We live in an era where privacy does not exist, well at least in your digital life. Every search you make, every feedback you give, every contact you add, every conversation you have is tracked and recorded. You know how you have a conversation with your friend about this new watch you’re planning to buy and the next time you open Facebook or Instagram you are flooded with ads for watches. Well, that is not a conspiracy or a surprising this anymore. It’s a mere fact. It may seem impossible to not feel like someone’s watching you all the time in today’s day and age but it can be done! If you are really serious about your internet privacy, you can follow these steps to achieve that.
Maintaining your online privacy has to be a perfect blend of convenience and security. If you are leaning more on the security side, you will have to shed off a little convenience, for example, a simple two-step task of searching for something online can become a 4-step task. Same way, if your priority lies more towards the security side, you have to compromise your convenience. Moreover, having solid online privacy cannot be measured in tools, apps or hacks, it’s in a way a process that you have to undergo. Privacy is not something you can download or install, it’s a process of change in how you deal with the internet. Edward Snowden who I previously mentioned swears by Qubes OS which is an operating system that runs all the other programs on the computer like any other OS, but it’s USP is VM Isolation and it’s an Open Source Software (FOSS) that means the source code is open for everyone and anyone can edit it as per their needs. One approach that is starting to become popular that even Qubes follows is security by compartmentalization. And adopting this approach in your own life should be the first step to take if you are serious about your online privacy.
Security by Compartmentalization
Among the top researches of cybersecurity, security by compartmentalization is considered being the most effective way to protect your information assets. It comes from an assumption that any system no matter how secure it claims to be, will eventually get breached in some way or another. And that no system can be perfectly secure, the side of the attacker is always the heavier side. This strategy applies even more to average users. In order to function in modern internet-driven society, you have to give up at least some of your personal information and these days, most of your private information. So the goal of ‘Security by Compartmentalization’ is to take control over who gets access to what information and prevent the sources to get access to the whole package but only to the information necessary for the app or the service to deliver the desired function. The easiest way to understand how it works is to look at our own personal lives. You as a human being living in a society naturally divide all the people you know into different social groups right, like your immediate family, your school friends, your colleagues, your relatives, etc. And you wouldn’t like it if the information that your closest friends have about you to be passed on to your colleagues right? Security by Compartmentalization works in a similar fashion, it is a virtual wall to prevent information of these two ‘two social circles’ to be passed on to each other.
Privacy by Compartmentalization is pretty simple to execute. You will basically have to create carefully separated classes of data. Each compartment will revolve around a different sphere of your identity. If you want more security, you will have to build strong walls between these compartments. The first compartment is usually for your personal identity which separates your business/work related data with the rest of your online presence. The second compartment includes all your social media data, this is to make sure you keep away all the advertising giants away from your digital life from their social platforms. The third compartment is for your private identity where all your light browsing activities like watching videos on YouTube, or reading an article, or taking a quiz, or buying something off Amazon falls into place.
These are the three major compartments that apply in almost every person’s life. You can add more compartments once you master this concept. But for beginners, it’s better to start with these basic ones. The goal is to minimize the possibility of linking one class of data to another. If somebody knows your professional identity, they wouldn’t be able to figure out what you do in your social or private spheres. And likewise, even if the information on your private life falls into the hands of the adversary, they wouldn’t be able to tie it back to your real identity. An adversary doesn’t have to be someone with very hostile intentions, it’s simply anyone who wants access to your information. It can be a government employee, a hacker, or even your spouse.
Compartmentalization has become a must because modern technology can use a combination of cookies, tracking scripts, advertising and collect data across multiple channels from mobile to desktop across different channels and apps, online and offline. Without compartmentalization, each time you visit a store, go to a website or install an app, you are essentially giving up your entire record from the past into the future. We build these compartments by completing the maximum possible separation in choosing our providers and who gets to see our data. For this reason, we are going to get out of the ecosystem trap, because that forces us to put all our eggs in one basket. It is not a great idea to entrust one provider with everything we do on the internet. So in each compartment, we are going to use different software, a different provider, as much as we can and we also need to block as many tracking attempts as functionally feasible.
Compartment 1: Professional Identity
The first compartment that you need to make involves your real identity i.e. your work and business related presence on the internet. The number one step to do here is to make a separate work email and isolate online identity with your real identity from everything else. Also, as mentioned earlier, each compartment should have its own browser. And the one that I would recommend for your professional identity is the privacy hardened Firefox. Before you use this, you need to download some mandatory add-ins and also tweak some settings to harden the privacy even more.
The four main privacy extensions that you need to install are:
1. uBlock Origin – This extension will help you block Ads and Trackers but will do this in a slightly advanced mode, it will build better walls around our professional browser.
2. HTTPS Everwhere – This will automatically switch all the insecure HTTP websites into secure https.
3. Decentraleyes– It prevents a lot of requests from reaching networks like Google Hosted Libraries and serves local files to keep sites from breaking.
4. Cookie Auto-delete – This extension will help to delete the cookies that can track us across websites. Make sure that you tick the box which says ‘Auto-clean’ in the settings.
There are other privacy extensions available, but this combination will do everything we need to do! The next step will be to change Firefox settings so that you are always browsing on private mode and also set up content blocking, this means you will never have any browsing history. This prevents your browsing habits to be tied to your identity. For your convenience, you can bookmark websites so that you can easily access them.
Pro Tip: Make a habit to close your browser and restart your session frequently to delete all cookies and data.
uBlock Origin Advanced Settings: Go to the dashboard and check the box for ‘I am an advanced user’ then check on all boxes under Privacy settings and also disable JavaScript. Then move on to the uBlock origin menu and turn the rectangles beside ‘Third party scripts’ and ‘Third-party frames’ red. Then click on the ‘lock’ icon on the corner to remember your changes. These few settings will now apply globally to your internet usage and will block all third-party requests. Sometimes you may have to re-enable Javascript for some websites to work well.
If you need to check your emails from Google, Yahoo, or Hotmail, you can install a privacy-friendly email client like Thunderbird. Remember, that Google can still see all your web traffic and web trackers if you are signed into your account. Proton Email is also a great app that you can use for your emails, and you can also easily transition your current email address to Proton. For mobile devices, you can use DuckDuckGo which is another privacy sealed browser. Be careful not to mix activities from different compartments together.
Compartment 2: Social Identity
Building the second compartment is easy. In this, we are going to create a Firefox profile for desktop with the exact same settings and extensions. To do this, you just need to go to ‘About’ profiles, create a new profile, and name it with an identity. You can even keep the names the same as your professional identity. Open the ‘Roots’ directory and copy all the files from your default profile to your social profile. If you want to be extra sure about none of your browser data being shared, you can manually change all the settings again. You will be using this profile only for all your social media accounts, except for YouTube. If you want to increase the security, even more, you can disable all third party requests globally. It is recommended to apply more granule or tinkering and only allow scripts that are specific to each social site. So for eg, for Facebook, it will only apply the Facebook script. Remember, that all your likes, shares, comments, and views will be recorded and stored forever. How you use your social media is not always in your hands. When you install any social app, it can pull out an insane amount of data including your location, biometric data, contacts, your voice, messages, photos, basically everything that is on your phone. One way you can mitigate this is to sandbox the web versions of your social media sites through an app called Web Apps. What this application does is that it gives each social media site its own sandbox where a site runs with all third-party requests, scripts, cookies, and blocks with forced encryptions and illuminated referees.
If you wanna use social media, it is important to keep them in a separate compartment and reevaluate how much information are you willing to trade with the benefits and dopamine boost that you get from using them. On your mobile device, you can set up Firefox Focus and make it your default browser for opening all links. It is also recommended to not use any other professional or real name emails for your social media. Using them makes you more vulnerable to hacking. TutaNota is another helpful tool that can help you protect your privacy. You need to first register all your social media sites on this app and it gives you that extra blanket of privacy.
Almost all major social media sites request your phone number. The only reason that they want it so that they can get easy access to all your social media contacts and study your social graph. To mitigate this, you can get a burner phone. It is your basic Nokia brick phone which has no GPS, or Bluetooth or even a camera. And then get the cheapest Sim Card out there from a local store. This phone will be used for basically nothing, only to give social media a contact number when they ask for one. I also recommend that you should ditch their messaging apps for Signals. This basically means that all your chats and calls are end to end encrypted by default signal. This app does not record your contact conversations, location, user data, and sender information. On Android, it can even handle your SMS.
Compartment No 3: Private Identity
This is the last compartment that you need to build. This is where everything you do in private belongs so basically watching YouTube videos, making online purchases, general browsing, reading news, etc. The best tool to keep your browsing record anonymous is the Tor browser. On Android, you can duplicate the same setting with two apps: Orbot to route traffic through the Tor network and Orfox to tour the web. Any android app can be rerouted through Tor via Orbot if they support it. Moreover, there is only one strict rule about Tor that you should never break is to never change any default setting in the browser and to never download any extensions or plug-ins in the browser, it defeats the entire purpose. Also, you may take a little while to get used to working on this browser as it completely disables Javascript. Another easier browser that you can go for is the Onion Browser. Also, you cannot make online purchases with any of these browsers so once you finalize the product you wanna buy, just copy paste the link on Firefox. Also, make a separate identity/email through Mailfence for all your online purchases. Using Tor with your real name is essentially a waste of time.
The Final Step: BUILD THE WALLS
Now that you have built your compartments, the rest of the job is to build strong walls between these compartments. You need to prevent your identities from hackers, as dramatic as this sounds, it is true. They are everywhere. A good practice is to have a unique and strong passphrase for each online account. You can use KeePassXC to do this for you. It basically generates complicated passwords and stores them securely. Passwords are useless without two-factor authentication. For this, you can use an authenticator app like free and open-source and OTP. Another way to ensure that your walls are strong is to choose providers which are transparent (free & open-source) and respect your freedom. Also, find alternatives like Inkspace for Illustrator and LibreOffice for MS Office. To find more such alternatives f-droid is a safe version of the Playstore where you can find an array of safe apps.
Now that you have properly separated your identities from your online presence and carefully segregated your service providers there are two things that can give away your identity. Your IP address and your device.
• Tor is a great way to make your IP address untraceable, but it doesn’t apply to online accounts, online banking or YouTube videos. VPN is helpful to mask your IP address too. There are a lot of VPN services out there you can choose the best one. You can do your research from thatoneprivacysite.net.
• We all either use Windows, MacOS, Android or iOS. Your next big step should be to protect your device by ditching these ecosystems and going for a more viable option like Linux. It is a diverse platform that provides no one unified operating system but a plethora of different combinations of kernels, desktop environment, and applications. It makes a healthy digital environment that is sustainable into the future. If you want to experiment with Linux, you can download Virtual Box from Oracle and play around with Linux, Ubuntu, Linux mint cinnamon or other distros. Qubes is another excellent OS I can vouch for.
Overwhelming isn’t it? Well, if you truly recognize the seriousness of the privacy issues that have been going around and want to keep yourself safe from all this, doing these steps should be a piece of cake. I will leave you with one last pro tip is to encrypt all of your devices with built-in or third-party software. You can use Veracrypt to do the same. Also, your privacy cannot be summed up in just one huge article. It’s a never-ending process, so make sure that you stay updated on new knowledge about data.
Enjoy surfing the web safely!
