Protecting your privacy in an always connected world

Hello there! I’m back with yet another exciting technological post. Today we’re going to talk about something that is just as important as security: Privacy! This blog post will give you advice on how to maintain your right to privacy in an increasingly connected world.

Here, we will cover the many ways you can protect yourself online, on all of your devices.

Let’s start with web browsing. You’re online, and reading local news. All around your news content, you start seeing advertisements for various products and services. While these ads are running, data about your browsing habits is being sent back to these advertisers. This is done to serve ads that may be relevant to you. This is known as targeted advertising. The old way of doing it was by storing small data files, called Cookies in your web browser. These cookies would usually be set directly by the advertiser themselves (Known as third-party cookies), but in the privacy-first world, this has been shifted off to the site itself. This is due to modern browsers now blocking third-party cookies by default. Despite now being 1st party, at the end of the day, they’re still tracking cookies. Some third party cookies still get set.

Did you know: If you’re logged into your Facebook account while browsing the web, Facebook will track your browsing habits to display relevant ads on your news feed. Sites that run Facebook Audience ads will send data about you back to Facebook, which gets tied to your profile. After awhile, while scrolling through your news feed, you may begin seeing sponsored posts for those sites. (Don’t believe me? Go into the Ads settings on your profile! While you can turn this off, I will teach you an even better trick later on in this post.)

Knowing this, you may be asking yourself: How can I enhance my privacy? Well, let’s discuss that now!

Use a privacy-friendly browser:

There’s four major browsers that we all know about: Google Chrome, Microsoft Edge, Safari and Mozilla Firefox. If you TRULY value privacy, I highly advise you use Firefox as it puts privacy at the forefront of it’s mission. Despite it’s popularity, Chrome is not truly privacy oriented. While they have begun to sunset third-party cookies, this has been replaced with a new tracking method called Topics. You may have seen this when you first downloaded Chrome, or updated it, in the form of a popup window telling you about your privacy choices. If you must use Chrome, don’t ignore this popup! Go in and turn all 3 options to OFF. It’s not true privacy, but it’s better than absolute nothing.

Use an ad blocker: On top of a privacy strong browser, you will want to enhance your online experience by decluttering web sites. Using a good quality ad blocker will not only accomplish this, but will also enhance both privacy, AND security all at once! I recommend using uBlock Origin here as it is one of the most, if not THE most powerful ad blockers out there. Ad blockers do what we only dreamed of being able to do: Remove annoying, invasive and often times risky advertising from webpages. Ad blockers can also stop tracking attempts dead. Ad blockers work by stripping the ad sources from the webpage, and in some cases, preventing connections to the ad server entirely. This can also stop analytics and trackers, making you an invisible visitor to a website. There are three types of ad blockers out there:

  • Browser based: This is the most popular form of ad blocker. This is an extension that is installed to your web browser. Notable browser blockers include uBlock Origin, AdGuard, and AdBlock Plus. Browser blockers are able to easily and effectively filter both first party and third party ads & trackers. For web surfing, this can be more than sufficient
  • System based: This is a blocker that runs outside of your browser, covering all applications on your device. AdGuard is one of the most notable systemwide blockers on PC/MAC and mobile. There are also system based mobile apps that simply do DNS filtering.

WATCH OUT: Not all apps will behave well with a system blocker. System blockers are not capable of filtering ads in most social media apps as these are generally served from the same location as the desired content.

  • Network based: This leverages use of the Domain Name System (DNS) to block ads and trackers at the network level. Implementing a network blocker requires some networking and technical knowledge, but has the benefit of providing filtering to all devices on your network. Notable On-site blockers include AdGuard Home and Pi-Hole. Publically hosted solutions include AdGuard DNS, NextDNS, DNS66 and Quad9’s filtered DNS. In a pinch, you can leverage the use of your router’s site blocking capabilities, but this is extremely limited. Professional grade firewalls, such as pfSense, can handle this more gracefully. (We’ll cover more on this in some of my networking posts)

WATCH OUT: Some devices, websites and apps will try to circumvent DNS based filtering solutions by using their own hardcoded DNS servers, or by serving up the ads/trackers via their own domain (aka first-party). For this, a browser-based blocker is recommended alongside the DNS solution.

WATCH OUT: An upcoming change to Google Chrome will severely hamper the efficacy of ad blockers. It is again, recommended to use Mozilla Firefox for the best privacy practices. (In fact, the majority of privacy-oriented browsers are based on Firefox, including TOR!)

WATCH OUT: Some sites may throw up a message asking you to disable your ad blocker. This is because the ads do generate income for the site owner. In many cases, your ad blocker (uBlock Origin especially) should be able to do away with that notice easily. If you do encounter it though, you can disable (to support the site), or find another site with similar content.

Separate your activities: Told you I would tell you how to keep Facebook’s nose out of your business! Using tab containers OR separate browser profiles is an excellent way to separate online activities from one another. Since a website cannot access data that is outside of it’s container or the current browser profile, It won’t have anything to tie to you! While containers are amazing, separate browser profiles are way more powerful as it’s like a completely different browser. You can also have different accounts for one service logged in on each profile, as well as different sets of browser plugins. Don’t forget your ad blocker!

Chrome: Click the picture at the top right, then click Add, then name the new profile.
Firefox: Type about:profiles in the address bar. Click “Add a new profile” and name it.

If you wish to use containers, (especially for FB), Firefox + Facebook Container plugin is good here. This ensures that Facebook stays in it’s own sandbox, and no other sites are aware of your logged in profile.

Consider a VPN: Using a VPN can increase privacy as well by rerouting your internet traffic through another location entirely. This can trick websites into thinking you’re coming from another state, or even another country, allowing you to take advantage of privacy laws in that country.

WATCH OUT: Some sites block VPNs due to fraud and abuse. This becomes evident when you are denied access to a site when using a VPN. Most, if not all financial and banking related sites block VPNs for fraud reasons.

WATCH OUT: While there’s also the TOR browser bundle, the majority of popular sites out there actively block TOR due to severe abuse issues. This is especially true of banking, financial and e-commerce/online shopping sites.

WATCH OUT: Always use a PAID VPN solution! Free ones have a tendency to track and sell your usage to offset their operating costs. Remember, if the product is free, then it’s not the product, but rather……YOU are the product!

NOTE: Some paid services do offer a free trial, or even a limited free tier. See the list further down in this post for info on the top providers!

Now that we’ve covered web browsing, Let’s take a look at a device that is with you more than your PC is: Your phone! Let’s face it, at least 85% of Americans, and 70% of the world’s population has at least one modern cellphone or other mobile device, such as a tablet. Unlike your PC, Phones have GPS built into them, which is amazing for two things: Helping you find your way through a mapping app, and helping advertisers target you with ads for nearby businesses! Facebook is notorious for this, as well as storing your location history!

However, YOU HAVE FULL CONTROL of how your phone operates! With that in mind, let’s get started!

Know your app sources: I cannot stress this enough: Unless you know what you’re doing, and you trust the app you’re about to install from a random website, Stick to your device’s official app store. (There are exceptions to this rule, one of which will be covered). The official app store will have stringent policies and a moderation team that will ensure apps stick to these policies.

Check your permissions: Each app on your device will request certain “permissions”, or basically, rights to perform certain functions on your device. Some of these are required permissions, such as connecting to the internet, while others, such as access to your location, microphone, camera, contacts, etc are not usually required unless it’s an app that uses these permissions for it’s core functionality. (Mapping apps will need location permissions to work properly!) Not all apps need these permissions however! Some of them use said permissions just for advertising or tracking purposes. Fortunately, you CAN revoke these permissions without an issue. The settings are different on each device out there, so there is no one single method to control these permissions. Social media apps such as Facebook are notorious for permissions abuse.

Consider an on-device filter: Filtering apps, such as AdGuard, work in much the same way an ad blocker does on your browser, but it can also remove ads and trackers from the majority of the apps on your device. (NOTE: The full version of AdGuard is not available on Google Play due to GP’s policies. You will need to obtain this from AdGuard’s site. (Remember what I said about trusting your sources? This is one outside source you CAN easily trust) There are also others that you CAN find on app stores, but they mostly only work within the device’s web browser, NOT other apps. You can also take advantage of your device’s Private DNS/Secure DNS settings to implement rudimentary filtering at no cost.

WATCH OUT: Not all apps will behave well with a system blocker. System blockers are not capable of filtering ads in most social media apps as these are generally served from the same location as the desired content.

Delete unused apps: If you don’t use an app anymore for some reason, and you don’t see yourself using it at any time in the future, get rid of it! Not only can this help you with privacy, but it can also help your device in terms of performance, increased storage space, and security.

Turn OFF location services: If you have no need to use anything that you will need GPS mapping for, it is recommended to turn OFF this feature on your device.

WATCH OUT: You will NOT be able to do this on a workplace managed device. ONLY do this on your personal device.

Consider a VPN: Just like on your PC, You can use a VPN here too! As noted above in the WATCH OUT sections, Steer clear of the FREE VPNs, and note that some apps and services may not work with your chosen VPN. Some devices will already come with one you can use:

  • iOS (iPhone/iPad): iCloud Private Relay (Requires iCloud+ subscription)
  • Google Pixel: Google VPN (Free on current Pixel devices – Also included with Google ONE subscription, but is being EOL’d later this year. Will continue to be available on Pixel devices)
  • Google Fi: Google VPN (Google Fi is Google’s MVNO, which runs on the T-Mobile network)

Other popular VPN Services, which work across a wide range of devices include:

  • Private Internet Access
  • NordVPN
  • ProtonVPN
  • Windscribe
  • TorGuard
  • Tunnelbear*
  • SurfShark
  • Mullvad
  • – Has a limited free plan you can use to try the service.

Other ways to maintain privacy: Aside from safe browsing habits, separating your online activities from one another, and using ad blockers, there’s another area we can look at: E-Mail. Aside from texting, E-Mail is an essential item in life. Here, we will learn the tips and tricks to try to keep our inboxes as junk-free as possible. With that aside, let’s begin!

Watch what you sign up for: Not everything is worth giving spammers a way to throw junk at you. Resist the urge to sign up for that newsletter just to get some sort of a discount on a product. Often times, it’s a huge pain to get off those mailing lists (Even with current laws!)

Use GMAIL? Use the . or + trick: Chances are if you use email, you have a GMail address (Google Email). Did you know that Google will let you use dots or pluses in your email address when you share it somewhere? The PLUS (+) trick works well when signing up for things, as if (or when) you start getting spam, you can see where it’s being sent to, and easily determine who sold your email address to the spammers! An example of the plus trick: youremail+newsletter@gmail.com. The site you’re giving it to sees this, but GMail will still deliver it to your inbox. The dot trick is simpler, and involves inserting a dot anywhere in the email address (your.email@gmail.com, y.ouremail@gmail.com) – It still gets delivered to you.

WATCH OUT: Some of the more savvy spam groups out there know this trick too, and will have no trouble stripping out the plus and everything after it. Some may even work around the dot trick.

Consider a throwaway or spambox email: There’s a couple of methods to this, with the easiest one being to simply create a whole new email account. The point here is: If you absolutely need to provide your email address for something, it’s best to use an account dedicated to this. That way, if it gets spammed, it won’t affect your main email in any way. There’s also free to use services out there that provide disposable emails, should you not wish to create a whole new account.

WATCH OUT: Some sites block disposable email services. This makes having a second email account on a mainstream provider (Google, Yahoo, etc) a preferred method.

Don’t click links in emails: It may seem very tempting to get a 25% discount at your favorite store from that email they sent you, but is it worth giving up your privacy? When you click that link, it doesn’t just take you to their site, but it also sends a signal back to the service that sent you the email stating that you clicked the link from an email sent to your email address (This is known as tracking). Spammers LOVE this because it tells them that your email address is valid, and that you are paying attention to the emails. This just opens the floodgates for more spam emails.

Don’t open obvious spam: This is a no-brainer. Simply delete spam emails. Not only are you tracked when clicking a link in an email, you can also be tracked by just opening the email! This is done when the email opens and starts loading all of the content in it. Along with the content, are various “tracking beacons” that tell the sender that you opened the email, and that your email address is good. These beacons are hidden as image files that are a mere single pixel in size. Tiny enough not to be seen or cause excessive network load, yet more than enough to track your activities. Ad blockers can’t stop these beacons in your email as the content is loaded from your email provider’s network rather than the original host. This is why the top email services now block the loading of images, etc unless you intentionally click the link to load images. If you don’t open the email, the tracking beacons won’t activate, and they won’t know you got the email. Just can it. The majority of email services out there are really good at flagging and diverting spam, but some pieces will pierce through sometimes. Simply report these and it’ll help them enhance their filtering.

Use forwarders that strip trackers: There are email proxy services out there that can strip out these tracking beacons before you receive the message. The two most popular ones are DuckDuckGo’s duck.com, and Mozilla’s Firefox Relay. These services take the incoming email, scan for and strip out tracking beacons, then forward them to your inbox. In the case of duck.com, you can also SEND emails from these addresses to further preserve your privacy. This is done by sending an email to the service using the recipient’s whole domain as the email address.

WATCH OUT: While it has not become widespread, some sites are already starting to block duck.com and Firefox Relay email addresses from being used. This coincides with the above mentioned disposable email services part.

Don’t sign up: This is the easiest one to do: Simply don’t sign up! You’re not being forced to in most cases. If it’s content that requires you to provide an email address to access said content, you’re better off just looking for it elsewhere. After all, it’s rare for content to only be on one single site.

And there you go. Everything you need to maintain as much privacy as possible online.

Tags: , , ,