How to keep prying eyes away from your online life

June 20, 2014
Credit: Symantec

Encryption was once the province of the paranoid. But no more.

With the revelations from Edward Snowden of widespread spying by the government, many people are more interested in cloaking their online activities. Even if you're not be worried about the government reading your email or getting access to your browsing history, there are plenty of other reasons why you might want financial, legal or health information private and secure, whether from unscrupulous hackers or online marketers.

Here are some key technologies you can use to protect your online activities:

TOR: This is a set of linked pieces of software that helps to cloak ' online identities. "Tor" stands for "the onion router," a name that is emblematic of the layers of protections the software uses to anonymize users.

When users seek Web pages through a Tor-enabled browser, their requests are encrypted and then go through a random series of computers on the Internet. Each computer, which has been set up by volunteers, relays the requests until they reach their end destination. Thanks to the design of the system, none of the relays nor the end server knows both who requested the Web page or what Web page was being requested.

Tor has been used by everyone from whistle-blowers to cyber-thieves to disguise their identity. It helps prevent people from learning what sites you visit or where you live. It's mostly used for accessing the Web, but the underlying relay network can also be used for , email and other Internet applications.

Of the three encryption technologies discussed here, Tor is by far the easiest to set up and use. On a PC or an iPhone, you simply have to install one application. On an Android phone, you'll need to install two.

Although it's easy to configure, Tor does come with some frustrations that could limit how much you want to use it. The main drawback is that because requests go through multiple computers, some of them located half a world away, loading Web pages can be very slow, making your broadband connection feel like it's the dial-up Internet.

Because the relay network is global and your Internet address appears to be the one from the last server that relays your request, the websites you access may think you are a resident of Germany or Japan or someplace other than where you live. So some websites, such as Google or eBay, may show you pages in a language other than English.

OPENPGP: This is the open source version of PGP, aka Pretty Good Privacy, the famed designed by Phil Zimmerman that the federal government attempted to restrict and compromise. The software is used to encode communications, typically email, using a system of public and private "keys."

Users publish their public keys on their websites and on servers that act as repositories. The public keys are used by OpenPGP software to encrypt messages that can only be opened with their corresponding private keys, which, as their name implies, are held only by their creators.

Encryption only works if both sides of a conversation use it. Even if you have OpenPGP installed, your outgoing messages won't be encoded unless you know and use your correspondents' public keys. Likewise, none of your incoming messages will be encoded unless those writing to you know and use your public keys.

Installing and configuring OpenPGP can be a complicated process that involves the installation, not only of software that supports the technology, but also potentially a plug-in for your mail client. You'll also need to generate and publish your keys and protect them with a password.

Once you have everything configured, you can connect with key servers to find and download other users' public keys. And whichever mail program you are using should indicate whether you are sending an encrypted message.

Note that the recommended way to use OpenPGP is with a mail client, like Outlook. That means that if you are used to checking your mail through a webmail interface, you'll need to change your habits. It also means that if you use multiple computers, you'll have to configure each one to use OpenPGP. That can be a time-consuming process, in part because to read messages encoded with the same key on all your computers, you'll need to copy the key and import it on each one of them.

Right now, OpenPGP is not easy to use on smartphones. You'll find programs on the iPhone, for example, that will store your private key and allow you to use it to open encoded messages, but they often require you to copy the message and paste it into a separate decoding app.

OTR: Also known as Off-The-Record, OTR is encryption for instant messages. It scrambles the content of messages so that they can only be read by the sender and the recipient and not by any messaging service provider or anyone who may intercept the messages.

OTR basically acts as a plug-in to a messaging client. The client allows you to connect to various messaging services - Google Talk, Facebook chat, Yahoo Messenger - and OTR allows you to put an encoded wrapper around any messages you send through those services.

Security experts advise using Pidgin as the messaging client on Windows computers and Adium on Macs. Adium has built-in support for OTR, while Pidgin users will have to install the OTR plug-in separately. Android and iPhone users can install ChatSecure, which includes support for OTR. All three messaging clients support multiple chat networks, so you can use them in place of dedicated apps for Facebook chat or AIM.

As with OpenPGP, OTR only works if both sides of a conversation are using it. But once it is installed, OTR will typically attempt to make a secure connection automatically.



Here are some tools you can use to conceal what you do and say on the Internet:

-Tor. Typically used to anonymize Web surfing. Available for PC and Mac users as a free download from the Tor Project Android users can access Tor via Orbot and the Orweb browser, both available for free from the Google Play store. Tor is available on the iPhone via Onion Browser, available for $1 in the App Store.

-OpenPGP. Encryption technology typically used to scramble email messages. PC users can install it with the Gpg4win software, available as a free download from PC users of Mozilla Thunderbird will also need to install the Enigmail add-on to use OpenPGP in that mail application; it's available for free at Mac users can get OpenPGP through GPGTools, available as a free download at

-OTR. An encryption technology used to encode instant . PC users can use it by installing the Pidgin messaging client, available as a free download at, and by then installing the OTR plug-in, which can be downloaded for free from Mac users can get OTR by downloading the Adium chat client from; Adium includes support for OTR. Android and iPhone users can access OTR via ChatSecure, which is available for free from both Google Play and Apple's App Store.

Explore further: Instant messaging will get Tor treatment in TIMB

Related Stories

Instant messaging will get Tor treatment in TIMB

March 3, 2014

The Tor Foundation which has made it possible for privacy-bent Tor users to anonymously browse the web is now turning to enabling people to autonomously do instant messaging with a Tor-enabled service, dubbed Tor Instant ...

Tor and Bitcoin promise online stealth

October 2, 2013

The Silk Road website that was shut down by US authorities, who branded it a black market for drugs and other illicit wares, relied on Tor and Bitcoins to protect the anonymity of users.

Google steps up bid to stymie email snooping

June 4, 2014

Google stepped up its effort Wednesday to make it tougher for spies or anyone else to snoop on email, unveiling Chrome browser software for scrambling digital messages.

Recommended for you

Old, meet new: Drones, high-tech camera revamp archaeology

November 24, 2017

Scanning an empty field that once housed a Shaker village in New Hampshire, Jesse Casana had come in search of the foundations of stone buildings, long-forgotten roadways and other remnants of this community dating to the ...


Adjust slider to filter visible comments by rank

Display comments: newest first

not rated yet Jun 20, 2014
will far too many bad persons/ people, pass as laundered . . . .
not rated yet Jun 20, 2014
you can weed a farm, but people are different; . . . . . quarantine from harm for the Good, . . . .
not rated yet Jun 23, 2014 encrypted end-to-end, in your computer, to the server, in the server, to your addressee where it can only be de-crypted with a figurative one-time pad. Free, convenient, Swiss incorporated and sited.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.