My recent post, "A Hacker's Story: Let me tell you just how easily I can steal your personal data," is pretty popular. It really showed people how easy it is for even a young journalist with almost no hacking experience to get their personal data. Now that people are aware of this, what can you do? Is there a way to stop this kind of thing?
Yes—but it's not easy.
I've compiled a list of tips, software and hacks that will help you keep your private data to yourself while browsing the web. You don't have to use all of these, and some of them will admittedly slow down your web experience. But just remember, the more you use, the safer your data is.
1. WPA2 with AES encryption
The major piece of advice I gave people in my original article was to use WPA encryption on their router instead of WEP. This was close, still a bit off. Your best bet is to use WPA2 with AES encryption and use a strong password (information on how to make a strong password is coming in a later article).
I wont go into the nitty-gritty details of setting that up, but if you don't know what you're doing, just call your router's supplier (or your Internet service provider) and ask them to walk you through the process. It's not as complex as it sounds. It only takes a few mouse clicks and once set up never has to be touched again.
This will stop anyone from doing what I did in my original article.
You can't always use your own home network. Sometimes you have to use a public network (such as at school or work), and there's no way to guarantee privacy on these networks. For example, at a university even if the network is secure, it's very easy for a student who legitimately has the password to use the same methods I used in my first article to get your information.
So how do you make sure no one can see your online banking transactions or important emails you're sending?
The answer is HTTPS encryption. What this does is make it so even if someone is sniffing your web browsing, they have no idea what you're doing. Most banking sites and some email providers (such as Gmail) already offer this by default.
You can see if the site you're browsing offers this protection in your current browser. Google Chrome for example puts HTTPS in green lettering. Check the help files of your current browser to see how it shows it.
Many sites offer an HTTPS version but don't use it by default (such as Facebook). The easiest way to make sure you are always browsing the safest way possible is to use a browser add-on such as HTTPS Everywhere. This add-on automatically uses the HTTPS version of the site you're browsing. You can turn it on and know you'll always be as safe as possible.
Warning: Even with HTTPS Everywhere some sites DO NOT OFFER an HTTPS version. Sites such as Windows Live Hotmail will not encrypt your data in any way. Meaning people can read your e-mails as you send them.
4. Adblock and Noscript
While we are talking about browser add-ons, I may as well mention some very useful ones. Make sure to install Adblock and Noscript. Adblock does exactly what the title implies. All ads are blocked unless you tell the add-on to ignore a site. This helps stop advertisers from getting your information (such as GeoID and IP).
4. Internet abstinence: Don't go online
The only 100% affective way to keep your data to yourself is to never go online. Turn your laptop's wireless off and keep it disconnected from all networks.
No matter how secure any of the myriad tips I give may sound, there is always a way around it. Even if there isn't one now, some clever hacker will find a way in. So be cautious about what you post online—there is a way for someone to find out it's you.
Many more tips to come.