by Romain Aubert
Don’t Let Your Browser Suck Up All Your Data
A few tools to help you surf the web privately
In the aftermath of Facebook’s Cambridge Analytica scandal, now might be a good time to take care of the data that is being harvested thru your browser when you surf the web.
Below is a non-exhaustive list of the tools I use when surfing the web that help make my online experience more secure. Let me know if you use any others you think are important — I’m happy to add them.
Browser — watching over your shoulder
If you are worried about losing speed, WIRED says Firefox Quantum is faster than Chrome:
It’s a browser built with privacy in mind, automatically stopping invisible trackers and making your history available to you and no one else. It’s better than Chrome, faster than Chrome, smarter than Chrome. It’s my new go-to browser.
You have no reason not to switch — unless you don’t care about your private life.
By the way, you can check to see what Google knows about you in “My Activity.”
Search Engine — it is like your BBF: you tell them everything.
Q: Would you show your mom everything you type in your search engine?
A: I would not.
Remember: companies leak data — and we give a lot of data to companies.
Below is an example of what you give to Google when you use their search engine:
And if you you sign up for an account — and remain logged in — they collect the following:
Even Apple collects data through Safari to gather user’s habits.
Again, why should you care about the data collected through your browser? Information profiles build up — and sometimes data leaks.
The bad news is that those leaks are becoming ubiquitous. Check out the graphic below, and keep scrolling down — I’ll see you at the bottom:
I think you can safely assume that your personal data will be leaked at some point in your life.
Imagine for a sec, if you can, the whole data set that Google has (owns?) about you.
Actually, back in the day, AOL leaked the data of 650,000 users. An AOL user who discussed the leak with a reporter at the time said:
“My goodness, it’s my whole personal life,” she said.
“I had no idea somebody was looking over my shoulder.”
So, which search engine can you use instead?
DuckDuckGo has done a fantastic job over the last few years. I have also tried Ixquick and Qwant in the past.
A few more tips to protect your search privacy:
1. Don’t put personally identifying information in your search terms
2. Don’t use your ISP’s search engine
3. Don’t login to your search engine or related tools
4. Block “cookies” from your search engine
5. Vary your IP address (intermediate)
6. Use web proxies and anonymizing software like Tor (advanced)
What about the rest of your browser?
A tremendous part of your online life goes thru your browser.
You should set it up right.
I use HTTPS everywhere to encrypt all my traffic.
HTTPS Everywhere […] encrypts your communications with many major websites, making your browsing more secure.
Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by using clever technology to rewrite requests to these sites to HTTPS.
The Firefox add-on Firesheep created quite a controversy by making it easy to capture unencrypted web traffic.
Firesheep sniffs unencrypted cookies sent across open wi-fi networks. That means anyone with Firesheep installed can watch your browsing sessions while you lounge at Starbucks and grab your log-in credentials for Facebook, Twitter or other popular sites. Armed with those credentials, anyone using Firesheep can essentially masquerade as you all over the web, logging in to other social sites, blogs and news sites using your Facebook or Twitter username and password.
That is why you should encrypt your traffic.
Now, on to the next one.
Privacy Badger by Electronic Frontier Foundation
What is it?
Privacy Badger is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web. If an advertiser seems to be tracking you across multiple websites without your permission, Privacy Badger automatically blocks that advertiser from loading any more content in your browser. To the advertiser, it’s like you suddenly disappeared.
Fair enough, and you might already be using an ad blocker, right? Like Disconnect, Adblock Plus, or Ghostery?
And you might be wondering: why use Privacy Badger instead if it does not block all ads? From the Electronic Frontier Foundation team who built Privacy Badger:
[…] none of them are exactly what we were looking for. In our testing, all of them required some custom configuration to block non-consensual trackers. Several of these extensions have business models that we weren’t entirely comfortable with.
Back to extensions — last but not least:
DuckDuckGo’s browser extension— Black Mirror for websites
It does a few things and has some overlap with the above extensions. But above all, its Privacy Grade shows how a website can be trusted — it is like Black Mirror for websites.
Here is Medium’s grade, for instance:
Not too bad — but I think you can do better, Medium Staff.
Drum roll — and just because we are in the midst of Facebook’s Cambridge Analytica scandal:
“Your data is used for many purposes.”
Boom. Worst grade. Well done Facebook.
I guess you can #DeleteFacebook.
(Interestingly, you’ll note that no tracker tracks you while you are on Facebook’s website.)
I hope this post was useful and will allow you to practice more secure web browsing!
Thanks for reading.