[Source: This article was Published in pcmag.com By Max Eddy - Uploaded by the Association Member: Logan Hochstetler]

Once Incognito Mode is engaged in Maps, 'you can search and navigate without linking this activity with your Google account,' says CEO Sundar Pichai

Google first introduced Incognito Mode years ago with the release of the Chrome browser. Now, as part of a larger push to enhance consumer privacy, the search giant is adding Incognito Mode to both Google Search and Google Maps.

When Incognito Mode is engaged in Chrome, your activities aren't stored in your browser history. It also disables cookies, which are used to identify and sometimes track individuals around the web, and turns off browser extensions. It doesn't hide your online activity, as a VPN would.

Google Maps

Google first introduced Incognito Mode years ago with the release of the Chrome browser. Now, as part of a larger push to enhance consumer privacy, the search giant is adding Incognito Mode to both Google Search and Google Maps.

When Incognito Mode is engaged in Chrome, your activities aren't stored in your browser history. It also disables cookies, which are used to identify and sometimes track individuals around the web, and turns off browser extensions. It doesn't hide your online activity, as a VPN would.

Incognito mode for Google Maps will be similar, Google CEO Sundar Pichai explained in a blog post. Once Incognito Mode is engaged in Maps, "you can search and navigate without linking this activity with your Google account," he wrote.

Google Maps Incognito Mode

You may have noticed that when you search in Google, meanwhile, your old searches sometimes pop up again. Google uses your activity to tailor the results for you, but not so with Incognito Mode for Search.

Incognito for Google Maps and Search are coming later this year. Google has already rolled out an Incognito Mode for YouTube. "We strongly believe that privacy and security is for everyone, not just a few," said Pichai.

While this is an important move for Google, it's not yet clear what information will be saved when these new Incognito modes are engaged, and what the limitations will be. We have to assume that, like Incognito for Chrome, you won't be totally invisible.

Categorized in Search Engine

[This article is originally published in techradar.com - Uploaded by AIRS Member: Clara Johnson]

Top tips to stay secure online and maintain your privacy

Staying safe online represents a significant challenge, and for families, this is even more difficult with younger internet users too often unaware of the dangers that can lurk on the web. Well, just like any sane parent would not let their child wander around Times Square on their own, neither should these same children be let loose on the internet to roam free.

It can be difficult to maintain privacy online, with more of our data flowing onto the internet, including family photos and finances, to name a couple of potentially sensitive areas. Many folks are seemingly facing challenges in this respect, as last year in the US, there were a staggering 16.7 million incidents of identity fraud, with a total of $16.8 billion (around £12.7 billion) stolen, according to the Insurance Information Institute.

While these are alarming statistics, there is plenty that can be done to keep you and your family from becoming victims. Here are six essential ways to maintain your privacy online.

1. Avoid public Wi-Fi

Public Wi-Fi in airports, libraries, hotels and coffee shops is an attractive resource in terms of staying in touch when away from home. These are open Wi-Fi spots, and many stores have them available these days, but the problem is that they are not encrypted like your home router’s wireless connection.

When using these wireless hotspots, you should be very cautious, particularly in situations where sensitive data is transmitted, such as account credentials or financial details. This is because a process known as Wi-Fi sniffing can be carried out, and the unencrypted packets of data can be grabbed by anyone within wireless reach of the signal – this is a form of wireless eavesdropping if you will.

An additional danger is that malicious types can set up their own rogue Wi-Fi network masquerading as a legitimate free Wi-Fi spot, with the attacker being able to steal you and your family’s data.

In short, it is best to avoid using public Wi-Fi completely if possible, but potential workarounds including surfing with a VPN, or tethering to a smartphone, and encrypting the Wi-Fi signal so no unencrypted data gets transmitted. Also, don’t log into financial accounts while away from home.

2. No phishing here

Phishing scams are an attempt to extract sensitive information from an individual via a fraudulent email. Most folks know not to respond to the ‘Nigerian prince’ scam, requesting you to wire them money so you can subsequently inherit millions.

However, phishing scams are getting craftier, and now include authentic details, official logos, and originate from email addresses that seem legitimate at first glance as they include the company’s name in them.

Children using email should be warned never to respond to these emails. Also, banks and the IRS do not ask for your financial information via unsolicited emails. Good practice is for the emails in question to be forwarded to the fraud department of the respective organization which can be easily found via a web search – for Apple it is ‘This email address is being protected from spambots. You need JavaScript enabled to view it.’ for example – and then delete the email.

Finally, if the message includes an attachment, don’t be curious and be sure to never open it, as this will inevitably infect your PC with malicious code, opening your system up to an attack.

3. VPN

VPN is an excellent tool to keep your privacy online. Rather than your data leaving the home network and going onto the internet all out in the open, instead it goes to a distant server via an encrypted tunnel that creates a high level of privacy.

This is especially useful, as mentioned above, to make using a public Wi-Fi connection more secure. This is also handy on your home connection to ensure privacy, and that includes avoiding any potential snooping from your Internet Service Provider. In the past, ISPs have been called out for tracking users and selling their data (as if they did not make enough money already).

To celebrate National Cyber Security Awareness Month, IPVanish is giving a 69% discount on two year plans throughout October 2018, making its top-tier protection effectively $3.74 (£2.83) per month.

4. Batten down the passwords

Strong security starts with a strong password. You should have a Wi-Fi password of at least 12 characters or longer, with a combination of uppercase letters, lowercase letters, special characters, and numbers. Then apply this same principle to all of your online accounts, so they are safe from ‘brute force attacks’ that randomly try dictionary words.

While the above may sound obvious to more veteran users, research has found the most common passwords are ‘123456’ and ‘password’. Clearly too many folks are taking the lazy route, and the entire family needs to educated on this best practice for creating strong passwords to protect accounts. Another fundamental tip: never reuse the same passwords over different accounts.

5. Take two

While stronger passwords are vital to keeping accounts secure, another important point is that you shouldn’t rely on them completely. A complex password may afford protection from a brute force attack, but it can still be obtained if, for example, a hacker breaks into the online database of passwords. This has become such a regular occurrence these days that there are even websites entirely devoted to letting users enter their credentials to check if their account is known to have been hacked.

Rather than relying totally on one password, there is an alternative and better approach known as ‘two-factor authentication’ (abbreviated to 2FA). The idea is that two pieces of information are better than one, and to log into the account, you need something that you know – namely the password, which should still be a strong one as per the recommendations above – and also something that you have.

The something that you have – and presumably the hacker won’t – is most commonly a mobile phone, which can be employed for 2FA in several ways. The service you are logging into might text you a special code which you then enter as well as the password. However, this particular method can be vulnerable to being defeated via SIM card cloning (although that’s not exactly common).

The more secure, and therefore preferred option, is an authenticator app, which is installed on the smartphone, and performs the function of a security token, as it provides a number code that is only valid for a brief minute or less.

Another option for 2FA is a physical security key, the so-called USB 2FA.

In short, you should make sure that 2FA is enabled on all accounts that support it, and if you have a choice, use the authenticator app method. Teach the rest of the family how to use 2FA, as well.

6. Look before you leap

No discussion of online privacy would be complete without mentioning those pesky app permissions that pop up when installing a new application. While folks tend to just want to get their app working, they really should make sure that what the app is asking to access makes sense.

For example, it would follow for a reputable photo editing app to need access to your library of images, or else it wouldn’t be of any use. However, when you download that free calculator app, you might start to wonder why such an app would need access to your microphone, GPS or your contacts, as the intended use of the application should not involve any of those smartphone functions.

For those who aren’t careful, going along with such excessive permissions might be a serious threat to privacy, and could lead to you being tracked or eavesdropped upon. Does that seem paranoid? Well, there are already examples of smartphone apps using the device’s microphone to track TV viewing habits.

Categorized in Internet Privacy

Source: This article was Published productwatch.co By Kevin Meyer - Contributed by Member: David J. Redcliff

I don’t think I’m blowing your mind when I say most sites are trying to collect your data. If you don’t have to pay for the product, you are the product — it’s the reason Movie Pass doesn’t mind taking a loss if you see more than one movie a month, though who knows how long that experiment will last.

So, if you want to protect your privacy, you will have to put in some effort. Thankfully, there are services you can use to make your job easier. And we’ll show you both which ones are efficient, and how to use them.

uBlock Origin

The very first extension you should get when you get a new device is a good ad-blocker. Not many are better than uBlock Origin. Essentially, this service will filter the content you see in your browser. Also, unlike other ad-blockers, uBlock doesn’t slow your browser down.

Furthermore, using it is a breeze. All you need to do is install the extension and let it run. The default settings are such that the standard filters for ads, privacy, and malware are active. You just need to let the extension run.

In the meantime, if you want to change the settings, you can easily do so by clicking the shield icon next to your URL bar.

BitDefender

BitDefender is one of the biggest companies that offer device protection services. In fact, if you choose to use their products, you will be one of over 500 million users they have. They offer multiple tools that can protect your computer from harm. And, more importantly for this article, they also offer online privacy tools. For example, their BitDefender VPN tool is possibly the best VPN tool you can get.

The interface is rather simple, and once you start using the tool, you will see how easy it can be to protect yourself.

Unshorten.It

Short URLs were very popular when they first came out. After all, they are a lot tidier than the usual bunch of symbols you might get. However, not long after, they became one of the serious threats to your computer’s safety. Namely, even though the link says it is going to take you to a funny site, it might just take you to a site that will mug you instead.

Naturally, you might want to get a tool that will let you analyze the said short URLs. That is where unshorten. It comes into play. This service lets you see exactly what page you will visit if you follow the link. It will give you the description, the safety ratings, and even screenshots of web pages you might unwittingly visit.

HTTPS Everywhere

Do you want to have Internet privacy, but you are not ready to go as far as using Tor? Well, in that case, it seems like HTTPS is the right extension for you. This Chrome, Firefox, and Opera extension will let you encrypt your communications on almost all major websites. Thankfully, a lot of websites already support encryption over HTTPS. But, they tend to make it difficult to use properly. On the other hand, using HTTPS Everywhere is easy and intuitive. Overall, it is a great way to make your surfing a lot safer.

No Coin

Another danger of using unknown websites lies in the fact that many of them will use your resources to mine cryptocurrencies. In essence, these websites will hack your device and use its processing power for themselves.

Now, you might think it’s not that bad. You are only on the website for a couple of minutes at a time. But, the issue doesn’t stop there. Namely, once they do hack your device, they can keep using it for a long time after you visit their website. Thankfully, you can use No Coin to stop the websites from doing this to you. With this service, you should see noticeable improvements in your computer’s performance.

Punycode Alert

Punycode Alert is an extension that will give you a notification if you venture onto a phishing website that uses Unicode to trick you. For those who don’t know what phishing is, in layman’s terms, it is a practice of stealing someone’s information by setting up an imitation of a successful website.

Unfortunately, it is not uncommon for phishing websites to trick people out of thousands of dollars. The reason these traps are incredibly effective is that their URLs look exactly like you would expect them to. So, you might very well follow a URL that reads as “apple.com” and ends up on a completely different website. We definitely recommend using Punycode Alert to protect yourself from such websites.

LastPass

Coming up with good passwords is not easy. You might think that your birthday is as good a password as any, but that couldn’t be further away from the truth. Fact is, a lot of people use passwords that are too weak to protect their data. And the reason for that is simple – they don’t want to bother with remembering complex passwords.

That is where LastPass comes in. This tool will let you store all of your passwords and use them without having to type them out. In essence, this password manager will let you use unbeatable passwords without having to worry about forgetting them.

ProtonVPN

Using VPN services is of utmost importance if you want your data to remain safe. And ProtonVPN is one of the best providers you can find. The company behind this service created ProtonVPN to give protection to activists and journalists around the world. And, not only that, but it will also let you avoid Internet censorship and visit websites that are trying to lock you and other people from your country out.

1.1.1.1

If you don’t feel like you want to go to extremes to protect your data, but you still don’t want your DNS resolver to sell your data to advertisers, you might want to consider using 1.1.1.1. This service, in essence, is a public DNS resolver that respects your privacy and offers you a fast way to browse the web.

DuckDuckGo

The first thought that might pop into your mind when you want to search for something online is probably: “I’ll just Google it.” However, you should be aware by now that Google is not only guilty of storing your data, but it also doesn’t offer the same results to everyone. In fact, it is almost impossible to find unbiased results by using Google. However, DuckDuckGo will help you protect your privacy and give you objective search results. And, you don’t have to do a lot to make this change. Simply switch to DuckDuckGo as your primary search engine, and you are good to go.

 

Categorized in Internet Privacy

Source: This article was published entrepreneur.com By Brian Byer - Contributed by Member: Clara Johnson

Consumers do enjoy the convenience of the apps they use but are individually overwhelmed when it comes to defending their privacy.

When it comes to our collective sense of internet privacy, 2018 is definitely the year of awareness. It’s funny that it took Facebook’s unholy partnership with a little-known data-mining consulting firm named Cambridge Analytica to raise the alarm. After all, there were already abundant examples of how our information was being used by unidentified forces on the web. It really took nothing more than writing the words "Cabo San Lucas" as part of a throwaway line in some personal email to a friend to initiate a slew of Cabo resort ads and Sammy Hagar’s face plastering the perimeters of our social media feeds.

In 2018, it’s never been more clear that when we embrace technological developments, all of which make our lives easier, we are truly taking hold of a double-edged sword. But has our awakening come a little too late? As a society, are we already so hooked on the conveniences internet-enabled technologies provide us that we’re hard-pressed making the claim that we want the control of our personal data back?

It’s an interesting question. Our digital marketing firm recently conducted a survey to better understand how people feel about internet privacy issues and the new movement to re-establish control over what app providers and social networks do with our personal information.

Given the current media environment and scary headlines regarding online security breaches, the poll results, at least on the surface, were fairly predictable. According to our study, web users overwhelmingly object to how our information is being shared with and used by third-party vendors. No surprise here, a whopping 90 percent of those polled were very concerned about internet privacy. In a classic example of "Oh, how the mighty have fallen," Facebook and Google have suddenly landed in the ranks of the companies we trust the least, with only 3 percent and 4 percent of us, respectively, claiming to have any faith in how they handled our information.

Despite consumers’ apparent concern about online security, the survey results also revealed participants do very little to safeguard their information online, especially if doing so comes at the cost of convenience and time. In fact, 60 percent of them download apps without reading terms and conditions and close to one in five (17 percent) report that they’ll keep an app they like, even if it does breach their privacy by tracking their whereabouts.

While the survey reveals only 18 percent say they are “very confident” when it comes to trusting retails sites with their personal information, the sector is still on track to exceed a $410 billion e-commerce spend this year. This, despite more than half (54 percent) reporting they feel less secure purchasing from online retailers after reading about online breach after online breach.

What's become apparent from our survey is that while people are clearly dissatisfied with the state of internet privacy, they feel uninspired or simply ill-equipped to do anything about it. It appears many are hooked on the conveniences online living affords them and resigned to the loss of privacy if that’s what it costs to play.

The findings are not unique to our survey. In a recent Harvard Business School study, people who were told the ads appearing in their social media timelines had been selected specifically based on their internet search histories showed far less engagement with the ads, compared to a control group who didn't know how they'd been targeted. The study revealed that the actual act of company transparency, coming clean about the marketing tactics employed, dissuaded user response in the end.

As is the case with innocent schoolchildren, the world is a far better place when we believe there is an omniscient Santa Claus who magically knows our secret desires, instead of it being a crafty gift exchange rigged by the parents who clearly know the contents of our wish list. We say we want safeguards and privacy. We say we want transparency. But when it comes to a World Wide Web, where all the cookies have been deleted and our social media timeline knows nothing about us, the user experience becomes less fluid.

The irony is, almost two-thirds (63 percent) of those polled in our survey don’t believe that companies having access to our personal information leads to a better, more personalized, online experience at all, which is the chief reason companies like Facebook state for wanting our personal information in the first place. And yet, when an app we've installed doesn't let us tag our location to a post or inform us when a friend has tagged us in a photo or alerted us that the widget we were searching for is on sale this week, we feel slighted by our brave new world.

With the introduction of GDPR regulations this summer, the European Union has taken, collectively, the important first steps toward regaining some of the online privacy that we, as individuals, have been unable to take. GDPR casts the first stone at the Goliath that’s had free rein leveraging our personal information against us. By doling out harsh penalties and fines for those who abuse our private stats -- or at least those who aren’t abundantly transparent as to how they intend to use those stats -- the EU, and by extension, those countries conducting online business with them, has finally initiated a movement to curtail the hitherto laissez-faire practices of commercial internet enterprises. For this cyberspace Wild West, there’s finally a new sheriff in town.

I imagine that our survey takers applaud this action, although only about 25 percent were even aware of GDPR. At least on paper, the legislation has given us back some control over the privacy rights we’ve been letting slip away since we first signed up for a MySpace account. Will this new regulation affect our user experience on the internet? More than half of our respondents don’t think so, and perhaps, for now, we are on the way toward a balancing point between the information that makes us easier to market to and the information that’s been being used for any purpose under the sun. It’s time to leverage this important first step, and stay vigilant of its effectiveness with a goal of gaining back even more privacy while online.

Categorized in Internet Privacy

The Internet is massive. Millions of web pages, databases and servers all run 24 hours a day, seven days a week. But the so-called "visible" Internet—sites that can be found using search engines like Google and Yahoo—is just the tip of the iceberg. Below the surface is the Deep Web, which accounts for approximately 90 percent of all websites. As noted by ZDNet, in fact, this hidden Web is so large that it's impossible to discover exactly how many pages or sites are active at any one time. This Web was once the province of hackers, law enforcement officers and criminals. However, new technology like encryption and the anonymization browser software, Tor, now makes it possible for anyone to dive deep if they're interested.

 

Defining the Deep/Dark Web

There are a number of terms surrounding the non-visible Web, but it's worth knowing how they differ if you're planning to browse off the beaten path. According to PC Advisor, the term "Deep Web" refers to all Web pages that that are unidentifiable by search engines. The "Dark Web," meanwhile, refers to sites with criminal intent or illegal content, and "trading" sites where users can purchase illicit goods or services. In other words, the Deep covers everything under the surface that's still accessible with the right software, including the Dark Web. There's also a third term, "Dark Internet" that refers to sites and databases that are not available over public Internet connections, even if you're using Tor. Often, Dark Internet sites are used by companies or researchers to keep sensitive information private.

While many news outlets use "Deep Web" and "Dark Web" interchangeably, it's worth noting that much of the Deep is actually benign. Everything from blog posts in review to Web page redesigns still in testing to the pages you access when you bank online are part of the Deep and pose no threat to your computer or safety at large. As CNN Moneyillustrates, big search engines are like fishing boats that can only "catch" websites close to the surface. Everything else, from academic journals to private databases and more illicit content, is out of reach.

Access

Most people who wish to access the Deep Web use Tor, a service originally developed by the United States Naval Research Laboratory. Think of Tor as a Web browser like Google Chrome or Firefox. The main difference is that, instead of taking the most direct route between your computer and the deep parts of the Web, the Tor browser uses a random path of encrypted servers, also known as "nodes." This allows users to connect to the Deep Web without fear of their actions being tracked or their browser history being exposed. Sites on the Deep also use Tor (or similar software such as I2P) to remain anonymous, meaning you won't be able to find out who's running them or where they're being hosted.

Many users now leverage Tor to browse both the public Internet and the Deep. Some simply don't want government agencies or even Internet Service Providers (ISPs) to know what they're looking at online, while others have little choice—users in countries with strict access and use laws are often prevented from accessing even public sites unless they use Tor clients and virtual private networks (VPNs). The same is true for government critics and other outspoken advocates who fear backlash if their real identities were discovered. Of course, anonymity comes with a dark side since criminals and malicious hackers also prefer to operate in the shadows.

Use and Misuse

For some users, the Deep Web offers the opportunity to bypass local restrictions and access TV or movie services that may not be available in their local areas. Others go deep to download pirated music or grab movies that aren't yet in theaters. At the dark end of the Web, meanwhile, things can get scary, salacious and just plain...strange. As noted by The Guardian, for example, credit card data is available on the Dark Web for just a few dollars per record, while ZDNet notes that anything from fake citizenship documents to passports and even the services of professional hit men is available if you know where to look. Interested parties can also grab personal details and leverage them to blackmail ordinary Internet users. Consider the recent Ashley Madison hack—vast amounts of account data, including real names, addresses and phone numbers—ended up on the Dark Web for sale. This proves that, even if you don't surf the murky waters of the Dark Web, you could be at risk of blackmail (or worse) if sites you regularly use are hacked.

Illegal drugs are also a popular draw on the Dark Web. As noted by Motherboard, drug marketplace the Silk Road—which has been shut down, replaced, shut down again and then rebranded—offers any type of substance in any amount to interested parties. Business Insider, meanwhile, details some of the strange things you can track down in the Deep, including a DIY vasectomy kit and a virtual scavenger hunts that culminated in the "hunter" answering a NYC payphone at 3 a.m.

Real Risks

Thanks to the use of encryption and anonymization tools by both users and websites, there's virtually no law enforcement presence down in the Dark. This means anything—even material well outside the bounds of good taste and common decency—can be found online. This includes offensive, illegal "adult" content that would likely scar the viewer for life. A recent Wired article, for example, reports that 80 percent of Dark Web hits are connected to pedophilia and child pornography. Here, the notion of the Dark as a haven for privacy wears thin and shores up the notion that if you do choose to go Deep, always restrict access to your Tor-enabled device so children or other family members aren't at risk of stumbling across something no one should ever see. Visit the Deep Web if you're interested, but do yourself a favor: don't let kids anywhere near it and tread carefully—it's a long way down.

 Source: This article was published usa.kaspersky.com

Categorized in Deep Web

The Merriam-Webster dictionary defines security as measures taken to guard against espionage or sabotage, crime, attack, or escape. Those descriptive words also apply to the protections you must take when you're online to safeguard your security and privacy. We all realize by now that the Internet is full of hackers looking to steal anything of value, but worse yet, the government that has pledged to be ‘by the people, for the people’ often intrudes on our privacy in the name of national security.

This guide, however, is not for those engaged in covert activities that need would shielding from the prying eyes of the NSA. It is intended to be a basic guide for people who use the Internet on a daily basis for:

  • Work
  • Social Media Activity
  • E-commerce

Whether your online activity is largely confined to a desktop, or you're a mobile warrior on the go, implementing the proper security and privacy protocols can protect you from hackers and also prevent your ISP provider from knowing every single website you’ve ever accessed.

What follows is a basic guide that anyone can use to beef up online security and ensure as much privacy as possible, while being mindful that total anonymity on the Web is nearly impossible.

ONLINE SECURITY FOR DESKTOPS, LAPTOPS, AND MOBILE DEVICES

Install Software Updates

At the minimum, you need to make sure that you install the most recent software updates on all your desktop and mobile devices. We know that updates can be a pain, but they can ensure that your software is as secure as possible.

In fact, you will often notice that many update messages are related to some type of security glitch that could make it easier for someone to gain access to your information through the most common browsers such as Firefox, Safari and Chrome.

If you take your sweet time installing an update, it gives hackers that much more time to gain access to your system through the security flaw that the update was designed to fix.

Most of the major brands such as Apple and Samsung will send users messages on their desktops, laptops and mobile devices the moment they release a security update.

For example, Apple recently released new security updates for its iPhones, iPads and Macs for a computer chip flaw known as Spectre. This flaw affected billions of devices across all the major systems, including iOS.

Apple immediately sent a message to all its mobile users to install an update, which included security patches to block hackers from exploiting the flaw in the chip. The company also sent emails to desktop users to install Mac OS High Sierra 10.13.2, which included fixes to Safari for laptops and desktops.

The point is that you don’t need to worry that you won’t get these update prompts, because it’s in the best interests of the major brands to keep a massive hack from occurring. But if you want to ensure that you never miss an important update, there are several tools that can help you achieve this goal...

Update Tools for Mac Users

MacUpdate/MacUpdate Desktop – These two companion apps scan your desktop or mobile devices to locate software that needs updating. The desktop version has a menu bar that informs you when a software update is complete. The basic updating function is free to all users, but there are premium tiers that are ad-free, and include a credit system that rewards you for every new software you buy.

Software Update – This is a built-in app that you access through the Apple menu that opens the Mac App Store app and lets you click on the Updates tab. Software Update analyzes all the apps you’ve downloaded from the Mac App store to see if they’re updated. It does the same thing for your operating system software, which is a nice bonus.

Update Tools for PC Users

Patch My PC – If you choose the auto-update feature on this free tool, it automatically installs software patches on any application that has a security update. If you run the manual version, the program quickly scrolls through updated and non-updated applications and lets you check the ones you want to update and patch. One other useful aspect of this program is that you can run it using a flash drive.

TAKE ADVANTAGE OF ENCRYPTION

Encryption is a fancy word for a code that protects information from being accessed. There are various levels of encryption, and at the highest levels, encryption offers you the strongest protection when you are online. Encryption scrambles your online activity into what looks like a garbled, unidentifiable mess to anyone who doesn’t have the code to translate that mess back to its real content.

The reason this is important is that protecting your devices with only a password won’t do much to protect your data if a thief steals the device, accesses the drive and copies the data onto an external drive. If that device is encrypted, the data that the thief accesses and ports to another drive will still remain encrypted, and depend on the level of encryption, it will either take that thief a long time to break the code, or the thief will not be able to crack it.

Before we dive into some of the basics of encrypting desktops and mobile devices, remember that encryption has some drawbacks.

  • The main one is that if you lose the encryption key, it can be very difficult to access your data again. 
  • Second, encryption will affect the speed of your device because it saps the capacity of your processor.

This is a small price to pay, however, for all the benefits encryption offers in terms of security from intrusion and privacy from prying eyes that want to know exactly what you’re up to on the Internet.

Basic Encryption for Apple Devices

If you own an Apple mobile device such as an iPhone or iPad, these devices are sold with encryption as a standard feature, so all you need is a good passcode.

If you own a Mac desktop or laptop device, you can encrypt your device by using the FileVault disk encryption program that you access through the System Preferences menu under the ‘Security’ pull-down. Just follow the easy-to-understand directions to obtain your encryption key.

Basic Encryption for PCs and Android Devices

If you own a PC, you will need to manually encrypt your device. You can encrypt the newer PC models using BitLocker, a tool that’s built into Windows. BitLocker is only available if you buy the Professional or Enterprise versions of Windows 8 and 10, or the Ultimate version of Windows 7.

If you choose not to use BitLocker, Windows 8.1 Home and Pro versions include a device encryption feature that functions very much like BitLocker.

Newer Android phones including the Nexus 6 and Nexus 9, have default encryption. But for phones that are not encryption enabled, the process is not difficult.

For phones and tablets that run on Android 5.0 or higher, you can access the Security menu under Settings and select ‘Encrypt phone’ or ‘Encrypt tablet.’ You will have to enter your lock screen password, which is the same password necessary to access your files after encryption.

For phones and tablets that run on Android 4.4 or lower, you must create a lock screen password prior to initiating the encryption process.

PROTECT YOUR TEXT MESSAGING

Even before Edward Snowden became a household name with his explosive revelations about the extent of NSA’s wiretapping of Americans, it was obvious that text messages were vulnerable to interception by outside parties.

What’s even more insidious is that the information generated from your text messages, which is known as metadata, is extremely valuable. Metadata includes information about whom you communicate with, where that communication takes place and at what time.

Hackers and government agencies can learn a great deal about you through metadata, which is why it’s so important for you to protect the privacy of your text messages.

Fortunately, there are applications you can install to encrypt your text messages after they are sent to another person, and many don’t collect metadata.

Tools to Encrypt Your Text Messages

The signal is a free app that provides end-to-end encryption for Android and iOS, which means that only the people who are communicating on the text message can read the messages.

Any other party would need the encryption key to decrypt the conversation, and that includes the company that owns the messaging service. One of the big advantages of using Signal is that it collects very little metadata.

Another popular encrypted messaging service is WhatsApp, owned by Facebook, which works mostly on mobile devices. Remember to turn off all backups on your WhatsApp account by accessing Chats, then Chat Backup and setting Auto Backup to Off. This turns off backups on the app and the cloud.

If you don’t disable the Auto Backup feature, government and law enforcement agencies can access the backup with a search warrant. Why is that so risky? Because end-to-end encryption only covers the transmission of your messages and doesn’t protect messages that are in storage. In other words, law enforcement or government agencies could read the text messages stored in a cloud backup.

One other thing to remember is that although WhatsApp is considered one of the more secure apps for encrypting text messages, it does collect metadata.

And if a government or law enforcement agency obtained a search warrant, it could force Facebook to turn over that metadata, which would reveal things you might want kept private such as IP addresses and location data.

PROTECT YOUR BROWSING HISTORY

Whenever you’re on the Internet, there are people trying to see what you’re doing, when you’re doing it and how often you’re doing it. Not all these prying eyes have ill intent, and in many cases, they are marketers who are trying to track your online movements so they can target you for ads and offers. But enterprising hackers are also monitoring your activities, looking for weaknesses they can target to obtain your personal information. And your Internet Service Provider (ISP) gathers a ton of information based on your browsing history.

In the face of all these threats to privacy, how do you protect yourself when you’re online?

You can use a virtual private network (VPN), which acts exactly the way a standard browser does, but lets you do it anonymously. When you use a VPN, you connect to the Internet using the VPN provider’s service. All transmissions that occur when you get online with your mobile phone, tablet, desktop or laptop are encrypted. This protects all your online activity from the government as well as from your ISP, lets you access sites that would normally be restricted by your geographical location, and shields you from intrusion when you are at a public hotspot.

If someone tries to track your activity, your IP address will appear as that of the VPN server, which makes it nearly impossible for anyone to know your exact location, or your actual IP address. However, VPNs don’t provide you with total anonymity, because the VPN provider knows your real IP address as well as the sites you’ve been accessing. Some VPN providers offer a ‘no-logs’ policy, which means that they don’t keep any logs of your online activities.

This can be hugely important if you are up to something that the government takes an interest in, such as leading a protest group, and you want to make sure none of your online activities can be tracked.

But VPN providers are vulnerable to government search warrants and demands for information and must measure the possibility of going to jail by keeping your activity private, versus giving up your information and staying in business.

That’s why if you choose to go with a VPN, it’s important to do the research on a provider’s history and reputation. For example, there are 14 countries in the world that have shared agreements about spying on their citizens and sharing the information they unearth with each other. It may not surprise you to learn that the U.S,  Canada, United Kingdom, France, Germany, and Italy are all part of that alliance.

What may surprise you is that it’s best to avoid any VPNs that are based in one of these 14 countries, because of their data retention laws and gag orders which prevent VPN providers from telling their customers when a government agency has requested information on their online activities.

If you’re serious about VPNs and want to know which are trustworthy and which aren’t worth your time, we’ve done a pretty extensive review of VPN services that you can access here. Used correctly, VPNs can provide you with a high degree of privacy when you’re online, but in an era in which billions have joined social media platforms such as Facebook, and services such as Google, what are the privacy risks related to how these companies use your personal information?

HOW THE HEAVY HITTERS USE YOUR PERSONAL INFORMATION

Facebook

There isn’t much privacy when you join Facebook, especially since the company’s privacy policy blatantly states that it monitors how you use the platform, the type of content you view or interact with, the number of times you’re on the site, how long you spend on the site, and all the other sites that you browse when you’re not on Facebook.

How does Facebook know that little nugget? By tracking the number of times you click ‘Like’ on any site that includes a Facebook button.

Unfortunately, there isn’t much you can do to make Facebook more private. You can access the ‘Download Your Information’ tool to know exactly what the site has on you, and you can check your activity log to track your actions since you joined Facebook, but that’s about it.

Deleting your account will remove your personal information, but any information about you that your followers have shared in a post will remain on the site.

Google

Google stores personal information such as your name, email contact, telephone number, how you use the service, how you use sites with Ad Words, your search inquiries, and location tracking. More importantly, your name, email address, and photo are publically available unless you opt out.

To protect some of your privacy, you can edit a number of preferences, turn off location tracking, change your public profile and read what information Google has collected on you through the company’s data board.

Apple

Apple’s privacy policy states that it collects information such as your name, contacts and music library content, and relays them to its own servers using encryption. Apple’s News app analyzes your reading preferences to match them to ads targeted toward what you like.

Targeted advertising is one of Apple’s biggest con jobs, and that’s said with respect for the company’s ability to print money like no other business on earth. Apple has created ad-blocking technology in its iOS software to prevent outside companies from reaching its customers.

But it makes no bones about using personal information and personal preferences culled from its customers to supply them with an endless stream of targeted and intrusive ads.

You can opt out of what Apple calls ‘interest-based ads’, but the company pretty much lets you figure this out on your own.

Amazon

Amazon collects a ton of person information, including name, address, phone number, email, credit card information, list of items bought, Wish List items, browsing history, names, addresses and phone numbers of every person who has ever received an Amazon product or service from you, reviews you’ve posted, and requests for product availability alerts.

It isn’t much you can do to keep Amazon from being intrusive unless you’re not planning on using the site for purchases. For example, Amazon uses ‘cookies,’ which are snippets of data that attach to your browser when you visit the site.

Cookies activate convenient features such as 1-Click purchasing and generate recommendations when you revisit Amazon, but they also allow Amazon to send you ads when you’re on another website, which can feel like an invasion of privacy and are also annoying.

The problem is if you opt to turn off cookies on your Amazon account, you won’t be able to add items to your shopping cart or do anything that requires a sign-in, which pretty much eliminates all your buying options.

That gives you a general overview of how some of the big brands use your data so you’re aware of the implications of providing your personal information. Let’s wrap things up with some frequently asked questions about security and privacy.

FAQ'S ABOUT SECURITY AND PRIVACY

1. Can people really hack me at a coffee shop?

Most coffee shops offer public WiFi that has varying levels of security. In many instances, these free networks are not very secure, and even a low-level hacker could gain access to the transmissions occurring at the coffee shop by setting up a fake hotspot. If you want to get online at a coffee shop, do so through a VPN. If you don’t have a VPN, make sure you’re signing in under the name of the WiFi hotspot, and limit your activity to browsing instead of conducting financial transactions.

2. Is the NSA really watching me via my computer camera?

The NSA definitely has the technology to spy on you through your webcam. Edward Snowden revealed that the NSA has plug-in that can hack cameras and take pictures, record video and turn on the mic on a webcam to act as a listening device. One easy way to thwart this hack is to place a sticker on your webcam lens that prevents a hacker from seeing anything in your home.

3. Can Facebook see my messenger chats and change my feed based on those conversations?

Facebook’s Messenger feature uses security that it says is similar to what banks use to protect their clients’ financial information. Two years ago, Facebook added end-to-end encryption to its messenger feature, but users must activate it because it’s not a default. However, Facebook does use your profile, public photos, and public posts to better customize things such as the content of the News feed it sends to you.

4. When can - or can’t - the government get personal data from companies?

Under the Electronic Communications Privacy Act passed in 1986, government agencies can obtain subpoenas and search warrants to force technology companies like Google or Apple to provide information about a user or a group of users. Companies can refuse based on the Fourth Amendment ban against unreasonable search and seizure, but they face an uphill battle if the request is for a legitimate reason. Recently, Amazon refused an order by the state of Massachusetts to turn over data about third-party sellers. But the company relented after it was served with court order to provide the data or face legal consequences.

THE ONLY CONSTANT IS CHANGE

Privacy and security are two sides of the same coin, and while there is no way to guarantee total privacy or complete security in the digital world, the first step is to understand the tools available to you, and the ways in which your personal data is being used by big companies that want your business.

While this isn’t a comprehensive guide to every aspect of online security and privacy, it provides you with some best practices and important concepts that can help you better understand this complex and ever-changing issue. 

 Written By Alex Grant

Categorized in Internet Privacy

Written By Bram Jansen

A lot more people are concerned about privacy today than used to be the case a few years ago. The efforts of whistleblowers like Edward Snowden have a lot to do with this. Things have changed now that people realize just how vulnerable they are when browsing the web. When we say things have changed we mean people are starting to take their online privacy more seriously. It does not mean that the threats that you face while browsing has reduced. If anything, they have increased in number. If you still don’t look after your online privacy, there’s no time to think about it anymore. You have to take action now.

5 reasons to protect online privacy

1- Hide from government surveillance

Almost all countries of the world monitor the online activity of their citizens to some degree. It doesn’t matter how big or developed the country is. If you think that your government doesn’t look into your online privacy at all, you’re deluding yourself. The only thing that varies is the extent to which your internet activity is monitored and the information that is recorded.

2- Bypass government censorship

There are large parts of the world where internet is not a free place. Governments censor the internet and control what their citizens can and cannot access and do on the internet. While most people know about The Great Firewall of China and the way middle-eastern countries block access to social networking and news websites, the problem is there are a lot more countries.

3- Protect your personal data

You use the internet to share a lot of personal data. This includes your private conversations, pictures, bank details, social security numbers, etc. If you are sharing this without hiding it, then it is visible to everyone. Malicious users can intercept this data and make you a victim of identity theft quite easily. While HTTPS might protect you against them, not all websites use it.

4- Hiding P2P activity is important

P2P or torrenting is a huge part of everyone’s internet usage today. You can download all sorts of files from P2P websites. However, many of this content is copyrighted and protected by copyright laws. While downloading copyrighted content for personal usage is legal, sharing it is illegal. The way P2P works you are constantly sharing the files as you download them. If someone notices you downloading copyrighted content, you might be in trouble. There is a lot of vagueness when it comes to copyright laws, so it’s best to hide your torrent activity. Even those in Canada have to use P2P carefully. The country provides some of the fastest connections but is strengthening its stronghold on P2P users.

5- Stream content peacefully without ISP throttling

When you stream or download content, your ISP might throttle your bandwidth to balance the network load. This is only possible because your ISP can see your activity. You are robbed of a quality streaming experience because of this. The solution is to hide your online activity.

Online privacy is fast becoming a myth, and users have to make efforts to have some privacy on the internet. The best way to do this is to use a VPN, for they encrypt your connection and hide your true IP address. But be careful when you choose a VPN. If you don’t know how to choose the best VPN, visit VPNAlert for the detailed solution. Or choose a VPN that does not record activity logs and does not hand over data to the authorities, otherwise all your efforts will be for naught.  

Categorized in Internet Privacy

What would you do if your most private information was suddenly available online, for anyone to see? Just imagine: picturesvideos, financial information, emails...all accessible without your knowledge or consent to anyone who cares to look for it.  We've probably all seen news items come out about various celebrities and political figures who have been less careful than they should be with information that was not meant for public consumption.

Without proper oversight of this sensitive information, it can become available to anyone with an Internet connection.

Keeping information safe and protected online is a growing concern for many people, not just political figures and celebrities. It's smart to consider what privacy precautions you might have in place for your own personal information: financial, legal, and personal. In this article, we're going to go over five practical ways you can start protecting your privacy while online to guard yourself against any potential leaks, avoid embarrassment, and keep your information safe and secure.

Create Unique Passwords and Usernames for Each Online Service

Many people use the same usernames and passwords across all their online services. After all, there are so many, and it can be difficult to keep track of a different login and password for all of them. If you're looking for a way to generate and keep track of multiple secure passwords, KeePass is a good option, plus it's free: "KeePass is a free open source password manager, which helps you to manage your passwords in a secure way.

You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish)."

Don't Assume Services are Safeguarding Your Information

Online storage sites such as DropBox do a pretty good job of keeping your information safe and secure. However, if you're concerned that what you're uploading is especially sensitive, you should encrypt it - services like BoxCryptor will do that for you for free (tiered pricing levels do apply).

Be Careful Sharing Information Online

We're asked to fill out forms or log into a new service all the time on the Web. What is all this information used for? Companies make a lot of money analyzing and using the data that we are freely giving them. If you'd like to stay a little bit more private, you can use BugMeNot to avoid filling out unnecessary forms that ask for too much personal information and keep it for other uses.

Never Give Out Private Information

We should all know by now that giving out personal information (name, address, phone number, etc.) is a big no-no online. However, many people don't realize that the information that they are posting on forums and message boards and social media platforms can be put together piece by piece to create a complete picture. This practice is called "doxxing", and is becoming more of a problem, especially since many people use the same username across all of their online services.

In order to avoid this happening, be extremely cautious in how much information you're giving out, and make sure you don't use the same username across services (see the first paragraph in this article for a quick review!).

Log Out of Sites Often

Here's a scenario that happens all too often: John decides to take a break at work, and during that time, he decides to check his bank balance. He gets distracted and leaves the bank balance page up on his computer, leaving secure information out for anyone to see and use. This kind of thing happens all the time: financial information, social media logins, email, etc.

can all be compromised extremely easily. The best practice is to make sure you're on a secure computer (not public or work) when you're looking at personal information, and to log out of any site you might be using on a public computer so that other people who have access to that computer will not be able to access your information. 

Prioritize Online Privacy

Let's face it: while we'd like to think that everyone we come in contact with has our best interests at heart, this is sadly not always the case — and especially applies when we're online. Use the tips in this article to protect yourself from unwanted leaks of your personal information on the web. 

Source: This article was published lifewire.com By Jerri Collins

Categorized in Internet Privacy

When Congress voted in March to reverse rules intended to protect Internet users’ privacy, many people began looking for ways to keep their online activity private. One of the most popular and effective is Tor, a software system millions of people use to protect their anonymity online.

But even Tor has weaknesses, and in a new paper, researchers at Princeton University recommend steps to combat certain types of Tor’s vulnerabilities.

Tor was designed in the early 2000s to make it more difficult to track what people are doing online by routing their traffic through a series of “proxy” servers before it reaches its final destination. This makes it difficult to track Tor users because their connections to a particular server first pass through intermediate Tor servers called relays. But while Tor can be a powerful tool to help protect users’ privacy and anonymity online, it is not perfect.

In earlier work, a research group led by Prateek Mittal, an assistant professor of electrical engineering, identified different ways that the Tor network can be compromised, as well as ways to make Tor more resilient to those types of attacks. Many of their latest findings on how to mitigate Tor vulnerabilities are detailed in a paper titled “Counter-RAPTOR: Safeguarding Tor Against Active Routing Attacks,” presented at the IEEE Symposium on Security and Privacy in San Jose, California, in May.

The paper is written by Mittal, Ph.D. students Yixin Sun and Anne Edmundson, and Nick Feamster, professor of computer science, and Mung Chiang, the Arthur LeGrand Doty Professor of Electrical Engineering. Support for the project was provided in part by the National Science Foundation, the Open Technology Fund and the U.S. Defense Department.

The research builds on earlier work done by some of the authors identifying a method of attacking Tor called “RAPTOR” (short for Routing Attacks on Privacy in TOR). In that work, Mittal and his collaborators demonstrated methods under which adversaries could use attacks at the network level to identify Tor users.

“As the internet gets bigger and more dynamic, more organizations have the ability to observe users’ traffic,′ said Sun, a graduate student in computer science. “We wanted to understand possible ways that these organizations could identify users and provide Tor with ways to defend itself against these attacks as a way to help preserve online privacy.”

Mittal said the vulnerability emerges from the fact that there are big companies that control large parts of the internet and forward traffic through their systems. “The idea was, if there’s a network like AT&T or Verizon that can see user traffic coming into and coming out of the Tor network, then they can do statistical analysis on whose traffic it is,” Mittal explained. “We started to think about the potential threats that were posed by these entities and the new attacks — the RAPTOR attacks — that these entities could use to gain visibility into Tor.”

Even though a Tor user’s traffic is routed through proxy servers, every user’s traffic patterns are distinctive, in terms of the size and sequence of data packets they’re sending online. So if an internet service provider sees similar-looking traffic streams enter the Tor network and leaving the Tor network after being routed through proxy servers, the provider may be able to piece together the user’s identity. And internet service providers are often able to manipulate how traffic on the internet is routed, so they can observe particular streams of traffic, making Tor more vulnerable to this kind of attack.

These types of attacks are important because there is a lot of interest in being able to break the anonymity Tor provides. “There is a slide from an NSA (the U.S. National Security Agency) presentation that Edward Snowden leaked that outlines their attempts at breaking the privacy of the Tor network,” Mittal pointed out. “The NSA wasn’t successful, but it shows that they tried. And that was the starting point for this project because when we looked at those documents we thought, with these types of capabilities, surely they can do better.”

In their latest paper, the researchers recommend steps that Tor can take to better protect its users from RAPTOR-type attacks. First, they provide a way to measure internet service providers’ susceptibility to these attacks. (This depends on the structure of the providers’ networks.) The researchers then use those measurements to develop an algorithm that selects how a Tor user’s traffic will be routed through proxy servers depending on the servers’ vulnerability to attack. Currently, Tor proxy servers are randomly selected, though some attention is given to making sure that no servers are overloaded with traffic. In their paper, the researchers propose a way to select Tor proxy servers that take into consideration vulnerability to outside attack. When the researchers implemented this algorithm, they found that it reduced the risk of a successful network-level attack by 36 percent.

The researchers also built a network-monitoring system to check network traffic to uncover manipulation that could indicate attacks on Tor. When they simulated such attacks themselves, the researchers found that their system was able to identify the attacks with very low false positive rates.

Roger Dingledine, president and research director of the Tor Project, expressed interest in implementing the network monitoring approach for Tor. “We could use that right now,” he said, adding that implementing the proposed changes to how proxy servers are selected might be more complicated.

“Research along these lines is extremely valuable for making sure Tor can keep real users safe,” Dingledine said. “Our best chance at keeping Tor safe is for researchers and developers all around the world to team up and all work in the open to build on each other’s progress.”

Mittal and his collaborators also hope that their findings of potential vulnerabilities will ultimately serve to strengthen Tor’s security.

“Tor is amongst the best tools for anonymous communications,” Mittal said. “Making Tor more robust directly serves to strengthen individual liberty and freedom of expression in online communications.”

Source: This article was published princeton.edu By Josephine Wolff

Categorized in Internet Privacy

Tor is a popular tool for activists, hackers, journalists, and anyone who doesn't want their actions online to be tracked to the finest detail. Wochit

Question: What exactly is the "deep Web" and how do you get to it?

Answer: Despite many representations of a nefarious underground operating out of sight, the so-called "deep Web" is actually mostly benign private databases and Web resources not meant to be accessed by the public.

The "surface Web" is essentially what can be indexed by search engines such as Google or Bing, while the deep Web consists of items that can’t be accessed using a search engine on a standard Web browser.

Protected Internet databases such as those for banks and anything past a log-in screen, such as your private files stored in the cloud and data stored by private companies, aren’t indexed by search engines. Websites can also specifically tell the search engines that they don’t want to be indexed, making them relatively "invisible" to the average user.

According to most estimates, the deep Web makes up about 90 percent of the entire Internet, because so much of what is stored online is protected information that requires some form of authentication or knowledge of a hidden Web address.

The 'dark Web'

There is a very small percentage of the deep Web where secret and sometimes nefarious activity is taking place, often referred to as the "dark Web" or the "darknet." The tools used to access the dark Web focus on anonymity by incorporating encryption and specialized privacy browsers such as Tor.

Tor, also known as "The Onion Router," uses a large network of relays to bounce Internet traffic through; it’s much like the layers of an onion, making it much more difficult for anyone conducting any type of surveillance to see who is doing what.

The core technology used in Tor was actually developed by the U.S. Naval Research Lab in the mid-1990s for the intelligence community to protect online communications. To this day, Tor and other similar tools are used by governments, activists and whistleblowers to communicate anonymously.

The Tor Project states: "Tor users include 'normal people' who wish to keep their Internet activities private from websites and advertisers, people concerned about cyber-spying, users who are evading censorship such as activists, journalists, and military professionals."

Using Tor alone doesn’t mean you’re completely anonymous and, for most users, the trade-off in slow performance isn’t worth the increase in privacy for daily surfing.

Tor's dark side

Tor and other similar tools are also used for illicit activities such as buying and selling drugs, stolen credit-card numbers and IDs; money laundering; and more via black markets only accessible on the dark Web.

One of the most famous dark-Web marketplaces was called Silk Road, which was shut down by the FBI in 2013. The site’s founder, Ross Ulbricht, was sentenced to life in prison without possibility of parole.

Despite law enforcement's attempts to control illegal underground marketplaces, when one is shut down, two more seem to pop up.

To be fair, not all dark-Web resources operate in an illegal manner, and much of the activity is vital to our law-enforcement and intelligence community’s efforts. As with any technology, it’s impossible to control its uses for only legal purposes so, as always, it’s the good with the bad.

Ken Colburn is the founder and CEO of Data Doctors Computer Services. Ask any tech question at: Facebook.com/DataDoctors or on Twitter @TheDataDoc.

Categorized in Deep Web
Page 1 of 3

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.
Please wait

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Newsletter Subscription

Receive Great tips via email, enter your email to Subscribe.
Please wait

Follow Us on Social Media

Book Your Seat for Webinar GET FREE REGISTRATION FOR MEMBERS ONLY      Register Now