Academy 5 - Identity 2 - Internet Safety II
Hi there
You may remember that back in the very first module, we had a letter on internet safety. There are a lot of people out there who will prey on unsuspecting and innocent web-surfers and to be forewarned is to be forearmed.
At the start of the course, we also recommend you install a password manager and create very strong passwords for all your sissy logins which will further protect you.
Today I want to have a quick chat and give you a few more points you may want to consider.
I hope this doesn’t come as a shock to you, but everything you do online is monitored and recorded. Think of the internet as a very quick form of postal service. You send a letter to your Internet Service Provider (ISP), who forwards it on to the correct address, they then get a reply and send it to you.
As you can see, in this scenario your ISP knows where you are sending your letters (i.e. which websites you’re visiting) and if you’re browsing is unencrypted, it’s like leaving the envelope open and they can read the letter inside.
Obviously, this would be a huge issue for anyone making payments online, so sites began encrypting traffic. Originally this was to hide payment details but most modern browsers will encrypt everything they can by default (if you look at the address bar in your browser, https:// at the start means it’s encrypted).
Furthermore, all internet traffic is recorded by the Five Eyes alliance for security purposes and it’s widely believed that other agencies do likewise.
Now that I’ve gotten the bad news out of the way, I can tell you that you almost certainly don’t have anything to worry about by this since those with access tend to not be concerned about the activities of someone like you. However the sheer number of people online and the amount of internet traffic is not an obstacle to them searching the masses.
For example, there have been instances where workers at ISPs have checked up on their partners (or ex-partners) online activities.
Before I give you some ideas on how to avoid this I need to make it clear that some countries will have much stronger surveillance and will curtail their citizens' browsing of certain things. As always, student safety is the Academy’s number one priority. Students should not do anything that could get them in trouble with their local authorities.
This kind of safety is not that you want to avoid someone working at your ISP to get scam or blackmail you since this is very rare and in most countries an outright illegal act. It is more about you owning the right to your own privacy, and to ensure that whatever the future holds what you do not will not be used against you.
Sharing your computer with others?
A bigger immediate risk for you is probably more that someone would use your phone or computer and find something. We recommend you install an extra browser for this purpose that you use only for privacy-important internet use. You can have that browser set to delete all history and cookies on close for example and make it simple for you that way. If you use Chrome you might have a secondary installation of Firefox, and you set Firefox to have your browsing history and cache deleted automatically when you exit it.
Another way is to use the browser’s incognito mode, and if you use LastPass or similar password helper then you can enable it in incognito mode. You can of course also have LastPass installed on your secondary browser if that way is simpler for you.
How do you protect yourself from your internet service provider, government or anyone listening in on your traffic without your consent?
First concern → Make sure you’re using a modern browser and it’s kept up to date. Chrome, Firefox and Brave are all good choices that will be “evergreen” since they are built-in with automatic updates.
Why does it matter to have one of these “evergreen” browsers?
Because of how hacking works.
Hackers can get into a computer or online account because they take advantage of odd or unknown bugs in the software and hardware of the computer or site in clever ways.
The other common way is obviously to just get hold of your actual login information; you have already taken steps to deal with this by using a password manager like LastPass, which allows you to use different passwords to different sites.
Professional hackers use exploits to hack you and the sites you visit. They need to collect knowledge about such exploits and the black market sells and buys this kind of knowledge for a lot of money. Sadly, hacking is a growing business that even governments take part in.
What happens is that eventually some exploit becomes known to the public. At this point every hacker on the planet can use that exploit to get into all systems that still carry this exploit. It is a race for the company that runs the website with that software, makes your operating system, that software program or the very browser you use to fix the exploit and send the update out to all their users as fast as possible so that as few users will get hacked and used in some way.
Before we had automatic updates, or these evergreen browsers, there were hundreds of millions of people that had browsers or computers that could be automatically hacked by anyone with just the lack of honor to do so.
Wordpress is one such example. There are hacking tools that can search thousands of websites a second, see if they run a wordpress version that contains an exploit and if it does then give the user full access or to fully replace that site with whatever they want.
Therefore always be up-to-date!
You cannot do much about the unknown exploits that will be found in the future, but you certainly do not want to stay around with a browser or operating system that is behind in updates and usable by anyone with knowledge of potential exploits.
Remember that every computer that is compromised makes it easier to compromise other computers. It is your duty as a good, safe internet citizen of the world to keep these important things updated.
Note that just because you are hacked does not mean you will know about it.
Your computer might be used to send data between hackers, do attacks or hacks on other computers, used to process the hackers bitcoin farm or a slew of fishy illegal things without you being aware. Being up to date is good for everyone and makes it generally harder for those that are not playing things fair or are being honorable.
What about other browser alternatives?
If you want the icing on the cake, and an ad-free experience that also allows you to contribute a bit to your favorite content creators then you can look at Brave. (This is an affiliate link so if you support us a tiny bit if you use it). It’s not required for the Academy or internet Safety but I want to make you aware of it if you are interested.
Hiding in plain sight?
We have a Virtual Private Network or VPN. This technology was originally developed so companies could extend their internal network online while keeping everything secure but nowadays it’s available to everyone.
As well as increased security, VPNs have numerous other benefits such as accessing material that is geographically restricted or evading attempts at censorship. This is especially great if you want to watch videos from other countries online, you have probably seen those “Cannot be watched from your current location”.
When you use a VPN, you make an encrypted connection to its server and that is what your ISP sees. The server will then communicate with the website, which will then send the requested data back to the VPN server and it will be returned to you encrypted.
VPNs aren’t perfect. They can slow down your browsing (in some circumstances considerably) and some sites aren’t compatible with them and we don’t recommend you use one, but we believe we have a responsibility to make students aware of them, especially if they have a problem with video sites not working in their country.
Brave Browser: Download here
VPN: Download here
PS! With both links, you support the academy a bit as well :)
Thank you for reading and I hope I’ve given you some food for thought! Now that we’ve got this out of the way, we can get back to your sissy training!
