(Blinds Home Catching the Sunlight by CBCK via Shutterstock)
Editor’s note: This post is a companion piece to this guide on how to take action and protect your privacy in light of the bill that President Trump recently signed into law that allows internet service providers (ISPs) to sell consumers’ browsing data.
Picking a good, secure VPN even for tech-savvy people can be difficult.
I’m not a lawyer and someone with legal background should examine this, but something people need to understand is that VPN providers can also be classified as ISPs as they’re providing an internet service. And if they’re based in the U.S. or their servers are in the U.S. or in a country with similar anti-privacy laws, they may still be able to monetize your browsing habits. So basically by picking a bad VPN service, you might make the problem in hand even worse.
There are very very few service providers whom I know and trust that don’t have any interest in the users’ data and take active measures to either not to have access to it in the first place or secure it if they have. Riseup.net and Calyx.net are two of them.
For more technical users, here are some tools I recommend. Each have their own pros and cons.
To be perfectly clear, Tor is NOT a VPN and is not even remotely comparable. Apples and oranges. But it’s probably your best shot at protecting your privacy. Tor Browser is a hardened browser built on top of Firefox. It makes it harder for sites and adversaries to track you by anonymizing your path to the website you visit. If this is the first time hearing about Tor, I encourage you to watch this short animation.
While Tor Browser is my primary browser these days, I don’t use it for my banking, for example. They might freak out as your IP address changes from one country to another roughly every 10 minutes. Using Tor makes it extremely difficult for anyone to see or collect your online behavior.
Full disclosure, I’m a volunteer and core member of The Tor Project.
- It’s free!
- You don’t depend on any service provider. The Tor network is being run by about 7,000 volunteers.
- Tor provides privacy by design, meaning even Tor itself can’t see which website you browse.
- Advertisement companies can’t follow you around in every website you visit.
- Supports Windows, MacOS and GNU/Linux.
- Bypasses all kinds of censorship.
- Constantly being audited by numerous developers and academics around the world.
- Not every website allows anonymous access. Some choose to block Tor users.
- You might see a Captcha or two or three while visiting different websites. These website want to make sure you’re a human and not a robot.
- While there are some versions of it available on mobile — Orbot for Android and Onion Browser for iOS, it has a long path to go to compete with other browsers on mobile.
- Hasn’t been designed to protect all the traffic on your device. Only the things you do inside Tor browser are private. Not in your Safari or Chrome or any other browser or application.
[Related: A beginner’s guide to Tor.]
Once setup, Algo is probably the easiest and one of the most secure way to get a VPN up and running to be used on MacOS or iOS. If you’ve ever used the command line, setting up an instance of Algo should be fairly easy for you. Just be mindful, if you’re using Algo for your privacy against the recent deregulation in the U.S., you might want to pick a data center that resides in a privacy- friendly jurisdiction. Another thing you might want to consider is that Algo uses Google DNS by default. If you’re worried about this recent deregulation, you should as well be worried about the visibilities the Silicon Valley companies such as Google have on your traffic.
- Software is free! (But you still have to pay for the servers.)
- Doesn’t require installing a new software on your computer or phone. MacOS and iOS have IPSec VPN built in.
- You need to be familiar with command line in order to setup the service.
- The defaults aren’t considering U.S.-based companies as a threat to your privacy and need to be changed.
- Not really a con of Algo, but enabling Windows support makes it less secure.
The design of Bitmask is based on OpenVPN and you can easily hook it up with Riseup or Calyx servers. In fact, they’re both already two of the built-in service providers. I hear from the developers that the MacOS version is on it’s way, but if you’re like me and can’t wait to see it, you could chip in with your money or skills to speed up the development process.
- It’s free!
- The default providers aren’t interested in your data and have vowed to protect it.
- Currently not available for MacOS, iOS and Windows.
- Needs more testing.
A separate operating system housed on a USB stick, DVD or SD card that includes a suite of privacy-ninja applications built in. Everything runs over Tor. Tails is built and maintained by a mostly anonymous, international collective of highly respected developers (yes, all of those things). It can be tricky to set up the USB stick, but once you have it set up, Tails is easy to use. The best part about Tails is that it doesn’t touch your currently running operating system. Whether you have Windows or MacOS or Linux, you can install Tails on a USB, reboot and do your work in Tails and when you’re done, reboot and unplug the USB stick.
Neither your computer nor Tails would have any memory of what articles you read online or which newspaper you leaked documents to.
- It’s free!
- Just like Tor Browser, no service provider is involved. It takes advantage of the currently available Tor network.
- It’s amnesiac. It won’t remember your browsing history or the files you might have downloaded to temporarily read, which also means if you accidentally get a malware with the first reboot, it’s gone.
- Preparing the USB stick has a learning curve. Although with their new website it won’t take you more than 15 minutes to figure out how to set it up.
- It’s amnesiac. Which means it won’t remember your settings either unless you setup a persistent volume, which isn’t as easy.
This new operating system, currently in alpha release, is based on Debian and not only sends all of your traffic over Tor by default, but also protects you from zero-day attacks by taking advantage of “grsecurity” patches. And on top of that, it has some amazing sandboxing features. If you’re a little more savvy and want to try things at the bleeding edge, definitely give it a shot. Imagine Tails but built to be your primary OS.
- Encrypts all of your traffic by default.
- Protects you from zero-day and unknown attacks.
- Still in alpha phase.
- Needs more testing.