Internet security and privacy for the advanced and advanced-to-be

Blog  — Fri 28 Jul 2023

This article is about internet security and privacy for advanced users or those who want to delve deeper into the world of cookies and tracking in general, and how being followed can be prevented. Above all, it explains why you should be concerned about this and how you can take control.

Last time, I wrote about how cookies can be used to track someone. Some readers expressed a desire for more in-depth information. For this reason, I am revisiting this topic and revealing even more, including concrete tips to protect yourself.

This article is intended for advanced users or those who want to become more advanced in protecting their privacy rights on the internet.

Why should I care about privacy?

Before we begin, we must first ask the question: why privacy? Why would we want this? I'll answer this briefly with a question for you: what is your PIN code? Exactly. That's why privacy is important. Furthermore, the fact that the European Union has implemented the AVG, also known as GDPR outside of the Netherlands, is a strong indication that privacy should and must be taken seriously.

Privacy is not guaranteed on the internet

The internet came into existence quite rapidly. In the early days, it was mainly a way for a few professors and students to exchange messages between universities. It was assumed that everyone involved would act with complete integrity. Academics among themselves, that should work, right?

However, it quickly outgrew its original purpose. Alongside simple messages, there was soon commerce as well. For example, one could order a pizza online. Unheard of at the time. Not long after 2000, many people started using it, and online shopping quickly became popular.

Yet, it all happened a little too fast. The internet was still based on the idea that everyone could be fully trusted, and no one had malicious intentions. This concept was deeply woven into its architecture.

In the year 2000, SPF (Sender Policy Framework) was introduced. It aimed to make it more difficult to spoof email addresses. Spoofing is a trick used by criminal technicians to impersonate someone else. By spoofing an email address, they could send someone an email as if it came from a different email address, for example, yours, even though you hadn't sent that email.

There were other problems as well, such as viruses. The first generation of viruses was harmless, but they exposed the vulnerabilities of computers and the internet at that time. Creeper is considered the first virus, created by Bob Thomas. It did nothing but display the message "I'M THE CREEPER: CATCH ME IF YOU CAN" on the screen.

Decades later, things are quite different. Viruses cause enormous damage or encrypt files to hold them hostage for payment, or not return them at all. It became a business model. A profit model. A way for criminals to make a living.

Privacy is a gray area on the Internet?

Aside from outright criminal behavior driven by commercial motives, such as most of today's viruses, there's also a lot of gray area. These practices sometimes take too many liberties, not just in terms of privacy, but usually to gain a commercial advantage.

A concrete example is how advertisements now, or at least until recently, tried to learn more about you and present you with an ad that should be irresistible. For instance, if you searched for shoes on an internet search engine, you might have noticed that afterwards, every other website you visited had ads about shoes.

But other tactics were used as well. For instance, a hotel website, using cookies, could see that you were actively looking for a nice room in or around a place where you wanted to go on vacation. And then they'd display messages on the website like "This room is almost rented out, 6 other people are currently viewing it." Or worse, they'd increase the room's price as you visited or hesitated more.

Privacy is an important right

To discourage commercial entities from engaging in such detrimental practices and to punish criminals, legislation was needed. And it's here. Utilizing these rights is nothing to be ashamed of. In fact, it can protect you from unsavory sales tactics and even outright criminal activities. However, often, you'll need to take the initiative to protect yourself in the first place.

Privacy on the internet for advanced users

As I mentioned earlier, it's relatively easy to protect a significant portion of your privacy by adjusting your browser settings. But using TOR and VPN can also be helpful. However, I didn't delve deeper into these topics before, at least not specifically.

This time, I'd like to write about the details, how there's more fine-tuning possible, and even more comprehensive measures to safeguard your privacy.

Before we dive deep, I must give a warning. Safety, and hence privacy, is always a balancing act. Not only because going all-in can sometimes be a waste of effort, but also because every step towards safety and privacy on the internet comes with a downside. And that downside is usually convenience. I'll explain exactly how that works later on.

Starting from the basics

Before I discuss highly specialized solutions, we need to start from the beginning. Internet safety and privacy begin with the right internet program, also known as your browser.

Most people use Windows and thus Internet Explorer, now called Edge. If you use a Mac, it's Safari. For Linux, it might be Chromium. But besides the default options, there are other choices. A popular choice, for example, is Google Chrome.

However, we must pause for a moment. Edge, Chrome, and Safari are browsers from commercial entities that invest a lot of time, effort, and money in generating income. And that reflects in their products. Therefore, these browsers might not be the best choice for you or your privacy. An alternative that originates from a foundation and can prioritize privacy over income is Firefox by Mozilla. And there's also Firefox for your smartphone or tablet. In fact, there's even a Firefox Focus app, which is inherently focused on privacy and erases everything from a website on your device after each visit.

Settings; boring but powerful

It's also extremely important to customize the default settings of your browser, even with Firefox. The reason is that the product comes "out of the box" with settings that may be convenient for you but not necessarily the best. And that's logical. When trying out a new product, you just want to get started smoothly. And these default settings provide that. However, all browsers can go a step further, and I highly recommend doing so.

For instance, in Firefox, you can go to the menu, then to "Preferences," and then to "Privacy & Security." By default, it's set to, you guessed it, 'Standard.' But I recommend using 'Strict.' The advantage of this is that tracking will be almost entirely curtailed in your favor. The downside is that in exceptional cases, some websites may not work as you expect. I'll discuss a solution for that under the next heading.

For many of your internet searches, it's perfectly fine if websites behave strangely or don't respond with strict privacy settings. That's when those settings are doing their job. Often, it's a sign to get your information from elsewhere, from other websites where your privacy is not at stake. However, if it concerns a website where you need to be or can't avoid, then a solution is to handle that specific website differently. I'll explain more about that under the next heading.

Anyway, after applying the strict setting against tracking, there's another setting I recommend changing. I'll assume again that you're using Firefox because it has other advantages as well, and I'll direct you to the section 'Cookies and Site Data' a bit further down on the settings page. Here, it's wise to check 'Delete cookies and site data when Firefox is closed.'

Under 'Logins and Passwords,' I advise against letting Firefox or any browser remember passwords. For this functionality, I recommend using a password manager like KeePass, Bitwarden, or LastPass, provided you adjust the settings for better security with the latter. Specifically, this involves using an iteration count of at least 600,000. The advantage of Bitwarden and LastPass is that they integrate into your browser, unlike KeePass, which even helps fill in fields on websites. Added convenience.

Under 'History,' I recommend customized settings. Uncheck the first three options and check 'Clear history when Firefox closes.' Then click on the 'Settings' button next to it and select all options. Finally, press 'OK.'

With these changes, we've already significantly improved the basic settings and enhanced your safety and privacy.

But what if a website stops working now?

It's not common, but some websites may have issues with these settings. For example, you might press 'log in' on a website, and nothing seems to happen, while it used to log you in before. This is at least a case of improper programming, showing the inexperience of the developers, but sometimes it's a direct consequence of choosing strict settings. Some websites don't allow this, and that's undesirable behavior.

Websites like that should be avoided. However, if there's no other way, I recommend using a second browser or a second profile in Firefox, where you set the settings slightly softer. For example, you can install LibreWolf alongside Firefox. LibreWolf is based on Firefox and can be easily installed alongside it. Use LibreWolf only for websites that cause issues but where you need to go. Always set it to delete all history when you close it, but keep the other settings default, so you won't be hindered during your visit to that specific website.

Can I do more?

Absolutely. This was just the beginning, in case you'd like to do more. For instance, I can also recommend installing Firefox extensions. These are small programs within your browser that you can easily add via the menu. For advanced users, I suggest looking into:

  • uBlock Origin: to filter out unsafe elements, annoying ads, and more. It works right away, but there are advanced settings to get the most out of it.
  • Cookie AutoDelete: this plugin removes cookies and other storage, like session and local storage, not just when you close the browser, but even when you close a website. This prevents one or more websites from communicating with each other during your session.
  • Multi-account containers: this places each tab in your browser in a so-called sandbox. This restricts a website to itself and prevents it from accessing other websites or tabs.

And besides Firefox extensions, there's also the option of using Pi-hole to provide similar protection to uBlock Origin, but not just for one computer and browser, but for all devices on your network. Including smartphones, tablets, gaming consoles, and smart TVs, for example.

Also, consider using DuckDuckGo instead of Google or Bing. Even search engines with less focus on your privacy can have an impact.

Have we covered everything now?

This article is much longer than usual because it delved into the depths. However, this was still far from the complete depth. If there's more interest in details and further solutions, I'd be happy to hear it again. Perhaps I can delve even deeper into those topics in a future article. Take your privacy seriously; it benefits you.