Total Pageviews

Wednesday, 22 August 2012

guide to protecting your privacy


This privacy guide is an ever growing compendium of practical privacy tips that we find to be of benefit to the average internet user. And maybe a few for the pros, too. Do you know of a privacy tip that we haven’t written about? Please send it in and we’ll get right to it.
Starting with the obvious!

Get privacy plugins for your browser

Surfing the internet is like having sex with strangers. Use protection! An ideal setup in our opinion would include the addonsNoScript and AdBlock Plus for the FireFox browser. Both are free and highly customizable.
NoScript will allow you to only enable scripts (flash, java, javascript, etc) that you need the website to run, on a site-by-site basis, while the superfluous and potentially dangerous scripts are stopped dead in their tracks. You can choose to grant temporary or permanent permissions, making it a breeze to manage once you’ve set up permanent permissions for the common, safe objects such as YouTube’s flash video embed, and so on.
AdBlock Plus is an advertising blocking filter that is based on both dynamic and static rules. The addon will sit in the backend and and prevent your computer from embedding pics and code from anything that matches the blocking rules in its huge database. Not only will you prevent these companies from building consumer profiles on you and track your every move, your internet will also appear cleaner and sites will load faster!

Keep your software and browser plugins updated

There have been a surge of severe security holes discovered lately within common media formats such as Flash and Acrobat Reader. Before they got patched, a large number of people viewing infected PDF files or flash movies (such as on a web page) were infected with keyloggers and viruses. Now it is just a question of time before these and similar media formats again are vulnerable, so it is very important to keep them updated.
Acrobat Reader and Flash in particular both have auto-updating features now which you should turn on if they aren’t already. If you are using FireFox, you can visit this Mozilla.org link to see whether your browser plugins are up to date.
Needless to say, keep your browser and OS updated as well. In Windows you can control how updates are handled by selecting Windows Update in the control panel, and most of the major browsers also have auto-updating features.

Enable Do Not Track

Mozilla Firefox offers a Do Not Track feature that lets you express a preference not to be tracked by websites. When the feature is enabled, Firefox will tell advertising networks and other websites and applications that you want to opt-out of tracking for purposes like behavioral advertising.
You can enable Do Not Track by going to Options and then selecting the Privacy section. Finally check the Tell web sites I do not want to be tracked checkbox. While on, the request header your browser makes will always transmit theHTTP_DNT=1 option which a growing number of advertising networks respect.

If you have to look at that strange link someone sent you, at least load it through a web proxy

The average web proxy will not only anonymize your connection, but also strip out potentially dangerous code. It’s not full proof, but it’s a good extra line of defense and it will only take you a second or two to jump through this hoop. Simply bookmark your favorite web proxy (proxy.org lists thousands of them) and you can load it up and paste in the link URL in no time.
Of course, this doesn’t mean that you shouldn’t take the usual precautions in the way of having installed a good suite of privacy plugins, antivirus and a firewall.

Disable cache, file sharing and history “features” in general

The single most important step you can take to keep your private data from falling in the wrong hands is to make sure it doesn’t exist in the first place. Make a habit of tweaking your software to leave a minimal footprint.
  • Cookies: Useful, but set your browser to clear them all out when you close it down. Your favorite websites won’t remember you between each browsing session, but that’s a small inconvenience in exchange for the privacy benefits.
  • Browser cache and URL history: less useful. Almost all of us are on high speed internet now and it’s no problem to re-download images and such whenever you need them. Set your browser to not store all that junk on your computer for great privacy benefits.
  • File history: useless if you keep your files somewhat organized, turn this “feature” off.
  • File sharing: By default, Windows comes with file sharing enabled, leaving a potential security hole. Unless you are actively using file sharing, just turn it off.
Third party software that specialize in deleting and/or managing these privacy breaching data for you does exist. One such solution we’ve stumbled upon is a product called NetDuster. This piece of software will not only purge all cookie and browsing history, it can also handle stored information in applications such as Microsoft Office, media players, and email and Instant Messenger software. This particular solution can also clean up your computer’s registry.

Scrub files for hidden metadata before sharing them

Unbeknowst to the average computer user is the fact that almost all media files have a series of hidden meta data, often of a privacy-compromising nature. JPG pictures created by your cell phone or digital camera contain EXIF data revealing such things as the model of the camera used and in many instances even geo position and the registration name and addressof its owner (YOU). Other files may contain your full name, OS and software license data. Thought you shared those pictures and Word documents completely anonymously? You probably didn’t.
However, it is possible to use software to erase these footprint data without affecting the actual content of the file. There is a lot of file format specific software out there which allows you to view, edit and/or delete hidden tags, but you will probably want an over-all solution such as PrivacyControl. PrivacyControl can detect and strip away privacy-breaching data from all common (and some uncommon) filetypes, and is very easy to use even for a novice computer user. In the freeware department, check out this list of file-specific meta data editors from ForensicsWiki.org.

Be privacy minded if you have to use social sites

  • When registering on a social web site, don’t volunteer information you do not absolutely require the site to have. If a form insists, provide false information. Also use a disposable one-time e-mail address such as from 10minutemail.com
  • Get on top of the privacy settings for your account, almost every social website has them. Only allow what you need to get the functionality that you want.
  • Don’t allow any social site to automatically hook up with your other sites or contact lists, no matter how nicely it asks.
  • Try to avoid using the same username on every site.

Keep it professional on company internet

There is no proof the people who monitor your computer and network at work can be trusted not to save and abuse your password or private e-mails, because there are certainly people whose job it is to monitor your digital behaviour in the average company nowadays. IT staff are under the gun to show productivity for their time, just like you. Don’t give them a target to hit. Your boss knows who the big hitters on surfing the web in your department are. Don’t let any hint of personal matters, family problems, sexual remarks or financial dealings flow through your company computer or network. Company employees are not entitled to privacy when they are on the clock.

Keep tabs on running processes and resource usage

You should keep tabs on what your system is up to at any given time; in fact, it may be your best privacy tip. This can be done by starting the Task Manager on Windows platforms, the keyboard shortcut being CTRL + ALT + DEL.
Learn how many processes you generally have running and what their names are. Get to know the memory and CPU usage of your computer during typical use and you will be more likely to know when unfamiliar processes are running. A persistent process suddenly appearing out of nowhere is a major warning sign.

Unplug when you’re done

In the CIA there’s a truism; computer security is only possible with an air gap. That means physically unplugging the hardware.
So stop leaving your router and/or computer on when you leave home or go to bed, unless you have a very good reason. Any network and any computer can be cracked if someone tries hard enough, and if you are always accessible then the chances of an intrusion are that much higher.