It’s true that the majority of computing gadget users are worried about their online privacy and security. This can include individuals, such as students of the Computer Sciences, living in the United States or small businesses based in India. Likewise, it seems that almost everyone is concerned about keeping their data safe from intruders.
Here, it is important understand that various prominent governmental agencies as well as independent organizations throughout around the globe are known gather and accumulate data of millions of individuals. Furthermore, it is extremely worrisome that this is done without the consent of the individual. Clearly, this is why individuals are now interested in knowing more about ways they can keep their data secure. If you are interested in protecting your data, this guide will be an informative read for you. Furthermore, the purpose of this privacy guide is to convince you, the user, that securing private data on different devices is not a difficult feat.
Menace of Hackers
Data theft is a fairly common activity today. Regular people sitting next to you at work or school could easily participate in data hacks to steal your information, if you fail to safeguard your data by employing fairly common means. Such activity is not uncommon- all it takes is bad intent and a bit of skill in exposing your unprotected data.
Additionally, personal data gets stolen by those we trust, such as our friends or contacts. Therefore, it is imperative that the internet user be vigilant regarding their computer use, especially when considering computer security. In this case, it is better to be safe than sorry as data theft prevention is a lot better than the cure.
The Illusion of a “Free and Safe” Internet
There was a time when the majority of the internet users thought that they could surf the World Wide Web freely. Surfing the web without the added worries of the user location being discovered, or digital data being compromised was a common practice. Those days are unfortunately long behind us- as this is a data age where there is no such thing as a “Free and Safe Internet”. The term doesn’t imply the same connotation as it did previously in light of daily news of major hacking activities and breaches that are rampant around the world. Such hacks and data breaches usually involve various online accounts of common users.
Certainly, this has fueled the notion that the internet is not as free and safe as we once thought it to be.
The following are instances that serve as reminders as to why we need to safeguard our online data:
- More than half a million Facebook accounts are compromised every day.
- More than 90% of computing systems are defenseless to exploit kits (because of vulnerabilities in software).
- More than half of employees steal corporate data in case they quit their job or are fired.
- Even the finest of the antivirus software has shown to have weak links that can be exploited.
-
Taking Measures for Browser Safety is Mandatory
A great many of our internet users prefer tools that are the most popular in the market with the highest brand recognition. Browsing for answer, for example, has become synonymous with Google, and more recently BING or Google Chrome and Firefox. However, it is important to note that popularity does not equal safety.
These are some risks associated with the common use of these two tools:
- Identity Finder: A well-known security firm states that Chrome stores files on your hard drive. This mostly happens while you are browsing, and can include passwords. Experts believe if you use Chrome on at least two devices, this syncs data on them when you sign up with same user ID. This makes your browsing history obvious to everyone wanting a closer look.
- Firefox has shown serious issues when several plugins are running together. Moreover, this is also why many experts and researchers think that Firefox is certainly not on the list of the best browsers in the market.
- Firefox has also shown accessibility issues to several websites, mostly issues associated with compatibility.
-
The Rising Threats of Viruses
Computer users are always concerned about the threats of a computer virus- especially the damage it can do to privacy and security. Most are not even aware that the rising threats of viruses can affect all devices, such as your tablets, mobile phone devices (IOS or Android), and not just PCs or laptops. The effect of a virus running rampant in your system and programs can seriously damage the user’s data. This can result in data theft, with or without the user’s knowledge. Such threats can include payment data being stolen while making purchases online, and authentication details of the user being compromised. A more serious threat is also identity theft, resulting in a great deal of time and financial loss to its unsuspecting victim.
Some instances of Data compromises include:
- MyDoom was one of the most damaging viruses of all time. MyDoom caused damages of more than $38 billion and showed the user exactly what type of damage a single virus can do to users everywhere.
- More commonly, around 40% of the US households have computer viruses infecting their systems and files.
- Many large tech giants, such as Microsoft and Yahoo, have certainly been the target of virus attacks, suggesting kinks in their infallibility.
Certainly, all of this information is a clear indication that digital device users, regardless of the device they are using, should install/download proper measures against viruses. This is also important since viruses tend to aim to sabotage the private and classified information of the user.
-
Information Placed Online is Always at Risk
These days, almost everyone we know is addicted to different social media platforms. There are also certain social media sites that target users form the “youngster” generation, specifically teens and adolescents. Although social media can provide a fun way for users to interact with each other, they may not realize the dangers lurking behind such prevalent usage. Almost 92% of teens in the U.S., 92% of young adults and 94% of mid-lifers (30-49 years of age) are able to use the internet to share content through various social media platforms, socialize, play, shop and even conduct their business. Specifically, it is important to note that that adolescents and teens prefer the more prevalent social media platforms, such as Facebook and Twitter, Intagram and Pinterest. Young adults, for the most part, are not aware of the riskiness associated with such social networking sites.
Here is a look at some of such risks that every such person should be aware of.
-
Online Surveillance Increasing
Almost all the major tech giants are actively collaborating with their country’s surveillance agencies in order to provide better safety and security for users. This includes the likes of Facebook and Twitter. Additionally, many whistle blowers have come forth damaging the reputation of such social media sites, claiming that the private data of users is not as safe as one might think. Data can catch the attention of surveillance agencies, especially when we share data among our contacts.
-
Instances of Online Harassment
Many users have complained that they have faced harassment as a result of placing their private information online.
Here are some facts that highlight the wide ranging scale of such a problem:
- 40% of internet users have been harassed online at one time or another.
- Around half of the users, do not know the identity of the person behind the online harassment.
- 18- 29 year olds are the most likely demographic group to face online harassment.
- Social media seems to be the place where individuals face the most online harassment.
In light of these facts, it is clear that the placement of sensitive and private data online is risky for any user, regardless of age. Therefore, we recommend the use of caution when engaging in online content sharing.
-
Identity Theft
Hackers are getting smarter and braver each day, and digital device users don’t necessarily know that. This is evident from the fact that they are using increasingly clever and resourceful tactics to gather the personal information of their unsuspecting targets. Additionally, social media account holders should be careful of their online activity, as this is a prime target also.
Consumers, especially those that conduct online transactions for themselves or for their business, should avoid revealing sensitive information, such as social security numbers and credit card information, while online. Most importantly, the user must always remember that a hacker is capable of causing severe damage to the user, resulting in privacy and financial loss.
In addition to this, another key aspect of identity theft is the usage of someone’s online profiles and picture without their knowledge or consent. In such a case, users that steal online pictures can pose as another user and “Cat fishing” for information by fabricating online identities and creating entire social network circles, with you none the wiser.
The Attack on Privacy by Intelligence Agencies
Whistleblowers in the past few years have become increasingly active in spreading awareness on the importance of Privacy and its abuses. Some have even shocked the world continuing the debate between Privacy vs. Security- Where do we draw the line?
It’s not a secret that intelligence organizations spy on citizens. Edward Snowden, a rogue NSA contractor and former CIA employee, leaked NSA classified information, without the prior knowledge and authorization of the NSA and the United States Government. This obviously landed him in hot waters, where he is currently residing until the U.S figures out a way to extradite him from the safe haven provided to him by the Russian government.
What were his misdeeds, you might ask? He leaked information in 2013, which opened the eyes of the international forums that safeguard and value privacy to different surveillance practices by government agencies, without the knowledge of the average citizen. Since then, further revelations about infringements of privacy have continued to shock the world in 2016.
Even before his findings were made public, many believed that the US government was collecting data on its citizens.
Here is a brief look at some intelligence organizations and what they can do:
A Glance at the NSA
A Collection of Massive Amounts of Data
The NSA is famous for collecting phone data on a regular basis. It collects private phone related information like time and duration, location and parties involved in the calls. All such data is the permanently stored at major storage centers. The NSA had more than 100 data processing sites in the world, as of 2008. This gives you a hint regarding the massive amount of data that the agency can access throughout the globe.
The NSA has XKeyscore at its disposal, which is a program that allows the agency to easily go through huge databases containing the history of great many users.
Text Messages Monitored & Stored
Those who like to send text messages in the US should beware. The agency stores and collects around two hundred million text messages daily. This has concerned privacy advocates.
Credit Card Information Monitored
The agency monitors credit card and banking transactions, as well as international payments. In addition to this, they may monitor major credit card transactions, such as VISA. Many privacy advocates claim that the NSA can instantly locate your location whenever you use your credit card.
Smartphones Monitoring
The NSA can hack all well-known smartphones. This means you high tech devices, such as your smartphones, are not safe from the clutches of the NSA.
Advanced Decryption Programs
The NSA utilizes some very intelligent decryption programs. These are used to decrypt phone conversations that are encrypted by users.
Monitoring of All Online Activity
The NSA monitors your online activity, such as online chats, browsing history and emails.
Social Media Accounts + Other Data = Your Profile
The agency combines data from various social media accounts, which it can then compile with other user data at their disposal, such as GPS location, to create a remote profile of the user. By doing so, it is able to create complex profiles. The NSA can use this information to determine the location of the user and his or her companions. Starting to feel like a sci-fi thriller yet?
Gamers beware!
The NSA knows that online gaming is a very powerful portal for communication. The NSA is also collecting data from gaming users. Popular titles, such as World of Warcraft are not impenetrable to the NSA.
Offline Systems
The NSA has access to offline computers. It utilizes complex radio and wireless technology in order to put spyware on offline systems. They truly are the “Intrusion Experts”.
No Expense Spared on Intrusion
The agency has not revealed or released its budget. We do wonder- are there any limits? Do they ever need to cut expense? Most importantly, where do they get their income from? Snowden’s document states the NSA Budge to be at least $11 billion annually.
Storage of Crash Reports
The NSA can steal the OS’s crash reports typically asked of Microsoft users. These reports showcase system vulnerabilities and such information that can be used by the NSA.
Diversions and Mirror Sites
The agency has the power to send you to any mirror site; thereby recording the actions of its users. For example, you log onto Hotmail servers, here the NSA may intercept this request of yours. Now, it can send it to any mirror site. Moreover, if the agency knows that you are visiting any inappropriate site, it can misdirect you. Besides this, it can insert malware into your system.
The Human Resource
The NSA possesses some of the most intelligent minds in the world- probably its greatest asset
A Glance at the GHCQ
Britain is a strong proponent of individual privacy rights, with lower degrees of surveillance than many of its other developed counter parts, such as the USA. However, Edward Snowden has claimed that the Government Communications Headquarters (GCHQ) in the UK is collects U.K. telephone and online data.
Here is a listing of some of its more well-known questionable activities:
Partners of the NSA
The GCHQ collaborates with the NSA on matters of common interest to both agencies. This allows the GHCQ to collect much of its data, such as attaining webcam images of millions of U.K. citizens.
Transatlantic Transfer of Information
The Guardian has reported that the GCHQ has put some very effective data interceptors on fiber-optic cables. These cables transfer online data in and out of the United Kingdom. Note that these cables also feature transatlantic cables, which transfer online data between Europe and the US. This means that GCHQ can access hefty levels of worldwide online data.
Personal Information Database
According to sources estimates, the GCHQ can potentially access 21 petabytes of data in a single day. The GCHQ has created a database featuring personal information of users for more than 15 years. This is done with the UK government’s full support.
The reach and resources of intelligence agencies is ever increasing. It is integral for the citizens of the world to carefully safeguard their online and digital activity.
The Importance of Encryption
An Introduction to Encryption
Those of you who want to familiarize themselves with the concepts and importance of Encryption in today’s world should definitely read this part. It will aid you, the user, in safeguarding your privacy.
What is Encryption?
Encryption is the scrambling of data in an organized manner.
Encryption has existed for thousands of years, in one form or another. There is evidence to suggest that Generals directed ancient armies under their control to use encryption in order to pass sensitive war information to their leaders.
More specifically, we are talking about:
The process of organized scrambling done via an encryption key
This key is shared with the recipient as well as the originator of the data. This process allows data to become a “cipher” for others to interpret. Surely this can only be good news for anyone seeking to encrypt their data.
Today’s encryption techniques can protect the personal data of individuals; this includes data such as passwords, emails, credit cards.
Fun facts about Encryption that you may not be aware of:
- The oldest found encryption record dates back to Egypt, at around 2000 BC.
- Encryption is a term that originates from cryptography, with Green origins.
- Letter substitution is an ancient form of encryption. For instance, “Hello world” would become “Ifmmp xpsme.”
- Encryption is the easiest manner to safeguard electronically transmitted, processed or stored data, according to several tech analysts.
It is important to note that most of today’s latest software has built-in encryption. This goes on to ensure that any important data stays safe while it is transferred to its intended recipients.
Users must understand that varying levels of encryption (or protocols) are in existence today. Protocols created by Microsoft include PPTP. Simple background research on PPTP will reveal that it has many critics. However, it is undeniable that PPTP went on to inspire other protocols. Now, many of its critics do not hesitate to credit it as the inspiring force behind SSTP, OpenVPN and L2TP.
The Workings of Encryption
When you use an encrypted protocol, it’s different from using a proxy. By doing so, you actually safeguard your data by safely transiting it.
People need to see that ciphers are at the forefront of ensuring data privacy. Also, it is a fact that many of today’s services provide AES encryption.
But what is this AES encryption, you might ask?
Well, it is a symmetry-key cipher that was utilized by governmental organizations. It’s speedy and easy to use. Moreover, it keeps a key safe in the far connected online world.
(Note: RSA is an asymmetric algorithm that utilizes a private and public key. This is done to make decryption of a 2-step verification process. In addition to this, the so-called certificates that you observe your browser swapping while surfing the net are basically public keys.)
Now, let’s have a more detailed look at some of the most popular protocols today.
Protocols
-
OpenVPN
OpenVPN is a tool created over the well-known OpenSSL encryption library. It is utilized with AES encryption. This open-source encryption protocol offers a good level of data security. Furthermore, OpenVPN is not built into a lot of software. Experts agree that users should download third-party OpenVPN software, which is easy to get.
-
PPTP
PPTP was introduced by Microsoft alongside its iconic Windows 95 software. This protocol is now available with the majority of operating systems today. However, this is a weak protocol, according to general perceptions. It is commonly recommended for use when dodging basic-level geo-restrictions, mostly because PPTP can’t affect the speed factor.
-
SSTP
Microsoft introduced SSPT alongside its Vista SP1. Just like OpenVPN, SSTP was created over SSL encryption library. Additionally, it is the best utilized AES encryption. Many believe it is Microsoft’s OpenVPN version.
-
L2TP/IPSec
This VPN protocol is commonly implemented with IPSec encryption. It is generally believed to be more secure than PPTP. It does display problems when utilized along with firewalls. The usage of L2TP.IPSec can slow down speed, since it involves a 2-step process.
Weaknesses in Encryptions – At a Glance
There is an obvious problem with the use of standardized encryption, such as SHA-1, SHA-2, RSA and AES. In the past, standard encryption has been targeted by NSA attacks. The National Institute of Standards and Technology in the U.S. takes great interest in the certification and development of encryption protocols. Clearly, this is enough to assert that Snowden’s back-door injecting as well as government tampering allegations have some weight behind them.
Why are Encryption Protocols still being used?
Well, the answer is that IT contractors and manufacturers utilize them, and if they don’t, then this would be a deviation from NIST standards. Such standards set by NIST require compliance for any organization that desires to function in the United States.
Furthermore, it seems that most individuals do not care if the government snoops on them- to some extent, of course. This could be based on the belief that users don’t feel that have any critical data to hide. Essentially, this is giving up your privacy rights. Others strongly believe that privacy is a matter that should not be taken lightly.
A Look at End-To-End Encryption
End to End encryption is the ideal encryption form. It makes sure that data stays encrypted during the entire transit phase. Well-known firms, such as Microsoft, pledge to encrypt the user’s dat. However, they do this specifically on their servers. Moreover, they have full authority to decrypt a person’s data for a third party.
This is the result of the collaboration between NSA and Microsoft when they engaged in the Prism program.