From VPNs to password managers, here are 8 must-have tools for online privacy.
In theory, the traditional way of shielding internet use from ISPs can be achieved using a VPN provider.
A VPN creates an encrypted tunnel from the user’s device and the service provider’s servers which means that any websites visited after that become invisible to the user’s primary ISP. In turn, the user’s IP address is also hidden from those websites.
Notice, however, that the VPN provider can still see which sites are being visited and will also know the user’s ISP IP.
Why are some VPNs free? Good question but one answer is that they can perform precisely the same sort of profiling of user behaviour that the ISP does but for commercial rather than legal reasons. In effect, the user has simply swapped the spying of one company, the ISP, for another, the VPN.
Post-Snowden, a growing number advertise themselves as ‘no logging’ providers, but how far the user is willing to go in this respect needs to be thought about. Wanting to dodge tracking and profiling is one thing, trying to avoid intelligence services quite another because it assumes that there are no weaknesses in the VPN software or even the underlying encryption that have not been publicly exposed.
With 1Password you can store a vast amount of information from account details and passwords to bank details and loyalty schemes and what’s great is that it will auto fill web forms for you once these are stored.
1Password also enables Touch ID which uses your fingerprint for entry, which adds an extra, and useful layer of security.
In addition, to make sure all your current passwords are up to code, there is an audit function that will highlight weak passwords and generate stronger ones for you to replace them with.
If you’ve been on the hunt for a password manager for a while now, you’ll have heard of LastPass, and with good reason. It really is one of the best out there.
Although, that’s not to say that it’s been smooth sailing. In 2015, LastPass was hacked in 2015, with email addresses, master passwords and hints all breached.
Since this, LastPass really has redeemed itself, offering end-to-end encryption at device level, so even LastPass can’t see your passwords.
All browsers claim to be ‘privacy browsers’ if the services around them are used in specific ways, for example in incognito or privacy mode. As wonderful as Google’s Chrome or Microsoft’s Edge might be their primary purpose, isn’t security. The companies that offer them simply have too much to gain from
The companies that offer them simply have too much to gain from a world in which users are tagged, tracked and profiled no matter what their makers say. To Google’s credit, the company doesn’t really hide this fact and does a reasonable job of explaining its privacy settings.
Firefox, by contrast, is by some distance the best of the browser makers simply because it does not depend on the user tracking that helps to fund others. But this becomes moot the minute you log into third-party services, which is why most of the privacy action in the browser space now centres around add-ons.
Privacy search engines
It might seem a bit pointless to worry about a privacy search engine given that this is an inherent quality of the VPN services already discussed but a couple are worth looking out for. The advantage of this approach is that it is free and incredibly simple. Users simply start using a different search engine and aren’t required to buy or install anything.
The best-known example of this is DuckDuckGo. What we like about DuckDuckGo is it protects searches by stopping ‘search leakage’ by default. This means visited sites will not know what other terms a user searched for and will not be sent a user’s IP address or browser user agent. It also offers an encrypted version that connects to the encrypted versions of major websites, preserving some privacy between the user and the site.
In addition, DuckDuckGo offers a neat password-protected ‘cloud save’ setting that makes it possible to create search policies and sync these across devices using the search engine.
Oscobo UK search
Launched in late 2015, Oscobo returns UK-specific search results by default (which DuckDuckGo will require a manual setting for). As with DuckDuckGo, the search results are based on Yahoo and Bing although the US outfit also has some of its own spidering. Beyond that, Oscobo does not record IP address or any other user data. According to its founders, no trace of searches made from a computer is left behind. It makes its money from sponsored search returns.
Techworld’s sister title Computerworld UK recently covered the issue of alternative DNS nameservers, including Norton ConnecSafe, OpenDNS, Comodo Secure DNS, DNS.Watch, VeriSign and, of course, Google.
However, as with any DNS nameserver, there are also privacy concerns because the growing number of free services are really being driven by data gathering. The only way to bypass nameservers completely is to use a VPN provider’s infrastructure. The point of even mentioning them is that using an alternative might be faster than the ISP but come at the expense of less privacy.
Available on 126.96.36.199 and 188.8.131.52, DNS.Watch is unique in offering an alternative DNS service without the website logging found on almost every rival. We quote: “We’re not interested in shady deals with your data. You own it. We’re not a big corporation and don’t have to participate in shady deals. We’re not running any ad network or anything else where your DNS queries could be of interest for us.”
Now part of Cisco, the primary is 184.108.40.206 with a backup on 220.127.116.11. Home users can simply adjust their DNS to point at one of the above but OpenDNS also offers the service wrapped up in three further tiers of service, Family Shield, Home, and VIP Home. Each comes with varying levels of filtering and security, parental control and anti-phishing protection.
You might also want to look into some privacy apps and software to support other things in the list. You should consider:
Two-factor authentication: Given the amount of data users are storing, using two-factor authentication (2FA) is an absolute must. This can be set up using a mobile app such as Google Authenticator, Authy or FreeOTP.
Backup and Sync: You should sync data across multiple devices in an encrypted state, whether that be with Google or other providers such as Dropbox or Box, for example.