From time to time GovEvents will come across information we feel our members and audience would benefit from. Here's something we wanted to share:
- Consider not using Google
This goes not only for the main Google search engine but also all of the other tools - Google Analytics, Gmail, Google Apps, Google Drive, etc.
Due to its huge network and portfolio of tools, Google knows basically everything about you there is to know. Whether you're comfortable with this from an online privacy point of view is up to you.
As for things like Gmail and Google Drive, there are multiple viable solutions on the web. For example, SpiderOak is an interesting alternative to Google Drive and Dropbox that even has Edward Snowden's approval.
- Probably delete Facebook from your phone
There have been multiple stories appearing lately describing Facebook's alleged "in the background listening" practices. Some people are reporting concerns related to the Facebook app listening on to the conversations they're having over the phone and then suggesting ads based on the things mentioned in those conversations.
In all likelihood, or at least we'd like to believe so, this is not entirely plausible - and Facebook obviously denies. However, getting rid of the Facebook app from your phone surely won't hurt your overall online privacy.
- Do you really need that Amazon Echo?
As useful as those new home assistants can be, they also carry some serious online privacy concerns with them. Most of all, they're in an "always on, always listening" state.
What this means is that Alexa is constantly listening to everything - everything(!) - you say around the house, and transmitting it over the internet to Amazon's servers.
Ultimately, you have no control over how that data is going to be used and by whom. Though, full disclosure, Amazon says they don't share your Amazon Echo data with third parties.
Google Home, however, is perhaps even more hostile to your privacy. Apart from microphone access (always listening) it also tracks your location and can share your data for advertising purposes with third parties (including Google's other companies).
- Use virtual machines
Virtual machines let you simulate a second computer (a virtual one) within an application. It's basically a sandbox. The virtual machine can be limited in any way you need it to be, for instance, with the web connection disabled, or any other part of the system removed.
Virtual machines are great if you want to do a sensitive task on your computer that doesn't necessarily involve a web connection. Or, even more so, when you want to make sure that the web connection is unavailable and that your actions are not logged for any future transmission to a third party.
In other words, if you want to open a file and you need to be sure that no one is watching over your shoulder as you do so, you can do that via a virtual machine. Then, after you're done, you can delete that virtual machine and thus remove every trace of the operation.
Try out VirtualBox, a popular free solution that runs on Windows, Linux, and Mac.
- Avoid public Wi-Fi
As much as everyone loves those free Starbucks Wi-Fi hotspots, you shouldÂ perhaps be careful around them. Or, rather, not perhaps, but definitely.
Public Wi-Fi raises a number of online privacy concerns:
- You never know who's running the hotspot, what the software is, what the setup is, what sort of information is being logged, and so on.
- You don't have any certainty if the hotspot you're using isn't an "evil twin" - a hotspot created to impersonate the genuine Wi-Fi network that you actually intended to use. For example, let's say that you see an open network called, "Starbucks Free Internet", so you decide to connect. However, you have no way of telling if that network is actually the official one run by the coffee shop. Essentially, anyone with a mobile router can create a network like that and then steal the information of anyone who connects to it. Listen to the first episode of Hackable - a podcast by McAfee to learn more about this (available on iTunes).
- You can't be sure that using a VPN will protect you. In most cases, VPNs solve the problem, but if you're dealing with a fake network then the person running it might still be able to see what's going on. Additionally, there's the issue of DNS leaks. In simple terms, your laptop can still be using its default DNS settings to connect to the web, rather than the VPN's safe servers. Here's more on the topic.
What can you do?
- Really avoid public Wi-Fi networks if you want to perform any sort of sensitive operation. Don't access your online banking platforms or anything else where your privacy is of utmost importance.
- If you do use public Wi-Fi, also use a VPN. Do the DNS leak test available here to make sure that the connection is secure.
- Always ask what's the exact name of the public network that you want to connect with - to avoid connecting to an evil twin.
Conclusion: What's Next?
Online privacy is a topic that has been gaining in importance more and more over the last couple of years.
Apart from those basic, common-sense things that every web user should be doing in terms of their online privacy, there are also matters of new regulations and problematic net neutrality issues that have appeared quite recently.
These days, it seems that you can't easily escape big corporations tracking you online, your ISP (internet service provider) recording your online activity and perhaps even selling the data to third parties (which is legal in the US).
All in all, this can be frightening. However, there still are viable things you can do and tools you can use to keep and protect your online privacy. We hope that the list above gave you a good overview of what's possible and how easy to carry out most of those actions are. But you do need to be deliberate, and also review your online privacy optimizations every once in a while.