How to Perform an Internet Privacy Test

Everyone has something to say about internet privacy. So by now you probably know you should care about how public your internet activities are. The problem is knowing how public your information is. What exactly should you be doing and where is the information leaking from?

The answer to the broader question is that you should test your own internet privacy. Both to learn where and how your privacy is leaky and what to do about it.

Search Yourself on Google

Extensions with Obfuscated Code No Longer Allowed on Google Chrome

One of the simplest ways to test your privacy is to Google yourself. This will give you a fast overview of the most readily available info about you. Be sure to do this search using private browsing modes, such as Chrome’s Incognito Mode. This will prevent your search history and cookies from influencing your search results.

If there’s any information that pops up on Google you don’t like, you can try contacting the owner of that site and have it removed. If they refuse you may have some legal recourse, depending on where you live. The European Union, for example, has strict laws that ensure the right to be forgotten.

Put Your Details into a People Finder

PIPL

While Google is a great first stop to see if unwanted details about your life are leaking onto the web, you can go even deeper using a dark web or deep search people finder.

Personally, I like Pipl because it is so easy to use. Just put in a username, email address or real name and it will dig into the deep web to find all linked information.

Putting your own details into a search tool like Pipl will show you how someone can find information about you by simply knowing one piece of info about you. If you are lucky Pipl will come up completely dry.

The worst case scenario is when a username from an anonymous account (such as Twitter) brings up connections to your real name accounts. This happens when you use the same email address for named and anonymous accounts. If Pipl shows these sorts of connection, you might want to delete those anonymous accounts ASAP.

Use a Dedicated Privacy Tool

There are more than a few privacy testing tools available to the public. Privacy.net is one that I like personally because it neatly stacks all the most important leak tests in one central place. It also looks like a hacker site from the 90s, which to a certain generation of people is pretty cool! Using Privacy.net as the example, let us go over the different types of leaks you can test with this web service.

Checking for Autofill Leaks

Autofill is a feature (under various names) that most browsers have now. Basically, it saves you the trouble of having to fill in online forms by saving personal info from previous forms.

It then tries to detect what information goes into which field and puts it all in for you. Most of the time it gets it right and saves you some minor hassle.

The problem is that there are websites that capture all that information as soon as you click on a field. So instead of just putting in your name, it will also capture information such as your real address and phone number!

Given this serious potential for a privacy breach, its best to just turn off Autofill, but most privacy testing tools will also show you what info is leaking through your browser’s autofill feature.

If you’re leaking sensitive information through autofill, it’s best to simply switch it off or, at the least, delete your autofill data in your browser settings.

Account Browser Artifacts

As you browse the web, use different services and log into things, little artifacts accumulate. Basically, this lets the web page detect which accounts you are logged in to. Which could include the email addresses you use with those accounts.

This is bad for a number of reasons. First of all, it undermines any attempt at keeping some social media accounts anonymous. If you are logged in to two different services with two different emails, you have now indicated that those two email addresses are linked to each other. This sort of leak also allows phishing attacks to happen with much more ease, so it really exposes you in dangerous ways.

You have two options when dealing with this threat. The first and most obvious is to manually log in every time you want to visit a site. Don’t visit sites you don’t completely trust while logged in to sensitive services.

That can be a real pain, so it may be worth using separate browsers for different purposes. For example, you could use a portable version of Chrome or Firefox, or even the Tor browser, if you want to wander off the beaten path.

Browser Features that Are Risky

Modern browsers have a heap of web technology built into them that allow fancy web apps and graphical trickery. Hackers have found various exploits for some of these technologies. In some cases, the vulnerabilities are so bad that the technology is removed or disabled in new browsers. Others let you selectively switch them on for websites you trust.

A privacy analyzer site will show you which of these vulnerable technologies are active in your browser. ActiveX and Flash are two technologies that should be off by default. These are hardly ever used anymore anyway, so you won’t even notice.

Iframes allow one web page to be embedded in another, which is quite useful. Unfortunately, they also provide a way to run malicious code on the page. The same goes for Javascript, many sites use it for advanced features.

If you disable these two technologies in your browser security settings you’ll break the look and feel of many sites. You should, however, disable these technologies for sites that you don’t trust.

Browser Fingerprinting

Browser fingerprinting is perhaps one of the scariest methods your privacy can be breached simply by using the internet. Even with a VPN in place, your browser can still give your unique identity away.

When you first install your web browser, it’s in a pristine condition. There’s no real way to really tell your browser apart from everyone else’s. Then, as you begin to use it, unique little bits of data start to accumulate. By themselves, they don’t mean much, but when you add them all together the total picture can be highly identifiable.

This includes which browser plugins you have, your cookies and several other elements. While your browser fingerprint might not immediately out your real identity, it can be used to show that you’ve visited specific sites.

So if you visit your Facebook page and log in and then visit a questionable site through your VPN, someone looking at the browser fingerprint could still link the two together. Outing your identity at a single stroke.

To counter this sort of problem, use a browser that is as clean and standard as possible. Avoid plugins and wipe your browser from time to time.

Beating the Test

There’s a point where you have to be realistic about how much of your privacy you can protect. Some measures that need to be taken to achieve the highest level of internet privacy. When it comes to things like disabling Javascript, which can really hurt your experience, you might feel it’s not worth the hassle.

Performing an internet privacy test is like getting a full-body scan. Everyone is going to see stuff that’s troubling, but aren’t actually all that risky. Different people will have different priorities, but don’t think of the result such testing brings as a list of things you must do. Just a list of risks that you have to manage in a way that works for you.

Have you taken your Internet Privacy Test yet? If you find this article useful, share it with your friends and don’t forget to follow TechNadu on Facebook and Twitter. Thanks!