We live in a world of mass surveillance. Here are some tips for staying anonymous while still staying online.
Some might say the internet was built on anonymity, paving the way for a place where free speech reigns supreme.
But after years of learning about who's snooping into everything we do online, privacy on the web is a more popular topic than ever. But it's not just about government spying; it's also about how much big companies like Google, Facebook, and Microsoft have collected in order to serve up targeted ads.
There are always going to be good reasons for people to go online without being tracked. It may be the only way for a real whistle-blower to get by now, considering how some have been treated.
Is it even possible to take control of your own personal privacy online? Some 28 percent of Americans are "not confident at all" that the federal government can keep their personal information safe from the prying eyes of unauthorized users, and 24 percent lack any confidence that social media sites can either, according to Pew.
Ultimately, the only way to stay truly anonymous online is to not go online at all. Since that's not really an option for most of us, here's a rundown of what you can do to minimize the spying, the targeted advertising, and ID theft as you explore the world online.
Check Your System
Phone Call Confidentiality
If you want to be anonymous, forget the smartphone. The big-name OS makers are control freaks (Apple) and ad servers (Google). If you want to be anonymous on a phone, your choice is a prepaid phone, a.k.a., a burner.
Even with a burner, call records exist, and you could be triangulated via a GPS. The upside of a burner is not having your real name associated with the device. And as you see in the movies, you can always throw the phone into a passing truck and lead whoever might be tracking you on a merry goose chase.
But when you've got an expensive smartphone, getting more hardware is a pain. Thankfully, there are apps aplenty to get you temporary, anonymous numbers you can use with Android or iOS.
Build the Firewall
Is your desktop or laptop computer connected directly to a broadband modem? That's a very bad idea. Hackers are constantly bombarding IP addresses to see if they can get onto a system.
You should always have a router on your home network that can mitigate that with its built-in firewall. A router uses Network Address Translation, or NAT, to assign an IP address to every device on your home network, which are then only visible on that network. Direct attacks can sometimes be stopped dead right there. Plus, you need the router for sharing the internet connection and Wi-Fi.
Some ISPs' modems come with a built-in router, so that should keep you covered. For more, see our roundup of Best Wireless Routers, any of which will help protect your home.
You can also use firewall software installed on your PC. Windows 7, 8, and 10 all come with a pretty decent solution called, you guessed it, Windows Firewall. You can also find firewalls as part of suites likeSymantec Norton Security Premium, but usually, you don't really need a firewall if you use the one that ships with Windows.
If you want real anonymity based on your OS, stop using Windows or macOS on the desktop, and go to a Linux distro that specializes in all forms of keeping you secret. Your best bet is Tails: The Amnesic Incognito Live System.
Sleuth Your Own Stealth
What does your computer (or tablet or smartphone for that matter) give away about you when you visit websites? At the very least, the site knows your IP address (and that's necessary, otherwise you'd get no results). In most cases, it also knows your approximate physical location (by checking where your ISP supplies those IP addresses, see it in action at IPLocation), and probably your time zone and what language you speak all good info for advertisers. Your browser can also report on your operating system, browser type, and what versions of software you run for browser plug-ins. It even reports on the fonts you have installed. All of which can add up to giving your system a unique fingerprint.
If you don't believe it, visit MyBrowserInfoor BrowserLeaks.com for a full report. Then check out the EFF's Panopticlick tool to see how well your browser is protecting you. They'll push their worthwhile browser extension called Privacy Badger at you; it monitors sites that monitor you.
Make sure your browser isn't storing too much about you. In the settings menu, turn off the ability for the browser to store the passwords you use to access websites and services. That can be a pain, as you should have a different password for every service you use. The best alternative is to use apassword manager.
Browsers also store things like images, surfing history, and what you've downloaded, as well as cookie files, which can remember helpful things like settings and passwords. Obliterate that info occasionally, in Chrome, IE, and Firefox, type Ctrl+Shift+Del to get a pop-up that helps you get rid of them. Use a product like SlimWare Utilities SlimCleaner(Windows only) to nuke such files for all the browsers you run.
Major browsers also have anonymous surfing modes. In Google Chrome it'scalled Incognitoo (Ctrl+Shift+N to access); in Firefox it's Private Browsing and in Microsoft Edge and Internet Explorer it's In Private browsing (Ctrl+Shift+P for the latter two). That will prevent the browser from saving info on pages visited, whatever you search for, passwords, cookies, downloads, and cached content like images. You should also turn on the Do Not Track option in your browser's privacy settings if it's offered. It's not used by all sites, but it can't hurt. Better yet, install the Ghostery browser, which blocks all sorts of trackers, it's a lot like Privacy Badger, but gives you a little more control.
There are also a number of browsers that bill themselves as privacy-focused. Of course, they all use the same rendering engines as the big names, especially Google's Chromium engine, but the difference is the browsers don't share any info with Google.
Examples include Epic, Comodo Dragon,Comodo IceDragon (based on Firefox),Dooble, and of course the Tor Browser.
If you're looking for a more mainstream browser with some extra security, consider getting Opera, it has a free VPN built right in. (Note that it only protects the browser traffic, not the other apps that utilize the internet.)
You should also start using a different search engine than Google, Bing, or Yahoo, all of which want to sell, sell, sell you. Instead, try DuckDuckGo, which doesn't track you or sell your info, it says or these other options.
Keep in mind, using stealth modes and special browsers don't make you completely anonymous on the web, but they do prevent sites from writing info to your computer, including cookies, which can later be read by other sites to figure out your browsing habits.
Proxies and VPNs and Tor, Oh My
The way to ensure outsiders don't gather information about you while you're browsing the web is to appear to be someone else in a different location. This requires a proxy server and/or a virtual private network (VPN) connection. With the right combo, you can not only be anonymous, but surf sites in other countries as if you're a native.
Proxies aren't for newbies, but Foxy Proxy can get you started. It works with Firefox, Chrome, and IE and offers proxy services and VPN tools.
VPN services are everywhere. They have the advantage of not only securing the traffic between your computer and servers but also masking your IP address and location. For example, by connecting through my work VPN, sites believe I'm at corporate HQ, even though I work from home.
VPNs also double as a way to get access to location-blocked content, if you are in a country that can't get the BBC iPlayer or Netflix, for example, a VPN could be your ticket. Netflix, however, has cracked down on this.
VPNs range from super simple and free (albeit ad-supported), like Hotspot Shield, to high-end subscription services like NordVPN.
No discussion of anonymity online is complete without mentioning Tor. The name comes from once being the acronym for "The Onion Router", the implication being there are many layers of security offered.
Tor is a free network of tunnels for routing web requests and page downloads—it's not the same as a VPN, but might be even more secure when it comes to your identity. It's supposed to make it impossible for the site you access to figure out who you are. But does it?
The NSA's spying controversy leaked by Edward Snowden in 2013 included what some thought was a workaround to identify users of Tor. But it wasn't that simple. As explained by security expert Bruce Schneier in The Guardian, the NSA actually monitors what's called the Tor "exit nodes", they could tell users were using Tor, but not who the users were. By setting up a "man in the middle" attack, the NSA pretended to be the site the user wanted (Google, for example) and could send data back to the user that would take advantage of exploitable holes in the browser, not a hole in Tor.
The lesson there: keep your browsers up to date, or use one of the previously noted anonymizing browsers.
Guess who else has an anonymizing browser? Tor, that's who. It's a browser bundle for Windows (run it off a flash drive to take with you), macOS, or Linux; it's available in 16 languages. There's also Tor's own Orbot proxy app for Android, and a free third-party Onion Browser for iPhone and iPad.
Tor is still not entirely foolproof, perhaps—the theory is you could still be tracked by someone skilled enough (even if they can't read what you send). Thankfully, MIT researchers are already working up a brand new protocol called Riffle that would use the same techniques as Tor on a more advanced scale. No word on when, or even if, it will become available.
As nice as it is to remain anonymous as you surf, it is far more essential for your email to go unnoticed if you want to avoid spam or surveillance. The problem is, email simply wasn't built with security in mind.
There are secure email services, of course, which use encryption to scramble what you send and require the recipient to have a password that decrypts your message. Edward Snowden used a service known as Lavabit, which was so secure the government insisted that it hand over the private keys of users.
Lavabit, to its credit, immediately shut down to protect its customers. Last year, however, it returned with even more user-forward security features. So be aware that just because you use such a service doesn't mean it can't be compromised, or won't die just to protect you.
If you want a Webmail service that's going to handle encrypted messages, Proton Mailis considered the top of the heap. With a data center in privacy-minded Switzerland, the service has a free tier or charges 5 euros a month for the full service. It keeps all your email info secure from search and has a connection directly through the Tor network (once you set it up).
You might think your Gmail account is safe since you see that lock icon on the browser, and access it with a secure sockets layer (SSL) connection (indicated by the https:// in the URL). But SSL only encrypts data as it is transferred from your device to the server. Google still needs to read your email a little bit to tweak the advertising it places on Gmail. And that is always going to be a problem with web-based services.
That said, there are tools to encrypt web-based email. Streak makes a Google Chrome extension called SecureGmail that does the job, asking you for a key to encrypt sent messages. The recipient will be prompted to also install SecureGmail. You give them the key and you've got end-to-end encryption. Mailvelope is another extension (for Chrome and Firefox) that will secure