How to Use the Internet Privately
You may listen to the podcast version of this essay here.
Dear privacy seekers,
Allow me to quote a paragraph from my book The Watchman Guide to Privacy in which I give the big picture of the Internet.
The Internet is simply the wired—and increasingly wireless—connection between each participating computer on earth. Millions of physical cables drape across the planet, stretching across continents and oceans and buried under mega-cities and rural towns. These cables are filled with slivers of glass that facilitate the beams of light transmitting data across the planet in the blink of an eye. Along the way massive cables divert to regional Internet Service Providers (ISPs), and then to individual houses and apartments. When they arrive, small machines called routers disperse these signals throughout the building, and computers with storage drives called servers collect some of this information, which otherwise would evaporate into a flash of light. Increasing amounts of satellites and cell towers obviate the need for physical connections, penetrating previously-barren parts of the world, slipping past the walls of our homes, and aiming to replace cables with dimensionless connectivity. The ownership of such an amorphous system is complicated. Since these vast networks—physical or satellite—cross local and international jurisdictions, large companies and governments tend to own them, not individuals. This means that spy agencies like the NSA can step millimeters outside of national boundaries to tap into these data-rich cables legally, and bizarre scenarios can transpire whereby sending a message to your friend two meters away might route it to a different continent before sending it back to her phone. This is, in short, what we mean by the Internet.
That’s simply a description of the physical workings of the Internet. So how should we use the Internet? Obviously with great caution at its awfulness. But how else? Well, I’m going to suggest a few ideas, from fundamental principles to specific tools to help you use the Internet more privately.
Sparingly
First, use the Internet sparingly. When cybercrime has reached $6 trillion per year, when breaches and leaks are a daily occurrence, when the selling of user data has become a basic assumption, then you must understand that anything you do online can and will be compromised or end up in unintended and undesirable hands. This is an inevitability. Right now with a brief search on your browser you can find yourself on one of hundreds of websites that sell or give out the credit card numbers of millions of people, as well as email addresses, log-in credentials, government ID numbers, medical records, and everything in between. And this is simply what the basic criminals are doing. Add to this the data collected and shared by legitimate companies through obscure user agreements, and then the vast surveillance data of governments, and you have more than enough reasons on any side of the political spectrum to reduce your interaction with the Internet.
This is why I advocate to avoid the Internet and to do your stuff offline as much as possible. Let me get into a few basic examples:
Instead of storing data somewhere like Dropbox, upgrade your physical hard drive or get a portable drive. Keep your data stored offline.
Avoid always-online programs like Microsoft 365 and opt instead for offline software programs such as LibreOffice. Instead of QuickBooks simply use a basic folder system and an offline spreadsheet program. Some may think this inconvenient, but factor in the recurring cost of these services, the potential for a breech, and the inherent harvesting of all the data you share with them. That’s not convenient in my opinion.
Do not give away your personal information to any website or person who is going to keep it in a computer system. Reject by default. Don’t let your documents or ID cards be scanned. Refuse. Agree to show but not to scan. Use temporary email services like 33mail and SimpleLogin. Rely on fake information for unimportant things. Use more free and open-source software that is offline and doesn’t require an account. Do not give out your information so easily.
Stop trusting your real credit cards to websites. First of all, buy more things in person with cash. When you must be online try to use gift cards purchased in cash as much as you can and rely on services such as Privacy.com (not available in all countries I realise) which lets you create burner debit cards that let you dictate what name and information you give to any particular online shop. Also make use of prepaid debit cards that you can find in many stores, particularly in the US. Cryptocurrencies can help here as well and you would do well to start using them and not just Hodling them. Remember what I said about credit cards floating around on hacker forums? Make sure you’re not part of that moving forward.
Change your behavior to rely on offline options and to reject giving out personal information as much as possible. Right now your behavior might be to download an app when you need something. To go to Amazon when you need something. To search for the best all-encompassing computer program when you need to solve a problem. Reduce that and you will find yourself in a stronger privacy and security position. You do not need the Internet as much as you think.
Use the Internet With Purpose
Do not go online unless you have a concrete goal. Companies have spent trillions on psychologically exploitative marketing to attract your gaze, get you to open your wallet, and get you clicking and autoplaying and building up a nice profile on you. So never sit down to use the Internet unless you have a plan. Sure, it can be good to explore the Internet a bit, but reserve exploration for designated times. The further off track you get the more likely you are to click on something, to fill your private mind with the images and ideas of someone else, and to increase your risk of exposing your information and your identity to those who are eagerly watching and tracking.
To help you stay focused get into the habit of speaking out loud your purpose for using the Internet whenever you sit down to your computer. Or write down on a piece of paper what you’re about to do. Don’t stray from this mission.
Don’t check your email unless that is part of the mission
Don’t buy that item on Amazon that you think of while doing research
Have a notepad handy to offload any distractions for later
When you are finished with your Internet task stand up and walk away from the screen to clear your mind and prepare for the next mission
Above all, practice this habit until you establish it
You can use some other tools and techniques to help you from straying and exposing yourself more across the Surveillance Net. Consider the following:
Don’t leave your email or messaging client always available. Keep it closed until you need it.
Don’t leave your phone on and nearby
Consider checking your email only twice per day: once at 10:00 and once at 4:00: as productivity guru Timothy Ferriss recommends
In other words, don’t let notifications come to you: instead go to them when you have designated to do so
Consider keeping your to-do list and other lists somewhere separate from your computer
Consider using a browser add-on such as Ublock Origin, which eradicates advertisements and other shiny distractions from web pages. You might also try other add-ons such as Just Read, which strips out everything except the text of a page. Indeed, if you’ve never experienced the world of browser add-ons (or extensions as they’re also called) then you’re in for a surprise. You can customize your Internet experience entirely. But I don’t recommend downloading these things casually as they do require permissions that I’m rarely willing to grant. Ublock Origin, however, should be at least one add-on that you attach to your Firefox browser right now.
Avoid your phone as a means to access the Internet. You might follow Michael Bazzell’s advice and put your phone into black-and-white mode in the settings so you are less tempted to use it for a colorful distraction. Your phone exists to make phone calls or to help you out when you’re far from a familiar Internet connection. Keep it that way.
Finally, have stretches of time—for example while writing—where you disconnect from the Internet entirely. Shut off the Wi-Fi or unplug the Ethernet cord.
Use the Internet with purpose. The more time you spend on it the more you will scroll, and click, and expose yourself, and buy. Do not make Internet activities the fulcrum around which your life pivots. Be the master of the tool that is the Internet and not its slave.
With a VPN
Use the Internet with a VPN. Always. A good VPN will prevent your ISP—Internet Service Provider—from seeing what you are doing and downloading. ISPs such as Comcast or Sky, for example, can see what websites you visit, and that history can come back to bite you in any number of ways. You might get sued if your friend downloads a torrent file that is being tracked by a corrupt lawyer. Or if you’re ever in court, a subpoena might be granted to reveal your Internet history. You’ll quickly learn the truth behind Cardinal Richelieu’s famous line: “If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him.”
A VPN stops your Internet Service Provider from seeing what you’re doing. It also hides your IP address from the websites you visit (your IP address, by the way, is an identifier that you are given by your service provider whenever you go online). Let’s say that you visit YouTube without a VPN. Well, your ISP sees that you’re on YouTube, of course, but YouTube also sees you. That is, they see a visitor who has a distinct IP address that no one else is using from the southeast corner of Winchester, England, or wherever you are. And when you visit YouTube the next time it will see that you have returned, and if you ever log in to a Gmail account attached to your real name, then YouTube can attach this to your profile so that it knows your true name and your true location. That’s not something I’m comfortable with them knowing. Or any other website.
A VPN does not exactly hide your IP address, but loan you one that other VPN customers share. This makes you anonymous—one of many—and you can choose the location yourself to be further away from your real location at the cost of some speed. But let’s be clear: your Internet traffic does not just evaporate into the ether. The VPN company knows what you’re visiting, but you will have selected one that promises—and has been audited to show—that they do not log that information. No logging policy and proof. Still, you must trust your VPN company at the end of the day.
How then to use a VPN? First make sure to pay for a reputable VPN. Some you might look into are ProtonVPN, Mullvad, and ExpressVPN. Again, you’re looking for a service that does not log and that has undergone a third-party audit. They should advertise this on their website, but if they have not, email a customer rep and clarify. The VPN will also hopefully have decent speeds and be paid for in a private way such as through gift cards, cash by mail, or via cryptocurrency that you will have acquired privately. When you download the VPN on your computer you will simply pick your server location and turn it on. There are more advanced ways to run a VPN—if you have ambition, set it up on your router—but for most people the program route will be the easiest.
One final brief note about VPNs. The Internet with a VPN requires some vigilance. Some websites won’t like it and might block you. Some will require you to fill out CAPTCHAs to “prove you are a human.” Online shops that use payment processing sometimes block transactions made on a VPN. This is frustrating and should insult you. It’s like you walking into a shop and the shopkeeper asking you where you live. You refuse to answer and so she refuses to sell to you. To get around this discrimination you’ll want to first of all be aware that any error with a website could very well stem from the VPN. So you can change the server, or you can have a second VPN that might not have stigma attached to it. The second VPN you turn on will always be the one whose IP address is being revealed. Or you can always just go to a public Wi-Fi spot to successfully place that shoe order that isn’t working at home with the VPN. But, frankly, I’ve learned to shop online at places that are accepting of a private Internet.
With Encryption
Use the Internet with encryption. Encryption is basically a locking system that gives you the keys and your recipient the keys to whatever data you send them, and no one else. That is true of end-to-end zero knowledge encryption. This is the operative phrase: end-to-end zero knowledge encryption. Whenever it comes to communication online, always prefer encrypted options:
Favor private messengers such as Signal, Element, and Wire to Facebook Messenger and SMS texting
Use an email provider like Protonmail which is zero knowledge (the company cannot see your inbox) and end-to-end encrypted if you email another Protonmail address
If sending sensitive documents to anyone via email, insist that they give you an encrypted means to do so
For cloud storage, store any files—and I don’t recommend that you store files online—in an encrypted service. Proton Drive is a much better option than Dropbox and the other mainstream ones.
Encryption is becoming more popular, but be aware that the word “encryption” means nothing unless it is end-to-end, which means that the people with the keys are only you and the recipient; and “zero-knowledge,” which means that the service provider of the encryption definitely does not have access to the data. And it never hurts to see if a company has been audited by a third party to prove all of this.
As a Passerby
Use the Internet as a passerby. What do I mean? I mean to experience the Internet as a ghost, the websites you visit unaware that it is you returning. There are a lot of snares that will expose you when you are online. Your IP address is one of them, which is why we want to use a VPN. But a VPN is not going to protect you in other ways. For example, if you’re logged into a Gmail account while searching on Google then Google will still be tracking your searches. So don’t do that. And there are other ways for websites to fingerprint you and thus detect who you are and when you visit again. The most common way for a website to track you is through cookies, which are bits of code that stick with you from one browsing session to the next, and even in between the tabs you have open. I encourage you to do what I do and arrange your browser to delete cookies and history every time you close it.
Go to your browser settings and make sure to change them to not remember history and to delete cookies upon closing the browser. On Firefox you would go to the settings at the top right, then “Privacy and security”, then select “Delete cookies and site data when Firefox is closed.” Scroll down to “History,” select “Custom settings” and then “Clear history when Firefox closes.”
Now you’ll want to regularly start up a fresh browser and exit the current one. If you are a tab warrior and like to have dozens up at a time, find a different method of dealing with your tangents. Get a notebook or use a note-taking software like Standard Notes and copy and paste your links over to explore later. Find some way to clear out your history so you can use your browser with as little contamination as possible.
Don’t enable autofill features that remember your log-in credentials. Instead, use a password manager that is separate from your browser and which you copy and paste each time you want to log in. I know: it’s annoying to have to go to the manager each time you want to log into Facebook, but it is necessary.
No history means that you will have to log in to an account every time you pull up a fresh browser. That might sound inconvenient, but if you use a password manager, you will work out a speedy rhythm in no time.
Let’s talk about a few other ways to use the Internet as a passerby.
Don’t log into websites unless you have to. YouTube doesn’t require an account, nor does Twitter, and you’ll get the same service if you’re not logged in. Once you start living a no cookie, no history lifestyle you’ll get out of the habit of being logged in at all times.
Avoid leaving comments or reviews on any website
When you have to fill out forms with your information—which you should avoid as much as you can—make use of initials and nicknames and fake names. Your KeepassXC password manager will help you remember all of this stuff.
Use an emailing service like 33mail or SimpleLogin to help generate new email addresses for temporary needs: buying something online, subscribing to a newsletter, etc. There’s no reason to be giving out your real email address.
But let’s get serious here for a moment because websites are fairly sophisticated at detecting the software and hardware that you are using. This unique combination can reveal you. Take a minute and pull up the website deviceinfo.me on a browser. You can scroll down and see everything that is revealed about you, from the size of your screen to the amount of cores your processor has to what graphics card you’re running and how many fonts you have installed. This is revealing indeed, and the combination of this data can pinpoint you out of millions. Nor is this information easy to hide. You could of course look for the most common computer type and screen size and work with that hardware. You could make sure to not have any more than the basic fonts installed and reinstall your operating system if you do. But here’s where I’ll recommend to use the Tor Browser. The Tor Browser has a lot of built-in settings that block all of this tracking. Even better, the Tor Browser works out of the box and users are encouraged to leave the settings default. This means that when you use the Tor Browser not only are you protected to a serious degree but you also appear to look like all the other thousands or millions of people using the browser. Download the Tor Browser (its free) and make use of it whenever you can. Just keep in mind that it can be slow, and that this is the biggest detracting feature.
For more advanced fingerprint blocking you’ll want to look into VirtualBox, which lets you create operating systems within your operating system. Such programs also allow you to change the MAC address of the system, which is yet one more piece of information that some websites can track. It’s beyond the scope of this introductory guide to explain DNS, Intel Management Engine, and programs like Little Snitch and Open Snitch, which can block all Internet signals from being sent out. We’ll talk about such measures in future episodes but you can also research them now if you are eager.
With a Wired Connection on a Desktop Computer
Use the Internet on a desktop computer with a wired connection—whenever you can. Not on a phone, not on a Chromebook, not on an iPad. A desktop computer is preferable because it has the ability to use a more robust operating system. A Chromebook has a highly-integrated Google operating system that undoubtedly shares a lot with the company; your phone works in a similar way: it’s built to share and to have connections to the microphone and the camera and the GPS. A desktop computer is also desirable to download a Linux distribution such as Linux Mint (easy for Linux beginners) so that you can really step up your privacy and security game. At the very least save your sensitive online tasks such as banking for a desktop or laptop. Don’t do that on your phone, iPad, or Chromebook. And if we’re being honest, a full PC is also more cost efficient than a phone or laptop and will allow your much more computing power. Oh, and if you do travel sometimes you can buy a PC carrying case for your rig, which actually works pretty well.
A wired connection means linking your computer to your Internet router with an Ethernet cable. And yes, you can stretch a cable across your house from your router to your desktop computer. All it takes is a long flat cable, some cable clips, and thirty minutes of your time to stretch along your ceiling. Why would you do this? Well, your connection won’t show up in exposing websites such as Wigle.net, which shows most personal Wi-Fi networks in the world—for one. You won’t be at risk of your neighbor or some weirdo sitting in their car within range of your connection and attempting to hack it or do other questionable things. Many people do not change their default Wi-Fi password, and these default passwords can often be found online. Finally, a wired connection is also superior to Wi-Fi in speed and consistency. If you game online or host Zoom events regularly you are doing the world a serious disservice by running on Wi-Fi. When you do use Wi-Fi choose trusted networks and be very skeptical of any free Wi-Fi. Run your Internet through your phone hotspot if you really need it outside of your house. And otherwise connect to a VPN immediately when using strange Wi-Fi.
With intent to use it to its full potential
In a past episode I talked about great alternatives to Big Tech websites and applications. Once you find yourself veering away from the most trafficked side of the Internet you’ll encounter new ideas, new people, and different opportunities. Not all are great and worthwhile, obviously, but one of the great benefits of using privacy techniques is precisely that it frees up your mind and helps you to have the prick of conscience to take the road less traveled. The Internet is home to billions of websites. And yet most people only end up on Netflix, Amazon, and their media conglomerate of choice. Yes, the vast majority of websites are trash or incomplete, but that leaves millions that are not. So, why do you only visit five websites on any given month? Branch out.
Start by using different search engines which will help you get exposed to different things. Avoid Google. Use DuckDuckGo. Use Yandex.
Make a note to find a new website every day that you like, and not one that comes up high in the search results
To find these sites click to the second, or fifth, or tenth page of your search engine
Ask friends what websites they visit often
Check out subReddits for a particular topic that interests you
Avoid Big Tech options; instead of YouTube try Odysee, etc.
Stay curious and push your boundaries often
Whether you put in the work to use the Internet privately or not will determine your safety, your convenience, your focus, and your access to the truth. Spend some time practicing what I’ve just described. Go back to Episode 8 “Alternatives to Big Tech” and some of my other early episodes for more advice. And of course, I walk you through all of this step-by-step in my book The Watchman Guide to Privacy.
Yours in peace and privacy,
Gabriel Custodiet
https://watchmanprivacy.com