How to ensure your privacy on the net

Most people these days are aware that the net is a wild frontier and that a surfer needs to be careful. However, I thought that I would give some advice to those of you who have no idea how ensure their privacy or might want to be better at it.

Personal information

First of all, whenever you’re surfing the net and a website ask you for personal information, like birthday, social security number, address you should be careful. My advice is to never enter real information, even your name. Find yourself a nickname that you won’t be ashamed of and stick to it. It might be as simple as John Smith, Jane Doe or your favorite author.

Here are the only valid exceptions to that rule:

• If you need to be officially identified, for example, with a government agency, then you’ll have to enter your real information.
• You need something delivered, enter your real name and address. Nothing else. They don’t need your birthday.

If you need to enter sensitive information, like birthday or social security number, make sure it’s a secure website. Non government sites should always be suspicious.

If a site ask for your age making you enter your birthday, enter the real year, but not the the real month or day.

Credit cards

Never use a real credit card to buy online. Use debit cards, also known as prepaid credit cards. The best way to deal with those is to keep the debit card empty and only put money on it when you need it. If you don’t and your debit card data gets hijacked they’ll be able to suck it dry. It happened to me once.

The safest way, when possible, is to use Paypal or a similar payment service. You can give them your real credit card information and they will pay the merchant by taking money from your card.

If the merchant doesn’t accept debit cards or Paypal, maybe you should find another site who sells the merchandise you’re looking for which will accept either of those. Amazon is great for that.

If you have no choice, then you have to be careful and make sure the site is safe. I usually only trust airlines and banks.

Full Anonymity

Full anonymity is difficult to achieve on the web, but it’s possible.

There are two things you need to take into consideration when surfing the net. One, your geographical location can be traced because each connection to the web has an IP address to identify it and it can be traced to its source.

The second is that every device connected to the web has a MAC address that identify it uniquely. It is thus possible to trace back the one who bought the device.

The best way to avoid those pitfalls are to first buy your device anonymously. You pay cash and you don’t use any real personal information. You can easily do that by buying a second hand device, nobody ask any information when you do that, just don’t use a small ads website for the purchase, though. You can also buy a device in a store but be sure to pash cash and do not give any personal information, you have a right to your privacy.

Second, use internet connections in public spaces only. That way, since the IP address are reused within the network, they can never be tracked down more specifically than the public place. For heightened privacy, use a different public space each time, never close to home or work.

To make sure you stay anonymous, use your anonymous device only in a public place, never anywhere you can be traced, like home, work, or a friend’s.

For maximum anonymity, buy a cell phone anonymously, like you did your device, and only use it for your anonymous web activities, and never recharge it by any electronic mean, pay cash. You should even create an email account with it and only check it from a public place. For the truly paranoid, buy a new cell or device every so often.

Now, do you really need to do this? Of course not, those are extreme measures. If you ask me, the anonymous device is a bit much. The anonymous connection is more easily managed if you pick a spot that isn’t close to home, work or in between.

Email accounts

You should never trust confidential emails to a standard email service like Google, Hotmail or Yahoo. Use those for your regular communications, which should account for more than 99% of them.

For the most confidential of emails, you should use an encrypted service. The most secure one I know is ProtonMail (https://protonmail.ch/). The only problem with that service is that at this moment, you need to get on a waiting list to get an account. It doesn’t take long to get it, a few weeks, but there is a waiting period.

If you’re in urgent need, there is always HushMail (https://www.hushmail.com/). However, their administrator have access to your unencrypted messages, which is not the case with ProtonMail.

A final advice would be to create a sort of trash email account for when you need to register on a website or whenever you are asked to enter your email address on the web. That account will quickly be submerged by spam, although Gmail does take care of most of it. That will keep your personal account free of crap, as much as possible anyway.

Email attachments and links

Now, when you receive an email with an attachment or a link, do not click on it, even if it’s from a trusted sender, because email addresses can easily be spoofed. Meaning the field telling who is the sender has been falsified, it’s not who you think it is who is sending you that email.

An easy way to tell if the email is genuine, is to look at the body of the email. If it is mentioning personal things, then it’s probably safe. If it’s just a “Look at this!” or even nothing, then it’s suspicious.

The best way to know for sure, is to reply and ask if the person really sent it. I do that often and I’ve come across a few spoofing case. In that scenario, the person who will reply to you is your friend, because somebody can spoof a sender’s field, but they do, they won’t get the reply. The reply will go to the address being spoofed.

Those spoofing the address are trying to get you to click on the link or open the attachment. If you do, then bad things will happen for sure.

Also, beware of any email asking you for personal information, account information, or password. Only thieves do that. Beware links in an email sending you somewhere where they ask for such information or send you directly to a login page.

That’s it for now. Be safe, have fun, and enjoy!