Improving Your Internet Privacy, Part I
Posted on: 03/05/2018 03:55 PM

by John Young

And it's also not funny considering that our out-of-control government bureaucracy can just drop off a subpoena and get a list, from your ISP, of either every customer who has visited a certain website (such as ours), or even every website that you, personally, have visited.

When I was a kid, I checked a lot of books out of the library. A lot of books. And some books that I found particularly interesting, I checked out multiple times. Although it isn't widely considered today, librarians have a certain code of ethics. Specifically, they will tell nobody, ever, for any reason, what books you have checked out to read. When recent laws, such as the mis-named "Patriot Act" expanded government surveillance authority, librarians all over the country literally purged their records to maintain their patrons' privacy.

I didn't understand all of the big-brained stuff behind this when I was a kid, and I didn't really realize how important it was, how central it was, to keep this information private. So throughout elementary, middle and high school I blissfully worked my way through The Three Investigator's series, books on relativity, obscure books of poetry, all of the Greek playwrights and even political works like Mein Kampf. I was curious about everything. When I went to college, I got my first taste of how important this privacy was when a classmate of mine reported me for having a checked-out copy of the Communist Manifesto on my bookshelf. (I went to a college where being a commie wasn't cool, but that has since changed.)

I wasn't a communist, of course. But I never take for granted what others say about a subject, and I wanted to understand my enemy in his own words. Nevertheless, that caused me a bit of angst. My next round of angst came from a classmate reporting my possession of Kurt Saxon's "Poor Man's James Bond" -- which I read more for amusement than anything else. This necessitated a meeting with my "advisor" who "advised" me that "people" were getting "concerned." One day I figured out who the classmate was who was reporting me ... But I digress.

The point I am making here is that the switch from reading books checked out from a library in the privacy of my childhood home ... to having those books in a more public dorm room made a big difference in my level of privacy -- and that there are, or can be, reprisals made merely on the basis of totally incorrect assumptions on what your intent "must" be, based solely upon what you read.

So what?

Let's fast forward a bit. With little fanfare or media reporting, big names in the Internet space like Comcast and Verizon have spent a lot of time and money securing certain unprecedented rights. Most relevant to our current discussion is that they have secured the specific right to be able to use your browsing history -- what you search for on the Internet or what websites you visit -- in whatever way they desire.

Because most search engines encrypt your traffic to them by default, your ISP can't directly see what you typed into the search engine. But what they CAN see is the URL of every web site you visit. Using the analogy of a library, they can't see what you typed into the card catalog, but they can see every book you have checked out.

And as of this point, they are free to use that information in whatever way they wish. They are starting to use it for advertising -- and some of the results would be amusing were it not for the privacy implications. It's funny to see my family members getting advertisements for stuff that interests me, but in which they have no interest themselves. But it wouldn't be so funny if it pertained to a medical condition I was keeping private to prevent needless worry.

And it's also not funny considering that our out-of-control government bureaucracy can just drop off a subpoena and get a list, from your ISP, of either every customer who has visited a certain website (such as ours), or even every website that you, personally, have visited.

That is a serious problem.

When I was in 4th grade I checked out a book called "Everything boys want to know about girls." It wasn't exactly political dynamite. But I would have died from embarassment had the librarian revealed that I checked it out.

But on the Internet, there is no librarian. There is no code of ethics. There is no privacy -- especially from corporations whose only standard of value is the dollar, and no loyalty to anything else.

So where do you start to get back a bit of your privacy?

This is a long subject -- some parts of it are easy, and some parts of it are technical. Few people will implement everything I bring up in this series, but even implementing a bit of it will help.

So I am going to start with a piece of "low hanging fruit:" DNS.

The Internet's Domain Name System is what translates the name of a website that you visit into an IP address that your computer can use. Every ISP maintains DNS servers, and when you get your connection information from them (usually via DHCP) they automatically supply the addresses of their DNS servers.

This is the easiest place for them to look -- all they need to do is " grep 'your ip' bind.log " and they have a list of every single URL your browser has looked up. All nice, convenient and pre-packaged in one place. Or, they can instead do " grep '' bind.log " and get a list of all their customers who visit this website, and send it to whomever they wish.

Home and office network setups are very individual, so I can't give you step-by-step details on how to do this, but I can tell you that most home routers allow you to take just the ip address from your ISP, and to instead put in a different name server address for your DNS.

The privacy vulnerability that DNS represents has long been known and understood, so there are a number of different projects in the works for providing alternative DNS servers that you can use -- both to protect privacy and to bypass censorship. All you have to do is program your home router, or your PC, to use one of these alternative DNS servers instead of the one provided by your ISP. If you dig just a little, you'll find this is easy to do, and some of the alternative DNS providers (all of them are free) even give instructions to help with various scenarios.

The OpenNic Project provides publicly available DNS servers world-wide. I use these myself, with good results because they also resolve alternative Top Level Domains not available through regular Internet.

Uncensored DNS is a smaller project, but potentially of great value to our European friends, who have to contend with heavy censorship.

Hurricane Electric is best known for their free ipv6 proxy tunnels, but they also provide publicly available DNS servers.

So your mission until my next entry in this series is to change from using your ISPs DNS to using an alternative. It is a small step, very easy, and breaks the chain of allowing your ISP to catalog all the sites you visit.

Printed from Western Voices World News (