Monday, March 30, 2015

Privacy

I thought it might be good to share a few of the steps I take to maximize my privacy while maintaining my ability to use digital and social media.  If you think privacy is not a big deal, I highly recommend the TED talk “Why Privacy Matters” by Glenn Greenwald.

These are loosely in order of difficulty and/or the technical skill required, with the easier ones at the beginning.

Check your Facebook privacy settings.  Facebook has an option that will show you what your page looks like to other people (friends and the world).  Or even better, delete Facebook.

Download the Firefox extensions: HTTP Everywhere, Adblock Plus, (maybe) Noscript.  Enable the options in Adblock Plus to block social media so that Facebook can’t track your web browsing.

Disable Flash cookies.  Open Control Panel, Flash Player, and Block all sites from storing information on this computer.  However, this may cause some web sites not to work, and sometimes you won’t even get an error message as to why it isn’t working.

Check the security certificates on secure web sites that you go to.  (See my previous post.)  They should be signed by a certificate authority that your web browser recognizes.  (These are pre-installed with your web browser.)  Furthermore, as you do this, you’ll know which CA the web sites you visit use, and you’ll be able to recognize if a site you frequent is using a different CA than before, which is highly suspicious.

Uninstall Java.  This also may cause some web sites or apps to stop working, so run those apps in a VM if you really need Java.

Disable Wifi on your phone when it’s not needed.  This can be a pain, but if you have an Android phone, there are some apps that will turn it on and off for you at certain times of the day.

Set up email encryption.  There are two popular formats: S/MIME and PGP.  S/MIME is recognized by Outlook, Thunderbird, and some mobile clients (such as the one that comes with Samsung Galaxy phones).  You can get a free personal SSL certificate from StartSSL and use it for email encryption and authentication.  However, you can only encrypt email to other users that also have S/MIME encryption set up.  Here is a guide for Outlook, though it’s a bit old.

Don’t use Gmail, Hotmail, or any of the other “free” email services.  You can host your own email server if you really know what you are doing, or you can pay for a hosted email service with a hosting company.  Some DNS registrars will give you free email addresses if you buy hosting from them.  Hosting your own email server is the most private option, however, since only you will have access to your email server.

However, it must be stated that email is not secure, nor is it private.  It is not encrypted, and it is not authenticated, unless you set up email encryption and authentication as described previously, and even then, that only works for other people who also have email authentication and encryption set up.

Your phone calls are also not private.  There are, however, apps that will allow you to make private telephone calls, such as Tox (which is still in beta).  Again, the best option for privacy is going to be to host your own phone server, and you’ll want to make sure it’s configured properly.

I hope this has been helpful.  I’ll update this post if I think of anything else.