Privacy Guide: A Pro-Guide to a Newbie

“Privacy” always matter for all the individuals no matter where they live or for which aspect they are demanding privacy. However, for the netizens, privacy is the most important thing to remain unaffected by the hackers and data snoopers. Also, the government regulated rules and laws regarding Internet in most of the countries have threatened user’s privacy.

Even people, who don’t have something extremely sensitive, have password secured accounts, which might contain their personal details such as pictures that could be used for many malicious purposes. Therefore, some of the simple privacy tools and measures could provide you appropriate security. Here is the detailed privacy guide with basic tools keep everything smooth.

Prominent Global Internet Regulations You Should Know

There are some major privacy regulations and agreement you should be aware of.

Mass Surveillance of Fourteen Eyes

The Five Eyes is the agreement between five countries; United Kingdom, United States, Australia, Canada, and New Zealand. According to the clauses of this agreement, these states will cooperatively collect, analyze and share intelligence of different parts of the world. Yet, the agreement inhibits the participants to spy on each other; however, the leaks by Snowden have revealed that some of the five eye members spy the other’s citizens.

On the other hand, the Five Eye cooperates with the third party countries to share intelligence, thus form Nine Eyes and Fourteen eyes. But, unlike the Five Eye alliance, the third party countries and Five Eye members could spy on each other.

Nine Eyes further includes Denmark, France, Netherland, and Norway.

Fourteen Eyes adds up Belgium, Germany, Italy, Spain, and Sweden.

Net-Neutrality Law in the US

In the recent repeal of net neutrality rules, the FCC has given undefeated powers to the internet providers. With the new rules, the ISPs are empowered to control most part of their customer’s internet activities including websites, servers, and even the speeds. The speed privilege and priority are given to the one who pays the bigger amount to the ISP. These laws were under strict opposition by the masses and websites, but they are still in the act now.

Data Retention Law Around The World

According to the data retention law, a citizen’s internet data could be recorded and stored for a certain time period. The time period for storing data varies between different countries which implement data retention law. Most of the prominent European countries have implemented this law; however, below are the details of data retention law in major countries of the world.

  • There is no Data retention law in the United States but there exists another law of Stored Communications Act according to which a user’s data stored by the ISP could be accessible by the government too.
  • In the United Kingdom and other European Union, the data retention law which is DRD (Data Retention Directive) was revoked. Yet, most of the European nations still follow the data retention law.
  • Canada hasn’t implemented any particular law regarding data retention, however, they still keep user logs. Such idea was displayed in the statement from Bell according to which logs of users are kept for one year.
  • Australia has a proper data retention law that forces internet providers to keep user log for at least of 2 years. The ISP stored data contains information such as date, time, recipient, and the size of the attachment.

VPN as a Popular Privacy Tool

VPN is a popular privacy tool and almost every internet user today has a VPN account. This tool is mostly used because of the multiple features it provides along with the highest security level.

VPN works on the principle of encryption and routes all your traffic through the anonymous VPN servers which demolish the chances of any snooping activity. Also, the VPN changes a user’s IP address to a fake one to obscure the true identity. This feature helps VPN users to bypass ISP throttling, unblocking restricted content, Torrenting without any risks and much more with appropriate security.

However, there are certain tests such as IP leak, DNS leak and WebRTC leak that you should carry out before selecting a VPN or continuously while using a VPN service.

Browser Security

Computing and optimizing your browser’s settings is a serious step in using the Internet securely, firmly and confidentially. You probably don't want the browser to share your personal information without your consent. However, a browser must protect you if you trip upon a malicious Website; if this is not the case then your browser has some security lacks.

Today’s well-liked browsers comprise built-in security features, but users sometimes fail to boost their browser’s security and privacy settings on installation. Failing to properly set up your browser’s security features can put you at a greater risk for malware infections and malevolent attacks.

Therefore, reading this write up firstly required you to get acquainted with ‘Browser security’.

What Is Browser Security?

Browser security is the function or application of Internet security to web browsers in order to guard and protect networked data and computer systems from contravenes of privacy or malware.

Security features of browsers often use JavaScript sometimes with cross-site scripting (XSS) or sometimes with a secondary payload using Adobe Flash. Security uses can also take benefits of vulnerabilities (security holes) that are usually exploited in all browsers (including Mozilla Firefox, Google Chrome, Opera, Microsoft Internet Explorer, and Safari).

Google has grasped its control as a search engine to create its Safe Browsing technology. Safe Browsing will repeatedly and automatically warn you if Chrome spots that a site you are visiting contains malware or phishing. Other Web browsers offer similar protection, but they don't have the enormous and constantly updated database of Web pages and their contents that Google does.

Security vulnerabilities of Browsers

Browsers use various tools for a choice of tasks, such as Java, Flash Player, ActiveX, etc. But these sometimes come with security faults, which cybercriminals take advantage of to get access to your PC. A rapid rundown of these tools will assist you to figure out if you need them or not.

  • Deactivate ActiveX. A browser add-on that appears preinstalled on Internet Explorer or Microsoft Edge and only functions with these browsers. ActiveX acts as a focus mid man between your PC and Java/Flash-based connections in definite sites.

This causes security problems by giving malevolent websites a window into your PC.
What’s more? ActiveX is used seldom nowadays, so be on your watch if a site asks you to install it and allow the installation only if you are 100% sure that site is upright.

  • Strive to disable JavaScript. JavaScript is a programming language used by websites to run many programs and features. Sites such as YouTube or Google Docs could go with it to work, but so do advertising, pop-up software and a whole host of other spammy factors from the internet.

Cybercriminals use JavaScript in malevolent ways in order to contaminate your device with malware and other damaging software.

If you immobilize JavaScript altogether you will get a much faster and simplified browser experience, with very little to no ads, pop-ups, greatly enhanced page load times and usually a cleaner Internet experience at the cost of dedicated tools such as Google Docs or YouTube.

This doesn’t need to be as extreme as it sounds since browsers do permit you to whitelist sites which can run JavaScript.

  • Delete Cookies. Cookies are the main goal for cybercriminals, especially the ones that include emails, account names, and passwords.
    When you stop and clear cookies you cut down on the personal data cybercriminals can attain.
    One thing that you should remember is; there are two types of cookiese. First-party cookies and third-party cookies’.

First party cookies are often used to retain your login information so you don’t have to go into it every time you visit a site. But we can’t pressure this enough, don’t permit your browser to save passwords!

Third party cookies are approximately always placed on your computer by advertisers or vendors concerned in tracking your movement online, so nothing awful will happen if you block them.

  • Browser extensions and add-ons:Put additional functionality to your browsers such as ad blocking or search bars. Still, these add-ons cause a security risk, since they can open up portals into your PC which can be subjugated to bring in malware.

Tips to fortify your web browser security

According to the NSS Labs research, no single browser consistently protects users against the majority of security hazards, attacks, and privacy risks. And if that so then no single browser is impregnable. The next best step you could make is to build your favorite browser as secure as you possibly could. Here are some tips by which you can boost the security of your browser:

  1. The configuration of browser’s security and privacy settings

Check your browser’s privacy and security settings thoroughly to make certain if you’re comfortable with the scanning activities. For instance, review and scrutinize if your browser is blocking third-party cookies, which can allow advertisers to track your online activities.

For precise browser security and privacy settings, read the counsels and tips elucidated by the Department of Homeland Security’s guideline. The guide also outlines browser features and their related risks, such as ActiveX, Java, certain plug-ins, cookies, and JavaScript.

  1. Update your browser consistently

Regular browser updates are on the rampage to plug recently discovered security cracks. So it is crucial to update your browser consistently.

  1. Sign up for alerts

Setting up Google alerts for your browser is a good option. Through this, you can stay informed and updated on any current or rising security issues. For instance, if you are using Internet Explorer, set up a Google Alert using the keywords Internet Explorer security, or something alike. You can also choose to get instant, daily or weekly alerts whenever news articles or other related content to such topic uploads on the Web.

  1. Be vigilant while installing plug-ins

Plug-ins and extensions may sometimes put you at threats. For instance, in the year of 2014, it was exposed that some Chrome extensions can alter service or ownership without notifying or warning to users. Resulting, Chrome’s conventions for extensions was changed to keep extensions from becoming anything other than ‘simple and single-purpose in nature,’ according to Google.

  1. Assure your Antivirus installation

Potentially unwanted programs (PUPs) can easily go through when you install any type of software. These little wicked can switch browsers on you without notifying or warning and you might never be aware of it. The best precaution is to keeping a trustworthy antivirus program such as ZoneAlarm installed, to keep PUP’s from taking over your browser and spoiling your day.

Revamping add-ons for web browser security

Every contemporary web browser comprises a powerful set of developer tools. These tools do a variety and range of tasks, from scrutinizing currently-loaded HTML, CSS, and JavaScript and help you to diagnose its issues by showing which good feature the page has asked for, how long they took to load and evaluation of accessibility to your website.

There are many functional Web development tools that assimilate into your browser. These in-browser tools are generally known as ‘add-ons’ or ‘extensions’ which are discussed below:

Privacy Badger

EFF’s Privacy Badger is a browser extension available for Firefox and Chrome that stops advertisers and other third-parties from clandestinely tracking where you go and what pages you look at, in-short all your behavior and activity on the web. If a third-party appears to be tracking you across multiple websites without your consent, Privacy Badger automatically blocks that party from loading any more content in your browser. To that third-party or advertiser, it seems like you abruptly vanished.

uBlock Origin

uBlock Origin is one more useful chrome add-on for blocking and interrupting content from your web browsing passageway! While using the plugin, you can get rid of ads, in a helpful way. For example, rather than blocking all the ads, you can opt to incorporate some lists with the blocking process so that the tool has principles about ads that need to be blocked. Even though it’s potential to hold assorted host file-based filters, uBlock Origin is known for the subordinate usage of CPU memory, simply, it seems logical.

Cookies AutoDelete

This is an efficient solution for avoiding browser cookies without the hassles. It is an easy way to remove cookies as it automatically deletes cookies when they are no longer used by browser tabs.

Therefore, you are carefree about the snooping entities for whom these cookies are an easy access way to private data.

HTTPS Everywhere

It is available for the users of Opera, Chrome, and Firefox browsers which make sure that a user is browsing a secured website version. It switches the insecure version “HTTP” to the secured version “HTTPS” and provides you an encrypted communication with most major websites.

This is an extension provided with the collaboration of TOR and EFF.

WebRTC Leak

Enable this extension on Google Chrome and protect your IP. Test, whether your IP addresses, local and public, are being leaked or not, here. If they are, do not waste a second and enable this extension. Your IP addresses are your fingerprints on the internet and must not be known to any other person on the web.

In the past, Google has been known to delete such extensions which prevent the IP from being leaked. Google Chrome has been designed to exploit the vulnerabilities of their clients and gaining their information through IP leaks. Therefore, it is recommended for you to switch to Firefox and disable WebRTC leak, there. Mozilla does not have a past of spilling their clients’ information and disabling extensions meant for their better. Disabling WebRTC on Firefox is also available as a feature via manual settings, rather than just as an extension on Chrome.

Web Accessibility Toolbar Link

The Web Accessibility Toolbar is a freeware extension for Opera and Internet Explorer that enables you a slide of options for quick assessment and analyzing your Web content’s accessibility and convenience. It has corroboration options for submitting your URL to content accessibility web services, a grayscale converter to imitate the user experience of individuals with color-blindness and weak eyesight, and a search function for specific page structures like finding list objects and unordered lists.

Venkman JavaScript Debugger Link

Venkman is basically the codename for Mozilla’s very own JavaScript debugging or clearing up the environment. It is obtainable as an add-on that can be used to widen browsers such as Firefox, Netscape, and SeaMonkey. It is a healthy and forceful environment for doing complex JavaScript debugging and mending. The Console view gives you a guide-line border for interacting with the debugger. It has a tremendous Stack view feature that permits you to step through active working when it reaches breakpoints.

Http Watch Link

Http Watch is a debugger for Firefox and an HTTP traffic onlooker and likewise as Internet Explorer to Fiddler. It has several exclusive features and a more instinctive, less threatening interface than Fiddler. Some noteworthy features are the capability to generate request-level time charts which are useful for documentation and presentation purposes; decryption of HTTPS traffic to assist you to debug, examine and tweak your secure SSL-based connections; and the ability to export captured data to XML and CSV formats for importing into spreadsheet applications such as Microsoft Excel or Google Spreadsheets.

HTTP Watch has a Basic and also a Professional edition, having no cost and has more options.

Live HTTP Headers Link

Live HTTP Headers is a Firefox extension that enables you to examine HTTP request and response headers. HTTP headers permit you to debug Web applications, assembling some information about the website’s server and scrutinize cookies sent to the consumer requesting the page.

Firebug Link

Firebug is an extension for the Mozilla Firefox browser that enables you to debug, clear up and examine HTML, CSS, the Document Object Model (DOM) and JavaScript. Although it has many well-built features, it is most known for transforming the means and methods developers debug and profile JavaScript code.

For instance, before Firebug, many developers would use the alert () function to notice what a variable contains or to find what line the code breaks. With Firebug accessed, you’re told particularly what the error is and from which line it comes. Firebug is a tool which works quite efficiently for AJAX application developers because it allows you to search, explore and perform ongoing edits on the DOM to see what happens when you control Web page elements after a user action.

Along with its trendy JavaScript and DOM functionalities, Firebug can also log network activity to let you see detailed results of HTTP connections, examine and amend HTML on the fly and debug and visualize your CSS.

The most used Web browser of 2017

Following visual shows most downloaded browser of this year indicating Google Chrome on lead:

Secure Browsers

Most of us are having a regular browser such as Google Chrome, Mozilla Firefox, Opera and others. Yet, the secure browsers are constructed on unique privacy measures to evade the common security lacks which a regular browser user experiences.

Tor Browser

It was basically constructed with U.S Navy alliance with the sole perspective of anonymity.

Tor browser is an anonymous browser that has many pre-installed browser plug-ins to provide strong security. It was tested through our privacy tools and we found that it doesn’t disclose a user’s real IP address as well as it also prevents the WebRTC leak.

Epic Browser

This web browser also provides you the security perks such as cookies removal, IP obscuring, avoid browser history storage, and also the prevention of WebRTC leak. These features are not present as a default in regular browsers; even the incognito or private mode doesn’t really prevent browser history.

Brave Browser

The creators of Brave browser acclaim that the browser is much faster than regular browsers such as Chrome and Safari. Also, it falls into the category of secure browsers which offer features such as ad blocking and avoid tracking of user information.

Comodo Dragan Browser

Comodo Dragon is a Chromium-based web browser which has many privacy features in default to evade security lacks.

It has the specialized system which provides you on-site malware scanning, prevents DNS leak, SSL, and Domain validation, blocks tracking elements such as cookies and web spies.

Privacy Settings for Regular Browsers

If you are unwilling to download a secure browser or plug-ins to your regular browser, then you could execute setting changes to enhance the browser privacy.

For Firefox

  • To head into settings section, enter “about:config” into the Firefox address bar.
  • Select “I’ll be careful, I promise!”
  • Now enter the texts given below, one by one into the search bar. Also, remember that you have to double click the appeared value to make it True from false or vice versa.

Now, follow the instructions described below to alter the settings which are not available as default.

1- For “privacy.firstparty.isolate”, select True.
- This privacy setting will isolate all browser tracking sources such as cookies to first party domain. It lets you avoid the tracking at various domains.

2- For “privacy.resistFingerprinting” select True
- This setting provides the Firefox browser a resistance against browser fingerprinting.

3- For “privacy.trackingprotection.enabled”, select True.
This is a new feature induced by the Firefox browser regarding protection against tracking. It takes help of Disconnect.me filter list, so if you are already using an add-on such as uBlock origin then you should set it to false.

4- For “browser.cache.offline.enable”, select false.
This preference will disable offline cache.

5- For “browser.safebrowsing.malware.enabled”, select false.
It will disable Google Safe Browsing malware checks. This is a security decline but will enhance browser privacy.

6- For “browser.safebrowsing.phishing.enabled”, select false.
This preference will disallow Google Safe Browsing and phishing protection. This is also a security risk but will enhance privacy.

7- For “browser.send_pings”, select false.
This preference will let websites track the visitor’s clicks.

8- For “browser.sessionstore.max_tabs_undo”, select 0.
Even if you enable the Firefox’s not remember history, your closed tabs are temporarily kept in menu History Recently Closed Tabs.

9- For “browser.urlbar.speculativeConnect.enabled”, select False.
It disallows the preloading of autocomplete URLs.

10- For “dom.battery.enabled”, select False.

11- For “dom.event.clipboardevents.enabled”, select False.

12- Select False for “geo.enabled”.
This will disable geolocation.

13- Select False for “media.navigator.enabled”.
Through this preference, websites could track the status of your microphone and camera.

14- For “network.cookie.cookieBehavior”, change the value to 1 which is “Disable cookies”.

15- For “network.cookie.lifetimePolicy”, change the value to 2 which is, “Accept the current setting only”.

16- For “network.http.referer.trimmingPolicy” change the value to 2 which is, “Send only the scheme, host, and port in the Referer header”.

17- For “network.http.referer.XOriginPolicy”, change the value to 2 which is “Send Referer only when the full hostnames match”.

18- For “network.http.referer.XOriginTrimmingPolicy”, change the value to 2 which is “Only send scheme, host, and port in Referer”.

19- Finally, for “webgl.disabled”, select True.

Private Search Engines

If you are among most of the users of search engines like Google, Bing, and Yahoo then you might consider a switch to private search engines. This would save you from extreme tracking that results in annoying third-party pop-up ads.

DuckDuckGo

DuckDuckGo is one of the most reliable private search engines which don’t track your searches along with providing advanced search results. This search engine delivers approximately 10M searches per day.

With DuckDuckGo you won’t have to face the hassles of page swipes as it renders all the search results on a single page.

Gibiru

Gibiru has a system that lets you find out fully uncensored content which is produced via an encrypted search engine. They make sure that your data isn’t leaking to a third party which evades the appearance of intrusive ads.

Also, it provides a free Firefox/Chrome search bar to cater users with anonymous searches right from their browser.

Disconnect Search

Disconnect Search takes the assistance of popular search engines like Google, Bing, and Yahoo to deal with search queries. Yet, it avoids the tracking of user’s online searches, activities or IP.

It instructs users about the tools which are protected and which are unprotected to use. Also, you can specify the location to designate the search result.

StartPage

If you are a fan of Google search results then start page is a good option for the private search engine. StartPage was initiated by an independent search engine, Ixquick which display results of its own. But after noticing the popularity and demand of Google search results they started this project to serve both, privacy as well as result quality.

StartPage has URL generator which remembers your setting but without lacking privacy. Other features of this search engine include proxy service and HTTPS support.

Search Encrypt

The most secure encryption of AES-256 is used by the Search Encrypt private search engine so that the searches of a user could be secured. This private search engine extracts the search results from its network of search partners.

The best and distinctive feature of Search Encrypt is that it removes all the search terms so that nobody knows even the things you have searched.

Secure Email Services

The secure email services make sure to maintain privacy through encryption and guarantee security. Regular email services are also fine if you are an average user but if your email contains highly confidential material then you must have secure email services.

Proton Mail

Proton mail is a Switzerland based email provider which is free and is an open source. You can access it through their website and any of the computers. Also, there are iOS and Android mobile apps for this email service.

Proton Mail has end-to-end encryption due to which nobody can see your messages in any way except the decryption password which is with you. The decryption occurs when a user logs in the account so there is no other way to decrypt email except the account password or recovery account file. A beneficial point with Proton Mail is that it doesn’t keep IP address of users, therefore, your emails could not be traced back to you.

Mailfence

Mailfence provides you 200 MB of emails and 250 MB of documents as standard. It provides end-to-end encryption and supports OpenPGP. They also give the privilege of two-factor authentication to avoid unauthorized access to your email account. With Mailfence you can create a key on your computer which could be encrypted using 256-bit AES.

TutaNota

TutaNota is a German-based email service that was started in 2011. TutaNota also uses end-to-end encryption so that no mail is visible on their servers. For an unencrypted email account like Gmail whom you are sending a message, the TutaNota email service sends a link to the temporary account so that the recipient can view encrypted message there.

This email service is also an open source and uses the encryption methods of 2048 bit RSA and 128 bit AES.

CounterMail

CounterMail is also a secure email service that provides a secure implementation of OpenPGP encrypted email in a browser. CounterMail servers restrict the storage of emails on hard disks and all data is stored on CD-ROMs only.

With CounterMail you have the opportunity to modify the settings of your account. Also, they don’t keep IP address logs with them and uses anonymous email headers.

Conclusion

In today’s internet era, the advancement has also equipped hackers with more power to invade an internet user’s privacy. Sometimes, without an external source or power your data goes to someone else or any other user could know your internet activities which you aren’t willing to show.

Therefore, it is necessary that every user on the internet keeps extra privacy tools with him along with the general system. This setup might require a little time but all these steps are easy to execute and keep you and your data secure while browsing.