TEN STEPS TO ONLINE ANONYMITY
IT MIGHT SOUND LIKE THE QUEST FOR ONLINE PRIVACY IS HOPELESS. IT’S CERTAINLY TRUE THAT IF YOU’RE SERIOUS ABOUT BEING ANONYMOUS ONLINE, YOU MUST PUT IN SOME EFFORT – AND THE MORE TECHNICAL MEASURES AND LAYERS OF OBFUSCATION YOU ADD, THE BETTER YOUR CHANCES OF MAINTAINING A DEGREE OF PRIVACY. HERE’S A SUMMARY OF OUR ADVICE FOR PROTECTING YOURSELF ONLINE.
1 Sign up to a reputable, paid VPN. Ideally, use it all the time; at the very least, use it whenever you’re browsing through a public hotspot. Some routers have built-in VPN capabilities, meaning you can transparently protect your entire home, but remember that you won’t be protected when you step outside your home, or when you’re using a mobile device over a 3G or 4G connection.
2 Install Tor Browser and use it whenever practical. It’s not as fast as your regular browser, but it adds encryption and hides your identity at multiple points along the path. If you have a Raspberry Pi, you can set it up as a personal Tor access point, so that every PC connecting through it is automatically anonymised: for instructions, have a look at the Know How video podcast at pcpro.link/288tor.
3 Be cautious of browser extensions. These can easily compromise your anonymity, as they run locally on your PC and are able to pass information about your browser and network connection to the site you’re visiting – or to anybody else.
4 Always look for “HTTPS” in the address bar of your browser, to confirm that you’re using a secure connection that can’t be snooped on by a “man-in-the-middle attack”. Consider installing the HTTPS Everywhere plugin from the Electronic Frontier Foundation (e.org/https-everywhere) – which is available for Chrome, Opera and Firefox on Windows, and Firefox on Android – that makes your browser default to the secure version of any site you visit.
5 Don’t want your email address to get into the wrong hands? Next time you sign up for a service or access a download, use a made-up address from a disposable inbox provider. Our favourite is sharklasers.com but there are plenty to choose from: you can receive and read confirmation emails at the website, then never check the inbox again. Don’t use a service such as this for important information, though, as messages tend to be automatically purged after a short time.
6 Consider setting up an easily wiped computer for casual browsing. The Raspberry Pi is ideal here, as it’s inexpensive to buy and easy to restore to factory-fresh settings. Holding Shift while rebooting drops you straight into the NOOBS installer, from which you can reinstall the OS in a few taps, wiping all tracking data from on the device. 7 Be wary of following web links in your mail client, or opening downloaded PDFs and other document types that link to online resources. Clicking opens an immediate connection to the remote server, and there’s no way to know for sure what information will be shared with the operator.
8 We’re big fans of cloud backup, but if you really want to protect your privacy, look for a service that lets you protect your personal data with your own encryption key. This ensures that the data on your personal network is never shared with a remote server in any form that could be monitored or stolen – although it also means you need to keep your key somewhere safe, as without it there’s no way to recover your backed-up data.
9 Anonymise your web searches by ditching Google and switching to Duck Duck Go (duckduckgo.com). It’s a silly name but a very sensible service: you get the same results as you would from a Google search, but Google has no record of what you’ve personally been searching for – and Duck Duck Go doesn’t store or share any information about you at all.
10 Don’t use social media – although bidding farewell to Facebook is easier said than done...