How to Surf Anonymously & Hide Your PC: Part 2 – 21 Tips to Surf Safe



Facebook privacy settings image

If you want to be anonymous in real life, buy a big coat. Online, and for your PC, it's more complex. Why do it? To shore up your identity, safeguard data, secure eCommerce and give peace of mind.

Better Anonymity with wpCop.com

UPDATE: Feb 2013

This guide is old. The theory is good but the practise is worn.

For up-to-date advice please check out my new site wpCop which, while niche targetting WordPress security, also covers the bases for PC, web and server security.

Particularly:-

Guvnr, BTW, has relaunched to front as the blog for both wpCop and, shortly, my server installation guide vpsBible.

If you've got any security-related questions, pop by the the wpCop forums.

Hope that helps.

guv

This guvGuide helps you find the level of anonymity to suit you, to take control of your identity, to enjoy faster, safer surfing and, in Part 2…

…to reconsider online habits and configure your browser

A comprehensive guide, spread over 5 posts:-

Setup Unmanaged VPS (4 Noobs!) ... with vpsBible
Secure WordPress. Properly. ... with wpCop, the platform's dedicated security website
Olly 'the_guv' Connelly's vpsBible.com site and 'WordPress 3 Ultimate Security' book.

Anonymous Surfing

Delicious privacy settings image

As we turn our attention to measures that can help with anonymous surfing, we must each consider our online habits, our level of online experience and the degree of usability – or web interaction – that we require. This is because, if we wanted total security with no risk, we would be left with a bland, yet perhaps still fulfilling experience. On the other hand, if we threw caution to the wind, risking all, we may have an improved experience, but perhaps with dashed anonymity and, if we havn't follows the steps in Part 1, a box full of viruses.

For most, there needs to be a balance somewhere between risk and interactivity. Hopefully these tips will help you to find your balance.

1. Social & bookmark sites, forums etc

With networks like Facebook or Del.ici.ous, for example, set privacy options carefully. Not only are profiles often public, social sites can take your details to the top of the search engine rankings. Using a social site? Plug your name into Google to see what I mean. Alter the privacy setting to set who sees what.

2. Aliases

Attach your name to a forum comment, and you may find the instance at the top of Google's search results. Aliases or pseudonyms are harder to trace to you, and can be ideal for chat services, forums, social sites and a blog.

3. Passwords

If you use the same password for every site, and that is found out, you're wide open.

4. Phone number

Using services like Call-Safe or LetsCallMe, you can receive calls to an anonymous number. Great, for example, for online dating…or so I am reliably informed, hmm.

5. Avatars

For many communities, say, when you can't control privacy settings on a forum, an avatar is a more prudent choice than a personal photo.

6. Email addresses

For most online subscription services, you needn't use your personal or business email address. Instead of using your_name@xyz.com, get into the habit of registering a throw-away like nospam123@xyz.com. Then, other than helping to disguise your identity, if your email address is harvested and spammed, you can bin it and employ another.

7. Emails

When you send a mail it jumps through various servers before receipt. At each hoop it jumps it through, it can be read. To prevent this, encrypt your emails. PGP, for example, is easy to set up and offers basic protection for Outlook, Express, Thunderbird and Eudora. Or if you've got some serious trade secrets, look at something like GnuPG. If you are using Gmail, and have Firefox, then you can use this Greasemonkey encryption script.

8. Webmail

Online email hosts like Hotmail or Gmail are convenient, for sure, but there is speculation over how user data is used. The speculation rises for those companies doubling as a search engine. Smaller webmail providers are a smaller risk but threats remain (if you really wanna know, such as IP exposure, IP address broadcasting and traffic sniffing.) There are workarounds, but by far the best one is to avoid webmail altogether, or to use it only when you have to. Ideally, use a local web client like Outlook Express, popping mail to that.

9. ISPs

Ditto above. Most large ISP's collect user data and process it, often for targetted ads, else just for their own records. Generally, the bigger the ISP, the higher the risk to your anonymity. A private ISP may cost more but can give greater anonymity.

10. Data

Use software to store and encrypt your personal info, from logins to credit cards. Roboform is a good choice, has a basic free edition, and can be bundled into Firefox so you've got automatic logging in for your registered sites, each with a separate profile.

11. Data storage online

Ditto again, some of the above concerns. Would you entrust the family silver into an unfamiliar neighbour's care? That's not a dissimilar scenario. If you can, keep everything local, else on an external drive or flash card. If you do keep it online, look carefully at the services encryption tools.

12. Credit cards

Bear in mind, they can be keylogged. If you don't know about key logging, you definitely need to. Refer to Part 1 of this series for the particularly dangerous key logging trojans that can lurk within computers, recording whatever you type, and how to secure against them. As offline, credit cards also leave a trail of what you do and where you are.

13. Gate-keep robots

If you've got a site or blog you want to keep private – maybe an intranet, for example – else have private pages therein, create a robots.txt file and upload it to your site root. Properly configured, those pages or entire sites can't be indexed by search engines and will be unsearchable.

14. Public computers

Web cafes and the like are convenient but, unless well-maintained, may be riddled with trojans, some of which may be key-logging trojans. As I've explained, these particularly malicious little critters take a note of everything you type including, for example, your credit card details. If you must use a public machine, keep your personal details on a flash card and copy/paste the info from there, eliminating keystrokes, negating key-loggers. Even better, get a copy of something like Roboform Mobile so you've got all your sensitive data encrypted with that, on your card.

15. Initiative

This is really the best safeguard of all, so use yours.

OK, that's it for safe surfing. Almost…

Browsers & their settings

Let's look more closely at our window on the web, the browser, considering a few tweaks.

16. Phishing

These are scams to obtain sensitive data, employing misleading emails and websites. All those spammy emails you get asking you to update your online banking details? Phish. If you inadvertently click through one of those emails, your properly configured web browser will detect a scam, alert you and report the fraud. In-browser protection will slow down surfing but adds protection. You can see how to change or ensure your browser-specific phishing settings, here at Guvnr, right here.

17. History

To safeguard anonymity, you can delete this, else set up your browser not to record it.

18. Favorites/Bookmarks

Ditto above.

19. Javascript

This is a subject full of misconceptions, but one that we have to understand to be safe online. It may sound very techy, Javascript, but I set out in Part 4 of this guide, in accessible language, what we need to know and why, and how best to protect ourselves from malicious code.

20. Cookies

Examining stored cookies

They can get a bad rap. But far from being bad, some assist usability. Then again, many are intrusive. There's a bit to cover here, and so I've set aside this topic for Part 3 of this guide, explaining precisely what browser settings will give you the most suitable level of anonymity.

21. Firefox

It's better for anonymity, with options such as multiple profiles and a slew of add-on plugins to enhance security. For example, the CustomizeGoogle add-on helps you control what is reported back to Google about your surfing habits. Anyone know a comparison with Netscape, Safari, Opera or Chrome? I use them only vaguely.

That's it for the safer surfing tips. Together with your secure PC, you're well on the way to deciding upon a suitable level of anonymity, online.

Part 3 of this series, published tomorrow, looks at cookies, and how you can avoid the bad ones while retaining the useful majority. Then, in Part 4, we'll look similarly at javascript before finishing off, in Part 5, by setting up our proxy server.

Jump to another section of the anonymity guide:-

15


About the Author:

Olly Connelly (yeah, that's me) blogs at guvnr.com, polices WordPress security at wpCop.com and helps noobs build web servers at vpsBible.com, so if you've got sleeping problems you know where to come.

Discussion

  1. the_guv  February 1, 2010

    @Rahul .. you aren’t disturbing me at all, m8! But truth is I haven’t got a clue what this keylogger thing is. Some kind of typing scrambler? .. if so, damn good idea.

    Re. proxies, read this …

    vpsBible.com – What, Why & Other Q&A’s

    … you’ll see I have plans for proxy stuff.

  2. rahul  January 30, 2010

    1)Could U possibly guide me where 2 download the free version f updated keylogger ,how it will gonna exactly work 4 me & how to de-install it completely. ,in case I don’t want it.2)How or what is the process (or procedure) for setting up my own personalised proxy.Kindly please reply.Thanks & extremely apologize 4 disturbing U.I would b waiting

  3. the_guv  July 25, 2009

    @Mike .. tx, always on the look out for new providers.

  4. Mike  July 24, 2009

    I surf anonymous with

  5. the_guv  February 10, 2009

    @robbie, well, frequently I am. tx. @ JennyK, er, good point, they are all private! What I mean is, the smaller ones may be more secure, in this regard. This is a generalisation, but, for example, larger ISP’s may use your details for targeted ad campaigns, to spy on your browsing habits.
    Hmmn, we could talk conspiracy theories here too. Ultimately, any ISP can be hacked, of course. It all depends on how sensitive is the data, before deciding on an ISP, else self-hosting/proxying and so on.

  6. JennyK  February 9, 2009

    hi the_guv, what do you mean by a private ISP? Aren’t they all?

  7. robbie  February 7, 2009

    well done olly. Huh, and I thought you were a thickie 😉

  8. the_guv  February 5, 2009

    @ LinkedUp, DaHia & juanco – big cheers, appreciate the feedback.

  9. DaHia  February 4, 2009

    Great guide. Thanks.

  10. juanco  January 29, 2009

    Great guide. Thanks.

  11. the_guv  January 28, 2009

    @Aaron … many tx, appreciate that.

  12. linkedUp  January 26, 2009

    that’s very useful, thank you

  13. Aaron Wakling  January 21, 2009

    I discovered your homepage by coincidence. Very interesting posts and well written. I will put your site on my blogroll. 🙂

Add a Comment