How to Keep a Low Profile on the Internet

The Internet is used for 2 purposes: to send information and to retrieve information. When you login to a site, you send information (your name and password). When you read news, you retrieve information. When you read your mail and reply to it, you first retrieve, then send information.

Between you and the site you are on now, the information has many checkpoints to pass. Which, in today’s terms, means many places where your information can be intercepted and used against you by all sorts of crooks.

As a mature responsible adult, you don’t want this to happen and you can’t rely on somebody else to protect you for you. Therefore:

1. Use a decent browser

The one that is safe, fast, regularly updated and can be configured for your personal comfort.

Today there are 5 major browsers to choose from: alphabetically – Chrome, Explorer, Firefox, Opera, Safari. Most of them will warn if you if this or that site wants to track you, or if it’s trying to infect your computer, or if something is fishy with your current Internet session.

* * *

Google Chrome is a very technologically advanced browser. It evolves in seven-mile steps. It fixes its bugs quicker than anyone else. It’s fast like humming bird’s heart rate. It wants to be your pet browser.

Which is exactly the reason why you should not use Chrome for anything important, like banking or buying precious metals. Using Chrome means having the whole staff of Google, Inc. browsing with you, all the time.

Did you notice how frequently Google saves your drafts when you compose a message in Gmail? They want to record your thoughts before you have even formulated them properly.

Mind you, Google themselves are not necessarily evil. Yes, they do collect and process unimaginable volumes of data about every click that happens online. But they do it to make our lives easier and reap a few (billion) bucks along the way.

The problem is this:

When the State runs out of money, it will start looking for every clue that may lead them to a handful of gold bars. Or to a handful of 7.62×39’s. Or to a truckful of Mountain House.

Where will they look for information? They’ll go to Google, because today Google is information. And they will say: “By a totally legal and completely constitutional order of Judge Sqeezeballs, show us the list of IPs that visited the checkout pages of APMEX, Gainesville, GoldMoney, Northwest Territorial Mint, etc (you get the idea) between 2010 and 2012.

I doubt Google will say no. They may not be evil, but they are computer scientists, not fighters.

Use Chrome to visit YouTube — they are both tentacles of Google and you won’t tell them anything new by short-circuiting one into the other. Use it to visit mainstream media sites and WhiteHouse.gov.

Web mail tip:

Use Chrome for Gmail and Explorer for Hotmail. This way the only third party in your conversation will be the company that owns the mail service anyway. If you, for example, use Opera for Gmail, you’ll have 2 third parties for every conversation: Google, Inc and Opera Software.

* * *

Explorer. Internet Explorer, to be precise. By Microsoft. It improved a lot since version 6, but I personally can’t seriously consider Internet Explorer: its long-lasting, overwhelming market presence makes it vulnerable. It’s good for web developers who test their sites for compatibility with Internet Explorer.

* * *

Firefox. Full name: Mozilla Firefox. The AR-15 of browsers. You can ask someone you trust to look at the code and tell you if anything suspicious is going on. I doubt there will be.

* * *

Opera. The only browser made outside of the US, in Norway. Norway seems pretty anal about privacy and individual rights, plus they don’t immediately bend to the US enforcers’ demands. The browser is fast, oh yes, it is. And almost as customizable as Firefox.

* * *

Safari. A brainchild of Steve Jobs, the control freak. Also known as the gateway to iTunes. Some people find Safari good-looking.

1.1 Use different browsers for different tasks

Use one for the things that matter, another for paying the bills, yet another for entertainment. For example, Firefox or Opera for #1, Explorer for #2, and Chrome for #3.

1.2. Use Private Browsing mode

Even though each browser has its own name for the private browsing mode, the idea is the same: not to record your steps in History, not to keep any cookies, not to remember the files your downloaded, not to save your usernames and passwords.

You’ll have to choose: convenience of never having to remember your passwords and web addresses vs plausible deniability. As a sidenote, I find it laughable that this mode is offered in Chrome: wherever you go, no matter how quiet and stealthy you are, you are still hauling the whole Google crowd on your shoulders.

2. Use VPN

If you don’t want your ISP and the rest of the Internet know where you are heading online, use a secure Virtual Private Network. There are plenty of companies who offer this kind of service. I am using StrongVPN (no affiliation besides being their happy client). VPN has a nice bonus to it: you can access content usually closed to foreigners, like BBC in the UK or Hulu in the US, depending on which server you choose.

3. Edit your hosts file

You may want to do this for a number of reasons: to block ads, banners, cookies you never asked for, trackers like Facebook Beacon, nasty sites, and even some hijackers. Here’s how to block unwanted traffic with the hosts file.

4. Never participate in online reviews/questionnaires

Sometimes after you had a conversation with your bank or a major retailer, they will send you an email with a link that goes something like this: “Please let us know if we were helpful, yada-yada-yada. You might win a cap from a bottle of Coke!!!” What they mean is “Please let us steal some of your time and some more of your information to find out a way to screw you harder.” I would sincerely recommend you don’t. They already know more than they should.

5. Resist vanity

Vanity is bad for privacy. I have way too many accounts created only to leave a comment that either shows my alleged erudition or my so-called critical skills. I am past shame, but I do regret it. It was very immature. It cannot be undone: those sites are beyond my control.

But there are few things I am very happy about: I have neither a Facebook, nor MySpace, nor LinkedIn account. I never join any site with anything that comes even distantly close to my real information. I never login anywhere from my actual physical IP (see VPN above). If anyone searched my real name, the latest info he’d find would be from 2006. TIP: Whenever you see a comment form or a registration form, resist their charms.

6. Consider Tor

I did not name this paragraph “use Tor”, because it is too slow for my personal daily needs. Still, I have it installed, because there are times when it comes in handy.  Try it.

Oct 18 2011 update: A comment that deserves higher level of attention (thanks, Denny):

Use as much encryption as possible. And use Tor as much as possible. Use tor when you don’t want your ISP or the destination website to know who you are. However, entities like AT&T and the NSA probably have the ability to trace any and all of your network connections. As they can monitor all of the routers and determine where your connection went. So it is vital that you use encryption as much as possible. Please note, Tor does not encrypt anything beyond the last hop in the tor network. Data transmitted between the exit-node and the destination will not be encrypted by tor. Many tor exit-nodes are run by governments or data thieves, trolling for anything interesting. NEVER USE TOR TO DO BANKING, even with the double encryption.

Be aware, it is believe that tor was developed, at least in part, with help from the CIA. And also, all of the packets transmitted via tor, while encrypted, contain the information that this is a tor packet. So anyone looking at your packets will know that you are using tor. These is no technical requirement for such packet tagging. Many people wonder why the packets have been labeled so clearly if the goal was anonymous communication.

7. Consider TrueCrypt

Let’s say you have a few files that you don’t want anyone to find. Note: not “to find and be unable to open“, but “not to know these files exist“. For example, you might want to keep your browser profile files away from anyone’s curious eyes—at least the profile you use for serious browsing. TrueCrypt is the closest we can get.

Conclusions

  1. It would be naive to underestimate the adversary and believe they are not involved in developing effective counter-measures. Nothing is 100% secure and safe. Your head and heart is the best security combo ever.
  2. Everything above is very easy to integrate into your daily life. I am not a techie. In fact, I can compete with Corporal Private Joe Bauers for the title of the Most Average Man. But I tried everything mentioned above and then some, and found a combination that works for me. If I can do it, anyone can do it.
  3. This article is only a bunch of clues, a launchpad for your own research and experiments.
  4. Don’t trust me. Don’t trust anyone who offers you their opinion on anything. Invest an hour of your time into generating your own knowledge on the subject of your online privacy.

Did I miss anything important?

Did I make a stupid mistake?

Can you expand this article?

Please comment.

Stay invisible inconspicuous,
Mustafa Cohen

11 comments to How to Keep a Low Profile on the Internet

  • Dean

    Great info, thank you! I am going to make some changes right now.

  • Otto Mattic

    Consider how often search history is used by law enforcement to assign guilt/motive/location. Consider how much a major search engine (like Google, which keeps EVERYTHING) might know about you based on your searches.

    Consider http://www.startpage.com.

    Consider that a browser’s covert/private/incognito browsing mode only controls information kept on your local computer; it does nothing to deny sites you visit information about you (your IP address, browser, operating system and more).

    Consider anonymous browsing (search for it).

  • Mustafa Cohen

    @Otto Matic:

    Thank you for the informative comment.

    As for StartPage – in their own words, their search is ‘enhanced by Google’. Look at DuckDuckGo for some more independence; particularly secure search.

    Those who want to hide their browser and OS information deeper might want to take a look a VirtualBox: it’s a computer running on your computer. You can run a virtual Linux machine inside your actual Windows machine, or a virtual Windows machine on your actual MacOS machine. Good when you have plenty of memory.

  • Matt

    Great post man. I know it is mainly associated with torrent use and such but you guys may be interested in PeerBlock.

  • rey

    does it help to use startpage before surfing the net? new member, rey

  • Johannes

    Good advice. Have you looked at SRWare Iron, based on Chromium.

    —-quote from site—-
    SRWare Iron: The browser of the future – based on the free Sourcecode “Chromium” – without any problems at privacy and security

    Google’s Web browser Chrome thrilled with an extremely fast site rendering, a sleek design and innovative features. But it also gets critic from data protection specialists , for reasons such as creating a unique user ID or the submission of entries to Google to generate suggestions. SRWare Iron is a real alternative. The browser is based on the Chromium-source and offers the same features as Chrome – but without the critical points that the privacy concern.

    We could therefore create a browser with which you can now use the innovative features without worrying about your privacy.
    —————–
    found at
    http://www.srware.net/en/software_srware_iron.php

  • Kyle

    People may also want to take a look at the Firefox extension called better privacy. It deletes the “super cookies” that are stored in flash form on your computer. Its one way that they track you to better serve you ads. If you install it you can choose to delete these cookies every time you close your browser.

  • Denny

    Use as much encryption as possible. And use Tor as much as possible. Use tor when you don’t want your ISP or the destination website to know who you are. However, entities like AT&T and the NSA probably have the ability to trace any and all of your network connections. As they can monitor all of the routers and determine where your connection went. So it is vital that you use encryption as much as possible. Please note, Tor does not encrypt anything beyond the last hop in the tor network. Data transmitted between the exit-node and the destination will not be encrypted by tor. Many tor exit-nodes are run by governments or data thieves, trolling for anything interesting. NEVER USE TOR TO DO BANKING, even with the double encryption.

    Be aware, it is believe that tor was developed, at least in part, with help from the CIA. And also, all of the packets transmitted via tor, while encrypted, contain the information that this is a tor packet. So anyone looking at your packets will know that you are using tor. These is no technical requirement for such packet tagging. Many people wonder why the packets have been labeled so clearly if the goal was anonymous communication.

  • intothevoid

    hey mustafa, stumbled across this program a week ago and remembered you had wrote this article last year.

    figured it might be worth mentioning to go along with the other suggestions you had made.

    – Tails The Amnesic Incognito Live System – a live CD+ or live USB+ that aims at preserving your privacy and anonymity.

    https://tails.boum.org/index.en.html

Support our fight with a one time donation.

colloidal-silver-hydrosol-banner-175x263

Over 300+ Videos