Cipher and sword

As is the case with many issues related to modern science and technology, the media and various discussions actively highlight the negative aspects of the development of the Internet, including the Internet of Things, such as the invasion of privacy. Meanwhile, we are less and less vulnerable. Thanks to the proliferation of relevant technologies, we have tools to protect privacy that netizens never even dreamed of.

Internet traffic, like telephone traffic, has long been intercepted by various services and criminals. There is nothing new in this. It has also long been known that you can significantly complicate the task of "bad people" by encrypting your communication. The difference between the old and the present is that today encryption is much easier and more accessible even for the less technologically advanced.

Currently, we have tools such as a phone application at our disposal. signalwhich allows you to chat and send SMS messages in a secure and encrypted way. No one but the recipient will be able to understand the meaning of a voice call or text message. It is important to note that Signal is very easy to use and can be used on both iPhone and Android devices. there is a similar application The slave.

Methods such as VPN or Torwhich allow us to hide our online activity. Applications that make it easy to use these tricks can take a long time to download, even on mobile devices.

The content of email can be successfully secured using encryption or by switching to an email service such as Protonmail, Hushmail Or Tutanota. The contents of the mailbox are encrypted in such a way that authors cannot transmit decryption keys. If you're using standard Gmail inboxes, you can encrypt sent content using a Chrome extension called SecureGmail.

We can avoid prying trackers by using public tools i.e. programs such as don't track me, AdNauseam, TrackMeNot, Ghostery etc. Let's check how such a program works using the Ghostery browser extension as an example. It blocks the work of all kinds of add-ons, scripts that track our activity, and plugins that allow the use of social networks or comments (the so-called trackers). So, after turning on Ghostery and choosing the option to block all add-ons in the database, we will no longer see ad network scripts, Google Analytics, Twitter buttons, Facebook, and many others.

Keys on the table

There are already many cryptographic systems that offer this possibility. They are used by corporations, banks and individuals. Let's look at the most popular of them.

DES () was developed in the 70s at IBM as part of a competition to create an efficient cryptosystem for the US government. The DES algorithm is based on a 56-bit secret key used to encode 64-bit blocks of data. The operation takes place in several or several stages, during which the text of the message is repeatedly transformed. As with any cryptographic method that uses a private key, the key must be known to both the sender and the recipient. Since each message is randomly selected from among 72 quadrillion possible messages, messages encrypted with the DES algorithm were considered unbreakable for a long time.

Another well-known solution is BEA (), also called Rijndaelwhich performs 10 (128-bit key), 12 (192-bit key), or 14 (256-bit key) scrambling rounds. They consist of pre-replacement, matrix permutation (row mixing, column mixing) and key modification.

The PGP public key program was invented in 1991 by Philip Zimmermann and developed with the help of a worldwide community of developers. This project was a breakthrough - for the first time an ordinary citizen was given a tool to protect privacy, against which even the most equipped special services remained helpless. The PGP program ran on Unix, DOS, and many other platforms and was available free of charge with source code.

Today, PGP allows not only to encrypt emails to prevent them from being viewed, but also to sign (sign) encrypted or unencrypted emails in a way that allows the recipient to determine whether the message really comes from the sender and whether its contents have been altered by third parties after signing. Of particular importance from the point of view of the email user is the fact that encryption methods based on the public key method do not require prior transmission of the encryption/decryption key over a secure (ie, confidential) channel. Thanks to this, using PGP, people for whom e-mail (non-confidential channel) is the only form of contact can correspond with each other.

GPG Or GnuPG (- GNU Privacy Guard) is a free replacement for the PGP cryptographic software. GPG encrypts messages with asymmetric key pairs created for individual users. Public keys can be exchanged in various ways, such as using key servers on the Internet. They should be replaced carefully to avoid the risk of unauthorized persons impersonating senders.

It should be understood that both Windows computers and Apple machines offer factory-set data encryption based on encryption solutions. You just need to enable them. A well-known solution for Windows called BitLocker (works with Vista) encrypts each sector of the partition using the AES algorithm (128 or 256 bits). Encryption and decryption occur at the lowest level, making the mechanism virtually invisible to the system and applications. The cryptographic algorithms used in BitLocker are FIPS certified. Similar, although not working the same, solution for Macs FileVault.

However, for many people, system encryption is not enough. They want the best options, and there are plenty of them. An example would be a free program TrueCryptis undoubtedly one of the best apps to protect your data from being read by unauthorized persons. The program protects messages by encrypting them with one of the three available algorithms (AES, Serpent and Twofish) or even their sequence.

Don't triangulate

The threat to the privacy of a smartphone user (as well as a regular “cell”) begins when the device is turned on and registered in the operator’s network (which involves revealing the IMEI number that identifies this copy and the IMSI number that identifies the SIM card). This alone allows you to track equipment with great accuracy. For this we use the classic triangulation method using the nearest mobile base stations. The massive collection of such data opens the way to the application of methods to search for interesting patterns in them.

The GPS data of the device is available to the operating system, and applications running in it - not only malicious ones - can read them and make them available to third parties. The default settings on most devices allow this data to be disclosed to system mapping applications whose operators (such as Google) collect everything in their databases.

Despite the privacy risks associated with the use of smartphones, it is still possible to minimize the risks. Programs are available that allow you to change the IMEI and MAC numbers of devices. You can also do it by physical means "disappeared", that is, it became completely invisible to the operator. Recently, tools have also appeared that allow us to determine if we are sometimes attacking a fake base station.

Private virtual network

The first and foremost line of defense for a user's privacy is a secure and anonymous connection to the Internet. How to maintain online privacy and erase the traces left behind?

The first of the available options is VPN for short. This solution is mainly used by companies that want their employees to connect to their internal network through a secure connection, especially when they are away from the office. Network confidentiality in the case of a VPN is ensured by encrypting the connection and creating a special virtual “tunnel” inside the Internet. The most popular VPN programs are paid USAIP, Hotspot, Shield or free OpenVPN.

VPN configuration is not the easiest, but this solution is one of the most effective in protecting our privacy. For additional data protection, you can use a VPN along with Tor. However, this has its drawbacks and costs, since it is associated with a loss in connection speed.

Speaking of the Tor network… This acronym develops as , and the reference to the onion refers to the layered structure of this network. This prevents our network traffic from being analyzed and therefore provides users with virtually anonymous access to Internet resources. Like Freenet, GNUnet, and MUTE networks, Tor can be used to bypass content filtering mechanisms, censorship, and other communication restrictions. It uses cryptography, multi-level encryption of transmitted messages and thus ensures complete confidentiality of transmission between routers. The user must run it on their computer proxy server. Within the network, traffic is sent between routers, and the software periodically establishes a virtual circuit on the Tor network, eventually reaching the exit node, from which the unencrypted packet is forwarded to its destination.

On the Internet without a trace

When browsing websites in a standard web browser, we leave traces of most of the actions taken. Even after a restart, the tool saves and transfers information such as browsing history, files, logins, and even passwords. You can use options to prevent this private mode, now available in most web browsers. Its use is intended to prevent the collection and storage of information about user activities on the network. However, it is worth knowing that working in this mode, we will not become completely invisible and will not completely protect ourselves from tracking.

Another important front of defense is using https. We can force data transfers over encrypted connections using tools such as the Firefox add-on and Chrome HTTPS Everywhere. However, the condition for the mechanism to work is that the website we link to offers such a secure connection. Popular websites like Facebook and Wikipedia are already doing this. In addition to encryption itself, the use of HTTPS Everywhere significantly prevents attacks that involve intercepting and modifying messages sent between two parties without their knowledge.

Another line of defense against prying eyes web browser. We mentioned anti-tracking additions to them. However, a more radical solution is to switch to a native browser alternative to Chrome, Firefox, Internet Explorer, Safari, and Opera. There are many such alternatives, for example: Avira Scout, Brave, Cocoon or Epic Privacy Browser.

Anyone who doesn't want external entities to collect what we enter in the search field and wants the results to remain "unfiltered" should consider the Google alternative. It is, for example, about. DuckDuckGo, that is, a search engine that does not collect any information about the user and does not create a user profile based on it, allowing you to filter the displayed results. DuckDuckGo shows everyone—regardless of location or previous activity—the same set of links, curated for the right phrase.

Another suggestion ixquick.com - its creators claim that their work remains the only search engine that does not record the user's IP number.

The very essence of what Google and Facebook do is the rampant consumption of our personal data. Both websites, currently dominating the Internet, encourage users to provide them with as much information as possible. This is their main product, which they sell to advertisers in a lot of ways. behavioral profiles. Thanks to them, marketers can tailor ads to our interests.

Many people understand this very well, but they do not have enough time and energy to part with constant surveillance. Not everyone knows that all this can be easily shaken off a site that offers instant account deletion on dozens of portals (including). An interesting feature of JDM is false identity generator - useful for anyone who does not want to register with real data and has no idea about a fake bio. One click is enough to get a new name, surname, date of birth, address, login, password, as well as a short description that can be placed in the "about me" frame on the created account.

As you can see, in this case, the Internet effectively solves problems that we would not have without it. However, there is a positive element to this battle for privacy and the fears associated with it. Awareness of privacy and the need to protect it continues to grow. Given the aforementioned technological arsenal, we can (and if we want) effectively stop the intrusion of “bad people” into our digital lives.