worth reading if you want to stay safe when using it. If you work in public spaces or use public wireless often, you should include it in your threat model; a few simple precautions will cut down the danger of hijacked connections considerably.

A virtual private network is your best bet here, so if you’re not sure what that is we’ll help you get up to speed and understand what a VPN is good for. Using a VPN goes a long way toward protecting you on wireless hotspots, but be sure to follow the basic guidelines below and use a plugin like HTTPS Everywhere, which we covered previously in our list of 99 free tools to protect your privacy.

General Privacy and Security Tips

Maintaining your privacy online requires a continuous effort. You can’t click a button and never worry about it again. By learning a few basic concepts and employing them every day, though, you’ll increase your security and privacy online and eventually it’ll become second nature.

Let’s start with what you can do on your own devices: encryption.

Encrypt Everything

One way to put your privacy at risk is when your computer is lost or stolen. Even if you have password protected it, there are ways to access the data on your hard drive. Stolen or lost devices, in fact, are estimated to contribute to 45 percent of healthcare and 25 percent of bank data breaches, and it’s usually due to unencrypted hard drives.

The major operating systems all include support for full-disk encryption, making it easy to encrypt your entire hard drive. This protects your device in the event it goes missing, but since you simply decrypt it when you login, it makes no real difference in the way you use your device.

Another way of keeping data safe is to not keep it on your hard drive at all, but in the cloud, instead. You can then rely on your cloud provider to handle the encryption of your data and have them keep it safe.

If you go this route, you’re probably best off going with any of our best zero-knowledge cloud services, like Sync.com or pCloud, both of which let you create and maintain control of your own encryption key. Alternatively, you can use a less secure provider and encrypt your files yourself.

In the past, I used TrueCrypt to create encrypted volumes and then stored those encrypted volumes in the cloud. TrueCrypt is no longer supported or considered safe to use, but there are several great TrueCrypt alternatives. I’ve personally moved on to using VeraCrypt.

Using a zero-knowledge service or encrypting your own files is a big responsibility, however, since if you lose your encryption keys or passphrase you’ll have no way to recover the encrypted data. Always keep copies of encryption keys stored someplace safe.

In addition to the files on your computer, consider encrypting text messages stored on your mobile device with user-friendly apps like Signal. Most Android and iOS phones offer system encryption via passcode, which we also recommend taking advantage of.

Anyone with a little spare time and $500 can build a stingray to impersonate a cell tower and intercept text messages. GSM, the protocol used by many mobile phone carriers, is broken and insecure. Given the ease of encrypting text messages and ease of spoofing cell towers, you should strongly consider including your mobile device usage in your privacy threat model.

Finally, we recommend that you consider securing your email. Email is insecure by default, as your messages can pass through many different servers before hitting their destination. Even if those servers use SSL to encrypt the data, there is no guarantee as to the security of each individual server.

Encrypting email is a little more difficult than encrypting text messages, but our email encryption guide provides straightforward instructions and explains essential terminology.

It still might take some time to grasp the basics, but after you send and receive a few encrypted emails, it will become second nature, especially with one of the plugins featured in our guide.

Password Security

The weakest link in information security is almost always the human element. People make mistakes, and when it comes to security one of the most common mistakes is choosing a terrible password and reusing it often.

The media frequently sensationalizes security breaches, always blaming it on hackers while criticizing large corporations for not protecting users. The truth is, corporations can’t be blamed when a someone picks an easily guessed password or falls for a phishing scam.

It’s the easiest avenue for attackers to pursue, preying on unsuspecting users that can’t spot a fake email or use “password123” everywhere they can. We previously covered several high-profile cases involving password fails, which illustrate that very point.

Thankfully, it’s actually not hard to pick a good password. We wrote a guide on choosing astrong password that goes into the logic behind password security and demonstrates how easy it is to pick a nearly unbreakable password.

There are many tools that make strong password creation easier, too, including password managers. Using a password manager requires the user to create and remember a single, lengthy and secure password that unlocks the user’s other passwords. Most password managers have browser plugins and other tools that make using them a seamless experience.

Another tactic you can take to protect yourself against password cracking is two-factor authentication, or 2FA. With 2FA, when logging into an online service from an unfamiliar machine, you’ll be asked enter another piece of information in addition to your normal credentials.

This piece of information is often a security code sent to your mobile device or a security token. This ensures that only you can access this information and is an essential tactic when keeping your data safe.

Use a VPN

We briefly mentioned VPNs earlier when covering public WiFi, but such tools do more than provide protection against digital eavesdropping: VPNs also protect you from marketers and anybody else who might want make use of your browsing data.

We already mentioned ISPs’ Congress-sponsored snooping, but also concerning is that service providers like Verizon and AT&T have been inserting perma-cookies to track users and injecting advertisements into web pages, invading the privacy of users and putting them at risk. Ad networks are often abused by malicious parties, and it’s easy to load malware into an advertisement.

By using a VPN, you can prevent ISP traffic logging and shady practices like those employed by Verizon and AT&T. VPN services can spoof your IP address with one of their own, effectively shielding your device identity and location. The tunnel created by a VPN encrypts traffic coming from your device, too. The net result is that only the VPN provider can see what you’re doing.

That’s why it’s important to find a VPN that doesn’t log traffic. Be especially careful of free VPNproviders. Many profit by actually selling your data to the very sorts of people you think you’re protecting yourself from.

We’ve created a VPN comparison chart that will help you pick a no-log VPN. We also wrote a short guide to VPNs that includes a breakdown of the best VPN providers for 2017.

General Privacy Tips

We’ve covered the basic things you can do to maintain your privacy and security online:

  • Use separate web browsers to compartmentalize your activity and prevent tracking
  • Be wary of public WiFi and use a VPN to stay safe
  • Encrypt everything: your devices, your data, emails and texts
  • Choose strong passwords and never, ever reuse a password
  • Keep a no-log VPN running to prevent traffic monitoring

It might seem like a tall order at first, but you can start by prioritizing and picking just one area to work on. Spend some time thinking about your own privacy needs, what matters to you and what you want to protect. In short, develop your threat model. Then, get to work.

Up next, we’ll look at some common day-to-day online activities (web browsing, chat and torrenting) and offer a few suggestions for how to increase your privacy for each.

Browsing Privately

We spend a good deal of time browsing every day, whether for work or play. In fact, Pew Research reports that 73 percent of Americans say they’re online every day and 21 percent say they’re online “almost constantly.”

The Internet is a lovely place, but it has its dark corners, too, and some less-than-nice people lurk there. We’ve discussed one privacy threat you might face, tracking, and mentioned both phishing and malware in passing.

Phishing is when malicious attackers impersonate a site or service, such as a bank or email provider, in an attempt to trick users into handing over sensitive information. Attackers have become adept at creating realistic pages that might fool all but the most suspicious of users.

Malware is malicious software designed to corrupt your computer. It’s often spread through pop-ups or advertisements, including fake antivirus warnings and updates. Be careful about clicking any such message: chances are someone is trying to scam you and infect your computer. Only update your operating system through the normal channels, like the control panel or app store, or by the package manager if using Linux.

It’s not difficult to avoid phishing sites or malware. By default, both Firefox and Chrome employ Google’s Safe Browsing Service to automatically identify and warn users when a site is known to contain malware and phishing links.

Always look for the SSL icon in the address bar — typically a little padlock — and read the website address to make sure you’re on the right page. Even that’s not a sure thing, though, as malicious sites may use SSL themselves. Always double-check the address, too. A common trick attackers use is to pick a domain with a typo, like “facebok.com” or something similar, hoping that users won’t notice the difference.

Chat

There are many clients for online chat, many of them free, and most users don’t stop to think about their privacy when using them. If you’re content with Facebook Messenger and chat privacy doesn’t factor into your personal threat model, keep doing what you’re doing. If you value your privacy and security, here’s what you can do.

First, you should use Off-the-Record Messaging (OTR) wherever you can. OTR provides encryption and authentication for instant messaging.

The best way to utilize OTR is with the XMPP protocol. XMPP is a free, open and decentralized protocol for instant messaging created in 1999 by Jeremie Miller. Jabber was the first IM technology built atop XMPP, and the popular app WhatsApp initially used a custom version of XMPP before switching to a closed, proprietary protocol.

You’ll need a client, which is simply a program that connects to the XMPP service. A few of the most popular clients that support OTR are:

To start using XMPP, you need to sign up for a public XMPP provider; there’s an excellent list provided by CryptoParty. Signing up is easy and there are plenty of free, public XMPP servers. Once you have an account you can chat with any other user across different XMPP servers.

I won’t get into detail on other chat apps, but we previously touched on some of the concerns regarding apps like WhatsApp and Telegram in another article. The short version: most use private/proprietary protocols, or custom codebases that lack the proven security and reliability of a protocol like XMPP, so it’s impossible to vouch for their security or privacy.

To recap: If you want to chat securely and privately, use a client like Pidgin along with a public XMPP server and the OTR plugin. Any other XMPP user can contact you since most servers are federated, and all of your instant messaging is encrypted and authenticated.

Torrents

The bittorrent protocol relies on each user sharing the file in question with the “swarm,” a term that refers to everyone downloading a particular torrent. Torrent clients will download and upload to other peers, which makes for an excellent, decentralized protocol for file sharing.

It’s also a privacy nightmare. Your IP is broadcast to the swarm and it’s trivial to get the IP address of all users downloading a torrent. Copyright lawyers monitor the most popular torrent sites and files using automated software, sending out millions of notices to ISPs and users, threatening legal action and hefty fines.

There are plenty of legitimate uses for torrents, such as sharing Linux ISOs, but regardless of your intentions the goal of this guide is to help you maintain your privacy. To hide your IP address while torrenting, there are two easy options: Use a VPN or use one of our best cloud torrent services.

We discussed VPNs earlier, but it’s worth mentioning that not all providers are torrent-friendly. Check out our top VPN reviews to find a good provider that allows torrents before you sign up for a VPN service. Speed tests are a crucial part of our reviews, and you’ll want the best speeds possible when downloading torrents with a VPN. Remember to look for a provider that doesn’t log your data, too.

If you don’t want to use a VPN, there’s always cloud torrenting. These clients download the torrents on your behalf, so your IP is never in the swarm, and they cache popular torrents so often times your files are instantly available. Many support streaming on their paid tiers, making this a convenient choice, but keep in mind these providers typically keep logs and would comply with court orders.

I’m not aware of this ever happening, and services like Put.io have been in business for quite some time without issue. For the those who value their privacy, I recommend a torrent-friendly, zero-logging VPN provider for downloading torrents. It may be less convenient, but it’s better for your privacy.

Conclusion

Privacy and security are complex topics and it would take many more pages to cover every aspect. Fortunately, unless you’re on the run from an intelligence agency, users can protect their privacy by following a few basic guidelines and staying aware of trends and threats as technology evolves.

Determine the threats to your privacy: What do you want to protect, and how hard are you willing to work to protect it? Learn about VPNs and pick a reputable provider to keep your traffic secure at home and on public WiFi. Encrypt all of your devices, as well as your texts, emails and other data. Be wary when browsing the web, avoiding common phishing scams and malware.

Put what you’ve learned here into practice slowly, and use it daily. After a while it becomes natural, and you’ll feel better knowing your data is secure. Your privacy is in your hands, and Cloudwards.net is here to help you safeguard it. We hope you enjoyed this article. Feel free to share it on social media and leave feedback in the comments below. Thank you for reading.

 

Source: This article was published cloudwards.net By James Crace

Categorized in Internet Privacy

By Adeniyi Ogunfowoke

With almost everyone relying on the internet to perform tasks, there is barely anything like privacy. All your personal information are readily available to everyone by simply googling your name.

However, you can control the information others have access to online thereby guaranteeing your online privacy by taking certain steps. Jumia Travel, the leading online travel agency shares some of the steps you should take.

Password all your devices

Protect all your devices with passwords and that includes your computers, tablets, smartphones and anything other gadgets with your personal data on them. If it is unsecured by a password, your lost or stolen gadget will become a source of personal information for whoever has it and this can lead to identity theft.

Use two-factor authentication

The two-factor authentication is becoming very popular today. Activating this feature will not give you or any other person immediate access to your accounts. Instead, when you login, you will need to enter a special code that the website texts to your phone. No code, no access.

Do not share too much information on your social media profile

The more information you share online, the easier it’s going to be for someone to get their hands on it. One of such ways to get this information is via social media. So, check your social media profiles and remove information such as date of birth, phone numbers and email addresses. Anyone who wants to contact you should send a Direct Message.

Enable private browsing

If you don’t want anyone with physical access to your computer to see your online activities, you should enable private browsing which is a setting available in all major web browser. Enabling it will automatically delete cookies, browsing history and temporary Internet files after you close the window.

Set up a Google alert for your name

This is one of the easiest ways to keep track of everything someone may be saying about you on the website. With the activation of Google alert, you will be alerted immediately if someone illegally accesses your information.

Pay for transactions with cash

If you do not want to give out your card information online, you should use the cash on delivery option to pay for online transactions. You know some of these websites can sometimes be unreliable.

Keep your computer virus free

If your computer is infected by a virus or malware, hackers will not only have access to your information to steal your identity, but they may lock up your files and ask for a ransome to get them back. You will have to pay if the files are important to you.

Do not rely on search engines

If you don’t like the idea of your search history being used to do business, you can switch your search engines. This is because many of us rely heavily on Google Chrome. So, make it a rule of thumb to switch your search engine.

Adeniyi Ogunfowoke is a PR Associate at Jumia Travel

Source: This article was published businesspost.ng By Dipo Olowookere

Categorized in Internet Privacy

I JUST GOOGLED “alarm dust,” “alibi sweatshirt,” and “sleuth intelligence.” Then I shopped for industrial dehydrators, scanned a Pinterest page for concrete decks, and read something about nuclear war.

The thing is, I’m not in the market for a new dehydrator. Concrete decks aren’t really my style, and I still have no idea what “alarm dust” is. I didn’t visit any of these web sites of my own volition—a website called Internet Noise did, all to obscure my real browsing habits in a fog of fake search history.

Yesterday, the House of Representatives voted to let internet service providers sell your browsing data on the open market. This decision angered a lot of people, including programmer Dan Schultz. After reading about the vote on Twitter at 1 AM, he turned off Zelda and coded this ghost currently opening tabs on my machine.

Internet Noise acts like a browser extension but is really just a website that auto-opens tabs based on random Google searches. Schultz isn’t a hacker but a concerned do-gooder trying to get Americans to understand how much their online privacy is at risk. “I cannot function in civil society in 2017 without an internet connection, and I have to go through an ISP to do that,” he says.

To counter that threat, Schultz wants to make it impossible for ISPs or anyone they’ve sold your data to accurately profile you. The vote yesterday implicitly legalized such tracking by explicitly rescinding rules against it. By muddying your online identity, advertisers can’t accurately target you, and authorities can’t accurately surveil you. To create noise that blocks your signal, Schultz googled “Top 4,000 nouns” and folded the list into his code. When you hit the “Make some noise” button on his site, it harnesses Google’s “I’m Feeling Lucky” button to search those phrases, then opens five tabs based on the results. Every ten seconds it does another search and opens up five more. Within minutes, my entire browser history was a jumble. Internet Noise will keep going until you hit the “STOP THE NOISE!” button. Schultz envisions you running this while you sleep.

This is a snapshot of my browsing history a minute after installing "Internet Noise."This is a snapshot of my browsing history a minute after running Internet Noise.

This signal-jamming offers just one modest example of the larger theory of obfuscation, the idea that if you can’t disappear online at least you can hide yourself in a miasma of noise. Adnauseam.io is a plug-in currently banned by Google that works in a similar way, except instead of just opening pages and jamming your history, it actually clicks on random ads. In the process, it’s directly targeting the ad model that underpins so much of the internet, and it can be pretty effective. I am not building a deck or in the market for a manual regenerative hydrator, but now that Internet Noise search for those things ads for both will likely appear in my Facebook feed, and I’m cool with that. Internet Noise tries to throw them off my trail by creating a fake path to follow. That’s the key to successful signal-jamming: You can’t just generate random sounds. You have to generate a second song.

Risks and Limitations

What if it’s not an advertiser looking at your web data, though, but a spy agency or some other authority drawing conclusions about your browsing? From my test run, someone might conclude something causal between my googling of industrial equipment, chemical companies, nuclear proliferation, sleuth intelligence, and cancer. Sketchy! Schultz himself hasn’t evaluated all 4,000 search words (and the 16,000,000 results their two-word combinations can generate)1 to determine whether they might raise red flags for anyone spying on my habits.

But I can take some comfort in the fact that right now, Schultz’s site isn’t that effective at truly jamming my signal. It’s actually too random. It doesn’t linger on sites very long, nor does it revisit them. In other words, it doesn’t really look human, and smart-enough tracking algorithms likely know that.

“The main problem with these sorts of projects is that they rely on your being able to generate plausible activity more reliably than your adversaries,” says privacy expert Parker Higgins, formerly of the Electronic Frontier Foundation. “That’s a really hard problem.”

Schultz says the main point of Internet Noise for now is to raise awareness, though the open source project has the potential to evolve into a real privacy tool. People have already reached out to fix minor problems and suggest ways to make it more effective. In the meantime, anyone truly concerned about their privacy needs to stay savvy about the technical limitations of the tools they choose, including Internet Noise. “I fear that any of these cool hacks will give people a false sense of security,” says EFF privacy researcher Gennie Gebhart, who is working with her team to create a broad toolkit of how to protect yourself from ISP tracking. “There is no one click that will protect you from all the kinds of tracking.”

Not that privacy-minded programmers will stop trying. Internet Noise may be the first grassroots hack created in direct response to yesterday’s vote. But a sizable collectionof similar tools offers a sobering reminder that companies were already tracking and selling your data. Geeks may not have the political clout to stop such infringements of online freedom, but they do have the advantages of speed and passion. As long as they have keyboards, internet fighters will try to drown out Washington with the roar of their code.

1Updated to include how many different search results the noun combinations could generate.

Source: This article was published wired.com By EMILY DREYFUSS

Categorized in Internet Privacy

Achieving internet privacy is possible but often requires overlapping services

It’s one of the internet’s oft-mentioned 'creepy' moments. A user is served a banner ad in their browser promoting products on a site they visited hours, days or months in the past. It’s as if the ads are following them around from site to site. Most people know that the issue of ad stalking – termed 'remarketing' or 'retargeting' - has something to do with cookies but that’s barely the half of it.

The underlying tracking for all this is provided by the search engine provider, be that Google, Microsoft or Yahoo, or one of a number of programmatic ad platforms most people have never heard of. The ad system notices which sites people are visiting, choosing an opportune moment to 're-market' products from a site they visited at some point based on how receptive it thinks they will be. The promoted site has paid for this privilege of course. Unless that cookie is cleared, the user will every now and then be served the same ad for days or weeks on end.

Is this creepy? Only if you don’t understand what is really going on when you use the internet. As far as advertisers are concerned, if the user has a negative feeling about it then the remarketing has probably not worked.

If it was only advertisers, privacy would be challenging enough but almost every popular free service, including search engines, social media, cloud storage and webmail, now gathers intrusive amounts of personal data as a fundamental part of its business model. User data is simply too valuable to advertisers and profilers not to. The service is free precisely because the user has 'become the product' whose habits and behaviour can be sold on to third parties. Broadband providers, meanwhile, are increasingly required by governments to store the internet usage history of subscribers for reasons justified by national security and policing.

The cost of privacy - dynamic pricing

Disturbingly, this personal tracking can also cost surfers money through a marketing technique called 'dynamic pricing' whereby websites mysteriously offer two users a different bill for an identical product or service. How this is done is never clear but everything from the browser used, the search engine in question the time of day, the buying history of the user or the profile of data suggesting their affluence may come into play. Even the number of searches could raise the price.

This seems to be most common when buying commodity services such as flights, hotel rooms and car rental, all of which are sold through a network of middlemen providers who get to decide the rules without having to tell anyone what these are. Privacy in this context becomes about being treated fairly, something internet providers don't always seem keen to do.

How to browse privately

Achieving privacy requires finding a way to minimise the oversight of internet service providers (IPS) as well as the profiling built into browsers, search engines and websites. It is also important to watch out for DNS name servers used to resolve IP addresses because these are increasingly used as data capture systems.

At any one of these stages, data unique to each user is being logged. This is especially true when using search engines while logged into services such as Google or Facebook. You might not mind that a particular search is logged by the search provider but most people don’t realise how this is connected directly to personal data such as IP address, browser and computer ID not to mention the name and email address for those services.

Put bluntly, the fact that an individual searched for health, job or legal advice is stored indefinitely as part of their personal online profile whether they like it or not.

VPNs

In theory, the traditional way of shielding internet use from ISPs can be achieved using a VPN provider.

A VPN creates an encrypted tunnel from the user’s device and the service provider’s servers which means that any websites visited after that become invisible to the user’s primary ISP. In turn, the user’s IP address is also hidden from those websites. Notice, however, that the VPN provider can still see which sites are being visited and will also know the user’s ISP IP.

Why are some VPNs free? Good question but one answer is that they can perform precisely the same sort of profiling of user behaviour that the ISP does but for commercial rather than legal reasons. In effect, the user has simply swapped the spying of one company, the ISP, for another, the VPN.

Post-Snowden, a growing number advertise themselves as 'no logging' providers, but how far the user is willing to go in this respect needs to be thought about. Wanting to dodge tracking and profiling is one thing, trying to avoid intelligence services quite another because it assumes that there are no weaknesses in the VPN software or even the underlying encryption that have not been publicly exposed.

IPVanish

IPVanish is a well-regarded US-based service offering an unusually wide range of software clients, including for Windows, Mac and Ubuntu Linux, as well as mobile apps for Android, iOS and Windows Phone. There is also a setup routine for DD-WRT and Tomato for those who use open source router firmware. Promoted on the back of speed (useful when in a coffee shop) and global reach as well as security. On that topic, it requires no personal data other than for payment and states that it does not collect or log any user traffic.

Cyberghost

Another multi-platform VPN, Romanian-based Cyberghost goes to some lengths to advertise its security features, its main USP. These include multi-protocol support (OpenVPN, IPSec, L2TP and PPTP), DNS leak prevention, IP sharing (essentially subnetting multiple users on one virtual IP) and IPv6 protection. Provisions around 50 servers for UK users. It also says it doesn’t store user data.

Privacy browsers

All browsers claim to be ‘privacy browsers’ if the services around them are used in specific ways, for example in incognito or privacy mode. As wonderful as Google’s Chrome or Microsoft’s Edge might be their primary purpose, isn't security. The companies that offer them simply have too much to gain from

The companies that offer them simply have too much to gain from a world in which users are tagged, tracked and profiled no matter what their makers say. To Google’s credit, the company doesn’t really hide this fact and does a reasonable job of explaining its privacy settings.

Firefox, by contrast, is by some distance the best of the browser makers simply because it does not depend on the user tracking that helps to fund others. But this becomes moot the minute you log into third-party services, which is why most of the privacy action in the browser space now centres around add-ons.

Epic Privacy Browser

Epic is a Chromium-based browser that takes a minimalistic approach to browsing in order to maximise privacy. It claims that both cookies and trackers are deleted after each session and that all browser searches are proxied through their own servers, meaning that there is no way to connect an IP address to a search. This means your identity is hidden. Epic also provides a fully encrypted connection and users can use its one-button proxying feature that makes quick private browsing easy, although it could slow down your browser.

Tor

This Firefox-based browser that runs on the Tor network can be used with Windows, Mac or Linux PCs. This browser is built on an entire infrastructure of ‘hidden’ relay servers, which means that you can use the internet with your IP and digital identity hidden. Unlike other browsers, Tor is built for privacy only, so it does lack certain security features such as built-in antivirus and anti-malware software.

Dooble

This stripped back Chromium-based browser offers great privacy potential but it may not be the first choice for everyone. Able to run on Windows, Linux and OS X, Dooble offers strict privacy features. It will disable insecure web-based interfaces such as Flash and Javascript, which will make some web pages harder to read. In addition, user content such as bookmarks and browsing history can be encrypted using various passphrases.

See here for a full list of our best secure browsers. 

Privacy search engines

It might seem a bit pointless to worry about a privacy search engine given that this is an inherent quality of the VPN services already discussed but a couple are worth looking out for. The advantage of this approach is that it is free and incredibly simple. Users simply start using a different search engine and aren’t required to buy or install anything.

DuckDuckGo

The best-known example of this is DuckDuckGo. What we like about DuckDuckGo is it protects searches by stopping 'search leakage' by default. This means visited sites will not know what other terms a user searched for and will not be sent a user’s IP address or browser user agent. It also offers an encrypted version that connects to the encrypted versions of major websites, preserving some privacy between the user and the site.

In addition, DuckDuckGo offers a neat password-protected 'cloud save' setting that makes it possible to create search policies and sync these across devices using the search engine.

Oscobo UK search

Launched in late 2015, Oscobo returns UK-specific search results by default (which DuckDuckGo will require a manual setting for). As with DuckDuckGo, the search results are based on Yahoo and Bing although the US outfit also has some of its own spidering. Beyond that, Oscobo does not record IP address or any other user data. According to its founders, no trace of searches made from a computer is left behind. It makes its money from sponsored search returns.

DNS nameservers

Techworld's sister title Computerworld UK recently covered the issue of alternative DNS nameservers, including Norton ConnecSafe, OpenDNS, Comodo Secure DNS, DNS.Watch, VeriSign and, of course, Google.

However, as with any DNS nameserver, there are also privacy concerns because the growing number of free services are really being driven by data gathering. The only way to bypass nameservers completely is to use a VPN provider’s infrastructure. The point of even mentioning them is that using an alternative might be faster than the ISP but come at the expense of less privacy.

DNS.Watch

Available on 84.200.69.80 and 84.200.70.40, DNS.Watch is unique in offering an alternative DNS service without the website logging found on almost every rival. We quote: “We're not interested in shady deals with your data. You own it. We're not a big corporation and don't have to participate in shady deals. We're not running any ad network or anything else where your DNS queries could be of interest for us.”

OpenDNS

Now part of Cisco, the primary is 208.67.220.220 with a backup on 208.67.222.222. Home users can simply adjust their DNS to point at one of the above but OpenDNS also offers the service wrapped up in three further tiers of service, Family Shield, Home, and VIP Home. Each comes with varying levels of filtering and security, parental control and anti-phishing protection.

Privacy utilities

Abine Blur

Blur is an all-in-one desktop and mobile privacy tool that offers a range of privacy features with some adblocking thrown in for good measure. Available in free and Premium versions ($39 a year) on Firefox and Chrome only, principle features include:

- Masked cards: a way of entering a real credit card into the Blur database which then pays merchants without revealing those details. 

- Passwords: similar in operation to password managers such as LastPass and Dashlane without some of the layers of security and sophistication that come with those platforms. When signing up for or encountering a new site Blur offers to save or create a new strong password.

Masked email addresses are another feature, identical in principle to the aliases that can be used with webmail systems such as Gmail.  Bur’s management of these is a bit more involved and we’d question whether it’s worth it to be honest were it not for the single advantage of completely hiding the destination address, including the domain. Some will value this masking as well as the ease of turning addresses on and off and creating new ones. On a Premium subscription, it is also possible to set up more than one destination address.

- Adblocking: with the browser extension installed, Blur will block ad tracking systems without the conflict of interest are inherent in the Acceptable Ads program used by AdBlock Plus and a number of others.  We didn’t test this feature across many sites but it can be easily turned on and off from the toolbar.

- Two-factor authentication: Given the amount of data users are storing in Blur, using two-factor authentication (2FA) is an absolute must. This can be set up using a mobile app such as Google Authenticator, Authy or FreeOTP.

- Backup and Sync:  Another premium feature, this will sync account data across multiple devices in an encrypted state.

- Masked phone: probably only useful in the US where intrusive telemarketing is a problem, this gives users a second phone number to hand to marketers.  Only works in named countries including the UK. Only on Premium.

Overall, Blur represents a lot of features in one desktop/mobile browser extension. Limitations? Not terribly well explained in places and getting the best out of it requires a Premium subscription. Although the tools are well integrated and thought out most of them can be found for less (e.g. LastPass) or free (e.g. adblocking) elsewhere.  The features that can’t are masked phone and masked card numbers/addresses.

Source : This article was published in techworld.com By John E Dunn

Categorized in Internet Privacy

Internet privacy was once again thrust into the limelight recently when President Donald Trump signed a bill that would allow internet service providers to sell your browsing history to third parties like advertisers.

As much as the news rekindled concerns around internet privacy, little has actually changed. The signed bill is generally keeping things as they are. The outrage comes from the fact that the bill is rolling back an Obama-era measure to prevent ISPs from tracking and selling your browsing history, which didn't have time to take effect before he left office.

Still, some of you may be looking for ways to browse the web privately, and one of the most prominent solutions is to use a virtual private network, or VPN, which cloaks your online activity.

Here's what VPNs are, what they do, and what to look out for if you're an average person using the internet.

A VPN essentially hides your internet activity from your internet service provider, which means it has nothing to sell to third parties.

A VPN essentially hides your internet activity from your internet service provider, which means it has nothing to sell to third parties.

If the internet is an open highway, VPNs act like a tunnel that hides your internet traffic. The VPN encrypts your internet traffic into a garbled mess of numbers that can't be deciphered by your ISP or a third party. 

Most VPNs also hide identifying details about your computer from ISPs.

Most VPNs also hide identifying details about your computer from ISPs.

Any device that's connected to your ISP's network has an IP address, which looks like a series of numbers. Many Americans have multiple devices, so ISPs use IP addresses to see which device has accessed which websites and where.

Without an IP address, your devices wouldn't be able to communicate with the websites you want to look at, and you wouldn't be able to browse the internet.

VPN services hide the IP addresses on the devices you use with the VPN and replace them with IP addresses from one of their servers, which can be located anywhere in the world. So if you're in the US but are connected to a VPN server in Europe, ISPs will see the VPN's European server's IP address instead of your device's.

Can't ISPs track my browsing history through the VPN's IP address?

They could if you were the only user on that VPN server. But several users are usually using the same VPN IP address, so they can't determine whether a browsing history belongs to you, specifically. It's like searching for a needle in a stack of needles.

VPN services aren't perfect.

By using a VPN, you're still switching the trust of your privacy from your ISP to your VPN service. With that in mind, you need to make sure the VPN you use is trustworthy and doesn't store logs of your browsing history.

Certain VPN services say they don't log your browsing activity and history while you're connected to their servers. It means ISPs or a third party can't retroactively check your browsing history, even if it could decrypt the VPN's encryption "tunnel," which is unlikely in the first place.

For an extra layer of protection, choose a VPN whose servers are based outside the US. That protects against the possibility of legal entities in the US trying to access your browsing history through court orders.

They can slow down your internet speed.

The "internet" travels incredibly quickly around the world, but it's still bound by the laws of physics.

Since VPN services reroute your internet traffic through one of its servers somewhere around the globe, your internet speed could be slightly reduced.They essentially make your internet traffic take a longer route than it usually would, which means things can take longer to load.

The further away the VPN server is from your location, the longer the distance your internet traffic has to travel, which can end up in slower internet speeds. 

Most free VPN services may not be enough to protect your privacy.

Many free VPN services simply hide your IP address and don't encrypt your data, and it's the encryption part that protects your privacy more thoroughly.

You have to pay extra for privacy.

Paying extra for a premium VPN service on top of your internet bill so you can browse privately isn't very appealing. 

Should you get a VPN?

Should you get a VPN?

By getting a VPN in light of the recent events, you're preventing your ISP from tracking your activity and selling your browsing history to a third party to make more money out of your subscription. 

Some people don't want their browsing history to be seen by ISPs, nor do they want it to be sold to advertisers, even if it isn't tied to you personally. Some ISPs have said they value their customers' privacy and don't track their activity, but some of their language surrounding this subject can be vague.

Secondly, it seems fair to be recompensed for providing, albeit involuntarily, your precious browsing histories, as advertisers covet them to find out what you're interested in and show you targeted ads. If my ISP is making money out of selling my browsing history, I'd expect my monthly internet bill to be reduced, as I'm technically providing my ISP a service by browsing the web and exposing my interests. 

The likelihood of this happening, however, is uncertain and perhaps unlikely considering it's now an ISP's "right" to sell your browsing history to third parties. There's no law out there that forces ISPs to compensate their customers for providing their browsing histories, so don't expect them to anytime soon.

In a way, you can't blame the ISPs.

In a way, you can't blame the ISPs.

ISPs can see which sites you're visiting, anyway, because they can tell what internet traffic is going through which IP address. From their point of view, they might as well make money out of it. There's certainly a market for browsing histories, and after all, a business is in the business of making money.

Still, not everyone is comfortable with having their activity tracked at all — or having to opt out versus opting in — even if they have a squeaky-clean, legal web-browsing history.

 

Author: Antonio Villas-Boas
Source: businessinsider.com

Categorized in Internet Privacy

SAN FRANCISCO — Protecting your Internet activities from collection and sale by marketers is easier said than done, especially after Tuesday’s vote to overturn pending FCC privacy rules for Internet Service Providers.

The move by Congress dismantled rules created by the Federal Communications Commission just six months ago, rules that weren’t slated to go into effect until later this year. President Trump is expected to sign the bill into law soon.

Broadband rules axed by Congress, headed to Trump

The decision, decried by consumer groups and Democrats and lauded by Republicans and telecom companies, sent those worried looking for a fallback plan. One possibility? Wider use of VPNs, which provide private end-to-end Internet connections and are typically used to keep out snoops when using public Wi-Fi.

"Time to start using a VPN at home," Vijaya Gadde, general counsel at Twitter, tweeted after the decision.

But such protection is limited. While VPNs keep broadband providers from seeing the sites users visit, that masking only goes so far — once logged into a website, an operator like Amazon tracks users' activities so it can suggest tailored products.

"All that a VPN does is hide what take place to get from point A to point B. Once you're on the other side, if you have credentials there — think Netflix — it knows who you are," said Matt Stamper, director of security and risk management programs at the consulting company Gartner.

Congress' decision essentially reverts to the status quo. The FCC argued that IPS’s like Comcast and AT&T should not face more stringent privacy rules than online companies such as Facebook and Google, which also collect information about users. Opponents countered that IPS's are different because they have access to users' full web browsing habits and physical addresses.

With the repeal, Internet providers won't be required to notify customers they collect data about or ask permission before collecting, sharing and selling data about what they do online, beyond the initial Terms of Service agreement. Information collected could include websites visited, apps used and physical location.

“Your entire clickstream, basically your life online, has the potentially to become one giant profile,” said Stamper.

That information can then be used to craft highly-targeted ads. This is part of the fundamental business model of many online companies, from e-commerce juggernaut Amazon to search giant Google to social network Facebook. They follow users’ online movements and actions, then use the information to better market to them. Increasingly, broadband providers are also getting into the content and advertising business. For instance, that's a key reason Verizon is buying Yahoo.

While web companies' profiles aren't person-specific, they allow their own products and those of advertisers to minutely target a type of customer, say a 30-year-old woman in the Southwest who likes rock climbing. While individual companies' privacy policies vary and sometimes allow for opt-outs of information sharing, in general websites can sell or share this de-personalized information with partners.

Side-stepping that constant surveillance while trying to use the web in our daily lives is almost unachievable, said Stamper.

“Realistically, unless somebody is extraordinarily well-versed in technology, has a really good understanding of what different sites are doing and how they do it, it’s almost impossible for the average consumer to keep their details private,” he said.

One option is for customers to find the privacy policy of their ISP and specifically opt out of data collection, said Robert Cattanach, a privacy lawyer with the firm of Dorsey & Whitney.

That's easier said than done, said ACLU lawyer Neema Singh Guliani.

"You'll need to go through what in some cases is going to be a long, arduous and frustrating process in understanding what you can do to control the information they gather about you," she said.

Overall, the best course of action for those concerned about what's collected about them is to practice ‘digital privacy hygiene’ by giving as little information as possible when doing things online, to minimize the digital footprint available to companies, said Nuala O’Connor, president and CEO of the Center for Democracy & Technology, a non-profit digital rights group.

“I was asked for my phone number when buying towels recently at a home store. They don’t need my phone number! Just sell me the towels!  Companies need to do a better job about minimizing the data they’re collecting, but in the meantime we can all be stingier about what we give out,” she said.

Long term, the situation could create incentives for companies to offer privacy-for-pay, “tiered pricing models that would effectively make privacy a privilege for those who could afford to pay more for these services every month,” said Fatemeh Khatibloo, a privacy analyst with Forrester.

Source : usatoday.com

Categorized in Internet Privacy
Page 2 of 3

AOFIRS

World's leading professional association of Internet Research Specialists - We deliver Knowledge, Education, Training, and Certification in the field of Professional Online Research. The AOFIRS is considered a major contributor in improving Web Search Skills and recognizes Online Research work as a full-time occupation for those that use the Internet as their primary source of information.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.