Ever since 2013 when Edward Snowden released classified documents detailing nation-state spying programs people have been a little more weary of what they do and say online. While the revelations were shocking to many, I don’t think it was enough for the average person to really take any steps of their own to protect themselves.
It wasn’t until 2018 when the Cambridge Analytica/Facebook news broke revealing how much of people’s personal data from Facebook was being used in a manner they didn’t know about or would likely have approved of had they known.
It’s at this point, along with numerous, almost daily, tech news reports of major companies being hacked and data stolen, that many people, including some governments, are starting to take action against usage of personal data by companies. People are beginning to ask questions and wondering how they can help to protect themselves in an online world.
The aim of this post is to provide several solutions someone can use to help them improve their privacy online and minimize the amount of website tracking of users across the Internet.
These are some things most anyone can do very simply and quickly on their own. Web Browsers
Consider using a different web browser than the default one on your computer. If you’re using Microsoft’s Internet Explorer, or new browser, Edge, or Apple’s Safari, you may want to switch to Mozilla’s Firefox browser. While generally speaking those other browsers aren’t bad per se, its just that they aren’t open source and don’t lend themselves to particular plugins or extensions to help with our scenario here.
I will give credit to Apple’s Safari though since Apple is making efforts to curb Internet tracking and they’re adding new tools in the forthcoming macOS Mojave this Fall to help further protect users online.
Firefox is an open source project by the Mozilla Foundation and open source means that the source code if open for anyone to see, poke at, review and audit for flaws. The other browsers are closed source which means their companies keep that code to themselves so we have to trust that they have our best interest in mind and that they are covering all aspects of security too. Open source vs. closed source often turns into a philosophical debate and personal preference thing for each person and we’re not going to get into that here.
All of the extensions I list below are available on Firefox and some are also available on other browsers like Safari and Google Chrome as well.
The Web of Trust extension isn’t a privacy or tracking protection plugin, but works with search engines to give a grade on the reputation of a website before you click on it. It can help warn you of a malicious site before you go to it. Its just a helpful extension for good web browsing habits.
Google is by far the most popular search engine and for good reason too. They always turn up the best results for a search when you need it. But Google makes it money on advertising and tracking users to show them targeted advertising. When we use their search engines we are shown advertisements that help them make money. The same thing goes for Yahoo! Search and Bing search.
Consider using a search engine that doesn’t track you like DuckDuckGo. Its a decent search engine and they’re improving all the time. They’re no Google though when it comes to getting the best results and sometimes I have to go back to Google to get what I need, but that doesn’t happen too often.
Go into every device you have, mobile or computer and look for every privacy related thing they offer, including ads and location based stuff and opt out or disable them. This goes for iOS devices (iPhone, iPad), Android devices, Mac computers, Microsoft Windows PC’s, your web browsers, like Firefox, Chrome, Safari and anything else that has a Settings app or area. Look for them, look through them and turn off everything you’re not comfortable with.
In this section I’ll talk about some things that might require an intermediate skill level to accomplish, though they’re not very hard and might even fall into the easy category for some people.
Cookies are small files with a few details about you on your computer.
Delete browser cookies and disable third-party cookies in your web browser. Warning: deleting all cookies will delete special settings that some websites use to help you log in quicker or remember other specific things that you like. It’s not a big deal though, because when you visit the site again, you’ll fill in the information and the site will put in a new cookie. Some browsers will let you pick and choose which cookies to delete as well.
Cookies aren’t necessarily a bad thing and generally are a good thing to help ease some tasks on the Internet. But some can be used for more nefarious things at times.
Third-party cookies are the ones that place cookies on your computer for sites that you didn’t specifically visit and usually will track you across the web for advertising purposes. Check your browser settings to ensure they are disabled. Apple’s Safari does this by default but not all browsers do.
Delete Flash cookies also called LSO’s or Locally Shared Objects. These are similar to browser cookies (above) but are stored in a different location and require going into Adobe’s Flash settings to eliminate them. Click the link above to get instructions on how to do that.
When using a regular computer don’t browse the web with your browser in full screen mode. This helps contribute to browser fingerprinting, another way to track you across the web. There are ways to track you by logging the window screen size of your browser along with the the browser you’re using and other attributes of your computer. By changing the window size of your browser you can throw off those tracking statistics. Click the link above to test your browser’s fingerprinting susceptibility.
Setup a Pi-Hole. Then add your choice of curated block lists. I block over 1.2 million domains in my Pi-Hole.
The Pi-Hole is another open source and free solution that provides network level blocking by DNS. This is by far my favorite tool of all. By working at the network level it means that every device that is connected to the same network benefits from its protection. It works for both wired and wireless clients no matter what their make and model are.
How it works is that you add block lists of known advertisers, trackers, malware sites, porn sites, or any site or type of site you can think of. When a device on the network tries to phone home to a website, and advertiser or anything in the block lists, the query is Pi-Holed and never goes to the Internet to get that data or content. The Pi-Hole returns the blocked content as being on the local network instead at 127.0.0.1. This is where the beauty of the Pi-Hole comes in over just using ad blockers in your browser.
Most ad blockers work by simply masking or hiding the ad, the tracker or other stuff from your physical view. While in the background your web browser went out to the Internet and downloaded that ad to your browser and your computer. It just didn’t show it to you. With the Pi-Hole the ad is never downloaded in the first place and therefore there is nothing to hide from your sight. The beauty in that is a Pi-Hole can even speed up your Internet browsing experience by preventing excess data from being downloaded. This is especially helpful if you have data caps on your Internet connection.
Plus, the Pi-Hole gives the advanced user a lot of other tools to enable, disable the service as needed, add custom block lists, white lists and provides a nice reporting interface. Pi-Hole comes pre-configured with around 100,000 blocked domains for advertising and tracking, but if you visit the link in the first sentence of this section on curated lists, you can get a whole lot more.
The Pi-Hole can be run on a little computer called a Raspberry Pi which can be bought from Amazon for about $50. It can also be run on Ubuntu Linux on a physical machine or even in a virtual machine. I’ve tested all three of those setups and they all work great.
Pi-Hole is free and supported by donations so please consider donating to the project to keep it going and to get new features they’re working on. I have a monthly donation I give them and I encourage anyone who uses it to do so as well. This is by far the best tool I’ve ever come across for managing privacy.
If you just want to block all Facebook stuff including Instagram and Whatsapp and don’t want to do it with a Pi-Hole you can add all of Facebook’s domains from this curated Pi-Hole list and just copy/paste them into your computers hosts file. If you look at the list you might be amazed at how many domains Facebook owns.
This is another great open source project that is easy to use for the tech savvy person and free as well. When I mean easy, it is far easier to use than say an enterprise class Cisco firewall or adaptive security appliance like I use at work.
If you use a pfSense firewall and I do, use pfBlockerNG and enable DNSBL. It actually does the same thing as a Pi-Hole, but isn’t quite as refined as the Pi-Hole as far as reporting and accessibility goes.
If you have a Pi-Hole then you don’t have to enable DNSBL, but still use pfBlocker. It also can be configured to block IP’s from foreign countries trying to pry into your network. I have mine setup to block all IP’s that aren’t from the United States trying to get into my network. This helps prevent unauthorized access right at the firewall level since there is no reason that I have for me or anyone else to gain approved access from another country.
pfSense being free can run on a Linux machine or in a virtual machine running Linux.
pfSense also partners with Netgate to produce physical, hardware firewalls as well. This product line is always tested with the latest versions of pfSense to ensure that updates don’t break things when released. I have one of these hardware firewalls that I use and I’m very happy with it.
A good VPN can help block a lot of stuff too. But not all VPN’s are created equal and a user has to weigh the options available by each provider and determine if it does what they want. Ideally, one would want to create their own VPN and OpenVPN is a good choice. Here is a very comprehensive VPN comparison chart website>. Take a good look there and see which VPN may be right for you.
If a person is in serious need of complete and total anonymity online then they probably already know about Tor, or should know about it. Tor is based off of the Mozilla Firefox browser and incorporates a lot more privacy protections for its users. Used in conjunction with a good VPN, a user has a high level of confidence that they can’t be tracked online.
There are more things we can do to minimize tracking, but this is a very good start.
I welcome all comments, suggestions and corrections on this post. If I missed something, or wrote something wrong please let me know and I’ll be happy to update this post. Also, if you know of a tool or service that can help with protecting our privacy online, please let me know that too!
Download the pdf version with pictures here.