Besides just plain being creepy, all of this spells a fundamental invasion of your privacy.
In my first installment in this series, I discussed changing your DNS servers so that your ISP (or unfriendly persons working for your ISP) could not readily ascertain which websites you visit and use that information for either commercial or even more nefarious purposes.
This helps, but it is insufficient if they are looking a bit more closely. DNS traffic is sent in “cleartext” meaning if, for example, they are looking at your traffic specifically, they will see all of the traffic between you and the alternate DNS you selected, as well as any websites that aren’t encrypted using SSL.
So how do you encrypt all of your traffic so that even if they are looking at your connection specifically, they can’t see your traffic?
The answer is a VPN or Virtual Private Network provider. A VPN encrypts the traffic from your home network or individual computer, across your ISP, to the VPN provider. At the VPN provider’s servers, the traffic is mixed with that of other users of the service and then released to the Internet from there. The process is reversed for traffic flowing in the other direction.
While VPNs are most often used by people in other countries to either bypass local censorship or gain access to American media that is unavailable in their home country, Americans can use such services as well to maintain their privacy. Not only is the American government obsessively spying on pretty much all network traffic and correlating it every way they can, but entities such as Facebook, Google and Twitter are actively searching across the Internet to prevent wrong-thinkers from having access to their platforms. In addition a wide variety of hackers, spy agencies from around the world and more are seeking to … um … get to know you better.
Besides just plain being creepy, all of this spells a fundamental invasion of your privacy.
At first blush, you may think you have nothing to hide, but don’t forget how quickly this country progressed from merely debating gay marriage to anyone who publicly opposing it being fired from their job. You may have what you consider very ordinary opinions today that will constitute hanging offenses three years from now. And the Internet is forever. Furthermore, major ISPs like Comcast and Verizon have fought hard to gain the right to use all of your web searches and so forth for any purpose they wish.
I wonder if any Antifa activists work at ISPs and are interested in doxing people who dare to visit certain websites?
Here at EAU, although it is not obvious, we use VPN technology as well. For example, we use a VPN for hiding the servers of our Tor “.onion” sites. (Theoretically, TOR alone, configured correctly, is sufficient. But we like an extra layer of security.)
The requirements of a VPN for U.S. users are fundamentally different from those in other countries. People in other countries are using VPNs to access entertainment or avoid censorship; whereas people in the U.S. are preserving their privacy. For that reason, there are a relatively small number of suitable providers.
In evaluating which VPN to use, I found the reviews at CTECH useful, because along with the standard information about pricing, the reviews took into account more important factors — such as whether a provider maintains logs as well as how likely they are to hand information to the NSA or FBI. The reviews also highlight providers that should be avoided by US citizens for various reasons.
The configuration of VPNs depends on your operating system, possibly your router and a host of other things too varied for me to cover in a short article. Thankfully, all of the providers have substantial help sections for covering most scenarios. The only general guidance I can give is to prefer OpenVPN over other methods, especially PPTP.
So the next major step in securing your privacy is to configure a VPN. Usually, plans are pretty cheap — about $3-$4 a month — if purchased for a year or two at a time. Some providers even let you pay with cryptocurrencies, which is a definitely plus.