[updated July 2017]
A number of friends and colleagues have asked me recently about what I would recommend doing to regain some Internet privacy, given my background in Web development and technical support. The guide at PRISM-BREAK is authoritative but too technical for most people to follow. In recent weeks I've gone down the proverbial "rabbit hole" to see how secure I could make my Internet experience and then dialed the paranoia way back to a more practical, useful level. Here's what I've found.
- There are five main ways you can be spied upon when you're using the Internet. Each of these will be addressed in more detail below.
- Your computer could have a hardware or software keystroke logger on it.
- Your Internet service provider (for example, your cable or phone utility) is most likely collecting records of your activities (along with all other customers') and sharing them with the authorities. Verizon got particularly bad press for admitting to this, but it appears Verizon is the tip of the iceberg.
- A particular site you are visiting may be under surveillance, or may be collecting data for its own internal purposes (notably Google, for targeting advertisements and search results) which it then shares with the authorities.
- You can be tracked across Web sites by a third party (in addition to your ISP and the sites you are visiting) using tracking cookies attached to ads, images, and other supplemental content on the pages you are visiting.
- You can mistake a public medium for a private one. For example, email is less secure than a postcard, and most Web sites don't encrypt the blogs, comments, etc. you contribute, even though you may have logged into the site over an encrypted channel to contribute it. So even if you're posting to a private group on a secure Web site, your contribution is probably stored unencrypted where hackers (or Homeland Security) can read it.
- There are three reasons I can think of why people care about this surveillance.
- They may be doing things online that are at odds with what the authorities think they should be doing, for example trying to overthrow an oppressive government (e.g. in the Arab Spring) or trying to stop the activities of influential corporations.
- They may object to being watched for philosophical or emotional reasons. For example, U.S. citizens may be under the impression that the Fourth Amendment to the Constitution gives them a right to privacy.
- They may feel an impulse to act in solidarity with the other two groups on principle, as a form of civil disobedience, even though they are not personally doing anything controversial and don't personally feel their privacy is being violated.
- Keystroke loggers come in two varieties, hardware and software. Unless you have reason to think you or the organization you are working for are being specificaly targeted for surveillance, an anti-spyware program on your computer is probably sufficient to eliminate that possibility.
- If you think you're being tracked or otherwise spied upon by your cellular phone, turn it off or leave it somewhere you're not.
- Be aware that Chrome and Android are essentially spyware for Google, likewise Safari and iOS for Apple and Internet Explorer/Edge and Windows for Microsoft, and an anti-spyware program will not detect them because you are using them intentionally. If your distrust extends to these companies, use Firefox instead of the other browsers and don't do anything on your computer or phone that you don't want them to know about. If you have to use a computer that you suspect is compromised, you could consider using a temporary operating system such as Tails, which lets you use the hardware without any of its software, however this might be a good time to also consider the possibility that you might be getting a little too paranoid. A second opinion would be prudent, but on the other hand, it doesn't hurt to have a copy of Tails on hand just in case you ever need it.
- Consider keeping an old computer or smartphone around after you've replaced it with a new model. Use it to experiment with the alternative operating systems and other software recommended on PRISM-BREAK (much of which requires "rooting" your phone, a service you may want to hire someone to do for you), and use that when you're feeling paranoid instead of your usual computer or phone. A smartphone with no cellular service is still an iPod Touch, a gadget which people continue to pay good money for, and it's amazing how many cool things it can do, from GPS navigation to Voice Over IP, all without the constant surveillance that you'd get if you used your active phone. Even if it is tracked, it has a different network ID than your usual computer or phone (a kind of protection even Tails can't provide), so so long as you don't identify yourself by logging into a site, you can maintain anonymity.
- If you want to prevent your ISP from knowing what sites you're visiting, an anonymizing network such as Tor (with a compatible Web browser) is the way to thwart them. However, you should be aware that Tor is very slow. That is, it doesn't matter how fast your Internet connection is, you will feel like you're back in the days of dial-up 56K modems. Videos will not stream reliably, etc. Unless you are really serious about disguising your activities (or civil disobedience), you will probably find Tor is just too inconvenient to use on a regular basis. Also, anonymity only works if you don't log onto any Web sites. As soon as you log into a site, you've just compromised your anonymity for that Tor session, including all the sites you visited in that session before you logged into the site.
- If you don't care who knows where you go on the Web but just want to hide what it is you're doing there, get the HTTPS Everywhere plugin for your browser. This will ensure that you're using a secure connection whenever possible, preventing your ISP or another party from listening in on the conversation. However, note that if the site in question is targeted for whatever reason, it will make little difference whether you connected securely or not, because anything you contributed to the site is probably stored in plain text and stamped with identifying information. That's just how most Web 2.0 sites work, including this one.
- Similarly, you can try to encrypt your email communications using PGP, even if you use a Webmail service like Gmail, but that will only work if the people you're communicating with also use PGP. A much easier step to take is to check the account settings in your email software (Outlook, Thunderbird, Apple Mail, etc.) to make sure the secure connection feature is turned on, because most of these programs leave it off by default! That will at least keep your email out of the hands of your ISP.
- If you think a particular site that you log into is collecting data on you, or if you have reason to believe it's being watched, the only real protection is to not use that site. If the site allows you to set up an account under a pseudonym, you could do that, but unless you always use it over Tor and never log into any other site during the same Tor session, your pseudonym can be easily tracked back to you. If the site doesn't let you use a pseudonym, just be aware that anything you say and do there is public. Don't post a photo on Facebook you wouldn't want an employer to see; don't say anything in your blog (or your Gmail...) that you wouldn't want to turn up in a court of law, etc. The walls are made of glass.
- Finally some good news: Third-party tracking cookies are a cinch to thwart. Install a browser plugin like Privacy Badger and prepare to be amazed by how many such cookies infest sites that you wouldn't expect. I was blown away by how many were here on my own site, so I disconnected it! [I've since added some of the Google content back again.] You may also be surprised by how few tracking cookies are on sites like Google and Facebook -- they love to follow you everywhere else you go on the Web, but on their own sites, they don't let anyone else track you!
So here's where I'm at after my adventure: I have Tor Browser on my computer and Orbot on my cell phone, but I rarely use them because Tor is slow and inconvenient. Instead I use Privacy Badger and HTTPS Everywhere and Sophos anti-spyware, and I call those precautions good enough. I have a spare smartphone with no phone service, which can do everything my connected smartphone can do when I'm in wifi range, and is still quite useful even when it's offline. But for my day to day activities, I just watch what I say, because to my mind the rewards of being connected outweigh the potential risks. That's an informed judgment that everyone should be free to make for him- or herself.
[Update: Comparitech has written a comparison of similar browser plugins.]
What do you think? I welcome comments below -- but of course they're stored in plain text with your identifying information!