5 Tips for Paranoid People on the Internet

Internet Security

Do you remember that old quote, “Just because you’re paranoid doesn’t mean they aren’t after you?” It seems like it is becoming more and more relevant every day. Almost weekly, a new scandal emerges from Big Tech, detailing the wholesale trading and theft of our personal information. But aside from all the headline-grabbing, one-off incidents, the much bigger concern is the day to day invasions of our privacy that are just standard policy for many of these companies.

In fact, it’s how they make most of their money.

Add to this the ever increasing and complex systems of government surveillance and tracking (most of which we’ll probably never really learn about), and you can be forgiven for feeling like you’re being watched every second you’re online.

Fortunately, there are plenty of people who feel the same. Many are finding ways and creating tools to help all of us stay safe and maintain our privacy while using the internet. The quick, simple steps that follow will block you from the most invasive spying and tracking on the internet, boost your privacy, and keep you safe.

1. Purge your Facebook

There may be no other organization that has become more notorious with invasions of privacy as quickly as Facebook. In just a couple of years, Mark Zuckerberg and his company seem to have completely fallen from grace in the eyes of many politicians, security experts and, indeed, users. They have been (justifiably?) blamed for stoking genocide in Myanmar, Brexit, numerous mental health crises, and even destroying the foundations of human society.

These examples may seem extreme, but there is no denying that Facebook has capitalized on the monetization and manipulation of their customers’ personal data like no other company operating today. The most simple step you can take to avoid Facebook’s reach is to delete your account (Instagram too, which Facebook own). If this isn’t possible, there are few ways to reduce its impact on your internet browsing. Here are a few browser extensions that will quickly limit many of the platform’s tools for tracking your activity and boost your privacy.

  1. Disconnect Facebook
  2. uBlock and
  3. Newsfeed Eradicator

2. Use Tor Browser

While Google claims that incognito mode will keep you’re browsing activity and identity private, it is still part of the Google ecosystem – so you can never be completely sure. You might want to try alternatives to Google Chrome, Safari, and their competitors by using the Tor Browser. Tor is a web browser dedicated to maximum online privacy. Using 3 layers of encryption, Tor completely masks your identity by anonymizing your location, browser, and activity and batching it all together with every other Tor user. So essentially, you become lost in the virtual crowd. This also means that the more popular Tor grows, the more effective it is at hiding you.

Tor is one of the most popular tools amongst online activists, journalists, political dissidents in repressive governments, and security experts. Follow their lead and start using it today.

For ultimate online privacy, combine Tor with a VPN.

3. Use a VPN based outside of the 14 eyes

Installing a VPN (Virtual Private Network) on your devices is by far the easiest and most effective step to take if you want to increase your online privacy. You can’t be spied on if they can’t find you – and that’s where a VPN comes in handy. A VPN uses military grade encryption, IP masking and other tools to hide your online activity while on both private and public networks. This helps keep your location hidden, your data safe from leaking or theft, and your browsing activity secret from corporate and governmental tracking.

To go a step further, make sure that your VPN provider is outside the jurisdictions of the 14 Eyes surveillance alliance.

4. Try to avoid using Smart Home Products

It’s actually quite surprising that the recent story about 1,000s of Amazon employees listening to customers through their Alexa devices didn’t receive greater news coverage. Maybe it just shows how desensitized we’ve all become to such stories. It also shouldn’t be too surprising to anybody concerned with online privacy. Since the earliest days of smart home devices, security experts have been warning us about the ease with which they can be hacked and used to spy on households. Companies like Amazon may only be listening in for marketing purposes, but plenty of criminals are using them to track your routines and steal your identity.

The most effective way to be sure nobody is spying on you in your own home, through your smart devices, is to avoid using them altogether.

5. Start using Cryptocurrency for Payments

If you can ignore all the hype and noise around Bitcoin and other cryptocurrencies’ rollercoaster prices, and focus instead on its core principles and uses, you’ll understand how it is a great tool for online financial privacy. Aside from companies tracking your online purchases and using this to manipulate you into buying more stuff, online financial fraud is one of the biggest, ever-present aspects of using the internet. From the very first online transactions, conmen, fraudsters, and thieves have been finding ways to extract money from your bank accounts and credit cards.

One way to shield yourself from this happening is to separate your online transactions from your bank accounts. This is one of the many uses of Cryptocurrency such as Bitcoin. Despite what many people will tell you, Bitcoin is not 100% anonymous. However, by using a Bitcoin address to pay for online goods and services, and taking extra measures like shuffling your purchases amongst multiple bitcoin addresses, you can add a layer of privacy to your online transactions not possible with traditional banks and credit cards.

It can sometimes feel like maintaining privacy while using the internet is a crazy, unrealistic dream. This doesn’t have to be the case, however. By taking the simple, quick steps outlined here, you can easily boost not just your online privacy, but also safety from hacks, data leaks, and other forms of cybercrime. Using the internet will feel a lot less like you’re under siege from advertisers, governments and other shady figures, and free to browse in complete anonymity.

DD-WRT, VPN and Apple Airport Routers

Apple’s Airport Extreme and Express are brilliant at what they do. They are secure, yet easy to set up and maintain. Well, you do not need to maintain them – they tend to just keep working. It makes it super easy for an Apple product eco-system to co-exist without much hassle and fuss.

Airport Wireless

After many Linksys and D-Link Wi-Fi Routers, I started with the first generation Airpot Express and upgraded to the first Airport Time Capsule when it was released in 2008. The time capsule (Airport Extreme with Time Machine enabled Drive) lasted for 5 years and the Airport Express, a little over 6 years. Our current Home Network Setup is powered by an Airport Extreme and few Airport Expresses.

However, the apple routers are limited in their functionality. I wanted a VPN sitting in between the Internet and my home network without disturbing my original setup. I also wanted to have the option to turn the VPN OFF/ON quickly as and when I needed. I researched for a bit and settled on a cheap flashable wi-fi router – Asus RT-N18U. I flashed the Asus router with DD-WRT.

There are other Open Source Router firmwares which are equally good. I chose DD-WRT, as I find it easier, and have used it earlier. Some other alternatives you might want to try are – Tomato, OpenWRT, Gargoyle, etc.

I’m not very technical but I can understand technology, and knows a thing or two about how things work. So, I chose simpler setups and things that just work. My current setup works for now.

DD-WRT

DD-WRT is a Linux based alternative OpenSource firmware suitable for a great variety of WLAN routers and embedded systems. The main emphasis lies on providing the easiest possible handling while at the same time supporting a great number of functionalities within the framework of the respective hardware platform used.

Flashing a router and installation of DD-WRT is pretty straight forward. The most important part is to choose the right firmware for the router, making sure that the router is supported by DD-WRT. Following the instructions on the installation should be good enough.

Once all installed and running, here are few basic setting recommendations suggested by industry experts.

  • Change the default network from something like 192.168.1.1 to 192.168.xx.xx of your choice.
  • Broadcast the SSID but secure it with WPA2 with AES. If you’re not worried about backward compatibility, you can disable TKIP.
  • Of course, change your Admin password from the default to something better.
  • Always have a backup of your settings. It tends to be useful.

Services – VPN, NAS, the bells and whistles

The features and functionalities of DD-WRT are humongous. Pick the ones you want to use and you can ignore the others to their default/disabled state. If you have signed up for a VPN, which are much needed these days than ever, read-up on their OpenVPN (better than the other protocols so far) documentation for DD-WRT and set it up.

I really liked the simplicity of ExpressVPN, and it just worked for me. If you are shopping for one, most of the VPN Providers have a trial period – from 2 days to a week, or even sometimes a month. A 2-day trial should be enough for you to make a choice. I once got a good deal on CactusVPN and I subscribe to their VPN + SmartDNS.

Try out other good VPN providers – VyprRVPN, NordVPN, IPVanish, Buffered, Anonymizer, Private Internet Access, Tor Guard, Slick VPN, MullVad, Black VPN, Smart VPN, Private VPN, etc. Have a look at That One Privacy Site to do a thorough research that fits your requirements. More VPN reviews can be found on TheBestVPN.

DD-WRT Router + Apple Airport

Finally, I combined the two worlds – the DD-WRT Router facing the Internet and the Apple Airport Extreme managing the Home Network.

Internet

Setup the DD-WRT Router to face the internet – set up your PPPoE, tethering or the IP that your Internet Service Provider gave you. Enable DHCP so that the DD-WRT router can act as the DHCP Server. You can set up additional options such as the firewall, ad-blocker, access restrictions, etc. Make sure the Internet and everything else is working here perfectly. Leave the Wi-Fi enabled and working to get back to it, just in case, your primary Apple Router fails or just to debug/edit settings to the DD-WRT router. This also decouples the harsh Internet from your home network.

Apple Airport Router

This is your primary network where all your devices are connected. As the Internet is now taken care by the DD-WRT router, we have to just plug in the Airport Router’s LAN to the LAN network of the DD-WRT Router.

Play around with the Airport Router settings of your choices. However, here are a few key important setups that the Apple Airport Router needs to make it work in this setup;

  1. In the Internet tab, connect using DHCP so it gets its unique IP from the DD-WRT Router. You can change the DNS server either here or in the DD-WRT router. I kept it at the DD-WRT Router.
  2. Now, Create a wireless network with the settings of your choice.
  3. For the most important part, turn the Router Mode Off (Bridge Mode). We’re not routing anything with the Apple Airport but merely managing the Wireless Internet Network.

Of course, with Apple rumored to be abandoning the router business, in future, you can just plug off the Apple Router part and move to your DD-WRT router as the primary network manager.

Oinam Home Network

That’s it. You can now have the flexibility, security of a DD-WRT Router and Wireless Network managed by an Apple Router to easily and consistently connect all your devices. All your devices, from phones to laptops to the connected TV, can connect to the Internet encapsulated via a VPN. I’m still experimenting and will continue to play with my setup. The current setup has been running for a year or so, without any issues.