Tools for improving privacy and security during web browsing
The Web’s a wonderful tool that has made our lives easy, productive and efficient in many ways.
The Internet and the Web are so closely woven into our lives today that I hate to think of a world without one. The Web’s a wonderful tool that has made our lives easy, productive and efficient in many ways. But as with every thing good, it comes with its cons. Little knowledge of how the Internet and the Web could be misused, breeds naivety alluring to be exploited.
I started digging into OSINT & internet privacy & security in late 2019.
I found it immensely overwhelming. I get it. I too made many privacy and security mistakes prior to learning. In fact my personal email ID and password was part of a data breach, and I found I was silently hacked. But, you see, I persisted to consistently practice OSINT & internet privacy-security practices. Its very important these days to have a growth mindset when it comes to technology. We carry out so many sensitive activities on the internet,
Banking
Shopping
Subscriptions (Netflix/Amazon)
Social media and sharing of pictures and personal data
and the list can go on.
I came to peace with the fact that I can be easily googled! Nothing can be done about it. I mean I try my best to remove my prints, but as an entrepreneur, I need to be vocal on the internet (blog, Twitter etc). So what can one do then?
You see, you don’t have to be a wizard with top notch privacy and security skills for browsing the internet safely. Safe browsing boils down to fundamental privacy and security awareness. Your journey in this path could be enhanced by using tools that could improve your privacy and security game.
📢 Protect your device
Before you could think of browsing the web, understand that your device needs to be in good health. Given how wonderful the web is, it is also infested harmful websites and bad actors trying to infect your device with malware - adware, spyware, keylogger, rootkit, virus, trojan, ransomware and other threats.
🔐 Tools - Anti-malware/virus Apps
Windows Defender (comes by default with Windows 10)
📢 Use Password Managers
You do not want all of your online accounts to be associated with just one password, however strong it may be.
Even if one of those accounts were to be breached, all your other online accounts associated with that password are at risk. Use unique and strong passwords for every online account you create.
A password manager is an application that generates and stores your passwords for you, so you don’t have to worry about creating complex passwords or remembering them.
🔐 Tools - Password Manager Apps
📢 Activate 2 Factor Authentication
Using another factor of verification besides a password, allows you to have an extended layer of security. It helps in preventing your account from being compromised even if your password is somehow breached or hacked by a malicious user.
There are 3 types of verification factors.
Something you know - This verification factor is something that you commit to memory, like your password, PIN, or security questions.
Something you have - This verification factor is something you possess. This could be your mobile device or a device like an RSA SecurID or a Yubi key.
Something you are - This verification factor is something unique to your body, such as your fingerprint.
Most web applications, however, usually employ the first two factors - something you know and something you have. Hence MFA in such applications is more often termed 2-Factor Authentication (2FA).
Secure your account with a 2FA wherever possible, especially your email, banking, shopping, and social media accounts.
🔐 Tools - 2FA Apps and Hardware
📢 Use multiple email addresses and Alias email accounts
Email hygiene is often neglected by average users. Most do not consider an email address to be sensitive information. Having just one or two email addresses where most of your accounts are linked would prove to be risky.
Compartmentalizing your email addresses (using multiple email accounts) according to the services or applications you use (banking/social media/shopping/junk/personal) is a good way of adding complexity and reducing the chances of an email address being exposed in a breach. Rather than creating separate email accounts from scratch, you could create email aliases so you don’t have to risk giving away your real email address.
🔐 Tools - Burner Email services/apps
🔐 Tools - Privacy focused Email providers/apps (also allows you to create aliases)
📢 Use a Virtual Private Network (VPN)
A Virtual Private Network (VPN) is a tool that helps encrypt your data while it travels through the internet, ensuring privacy.
Normally, your Internet Service Provider (ISP) sits between your device and the internet. The DNS resolution and routing of your internet traffic is done through the servers of your ISP.
So, your ISP would know which website you want to connect to and the website you are connecting to would know your public IP address provided by your ISP.
Using a VPN, creates a secure “tunnel” between your device and the VPN servers. Data transferred through the secure “tunnel” is encrypted. DNS resolution and routing happens through the VPN servers (rather than through your ISP).
Hence when you fire a request through your device connected to a VPN, data is encrypted and sent to the VPN server. The VPN server, then redirects your data to the intended destination. This ensures privacy in two ways.
Your ISP does not know which website you are connecting to and cannot read data sent to your VPN server (since the data sent by you to the VPN server is encrypted).
The website you are connecting to does not know your real public IP address (it sees the IP address of the VPN server).
🔐 Tools - VPN apps
📢 Use Privacy focused Web browsers
A web browser is a piece of software that makes web browsing possible. The web was not designed for privacy and has a constant need to track you and your browsing habits.
Today, you have browsers with enhanced security and privacy features, preventing tracking (from trackers and ads) and fingerprinting.
🔐 Tools - Web browsers
📢 Use Privacy enhancing Ad/Script blocking extensions/Add-ons
Apart from using privacy focused web browsers you could make your privacy more robust by installing ad/script blocking extensions on top of these browsers.
🔐 Tools - Ad/Script blocking extensions/Add-ons
📢 Use Privacy focused Search Engines
Now, you would be well aware that Google search engine is the best one out there and that most of the global population prefer Google search to other search engines. However, it also comes with the caveat that Google collects lots of data about you. It could collect information like your search terms, videos you watch, your web history, purchase activity, your location information through GPS, IP address and a lot more. The information google collects also depends on your account settings. However, if ever you feel google is a little too invasive, you could try using other privacy focused alternatives to google search engines.
🔐 Tools - Privacy search Engines
Closing Notes
It’s okay to be overwhelmed by the frustration of trying to incorporate privacy and security practices to your everyday web browsing. It is not something that can be accomplished overnight. It is a long term process.
Take your time to learn stuff bit by bit. Before trying to use a tool or a piece of software learn the theory behind why you may need to use the tool.
Many would consider what I have listed to be quite a stretch. And that’s okay. Take baby steps and maintain consistency in your practices over a period of time. Things then begin to stick.