- 1 Introduction
- 2 Principles
- 2.1 Computer Security
- 2.2 Information Sharing
- 2.3 Choosing audit-able, fixable software
- 3 Specific Threats
- 4 References
On today's internet privacy is an increasing concern, with nearly everything we do being tracked and recorded by someone. This information isn’t always carefully protected, either, as along with its usual purposes in market research, there have been a number of situations where released data has led to more sinister results. On one occasion, the AOL search engine made the history of 650,000 users available to the public for research purposes, believing that it was impossible to link the data to an individual. Shortly after it was released, however, The New York Times managed to locate one user and contact them directly via the telephone. On another occasion, Reporters Without Borders suggested that information released by Yahoo! led to the arrest of a Chinese dissident, who was later sentenced to 10 years imprisonment.
Going into the future, it seems likely that the amount of data collected about our electronic communications will massively increase, potentially leading to many more situations like these. Proposed new legislation calls for the recording of all electronic communications for up to 2 years, with access being provided directly to government through a centralised database.
Fortunately, it’s not all bad news. For those who wish to defend their privacy, whether against search engine foul-ups, marketeers or government databases, there are a number of steps a user can take. This document will cover the basics of maintaining your privacy on the internet, explaining the fundamental principles behind computer security (without which privacy is impossible), best practices for sharing personal information, and specific tools that you can use to counter various threats.
The first step in maintaining your privacy on the internet is to take some simple actions that will help secure your computer. These basic steps will help to prevent various attacks against you that could compromise any personal data stored on your computer, ranging from details you entered on your bank’s website to the location of your wife’s birthday party. Besides the stealing of this sensitive information, other results of a computer attack can include:
This section of the guide will explain the fundamental principles behind securing your computer.
All modern operating systems are designed with the idea of multiple users in mind. These users can have different sets of privileges which allow different operations to be performed on the system: actions that have the potential to effect the entire system, such as installing software or deleting important files require administrative permissions. Administrative permissions are not required for day to day use of a computer, and if used as such can increase your vulnerability to attack.
A well configured family computer would have an account for each member of the family that has limited privileges, with a separate administrative account used only when needed. This has the extra benefit of allowing each member of the family to customise their experience, adding a pink background, bookmarks to celebrity gossip sites and individual instant messaging accounts without affecting everyone else who uses the system.
With this in mind, the first step to securing your computer is to create a separate account without administrative permissions for each user. Whether you use Windows or Mac OS, this is easily accomplished. In Windows, these settings are controlled by the User Account tool which is found in the Control Panel. To access the Control Panel, click Start and select it from the right hand side of the menu.
In Mac OS, open System Preferences from the Apple menu and select Accounts from the lower left of the window, changing the appropriate settings.
As computing power has increased, it has become easier for those trying to gain access to a computer to break passwords by trying millions of possible character combinations in a short period of time. Strong passwords are designed to make this kind of "brute force" attack less likely to succeed, and you should use them where ever you keep information about yourself, including your personal computer and any internet accounts you have.
A strong password is one that:
- Is long. Each character you add increases its strength by many times. All passwords should be longer than 8 characters, and ideally longer than 14 characters.
- Uses a wide variety of characters from all over the keyboard, not just letters and numbers.
- Uses upper and lower case letters.
A strong password should not:
- Contain sequences or long groups of repeated characters.
- Be the same as your login name.
- Be in the dictionary.
- Be used everywhere you need a password. Create different passwords for different services, as if you have just one and it is compromised then all of your information is compromised.
3|&?Y-$$YWh4*y is an example of a strong password, while ilovelucy is an example of a particularly bad password. There are services you can use to generate passwords for you, as well as various pieces of software that can make managing many different strong passwords for different services easier, such as 1Passwrod for the Mac or KeePass for Windows.
A virus is a malicious piece of software that can be installed on your computer. Viruses can collect information about you, damage and destroy files or prevent you from accessing your computer.
Unfortunately, the internet is full of viruses and nearly as soon as you are connected you will be exposed to them. To help protect your computer from viruses try installing a good piece of anti-virus software, no matter what operating system you use:
Simply installing anti-virus software is not enough, however, and you must keep it updated to be effective, aiming to do this about once a week. It is worth noting that due to the way anti-virus software works, it can be tricky to fully uninstall one and replace it with another, so in the event that you wish to switch to a different piece of software, read the instructions carefully.
One other important step when defending yourself against viruses is not to install software or open files received from sources you do not trust. Viruses are often disguised as legitimate files, simply hoping that a user will install them.
Spyware is very similar to a virus, but in the majority of cases has a milder effect. Common symptoms of spyware include pop-up advertisements, new toolbars appearing and significant performance degradation. In more extreme cases, spyware can be used to monitor browsing habits, steal information or take control of a computer.
As with viruses, you can defend yourself by installing special software that must be kept updated and by being careful about where you install software from. Below are some recommendations for free anti-spyware programs that you can use:
Nobody has ever written a perfect piece of software and, no matter how secure its authors claim it to be, will have security flaws in it. To mitigate this risk, whenever a new flaw is discovered the software authors will release an update that fixes the problem. To benefit from these updates you need to keep your system updated.
Most computers come with an automated way to update themselves, but you need to make sure that this feature is turned on.
In Windows Vista go to the Start menu, All Programs, and select Windows Update. Then, make sure that you have ticked "Install updates automatically". If you have other Microsoft products installed, you can also turn on Microsoft Update, which will provide automatic updates for all your Microsoft products. You can find information about this near the bottom of the screen.
In Windows XP, go to the Start menu, Control Panel, and select Automatic Updates. Then, make sure that you have ticked "Automatic (recommended)".
In Mac OS X you can update your system by clicking the Apple logo in the top left of your screen and selecting Software Update, following the on screen instructions.
It is also important to keep an eye out for updates to third party software you may have installed on your computer. Some third party applications will automatically advise you when a new update is available, while others will require you to keep an eye out yourself. Occasionally checking the author's website is a good idea.
Once you have secured your computer, the next step to maintaining your privacy is making yourself aware of the times when you might be sharing your personal information, the risks involved and whether you really want to share your information in these ways.
Email And Spam
Whether you think it or not, email is a form of personal information these days, and it is probably the most likely to be used in ways you would prefer it not to be. Most often, this is the result of spammers discovering your address and using it to send you adverts for various products, as well as trying to trick you into revealing other pieces of personal information such as bank account details and passwords.
Spam is the name given to unsolicited email, which usually contains advertising or attachments with malicious software in them. You should never respond to any unsolicited email or complete the actions they ask you to perform. Here are a few real world examples of spam, taken directly from my own email address:
From: Lacy Bauer Subject: Return Those Calls
Take a moment to call the information line and hear how others are using there telephone to generate upwards of $3500 weekly, sometimes even daily.
From: PowerBall Lottery 2008 Subject: Winner of 1,000,000.00 Pounds
We wish to congratulate and inform you on the selection of your email coupon number which was selected among the 6 lucky consolation prize winners Your email ID identified with coupon No. PBL2348974321 and was selected by our E-Games Random Selection System (ERSS) with entries from the 50,000 different email addresses enrolled for the E-game. Your email ID was included among the 50,000 different email addresses submitted by our partner international email provider companies. You have won a consolation cash prize of GBP 1,000,000.00 (One Million Great Britain Pounds) only.
You are to contact the DPU Officer with the following details for the release of your winnings.
1.Full Name:...2.Home Address:....3.Age:........4.Sex:....5.Occupation:....6.Phone Number:.....7.Present Country:.....
Contact Person: Mr. Mark Anderson. Contact E-mail: firstname.lastname@example.org Tel Phone: +4470-4577-3734.
Regards Mrs. Stella Bryan (Group Co-ordinator) Send your response to: email@example.com
Keep Your Address Private
We are often asked to share our email address when surfing the internet, and this is when spammers are able to find out what your address is. The most sensible approach is to only reveal your email address to people and organisations that you trust, and to never make it available without obfuscating it in one form or another. The examples below shows one common method for obfuscating an email address, making it readable for humans but not computers.
someone AT example DOT com
Some websites insist that you provide an email address to complete registration with them and will send a confirmation email to check that it is a real address. If you want to register for a site but do not wish to provide your email address, there are a number of free services that will create temporary email addresses for your use, such as Mail Expire. This way, you can use a real email address to register, but not suffer from spam after signing up.
It is also advisable to maintain two email addresses: one for sharing on public web spaces and the other for giving to real world friends, colleagues and private web spaces. If your public address becomes the target of large amounts of malicious material, you can easily get rid of it without suffering the inconvenience of informing everybody of your new address. What information should you share?
Sometimes, emails you receive will ask you to share pieces of personal information with the sender, but no legitimate organisations will ever ask you to share any personal information with them through email, including bank details, passwords and user names, name and address etc. So, the message is simple: don’t share personal information through email with people you don’t know personally.
Almost every website you visit now asks you to share some kind of personal information with them. Whether you are paying for a purchase, signing up for a mailing list or talking to people in a forum, you should first think about who it is you are going to be sharing information with, and what information you are going to reveal.
Signing Up For New Services
When signing up for a new web service, read through the sign up form carefully and only fill in the required fields: often, there are fields for your address and phone number when these are not needed for the site to function as expected. This kind of information, which is personally identifiable and can be used to track you in real life, should be guarded preciously.
Social networking is a strange phenomenon, with people often coming into contact with those who they barely know or trust, while still revealing incredible amounts of personal information such as phone numbers, places of work, school or college and photos of themselves.
To keep control over the information you share on social networking sites, you should start by investigating the privacy settings your chosen social network offers. These often allow you to restrict who can gain access to your profile, as well as making it possible to reveal a limited subset of information to those who you trust less. Facebook’s privacy settings can be found by hovering your mouse over the Settings link.
Two very powerful options that Facebook offers are to limit who can see your profile information, and the ability to block people from interacting with you on the site altogether. The first option provides fine grained control, allowing you to specify that only confirmed friends can see some parts of your profile, while those from your networks can see others. The second option is very useful in the event that someone starts acting abusively towards you, and allows you to continue using the site without being their target.
After reviewing the privacy settings, think again about the kind of information you want to share. Even after taking advantage of any privacy settings, the security of your private data is not guaranteed and can be revealed through a number of mechanisms. With this in mind, you should consider the golden rule for information sharing to not post any information that you are not happy for the whole world to know.
Online Banking & Shopping
When using these services you are going to be required to exchange details of your bank account and identity that could be used to steal from you. To ensure that this information is well protected, you should check that your connection to the site is encrypted. Most web browsers show this by displaying a small, closed padlock in the bottom right of the screen.
Also, when shopping online retailers often give you the option of storing credit and debit card details to save you from re-entering them in the future. While this is convenient, it is not without risks: on one occasion, American retailer TJX had the credit card details of over 40,000,000 customers stolen from them by hackers. Obviously, in this situation there is the immediate problem of someone being able to use your card, but there are also longer term problems where the hacker could combine these details with other stored information to take out loans etc under your name. With this in mind, it is advisable not to store your card information online, but to re-enter it each time.
It is also a good idea, even if you don’t keep card details online, to regularly check your bank statements so you can be sure nobody else has been using your accounts. The sooner you catch it, the sooner you can stop it and the less damage caused.
Choosing audit-able, fixable software
The workings of free software, can be viewed and modified by anyone. This means you, or any user can audit the software for privacy issues. If you're using widely used free software with a distributed development team, you're more or less guaranteed that others have already audited it. GNU/Linux, OpenOffice.org, and Firefox are some well-known examples.
Anyone can add privacy protecting features to free software, so there is much greater chance that some privacy-conscious developer has already done so.
Lastly, because anyone can redistribute free software, there is no single company that buyers of personal information can approach in order to suggest that data-gathering features be added. If any distributor of free software did add such features, the users could find out and could abandon that distributor in favour of one who's version respects their privacy.
After following the steps above, you are already doing a great job at protecting your day to day privacy online. What you still need to understand, however, is that the majority of your actions on the internet are tracked and recorded, either by your internet service provider (ISP) or by the website that you are visiting. This information does not pose as significant an immediate threat to most users, but there may be times when you wish to keep your web browsing to yourself, your communications secret and your identity anonymous.
What follows will describe how you can do this using free tools. The first section, which talks about phishing and cookies, is probably of interest to every user as it helps to prevent third parties from tracking your web browsing habits. The other two sections are more technical, but provide a far greater level of privacy and anonymity.
Phishing refers to the practice of attempting to gain access to sensitive personal information by impersonating a trust worthy individual or organisation. This can come in a number of forms including websites and emails, and often in a combination of both.
In the past, to defend against phishing you just had to be aware that no organisations would ask you to share personal information with them through email, but today phishing attacks are far more complicated and often see the phishers creating entire websites that look almost exactly like a well known legitimate service. Below is a side by side comparison of a legitimate site, and one created by phishers.
On the left is the phishing site, and on the right is the official site. As you can see, they’re very similar. The easiest way to spot the difference is with their web addresses: the phishing site is at the address http://www.submitengine.info while the official PayPal site is at https://www.paypal.com/. Often, this address is linked from an email or another website, covered up by plain text; they hope that you won’t check the address bar, just relying on how the site looks. Here are a few tips to help you spot a phishing attempt:
- Hover your mouse over any links, and the address they’re linking to is displayed at the bottom of most web browsers.
- Always check the address bar is what you expect it to be when visiting a site.
- If you’re being asked to share information, enter the web address of the organisations website yourself.
Beyond this basic awareness, modern web browsers now automatically alert users if they are about to visit a site that is known for phishing. If you are using Internet Explorer 7 or Firefox 2+ then you will already be defended in this manner. It is worth being aware of the fact that this technique can only protect you from known phishing sites. If a site has not been reported yet, then you will have to rely on your own wit.
What Are Cookies?
Cookies are small pieces of data that websites request your computer keep on its hard drive. They can contain a wide variety of information, ranging from "state" information that saves you the trouble of having to sign in every time you visit a web site, to information about how long you spent on a web site, which adverts you clicked on and which products you purchased. Clearly some of this is useful to the user, while parts of it are useful to the website and their marketing team.
Many users are uncomfortable about sites holding this kind of information about them, even more so now websites have begun sharing their cookies with each other: what you did on one website may now be known by the next site you visit. Fortunately, your web browser provides you with fine grained controls over which cookies are stored on your system.
How To Deal With Cookies
You may choose to opt-out of cookies from individual websites, or to reject all cookies. If you reject all cookies, you may find that your browsing experience is effected as some web sites require cookies to work. The best approach is to configure your browser so that it warns you every time a web site asks to store a cookie on your computer. The warning dialogue will give you the choice of rejecting the cookie, accepting just that cookie, accepting all cookies for that domain (web site), or accepting all cookies.
In Firefox, you can configure this by opening the Edit > Preferences menu and switching to the Privacy tab, then change the "Keep until" option to "ask me every time".
In Internet Explorer, ...
What Is Traffic Analysis?
Traffic analysis is a form of internet surveillance that can be used to infer who is talking to who over the public network. By knowing the source and destination of your traffic, people can track your behavior and interests. Unlike cookies, traffic analysis provides no benefit to internet users, only aiding commercial entities and governments who are looking to discover what information you are accessing.
Traffic analysis works as data across the internet is sent in packets that are made up of two sections, the “header” and the “data payload”. Even if the data payload is encrypted, the header still reveals that you sent it, and where you were sending it to; it also reveals the origin (i.e. you) of the packet to whoever was the intended recipient (a website, an email recipient), information that is logged by the vast majority of websites and services and that can later be revealed to other organisations.
How To Deal With Traffic Analysis
There is a piece of open source software that is specifically designed to deal with this kind of threat, and it's called Tor. Tor works by forwarding your internet traffic through a randomised route of relays, none of which know both the origin and the final destination of the packet. This way, even if one of the relays had been compromised, it wouldn't know enough to be able to identify you, or the information you were requesting.
To use Tor on Windows, you will need to:
- Download and install the Firefox web browser
- Download and install the Tor bundle
- Restart Firefox
- Check to see that “Tor Enabled” appears in the bottom right of the browser
- Test that Tor is working correctly (See below)
Other applications, such as instant messengers and mail clients, will need configuring to work with Tor; for detailed information on how to configure these, see Tor's website.
Before heading off into the internet believing you're now safely protected, make sure to test that everything is working! The Tor bundle included two other applications, Vidalia (a graphical interface for Tor) and Privoxy (a piece of software that is important to help Tor maintain your privacy), both of which add a status icon to your system tray. If Tor is running, then Vidalia will display a green onion icon, but if it is not it will display a gray onion icon with a red cross next to it; Privoxy displays a blue circle with a P in the middle of it. As well as this, be sure to visit the Tor Detector to check whether your information is hidden.
Why Encrypt Email?
Email is sent over the internet in plain text. This means that anybody who manages to get access to your email account, the intended recipient's account, or even your ISP who is probably obeying new EU regulations to keep all electronic communications, can read what ever you said in the message. Fortunately, there is free software available that provides extremely strong encryption, so strong in fact that it has never been broken. This section of the guide intends to explain how the encryption works, and how you can begin using it to keep your correspondence private. The tools described here can also be used to guarantee that messages you receive are from the apparent sender through a "digital signature", and we will also explain this.
How It Works
The kind of encryption we are going to use is known as public key encryption. Everyone who wants to take advantage of this kind of encryption creates two keys, one public and one secret, and the idea is that you share the public key with as many people as possible, while making sure that only you know what your secret key is.
To send an encrypted message to someone, you lock it with their public key and then when they receive it, they use their secret key to unlock it. If people want to send you an encrypted message, they must first lock it with your public key, and you would then use your secret key to unlock it.
For this to work correctly, however, you must be able to trust that the public key you are using to encrypt a message actually belongs to the person who you are sending to, and that their secret key is secret. The best way to do this is to first meet the people who you wish to exchange information with in real life, where you can swap key details - a good excuse for a party.
How To Use It
These instructions are quite technical, and can vary from operating system to operating system, so to make this as clear as possible I am going to describe how to configure email encryption using the Thunderbird email client with the Enigmail plugin which is available on almost all platforms.
- Download and install GPG, using the appropriate download for your system
- Download and install Thunderbird, configuring it to work with your email provider through POP or IMAP
- Download and install the Enigmail plugin
- Launch Thunderbird, and select Key Management from the OpenGPG menu
- Start the new key wizard
- Select the account that you want to use this key with
- Choose a passphrase, using a strong password
- Click generate key
It is a good idea to also generate a revocation certificate. If you ever lose your key, you will need this to let others know that it is no longer safe to use that public key. When you have done this, keep a copy of it in a safe place, either on paper or digitally.
You will also need to have a list of the key IDs belonging to the people you want to send encrypted messages to, which will then be added to your own "keyring". To add a key to your keyring, click OpenPGP > Key Management > Key Server > Search For Keys, enter the key ID in the search box and click OK. Once it is found, it will be added to your keyring.
Once you have done this you are ready to send your first encrypted message.
- Compose a plain text message, you can do this by holding shift as you click compose if you do not normall send plain text
- Click the OpenPGP icon, and select encrypt message
- Write the message as you normally would, and enter the email address of the person who you want to send it to
- Click send
If the email address you entered was on the keyring, then it will automatically be encrypted, but if not it will prompt you to manually select the appropriate key.
You can also sign a message rather than encrypt it, which simply allows anybody to confirm that it was sent by you. To do this, click OpenPGP > Sign Message while composing a plain text message and it will sign the message once you click Send.