Keeping Things Private Online

A
DIGITAL LIFE E-GUIDE
Keeping Things
Private Online
Ever had your status update read by more people than you
intended? Did your last embarrassing search query pop up while
showing something to your friend? Has anyone ever hacked into
your email account?
Anything you post or do online can be seen by strangers, used by
companies for advertising purposes, or even misused by people
with malicious intent.
Your online privacy is constantly at risk. Fortunately, there
are tools you can use to protect it. They will not only help you
minimize the amount of personal data tracked by websites and
services, but they can also be used to tighten the security of your
accounts, making sure no data goes out without your consent.
We’ve classified these privacy tools into three categories—browser
tools and features, online tools, and site/app settings and features.
Browser Tools
and Features
Plug-ins and Extensions
Plug-ins and extensions expand your browser’s functionality,
but did you know they can also increase your privacy? Some
extensions like Adblock Plus1 disable cookies and plug-ins that
track your activity. They also disable social media buttons,
which send your data to social networking sites like Facebook
and Google+.
Private Browsing
Don’t want anyone knowing about your frequently visited sites
or personal search queries? Opt for private browsing. It allows
you to go online without saving your personal information,
browsing history, or cache on the device you’re using. Most
browsers offer private browsing modes like Private Browsing
(Safari, Firefox), Incognito (Chrome), and InPrivate Browsing
(Internet Explorer). The option is available on some mobile
browsers like Firefox for Android.2
You can find the private browsing option under your browser’s
Tools, Settings, or Options menu. You can also use keyboard
short-cuts like Control/Command + Shift + N (Chrome, Opera)
or Control/Command + Shift + P (Firefox, Internet Explorer).
While private browsing clears your browser of your online
activities, websites, ISPs, and even your employers can still track
the pages you visit in real time.
1 http://adblockplus.org/
2 http://www.mozilla.org/en-US/mobile/
Delete Cache, Cookies, and History
Every time you go online, you leave a trail of digital “crumbs” in the
form of cookies, cache, and browsing history. Regularly deleting
these can remove traces of your online presence and activities.
There is a drawback though. Deleting cookies will require you to
enter your user name and password each time you visit a site.
You can delete your cookies, cache, and history by accessing the
Tools, Setting, or Options menu.
Disable Autofill/Autocomplete
Relying on browsers to remember your data might seem
convenient. Imagine not having to type the same things over and
over again. But this convenience can come at a price. The autofill
feature can reveal data you don’t want others to see, like your user
names and passwords.
You can disable this feature on the Tools, Settings, or Options menu.
Online Tools
Anonymizers or Proxy Avoidance Tools
If you want to make your online activity untraceable, use
anonymizers. These act as proxies between the Internet and your
computer. They hide any information revealing your computer’s
identity, such as your IP address and your exact location.
Anonymizers aren’t limited to desktop computers. Tor Project,
a non-profit organization specializing in secure and private
communications, offers desktop browsers3, an iOS browser4 and
an Android app5 to help hide your online presence.
Privacy Scanners
Just how much personal information goes in and out of the sites
you visit? Using privacy scanners, you can check your current
privacy settings on websites and get recommendations on what
to improve.
Privacy scanner apps are also available for mobile devices.
Trend Micro™ Privacy Scanner for Facebook lets you monitor
and control who can contact you or access your personal
information.6 Some privacy apps can even identify which of your
apps gather what type of information, so you can be aware of
any activity happening without your knowledge.
Self-Destructing Messages
Make sure no one else reads the private messages you send by
using self-destruct messaging services like BurnNote.7 Once your
messages are sent out to and read by your intended recipient, all
traces of them are deleted.
3
4
5
6
7
https://www.torproject.org/projects/torbrowser.html.en
http://itunes.apple.com/us/app/onion-browser/id519296448?mt=8
https://play.google.com/store/apps/details?id=org.torproject.android&hl=en
https://play.google.com/store/apps/details?id=com.trendmicro.socialprivacyscanner
https://burnnote.com/
Site/App Settings
and Features
Privacy Settings
Don’t settle for the default. It’s always better to tinker with your account
settings. Most social networking sites have a comprehensive list of
privacy settings. Facebook, for example, lets you control the how much
of your information people can view. Twitter also offers private accounts,
allowing you to screen who can view your tweets.
Some companies, like Google, provide you a master account for all their
sites. You can “turn off your Google Web History” so your search queries
and other activities won’t be linked to your online profile.8
Multi-factor Authentication
You don’t want strangers snooping in your email accounts and reading
your private messages. That’s why passwords exist, right? But relying on
passwords alone can be risky since they can be cracked.9 This is where
multi-factor authentication comes in.
Multi-factor authentication makes accounts more secure because it uses
“something the user knows” (your password) and “something the user
has” (a phone). Prying eyes won’t be able to open your accounts because
even if they guess your password, they will also need your phone,
containing the code you were sent.
Several services and sites now offer multi-factor authentication.
Facebook10, Google11, and Yahoo!12 all have settings for this feature. Other
sites like Amazon and WordPress support multi-factor authentication via
the Google Authenticator app.13
8
9
10
11
12
http://support.google.com/accounts/bin/answer.py?hl=en&answer=54057
http://arstechnica.com/security/2012/08/passwords-under-assault/
https://www.facebook.com/note.php?note_id=10150172618258920
http://support.google.com/accounts/bin/answer.py?hl=en&answer=180744
http://developer.yahoo.com/blogs/ydn/posts/2011/12/yahoo-introduces-stronger-user-authentication-second-sign-in-verification/
13 https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en
End User License Agreements (EULAs)
EULAs—those long and often confusing statements you need to
agree to before signing up for accounts—have become the bane of
users everywhere. In fact, a lot of users don’t bother reading them.14
Though the EULA is technically not a privacy feature, it can help
you gauge the amount of privacy you’re given. Familiarity with
EULAs is also an advantage, given how some sites change their
policies regularly. For instance, Instagram updated its policy to
claim the right to users’ photos without payment or notification.15
After much backlash, it removed that particular detail in its policy.16
14 http://www.theregister.co.uk/2012/12/04/feature_tech_licences_are_daft/
15 http://news.cnet.com/8301-13578_3-57559710-38/instagram-says-it-now-has-the-right-to-sellyour-photos/
16 http://news.cnet.com/8301-1023_3-57559890-93/instagram-apologizes-to-users-we-wontsell-your-photos/
Abuse and
Responsible Use
As the term implies, privacy tools are meant to protect
your privacy. However, these tools can also be abused by
cybercriminals to mask their identities and illegal activities. Your
fellow users could likewise misuse these tools for activities that
may be illegal or malicious.
Sudden and unannounced changes to EULAs can also be viewed
as abuse. EULAs may contain or add stipulations that may
actually be detrimental to your privacy.17 Your data can actually
be turned over to law enforcement without your knowledge.
So what can you do?
Familiarize yourself with privacy settings and tools. There are
many privacy tools offered online, most of them free. Also keep
yourself updated with the latest changes to the policies of your
frequently used sites. They may affect your online accounts and
the information you share. Always take the time to explore and
adjust your privacy settings accordingly.
Remember, everyone has the right to privacy, but this doesn’t
mean they should abuse the tools intended to protect that right.
Protecting your privacy comes with exercising your right to be a
responsible online citizen.
17 http://business.time.com/2012/08/28/7-surprising-things-lurking-in-online-termsof-service-agreements/
TREND MICRO
TRENDLABS
Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global
cloud security leader, creates a world safe for exchanging
digital information with its Internet content security
and threat management solutions for businesses and
consumers. A pioneer in server security with over
20 years’ experience, we deliver top-ranked client, server
and cloud-based security that fits our customers’ and
partners’ needs, stops new threats faster, and protects data
in physical, virtualized and cloud environments. Powered
by the industry-leading Trend Micro™ Smart Protection
Network™ cloud computing security infrastructure, our
products and services stop threats where they emerge—
from the Internet. They are supported by 1,000+ threat
intelligence experts around the globe.
TrendLabs is a multinational research, development,
and support center with an extensive regional
presence committed to 24 x 7 threat surveillance,
attack prevention, and timely and seamless solutions
delivery. With more than 1,000 threat experts and
support engineers deployed round-the-clock in labs
located around the globe, TrendLabs enables Trend
Micro to continuously monitor the threat landscape
across the globe; deliver real-time data to detect, to
preempt, and to eliminate threats; research on and
analyze technologies to combat new threats; respond
in real time to targeted threats; and help customers
worldwide minimize damage, reduce costs, and ensure
business continuity.
Copyright ©2013 by Trend Micro, Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend
Micro, Incorporated. All other product or company names may be trademarks or registered trademarks of their owners.
LEGAL DISCLAIMER
The information provided herein is for general information and educational purposes only. It is not intended and should not be construed to constitute legal advice.
The information contained herein may not be applicable in all situations and may not reflect the most current situation. Nothing contained herein should be relied
or acted upon without the benefit of legal advice based upon the particular facts and circumstances presented and nothing herein should be construed otherwise.
Trend Micro reserves the right to modify the contents of this document at any time without notice.
Translations of any materials into other languages are intended solely as a convenience. Translation accuracy is not guaranteed nor implied. If any questions arise
related to the accuracy of a translation, please refer to the original language official version of the document. Any discrepancies or differences created in the
translation are not binding and have no legal effect for compliance or enforcement purposes.
Although Trend Micro uses reasonable efforts to include accurate and up-to-date information herein, Trend Micro makes no warranties or representations of any
kind as to its accuracy, currency or completeness. You agree that access to and use of and reliance upon this document and the content thereof is at your own risk.
Trend Micro disclaims all warranties of any kind, express or implied. Neither Trend Micro nor any party involved in creating, producing or delivering this document
shall be liable for any consequences, losses, or damages, including direct, indirect, special, consequential, loss of business profits or special damages, whatsoever
arising out of access to, use of or inability to use, or in connection with the use of this document, or any errors or omissions in the content thereof. Use of this
information constitutes acceptance for use in an “as is” condition.