The paranoid's survival guide, part 1: How to protect your personal data
Bottom line: Once you log into a service, all of your activity across all related services from that provider -- from webmail to searches -- can be tracked back to your account. So log in only when you need to, and be sure to log out when you're done.
Use anti-tracking software
Unfortunately, blocking third-party cookies doesn't block the activities of all tracking scripts, and many advertisers ignore the DNT signal, so Hansen recommends installing anti-tracking browser add-ons.
"Something like Disconnect blocks ads plus third-party tracking pixels" and has the added benefit of speeding up Web page load times by removing all of that extraneous tracking activity, Hansen says. Disconnect, Abine's DoNotTrackMe, Ghostery and other consumer-friendly anti-tracking tools don't block everything -- doing so can break things you want to use -- but try to strike a balance for the best user experience. For example, Disconnect doesn't block Google's third-party advertising network DoubleClick when you're using Google services. "Google is already tracking you when you log into google.com, so blocking the doubleclick.net request wouldn't stop any tracking, and is likely to break the page," says Casey Oppenheim, Disconnect's co-CEO.
If that's not good enough for you, Hansen says, "The extreme level is to use NoScript or RequestPolicy. "Flash, Java, whatever it is, [these tools] block it if it's cross-domain. It's uber-draconian, and it breaks just about everything, but it's very effective," he says.
Secure your searches
Or use a proxy search service such as Disconnect Search, which sits between your browser and the popular search engines so that your search history can't be tracked. (Ixquick, located in the Netherlands, works in the same way and also has the advantage of being out of reach of the U.S. Patriot Act and the FISA court.)
If you prefer to use a commercial search engine, you may be able to turn off search and browsing history. For example, in Google you can turn off search history from the Google Dashboard, while the Chrome browser offers Incognito mode.
Use HTTPS whenever possible
All data that passes between your browser and the Internet is unencrypted and open to snooping, unless you've entered an encrypted session with the service you're communicating with on the other end. Some sites, such as your bank, will encrypt your communications using the HTTPS protocol by default, while others, such as your webmail, may not. For example, Gmail enabled HTTPS by default three years ago, but Yahoo Mail only began supporting HTTPS one year ago, and it's not turned on by default. If you're not sure, check first before you use the service.
You can use the Electronic Frontier Foundation's HTTPS Everywhere browser extension to make sure you're using HTTPS when it's available, but some sites don't offer HTTPS, says Joseph Lorenzo Hall, chief technologist at the Center for Democracy and Technology. In that case, he says, you may want to consider using a virtual private network (VPN) service.
Sign up for a VPN service
Your IP address gives Web publishers and e-commerce sites an identifier that provides clues to your location. It allows Web publishers to deliver geo-targeted content, such as your local weather, but they can also target you in less pleasant ways. For example, some online retailers have moved to geotargeted pricing, which determines the price you see for an item based on your location and how many brick-and-mortar competitors are nearby. Depending on your location, this could be a good thing or a bad thing.
And if you're browsing the Web using a public Wi-Fi hotspot, it's not just your IP address you need to worry about. If your browsing session is unencrypted, all of that data -- including user account names and passwords -- could be snatched literally from the airwaves.
The solution in both cases is to use a virtual private network (VPN) service such as Astrill, Anonymizer, IPVanish or AnchorFree. These tools not only protect your IP address, but encrypt your communications, which are routed through the VPN service's servers before going on to the intended destination. "People can't eavesdrop on what you're doing, or steal your login credentials and impersonate you," Hall says.
Next, in part 2: Tips about privacy and mobile computing, email and social media.
This article, The paranoid's online survival guide, Part 1: How to protect your personal data, was originally published at Computerworld.com.
Read more about Privacy in Computerworld's Privacy Topic Center.
- Agility & Scalability for Oracle EBS R12 and RAC on VMware vSphere 5 This white paper outlines extensive performance and scalability testing of Oracle EBS applications on a Vblock™ Systems with vSphere 5.
- Oracle and VCE: The Next Step in Integrated Computing Platforms In this ESG Lab review you will learn how a VCE system driven by Oracle, delivers the perfect blend of high performance and...
- Migrate Oracle Apps from RISC/UNIX to Virtualized x86 Ready to move Oracle to a virtualized environment? This brief explains how true converged infrastructure can help you migrate from a RISC/UNIX environment...
- Step Out of the Bull's-Eye Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe.
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily... All Privacy White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!