Five Ready-to-Use Privacy Tools
While one could preach going off the grid altogether to leave no traces at all, that’s barely compatible with a modern lifestyle. You could argue that you should stop using anything traceable – stop using credit cards, stop using mobile phones – but it’s not going to be very helpful, and the burden will quickly be overpowering for all but the most devout. Instead, here are five tools you can use in your daily life as it looks today that will quickly raise your level of privacy significantly:
TOR. Long a tool of choice for dissidents in hostile regimes, it is somewhat hard to set up, and must be carefully validated to be set up correctly, but is one of the most solid network-level anonymizers and privacy guards out there. When configured correctly, this routes all your traffic in a series of extra encrypted random hops around the planet, and your IP address will appear to be from somewhere completely different. Completely random, even. There will be no coupling whatsoever between your actual IP and your apparent IP, nor between your apparent IP and actual identity, which is the effect we desire. Read more at The TOR Project.
Virtual Private Networks (VPNs). Virtual Private Networks also replace your actual IP address with an apparent IP address, but do so in only one encrypted hop. This makes it considerably faster than TOR in most cases. However, VPN services are provided by many different actors, and not all of them are die hard about privacy – there have been cases where less-serious VPN providers kept logs and happily handed over identifying information to hostile authorities.
Remember that what we want to avoid is the coupling between the apparent IP address and your identity, so an absolute requirement is that the VPN provider keep no logs whatsoever of its connections. The problem with that requirement is that it’s impossible to verify, so what you want to look for is a VPN provider that not just claims it doesn’t keep any logs, but also doesn’t need your identity in order to sign up for a VPN connection, negating any coupling between your identity and the VPN service used – if the provider doesn’t have your identity in the first place, you don’t have to trust anybody.
Zero trust is a very good principle in these matters. It doesn’t mean you don’t trust anybody; it means you don’t need to trust anybody, that trust has been made irrelevant.
You shouldn’t have to trust anybody to behave well with your data – it’s much better if they just don’t have it at all. For this, in particular, look for VPN providers that accept bitcoin for payment instead of a (personal!) credit card. If you are really concerned about traceability, you can acquire fresh bitcoin from ATMs with cash for this use, further mitigating traceability. Coin ATM Radar shows a few of them.
Adblockers. These don’t work on the network level, but on the user-data level. A good adblocker will remove a lot of the tracking happening between sites, by shutting out the ad networks from your computer altogether. I would recommend the classic Adblock Plus plugin for Chrome/Chromium and Firefox on desktop/laptop systems. On mobile, this is still something of a problem.
Ghostery. In addition to an adblocker, it also helps to have a plugin that removes the rest of the tracking beacons used to couple your visits between sites. Ghostery is a classic here, available as a plugin for Firefox and Chrome/Chromium.
Signal. Last but not least, sometimes we also want secure private messaging with friends and associates. The go-to choice there is Signal from Open Whisper Systems, available for Android and iOS. It provides both encrypted text messaging and encrypted voice calls, and has the enormously handy feature of detecting when a person you’re messaging also has Signal installed and switching to encrypted mode.
