How to Prevent People from Tracking You on the Internet
Avoid Malware.
Keep your operating system (OS) up-to-date. The easiest way for malicious people to track and record everything about you is to have you install a spyware/virus or to automatically break into your computer. By keeping your OS up-to-date, your allow your OS provider to release security updates for critical parts of your system that could prevent automatic security breach exploitation and could turn some spyware into some useless pieces of code
Keep your programs up-to-date. New versions of a program are made to enhance user experience, to add some features, that's true. But not only: this is also a way to correct bugs. There are different kinds of bugs: some of them will just produce visual artifacts, others will prevent you from doing something advertised, others can be remotely and automatically exploited by hacker to take over your computer. Without bugs, no remote attacks
Keep your antivirus up-to-date and running (under MS Windows). If the signature database of the antivirus is not up-to-date, some viruses won't be found right away. If your antivirus is not running in the background and if your system is not checked on a regular basis, you'd better uninstall your antivirus software. It's worth noting that antivirus programs usually seek for viruses, spyware, rootkit and worms. The specific anti-spyware programs are not better, most of the time
Use only one unique ACTIVE antivirus program. An antivirus program needs to act very suspiciously to work well. In the best case scenario, you will get a false positive by one program or the other, in the worst-case scenario, the different anti-malware programs will prevent each other from working correctly. If you really want to use more than one antivirus, update signature database, unplug your computer from the internet, disable your main antivirus completely and run the second one in a "on-demand" mode. Then, you may have a false positive (your main antivirus) : it's ok. Launch your main antivirus and you can use your computer as usual. Malwarebytes is a good addition to your first layer of AV defense.
Never download anything except on official sites (any OS) or trusted repositories (Linux/BSD/MacOS). For instance, if you want to download the VLC media player, download it from its official site (search google for it and you find : www.videolan.org/vlc/). Do never ever use links in any random non-official websites, even if your antivirus is not screaming when you do so
Use a firewall. Under Linux/*BSD, there are two wonderful firewalls integrated (netfilter/iptables and pf respectively). Under MS Windows, you have to find a good one. One thing you have to understand is that a firewall is like a switchman in a middle of a huge train station with trains (network data), platforms (ports) and railways (streams). A train by itself can't unload what it is carrying : he'll need someone to do that (a service or daemon : a program that runs in background that is listening to a particular port). Without that someone, that service, even if the train can reach the platform, it can do absolutely nothing. Let me remind you: a firewall is not a wall or a gate, it's a switchman (you can do much more with a firewall than allowing or preventing data from crossing)! That said, keep in mind that you can't control outgoing connections (except if you block everything or unplug the cable) but you can log what is going out... Most spyware find clever ways to go through your firewall but they can't hide what they are doing and it's much easier to find a spyware sending stuff to a remote server on port 993 in spite of you're not using IMAP programs that finding it, hiding in the Internet Explorer process and sending data in port 443 that you are using every day. If you have access to a standard firewall (netfilter/iptables and PF are), just log unexpected outgoing data and block anything ingoing except established and related connections. Don't forget to allow everything on the loopback device (lo) : this is safe and required
Don't use an admin account: it's better in Windows Vista and Seven, but if you are using an admin account, any software can ask for admin privileges, even malware you've launched recklessly. If you are not admin, the spyware must be much smarter to be used at full potential. At most, if you are a standard user, the spyware can send information about you, but not the other users. It cannot use a lot of useful part of the system to help it sending data and it's much more easier to remove it from your computer
If you don't need to play games or to use some very rare niche software, switch to Linux. Until today on, there is only a dozen of known malware programs running under Linux. Those programs were disabled a long time ago thanks to security updates. Binaries are taken from verified, signed, authenticated repositories. You don't need any antivirus and there are plenty of free, open source, great quality programs to do almost everything (firefox, chrome, inkscape, gimp, pidgin, openoffice, FileZilla, ffmpeg (used in almost every audio/video converter for windows out there), ghostscript (used in almost every pdf converter out there), xchat, and much much more were firstly developed by and for Linux and then ported to Windows because they were great)
Never browse the internet through a proxy: when you do so, please keep in mind you are forced to trust the unknown random stranger who set it up. He/She can log, save, store everything that your are sending to/receiving from the internet through his/her proxy! He/She can even unset encryption provided by the protocol you are using (such as HTTPS, SMTPS, IMAPS, etc.) if you are carefree. Doing so, they could catch your credit card number and so one. It's far far more safer to use HTTPS when possible directly to the site than using such dangerous monkeys-in-the-middle.
Use encryption whenever possible. This is the only way to make sure than nobody except you and the remote server can understand what you sent and what you received. Use SSL/TLS everytime you can, avoid plain FTP, HTTP, POP, IMAP and SMTP (use SFTP, FTPS, HTTPS, POPS, IMAPS, and POPS instead). If your browser say a certificate is wrong, leave the website. Period
sources and more click here.
Avoid Malware.
Keep your operating system (OS) up-to-date. The easiest way for malicious people to track and record everything about you is to have you install a spyware/virus or to automatically break into your computer. By keeping your OS up-to-date, your allow your OS provider to release security updates for critical parts of your system that could prevent automatic security breach exploitation and could turn some spyware into some useless pieces of code
Keep your programs up-to-date. New versions of a program are made to enhance user experience, to add some features, that's true. But not only: this is also a way to correct bugs. There are different kinds of bugs: some of them will just produce visual artifacts, others will prevent you from doing something advertised, others can be remotely and automatically exploited by hacker to take over your computer. Without bugs, no remote attacks
Keep your antivirus up-to-date and running (under MS Windows). If the signature database of the antivirus is not up-to-date, some viruses won't be found right away. If your antivirus is not running in the background and if your system is not checked on a regular basis, you'd better uninstall your antivirus software. It's worth noting that antivirus programs usually seek for viruses, spyware, rootkit and worms. The specific anti-spyware programs are not better, most of the time
Use only one unique ACTIVE antivirus program. An antivirus program needs to act very suspiciously to work well. In the best case scenario, you will get a false positive by one program or the other, in the worst-case scenario, the different anti-malware programs will prevent each other from working correctly. If you really want to use more than one antivirus, update signature database, unplug your computer from the internet, disable your main antivirus completely and run the second one in a "on-demand" mode. Then, you may have a false positive (your main antivirus) : it's ok. Launch your main antivirus and you can use your computer as usual. Malwarebytes is a good addition to your first layer of AV defense.
Never download anything except on official sites (any OS) or trusted repositories (Linux/BSD/MacOS). For instance, if you want to download the VLC media player, download it from its official site (search google for it and you find : www.videolan.org/vlc/). Do never ever use links in any random non-official websites, even if your antivirus is not screaming when you do so
Use a firewall. Under Linux/*BSD, there are two wonderful firewalls integrated (netfilter/iptables and pf respectively). Under MS Windows, you have to find a good one. One thing you have to understand is that a firewall is like a switchman in a middle of a huge train station with trains (network data), platforms (ports) and railways (streams). A train by itself can't unload what it is carrying : he'll need someone to do that (a service or daemon : a program that runs in background that is listening to a particular port). Without that someone, that service, even if the train can reach the platform, it can do absolutely nothing. Let me remind you: a firewall is not a wall or a gate, it's a switchman (you can do much more with a firewall than allowing or preventing data from crossing)! That said, keep in mind that you can't control outgoing connections (except if you block everything or unplug the cable) but you can log what is going out... Most spyware find clever ways to go through your firewall but they can't hide what they are doing and it's much easier to find a spyware sending stuff to a remote server on port 993 in spite of you're not using IMAP programs that finding it, hiding in the Internet Explorer process and sending data in port 443 that you are using every day. If you have access to a standard firewall (netfilter/iptables and PF are), just log unexpected outgoing data and block anything ingoing except established and related connections. Don't forget to allow everything on the loopback device (lo) : this is safe and required
Don't use an admin account: it's better in Windows Vista and Seven, but if you are using an admin account, any software can ask for admin privileges, even malware you've launched recklessly. If you are not admin, the spyware must be much smarter to be used at full potential. At most, if you are a standard user, the spyware can send information about you, but not the other users. It cannot use a lot of useful part of the system to help it sending data and it's much more easier to remove it from your computer
If you don't need to play games or to use some very rare niche software, switch to Linux. Until today on, there is only a dozen of known malware programs running under Linux. Those programs were disabled a long time ago thanks to security updates. Binaries are taken from verified, signed, authenticated repositories. You don't need any antivirus and there are plenty of free, open source, great quality programs to do almost everything (firefox, chrome, inkscape, gimp, pidgin, openoffice, FileZilla, ffmpeg (used in almost every audio/video converter for windows out there), ghostscript (used in almost every pdf converter out there), xchat, and much much more were firstly developed by and for Linux and then ported to Windows because they were great)
Never browse the internet through a proxy: when you do so, please keep in mind you are forced to trust the unknown random stranger who set it up. He/She can log, save, store everything that your are sending to/receiving from the internet through his/her proxy! He/She can even unset encryption provided by the protocol you are using (such as HTTPS, SMTPS, IMAPS, etc.) if you are carefree. Doing so, they could catch your credit card number and so one. It's far far more safer to use HTTPS when possible directly to the site than using such dangerous monkeys-in-the-middle.
Use encryption whenever possible. This is the only way to make sure than nobody except you and the remote server can understand what you sent and what you received. Use SSL/TLS everytime you can, avoid plain FTP, HTTP, POP, IMAP and SMTP (use SFTP, FTPS, HTTPS, POPS, IMAPS, and POPS instead). If your browser say a certificate is wrong, leave the website. Period
- Don't open e-mails from people you don't know.
- Web bugs are good ways of tracking what sites you are going to. A lot of extensions can get rid of them like Ghostery under Chrome and Firefox.
- Don't open attached parts in e-mails except if they are from trusted people and that they explained to you what it is.
- If you are using an e-mail client, configure it so that e-mail are shown in plain text (NOT in HTML). If you can't read an e-mail, it means the whole thing was in HTML images. You can be almost sure it's ads or spam.
- If you are playing a game online that needs open ports, you don't need to close them afterwards in most of the case. Remember: no service, no threat. When you quit your game, nothing is listening to the open ports anymore : it is just like it were closed.
- Never put your computer in a DMZ : only people in your network can remotely exploit breaches, if you are in the DMZ, your network is directly the Internet.
- Website owners can't reliably track you with your IP address: in most cases, the IP address your ISP gave you is dynamic. It changes from time to time and your ISP is the only one who could know who you are. Technically, it is impossible for an ISP to log and identify everyone.
- One website alone can't track your IP on other websites.
- Never use multiple spyware detectors at the same time.
- Your IP is completely useless to hackers.
- Open ports (in the firewall) without a buggy service listening behind this specific port is completely useless to hackers.
- An IP address is just what it is: an address. Knowing your physical address won't make your robbing easier at all! It's the same with IP addresses.
sources and more click here.