Programs for the Paranoid

Introduction

Those of us using Windows as our operating system have no doubt heard the many voices out there telling us that our platform is insecure. Most of us have heeded the warnings, ensuring that our programs are regularly patched and that we have a virus scanner, firewall, and spyware detection/removal program. That takes care of our security, but what about privacy? There are those out there that would love to get their hands on our information, even if they are unable to break into our systems to get it. In this Information Age, there is a need for programs geared toward preventing private information from getting out into the public domain.

Open source applications into which people can continually look for holes and thereby patch them quickly are the standard for dependability. Therefore, all five of the open source programs in this list are ones that can be trusted to perform brilliantly. They encompass all aspects of computing, from using the Internet to manipulating files on a computer. They are all designed to give you that extra piece of mind in regards to your sensitive data. Best of all: every one of them is free.

Web Browsing

Firefox is the alternative web browser already known to be more secure than Internet Explorer in many ways, but it can help protect your privacy as well, if you take the time to configure some settings within it.

Cookies are saved to your computer when you visit web sites on the internet and can be very useful for both web site developers and advertising companies. If an advertising company such as DoubleClick sends you a cookie on a site in which one of its ads is loaded, it can detect that same cookie with its tracking information on any other site you visit which carries DoubleClick's ads. They can then create a profile of your interests by examining which sites you have visited, which, if you are concerned about your privacy, you will not want them to do.

If someone has access to your computer, they may be able to determine your surfing habits by examining the traces you leave behind after you close your browser. Those traces include cookies from both advertising companies and sites you have visited as mentioned above, the "History" of the web sites you have typed into the address bar, the information you enter in forms on web pages, the list of files you have downloaded, and the "Cache", the pictures and content saved to your computer's disk when you visit a web site for quick viewing later if you visit it again and it has not changed.

The solution in Firefox is to click on "Tools" on the menu bar and then click on "Options" to bring up a menu. If you click the "Privacy" icon on the left hand side, you can gain access to a wealth of options designed to protect you as you browse the web. Under "History", you can reduce the number of days the list of sites you have visited is kept, even reducing it to zero if you so choose. You can uncheck the box to save information entered on web pages under "Saved Form Information" to prevent credit card information and other personal data from being automatically entered on sites you have previously entered it before. You can have the list of files downloaded be cleared when Firefox is closed or, if it is left open for long periods, as soon as a download is completed. Under "Cookies" a privacy-conscious person can ensure that cookies are downloaded only for the site visited as well as having a prompt come up every time a site not visited previously wants to set a cookie. For trusted sites, you can "Allow" the cookie, enabling it to remain on your computer for however long the site specifies, or "Allow [the cookie] for Session", removing the cookie as soon as the browser is closed. For sites you do not trust, the prompt will let you "Deny" the cookie, preventing it from ever coming onto your computer at all. Firefox also has the convenience of allowing all potentially incriminating evidence to be cleared for all of the above with one click of the "Clear" button.

The above might have easily been discovered through simple exploration of the interface, but an even lesser known capability of Firefox is to not send what is known in technical jargon as the "referrer" to a web page when you visit a site. Simply put, when you click on a link on one web site and get directed to another, your browser's request for the new web site includes information on the address of the old site. Those with access to the site's server logs can use this information to track what other sites you have visited. You may not like this possibility, and Firefox comes to the rescue.

If you type "about:config" in your address bar, you will gain access to a huge number of hidden configuration options. The one of interest in this case can be found by typing "network.http.sendReferrerHeader" into the "Filter" box. If you right click on the one line that shows up below and select "Modify" and then enter "0" instead of the default "2", that referrer will no longer be sent when you visit a new web page by clicking a link on another. It will be as though you simply entered the address in your address bar directly. You may need to keep this technique in mind, though, in order to reverse it temporarily, as some sites rely on the referrer for their proper operation.

Few other browsers make it as simple to protect your privacy as Firefox, and so for web browsing, it is the web browser of choice.

Anonymous Internet

Even if you delete all traces of your activity on your computer, your privacy can still be at risk when you use the Internet. When you visit a web site, chat on AIM, MSN, or Yahoo, communicate with others on Internet Relay Chat, download a file from an FTP site, or pretty much do anything that involves a modem of some sort, you are assigned a unique number called an IP address. That may change every time you connect to the Internet if you use dial-up, or it may remain constant if you are on a broadband service such as cable or DSL. Either way, whenever you use the Internet, chances are your IP address is logged on someone's server somewhere, maintaining a record of what you were doing. This can be a problem because if your IP address never changes on broadband and you visit multiple sites operated by the same person, he/she can associate all the visits with you.

In addition, even if your IP address changes, it can give out a good deal of information just by itself. Your Internet Service Provider can only assign you an IP address within a certain range of IP addresses that it owns, meaning that anyone looking at your IP and putting it into a tool that examines it can find out a great deal of information about you. They can determine your Internet Service Provider and location. If it is too hard to believe, visit showmyip.com to see it for yourself.

Traditionally, the solution to this has been to use an anonymous internet proxy with your internet applications, that is, another computer that you route your connections through that does not reveal your IP address to the sites and services you connect to, but rather its own IP address. However, these proxies usually do not stay up for very long, and many of them may keep a log of connections to them, allowing someone with access to those logs to determine what your real IP was. Not only that, your communications through them are not encrypted and so anyone monitoring your traffic through them can see where you are connecting, that you are the source, and what you are transmitting.

Here is where a program called Tor comes in. It involves routing your internet communications through three different computers operating Tor before finally reaching its destination. It makes it extremely difficult for anyone to track the route back to your computer, since the route is always changing, none of the computers keep logs, and the IP that they see is not the IP that you are coming from. In addition, the communication between those computers is encrypted three different times to keep what you are sending secret from anyone operating the program at the first or second computers. The third computer finally decrypts the data and sends it to your destination and could possibly examine it to see what it contains, but only people who have completed an application to determine trustworthiness can be one of those third computers. This picture from the site helps to create a picture:

You can install the program and simply use the network, or you can go further and volunteer to be one of the computers that the traffic of others goes through, helping improve the anonymity of the network and making connections go faster. Just like a regular proxy server, it will not be as fast as your normal Internet connection, but it will be more dependable, as even if one computer that is part of the network goes down, hundreds more are there to take its place. As more people volunteer to not just use the network, but participate in it, it will become even faster. And you may be willing to sacrifice some speed for the sake of anonymity.

Even using Tor to ensure that your communications over the Internet are anonymous, in regards to web browsing, there is one kink that would still expose your identity. When you type in a web address such as http://dolphinlover.org your computer must connect to a computer other than the one hosting the website in order to find out the IP address of the computer hosting the website. That computer is called a Domain Name Server and translates http://dolphinlover.org into 217.160.234.126. This comes to the problem with Tor. If you type in a web address for a computer on the web, when you go and ask the Domain Name Server for the IP address that corresponds to it, your communication with the Domain Name Server is not routed through Tor and so anyone with access to the logs on it can figure out which sites you have been looking up.

To prevent this from happening, you should use Privoxy with Tor. It sits between you and Tor, making sure that when you type a web address into a browser (or any other application using addresses starting with http) that when you talk to the Domain Name Server, the request is routed through Tor. There is more reason than that to install Privoxy. When its web filtering options are enabled, it prevents your web browser from sending certain data to web sites that would reveal too much about you, prevents images that are known sizes for banner ads from loading, and stops scripts that would be malicious from starting. Information on configuring Tor and Privoxy with a browser such as Firefox and other internet application can be found in the installation instructions available on Tor's website.

File Erasing

Regardless of whether you use the Internet or not, your own activities on your computer can leave your privacy vulnerable if someone gains physical access to it. Proper protection must be implemented to prevent those people who would try to discover your most intimate secrets from coming to light.

One of the biggest misconceptions people have when they delete a file is that it is actually deleted. That is partially due to the fact that it is sent to the Recycle Bin, but even when you empty the Recycle Bin, the file is still on your hard drive. All Windows has done is eliminated the reference to it on a list of files and their locations on the hard drive. Any simple file-recovery tool that you can download off of the Internet can make that supposedly "deleted" file no longer deleted. It is not until the file is overwritten with new data that it becomes difficult to recover, and the more it is overwritten, the less likely it is that someone could recover it.

If you want your "deleted" files to be truly deleted, you have to get what is known as a "file shredder", a program that will not only "delete" the file, but overwrite it multiple times so that it cannot be recovered by anyone. A good program for that is Eraser, which does just as its name suggests. Unlike most other file shredders, it is free and open source.

It can not only erase files, but also make sure that files you deleted previously are no longer there by overwriting the free space on your hard drive with certain patterns. You can schedule it to overwrite the empty space on your drive when your computer is not in use, or erase the files within a certain folder after a period of time.

It is no slouch, allowing you to either overwrite files once with random data, three or seven times using the United States' Department of Defense's method of removing sensitive data, or even 35 times using a method created by Peter Gutmann, a computer science professional.

File Encryption

What about the files on your computer that you have not deleted? Since you need to be able to open them, surely someone else could open them as well? If you have data you do not want anyone else to see within those files, this poses quite the dilemma. The way out of this is to encrypt your files, make them unreadable without the proper password entered to decrypt them.

An excellent file encrypter for Windows that will eventually be available for Linux as well is TrueCrypt. You can either encrypt an entire partition on your hard drive (a section of it that you have split off from the rest) or create a container of a certain size as a file within a section of your hard drive that you wish. When you enter your password within the program to access the encrypted section of your hard disk, TrueCrypt makes it so those files are accessible under a different drive letter than the normal one you work with. If your hard disk is C and your CD-RW drive is D and your DVD-ROM drive is E, you can "mount" the encrypted area of your drive as anything from F through Z.

It is a complicated explanation for something that makes it easy for you to encrypt your sensitive files. This program integrates so well with Windows that you will almost forget you are dealing with encrypted files. It supports "on-the-fly" encryption, which means you can double-click files within that virtual drive and decrypt them immediately to manipulate them and you can save files into that virtual drive to have them become encrypted immediately and password protected. As soon as you "demount" the virtual drive with your encrypted files, nobody else can access them without the password and those files on the drive simply appear to be random data.

It even supports encrypted virtual drives within encrypted virtual drives. If you think someone might force you to decrypt a virtual drive, you can even hide one inside another with the feature the program has where you can enter one password to decrypt files in the outer one that are simply distractions and another password for the hidden files in the inner one that hold truly sensitive data.

As for the encryption itself, it is unmatched. The program has detailed descriptions of each, to help you choose. You can use 256 bit AES encryption, which is what United States federal departments use to encrypt their data, 128 bit CAST5 encryption, used by the Canadian government to encrypt theirs, as well as 448 bit Blowfish, 256 bit Serpent, 3x56 bit Triple DES, or 256 bit Twofish. Is one method alone for your data not good enough? Well then, choose from AES/Blowfish, AES/Blowfish/Serpent, AES/Twofish, AES/Twofish/Serpent, AES/Serpent, AES/Serpent/Twofish, or Serpent/Twofish.

Conclusion

The above programs will help you to protect yourself against those who would seek to get their hands on what is most valuable to you -- your information. With your personal information, someone can steal your identity. With your most precious secrets, someone can absolutely ruin your life. You need dependable applications that work to secure you and your data. And they ought to be free, because privacy should not come at a price.