We have been using the internet to do our everyday hustle, like making an appointment with the doctor, managing our finances, connecting with family, friends, and colleagues. Without realizing it, we have been pouring our personal information into the void we know as the internet.
We use the coffee shop’s free WiFi to send personal emails while enjoying the coffee, not knowing someone might be eavesdropping on us over the internet.
Privacy is becoming a frequently discussed topic after the events of WikiLeaks and WhistleBlowers. In this regard, we’ve come up with another privacy-related guide for you. So, let’s jump into it.
Who Can See What I am Doing?
There are many eavesdroppers when you are surfing the web on an unsecured network.
Eavesdropping Via Routers
1- ISP (Internet Service Provider)
ISP is the gateway to your internet. So whatever you do, everything goes through the ISP. It includes the emails you send, the websites you surf, what you do on those websites. Every ounce of information goes to the ISP.
If you are using the internet for financial or medical purposes, that information will also go to the ISP.
ISP has enough data to create an accurate profile on you and attach it to your IP address. It is one of the many reasons why you should use a secure network like a VPN.
Most countries have laws on data retention, which allows the ISP to hold your data for a specific time. In some countries, the rules state the period to about six months, and in others, it might be up to a year. What happens to your data is not clear, but the government or police can have your data during the period stated by the law. Your ISP can not sell your data to any third party as the law forbids it.
If you live in Europe and want to check what the ISP has collected data on you, the GDPR (General Data Protection Regulation) gives you the right to ask for a full report.
E2EE (End-to-End Encryption) protocol enabled messages aren’t visible to the ISP. The encrypted emails are also hidden from the ISP.
2- Network Administrator
The person who administrates the network may be an open WiFi at a coffee shop or a secured WiFi at your school or office and can see all your browsing history. The internet traffic passes through the router and then goes to the ISP, so when the traffic reaches the router, the network administrator can access all the information.
The webpages that had HTTPS encryption protocol enabled are exempt as the administrator can not see what you did after accessing the page due to the encryption protocol.
3- Boss / School Administrator
Employees usually ask: Can my boss see what I do online? Of course, he can as long as you are using your offices or school’s WiFi; he can see what you are doing online.
Other than that, anyone with access to your office account can also see your browsing history.
Enabling HTTPS encryption protocol on websites will help keep your web page activity private as your boss will only see the web page you visited. You can use a purchased VPN to mask all your internet activity.
Eavesdropping Via OS
1- Operating System
The Operating system that you use on any device is also keeping tabs on you. Some OS might give a little privacy protection like Microsoft Windows or iOS. But they know what apps you use or which websites you visit. They might have a record of your finances if you have been using your devices without proper protection to manage your finances.
Microsoft Windows tracks your apps, search terms you used, location, games you play, or the movies you watch. You can adjust the privacy settings on Windows 10 and your IOS devices, but they can still record most of your data.
In Europe, the GDPR has granted the user to see a full report on what data your ISP or OS has on you.
Even while using a VPN, it masks your geolocation as you would be using a different IP address. But other than that, your OS will be able to record every ounce of the data with your identity.
The apps you use also track your activity and receive the data you have agreed on their privacy agreement. It’s essential to read the privacy agreement to know what information is being collected by the apps you are using.
Like Facebook keeps track of your location, the people you interact with on social media platforms, your gallery, the things you like on e-commerce platforms.
While using apps, even a VPN can not provide you any security as it masks your IP address and location for your ISP. But the applications will still record the data with your identity.
As we all know now that ISP’s and OS can keep your data as per your country’s law, and when asked, they are obliged to share that data with the government. With this information, the government keeps track of your activities and can use it to fight cybercrimes.
It might feel uncomfortable that your local government is looking over your shoulder, but it’s not your local government. As per data retention laws and international agreements, the government can save your data for years and share your data with other countries.
Like in Egypt, several bloggers have been arrested for being critical to their country’s leaders online.
Hackers and cybercriminals can also have access to your data by either breaking into your computer or network. A black hat hacker can use this information, and you might be dealing with a severe case of identity theft.
You might be thinking that how can a person get information from my devices? Well, they are many tricks, but I will name the most common types:
Buffer Overflow: By overrunning an application’s buffer, hackers might run some commands to get access to your information.
Distributed Denial-of-service (DDOS) Attack: By flooding the network with false traffic, the system cannot operate or communicate normally.
Email-Worm: By Distributing copies of itself in infectious executable files attached to fake emails.
Trojan Horse: The most commonly used method is the Trojan Horse. It is a helpful program that tricks the user into opening it to access the user’s device.
Using a VPN or HTTPS websites may mask your IP address, but nothing can do if your device gets infected. That’s why it is advised to keep your antivirus updated and active at all times.
How to Hide Online Activity?
There are several ways to be anonymous while being online. All you have to do is hide your IP address, but it doesn’t end there. People can still track you by browser fingerprinting and hacking. Your OS will always be following you as it’s impossible to hide from your OS.
By following a few guidelines, you can still be safe from at least a couple of things while being online.
Using a VPN can mask your device’s IP address. The VPN will encrypt all the traffic that goes through your ISP.
But be careful while choosing a VPN, as you need to be sure that the VPN doesn’t log your activity by itself. So you will need a VPN with a no-logging feature. Also, make sure that the VPN has a kill switch feature. If the internet connection drops, instead of showing you online on the web, the kill switch feature will disconnect your device from the network until the bridging between the network and the VPN.
TOR browser allows you to send all your traffic via three different decentralized nodes. As it makes your anonymity over the web its core responsibility, the browser is slower as the traffic gets through 3 different nodes before reaching the destination.
Tor Browser will only mask the activity you are doing on it. Other than that, your whole device would be on your local network. And your ISP can still track your activity on your device.
Tools can offer you protection from uninvited guests who want to look over your shoulder and make you feel uncomfortable while you are on the web. That is why it is crucial to guard your privacy.
It is impossible to track your online activity while using a VPN, nor can a VPN give you 100% protection from data theft while being online on the network. Still, suppose you keep on adding extra layers of security. In that case, your data will be secured, like using a TOR browser with a VPN to add an extra layer of security while surfing the web and have an up-to-date antivirus on your device for protection against malware and spyware.