How to browse the web privately and securely

So you want to browse the web securely and privately? The fact is it’s almost impossible.

Your internet provider collects huge amounts of data about you, like the sites you visit, and sells it to advertisers, prompting some states to block the practice altogether. And that’s not to mention the data that the U.S. government can collect on your web browsing activity. But perhaps the most egregious data collectors are the sites you visit and the apps you use. Social media giants suck up your data, advertisers track you across the web, and your search history can reveal your health concerns, your political beliefs and your browsing habits.

Any time you use the internet, you leave a trail of data behind you. You can’t stop it all; that’s just how the internet and web browsers work. But there are plenty of things that you can do to reduce your digital footprint.

Here are a few secure web browsing tips to cover your bases:

A VPN doesn’t make you anonymous

You’ve probably heard a lot about VPNs — a virtual private network — and how they can hide your internet traffic from snoopers. Well, not really.

A VPN lets you funnel all of your internet traffic through a dedicated, often encrypted tunnel, allowing you to hide your web browsing history from your internet provider. That might help you get around censorship systems or geoblocks that limit your streams to your region. But otherwise you’re just sending all of your internet traffic to a VPN provider instead.

Essentially, you have to decide who you trust more: your VPN provider or your internet provider.

The problem is, most free VPN providers make their money by selling your data or serving you ads — and some are just downright shady or have security issues that can put you at risk. Even if you use a premium VPN provider for privacy, they can connect your payment information to your internet traffic, and many VPN providers don’t even bother to encrypt your data.

As TechCrunch’s Romain Dillet explains, the best VPNs are the ones that you set up and control yourself. You can create your own Algo VPN (if you want to use the cloud) or WireGuard server in just a few minutes. Algo is created by Trial of Bits, a highly trusted and respected security company in New York. The source code is available on GitHub, making it far more difficult to covertly insert backdoors into the code.

Instead of rerouting your traffic from one place to another, there are better ways to minimize your digital footprint.

You need a secure DNS

What does it mean that “your internet provider knows what sites you visit,” anyway?

The internet relies on DNS — or the domain name system — to convert web addresses into computer-readable IP addresses. Most devices automatically use the DNS resolver that’s set by the network you’re connected to — that’s often your internet provider — which means your internet provider knows what websites you’re visiting. A few years ago, Congress passed a law allowing internet providers to sell your web browsing history to advertisers.

You need a secure and private DNS provider.

One of the most popular privacy-friendly offerings is Cloudflare’s secure DNS, which it calls 1.1.1.1. Cloudflare encrypts your traffic, won’t use your data to serve ads, and doesn’t store your IP address for any longer than 24 hours. It’s easy to get started, and you can download Cloudflare’s apps from Apple’s App Store and Google Play.

For Firefox users, DNS-over-HTTPS (or DoH) is built in and enabled by default. DoH encrypts your DNS queries, which hides your web browsing history from third-parties and also makes it more difficult for your DNS queries to be intercepted and hijacked to redirect you to malicious sites.

Uninstall legacy plugins, check your extensions

Gone are the days of legacy web plugins. Flash and Java have been deprecated from the web for years. As such, it’s safe to remove them as this will reduce ways for malware to target you.

For the Java hold-outs, there are instructions to remove it for both Windows and macOS.

These days, web browser extensions add functionality to your browser. But they can also present privacy and security risks. Like apps on your phone, browser extensions often require access to your browser, your data, or even your computer, and although vetted by the web browser makers, extensions can be sneaky, siphon off or share your data, or secretly mine cryptocurrency.

There’s no simple rule to what’s a good extension and what isn’t. Use your judgment. Make sure each extension you install doesn’t ask for more access than you think it needs. And make sure you uninstall or remove any extension that you no longer use.

These web browser extensions can protect you

  • An ad-blocker: Ad-blockers are great for blocking ads — as the name suggests — but also the privacy invasive code that can track you across sites. uBlock is a popular, open source efficient blocker that doesn’t consume as much memory as others. uBlock Origin works in Chrome, Firefox and Edge and the extension is open-source so anyone can look at how it works.
  • A cross-site tracker blocker: Privacy Badger is a great tool that blocks tiny “pixel”-sized trackers that are hidden on web pages but track you from site to site, learning more about you to serve you ads. To advertisers and trackers, it’s as if you vanish. Ghostery is another example of an advanced-level anti-tracker that aims to protect the user by default from hidden trackers. Safari also comes with in-built cross-site tracking protections and a way to hide your IP address from trackers
  • Firefox containers: Firefox users can also take advantage of multi-account containers, a browser feature that lets you isolate your browsing activity. That lets you have one container with your work tabs, and another container with your personal tabs. By keeping the tabs separate, it can make it far more difficult for sites to track your browsing activity across the web.

Changing long-standing habits can also go a long way to preserving your digital privacy.

You could also consider switching to a more privacy-minded search engine like DuckDuckGo, a popular search engine that promises to never store your personal information and doesn’t track you to serve ads. iPhone and iPad users can also change their default search engine in iOS to DuckDuckGo. Brave also offers a privacy-focused web browser and search engine in beta.

Use Tor for anonymity

If you want anonymity, use Tor.

Tor is an anonymity network that bounces your internet traffic through a series of relay servers dotted across the world, making it incredibly difficult to track your browsing activity. You access the Tor network using the Tor Browser, a preconfigured and locked-down version of Firefox.

You can access regular websites just as you would any other web browser, as well as special .onion domains which can only be accessed via Tor. These days, many of the big companies have rolled out .onion domains for their services, like Facebook, Twitter, and the BBC, in large part in response to growing global censorship.

A screenshot of Twitter running in the Tor Browser.

A screenshot of Twitter running in the Tor Browser. Image: TechCrunch

Tor makes it near-impossible for anyone to snoop on your web traffic, know which site you’re visiting, or that you are the person accessing the site. Activists and journalists often use Tor to circumvent censorship and surveillance.

Using Tor is not a panacea. Just like any other web browser, you have to make sure the Tor Browser is up to date. (It should automatically download updates, but make sure you restart to install them.) The Tor Project has a helpful guide on what you need to know about using Tor.

Just don’t expect Tor to be fast. Although it’s getting faster as Tor continues to scale, it’s not practical for streaming video or accessing bandwidth-hungry sites.

Cybersecurity 101 - TechCrunch