Aside from the very real need to worry about outright identity theft, there is a growing need to be concerned about privacy and reputation protection.
If you think all the concern about privacy threats on the internet is just a bunch of hype, you should seriously do some homework. The threats to privacy are more pervasive than most people realize and more dangerous because the sources of threat can come from otherwise trusted organizations.
For example way back in July of 2005, internet journalist Elinor Mills wrote this in a story for CNet:
“someone with access to Google’s databases could find out what he writes in his e-mails and to whom he sends them, where he shops online or even what restaurants he’s located via online maps. Like so many other Google users, his virtual life has been meticulously recorded.”
In the two years since that article was written, is it reasonable to believe the technology has gotten less effective? Of course not. You can read Elinor’s full article here on CNet.
If you seriously think the threat to your privacy is lessening you may be interested in a new search engine being launched called Spock. It’s entire purpose is to catalogue every detail about you that it can acquire from the web.
Spock launched in August of 2007 and before it even opened its doors to the public had over 100 million individuals logged into its search engine. You can read all about it here. Since then, Spock seems to have become a front for a service called Intelius.
The Intelius web site says they offer a
“great way to find and reconnect with family, old friends, relatives and just about anyone! People Search reports include phone numbers, address history, ages, birthdates, household members, home value, income and more.” (emphasis added)
There are many threats to innocent people just trying to make use of or enjoy the web. You shouldn’t have to worry that some nut-job is going to track you down or try to do damage to your computer. You also should not have to be concerned that businesses like Google or worse, fraud artists, are tracking your every move on the web. But if you are not equipped with secure surfing tools, you really are exposed to these risks and more.
These risks are not well understood by the general public. There is great emphasis placed on warning about viruses and trojans and spyware. But there is little discussion about one of your greatest vulnerabilities. Perhaps the reason is that the very nature of the risk means that every single user is exposed and they don’t want to add to the anxiety. The fact is that there there is only one sure way to protect yourself from this risk, to ensure secure surfing, and I am going to share that with you now.
First, the risk: for the internet to operate, it must use “addresses.” Expecting the system to understand “www.securesurfing.org” is akin to throwing an envelope marked “Joe’s House” into the air and expecting it to get to Joe.
So every computer connected to the web, every single one, has a unique numeric address called an Internet Protocol (IP) address. If you go to a web site, that web site has to know the IP address you are calling from or there would be no way to deliver the web pages or other content to your system. For the period of time you are browsing a web site, there is a direct relationship between your IP address, your physical computer, and the web site’s computer (other IM client, download server, etc.)
Your IP is 38.107.191.100
Unless of course you are using Anonymizer, in which case the IP address shown here will be that of your anonymizing host, not your own computer.
Why does this matter?
How does this affect secure surfing? First, consider your situation if anyone could invisibly approach your home any time they wanted. They could do whatever damage they wanted or watch through your windows whenever they wanted. They could enter your house and search through your personal papers. Would you feel safe? Would you ever be able to leave the kids home alone?
That is exactly the situation you are actually living with in your web browsing. Because the servers you pass through and among must have an IP address to send content to, your address is exposed. Because it is the web, anyone making use of your IP address does so completely invisibly. internet security software
Second, consider if someone could plant an invisible tracking device on you. They would know every where you went, every bar you entered, every visit to the golf course when perhaps you should have been at work. They would know your every move. Not a pleasant thought. Particularly when you think of them attaching that invisible tracking device to your kids.
But that is the insecure surfing you are dealing with right now. Because your IP address is disclosed throughout your web browsing, it is relatively easy to track your movements. Some very popular services are under public charges of privacy invasion because they attach your searches to your IP address. Google tries to keep track of every word you type into their search engine and even your e-mail — that’s right, if you use their “free” e-mail service, GMail, then Google actually goes to the lengths of scanning your private e-mail messages. They record IP addresses that click on those Google ads you see on so many web pages. In July of 2005, noted internet journalist Elinor Mills wrote this in a story for CNet:
“someone with access to Google’s databases could find out what he writes in his e-mails and to whom he sends them, where he shops online or even what restaurants he’s located via online maps. Like so many other Google users, his virtual life has been meticulously recorded.” (more on Google privacy here)
Google now claims they are not attaching your name or other “personally identifiable” information to your records other than your IP address, but it is certain that others are doing exactly that. In Google’s case, it is difficult to understand how they can deliver “divorce lawyer” ads to your GMail account because they scanned a message containing the word “adulterant” and also claim that it is not tied to your name. The e-mail account IS your name. So be careful not to write a sentence like “Avoid adulterants in the mixing process…” But Google claims it does this without connecting its scans to your name.
Even if they are not, would it be any better if someone was able to say “The woman who lives at 123 Ourstreet goes to the hair stylist every Tuesday; she takes a trip to Motel 6 the last Friday of every month, and she goes to Lincoln Elementary School twice a day, and….”
Why do they think it’s okay if they only know what you do and not necessarily your name? How are you to trust them that when it suits them commercially they will not end up attaching your name?
With the new “location aware services” Google is also now tracking your physical location. They do this by triangulating on cell towers near you or using various algorithms related to your IP address. They seem to think that where you are physically located at any given time is also not “personal” information. It may not be personal to Google, but for someone browsing the web from the safety of a women’s shelter, it is very personal indeed.
The bottom line is that the physical need for the system to have an IP address for your computer is putting you at risk every time you go on the web. Even less serious secure surfing problems are associated with the IP address. For example, cookies that are used to track your behaviour almost always depend on your IP address to accomplish their task.
So what to do?
There is one solid solution and only one. Don’t disclose your IP address to anyone.
But, didn’t I just tell you that IP addresses are a physical, real requirement for any use of the web. Yes, they are. But there is a fantastic service that means it does not have to be YOUR IP address.
Anonymizer’s Anonymous Surfing is a service that acts as a middleman for you. Your computer’s requests for web pages — any web pages — are sent to Anonymizer. Anonymizer then takes the request and contacts the web page instead of you. The only IP address that is disclosed is one of the many that Anonymizer operates. The web page then sends the content back to the Anonymizer IP and Anonymizer sends it on to you. Your own IP address is never disclosed to anyone but Anonymizer.
I have used Anonymizer since shortly after they came into existence and it’s been an outstanding run of service. Since before the turn of the century, this service has been protecting my IP address and me without interruption and without failure.
I personally use the Anonymizer Total Net Shield which uses SSH to encrypt Web communications, because it is a set-and-forget solution with the highest level of security.
Total Net Shield establishes a “Secure Tunnel” directly between your computer and the Anonymizer server. If you have heard of Virtual Private Networks used by businesses, Total Net Shield is the same technology applied for personal use.
All traffic between your computer and the web is securely encrypted. Even your Internet Service Provider cannot see where you are going or what you are doing. The logs maintained by ISPs will only show a connection to Anonymizer and with the traffic encrypted there is no way for those logs to identify even the type of content as being text or video or music, let alone the actual content. Not only do you get secure surfing in the form of protecting your IP identity, but you secure your communications in a way not otherwise possible.
The point about encryption bears a bit more explanation. The vast majority of traffic over the internet is “in the clear” meaning it travels in exactly the form you enter it. So if you are typing text into a browser or an e-mail message or an IM client, then it is text that flows across all the wires and through all the servers between you and the end destination. You can tell when you have secure web connection if the site begins with https:// rather than http:// — the “s” is for secure. Of course only a minority of sites employ secure connections so most of what you do on the web is very public.
There are free, easy to use, tools that allow anyone to grab traffic off the web as it flows past. These are “packet sniffers” or “packet capture” programs. They are called this because the information is transmitted in discrete bundles called packets. These programs simply sit there and grab all packets and save them to the snooper’s hard drive. One such program is the open source WireShark. With a moderate amount of sophistication, you too can be reading other people’s web traffic.
Very often, this does not matter. For example the fact that someone could read this same web page by tapping into the path between your computer and the server delivering the page probably does not matter to you. So someone will know that you are reading up about privacy. But many times it does matter. Sometimes it matters because you consider your reading and surfing habits private. It greatly matters when someone can build a complete profile to see that not only are you reading about privacy, but also about lawyers and elected officials… And sometimes it matters purely because of the stupidity of computers that can react, but not understand. Someone doing research on adult diapers for an elderly parent can suddenly find themselves receiving direct mail offers for “bladder control” products.
What Anonymizer does, in particular Total Net Shield, is provide a on-going secure connection. While using the Anonymizer service, it is basically the same as having an https connection to every site you visit. Of course the connection from Anonymizer to the end point may not be secured depending on how the end point receives inbound connections. So you are still advised to exercise care in the content of your communications, but when it comes to straight web browsing, there ends up being literally nothing for anyone to capture. The most they can do is capture traffic between Anonymizer and some thousands of sites. But they can never know whether that traffic connected to Tom Jones’ computer or your own.
What is great about Total Net Shield is that it is a complete solution. Once you install it, you never have to worry about setting any configurations, turning anything on or off. You just use your browser exactly as you always have. Yet you have the highest level of protection available in the world today.
Total Net Shield uses SSH to encrypt Web communications protecting your identity from pharmers, phishers and snoops, and is normally priced at $99.00 / year (or $8.25/month if you want to compare it to some of the monthly service fees you pay for various things.) At eight bucks a month, you get the comfort of knowing that if your kids are browsing the web, they are not being tracked. That if they make some other tech geek angry, your computer is not going to be subjected to a barrage of internet attacks. And that if you want to watch some racy videos on U-tube, it’s no body’s business but your own. But you do get more than that comfort for your ten bucks. You also get encrypted protection for IM and Chat, encrypted e-mail and pop-up blocking before they even reach your computer. parental control software
If you would like to do a bit of comparison pricing, similar services (actually none offering the complete package) are priced much more aggressively. For example, Anonymize.Net wants $29 / mnth or $359 per year for a secure connection. Instead you can get the Anonymous Surfing for only $29.00 per YEAR .
bHidden.com forces you to browse only through their web site and limits the amount of traffic you can generate in a day. For that, they want $60 / year. For a lot less you can get a lot more from Anonymizer an easier to use, more complete service without any limitation on how much you use it.
CryptoTunnel wants $155.98 / year for its secure anonymous service.
At $99.00 / year, the Secure Surfing Organization strongly recommend Total Net Shield, but if you would like to try out a less universal solution first, Anonymizer offers a FREE Anonymous Surfing Trial. Anonymous Surfing does not hard wire in a secure tunnel the way that TNS does, but it is a solid solution that encrypts your traffic and filters browsing through Anonymizer servers, hiding your IP address from everyone. With the Anonymous Surfing package you decide when to turn the encrypted servers on or off with one click.
Anonymous Surfing also comes with a kind of security bonus not directly available with its more expensive big brother Total Net Shield. With TNS, because it is a set-it-and-forget-it permanent solution, there is no need for interaction between the service and the user. But with Anonymous Surfing, that interaction provides a bonus in the form of “phishing”, “pharming” and ”evil twin” protection. Anonymizer keeps updated on what sites are known fraudulent and automatically prevents you from browsing to them while using Anonymous Surfer. So if someone has twinned your bank’s site and you click on their fake link, Anonymous Surfer will prevent it and alert you that you were trying to go to a known fraud. This known bad site protection is particularly important for younger children or rebelling teenagers. (Do note as described below that the phishing protection is better provided through OpenDNS at no cost, but no one can replace the core secure, anonymous surfing functions at the low cost of Anonymizer).
There is a much greater chance that a child who receives a fraudulent e-mail will click on one of the links in that e-mail. The horror of some parents seeing their ten year old being inundated with pornographic images because of a bad e-mail link is testament to the need for active protection. At less than three bucks a month, this is a very solid service that can even protect you from your own mistakes (clicking on a link in an e-mail that you knew you probably shouldn’t have).
As always, if there are problems with the tools we are recommending, particularly when we are recommending them as highly as in this case, we need to be certain the product continues to meet the high standards we set.
If you have a usability problem or a technical problem, let us know by e-mail to: .
If you have a customer service problem with Anonymizer, we want to know that too. Those we recommend need to care about the customers and if we see evidence of bad service we can remove the recommendation from our list of the best tools. Send such incident reports to us at:
The phishing protection that comes with Anonymizer and various other software packages is actually redundant if you give yourself the strong protection of the free service, OpenDNS. If all the companies (anti-virus, firewall, system utilities, web services, even search engine companies) that are re-inventing the wheel by building separate solutions, instead contributed those resources to OpenDNS, the level of public protection would increase profoundly.
OpenDNS can be used by parents to control access their children have to adult web sites and so on. But it is not required that you block that access. For an adult or business, OpenDNS protects you from drive-by hijackers, one of the most common methods of stealing personal information.
OpenDNS maintains a database known hijacker sites, virus and trojan hosting sites. If your web browser tries to go to one of them, OpenDNS will block the attempt. And you can still cruise Playboy if you want.
OpenDNS is a very sweet deal because once you’ve set it, you can forget it. And while there are lots of security options you shouldn’t “set and forget,” this is one that the Secure Surfing Organization strongly recommends.
You can read the article written for the general audience here.
