Introduction

Today’s world is an Internet world. These days, everyone wants to save their professional data and private content. With so much private information being shared over the Internet via social, email, the cloud etc, what can you possibly do to try to protect yourself? Many surveillance programs were going on to monitor the online activities and to find more critical information like PRISM, Tempora etc. And this means that all our private information is at stake. These surveillance programs intercept huge amounts of raw data, and store billions of communication records per day in its databases. Analysts can see nearly everything a user does on the Internet including emails, social media posts, web sites you visit, addresses typed into Google Maps, files sent, and more.

But there are certain ways described below from which we all can save ourselves from such monitoring like tracking of our calls, chasing to look for our password, digging into our data or misusing our private content.

Email

Email is an integral part of both our personal and professional lives.
Standard email messages are sent in plain text, so it’s possible for someone else to snoop on you and read them. When you encrypt mail, on the other hand, it makes the messages completely unreadable to anyone who doesn’t possess a decryption key.

Sendinc: Sendinc is a Web-based encryption email service which guarantees end-to-end encryption.

Sendinc uses 256-bit SSL encryption code. It works anywhere, on any email client, and from any web-enabled device.

How Sendinc works:

  • Sendinc encrypts the message with a unique one time encryption key.
  • The encryption key is sent to the recipients as a link. Only the recipient has the key, because Sendinc deletes the key from its servers.
  • The recipients can retrieve the message by following the link in the email and logging into their Sendinc account. The message is decoded securely using 256-bit SSL.

  • Enigmail: Enigmail is a data encryption and decryption extension for Mozilla Thunderbird and the SeaMonkey Internet suite. It enables you to write and receive email messages signed and encrypted with the OpenPGP standard. Enigmail works under Microsoft Windows, Unix-like, and Mac OS X operating systems.
  • Mailvelope: Mailvelope is a browser extension for Google Chrome and Firefox that allows secure email communication based on the OpenPGP standard. It can be configured to work with an arbitrary Webmail provider.

Web browsing

While searching the Web, we should search anonymously so that our IP will not be revealed to others, and we have the full benefits of searching.

  • Tor: The Tor software is a tool that can help you protect the confidentiality of your communications. Tor’s software will make it difficult for any snoops to see your webmail, search history, social media posts or other online activity. It prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked. You can use Tor on Windows, Mac OS X, or Linux

  • Ghostzilla: Ghostzilla is a Web browser designed for users who want to protect their personal information from prying eyes. It runs inside the windows of other applications, making it look like you’re reading your email or working on a project. Ghostzilla has a high level of security built into it, to the point when navigating becomes difficult due to the pop-up of many alert messages. You can create a user profile, so that your personal settings, browse cache, history, passwords, certificates, preferences are saved and password-protected.

Below are the add-ons that help keep you safe on the Web without hindering your full use of its best services.

  • Disconnect: Disconnect lets you visualize & block the invisible websites that track you. Disable tracking by third parties like Digg, Facebook, Google, Twitter, and Yahoo. Disconnect is available for Chrome, Firefox, Safari and for Opera.
    Truly depersonalize searches on search engines by blocking identifying cookies, not just changing the appearance of results pages, while staying logged into other services.

  • DoNotTrackMe: DoNotTrackMe helps to stop companies and advertisers from tracking your browsing and sending you spam email.
    DoNotTrackMe’s benefit isn’t just that it blocks trackers, but that it keeps the social Web active while protecting you.

  • NoScript: An absolute must-have security addon for your browser. NoScript gives you the power to specify the sites you trust, and only those sites will be allowed to run active content like Javascript, Java code and other executable code. The addon thus protects you from cross-site scripting attacks and clickjacking attacks.

  • HTTPS Everywhere: HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure.

Chat

Chat enables us to share messages over web. So we should use those chat applications those provide us encrypted chat with your friends. There’s a range of encrypted chat programs on the market. Some of them are as follow:

  • Cryptocat: One of the most popular and easiest to use is a program called Cryptocat, which is available for Mac, PC, Chrome, and Firefox. Cryptocat is open source software which provides easy to use, accessible encrypted chat with your friends, right in your browser. Cryptocat lets you instantly set up encrypted conversations. Cryptocat uses the OTR encrypted messaging protocol to offer accessible communications to everyone.

  • Jitsi: Jitsi is a free and open source multiplatform VoIP, videoconferencing and instant messaging application for Windows, Linux and Mac OS X. It supports protocols such as SIP, XMPP/Jabber, AIM/ICQ, Windows Live and Yahoo.
  • TorChat: TorChat is a decentralized anonymous instant messenger that uses Tor hidden services as its underlying Network.
    All TorChat traffic is encrypted end-to-end. TorChat buddies authenticate themselves by proving that they are reachable though there .onion address.

Phone

Phone calls can be encrypted like any other form of data, making them difficult or impossible to listen in on. There are a number of services to do this, from enterprise-level solutions to open source projects. Some of the services are as follow:

  • Linphone: Linphone is an Internet phone or Voice over IP phone. With Linphone you can communicate freely with people over the Internet, with voice, video, and text instant messaging. Linphone is available for both desktop computers and for mobile phones.

  • Silent Circle: Silent Circle is an encrypted communications firm providing secure multiplatform communication services for mobile devices, desktop and email. Silent Circle sends peer-to-peer encrypted texts, phone calls, video calls, and file transfers from your mobile device.
  • Ostel: Ostel is a tool for having end-to-end encrypted phone calls. Ostel is based on trusted security protocols using public-key encryption. Ostel works on Android, iPhone, Blackberry, Nokia, Mac, PC, and Linux through supported apps.

Search Engines

When it comes to searching, believe it or not, you really can live without Google. Few people realize that there are plenty of great alternative search engines. Some are as follows:

  • Startpage: Startpage encrypts all of your searches and apparently does not record your IP address or giving any personal user information to servers.

  • DuckDuckGo: DuckDuckGo distinguishes itself from other search engines by not profiling its users and by deliberately showing all users the same search results for a given search term.

Disk Encryption

Encryption is a method of protecting data by converting it to a format that is unreadable by anyone except those with a special key. Special key is provided to only those are authorized to access that data.

  • DiskCryptor: DiskCryptor is an open encryption solution that offers encryption of all disk partitions, including the system partition. Disk Cryptor provides support for various multi-boot options. It also provides full support for external storage devices. It uses AES-256, Twofish, Serpent or a combination of cascaded algorithms in XTS mode to carry out encryption.
  • TrueCrypt: TrueCrypt is software for establishing and maintaining data storage in an encrypted volume, in which data is automatically encrypted right before it is saved and decrypted right after it is loaded, without any user intervention. Individual algorithms supported by TrueCrypt are AES, Serpent, and Twofish. Additionally, five different combinations of cascaded algorithms are available: AES-Twofish, AES-Twofish-Serpent, Serpent-AES, Serpent-Twofish-AES and Twofish-Serpent. TrueCrypt supports Microsoft Windows, OS X and Linux operating systems.

Cloud Storage Services

Cloud storage can improve small business owners’ capability to access, share, and protect their company’s data, particularly when they have a limited capacity or desire to manage on site technology resources, but keeping that data safe is a challenging task. Following are the applications that help us to achieve privacy.

  • Seafile: Seafile is a next-generation open-source private cloud-sharing system with advanced features on file syncing, privacy protection and teamwork with the help of it you have the flexibility of group sharing and multiple projects.
    • SparkleShare: SparkleShare is open-source client software that provides cloud storage and file synchronization services. By default, it uses Git as a storage backend. SparkleShare is a useful application designed to provide users with a simple means of sharing their files and enhancing the collaboration among users who work on the same project.
    • Pydio: Pydio is an open source file sharing platform, with simple and sleek web and mobile apps, hosted securely on your servers and private clouds. It is so easy to install.

One of the biggest concerns when using the popular online storage service like Dropbox, Box.net, or SkyDrive is the privacy. The only way to protect private belongings while still using these awesome services is to safely encrypt them before storing them to the cloud. Some programs are as follows:

  • BoxCryptor: BoxCryptor is a cryptographic virtual hard disk that encrypts all data on the fly using the AES-256 standard. Encrypted data is stored in an arbitrary directory of your choice. BoxCryptor runs in all Windows, Linux, OS X, iOS, and Android platforms.
  • Cloudfogger: Cloudfogger encrypts your data with 256-bit AES encryption on your own Windows or Macintosh computer, before it is uploaded to the cloud. Cloudfogger file decryptor software is also available for Android and Apple smartphones and tablets so that you can read your own files that you retrieve from the cloud. Cloudfogger-protected files can also be shared without sacrificing security.

Social Media

As the popularity of MySpace, Facebook, Twitter and other social sites grows, so do the risks of using them. Hackers, spammers, virus writers, identity thieves, and other criminals follow the traffic. It is advisable to think carefully before publishing private information and pictures on social sites.

Here are some security tips to protect you while you are using social networks.

  • Be extra careful before clicking on links.
  • Be mindful of accessing your social media accounts on public wireless connections, such as at a coffee shop or airport.
  • Don’t trust that a message is really from who it says it’s from.
  • Be selective about who you accept as a friend on a social network.
  • Pick a strong password, keep it secure, and change it frequently.
  • Use different passwords for different accounts.
  • Enable two-factor authentication whenever possible.
  • Never ask a website to save your login information.
  • Password-protect your mobile device.

Several Tools Providers

Want to learn more?? The InfoSec Institute CISSP Training course trains and prepares you to pass the premier security certification, the CISSP. Professionals that hold the CISSP have demonstrated that they have deep knowledge of all 10 Common Body of Knowledge Domains, and have the necessary skills to provide leadership in the creation and operational duties of enterprise wide information security programs.

InfoSec Institute's proprietary CISSP certification courseware materials are always up to date and synchronized with the latest ISC2 exam objectives. Our industry leading course curriculum combined with our award-winning CISSP training provided by expert instructors delivers the platform you need in order to pass the CISSP exam with flying colors. You will leave the InfoSec Institute CISSP Boot Camp with the knowledge and domain expertise to successfully pass the CISSP exam the first time you take it. Some benefits of the CISSP Boot Camp are:

  • Dual Certification - CISSP and ISSEP/ISSMP/ISSAP
  • We have cultivated a strong reputation for getting at the secrets of the CISSP certification exam
  • Our materials are always updated with the latest information on the exam objectives: This is NOT a Common Body of Knowledge review-it is intense, successful preparation for CISSP certification.
  • We focus on preparing you for the CISSP certification exam through drill sessions, review of the entire Common Body of Knowledge, and practical question and answer scenarios, all following a high-energy seminar approach.
  • A/I: A/I provides several tools for anonymous communication and sharing. A/I keeps no logs of connections and doesn’t record any direct information matching services, identities and users’ names.

Secure Communication tools provided by A/I are:

  • Email
  • Blogs
  • Mailing lists, Newsletters and Forums
  • Web Hosting
  • Instant Messaging and Chat
  • Anonymity Services and Personal VPNs
  • Software project hosting
  • Riseup: Riseup provides online communication tools. Riseup do not log your IP address. All your data, including your mail, is stored by riseup.net in encrypted form.

Secure Communication tools provided by Riseup are:

  • Email
  • Mailing Lists
  • VPN, chat, and etherpad services (in testing phase)

Conclusion

Keep in mind however, that no system can be considered 100% secure, but the services listed above are going to make it much more difficult for anyone to keep track of you. Use your privacy settings wisely and be aware.

References