jrswab

No-fluff tutorials and privacy-focused tools for the modern productivity-minded developer.


Your VPN Is Not Enough

Categories: [Technology]
Tags: [security], [learn], [apps], [privacy]

Your VPN Is Not Enough

My previous post about VPNs had a lot of traction over the Fediverse. Thanks to everyone for all the support and also thanks to the readers that pointed out what I missed about VPNs. How they are inherently secure but not private in many respects.

They are correct; no one should use a VPN to become anonymous.

After those messages, I felt the need to set the record about VPNs and what you need to do if you are looking for the most privacy while surfing the web. Having a high level of anonymity takes changing many browsing habits, but over time will become second nature.

VPNs will not make you anonymous

A VPN is an encrypted tunnel between your computer and the internet at large. They exist to allow employees access to internal intranets of a company to do work remotely.

That's it.

They are merely a tunnel and not a means to keep your data/metadata private. Any VPN provider you use can see what you access, how often, and for how long. It's not hard either; I do this in my own home from time to time with a program called Wireshark; cause I'm a nerd.

Just being on a VPN does not make your data private.

This even goes for all the online tracking. Every profile and shadow profile about you based off of your metadata can still get linked to you because all that changed was your IP address. Your IP address is just one of many data points used to track you around the web to spy on, steal from, and sell you.

All your VPN does is hide your traffic from your ISP. They see data coming in and out but can't make sense of the gibberish. Even then they know where you are going as well.

They do this by selling you their specific router, pre-configured to use their Domain Name Service (DNS) servers. So, again, unless your a massive nerd like me and change your DNS your ISP can't see what you are doing but can still see where you are going based on the requests you make.

How To Increase Your Anonymity Online

Change Your Browser

If you are not using Firefox, start doing so now. It's open-source and is very fast (the fastest in some testing I've done). The newest version of Firefox has containers that allow the user to keep specific sites from reading the data left behind by others.

Use the containers!

Have one for all Google sites, one for Facebook (if you still even use that), one for twitter, one for banking, one for shopping, and so on. By doing this, each separate site will only oversee the data in that container.

If you want to set a domain to open in a container by default to simplify usage get the Firefox Add-On called "Firefox Multi-Account Containers." Before containerization of our browser tabs, we would have to have multiple browsers and only use them for specific sites. Talk about a hassle.

You will find that ads stop following you around the web. Just by using these containers correctly. However, there is, even more, you can do to meddle the plans of the internet trackers; this is accomplished through Firefox Add-Ons.

Firefox Add-Ons

The following is a list of Firefox Add-Ons that will help you be more anonymous online, please do further research yourself for your level of desired privacy.

uBlock Origin

An efficient blocker: easy on memory and CPU footprint, and yet can load and enforce thousands more filters than other popular blockers out there.

Illustrated overview of its efficiency: https://github.com/gorhill/uBlock/wiki/uBlock-vs.-ABP:-efficiency-compared

uMatrix

uMatrix puts you in full control of where your browser is allowed to connect, what type of data it is allowed to download, and what it is allowed to execute. Nobody else decides for you: You choose. You are in full control of your privacy.

Out of the box, uMatrix works in relax block-all/allow-exceptionally mode, meaning web sites which require 3rd-party scripts are likely to be "broken". With two clicks, uMatrix can be set to work in allow-all/block-exceptionally mode, which generally will not break web sites. See https://github.com/gorhill/httpswitchboard/wiki/How-to-use-HTTP-Switchboard:-Two-opposing-views for more details on this topic.

HTTPS Everywhere

Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site.

The HTTPS Everywhere extension fixes these problems by rewriting all requests to these sites to HTTPS.

Cookie AutoDelete

  • Auto Deletes Cookies from Closed Tabs
  • WhiteList/GreyList Support for Cookies
  • Easily Export/Import your Whitelist/Greylist
  • Clear All Cookies for a Domain
  • Supports Manual Mode Cleaning from the popup
  • Easily See the Number of Cookies for a site
  • Support for Container Tabs (Firefox 53+ Only)

Decentraleyes

Websites have increasingly begun to rely much more on large third-parties for content delivery. Canceling requests for ads or trackers is usually without issue, however blocking actual content, not unexpectedly, breaks pages. The aim of this add-on is to cut-out the middleman by providing lightning speed delivery of local (bundled) files to improve online privacy.

Firefox Multi-Account Containers

The Firefox Multi-Account Containers extension lets you carve out a separate box for each of your online lives – no more opening a different browser just to check your work email! Here is a quick video showing you how it works.

So far these are the best Add-Ons for making it more difficult to track your day in and day out. However, if you open a site in a container to search for some topic any site in that container will have access to that data just as if you had no container at all. Still better than not using these extensions and the containerization.

Tor

If you want to stay as anonymous as possible while searching the web use Tor and the Tor Browser Bundle. If you do use Tor make sure to add nothing to the browser that you download. The whole idea is to blend in and look like everyone else using the Tor network.

Never log into any site that holds any personal information.

Logging into social media over Tor is shooting your anonymity in the foot by adding metadata about your current browsing session. Be smart and stay logged out when reading Reddit, Twitter, or Instagram over Tor.


Ways to support the blog.

If you are an email kind of nerd you can sign up for mine here. You can donate to this site from my Liberapay account if you so choose. If you want a more passive way to support this site, use this link when shopping on Amazon; it kicks some of Amazon's profit to me at no extra cost to you.