David Papp Blog

How to Protect Yourself against Online Spying, NSA PRISM/Fairview can spy on anyone

Americans (and now other countries) are becoming increasingly concerned with the online protection of their personal information. There have been numerous stories in the press lately of hacked websites, identity theft, and eavesdropping, among many other alarming “criminal” acts. Recently, the Washington Post ran a story that included the publishing of four slides, all leaked from the United States National Security Agency (NSA). These slides clearly discussed, in extreme detail, how the domestic PRISM program collects its data.

Other countries are also being “spied” on with a different surveillance program called Fairview. A recent example is the surveillance on millions of citizens of Brazil.

Alarmingly enough, the collection process is incredibly simple. All that has to transpire in order for data collection to begin is for an NSA analyst to identify a potential target for surveillance and then ask a supervisor to approve the request. What if you happen to be one of these unfortunate individuals who is targeted? Is there a way that you can forgo the monitoring process and increase your online protection for your data and browsing activities?

Most experts agree that PRISM is capable of creating “wiretaps” on high capacity fiber optics and watches the data flows past. These wiretaps are easily placed at the Internet connections of such noteworthy conglomerates as Facebook, Yahoo, Apple, and Google, with most of their servers located in the United States.

Copies of the information traveling along these optic signals are diverted and re-routed to a location that is specifically operated by the NSA. Here it is categorized and indexed. Afterwards, it is sent back for analysis to the NSA. Most of this collected data is transferred by methods of plain text protocols. These are simply packets of information that contain a simple text header with a clear payload (the actual data).

However, what the Washington Post story also revealed is that when the payload is encrypted, the NSA is typically unable to crack the code. The below checklist includes ways to minimize the threat of potential NSA (and other hackers/spyware/trojans) monitoring for both digital voice and Internet traffic, leading to an increase in protection for your online activities.

1. Encryption of Internet traffic

A sure sign that communication between your web browser and a website is encrypted will be the use of the “https://” SSL protocol preceding the website address. By always typing this prior to entering your URL name into the browser, an encryption certificate will be downloaded from the website automatically (if it supports encryption). If the “https” is not clearly showing in your web browser, then the communication between your browser and the webserver is not encrypted. Check your most commonly visited websites for encryption. Some websites have better encryption than others. You can easily test all websites by visiting SSL Labs.

2. Disable website tracking

The two methods used to protect your site from online tracking include “black listing” (blocking) and “white listing” (approving). Programs of black listing will block spyware. PeerBlock is a good example of a free black list program. White listing programs turn off JavaScript, which is the very common language for programming that is often used in your search engine browsers. This is the language that is most often used for tracking techniques when you visit common websites with minimal online protection encryption. By turning off JavaScript, the spies find it infinitely more difficult to monitor your activities.

3. Search anonymously

Everyone is well aware that Google keeps track of all of our searches and Internet activity. This is how they create profiles on us and generate revenue. Ever notice that when 2 different people search for the same thing on Google, you each receive different results.

There are many other types of search engines which are significantly less concerned with our virtual actions. By switching to one of these other available options, such as Startpage or Duckduckgo, you’ll see significant online protection against unwanted monitoring and tracking.

4. Never trust anyone for your confidential data

If you happen to be one of those online users who is using Dropbox, iCloud, SkyDrive, or Google Drive, your online protection may be in severe jeopardy. Make sure to encrypt all of your files before you transmit them online. Never rely on the encryption protection provided by the cloud provider. AxCrypt is considered a viable choice and complements online storage services.

5. File encryption

TrueCrypt (also free) is a type of encryption system used for scrambling the contents of files. By using this or a similar type of system with a strong algorithm and big “key”, you will be better able to control the access of your files and documents by outside sources through the use of password protection methods.

6. Use traffic tunnels

The installation of a proxy server or VPN network will encrypt your online activity by sending your data to another outside location for decryption first, which will significantly increase your protection. Every time that you transmit data, emails, or web requests of any kind, the Internet tracks your activity through the use of headers that contain personal information of your address, the address of your destination, and the time and date of the activity. Proxy servers and VPN networks obscure your actions and effectively help make them anonymous. Here is an article with a listing of free anonymous web proxy servers.

7. Secure your operating system

Install an operating system that is “read-only”. This will provide significant online protection for your PC against all forms of unwanted programs, applications, and software. Many Linux distributions have the ability to automatically detect PC hardware immediately upon booting of your system. Privatix and Puppy Linux are some good examples for increased security.

8. Use safe text

You might be surprised to learn that all Skype conversations are monitored by Microsoft. Additionally, texting features on digital phones is not at all secure. Most email services do not employ encryption protocols and therefore do not provide online protection either.

Some people try to secure their systems by installing PGP software (Pretty Good Privacy). This is a type of encryption software (supporting email) that attempts to make your conversations unreadable. However, PGP can be difficult to install and manage. There are instead some very reliable phone apps that can encrypt all types of text messages and conversations. Examples include iChat, CryptoCat, and Silent Circle apps.

9. Regulate your voice activity

Smartphones are a wonderful invention, but their lack of security and encryption features leaves us vulnerable to malicious apps, phishing scams, and numerous forms of malware. Microsoft even allows the weakening of Skype voice encryption services to accommodate lawful interception of our signals and voice conversations. Silent Circle launched recently to facilitate end-to-end encrypted communication (voice smartphone calls, conference calls, text messages, video, emails) where the encryption keys are kept by the subscribers and not on their servers.

Of course, even if you were to follow this entire checklist of options, there is no perfect method for protecting your systems from a very determined intruder. These recommendations will definitely make tracking your virtual activity increasingly more difficult. Ensure you research each option before implementing to understand what you are doing and don’t accidentally lock yourself out of your own files.

143 thoughts on “How to Protect Yourself against Online Spying, NSA PRISM/Fairview can spy on anyone”

  1. Thank you! These are really great tips. I usually pride myself on being relatively low-profile, with all of the internet privacy concerns adrift recently, but it’s clear there are a number of things I’m still missing.

    I certainly did not know that Skype messaging is monitored by Microsoft. I can’t imagine what other privacy breaches are out there that are too well hidden for us to even detect. After all, the NSA was already established and doing what they’re now in trouble for before we even knew about it.

    • Yeah, that Skype thing is really awful. I mean, the only thing we wanna do is see some persons, right? Maybe they live far away, maybe it’s all about business or whatever. That’s not the duty of the US government.

      • That’s terrifying. I assume a lot of people talk about private matters over Skype because it’s implied that the conversation is private. It wouldn’t surprise me however, if the EULA when installing Skype says that conversations are not secure etc and that they will be monitored for content.

        Scary though, very 1984.

        • I find it quite disturbing that Skype is being monitored and users are not aware of it. I wasn’t aware of it until I read this article.

          Given this egregious violation of our privacy, it’s worth checking out Silent Circle, as David mentioned in the article. The company has a fascinating story of how it came about, too. It’s clear how committed they are to privacy and free speech. And I must say, I like the name they chose. That’s how our conversations should be, as far as governmental and corporate entities are concerned…silent!

          • The thing is that you can never be sure if the next company or software is more secure. We were skeptical before but now we are even more skeptical.

          • I completely agree, I didn’t even realize this or think about it until it was mentioned here.

            I would also agree it’s definitely worth checking out the other thing’s that he has mentioned in this post, as they all are helpful tips. Although I feel as though some information should be monitored, currently, the spying is too much.

    • I’m not surprised about Skype. I don’t even live in the US so I don’t really know what they can use my info with, I usually just talk to relatives from other countries. Or chat with them about family stuff.

      • I find the thought that I could be monitored while talking to friends or family via cam very disturbing. It’s not the question if they can use that information or not. It’s just the knowledge that it could not be as private as it may feel in a certain situation.

        • I believe that you are not alone in your crowd. It is reassuring that so many people share our concerns. The fact that there are nearly 100 replies to this article verifies our distaste for big brother. I became so angry about PRISM that I covered my webcam up with a sticker. I advise that you all do the same. I have read stories about hackers being sophisticated enough to hack into webcams and watch people as they use their computers and do things in their homes.

          • I agree. I started covering my Webcam with a sticker years ago, even before PRISM, for that very same reason. I saw no reason to make any potential hacker’s job any easier. It always struck me that Webcams have that kind of vulnerability. So keeping it covered when not in use seemed like the only reasonable and logical thing to do.

      • Well, we have to give a try since we now are aware that Skype is being monitored. I can’t believe we’re living in 2014 and this is still happening. It’s like the 80’s all over again! Anyway I am going to give Silent Circle a try and see how it goes.

        Thanks for pointing this out, David!

      • Yeah me too, i’m not a resident of the US but I’m quite surprised though. I wasn’t surprised about Facebook or any other social media but I honestly thought that Skype would have a good security where our privacy would be respected. I guess not! This changes everything.

  2. Bravo. This is the best article that I have read on this website. I am incredibly paranoid about keeping my life private and I thank you for the sound advice posted above. I am going to implement each of these strategies in the future. It is so sad that the world has come to this. It is like the conspiracy theorists were all right the whole time.

    • Certainly when it comes to personal information there is no need to feel bad about being paranoid. While some conspiracists take things way too far, it is unfortunately undeniable that internet privacy is currently compromised. Honestly, I doubt that it will ever be fully restored, or that it ever fully existed in the first. Articles like this will help us adapt to the inevitable future of our digital lives without too much impact, thankfully.

      • Communication is inherently insecure. Online communication is even less secure, so it’s not too much of a stretch of the imagination to envision the privacy issues that arise when large governmental bodies start spying on its populace. Some say that it’s just the natural evolution of what privacy entails – perhaps online usage is simply a medium that requires you to forego the right to privacy.

      • I totally agree. It is like the conspiracy theorists were right all along and everybody else was the real nutcase for placing their trust in authorities. These are very scary times. I don’t think I could bring a soul into this world. Privacy is a relic of the past. It’s so gross.

  3. This is such a wonderful and informative overview of how we can avoid much of this intrusive and disturbing surveillance, spying and, frankly snooping, from so many entities, not least of which the NSA. I greatly appreciate it.

    I have long been a fan of alternative search engines as I find Google’s personalizing of search results to be unnerving. I also use sites like Page Wash for anonymous surfing.

    I knew much less about other ways to stay safe such as using PeerBlock. I was also not aware of the various phone apps. I am glad to see that there is so much that I can do as far as protecting my surfing, chatting, surfing and other communicating in the digital world!

    • If you are concerned about Google’s personalization system, then I would suggest DuckDuckGo.

      • Out of curiosity, how much does that really help? I mean, if the NSA or some other governmental body is monitoring the internet from the traffic itself, does it really matter? Or are you just suggesting that it would negate the fact that in addition to unscrupulous gov’t agencies, you can also prevent Google from snooping?

        • As I see it, there are still several ways by which we can be proactive and secure our privacy to the degree that we are able in spite of the invasive efforts of Google and other corporate entities or governmental entities. At least we have that choice. I think it’s important.

          Rather than feeling despair or resignation, there are steps we can take. If we don’t want Microsoft listening to our Skype conversations, then there’s Silent Circle as an alternative. We can choose DuckDuckGo instead of Google, and so on.

          People will have to make that decision as to what their priorities are. Some do not have the awareness of the degree to with their privacy is violated. Either that or they know and don’t care. Others do know what’s going on and don’t like it.

          • Well, it’s unfortunate because the average consumer (internet user) will simply defer to convenience over security. There may need to be something more galvanating than the Snowden leak to truly rile people up in to pursuing alternative options.

  4. To be honest, I’m aware of some of these issues(privacy invasion and safety measures) but I really have not been barricading myself. Perhaps, it is because practicing some of these measures isn’t all that easy or maybe I’m just lazy. Although, personally I’m very careful about sites I visit, and don’t trust any site with very personal information.

    • If you think about it, with the 300 million or so Americans around, what are the odds that you’ll be singled out right? It’s not the best way to look at it, but at the end of the day your actions will reflect the degree of scrutiny any governing body looks at you with. If there’s nothing wrong with you on paper or otherwise, you should pass through the filters with relative ease.

      It’s still very wrong in principle, but it would affect you less as an individual.

    • I also am not completely protecting myself on the Internet, partially because I’m lazy and because I chose a little bit of convenience over privacy. Of course, I would definitely not give away my personal information for free online and check that payments are being processed securely, but things like cloud storage of files and easy voice calls over the Internet have spoiled me. I’m a supporter of privacy, but sometimes convenience, laziness, and functionality win…

  5. Thanks! These are really useful tips. I never knew how easy it was for someone to “spy” on others. Its kind of scary when you think about it.

    • It’s really not THAT easy – it just so happens that the people that are doing the spying have dedicated a LOT of money towards developing resources that allow them to spy with ease.

      You’ll have difficulty finding too many people that can casually snoop on you without at least a bit of training.

  6. This list is a great place to start, though my understanding is that standard encryption techniques can be broken with relative ease by an organization with the vast resources of the NSA.

    If you apply these tips to your regular usage of the computer, it will aid in being hidden from OTHER groups such as advertisers and snoopers, but bypassing the NSA will take more than over the counter software and whispering.

    • I don’t think you can bypass the NSA. All experts say that this is not possible if they want to get your data. So the only realway to be totally secure is to do nothing online. And surely that would catch their attention even more.

      • Good point, I guess by trying to bypass “them” is only going to red-flag yourself even more quickly than blending in with millions of other internet users!

  7. Thank you for covering all possible security concerns you can think of. I’m actually sweating as I read this article thinking of how vulnerable most people are to online espionage and more. It’s kind of hard being more mindful of one’s online activity but with baby steps, I might just be able to protect my privacy.

    • I am a UK resident and l was watching RT news today and guess what came out? The UK and USA have found a way to crack private web users encryption codes, the Guardian newspaper and a New York newspaper have reported this story according to RT news. This has me seriously thinking about using encryption software because if the government can crack it what’s the point in having it.

      • I need to disagree with this type of point of view. The point behind all security is to be a deterrent. Yes nothing is 100% secure. And it can definitely be depressing. However does that mean you don’t close the doors and lock up your house when you leave? It is even more common knowledge on how to pick a lock than it is to read something encrypted. Same thing with passwords. You don’t use 1234 or password, you need to make it more difficult. You shouldn’t use the same password everywhere. It makes it too easy and you become the low hanging fruit that people go after. Generally there is so much low hanging fruit that it isn’t worth the time and effort of the “bad guys” to go after something that even takes a slightly higher amount of time.

        • Great analogy. I read something similar too, but you really put it into perspective.

          Although no security guarantees 100% security, all we can do is put in all the locks that we can and hope for the best.

          Atleast we’re not making it easy for them to access our data.

          • That’s also how I see it. We don’t have 100 percent security anywhere with anything. It is up to us to assume the responsibility to be proactive and do what we can in the virtual world as we do in the real world.

            The first step is accepting the reality that we must protect ourselves to the best of our ability. It is a much more empowering mindset. And once we have taken these precautionary steps — many of which are not difficult — we will feel even more empowered.

      • Yeah, I’ve read about that too. At this point, I’ve relaxed and thought I won’t ever have a perfect defence against online spying. But if you could lessen the risks, why not? Also, most people don’t really know where to start, this is a good place to learn about protecting one’s security. Once people learn the basics, they can move on to better security practices. Now, isn’t that at least worth something?

  8. Thank you for these great tips. You can never bee to safe when it comes to your privacy. Especially on the internet. People are being hacked into every day, sometimes losing money or their identity.

  9. Great article! In today’s day and age it is very important to follow these guidelines whenever dealing with sensitive information, especially info such as credit cards and bank accounts.

    You can never be too secure when online, so every step is important in our and our data’s safety.

  10. This is a great article but its hard to believe you can protect yourself now when there is new information everyday about the NSA and online spying. Today it was announced that they could crack the toughest encryptions

  11. This is an interesting and useful article, as the previous commentators have said. I must admit, this “spying” thing doesn’t really faze me. I think the fears and concerns have been played up by our own paranoia and the media. What is a concern are hackers and other “bad guys” who could try to hack into my personal information. The type of precautions outlines in your article are good for protection against this too.

    • I’m more worried about cyber criminals more than the government too. It’s good that the tips David gave provides a blanket protection from suspicious activities in the internet, no matter where the threat is from. Aside from concerns directly involving money, the fact that identities can be compromised have also added to people’s fear for their privacy.

      • Yes, we would more directly and measurably be impacted by hackers and other cyber criminals. Those risks are still present. While we do what we can using David’s tips so as to avoid being tracked online by various entities — both corporate and governmental — there are still those trying to steal our passwords and/or our identities or to infect our computers with viruses.

        The virtual world, like the real world holds dangers that we must defend ourselves against. It’s like walking down the virtual dark streets with virtual pepper spray in hand.

        • Actually, I just thought about it more and it’s possible we may also be in danger from the government. There might be a bad apple in the group who just might abuse their political powers for self gain that can also compromise our identities. Just a thought, although as people said, it’s unlikely I or anyone of us would be targeted.

          • That’s a good point. The NSA and other governmental entities are comprised of human beings and as such we just never know what kind of motives and impulses may drive some of them. Having that kind of power and capability can change people, and not for the better.

            Regardless of how likely it is that we as individuals would become victimized by an abuse of power, it still looms as yet another potential threat. I think that’s the problem with this mass collection of so much digital data; it raises so many issues and concerns that previously did not exist. We are left to react in some way, whether in outrage — even as learn more about how to secure out Internet privacy — or in acquiescence.

  12. Wow! Thanks for these great tips. It’s kind of creepy knowing that the NSA knows everything about us, what we like, what websites we use, and any personal information we have ever given out online. I’ll definitely try to use these tips to keep myself more secure 🙂

    • Glad you think that way too. But we all should be aware of the fact that it’s always just a relative security. If the big players want to know what you do there is no way to prevent that except to do nothing anymore.

      • Or we can just hope we don’t stand out enough for NSA to not notice us. 😉 It’s kind of sad though that some of us are just relying on the small probability of a regular person to not show up on the NSA’s radar and that it won’t be us. It’s the way of the current world, although as long as there’s a little bit of something that can be done to make spying harder, I’ll do it as a way of saying I’m not cool with them poking my privacy.

  13. You know, these are all good tips for staying safe online, but I think NSA has just turned into a big buzzword to scare people. Nothing against you, but I just hate seeing it everywhere. I don’t think people should be worrying about it as much as they are. I mean, again, this is a great article for staying safe in general. But saying NSA is pretty much guaranteed attention these days.

    • I think I’m fine with it. It’s better to get people educated than remain ignorant of the security and privacy issues we’re currently facing. The onus now goes to the writers/journalists that discuss the NSA, and to clarify the real danger. A good example of this is also engaging people in discussions such as what David is doing.

  14. I find that this all this effort to hide from people spying on us, isn’t really worth the effort to keep myself anonymous. I personally really am not afraid of the NSA spying on me because I have nothing to hide. It’s not like the people reading my messages would affect me personally. The list of the thing to help me protect me from people spying on me really is great and would really help to keep someone low profile if they wanted to but it seems like a hassle to do.

    • I would imagine that the majority of people do not have anything to hide. My concern is the encroachment of our civil liberties not just in the U.S. but everywhere that the NSA is tracking people. This kind of conduct on the part of governments was once considered characteristic of totalitarianism. It was like George Orwell’s “1984,” and Big Brother watching everyone mercilessly. It’s disturbing to see this fictional dystopian world becoming reality rather than remaining a cautionary tale.

      But still in this day and age we are fortunate that we can take some steps, as detailed in David’s article, to minimize the tracking from some entities, as well as to protect from hackers and other cyber criminals who would do us harm.

      • Great point. Just because they can and it’s not harming people doesn’t mean they can just snoop at everyone’s private business.

  15. Funny how all these techniques are things that paranoid hackers have been using for quite some time. Paranoid eh? Who is laughing now. Personally, I have been using the tor browser a little bit. The most esential was using a proxy to go on Facebook from China. That felt illegal. 😀

    • I think technology upped the standards on paranoia these days. What David suggested are still simple tips and as nonsiccus said, these might not be enough to stop the NSA if they choose to be more persistent than usual. I’d guess that paranoid hackers are employing more advanced techniques to elude the authority.

    • Actually a lot of stuff that is said to be paranoia or a bad conspiracy theory turned out to be right. I guess the problem is that all of this very good or accurate stuff often is mixed with nonsens so most of the people won’t take a further look.

      • Yes, that is the problem. The far-fetched conspiracy theories that are purely speculative and not based on any factual data are often ridiculed. And unfortunately the real conspiracies are overlooked and dismissed along with them.

        For years, those whom we might want to call “conspiracy theorists” have been warning about this kind of overreaching government surveillance and now the NSA has been exposed for what it is, and it is conspiracy fact.

        • And yet most of the people don’t really seem to care. There are a lot articles about it now and of course there are more people interested in the topic than before but do we see a real “veto” by the people? I guess not.

          • Yes, that’s the problem. There are relatively few people who care. In the U.S. the latest Rasmussen poll from a few days ago shows only 39 percent of the people polled think that the NSA spying is a “serious scandal” and 21 percent think it’s “no big deal.” That’s really not a lot of people. I tend to think that’s relatively accurate since we don’t see a great deal of collective outrage and protest.

          • From my experience, most people wouldn’t really worry about almost anything until it affects them directly. It’s very lazy and usually people regret not taking precautions way after the damage has been done.

    • I don’t really see whats so funny about it. I would understand why hackers needed to do these things before but its come to a point where everyone with a computer is being screened. Privacy should be an international right.

      • It’s sad but our privacy is a commodity big organisations have started coveting. The trend these days is to make light of privacy and mostly reward sharing personal information with attention. More emphasis on how cool things are and dismissing the privacy aspects of recent technologies.

        • Exactly. It’s like social conditioning. Those who still value privacy and don’t want to share the details of their personal lives are perceived as being paranoid and/or as having something to hide. They are somehow not the norm. They may be scorned, ridiculed, scoffed at. Yet this isn’t a surprise as those who still value privacy are a threat; they could reawaken that instinct in others. So far better to be dismissive of them.

          Yes, unfortunately, I see this trend accelerating. It’s disturbing.

          • As much as I say how I’m worried about my privacy and security, I’m still not going to freak out if the future totally changes how we view privacy. It makes me wonder how many people feel the same. I mean, I’m sure we have the knowledge to fight breaches of our privacy but it’s sort of like a rolling snowball that gets bigger and bigger with each technological advancement.

  16. Aside from the more technical counter measures you have provided, I feel it is also necessary to cover yourself regarding social engineering attacks. Your list offers suggestions to users who have sensitive security information they really need to safe guard, and are a little more tech savvy to boot. For the average joe trying to avoid snooping from a stalker, the user has to consider what information they have out there that can tied together for access into accounts. Social engineering attacks can be simple or quite sophisticated, and can be done by anyone who knows how to piece together information.

    So in addition to your list, I would suggest that people scrutinize their security answers. Don’t set them as your mother’s maiden name, don’t set them as your city of birth, don’t set them as your pet name, etc. If your family member can figure out what your security questions are, avoid them. A close friend could just the same find ways to pull that information through your social media, or what they know about you in person, and access your account through “Forgot my password” procedures, resetting your password and locking you out. Even a total stranger with a fixation on their subject could piece together information for their target, depending on how much information that target puts out there, and how simplistic their passwords and security questions are.

    • Yes, those are all good points. Social media has a dark side. The problem is that people are freely — even recklessly — sharing so much personal information and not thinking of the consequences. As you point out, those details that are often used for security questions could be extremely dangerous in the wrong hands.

      That’s the irony, that so many are so willing to share so much that the value as well as the safety of privacy is lost. I suspect that kind of attitude may be underlying in those who say they don’t care about the NSA spying and snooping.

    • Wow, that just reminded me of this magic/heist movie called “Now You See Me.” The movie itself exaggerates a lot but it did make me wonder what type of info I have online which people can use to guess my password or security details.

  17. That’s the article I was awaiting for because it has nearly everything in it you need to know. Of course it can’t stop here and everyone has to educate himself further but it is definitively a good start. I would maybe add that Linux is more secure than Windows.

    • @David: what do you say about such programms as Paypal? I know they are not safe but are there any alternatives that are not so much in the focus but do also the job Paypal is supposed to do? Would be nice to have some suggestions.

      • PayPal is similar to online banking in general. The “Verified by Visa” is a really good program for those vendors that implement it, it is an additional safety measure for your credit card transactions online. Personally I am in favour of having a second credit card with a small limit. Use that card for your online purchases. If something were ever to happen, it would minimize any issues because of the small limit. Don’t use your main credit card for online purchases.

      • We have a bank service in my country that allows us to use a card with PayPal even though it’s not a credit card. I’m quite satisfied with it since it similar to what David. Because it’s not technically a credit card, i don’t foresee any issues that would lead to lots of fees if ever my banking info gets compromised.

        • And I wouldn’t say that using a credit card makes the whole thing much safer or more anonymous. What about paysafecards and such things? I thought more in this way.

  18. I don’t know if they are completely necessary. I feel only seriously paranoid people would actually take the steps to do all of this. I understand that data on the internet is being monitored but using stuff like VPN’s seems to be taking the whole “privacy” thing pretty far.

    • I don’t really recommend using VPN all the time. It can slow your connection more that it already is, depending on the location. For me, I only use VPN for region-locked online content, not really for privacy.

      • Well, but it is really good for privacy. Of course it slows your system down but you can decide whether you just wanna browse fast and hav the joy to get all those more or less necessary benefits that come with it or if privacy is worth a slower connection.

    • Not things like VPNs take the privacy thing pretty far, the actions by the NSA do. People caring about their privacy and taking the steps David mentioned in his article is just an answer to this. So let’s say your neighbors spy on you all day long – wouldn’t you do much to respind to that?

    • I definitely agree, not all measures need to be taken all the time. But a few of the tips mentioned here are easy to implement and can go a long way so are worth implementing.

      • I also agree. I see it as being proactive just as we would do in daily life. Privacy is not a given, unfortunately, so we must take steps to preserve the privacy that we do have. Many of these steps are quite simple. Anonymous searching, for instance, is just as easy as using another search engine.

        It’s just as it is in the offline world where we take precautions without even a second thought. For instance, we wouldn’t walk down the street with a dangling wallet just waiting to be snatched by the most amateur of pickpockets.

        It’s the same with the online world. Why make it exceptionally easy for our privacy to be violated?

  19. Well explained and great article about online privacy. Searching Anonoumsly and Website tracking are the most vulnerable part of all about privacy because more than 10% internet users search in web daily and almost all websites are keeping data about us. Although google has option to delete search results after we log in to the google account under search control panel but I am not sure if they will delete them. So I mostly use Incognito browser but still I feel they trace all activity by IP.
    Now, even facebook is tracking out of their site by cookies and still all this big company pretend they are on support of privacy in internet.

    • I agree. I too must say that I don’t feel confident in such assurances from Google to delete the data. Far better for them to never have it to begin with. We are fortunate to have other search engines. DuckDuckGo is quickly becoming my favorite ever since I first learned of it. Their Firefox add-on is quite handy.

      As for Facebook, they have seemed to be the enemy of privacy for a long time as least as far as that of their billion-plus users. It’s always a challenge to have to keep changing settings in Facebook to maintain some measure of privacy since the default mode nearly always is to make everything we share public.

      • The things I read here make me think of using Firefox as my default browser again. :S I’m sort of spoiled though by Chromium getting all my passwords and bookmark linked to my Google account even though it’s not the safest thing to do.

        • Yes, unfortunately we do face the dilemma of making tradeoffs between convenience and security as well as privacy. I switched to Firefox long ago, after having gotten my browser hijacked when using Internet Explorer.

          In an ideal world we never would have to face these issues, but alas, our virtual world has many threats and dangers as does our physical world.

          As for passwords, I have found that memorizing many of my passwords has been a good compromise thus far. I use mnemonics and make sure that references are quite obscure and known only to me.

  20. Okay, JavaScript off!

    Online spying is a big concern of mine and should be everybody’s concern. Technology makes it so that you can’t do anything, or say anything without someone watching or listening. The people in power and governments are to blame for this abuse of technology, and frankly, I think its immortal and an offence on humanity. Soon enough, you wont be able to go to the toilet without being watched. We live in a world were privacy is on the brink of extinction.

    • Java Script off – yeah but much stuff on the internet doesn’t work anymore with it off. It’s a shame that you have to choose between privacy and ease of handling. There is so much technology out there it should be possible to have them both.

  21. Holy Smokes, David… AxCrypt is awesome and a very welcome addition to my “keep your nose out of my stuff” arsenal. Also, I didn’t know that DuckDuckGo had a Chrome extension – or how important it was to surf anonymously. This is one of the most technologically useful posts I’ve read in a long time. Thank you!

    • Startpage is really good too, you can choose it to be your standard search engine. But I somehow have the problem that the results there are not really that good though they claim that these results come from Google. Anybody else with this experience?

      • This is the first I had heard of Startpage. Thanks! I checked it out and did a couple of side-by-side comparison searches that I needed to do anyway. The results appeared to be identical or virtually so. I will add this to my arsenal of anonymous search engines.

        I used to use Scroogle all the time until they were shut down. That was so unfortunate, as I really admired and appreciated their commitment to Internet privacy.

        • It’s a really nice site and David mentioned it in his article too. They have a lot of options and I guess you can optimize the results a bit. I am only using startpage anymore and they plan to open a secure email account too.

          • Ah, yes, Startpage is mentioned in the article alongside DuckDuckGo. I missed that one in a previous read. There are so many resources listed in the article and what I appreciate most is that they address so many different privacy concerns. That’s why I have this page bookmarked to check back as I continue to work towards securing more privacy in all the many ways that are still available to us.

            As for email, I used Hushmail years ago but then I gravitated to Gmail. I think it’s time to revisit Hushmail.

      • Nice to know StartPage has identical results to Google. I’ll check if I can also get the other features I like from Google. I might try that one after I read more about privacy/security measures suggested by David’s post and by the comments.

  22. Thank you for this. I guess it is sometimes necessary to track “bad people”. I will follow your tips just for a little privacy but even if they put tabs on me they won’t find anything interesting. They will just get a lot of spam from my email lol and hear a lot of conversations about work. I heard from a techie friend of mine not to search for “hot topics” that may make them think I am someone who is interested in “destroying the world” because they might just check me out.

    • But tracking bad people is somewhat different. Tracking in security concerns means tracking just everyone to have data to sell and to show personalized ads. That’s just not something we can accept.

      • Yes, I agree. This kind of behavior done by an individual would be considered cyber-stalking. It’s unacceptable and illegal in some places. Yet corporate and governmental entities seek to justify it and, at the same time, employ social conditioning to get us to consider it acceptable in a dangerous world. As if basic human rights — including the right to privacy — must be suspended for the greater good.

  23. Personally, I feel quite good about using Paypal. It’s not because they can’t be hacked. They certainly do get hacked. It’s because they have a very tight security team of people working there actually catching hackers and having them areigned on charges. Most criminals won’t use them because they are afraid of getting their jail terms increased. They instead use Western Union money orders and wired money tap. If you are selling a product online and buyer asks to send the pay by wiring it, don’t even go there. Call the bank and report it immediately. Then report it to http://www.fbi.gov. Also report it to the service that they buyer used to contact you, with this info. Keep yourself informed and educated.

  24. Nothing in the world is 100% safe. So It’s good know what is safer and to be proactive in taking those steps for ours systems and ourselves.

  25. The best protection against such spying programs is to encrypt as much as possible, and not use backdoored software (the only way you can be sure about this is to use open-source software).

    A nifty list to assist you with making ‘better’ choices is: prism-break.org, you might want to check that out!

    It’s a shame such actions are needed, but sadly this amount of paranoia is required to have some privacy online.

    • Thanks! I didn’t know about prism-break.org. That’s a great resource. I’m amazed to see all the choices we have. Although, as you point out, it’s a shame that we need them.

      Lots of options for all kinds of online activities in which we want to take back our privacy, from data encryption to email and so much more. Very impressive. I’m adding MetaGer to my list of preferred search engines, for instance.

    • You are correct about encryption. That is the best way to protect your data and messages. I will have to give prism-break.org a chance. I heard about that from a friend but didn’t remember it until you posted the site. Thanks for the reminder. We all want our privacy back. Unfortunately we have to go to great lengths to take it back.

      • Thank you for letting me know about Startpage and Duckduckgo. I will look into them for my protection.

        • Yes, they are both very useful alternatives to Google. The other favorite search engine of mine which I just discovered from prism-break.org is Ixquick, which is a metasearch engine, run by the same company that does Startpage. They say they return results from upwards of 100 sources, excluding Google. It’s very good. I had been using Dogpile for metasearch, but I like this one much better, plus there’s privacy!

          • Thanks. I’ll give lxquick a shot as I haven’t really been impressed with the search results from duckduckgo. I’ll also try dogpile as I have not given that one a shot yet either. At this point I’ll try anything but google as long as I have my privacy.

    • That’s a pretty good website. It does suggest against using Ubuntu because of the Amazon thing associated with the Unity desktop environment but there are ways to work around it, which is good.

  26. Wow, like many others I did not know about how Skype conversations are monitored. There are some great tips here and most the average person wouldn’t know about.

    I must admit that I am pretty sloppy when it comes to maintaining a low profile so to speak. I use chrome which probably isn’t a great idea when it comes to privacy, but I think the trade-off is speed and ease of use…

    • And the Google features. They make me hesitant to leave Chrome although security should be the first concern. I’ll see if I can replicate features that I like into a more secure browser, I guess. It might take quite some time though.

  27. This is a great list for it covers a lot of stuff that the average Internet user takes for granted. The fact is, our activities online lull us in a false sense of privacy and it really helps to be reminded of this every now and then.

    I also recommend though that we also keep our behavior in check when doing things online. Assume that everything you do is being tracked and documented and take measures to obscure these activities so that it would muddle data gathering.

  28. Great Tips David, though I agree with most of what you say however I must clarify that the usage of a Free VPN can do more harm than good. As you have no assurance that the VPN provider is sending the data to the authorities. Always use a Paid version of a VPN. With that being said I must also add that while a VPN is not the “fix-all” solution, it does help lessen one’s metadata IP footprint.
    These are the words of the CEO of TorGuard VPN, he himself admits that VPNs may not be the ultimate solution. (You can read the full interview here: http://bit.ly/1cavo1C) Complete Privacy also depends on how much information we give to the internet.

    I made a presentation on slide share you can check it out: http://www.slideshare.net/odinforce/interview-highlights-of-tor-guards-ceo

  29. Thank you for posting this. Ever since the story leaked out about the government being able to track us, it’s made me nervous. I don’t do anything wrong online, but I do like my privacy. I am going to start to follow some of the tips here. I think it will also help to protect me against hackers. Thank you for posting this.

  30. Why do I feel that no one cares about my personal information, haha.. Anyway, of course I don’t easily divulge my bank details, but in terms of the suggestions above, I find them a bit too much on the safe side, maybe paranoid even.
    I limited Skype use and shifted to Viber and Line. Didn’t use Snapchat since recently there was news of a hack. Lucky me.

  31. Useful tips that should be followed to ensure online safety. The biggest threat isn’t NSA or similar agencies but hackers and others who want to steal your information. By implementing these suggestions your online presences will be safer for you and safer from others you don’t want seeing private data.

  32. Wow. This was a very informative post and and also an extremely important one.
    Learning how to encrypt your files, internet traffic and for exaple your point on voice activity can seem pretty overwhelming. But thanks to software like TrueCrypt(as you mentioned) they all of a sudden become less overwhelming. Much more userfriendly and accessible.

    I’m extremely glad you brought up all the cloud sharing services in point number 4, because people need to be informed about it. I personally have stopped using them!

    Thanks a lot 🙂

  33. Well, this is incredible. Thank you for shedding some light on a subject that I know little of. It is unsettling to think that someone may be spying on me, but the possibility that it is actually happening is not too far off. I may not be hiding anything, but I believe privacy is of great importance for any human being.

  34. Informative article. I always use the “https://” protocol on most sites whenever possible. I have used PeerBlock while doing confidential work. These days, no one is concerned about their privacy at all and people treat it as a piece of cake. This really helps the companies and the government steal their data. I also suggest using open-source software. The source code is open and you can verify the source code at any point, hence making them trustable. Also, never ever download stuff like ‘free toolbars’ or ‘free smileys’, etc. No one needs them.

    • I ALWAYS use the “https://” protocol when accessing my bank page, ALWAYS. They told me a while ago this was the only safe way to access you bank’s page. So been doing it since then, since this crappy bank doesn’t allow you to use one of those key thingies to access your account safely every time.

      So always use that protocol, because you never know when you could be actually accessing one of those phishing sites. I’m also careful with messages in my mail.

  35. I am surprise that a common person’s website like a blog could be spied on. You wrote, “White listing programs turn off JavaScript … with most of their servers located in the United States.,” that was a shock. Do other countries do this to their citizens?
    People I know have Skype just for fun. Now learning that that can used against you.

  36. This is a pretty insightful article, and I have to say it scares me because of the degree of power they have over us, and an obvious breach of users privacy. One tip that I can recommend to be completely secure is Tor though. It encrypts your network traffic in such a way that it’s virtually undetectable, even for government agencies. It also has a mobile phone app, and although the government is trying hard to remove Tor, you should use it while it lasts because although some of your network speed is being compromised, it’s worth it if you want to the privacy.

  37. Thank you for these wonderful tips. Seriously this is the way to keep the NSA off you until some law is put in place to stop whatever surveillance they’re doing. In short, just keep yourself anonymous. Don’t be one of those people who feels the need to post everything that you do on the internet and the NSA will have no power whatsoever. Encrypt your traffic, use a Linux install if you’re really paranoid and you’ll be alright.

  38. I think the best you can do is just don’t go slack when it comes to your important data. Almost everything today is monitored, I even turn off my webcam and put a tape on it just in case somebody is watching. Also if you’re going to do some searching, I suggest use DuckDuckGo instead of Google.

    • I used DuckDuckGo as my default search engine before and I got to be honest it’s not as good as Google. I thought it’s just a matter of getting used to but I think Google is really the best that there is.

  39. Thank you for all of these tips. This issue has been in the news a lot lately and admittedly it has made me more paranoid about where my information is going. I try to use encrypted sites when I can. I wasn’t aware that you can disable tracking so easily. Definitely going to be doing that from now on!

  40. These are all really great tips, but in my opinion, if you haven’t done anything wrong, what do you have to hide? I think the NSA should only monitor for certain activity, not for everything you do. Although, if it gets too far to the point of monitoring private webcams, than that’s a problem.

  41. I truly appreciate all the info the article is excellent, but I honestly doubt I’ll ever go thru all that hassle! Mostly because I’m not tech savvy 🙁 I’ll definitely not use traffic tunnels or file encryption, at least not for now.

    I’d need my really tech savvy friend to teach me how to do it! But I’ll definitely be careful with what I talk about on Skype, I had no idea we were being spied while we are supposed to be having a very personal and private talk with someone over there. Not cool at all!

  42. Very scary that tips like these have to be followed now in order to avoid government spying. Even those people who know that they are innocent need to heed these warnings. Despite the fact that you may truly have nothing to hide, the government can still twist the information they have to make it prove whatever they want to. Thank you for this article.

  43. This is a pretty good article to defend against wiretapping and spying, along with attacks from data thieves. It’s pretty amazing that we live in a world where it’s so easy to gain enough information about a person just by looking at their social media profiles. It’s important to keep this data safe and also private so that malicious individuals do not use it to take over our digital lives.

  44. Thats alot of work for internet privacy. HOnestly I dont care if they see what im doing or not. I have nothing to hide. Its too much work doing all those rediculous things.

  45. Wow, I had no idea I was so vulnerable online. These are some great tips. Thank you so much for taking the time to share them. I actually worry more now about thieves than the government. Online thieves can do me a lot more harm than the government. My cousins a few months got her identity stolen and she’s still trying to recover from it. So, anyway, with these tips, I can now hit “2 birds with 1 stone”. 😀

  46. I have always wondered how people’s videos from skype end up on the internet. Microsoft should really look into this issue. People do the craziest things when they are having conversations with their friends or loved ones. No need to broadcast this to the entire world.

  47. I like to think that I’m also quite low profile but I realize that over time I’ve so easily given away a lot of my personal information. And it is crazy how much information we’re happy to give up online to people we never get to see or meet.

    We all no that security is an issue, but we often just pay lip service to it. I think we just behave in a very trusting way – probably too trusting.

  48. I was actually quite surprised that there were so many things a person could do!

    For an example, the https method was new, and honestly, it’s quite genius. I was also (although I should not have been) surprised at how much information could be collected. I mean, Skype conversations? It’s not going to stop me from chatting on skype with my friends, but it’s pretty alarming that they have the access to that information
    Overall, a very informative post! Thanks

    • I was told about the https method by my bank, they told me that was the safest way to access one’s banking web site online, otherwise you could end up going to an hijacked web site or a fake one, you never know! So I always access my bank account that way! Because you just never know!

      As for Skype, I find that very disturbing. Do you think they also have access to the pictures people send over there? I’m pretty sure they do, and that in my opinion isn’t cool at all, I mean, some people don’t like the idea other people look at the pics of their baby… hence they send it only to the friend they want to send it to via Skype. Not cool at all.

  49. Yes, I have noticed that Google gives people different results but I had no idea that this was related to your browsing activity. Quite an unsettling thought but I bet the reality of the situation is that they are collecting far more data about our activities than we realise. Thanks for providing some suggestions on how to circumnavigate this.

  50. Thanks! These are a great list of websites and resources! I had tried a few easy things – proxy, NoScript etc, but NoScript actually is very annoying. It feels like using it, I have to make the choice between a comfortable browing experience, and a safer one.

    I look forward to testing these. And I thought Dropbox was safe!

  51. The best way to protect yourself from anyone on the internet is to not do anything that might get you in trouble! But these are some great tips, albeit a little cumbersome to constantly put it in practice. I’m not sure how often I’ll be encrypting all my files that I send over the internet. The smartphone voice encryption is neat for when I would need to say anything private.

    • I’m am very concerned about my protection online because it’s too easy to have your information stolen. I’ve gotten to the point where I don’t use public Wi-Fi unless I’m on a social site or something. I constantly change passwords and user names every few months as well, trying to stay a step ahead of the crooks. Also be careful of what you download to your computer, as there are spy ware already built into the software.

    • I’d say: Don’t share things you’d not like to others to see or be known about you. I’m actually worried about storing pictures and other things in my computer, because I know it is so easy to get them stolen. We are living in a very dangerous era! I just can’t wait to save enough for my own portable hard disk!! I just don’t trust my laptop…

  52. This getting to be a very serious problem. It seems like we should not pretend to be a society that isn’t constantly under surveillance because the truth is, we are. I have recently started using DuckDuckGo as my go-to search engine and I really like it. That is a great suggestion.

  53. Yikes, I had no idea all of the Skype conversations were being monitored by Microsoft! Why the hell don’t they state that openly? Why they never openly say: ”Hey, be careful not to share intimate things thru Skype, because we actually like to monitor everyone’s conversations! Not cool at all, that is so malicious.

  54. Everything in life is being monitored. Cloud storage is just a fad I believe and sooner or later, it will get hacked just like all before it. I tend to use portable storage devices and keep things under lock and key, or password.

  55. These are really good tips. I mean it’s crucial to take care of your computer and prevent it from being open to anyone to see all the data that you have. We really need privacy in this generation and I personally would love privacy, eventhough, I have nothing to hide, and even many people have nothing to hide but it’s just we love our privacy and not to feel controlled in every way and in our personal houses during our personal free time.

  56. I might sound paranoid but I’ve tapped a piece of paper on my website. You can never be too safe… right? Will definitely be using these tips more often though. I usually browse in incognito mode when I’m online but that can be quite bothersome to me. Not a big fan of not having any history to make my searches easier.

  57. But then, after doing all those things, if you’re picked up by the police they’ll gain access to whatever they want or you’ll spend time behind bars.

    It’s a scary law.

    If they demand you to enter a password for access or decryption, you either do it or you’re arrested (I think under the key discloser law, not 100%).

  58. Opera recently released a browser with a built-in VPN.

    I think other browsers should also include a built-in VPN [yes it will cost them money operating the servers] but if people who use the internet want privacy and they know there’s a browser that guarantees them that then I’m sure most of them will flock over.

Comments are closed.