If you’re like me and are married to a computer scientist, you might take for granted the fact that he’s gone through your computer and secured it while referencing the NSA’s own security guidelines. Yes, I have a piece of tape blocking my camera like Mark Zuckerberg, and yes I have other plugins and applications to keep my data secure, but I rarely have to lift a finger to make sure my personal information isn’t making its way from my computer or smartphone and into the hands of hackers. Most bloggers, and frankly, most normal people, don’t have time to become security experts in their free time – it’s an ever evolving subject that’s becoming increasingly complicated every day. But as our entire lives become digital, it’s important to educate and protect yourself online.
I’m sure you’ve noticed how aggressive and overtly companies have been collecting data on your online activity and browsing history. You’re reading a blog, when suddenly, you see an ad in the sidebar promoting a book that you were just considering an hour ago on Amazon! Or you just got engaged over the weekend and Facebook is already advertising wedding cake services to you on Monday. During our road trip, I received an email from a retailer recommending I visit their nearest store that was less than a mile away from where I was in Arizona – a state I was just passing through! It was creepy, and while I wasn’t particularly concerned about my privacy at the time, it was then that I started to stand up and take notice. At the very least, your browsing history is being collected, bought and sold so that advertisers can chase you all across the Internet, but at its most sinister, your browsing history can be used against you to reveal health concerns, sexual preferences, job searches, legal issues, and other information that should be strictly private.
I’ve taken many measures to protect myself (thanks Jon!), and while I don’t feel I have anything to hide, I would certainly be uncomfortable knowing Big Brother was reading my browsing history – whatever it happens to be (I spent how many hours on Shopbop!?). Users in the United States aren’t even the most vulnerable. Many other countries have almost no legal protections for their citizens online, and in fact actively spy on or censor their online activities – it’s a favorite tactic of authoritarian governments. Even in democracies such as the United Kingdom, Parliament recently voted to require Internet Service Providers (ISPs) and cellphone companies to record and store your complete browsing history and text messages for up to a year. Imagine if some third-party could gather and alter that data for some nefarious purpose, or release personal conversations between you and a loved one? And here in the U.S., the Senate just voted to repeal protections that limit ISPs from selling your browsing history and location information. This only benefits a handful of huge corporations at the expense of every citizen’s privacy, so it’s important that you protect yourself and your family from these unethical business practices. Not to get all Orwellian on you, but these steps can lead down a slippery slope of inhibiting free speech, promoting fake news, altering search results, and ultimately punishing dissidents – all of which undermine the freedom of the Internet and jeopardize the very things that make it great.
If nothing else, I recommend you start protecting yourself online by using a VPN – a Virtual Private Network. A good VPN is typically a paid service provided by a company that cares about protecting the privacy of its users, and offers a basic level of anonymity backed up by strong legal protections and security measures. Many VPNs are based in other countries with stronger laws protecting their citizens and limiting government overreach. Essentially a VPN encrypts your connection and conceals your activity from your ISP or anyone else between you and the sites and services you are visiting. When you visit a website using a VPN, your traffic appears to be coming from an IP address at a third location that isn’t your home’s router. Your traffic often gets commingled with many other users who are sharing the same IP addresses – making it very challenging to pick out individual users – and frequently your IP address will change each time you go online. You could think of this as similar to using temporary phone numbers to make phone calls, except that it’s also encrypted.
Good VPNs also let you buy their services anonymously using Bitcoin, and won’t store any information or data on you – as doing so would defeat the purpose of their service and make their users’ data vulnerable to subpoenas. Anyone trying to snoop on your traffic can see that you’re connected to the VPN, but they can’t see what is being sent or received, or where it’s going. Of course, companies can use other techniques to identify you – like tagging your browser with cookies (not the yummy kind!) – but encrypting your traffic and concealing your true IP address is a great start, and keeps the data private between you and the sites you visit. Another bonus of using a VPN service is that you can use it to make your traffic appear to be coming from anywhere in the world that your provider has a server available – allowing you to use country-specific services like Netflix while you’re traveling.
Oh, and a VPN isn’t just for your computer – you especially need this on your smartphone since it travels with you everywhere, and is the main way we access the Internet nowadays. Apple has even tried to make its customers more aware of this. For example, while trying to connect via the WiFi at various hotels in Iceland, my iPhone kept alerting me that the network was not secure. No worries for me, as I have a VPN, but what would happen otherwise, you ask? Well, say I signed into my Instagram account while using an insecure network. I type in my password, click Log In and it’s sent via the WiFi to Instagram’s servers. Or is it? Perhaps someone else is on the network and has configured it to direct all Instagram traffic through their computer first before forwarding it to the real Instagram servers – a so-called man-in-the-middle attack. Well, that username and password was just sent to their computer that’s pretending to be Instagram, and bingo the hacker can break into your account to do any number of things: delete your pictures, pretend to be you, hold it for ransom, etc. Think this is far-fetched? It’s well known by law enforcement that low-level hackers hang out at free WiFi hotspots – such as Starbucks, hotels and cafés, places where people like to work remotely – hoping to snag social media accounts, email logins or the Holy Grail: your bank login. They’ve even built freely available automated software tools to help even unskilled criminals perform these attacks. Regular people and celebrities are getting hacked all the time, and this is just one of the many ways it happens.
So, have I convinced you yet? You need to use a VPN.
When choosing a provider, it’s important to do your research and not skimp on your privacy. Don’t use a free VPN (a free trial is OK) because it’s never really free – there are many unscrupulous VPNs out there that are happy to let you browse through them and then mine your data. It’s essential that you can trust your VPN provider.
Here are some reputable VPN services that I recommend:
TunnelBear (3-day free trial for She’s So Bright readers!) – A Canadian company with excellent Mac, Windows, iPhone and Android clients that are easy-to-use and well designed. They allow you to pay anonymously via Bitcoin, and store the minimum amount of information about your account. They also have a clear Privacy Policy that’s easy to understand and offers you strong legal guarantees. TunnelBear is fast and has servers in many countries. It also has a cute bear theme!
ExpressVPN – A company setup in the British Virgin Islands with excellent Mac, Windows, Linux, iPhone and Android clients that are easy to use and well designed. They are one of the fastest VPNs available, with servers in many countries, their own DNS, and flexible payment options including Bitcoin.
NordVPN – A company based in Panama with excellent desktop clients for Mac and Windows, however unfortunately their mobile apps are just so-so. This service has some unique features like double data encryption, its own DNS servers, dedicated IPs and a product for businesses. They also support P2P traffic and torrenting, and allow payment via Bitcoin.
While the subject of Internet security can be overwhelming, that’s no excuse for not taking basic precautions!
To learn more, visit the Electronic Frontier Foundation, a fantastic non-profit group of experts focused on protecting your rights to a free Internet. For additional information on VPNs, and other security measures, check out this EFF article and this article by Quincy Larson on how to set up a VPN in 10 minutes. Please comment below if you’d like to see more computer tips and cybersecurity articles on She’s So Bright!
Top image by Li-Chi Pan, courtesy of Desk Hunt.