Sign up for Digg's morning newsletter The best stories of the day, in your inbox
Subscribe Now
Hide
Video Data Viz Movies and TV Real Estate Internet Culture News One Main Character Memes Relationships Gaming More Less
How To Start Browsing The Web Privately
HOW TO BE AN ADULT
·Updated:
·

As with planting a tree or exercising, the best time to start practicing safe web browsing practices was 10 years ago. The second best time, however, is right now. 

The good news is that you do not need to throw your computer into a dumpster. You can, in the span of an afternoon, take all the necessary steps to ​keep prying eyes our of your internet activity.

The simplest way to look at anonymous internet browsing is a three-pronged approach. You need to make sure all of your accounts are secure. You need to hide your internet traffic. And you need to encrypt your communications with other. 

Secure Your Accounts

Even if everything you do and say on the web is entirely anonymous, that's all moot if someone can still duck into your email or bank account. So, before you start thinking about masking your online activities, check and make sure what's already on the web is accessible only to you.

The best way to do that is to make sure each and every one of your accounts has two-factor authentication. Two-factor authentication, as the name implies, requires two things to log into an account. The first is a password. The second is an external verification method such as a text message or an external verification app like Google Authenticator.

With two-factor authentication, someone could have your password but they can't log into your account without your phone where the text messages and authenticator apps live. It's kinda like using a key to get into your house and then being greeted by a very large man who, politely but firmly, asks you to recite a 6-digit number that's magically just popped into your head.

Sounds pretty awesome, right? The all-important caveat, however, is that not all websites have two-factor authentication implemented. Which is bad, because like chains, your account security is only as strong as the weakest link. Anyone with your password and motivated enough could just log into a non-two-factor-protected account, dig around for some personal info and then social engineer their way into a two-factor protected account.

So yeah, you're going to want to make sure everything is doubly-secure.

You could dig around in the settings pages of the dozens or so web services you use to find if they do in fact offer two-factor authentication. That would be practicing a respectable amount of diligence on your part and we respect you for that. But you could also just head to two-factor-auth.org and browse their handy list of services that use the security measure.1 And if you're unsure just how many internet accounts you have lying around, a good starting point is checking our your saved passwords in your browser of choice.

Hide Your Traffic

Shoring up account security is arguably the hardest part of this whole endeavor. The more technically complex process of encrypting your internet traffic is, practically-speaking, much easier. 

Which: You have two choices, slow and free or fast and, erm, not-free. 

The slow and free option is the Tor browser. Running on a modified version of the Firefox browser, Tor — which is short for The Onion Router — uses something called "onion routing" model to hide your traffic. Simply put, it works, but it can be slow as heck. 

Normally, internet traffic works like passing a note in class. You write who the note is to so everyone else knows who to eventually pass it to, you write who it's from so the recipient can pass a note back, and it's also full of that hot gossip people want. What Tor does is take that note and wrap it in a bunch of different notes that only certain people can open. So a note that you want to eventually sent to Jenny is wrapped in three other notes that first goes off to Carl who opens the note and is instructed to pass that note to Terry who is then instructed to pass the note to Amy who is then instructed to finally to Jenny. Ideally, there are so many notes being passed around that even the most watchful observer has no idea where one starts and the other ends.

A virtual private network (VPN), on the other hand, is much faster since you're just connecting to another network somewhere else on the globe. As the name suggest, it is like you're walking into another office somewhere else on the planet and (virtually) plugging an ethernet cable into your computer. To the outside observer it just looks like some server in Switzerland is accessing Netflix.com. And if you choose a VPN that encrypts and does not log your traffic, it's impossible for anyone to see your web activities.

To draw on the passing-notes-in-class metaphor again, a VPN is like getting the principal to come to your classroom, pull Jenny out of the room and ask her if she likes you.

That said, it does come at a price. For a VPN that is fast and secure expect to pay somewhere around $10 a month. And although we do not endorse this practice, one of the added benefits of using a VPN is that you can access region locked content on various streaming services.

Keep Your Private Conversations Private

It's rude enough for a stranger to even eavesdrop on your conversations in a place as public as a park. So opting to use messaging services with end-to-end encryption doesn't make you some sort of criminal or tin foil hat-wearing nut. Whether you mind or not, there are organizations out there that are just scooping up every chat (Hello NSA!) you send out over the internet. No one is actively looking at them, or might ever look at them, but they're listening so you might as well turn some music on or something.

It's sort of like taping over your webcam or looking both ways before you cross the street — it's such an easy and painless thing to do that it far outweighs the consequences of not doing that thing.

What you're looking for is chat with end-to-end encryption — where only you can the recipient can decrypt the messages. To, again, reuse the passing-a-note-in-class analogy, you and your friend both have a unique way to confirm you are who you say you are — in real life, handwriting; on the internet, a public key. The note is then encrypted using a randomly-generated cipher, which then is then also encrypted and can only be decrypted with the receiver's private key. Admittedly, the analogy kinda breaks down here, but the end result is that this system ensures that messages sent to a single person can only be read by that person.

So: Which is best? If unflinching privacy is your aim, then Open Whisper Systems's Signal, is the industry gold-standard. Our dev team here at Digg swears by it, and we would trust them with our life. Heck, even Edward Snowden endorses it

That said, trying to convince all your contacts to download yet another messaging app is not the easiest thing in the world. Luckily, popular messaging apps like iMessage, Facebook Messenger and WhatsApp all employ end-to-end encryption. Both iMessage and WhatsApp have it enabled by default. To start and encrypted chat on Facebook Messenger you'll need to open a new Secret Conversation.

Other Smart Decisions

Keeping your accounts secure, and encrypting your traffic and communications will bring you 95 percent of the way towards keeping the snoops out. That said, there are a few considerations here and there you might want to keep in mind. 

Most importantly is to keep in mind how you connect to the internet and who you're sharing that connection with. Connecting to an unsecured, public Wi-Fi spot might be convenient, but you never know who else might be connected and monitoring your traffic or even inferring passwords based on Wi-Fi signals. It's like using someone else's phone to call your friend. They now have your friends number, and in a more dated-reference, on a landline they have the option of picking up the phone in another room to eavesdrop.

Second is determining the physical location of the cloud services you use. It's a bit of a doomsday scenario, but if the government comes knocking for your data, it's much easier for a company who has servers overseas to deny that request. So, for instance, in terms of usability Dropbox is a good cloud storage solution. However, all of their servers are based in the US, so if a subpoena drops for your data, you're kinda SOL. Clowdwards.net — a service that'll help you navigate the various VPN and cloud storage services — recommends Sync as an alternative.

Again, we want to stress that doing any of this will not make you some kind of a trenchcoat-wearing kook. Sure, some might see the incoming US executive branch changes as a threat to their privacy and want to button things up. But really, even in a society where there's zero threat of someone peeking in on our online activities, there's no solid reason to just kinda leave this stuff hanging out in the breeze. You tear up your credit card offers and bills, right? So, make sure your internet activities are anonymized.

Still need an adult? Check out our archive.

1

We'll also add you could use a fancy password manager like 1Password or LastPass, but we'd argue that setting those up will take just as much work and we feel a little iffy of leaving your passwords up to a single company.

Steve Rousseau
<p>Steve Rousseau is the Features Editor at Digg.&nbsp;</p>

Want more stories like this?

Every day we send an email with the top stories from Digg.

Subscribe