The free Internet that many of us loved has become a surveillance web, serving governments and mega-corps, while abusing the rest of us. For those whose eyes are opening to this sad fact, I’ve have assembled this guide.
This purpose of this guide is to make Internet privacy as simple and concise as possible. Our intention is not just for you to understand, but for you to
act upon the information we give you.
Learning to protect yourself online is simple, and does not need to interfere with your daily activity. This is the complete guide to surfing anonymously. What steps you choose to take depend upon what you wish to guard against. Each level will require more work or money to achieve, but gives much greater protection.
Anonymity Level 1: Basic Anonymity
Threat model: Data collectors, Ad networks, Social Networks
Vulnerable To: ISP’s, Government, others on your local network, (some) Social networks, MPAA/RIAA, non website traffic
Almost every site on the internet is linked in some way to data collection agencies, who work with search engines and social networks to create profiles of every person. This is tracked in a wide variety of ways, the most well known of which is third party cookies. A common tactic by someone new to privacy is to disable third party cookies.
This quickly becomes hard to maintain as some sites stop working, and it does very little if anything to protect privacy on the modern internet. A better way is to directly block the collectors on every page, and configure your browser for secure browsing. Here is how to do it.
- Install Firefox. IE does not have the plugins we will need, and Chrome sends a lot of your data back to Google, one of the largest ad networks. (Even Chromium sends data. Use it at your own risk)
- Change your default search engine to Duck Duck Go, a privacy oriented search engine that stores no search history or user data. (Make sure it is your default search engine in Tools->Options->Search after installing the plugin)
- Install Ghostery. This plugin blocks known trackers from loading code on your browser or installing cookies.
- Install uBlock. This will block ad services from sending you ads. This is especially important if you decide not to set scripts globally to off using NoScript.
- Install HTTPS Everywhere. This will enforce an encrypted connection to websites whenever possible.
- Always open in Private Browsing Mode. Navigate to Tools->Options->Privacy, and select “Never remember history”. I actually prefer to leave this one as the default, and open a new private browsing window each time.
- Disable geocoding. Browsers now support allowing websites to request your location information, known as geocoding. I strongly recommend disabling this. It’s a bit technical, but don’t let that stop you! This is the last step before you can browse with more confidence.
- Open a new tab and enter “about:config” on the URL bar.
- Click “I’ll be careful, I promise”. You should see a screen with a long list of options.
- In the search bar, search for geo
- Towards the bottom, find the two parameters:
- geo: enabled – double click to set to false
- geo.wifi.url – double click and set to http://127.0.0.1
Be wary of installing other plugins! All of this will do you no good if you install the Yahoo tool bar or other adware.
Nice job! Your browser will now give you basic protections against tracking.
Anonymity Level 2: Hide from your ISP
Threat model: Data collectors, Ad networks, Social Networks, local ISP, local network
Vulnerable To: (some) Government, MPAA/RIAA, non website traffic
Internet providers frequently track site visits and internet usage. Your browser can prevent the sites you visit from letting others track you, but won’t do anything against the ISP.
The solution here is simple: Use the Tor Browser Bundle.
Tor will also enhance privacy even more than browser configuration alone. This software will mask your IP address and location from sites you visit, encrypt your connection from your PC to the Tor network, and allow you to visit sites without the site owner or your ISP knowing who you are.
Furthermore, it adds additional browser security not covered in level one. The only downside to the Tor browser is that it will block certain types of plugins like some video players and can slow down traffic (when those things would break anonymity).
Forget watching netflix on Tor. However, it is in my opinion the best anonymity software available. You will see more advanced Tor configs further down.
Anonymity Level 3: ISP & Download Protection
Threat model: Data collectors, Ad networks, Social Networks, local ISP, local network, MPAA/RIAA
Vulnerable To: (some) Government, some site tracking depending on browser usage.
Once you are protected against ad networks, you may wonder about other activities that might cause you trouble with various companies. Some users have found Netflix traffic slowed or stopped by their internet provider. Others have tried to access websites and been hijacked and sent to a totally different site. Others have been falsely accused of illegal downloads of music or movies.
Companies with an interest in what you do monitor sites that host material they would rather you not view.
The Tor browser won’t help you stream movies or download files anonymously (though sites like Netflix are moving to block VPN’s). Any program that uses the internet is also vulnerable, outside of the Tor browser itself. At this level, it’s time to look at using a VPN.
A VPN encrypts all traffic between your PC and the VPN provider. You still need to use a secured browser to access websites to avoid tracking, however.
My VPN of choice is Private Internet Access. They keep no logs, are easy to setup, and have good safeguards on the client side to protect you. This is the only thing on this list that costs money, but only $5/month.
I don’t recommend using free VPN’s. By the nature of VPN, if you visit a non-encrypted site, the VPN provider can see your traffic. Free VPN’s often have a business model of stealing your credentials, performing attacks against your session like man in the middle attacks, or injecting unwanted ads onto pages. Avoid them.
If you can’t or won’t pay for privacy, consider using a Tor desktop (covered below) though I still prefer running Tor through a VPN.
For a good list and analysis of VPN’s, take a look at TorrentFreak’s VPN privacy analysis
Finally, whatever you use, make sure you set the settings to include DNS leak protection, otherwise your ISP will still know which websites you visit.
Anonymity Level 4: Ultimate Protection
Threat model: Data collectors, Ad networks, Social Networks, local ISP, local network, MPAA/RIAA, Government
Vulnerable To: Human error
For the most advanced privacy protections, you will need to significantly alter how you operate online. It is not fully known if some government agencies can penetrate the following setup, but as of this writing it is the best known defense against government tracking.
Step one: Ensure you have a VPN setup and running. Enable the VPN kill switch, which prevents you from accessing the internet outside of the VPN.
Step two: Download Tails. Tails is a static operating system that accesses the internet exclusively over the Tor network, providing maximum anonymity. It also protects against common attacks against the Tor network, such as browser exploits.
The main risk when using this setup is making human mistakes, such as logging into an email service that has access to your full name or cell phone number, or giving away clues about your personal information on social media.
The full configuration of Tails is beyond the scope of this article. Once you need this level of anonymity, it is smart to learn as much as you can about configuring technology like Tails.
Alternately, slightly less secure but a good option, is to use Whonix in a virtual machine. The virtual machine and non-static design makes it less secure than Tails for some things, but is an excellent option none the less.
Protect Privacy Globally
The more people that use these tactics, the better off the internet becomes. Consider donating to open source projects like Tor, Tails, and Whonix, and signing up for services that respect privacy like PIA.
After all, if you aren’t willing to pay a few dollars a month for privacy, does it really matter to you after all?
Got any suggestions or question?! Be free to comment or contact me at Twitter.