VPN Privacy and Personal VPN FAQ
VPN Privacy and Personal VPN FAQ
We receive many questions regarding privacy and anonymous web surfing. Below are some of the topics of concern and the answers that we provide:
1) Does your service make me anonymous on the internet?
People must understand that any company that tells you they can make you completely anonymous while online, is outright lying to you. Even though we at SurfBouncer have no idea of where you are surfing and keep no records of your surfing activities, you could still be traced. However, being able to do this involves a lot of money and resources. Could some government agency with unlimited resources track you through any VPN? Sure they could. And nobody could stop them. However, for the average person worried about identity theft, search engines and websites gathering their personal information in order to profile you and sell your data to marketing companies, the VPN is the start of the process in securing yourself. A Personal VPN will give an anonymous presence on the internet for the purposes that most people are needing from such a service.
2) Other than a VPN, what do I need to do to keep websites from profiling me?
SurfBouncer Personal VPN will encrypt your data connection so that your ISP cannot see what websites you are going to. That, effectively, stops them from profiling you. When you go to a web page or a search engine, they are given our IP address. Therefore, they cannot determine who you are or if you have been there before, by IP address. Our IP addresses are assigned randomly and changed frequently. This fact, coupled with the large number of people showing the same address, makes it impossible for a website to know who you are by your IP address.
Always be sure to log into the VPN before opening any browser. This will ensure the browser does not capture your actual IP address before the tunnel comes up.
However, there are other ways in which a website or search engine can identify you. If you want to see some of the things your browser is revealing about you, go to privacy.net/analyze-your-internet-connection and take the browser test.
a) Logging in to the website and giving them your personal information.
All the security in the world can instantly be defeated by logging in to a website with a user name and password or email address that traces back to you. In effect, they don't need to figure out who you are because you are telling them. Logging in to a search engine will allow them to follow your every move across the internet. If you are concerned about being profiled while online, then don't log in to websites unless you have to. If you do log in for some reason, follow the tips below to clear your tracks.
--On websites that ask for personal information that you don't necessarily care about -- consider signing up under a fake name and address.
--Get yourself a free email account from Yahoo, Google or one of the other providers. Don't use any real information when signing up for this email account and only sign up and use it while on the Secure VPN, following all the tips on this page to secure your privacy. When a website asks you for your email address give them this clean address that does not trace back to you. Reserve your real personal email address for people and companies that you absolutely trust not to sell your information or spam you.
b) Cookies
Many websites install what are known as cookies on your computer when you visit them. These cookies are used to track you and allow the website to recognize you, upon returning on a different day. Search engines can use cookies to track you across different websites and create a complete profile of what you do, for how long and how often.
Most websites will not give you full access to their page if you block cookies. Therefore, that is not a viable solution. However, you can erase cookies at the end of each session. In fact, all modern browsers can be configured to delete all cookies when you close a session. The drill goes like this:
Configure your browser to erase your entire browsing history every time you shut it down. When you go to the options menu, check all items in order to erase everything. Then, when you go to a website where a login is required, after you finish your business, close your browser along with any additional browser windows that might be open. When the browser closes, all cookies, history and other such tracking information will be deleted. Open your browser again and continue surfing.
If you are at a site where no login is required, in most cases it is okay to go from site to site and ignore the cookies they are presenting. While they will know someone went from site 'a' to site 'b', they won't know who it was because the secure VPN is keeping your IP address from them. While this is of benefit to them it is not the information they really want to know about you. Of course, if you want maximum protection against tracking then close your browser and restart each time you change sites.
There are also several programs on the market that will "clean" or "wash" your computer and remove all traces of personal information that can be revealed by your browser while on line. Some of the well known ones are listed below. They are highly recommended for making sure your computer is always clean.
CCleaner Windows Washer
c) Flash Cookies
These are similar to cookies but are saved by flash enabled websites and can contain a lot of information. Unlike regular cookies, browsers are not currently set up to remove them. While Adobe (the maker of Flash) offers an online opt-out process, we have found it confusing and cumbersome to use. We have also found that many flash cookies seem to get set, even if you have opted out. We feel that a better solution is a plug-in for the Firefox browser called Objection which will clear all flash cookies when you run it. Essentially, as you start your browser, you hit the Objection tab in the Tools menu and tell it to clear all the Flash Cookies (LSO's). It will also tell you what flash cookies are set at any given time so you can see which sites are using them.
d) Java and other scripting languages.
Most websites today use some scripting. It could be as trivial as presenting you with drop-down menu tabs like on the top of this page to complex scripts that try to extract everything they can from your computer and even plant objects on your computer to track you with.
One approach is to turn off all scripting languages in your browser. However the problem with this is that most web pages will fail in one way or another. A better approach is another Firefox plug-in called No Script (addons.mozilla.org/en-US/firefox/addon/722).
With No Script installed, all scripts are blocked when going to a new website. Then, you are given a list of all the potential scripts that are on the page. You can either temporarily or permanently enable the scripts that you need to use while disallowing ones from advertising sites, click banks and search engines. By not allowing these scripts to run and allowing only the scripts needed to make the site function you prevent the site from reporting your presence to the advertising and click bank sites. For sites that you frequent often, you can set your choices as permanent and have no worries going forward.
3) Time and Place.
While using the Personal VPN, your IP address might for example appear to be from a server in Texas. However, you might be in California. This is very beneficial as the website will see you with a Texas IP address. Unfortunately, your system clock will reveal your true location. In most cases this doesn't matter, as there are a lot of people in the Pacific Time Zone. However, for a completely accurate picture to the website you are visiting, you can make your clock match the location of the server. To determine which server you are logged in to, check your location after logging in to the Personal VPN by using this link. Set your clock to the location indicated.
4) Prizes and Free Stuff.
Many websites will offer either a prize or a chance to win something big, just for signing up. What needs to be understood is that this is just a ploy to get you to provide them with your user information. If you provide your email, name and address and they are viewing your IP address, they have just profiled you. This information, shared with other companies, can be used to track you all across the internet. It is virtually sure that you will get no prize from these sites. But what you will get is your information lifted and used against you.
5) Spam Email.
Everyone gets spam. Many of these spam emails contain a prominent link saying that you can unsubscribe from the mailing list if you wish. More often than not, this is a ploy to get more information. Never reply to a spammer. Doing so does two things: 1) It proves they have a live email address, which they will then sell to thousands of other spammers at a premium. This, in turn, will result in even more spam for you and 2) it will associate your IP address to your email address, giving them an additional data point. By accessing marketing lists and comparing the two data points, it is highly possible they can figure out exactly who you are and where you live.
As an example, suppose you signed up for something legitimate using your real name and email address. Now this website sells the information about you to a marketing company and it ends up in a database. Then, one day you are checking your work email from home and respond to the spam. The spammer now has your IP address. Comparing this address to the marketing database reveals your true name, personal email address and physical address to the spammer. Now they are 90% of the way towards stealing your identity. Another day, give up your SSN on some other website and have this dug up and correlated via data mining and...boom! They have your identity.
6) A computer that is not yours.
This could be a work computer, or one at the library or even a friends house. There is a lot of risk in using other people's machines for anything involving personal information. First, many network owners monitor their network and even record network traffic. Being on an unknown network that is not under your control means you don't know who is watching. If you can set up the Personal VPN on this computer, that will solve this problem. However, since the computer itself is beyond your control, you have no way of knowing if the computer is set up with some sort of key logger or even a virus that is stealing all your information. In these situations, a flash drive VPN using a virtual machine will prevent the local computer and the network owner from spying on you.
7) Your Home network.
Even at home there are risks when online. Many cable services use a shared network structure where everyone in the neighborhood is on the same link. What this means is that all of your traffic is combined and anyone with a little bit of computer knowledge can see your traffic. The SurfBouncer Personal VPN takes care of this by encrypting all traffic. When using wireless at home, always encrypt your wireless. You are ultimately responsible for what is going over your connection. People drive around in cars looking for unsecure networks so they can log in and use them to commit crimes. The last thing you need is your home IP address being the center of such activity. There are two main encryption methods for wireless today. The first is called WEP and it is past its prime. Don't use it. Anyone with access to a search engine can crack it and the people driving around looking for open networks consider WEP as good as an open network. Then there is WPA. This encryption is very secure and the only way to break it is to guess the key. To keep it that way, pick a secure key. Obviously, if your wireless access key is 'password', then it certainly won't take much to break in. On the other hand, if you chose a key such as 'YHfwjgfr87fdHjfip935UG53gjp132HpofpiwcwfrHUhhow202*&6cwo', then the odds of anyone guessing it in this century is nil.