Maximizing Privacy in a Digital World
by Terry Clark II
With the proliferation of personal computing devices, explosion in social media, and increase in number of people connected to the Internet, privacy is now more important than ever.
From unscrupulous individuals looking to steal your credit card data to companies like Facebook and Amazon looking to track you to make money off that data, the average user is under a constant barrage of technologies that slowly chip away privacy.
How does one defend against these invasions of privacy? Technologists often joke that there is no privacy on the Internet and, to an extent, this is true. However, there are some things that can be done to increase privacy.
This article will examine three levels of privacy enhancement.
The first are low effort solutions that require little to no change in computer usage habits and have minimal, if any, cost associated with implementation.
Next, we will cover intermediate modifications that may require some technical knowledge to implement, may result in mild inconveniences when using the computer, and may cost a bit more to implement.
The final section will touch on some advanced privacy methods that may require a significant change in browsing habits or incur significant costs to set up.
Level 1: Basic Privacy Modifications
As mentioned, the basic modifications will require little technical knowledge and be cheap or free to implement. Included under this umbrella are password generators, two-factor authentication, ad blockers, and increasing the restrictiveness of social media settings.
Password generators automatically create a unique password for each website or service used and protect these passwords with a master password. As a result, the user only needs to remember a single password while reducing the risk of attackers being able to break into multiple accounts due to duplicate passwords. There are two big players in the area of password managers. These are LastPass and KeePass.
The main difference between the two is ease of use for non-technical users and cost.
KeePass requires manual configuration that takes several steps to get everything up and running. Additionally, KeePass does not automatically synchronize passwords between devices without further configuration.
LastPass does not require these extra steps, but has a cost associated with some of the premium features, such as multi-factor authentication, support for third-party applications, and encrypted storage for files.
According to an article from LiquidVPN, "If you are ready to finally secure your passwords and the thought of entering API codes and changing some settings in XML files is new jargon to you then LastPass Pro with two-factor authentication is the tool for you. Otherwise, go with KeePass." ("Which Password Manager," 2017) The main reason for this is that LastPass stores the passwords in an encrypted cloud. While this is probably safe enough, some people may be paranoid about any usage of cloud solutions and may wish to have their data stored on their own devices instead, a feature offered by KeePass.
Like password generators, two-factor authentication increases security by requiring access to another device, usually the user's cell phone to fully authenticate to an account. A possible other method of verifying identity via 2FA is using biometrics.
However, "Biometrics still has a long way to go before it can be considered a rock-solid security technique." (Gillin, 2018) Current biometric techniques can either be fooled relatively easily or are not 100 percent accurate, necessitating the need for backup authentication methods. This obviously defeats the point of using biometrics in the first place.
Both ad blockers and more restrictive social media settings attempt to limit tracking and potential exposure of information to the general public. There have been cases of websites both tracking users through ads and tracking users between sites to serve them personalized ads. (Dangerfield, 2018) By utilizing ad blockers and turning off targeted Facebook ads, this tracking is decreased. Additionally, by putting in place social media settings that only allow friends to see the details of our profile, we decreased the ability for random strangers to scrape information from this source.
Level 2: Intermediate Modifications
Beyond the basics presented in Level 1, there are some additional things users can do to increase privacy without much more loss of functionality.
These include changing the default search engine, private browsing modes, using a VPN, and using a Tor browser. Except for the VPN, all these options are free. Even the VPN option could be free, depending on what the user's exact goal is when implementing this technique.
Most users likely have Google set as their default search provider.
While this is convenient because of Google's search algorithms and potential integration of search history across devices, it is no secret that Google tracks searches by user. This is part of what makes the targeted ads in Part 1 work. For instance, have you ever searched for some obscure product and immediately started seeing ads on other platforms for that thing? That's Google tracking at work. By switching to another search provider such as DuckDuckGo or Startpage, this tracking is minimized.
To take this idea a step further, the user could choose to use private browsing mode.
This will automatically delete browsing history, cookies, and all information that has been typed into online forms when the browser window is closed. This is useful to prevent cookies from tracking a user between sessions. However, by doing so the user will lose some functionality such as the ability to put things in their cart on a shopping website and return later to purchase those items. Because cookies are not being stored between sessions, the cart information will be erased when the browser is closed. Additionally, information about the user's computer and browsing habits are still accessible by websites being visited and any network administrators that may have access to the connection, including employers and ISPs.
To take this concept a step further and start to anonymize the data sent to websites while also minimizing the tracking ability of employers and ISPs, the user may choose to set up a VPN service.
There are really two choices here. The user can choose a publicly or privately hosted VPN. The privately hosted VPN is essentially a VPN set up by the user themselves at their home. While this will not do much to hide their browsing habits from the ISP, this solution can be useful if the user knows they will use insecure Wi-Fi connections such as in coffee shops. Having the home VPN set up will add a layer of security such that a malicious person in the coffee shop cannot simply sniff all traffic originating from that user. As pointed out in an article by PC Magazine, "Just because it's called 'Starbucks_WiFi' doesn't mean it's really owned by a well-known coffee purveyor."
The publicly hosted VPN is, theoretically, more useful.
These VPNs allow all traffic to be encrypted, even when the user is home. Additionally, when the user connects to a website, their IP address is hidden from that server and instead appears to be the endpoint of the VPN. This tunneling functionality, which is the heart of a VPN (Park, 2017), allows a user to mask browsing information from their ISP. The ISP will be able to tell that a VPN is in use but will be unable to see the traffic flowing back-and-forth in that VPN tunnel.
However, this is not to say that one should simply hop online and enroll in the first VPN service they come across. There have been some cases in which the VPN provider has either turned over customer data to law enforcement or allowed customer data stored on their servers to leak publicly. Obviously, the user should research their VPN provider regarding these issues if they feel this is necessary.
To get around these potential limitations of VPNs, a user may choose to use a Tor browser.
These are browsers that are designed to user the Tor protocol (previously The Onion Router) in which traffic is encrypted and then routed between multiple hosts (at least three by default) before coming out the other end. (Mason, 2018) This makes it more difficult to backtrack through the routing protocol as might happen with a VPN. Additionally, because Tor nodes are operated by volunteers, there is no centralized business that a law enforcement agency can target for customer records. There are various best practices that can be used with Tor for very paranoid users, but most users will be happy with the anonymity provided by the base package.
Level 3: Advanced Modifications
For the more technically savvy and/or paranoid users, a third category exists which may require significant effort to configure or significant modifications in computer use habits. The options covered in this level include using virtual machines to sandbox computing tasks and use of privacy-focused live boot operating systems.
The use of virtual machines has long been of interest to those involved with information technology and information security. With the advances in modern hardware, it is feasible to do all computing within a virtual machine, or to run multiple virtual machines at the same time for different tasks. Additionally, virtual machines are often used in malware analysis as a way of isolating known or suspected contaminated files from the root system. The malware is executed within a virtual environment, studied, and the virtual environment is then deleted, taking all trace of the malware with it.
On top of being used for malware analysis, virtual machines are being used to hide the existence of files.
In a paper from the 17th IEEE International Conference on Computational Science and Engineering, a way of utilizing virtual machines in this way was presented. Essentially, the files are encrypted and then placed within what is known as a deniable file system. This effectively hides the existence of encrypted files altogether. The issue, as presented in the paper, is that some applications, such as Microsoft Word, may not be designed with this goal in mind. As a result, the application may inadvertently leak information about the hidden file. To get around this, the paper introduces a concept known as Shadow Execution Environment which uses virtual environments to prevent this data leakage. (Wen, Fang, Zhao, and Li, 2014)
Using privacy focused operating systems, users can further hide their tracks. For full effectiveness, users should use these operating systems in a live boot environment. While this means that users will typically lose their data when the system is rebooted, it is the most secure way of utilizing these systems. Additionally, use of these OSes can increase the effectiveness of the Tor browsers covered earlier. Along with some of the other best practices, the user can achieve quite a high degree of privacy and anonymity. (Hampton, 2013)
However, much like the VPN solutions presented earlier, privacy focused OSes such as Tails offer no guarantees of privacy.
Much of the effectiveness comes down to user behavior and situational awareness. For instance, these OSes cannot always protect against compromised hardware, BIOS attacks, or "man-in-the-middle" attacks. Additionally, anyone who knows how to read network communication will almost certainly be aware that you are using Tor and potentially even that you are using one of these OSes. ("Warning", n.d.) However, if the best practices are followed and everything is configured properly, these solutions will be more than adequate for the average user. The only people that would even really need to worry about this level of detail are those targeted by advanced persistent threats such as nation-states of other government backed intelligence agencies.
Conclusion
As should be clear by now, there are many options for attempting to ensure one's privacy on the Internet.
These range from relatively easy to implement and cheap or even free to requiring advanced technical knowledge and potentially significant investments. However, as mentioned at the beginning, true privacy on the Internet is almost unachievable if the attacker has enough resources and tries hard enough. While an acceptable degree of privacy can be achieved by the average user, true privacy is only possible by avoiding the Internet altogether.
Given that most people will not want to live a life without Internet access, each user must perform their own assessment of how much privacy they are willing to give up for the different services.
As a final note, some of these products are commercial offerings. While in a perfect world, we could just trust people, some companies tend to stretch the truth in their product marketing materials.
Always keep a hint of skepticism if someone makes a claim that seems outlandish and always do your own research.