Categories
Privacy

VPN

VPN = Virtual Private Network

VPN is a Virtual Private Network and establishes a protected network connection when using public networks. VPN encrypts your internet traffic and disguises your online identity by giving you another IP address. This makes it more difficult for third parties to track your activities online and steal your data.

Many people around the world are freaking out about their online privacy and rightfully so since, in 2017, the USA Senate voted to allow internet providers to share your private data with advertisers. While we recognise that it is very important to protect your privacy, it doesn’t mean that you should sign up to a VPN service and tunnel all your internet traffic through VPN servers.

VPN does not make you entirely anonymous.

When you connect your computer or mobile phone to a VPN server, you establish an encrypted tunnel between your device and the VPN server. Nobody can see what is happening in the middle of this tunnel, not even your Internet Service Provider or ISP. But it doesn’t make you magically anonymous.

You are just moving the risk of being spied upon all the way down the VPN tunnel as the VPN company can see all of your internet traffic and as a mather of a fact, some VPN services sell your data to advertisers (you may not believe this but it can even be sold to scammers).

But a VPN can be useful from time to time… Sometimes you cannot access a website from a public network because it is blocked. You may also have to travel to a country with strong censorship and you want to access your XOGUM.eMAIL account. In those cases, it is all about minimizing the risk of privacy invasion while you use a VPN.

HTTPS everywhere is the way to go!

Nowadays, many websites rely on HTTPS to establish a secure connection between your browser and those same websites. Our website uses HTTPS, obviously. You should install the HTTPS everywhere extension to make sure that you are using HTTPS as much as possible.

HTTPS Everywhere is produced as a collaboration between the Tor Project and the Electronic Frontier Foundation. Many websites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP or have encrypted pages with links that forward to an unencrypted website. The HTTPS Everywhere extension fixes those problems by using clever technology to rewrite the HTTP requests into HTTPS.

Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computers’ network and is widely used on the Internet. In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or even Secure Sockets Layer, also known as SSL. The protocol is therefore also referred to as HTTP over TLS or HTTP over SSL.

The main reason for using HTTPS is the authentication of the accessed website and the protection of the privacy and integrity of the exchanged data while in transit. It protects against man-in-the-middle attacks, and the bidirectional encryption of communications between a client and a server protects the communications against eavesdropping and tampering.

VPN Virtual Private Network
VPN Virtual Private Network

WebRTC Protect – Protect IP Leak

If you use WebRTC, you can add real-time communication capabilities to your application that works on top of an open standard. It supports video, voice and generic data to be sent between peers, allowing developers to build powerful voice and video communication solutions. The technology is available on all modern browsers as well as on native clients for all major platforms.

Two things might happen even when you use a VPN, especially if you use a free VPN, leaking DNS servers and WebRTC leaks. DNS leaks will reveal which websites you visit and WebRTC leaks will reveal your public and private IP addresses. You can find this superb extension on the Chrome Web Store.

https://chrome.google.com/webstore/detail/webrtc-protect-protect-ip/bkmmlbllpjdpgcgdohbaghfaecnddhni

This extension hides your private and public IP addresses by configuring how WebRTC’s network traffic is routed. Protects against WebRTC leaking your public and private IP addresses. This extension also configures how WebRTC network traffic is routed by altering your browser’s privacy settings that also controls whether WebRTC Media Device Enumeration API returns anything or not. Requires WebRTC traffic to go through proxy servers. If UDP is not supported, non-proxied UDP traffic is turned off.

Browser Tracking using Favicons in Incognito Mode

Most of the modern web browsers make an automatic favicon request on each webpage load. By exploiting the small website icons that are usually called Favicons and that are visible on each browser tab, it is possible to create a unique identifier using subdomains and redirections that cannot be blocked by anti-tracking extensions, clearing cookies or even a good VPN and incognito mode.

Many common web tracking methods use the famous cookies but device fingerprinting is getting much more effective at avoiding the usual countermeasures. Device fingerprinting is a way to combine certain attributes of a device, such as what kind of operating system it uses, the type and version of the web browser being used, the browser’s language settings and the device’s IP address, all being done to identify it as a unique device. Data is the new Gold.

Automatic Favicon Requests

Just like any other user agent request, a favicon request opens a communication dialogue between your browser and our server. This results in one more HTTP request and about 1.5 KiloBytes extra to be loaded, which is an unnecessary waste of performance if we don’t have a favicon and it is quite annoying on a testing or developing website when we want to run performance checks.

How to prevent the Automatic Favicon Request:

We have completely removed the automatic favicon request on our WordPress website by adding the following line of code to the <head> section of our HTML webpage: <link rel=”icon” href=”data:,”>

This little code snippet assigns an empty data URL to the favicon’s <link> element which specifies the location of the external resource. This simple but very useful trick stops your browser from sending an automatic HTTP request to get our favicon.

Millions of users concerned about their privacy when browsing the Internet are using tools to hide their activity as much as possible, with methods like the web browser in incognito mode or even the use of a VPN or Virtual Private Network. However, this SuperCookie, a favicons tool to assign a unique identifier to all users of a website, will allow to perform a detailed track of all the online activity of the target user.