Worried about hackers stealing your identity, credit card info, etc.? Wear a tin-foil hat? Want to annoy the NSA? Stuck in a country with annoying internet censorship? Then this tutorial is for you!
While some people are technically skilled, or paranoid to the extent of jumping through hoops, the average person just wants to add a reasonable level of protection to his/her data without a lot of effort.
This tutorial is written for the common lazy person who wants to protect their data.
My Political Rant (Optional Reading)
Freedom isn't free.
How do Governments and Hackers Process Your Data?
Now, the NSA has the computational capability, expertise, man power, and financial resources to 'get you' no matter what you do online. It's only a matter of the time required to do it. And that's what this tutorial is about - how to make it take so much time it becomes infeasible to do drag-nets. Anyone profiling you will then have to be very selective in whom they target. Additionally, the manual effort per person becomes so high it would be economically unviable for hackers to bother.
In other words, you will make your online footprint very difficult to datamine.
Anyway, let's get started . . .
HTTPS Everywhere is a Firefox and Chrome extension by the trusted non-profit EFF that forces your browser to encrypt your data with any websites that offers encryption. While most major websites offer encryption, or at least partial encryption, it does not encrypt data for all websites. Consider it like a Swiss-cheese layer of protection - better than nothing but still has holes.
It only takes seconds to install, requiring no further effort. So why not?
further reading: Their FAQ is highly informative, too.
A firewall is software which acts like a gait-keeper to data going in and out of your computer. It only allows the data you approve, rejecting the rest. A hacker installed malware on your computer to collect credit card info, and wants to transmit that data by internet? Spyware or a trojan somehow managed to install itself? No problem, the firewall will not only stop it but inform you of the specific offending programs.
But there is one flaw with firewalls - you. To properly use a firewall you need to actively manage it, giving approval to 'good' programs and denying 'bad' programs. This means you must be somewhat technically minded. If you have no idea what programs are running on your computer or why, or you're the type that just clicks 'yes' and 'ok' to all prompts without reading, then an actively managed firewall is not for you. You'll just end up blocking good software and approving malware!
The recommended free firewall to use is Comodo, but there are others available. We do not recommend ZoneAlarm . . . it's too spammy and buggy.
note: If you aren't technically minded, Windows has a built-in passively managed firewall. It's limited, but better than nothing.
further reading: learn about firewalls on Wikipedia
note: As of this writing, Chrome is denying access to the Tor webpage over an incorrect security certificate. Firefox however can still access it.
Tor anonymizes your internet connection, hiding your location, IP, and other identifying information. It does this by passing your data through other intermediary servers around the world. Tor also anonymizes the data you are accessing, allowing you to bypass government internet censorship.
There are a few issues with it though . . . it requires minor technical understanding, and only works with programs set up to use Tor. And given that the data is bounced around and the limited number of world-wide servers are limited (a choke point), your internet browsing can go at a snail's pace. And it isn't 100% flawless, security wise.
The relay nodes for Tor consist of volunteers, so consider helping and running your own node.
By running this webpage, you are actually offering your browser as a temporary Tor node using Flash Proxy:
side note: Tor was written by the US government to help foreign activists bypass internet censorship and such. It's open source and has been verified to not have any backdoors. The US government isn't all that evil, eh?
A VPN, or virtual private network, is a bit like TOR in that it anonymizes you and your data. The difference is that it's going through the servers of a particular known entity. And some VPNs are a service for a fee, so they retain your personal credit card information and may or may not allow government access to that data. There are also free VPNs but they usually spam you with ads and probably can't be trusted with personal information.
The advantage of a VPN is it gives you an IP address for the country you'd like. For example, some websites block international visitors to reduce bandwidth from mostly non-paying customers, or even from foreign hackers. BBC, the US Postal Service website, and streaming music sites are great examples of websites that limit foreign access.
further reading: VPN on Wikipedia
True Crypt encrypts files, USB sticks, and even your entire harddrive if you'd like. It's perfect for when carrying sensitive data you don't want stolen, or forcefully inspected when crossing borders or at the airport.
There are two drawbacks. If you forget your password, the data is lost. There is also a performance hit when accessing the data.
While encryption is never 100% safe from being cracked, it's so computationally expensive to crack that it'll block 'the powers that be' from drag-net datamining.
If someone manages to install spyware on your computer, manually or through a trojan, how do you know and then remove it? HiJackThis is a tool that let's you know what programs run during the startup of your computer. There are many others like it but this is the one I prefer. Not only can it help you identify malware/spyware, but it can also help you speed up the startup process by removing programs you don't need.
It's a very powerful tool for more experienced computer users, so you need to understand what each program does before you disable it. Clever malware are known to make themselves look like common legit software, too. Verify file locations and tricky spellings of fi1e names.
MICROSOFT WINDOWS PROCESS EXPLORER
For programs that are already running, Microsoft Process Explorer is a great tool to help you see what your computer is doing in the background.
It doesn't matter if you used any of the above software if you don't follow basic security practices of choosing strong passwords for all websites, not installing unsafe software, running an anti-virus (with a second anti-virus as backup), keeping your software up-to-date, password protecting your laptop/phone, etc. etc. Knowledge is power, and if you don't have knowledge of basic computer security, start reading. And teach your friends - forward this page to them!
Lastly, our tutorial for beginners on how to protect your website from hackers.
Has this site helped you with your robot? Give us credit -
link back, and help others in the forums!
Society of Robots copyright 2005-2013