Basic Tips on Browsing Privacy

In Brief

  • When you visit a website you give away information about yourself to the site owner, unless precautions are taken.
  • Your browsing on the Internet may be tracked by the sites you visit and partners of those sites. Use anti-tracking software.
  • Visiting a website on the Internet is never a direct connection. Many computers, owned by many different people are involved. Use a secure connection to ensure your browsing can not be recorded.
  • What you search for is of great interest to search providers. Use search anonymising software to protect your privacy.
  • It is wiser to trust Open Source browsers like Mozilla Firefox as they can be more readily security audited.

Your browser talks about you behind your back

All browsers communicate information to the web server serving you a web page. This information includes name and version of the browser, referral information (a link on another site, for instance) and the operating system used.

Websites often use this information to customise your browsing experience, suggesting downloads for your operating system and formatting the web page to better fit your browser. Naturally however, this presents an issue as regards the user's own anonymity as this information becomes part of a larger body of data that can be used to identify you individually.

Stopping the chatter of your browser is not easily done. You can, however, falsify some of the informtion sent to web servers while you browse by altering data contained in the User Agent, the browser's identity. There is a very useful plugin for Firefox, for instance, called User Agent Switcher that allows you to set the browser identity to another profile selected from a drop down list of options.

Web sites can track you as you browse

Small files, called cookies, are often written onto your computer by web sites. Cookies present certain conveniences, like caching login data, session information and other data that makes your browsing experience smoother. These small pieces of data however present a significant risk to your right to anonymity on the web: they can be used to identify you if you return to a site and also to track you as you move from site to site. Coupled with the User-Agent, they present a powerful and covert means of remotely identifying your person.

The ideal solution to this problem is deny all website attempts to write cookies onto your system but this can greatly reduce the quality of your experience on the web.

See the chapter Tracking for guides as to how to stop web servers tracking you.

Searching online can give away information about you

When we search online using services like Bing or Google our right to privacy is already at risk, vastly more so than asking a person at an Information Desk in an airport, for instance.

Combined with the use of cookies and User Agent data this information can be used to build an evolving portrait of you over time. Advertisers consider this information very valuable, use it to make assumptions about your interests and market you products in a targeted fashion.

While some customers may sing the praises of targeted advertising and others may not care, the risks are often misunderstood. Firstly, the information collected about you may be requested by a government, even a government you did not elect (Google, for instance, is an American company and so must comply with American judicial processes and political interests). Secondly there is the risk that merely searching for information can be misconstrued as intent or political endorsement. For instance an artist studying the aesthetics of different forms of Religious Extremism might find him or herself in danger of being associated with support for the organisations studied. Finally there is the risk that this hidden profile of you may be sold on to insurance agents, provided to potential employers or other customers of the company whose search service you are using.

Even once you've ensured your cookies are cleared, your User Agent has been changed (see above and chapter Tracking) you are still giving away one crucial bit of information: the Internet Address you are connecting from (see chapter What Happens When You Browse). To avoid this you can use an anonymising service like Tor (see chapter Anonymity). If you are a Firefox user (recommended) be sure to install the excellent Google Sharing add-on, an anonymiser for Google search. Even if you don't consciously use Google, a vast number of web sites use a customised Google Search bar as a means of exploring their content.

With the above said, there are no reasons to trust Google, Yahoo or Bing. We recommend switching to a search service that takes your right to privacy seriously: DuckDuckGo (http://duckduckgo.com/).

More eyes than you can see

The Internet is a big place and is not one network but a greater network of many smaller interconnected networks. So it follows that when you request a page from a server on the Internet your request must traverse many machines before it reaches the server hosting the page. This journey is known as a route and typically includes at least 10 machines along the path. As packets move from machine to machine they are necessarily copied into memory, rewritten and passed on.

Each of the machines along a network route belongs to someone, normally a company or organisation and may be in entirely different countries. While there are efforts to standardise communication laws across countries, the situation is currently one of significant jurisdictional variation. So, while there may not be a law requiring the logging of your web browsing in your country, such laws may be in place elsewhere along your packet's route.

The only means of protecting the traffic along your route from being recorded or tampered with is using end to end encryption like that provided by TLS/Secure Socket Layer (SSL) or a Virtual Private Network (See chapter VPN). Online banking websites and webmail services like GMail use SSL to secure connections between your browser and the server. A TLS/SSL connection in the browser, when using webmail, will appear with https in the URL instead of the standard http, like so:

https://gogglemail.com

Your right to be unknown

Beyond the desire to minimise privacy leakage to specific service providers, you should consider obscuring the Internet Address you are connecting from more generally (see chapter What Happens When You Browse). The desire to achieve such anonymity spurred the creation of the Tor Project.

Tor uses an ever evolving network of nodes to route your connection to a site in a way that cannot be traced back to you. It is a very robust means of ensuring your Internet address cannot be logged by a remote server. See the chapter Anonymity for more information about how this works and how to get started with Tor.

encs/cph/basic-tips-on-browsing-privacy.txt · Poslední úprava: 2013/01/12 23:05 (upraveno mimo DokuWiki)
 
Kromě míst, kde je explicitně uvedeno jinak, je obsah této wiki licencován pod následující licencí: CC Attribution-Share Alike 3.0 Unported
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki