In an age when we’re slowly losing our privacy, here’s what you can do to hide your tracks. By Shweta Taneja
The days of privacy online are fast coming to an end. In April, the Union government quietly began rolling out the Central Monitoring System (CMS), a one-stop surveillance service that will monitor not only your cellphones (voice calls, SMS, MMS) but also your online activity (social networking sites, browsing content, and possibly more).
Much like the PRISM surveillance programme run by the US government (which collects the personal online information of its citizens without informing them), the CMS can bypass mobile companies and dig directly into phone calls, texts, emails and social media activity. PRISM was largely unknown to the public until a whistleblower disclosed the details recently after fleeing to Hong Kong.
“If the government wants to track certain people for the security of this country, that’s not the problem,” says Delhi-based Anja Kovacs, project director of the Internet Democracy Project, which researches on and advocates online freedom. “The problem is that there’s no clarity from the government on who can see what all of this private information about you. Who can access your information? Under what circumstances and why?”
By law, all cyber cafés in the country are already supposed to keep a log on who you are and which sites you visited while at the café. Even activity on private Internet connections is tracked by your Internet service provider (ISP), which is legally bound to share it with government agencies if requested.
“Ideally all of us should have a choice to be anonymous. What if I have some embarrassing sexually-transmitted disease on which I am talking to a doctor online? I am not doing anything illegal but it’s embarrassing for me if someone finds out about it,” says Kovacs. There are times when you don’t want anyone, be it your ISP, the government, the media, your neighbour, your spouse, or Trojan Horses to peep into what you are doing. For those times, here’s how you can become “almost” invisible online.
■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■
Create a private network
Who doesn’t like the word free? It’s quite tempting to use free Wi-Fi on your smartphone while waiting for that flight or having a cup of coffee, but it’s far from safe. Data sent across a public Wi-Fi is usually completely unencrypted, so to spy on you, people only need to be on the same Wi-Fi network as you. To avoid this and still use the free Wi-Fi, install Hamachi, which creates a Virtual Private Network (VPN) between two computers via the Internet. Once installed, you can connect to your always-on home computer through the public Wi-Fi and then visit any websites securely.
Hamachi is free and works for Windows, OS X and Linux.
Stash the cookies
Cookies are those tiny little logs that websites dump on your computer every time you visit them. With these on your computer, the websites can then track your activity on their pages and sometimes (as in the case of the Facebook “Like” button or the Twitter “Follow” button), even track your activity on other websites. These cookies can be blocked with a simple plug-in DoNotTrackMe.
DoNotTrackMe is free and can be used for Internet Explorer, Chrome, Safari and Firefox.
Clean it all
Begin with a clean chit by deleting all the temporary files, history and cookies indices your usual Internet browser might have stored about you. All in the name of better service or quicker loading. CCleaner is the ultimate broomstick that will wipe away all the flotsam from Internet Explorer, Mozilla Firefox, Google Chrome, Opera, Safari and log files from both Windows and Mac PCs.
CCleaner is available for Rs.1,593.63.
Tidy up the torrents
Every time you’re using torrents to share files, the ISP can track your name, and also track where you’re downloading the files from. If you’re downloading anything personal in nature, then it’s best to add protection by using the BTGuard, which is a proxy server and encryption service. The BTGuard uses a virtual fake address to funnel your Internet traffic through another server, so that it cannot be traced back to you.
BTGuard costs $6.95 (around Rs.415) a month or $59.95 for 12 months.
Keep the firewall up
You might be protected and anonymous to your Internet service provider (ISP) and hide your computer’s identity, but simple Trojan Horses can grab those documents from right under your nose and send them off to someone else. The solution is a Firewall, a necessary evil for today’s connected times. Either Avast or Clamav will protect your computer from trojans, viruses, malware and malicious threats.
Avast Antivirus works for Windows and Mac and Clamav works for Windows. Both are free.
When you send an email to someone, its plain text passes through servers across countries, making copies. Which means that anyone who can access any of those servers can read the message. Companies monitor the emails sent by employees and governments monitor the emails sent by citizens. The most problematic are phishing networks which might be able to abuse private message content sent in an email.
All this can be checked if the message is an encrypted one, not plain text. The easiest email client for this is Mozilla Thunderbird — an email client like Microsoft Outlook, but with better security. With an Enigmail extension, it lets you encrypt the email by clicking a little key icon on the lower right of the Compose windows.
Mozilla Thunderbird is free and works for Linux, Mac OS X and Windows.
Use a Web-based proxy
Just like your home, your computer has a unique address called its Internet Protocol or IP address. When you log in online or open a Web page, this address goes through your Internet service provider (ISP) to the website you are trying to log in to. Both the website and the ISP use that IP to track your activity. A Web-based proxy creates a virtual address for your computer so that your real IP address remains hidden when you are online. Proxify (Proxify.com) is a paid, one-click install system for Windows or Mac or Firefox browsers which encrypts all communication and hides your IP address. If you don’t mind advertisements, there are many online Web-proxies you can use to get a virtual IP address.
For a list of free online services head to Free Proxy (www.freeproxy.ca). But do remember that any proxy website you use may be able to see and store your user names, passwords, credit information, etc. Or, in some cases, even read your email. Because of this, a paid service is generally a safer option.
Proxify is available for Rs.2,400 for three months.
Use the TOR network
One of the oldest and most reliable ways to confuse tracking of online activity, TOR is short for The Onion Router. The browser is an open and free software which takes your online query through a network of virtual tunnels. TOR uses the IP addresses (a unique address for each computer) of a volunteer network of more than 3,000 relays from across the world. This means that every time you log into the online world, your computer will show a different IP address to your service provider or anyone else watching your activities, making it nearly impossible to track your computer.
TOR is free and works with Windows, Mac, Linux and Android.
Keep the S on in HTTPS
When you log into a website, HTTP (Hypertext Transfer Protocol) is a road on which data travels between your computer and a website. The S at the end of HTTPS stands for Secure and makes sure that the data you transfer to a website is encrypted and cannot be read by a bystander. With HTTP, the data is sent as it is, which means any spyware stalker lurking around can read and copy your data. Most websites offer the HTTPS protocol today but for those who are still in the low echelons of security, you can install the HTTPS Everywhere, an extension for Firefox and Chrome which encrypts all your communication to websites which might be defaulting to an unencrypted HTTP.
HTTPS Everywhere is free and works with Firefox and Chrome.