How to Keep Your Data Private and Browse the Internet Anonymously

Posted Tuesday, April 10th, 2012 (5:00 am) by Mark Jackson (Score 15622)

It’s because you have something to hide. Internet anonymity is a bitterly conflicted subject that, on the one hand, safely masks our private lives from view or abuse, while on the other it can be manipulated by unscrupulous individuals for often criminal purposes. But just how do you go about keeping your private life.. private? In recent years the issue of online privacy has become ever more important. Commercial firms increasingly seek to know more about our buying habits and even the government often appears to be almost equally interested in what we’re all doing online.

Those ignorant of the dangers often like to say, “If you have nothing to hide then you shouldn’t have anything to fear,” a perhaps popular phrase among many past and present dictatorships, communist states and those whom simply overlook the one most obvious and simple truth of all. Yes, we all have something to hide.

From the fact that we wear clothes, shut our curtains, lock our doors and choose not to live in completely transparent houses; to the fact that we shop online, read online, explore our understanding of the world online, experiment with relationships, discuss our illnesses and research matters of a deeply personal nature. People most certainly do have things to hide.

In this article ISPreview.co.uk explores what methods exist to help keep your private information secure and why growing efforts to monitor what people do online could ultimately prove fruitless.

The Technical Truth of Internet Anonymity

Generally speaking a communication conduit should always be secure and private, unless the police have a legitimate reason to suspect that it is being abused or you chose to make the content public (i.e. Twitter, Facebook etc.). In reality if an individual chooses to hide their internet connection or personal details from prying eyes then, short of physically cutting the connection off, there’s not a lot that anybody, not even your ISP, can do about it.

Ofcom’s Web Blocking Review Statement

“Circumvention of a block is technically a relatively trivial matter irrespective of which of the techniques used. Knowledge of how site operators and end users

From www.ispreview.co.uk/index.php/2012/04/how-to-keep-your-data-private-and-browse-the-internet- anonymously.html/2 31 December 2012 can work around blocks is widely distributed and easily accessible on the internet … It is not technically challenging and does not require a particularly high level of skill or expertise.

Ofcom was also asked to consider whether the site-blocking provisions in the Digital Economy Act would work in practice. The Act contains reserve powers to allow courts to order that websites dedicated to copyright infringement are blocked. The regulator concluded the provisions as they stand would not be effective.”

The reason this is even possible stems from how the internet allows information to flow relatively freely, much like a river. With a river you can change the flow of water, check it for impurities (errors) and generally fiddle around but the only real way to stop it would be to kill the entire flow (i.e. physically cut the cable); short of that some of the water will almost always make it through, often by masking itself to look like something else (i.e. a different kind of internet traffic).

In essence, Internet Service Providers (ISP) can control your connection but only up to a point. As a result practically all ISP-imposed internet censorship (filtering) systems are merely skin deep in their effect and thus easy to circumvent. It’s a worryingly common misconception that ISPs, which merely manage “access“, can also control “content“; these are two very different things. ISPs can only delete content that exists within their own servers (e.g. a member’s ISP hosted webpage) and cannot physically remove content from the wider (external / remote) internet.

Circumvention Solutions

From www.ispreview.co.uk/index.php/2012/04/how-to-keep-your-data-private-and-browse-the-internet- anonymously.html/2 31 December 2012 Thankfully there are a number of methods by which you can retain tighter control over your personal information and privacy, many of which we’ve summarised (albeit only in the most basic of ways) below. Crucially none of these methods represent any kind of previously unknown voodoo art or underworld secret.

All are common knowledge and the vast majority exist for legitimate and or essential purposes. Indeed Ofcom recently covered them all as part of their public review into the viability of website blocking measures (linked above).

Web Browser Privacy Mode(s)

This is perhaps the most basic of online privacy masks, albeit one of the least effective; assuming your goal is to fully obscure an internet connection. Most modern website browsers now come with a Privacy Mode (e.g. ‘InPrivate’ for Microsoft’s Internet Explorer), which effectively prevents your computer from storing data about your browsing session (e.g. cookies, temporary Internet files, history and other information).

This is good if you don’t want advertisers or friends/colleagues to know which sites you’ve been visiting. It can also help to protect against some Spyware methods. But remember that enabling a privacy mode will also prevent some website features from working, such as the ability to keep you logged into a chat room or discussion forum, and won’t stop your connection (e.g. IP address) details from leaking out.

Accessing Websites via an IP Address

It might surprise people to learn that one of the easiest ways to defeat some internet filtering systems, such as those used by ISPs to block access to specific websites (sometimes in error) and or adult content, is to try accessing the site via its numerical Internet Protocol (IP) address.

Every website starts out with an IP address, which is later converted by the Domain Name System (DNS) into a more human readable form. For example, at the time of writing http://www.ISPreview.co.uk runs off an IP (IPv4) address of 87.106.143.49, which means that you could access the site just by visiting “http://87.106.143.49” (could of changed by the time you read this).

Failing that you could attempt to access the site via a Hypertext Transfer Protocol Secure connection, which really just means typing HTTPS instead of HTTP, followed by the IP address (note: not all servers enable or use https). These are often encrypted and as a result some systems do not block them.

Advanced users can simplify this process and avoid repetition by adding the website to their computer hosts file (e.g. c:/windows/system32/drivers/etc/host – for Microsoft Windows XP 32Bit). For example, adding the following additional line to that file (at the bottom) would bypass your ISPs DNS server every time the related website (in this case “ISPreview.co.uk”) is called and use the sites manually entered IP details instead (just make sure to keep the IP address current/updated as otherwise the site won’t load).

From www.ispreview.co.uk/index.php/2012/04/how-to-keep-your-data-private-and-browse-the-internet- anonymously.html/2 31 December 2012 87.106.143.49 ispreview.co.uk

Take note that ISPs often suffer from DNS problems and thus this can also become a useful method for accessing ordinary sites until any related problems have been resolve. However it is by no means foolproof, many filters will also block IP addresses and related https connections.

Change your ISPs DNS Server (OpenDNS, Google Public DNS)

Another method for getting around your ISPs Domain Name System (DNS) servers and related filtering system is to use a free third party solution, such as one from OpenDNS or Google Public DNS. Both represent free alternative DNS solutions that are often faster than your ISPs own DNS servers, give you more control over the process and can also be more secure (e.g. OpenDNS has its own OPTION for adult content filtering that can effectively work at the network level).

Google Public DNS http://code.google.com/speed/public-dns/

OpenDNS http://www.opendns.com

BlockAid http://www.blockaid.me

Swapping to a free DNS solution is usually just a simple matter of adding two IP address numbers (Primary/Preferred DNS Server and Secondary/Alternate DNS Server) into your software’s network connection profile (usually requires an admin account) or, more directly, from within your router. The latter method is best if you want the DNS change to benefit your whole network instead of just one device/computer (fyi – some pre-configured ISP supplied routers do not provide an option to change the DNS).

From www.ispreview.co.uk/index.php/2012/04/how-to-keep-your-data-private-and-browse-the-internet- anonymously.html/2 31 December 2012

It should be noted that most free DNS solutions are ad-supported, which only shows up when you miss-type a web address. At that point the free solution will often display its own search engine with a list of close matches for your search term (unobtrusive adverts will also be shown alongside). In reality this is little different from a normal search engine.

Sadly switching DNS servers isn’t enough to avoid the more sophisticated ISP-level web blocks but you should consider swapping anyway as the free solutions tend to be of a generally better quality than the one provided by your ISP.

Internet Proxy Servers

Proxy’s (application gateways) are servers that essentially sit in-between your internet connection and the website or online service that you want to access. Internet providers and local network managers often use them as a means of retaining tighter control over the flow of network traffic, indeed Proxy’s even play a part in many web censorship/filtering systems. Ironically the same method can also be used to defeat unwanted web filters.

In practical terms, when somebody visits a website or server through a third party Proxy, then the remote website or service will only see the proxy’s connection details

From www.ispreview.co.uk/index.php/2012/04/how-to-keep-your-data-private-and-browse-the-internet- anonymously.html/2 31 December 2012 (e.g. IP address) and not yours. As a result you can often use this solution to both circumvent your ISPs filtering system and retain greater control over personal data. Some ISPs will attempt to prevent this by imposing blocks on common proxy servers or related sites but this is a losing battle, proxy details often change far faster than an ISPs ability to adapt.

On top of that there are many different types of proxy server and not even some of the world’s most repressive regimes (e.g. Iran, Syria, China etc.) have been able to stop them. Here are a few examples of related solutions.

Web Based Proxy Servers

This is perhaps the simplest method. An internet user need only visit a special website and type in the web (URL) address that they’d like to visit, after that the website will redirect your request through their proxy server and bring up the remote site (one you requested) without exposing your IP address to the site.

There are thousands of such solutions around the web, many of which can be used for more services than website browsing and most are only a Google search away. Two familiar examples have been listed below but they’re by no means the best for what you might want.

Google Translate http://translate.google.com

Coral CDN http://coralcdn.org

Google’s translate system makes use of a proxy connection to work its language conversion magic, although at the same time you can also use it to access websites that might otherwise be unavailable (doesn’t always work). Coral CDN is even more sophisticated and works by asking the user to simply append “.nyud.net” to the end of ANY web address. Try it with ISPreview here (http://www.ispreview.co.uk.nyud.net) [this can be quite slow].

It should also be said that most web browsers and internet software will often have an option somewhere that allows you to connect through a proxy server every time you go online. This won’t work with the above examples but there are plenty of free proxy’s you can try, just Google around and then enter the IP and or Port number/address of the proxy accordingly (usually that’s all they require).

Sophisticated Proxy Client Software (e.g. TOR, Telex)

Sophisticated client software solutions, which effectively do all of the leg work for you, also exist. These make use of multiple proxy’s and popular web servers (often ones that change faster than the censors can manage) to help redirect traffic and thus protect your privacy or freedom of speech.

From www.ispreview.co.uk/index.php/2012/04/how-to-keep-your-data-private-and-browse-the-internet- anonymously.html/2 31 December 2012 Many of these solutions exploit the fact that censorship systems don’t usually block all internet traffic and thus are capable of intelligently finding ways around such restrictions. Two of the best known examples are as follows.

Telex https://telex.cc

Tor https://www.torproject.org

It’s important to stress that free proxy server solutions can often be almost perilously slow (you’re limited by the proxy’s speed), which means that you might have to do some hunting before finding a good one. Commercial solutions are also available but if you’re going to pay money then a VPN might be better (we’ll tackle that next).

Paid solutions will usually be faster and can also help you access UK online TV content, such as via the BBC’s iPlayer service (e.g. if you use a UK proxy), which is handy if you live outside of the country (ex-pat). Likewise free and paid solutions make using internet banking a lot easier as many UK banks would otherwise ban non-UK IP addresses from accessing their service.

At this point we need to mention security because a malicious individual could potentially abuse the proxy they run to gather data about what you’re doing online, so make sure not to enter bank details over an untrustworthy free solution. Likewise many webmasters distrust people who register on their site via a proxy server (Proxies are often used by spammers and trolls too), so don’t be surprised if you end up being banned just for that.

Virtual Private Network (VPN)

VPN’s effectively operate like a network within a network. They use public telecommunications infrastructure, such as the internet, to provide individual users with secure/encrypted access to an organization’s network. Remote workers often use VPN’s to connect with their office network while at home and multiplayer gamers can also use it to create a kind of virtual Local Area Network (LAN) between friends over the internet.

But, not unlike a Proxy Server, VPN’s also make for an excellent tool when somebody wants go online and surf the internet anonymously or gain access to UK content/services while outside of the country (alternatively you could use one to access content in other countries, such as Hulu in the USA). While connected through a third party VPN your real connection details would remain almost completely hidden from view and any activity is usually encrypted.

A VPN is normally easy to connect with (i.e. the ‘Network and Sharing Centre’ under Windows Vista/7), often requiring just a username, password and vpn server name (“Domain“). A mix of both free and paid (commercial) solutions can be found online, although there are many different types and they don’t all work in the same way.

From www.ispreview.co.uk/index.php/2012/04/how-to-keep-your-data-private-and-browse-the-internet- anonymously.html/2 31 December 2012

Most free solutions are slow and quite restrictive, although even some paid services have similar problems. Check the VPN’s usage allowances and maximum speeds very closely as both could hinder your performance and flexibility. A few of the better known services are listed below (unordered).

VPNHQ http://vpnhq.com

Relakks https://www.relakks.com/?cid=gb

PrivateTunnel https://www.privatetunnel.com

AccessVPN http://accessvpn.com

ItsHidden http://itshidden.com/

CyberGhost http://cyberghostvpn.com/

From www.ispreview.co.uk/index.php/2012/04/how-to-keep-your-data-private-and-browse-the-internet- anonymously.html/2 31 December 2012 Anchor Free http://anchorfree.com/

At this point it’s worth mentioning that some web-based VPN’s still suffer from a flaw that can expose your IP address unless you disable IPv6 in Windows Vista/7. For example, this affects those who use IPv6 in combination with PPTP-based VPN’s like Ipredator or Relakks. The OpenVPN standard is not believed to be affected. For additional security we’d also recommend changing your ISPs DNS servers (as mentioned earlier).

General Advice

It’s a good idea to avoid downloading and installing Java (i.e. for runtime java web applications) unless you need it, which is not to be confused with the standard JavaScript that a lot of websites use for performing basic functions (supported at default by most browsers). Most people don’t need Java Runtimes anymore and they are usually an optional install.

Sadly some Java based web applications will grab a lot of personal data from your system and the runtimes can even be exploited, unless you keep them updated (usually enabled by default), by malicious websites to install viruses or other nasty malware. Many malicious Trojan and phishing attacks use Java apps as a means to invade computer systems.

Likewise it’s a good idea to avoid installing unfamiliar third-party browser plugins, unless absolutely needed, and especially browser toolbars. Both can leak your personal data and toolbars are notorious for doing it. Just avoid them. Your browser will normally run faster without the extra bloat anyway.

As a general rule you should also make sure that any networks you run are always secured by the best encryption available (e.g. WPA2 on home WiFi wireless networks) and a strong password. You should also make sure that your computer software is kept fully up-to-date and has active anti-virus software installed, ideally supported by a firewall (most broadband routers and modern operating systems will enable a default firewall that will automatically help to block many unwanted remote access / attack attempts).

The Future

In the coming years both governments and ISPs are likely to impose increasingly tough restrictions upon UK internet access. Plenty of cases have already shown that such strict censorship systems, which are often initially implemented to help stop children viewing adult content, often end up restricting access to legitimate sites and services too (e.g. blocks against clothing sites, church sites and civil society groups). Check out some recent examples here, here and here.

From www.ispreview.co.uk/index.php/2012/04/how-to-keep-your-data-private-and-browse-the-internet- anonymously.html/2 31 December 2012 At the same time internet users are coming under an increasing threat from often unjust public and private sector attempts to gather your personal data and monitor what you do online, often regardless of whether or not you are suspected of a crime. Suffice to say that putting too much unregulated and poorly managed power in the hands of commercial internet providers is not without its risks and ISPs often seem to agree.

A BT Spokesperson said:

“It is not for ISPs to proactively monitor material available online. There are privacy and freedom of expression implications as well as the more practical consideration of the sheer volume of content online. The current approach of notice and takedown, which takes place within the legislative framework (with auditing and oversight), is the most effective and practical solution.”

TalkTalk’s Executive Director of Strategy and Regulation, Andrew Heaney, added:

“If you block a site then people find another route to get there (e.g. a proxy server) and if you ban that proxy server then people use another technique or a different proxy server. There will be only one winner in this type of arms-race / cat and mouse chase and it won’t be the state!“

As Heaney points out above, the technological arms race that allows so many people to avoid unwanted censorship is already well ahead of the game. For example, a new generation of clever Proxy Servers, such as those managed by the free speech promoting Tor Project (i.e. Obfsproxy), will soon be able to disguise encrypted connections as unencrypted ones and even piggyback over legitimate protocols or servers for other services.

As a side note, many of the censorship systems being considered often also result in ISPs and mobile operators blocking sites and servers that connect to projects like Tor and Telex (i.e. circumvention tools). Ironically these are the very same systems that western governments, including the UK and USA, often praise for helping to foster Freedom of Speech in stricter countries (e.g. Iran, China etc.).

Ultimately such restrictions would appear to be ineffective against the greater desire by innocent individuals to retain their personal privacy. At the end of the day, whether for good or ill, we all relish that ability to close the curtains and scuttle away from an unwelcome gaze.

From www.ispreview.co.uk/index.php/2012/04/how-to-keep-your-data-private-and-browse-the-internet- anonymously.html/2 31 December 2012