How to Be in Control of Info You Leak Out Whilst Browsing

//How to Be in Control of Info You Leak Out Whilst Browsing

How to Be in Control of Info You Leak Out Whilst Browsing

Since EU GDPR enforcement date is almost here, I decided to write a quick blog post what you as an informed Internet user can do to protect your privacy and rights. Personally, I want a certain level of privacy / anonymity whilst browsing across the Internet. In addition, I’m not really keen on the idea of advertisers profiling me.

If you are interested in controlling what information you give (or leak) to third parties whilst browsing, read more!

Privacy is both physical and digital. Perhaps it's time to take back control of also you electronic privacy and security?

Privacy is both physical and digital. Perhaps it’s time to take back control of what data you give out whilst browsing the web?

0. Use common sense

I cannot really emphasize how important this first step is. Thus it’s the zeroth step 😀

Some people give out their personal information everywhere without really considering much. Examples include fully public social media profiles, online surveys, online lotteries, mailing lists etc.

Since you may not know whose going to find out or use that information, I would recommend thinking a while before filling out any online raffles etc. with your personal info. Also, please don’t give out your credit card information to any website unless you are making a purchase at a trusted online merchant!

In a similar vain, you probably should not install anything you don’t really need on your devices. If you really want to install the latest app, please at least limit the things it can access on your device. Many times people have been surprised by the amount of info apps give out to the companies behind them. It could be your contacts, location history, call logs

1. Use social media on another browser than you do other browsing

It’s a widely known fact that social media giants track a lot of things you do on the Internet. Since Facebook had its Cambridge Analytica scandal earlier this year, people actually have started to care what social media giants leak out.

If you are logged in to e.g. Facebook and browse to a website with Facebook commenting system or like button, your actions may be tracked by Facebook. Many online stores also have this so-called Facebook tracking pixel, which they use to profile you and your shopping habits. Thus, never browse the Internet with the same browser you use Facebook with. Even if you log out before starting browsing, your actions may still be tracked. Even non-registered users may be tracked.

Facebook is not the only company that does this: almost every social media giant does. Thus, it’s a good idea to use a different browser if you need to get your social media fix.

2. Use an adblock and a tracking blocker

It pains me to give this advice, since I know that many sites rely on advertisements as the source of their revenue. However, having been an avid adblock user for the last ~10-15 years, I would never go back. Web pages are more readable, load times are faster and battery life on a mobile device is better. In addition, certain ad networks are notorious for serving malware  or mining crypto on your computer without your permission. Adblock makes sure you don’t have to worry about these things at all. Since installing adblocks to my parents’ and grandparents’ computes, nobody has complained about slow computers, virus infections or the like.

As of what Adblock to use, I would recommend uBlock Origin (Chrome / Firefox) over any other. In addition, adding Privacy Badger alongside makes sure you don’t get tracked by domains that are not yet on the ablock providers lists. If you decide to install an adblock, remember that you can pause your adblock at any time or at any specific website. Thus you can support e.g. your favourite content creator on YouTube.

Perhaps advertisement networks will adapt in time to provide less intrusive ads and make sure the content they provide is not malignant. Until then, I will block ads. If a website complains about me using an adblocker, I just leave and find another site.

3. Use a VPN service

In some countries your ISP may  be snooping around what you do on the Internet. In addition, your IP address may be used to identify you across different websites on the Internet. Using a VPN service makes sure your true IP address will not be revealed to the websites you visit.

What VPN does is it routes all your traffic through another computer, making your apparent IP address being that of the VPN provider. Since many VPN providers allow you to change your apparent IP location at will, your IP cannot be directly tied to you. That is, of course, unless you login to some service with your personal credentials.

As of what VPN provider to use, there are plenty of options. I would personally select one operating within the EU (since I’m an EU citizen). However, make sure that the provider you use is not leaking your true IP address via WebRTC. Furthermore, some VPN providers advertise that they don’t keep any logs: take their word as a grain of salt.

4. Only browse HTTPS websites

Don’t want somebody snooping around what content you browse? Make sure you only browse on secured websites. Thankfully a rapidly increasing number of websites is adapting HTTPS due to free Let’s encrypt certificates. In addition, also AWS has started to give out free HTTPS certificates.

Sure, your DNS resolution is still most likely plain text. However, both Google and Cloudflare have two DNS servers that use HTTPS for the address resolution. If you are worried about your ISP snooping around, change your DNS to either one (or just use VPN).

Sometimes websites fail to redirect to HTTPS if you browse to the HTTP version. EFF’s HTTPS everywhere makes sure you are always redirected to the secure website (if available).

5. Prevent JavaScript on all domains

Almost all tracking. Sure, adblocks and tracking blockers take care of most of them. However, their domain lists need to be maintained by the community, which means that not all domains appear there all the time. So is there a way to make sure you don’t leak info to new tracking services?

Yes there is: the answer is blocking all JavaScript and external domain HTTP requests in your browser by default. However, enabling or disabling JavaScript on a browser-wide basis is very tedious.

Thankfully, there exists NoScript Security Suite for Firefox and uMatrix for Chrome to do all the blocking for you. If you use either one, you can set up whitelist or blacklist rules per domain to give you full control of what is executing and what is not. When you first use either extension, it will require quite extensive configuration (rest assured: no website will work properly). However, when you have used either one for a while and configured it to your liking, you will surf way more privately than before.

6. Really need anonymity? Try out Tor!

Tor is an anonymous web browser that you may or may not heard of. I won’t go into the technical details, but it’s got some interesting ideas and technolgoy behind it. Tor also has a relatively bad reputation in many circles since its often portrayed in the media as the tool used for online crimes. However, all it does is provide more anonymity than many other technologies. If you use Tor’s default high secure configuration, you can be about as anonymous on the net as you can be (without extensive training on security practices). If you live in an oppressive regime, Tor may be your only anonymous gateway to public, non-censored Internet.

Sniffie service also has an onion domain, although it has not been publicly announced. If you manage to find it, contact me with the address and I’ll send you loads of Sniffie merch and a coupon to Amazon for your efforts! 🙂

That’s all for today. Hopefully this article sparked an interest in private browsing habits for some of you readers.

By the way, our new website (and blog) should be out sometime next week. Our blog might be a bit quiet until then. Have a nice week, everybody!

Niko / Sniffie