17 essential tools to protect your online identity and privacy
- 31 October, 2016 21:00
Make no mistake: Professional and state-sponsored cybercriminals are trying to compromise your identity -- either at home, to steal your money; or at work, to steal your employer’s money, sensitive data, or intellectual property.
Most users know the basics of computer privacy and safety when using the internet, including running HTTPS and two-factor authentication whenever possible, and checking haveibeenpwned.com to verify whether their email addresses or user names and passwords have been compromised by a known attack.
But these days, computer users should go well beyond tightening their social media account settings. The security elite run a variety of programs, tools, and specialized hardware to ensure their privacy and security is as strong as it can be. Here, we take a look at this set of tools, beginning with those that provide the broadest security coverage down to each specific application for a particular purpose. Use any, or all, of these tools to protect your privacy and have the best computer security possible.
Everything starts with a secure device
Good computer security starts with a verified secure device, including safe hardware and a verified and intended boot experience. If either can be manipulated, there is no way higher-level applications can be trusted, no matter how bulletproof their code.
Enter the Trusted Computing Group. Supported by the likes of IBM, Intel, Microsoft, and others, TCG has been instrumental in the creation of open, standard-based secure computing devices and boot pathways, the most popular of which are the Trusted Platform Module (TPM) chip and self-encrypting hard drives. Your secure computing experience begins with TPM.
TPM. The TPM chip provides secure cryptographic functions and storage. It stores trusted measurements and private keys of higher-level processes, enabling encryption keys to be stored in the most secure manner possible for general-purpose computers. With TPM, computers can verify their own boot processes, from the firmware level up. Almost all PC manufacturers offer models with TPM chips. If your privacy is paramount, you’ll want to ensure the device you use has an enabled TPM chip.
UEFI. Universal Extensible Firmware Interface is an open standards firmware specification that replaces the far less secure BIOS firmware chips. When enabled, UEFI 2.3.1 and later allow device manufacturers to “lock” in the device’s originating firmware instructions; any future updates must be signed and validated in order to update the firmware. BIOS, on the other hand, can be corrupted with a minimum number of malicious bytes to “brick” the system and make it unusable until sent back to the manufacturer. Without UEFI, sophisticated malicious code can be installed to bypass all your OS’s security protections.
Unfortunately, there is no way to convert from BIOS to UEFI, if that’s what you have.
Secure operating system boot. Your operating system will need self-checking processes to ensure its intended boot process hasn’t been compromised. UEFI-enabled systems (v.2.3.1 and later) can use UEFI’s Secure Boot process to begin a trusted boot process. Non-UEFI systems may have a similar feature, but it’s important to understand that if the underlying hardware and firmware do not have the necessary self-checking routines built in, upper-level operating system checks cannot be trusted as much.
Secure storage. Any device you use should have secure, default, encrypted storage, for both its primary storage and any removable media storage devices it allows. Local encryption makes it significantly harder for physical attacks to read your personal data. Many of today’s hard drives are self-encrypting, and many OS vendors (including Apple and Microsoft) have software-based drive encryption. Many portable devices offer full-device encryption out of the box. You should not use a device and/or OS that does not enable default storage encryption.
Two-factor authentication. Two-factor authentication is fast becoming a must in today’s world, where passwords are stolen by the hundreds of millions annually. Whenever possible, use and require 2FA for websites storing your personal information or email. If your computing device supports 2FA, turn it on there. When 2FA is required, it ensures an attacker can’t simply guess or steal your password.
(Note that using a single biometric factor, such as a fingerprint, is not even close to being as secure as 2FA. It’s the second factor that gives the strength.)
2FA ensures that an attacker cannot phish you out of your logon credentials as easily as they could if you were using a password alone. Even if they get your password or PIN, they will still have to get the second logon factor: biometric trait, USB device, cellphone, smart card, device, TPM chip, and so on. It has been done, but is significantly more challenging.
Be aware, though, that if an attacker gains total access to the database that authenticates your 2FA logon, they will have the super admin access necessary to access your data without your 2FA credentials.
Logon account lockout. Every device you use should lock itself when a certain number of bad logons have been attempted. The number isn’t important. Any value between 5 and 101 is reasonable enough to keep an attacker from guessing your password or PIN. However, lower values mean that unintentional logons might end up locking you out of your device.
Remote find. Device loss or theft is one of the most common means of data compromise. Most of today’s devices (or OSes) come with a feature, often not enabled by default, to find a lost or stolen device. Real-life stories abound in which people have been able to find their devices, often at a thief’s location, by using remote-find software. Of course, no one should confront a thief. Always get law enforcement involved.
Remote wipe. If you can’t find a lost or stolen device, the next best thing is to remotely wipe all personal data. Not all vendors offer remote wipe, but many, including Apple and Microsoft, do. When activated, the device, which is hopefully already encrypted and protected against unauthorized logons, will either wipe all private data when a certain number of incorrect logons are entered or when instructed to do so upon the next connection to the internet (after being instructed to wipe itself by you).
All of the above provide a foundation for an overall secure computing experience. Without firmware, boot, and storage encryption protection mechanisms, a truly secure computing experience cannot be ensured. But that’s only the start.
True privacy requires a secure network
The most paranoid computer security practitioners want every network connection they use to be secured. And it all starts with a VPN.
Secure VPN. Most of us are familiar with VPNs, from connecting remotely to our work networks. Corporate VPNs provide secure connectivity from your offsite remote location to the company network, but often offer no or limited protection to any other network location.
Many hardware devices and software programs allow you to use a secure VPN no matter where you connect. With these boxes or programs, your network connection is encrypted from your device to your destination, as far as possible. The best VPNs hide your originating information and/or randomly tunnel your connection among many other participating devices, making it harder for eavesdroppers to determine your identity or location.
Tor is the most used, free, secure VPN service available today. Using a Tor-enabled browser, all of your network traffic is routed over randomly selected intermediate nodes, encrypting as much as the traffic as possible. Tens of millions of people rely on Tor to provide a reasonable level of privacy and security. But Tor has many well-known weaknesses, ones that other secure VPN solutions, such as MIT’s Riffle or Freenet are attempting to solve. Most of these attempts, however, are more theoretical than deployed (for example, Riffle) or require opt-in, exclusionary participation to be more secure (such as Freenet). Freenet, for example, will only connect to other participating Freenet nodes (when in “darknet” mode) that you know of in advance. You can’t connect to other people and sites outside of Freenet when in this mode.
Anonymity services. Anonymity services, which may or may not provide VPN as well, are an intermediate proxy that completes a network request on behalf of the user. The user submits his or her connection attempt or browser connection to the anonymity site, which completes the query, obtains the result, and passes it back to the user. Anyone eavesdropping on the destination connection would be more likely to be stopped from tracking beyond the anonymity site, which hides the originator’s information. There are loads of anonymity services available on the web.
Some anonymity sites store your information, and some of these have been compromised or forced by law enforcement to provide user information. Your best bet for privacy is to choose an anonymity site, like Anonymizer, that doesn’t store your information for longer than the current request. Another popular, commercial secure VPN service is HideMyAss.
Anonymity hardware. Some people have attempted to make Tor and Tor-based anonymity easier using specially configured hardware. My favorite is Anonabox (model: anbM6-Pro), which is a portable, Wi-Fi-enabled VPN and Tor router. Instead of having to configure Tor on your computer/device, you can simply use Anonabox instead.
Secure VPNs, anonymity services, and anonymity hardware can enhance your privacy greatly by securing your network connections. But one big note of caution: No device or service offering security and anonymity has proved to be 100 percent secure. Determined adversaries and unlimited resources can probably eavesdrop on your communications and determine your identity. Everyone who uses a secure VPN, anonymity services, or anonymity hardware should communicate with the knowledge that any day their private communications could become public.
Secure applications are a must as well
With a secure device and secure connections, security experts use the most (reasonable) secure applications they can find. Here’s a rundown of some of your best bets for protecting your privacy.
Secure browsing. Tor leads the way for secure, almost end-to-end Internet browsing. When you can’t use Tor or a Tor-like VPN, make sure the browser you use has been set to its most secure settings. You want to prevent unauthorized code (and sometimes legitimate code) from executing without your being aware. If you have Java, uninstall it (if not using it) or make sure critical security patches are applied.
Most browsers now offer “private browsing” modes. Microsoft calls this feature InPrivate; Chrome, Incognito. These modes erase or do not store browsing history locally and are useful in preventing local, unauthorized forensic investigations from being as fruitful.
Use HTTPS for all internet searches (and connections to any website), especially in public locations. Enable your browser’s Do Not Track features. Additional software can prevent your browser experience from being tracked, including browser extensions Adblock Plus, Ghostery, Privacy Badger, or DoNotTrackPlus. Some popular sites try to detect these extensions and block your use of their sites unless you disable them while on their sites.
Secure email. The original “killer app” for the internet, email is well-known for violating user’s privacy. The internet’s original open standard for securing email, S/MIME, is being less used all the time. S/MIME requires each participating user to exchange public encryption keys with other users. This requirement has proved overly daunting for less savvy users of the internet.
These days most corporations that require end-to-end email encryption use commercial email services or appliances that allow secure email to be sent via HTTPS-enabled sites. Most commercial users of these services or devices say they are easy to implement and work with, but can sometimes be very expensive.
On the personal side there are dozens of secure email offerings. The most popular (and widely used in many businesses) is Hushmail. With Hushmail, you either use the Hushmail website to send and receive secure email or install and use a Hushmail email client program (available for desktops and some mobile devices). You can use your own, original email address, which gets proxied through Hushmail’s proxy services, or obtain a Hushmail email address, a cheaper solution.
Hushmail is one among dozens of secure email providers currently available.
Secure chat. Most OS- and device-provided chat programs do not offer strong security and privacy. For strong end-to-end security you need to install an additional chat program. Luckily, there are dozens of chat programs, both free and commercial, that claim to offer greater security. Some require installation of a client app; others offer website services. Most require all parties to communicate with the same program or use the same website (or at least the same chat protocol and protection).
Common secure chat programs include ChatCrypt, ChatSecure, and Cryptocat. Most secure chat clients have the same basic features, so pick the one that enables you to communicate with the broadest set of people you need to securely chat with.
Secure payments. Most payment systems are required to store lots of information about you and your purchases, and they are usually required to provide payment or payer details when asked by law enforcement. Even if they aren’t required to provide detailed data to the police or governments, many payment databases are compromised each year by malicious hackers.
Most users wishing for greater payment anonymity on the internet are turning to online cryptocurrencies, such as bitcoin. Users must first buy bitcoins, usually via traditional online payment methods, and must go through bitcoin exchanges to get their bitcoin value back out into traditional currencies. Each exchange into and out of bitcoin typically takes a small payment fee.
Of course, the privacy and anonymity of virtual currencies comes with real risk. They are usually not considered legal currency and may not be provided the same protections under law as “real” currencies. They may also have incredible price volatility, with the value of your holdings potentially jumping or declining by huge margins in a single day. It’s also possible that a single crypto attack could result in permanent, unrecoverable loss. Hackers have been successful in stealing millions of dollars in bitcoins, and sometimes those thefts are not reimbursed by the compromised holders.
As for credit cards, you can buy and use temporary online (or physical) credit cards. Most credit card agencies offer temporary cards, often at slightly high fee rates, which can be used for a temporary set period of time or even one-time use. If a website gets compromised, exposing your temporary credit card, you won’t be at a loss because you’ll never use it again.
Secure file transfers. Probably the only class of applications that offer more alternatives than secure email is secure file transfer. Any program using SSH or SCP allows encrypted and secure file sharing, and there are dozens, if not hundreds, of commercial offerings.
Users who wish to securely share files while also preserving their anonymity have a myriad of choices. One of the most popular commercial services is BTGuard. It provides file anonymity services over the BitTorrent, a very popular peer-to-peer file sharing protocol.
Anything Phil Zimmerman creates. Phil Zimmermann, creator of Pretty Good Privacy (PGP), cares deeply about privacy. He was willing to risk being arrested, imprisoned, and even potentially faced the U.S. death penalty because he strongly believed that everyone on the planet deserved good privacy tools.
Every good and experienced computer security person I know and trust uses PGP. To work with PGP, each participant creates their own private/public key pair and shares their public key with other participants for securely sending files, emails, or other content.
Symantec bought and has supported PGP commercially since 2010, but dozens of open source versions are available and trusted, including OpenPGP. If you don’t have PGP, get it, install it, and use it.
Zimmermann, who was also behind Hushmail, is a co-founder of Silent Circle, which offers secure solutions for a range of technologies. It even offers the Blackphone, which was designed from the ground up to be the most secure, generally accessible cellphone ever. There have been some hacks of the Blackphone, but it still is the cellphone that prizes privacy and security above all other features -- at least as much as one can and still sell the product to the general population.
Whatever Phil Zimmermann creates or promotes can be assured to be well thought out, delivering privacy and security in spades.
- 11 signs you've been hacked -- and how to fight back
- 11 signs your kid is hacking -- and what to do about it
- Be paranoid: 10 terrifying extreme hacks
- 10 reasons why phishing attacks are nastier than ever
- 19 open source GitHub projects for security pros
- 6 hard truths security pros must live with
- 10 security blunders that will get you fired
- 10 dumb security mistakes sys admins make
- Essential certifications for smart security pros