Browsing TUSCL (and other web sites) Safely

New Jersey

Saturday, December 12, 2009 2:27 PM

I check out TUSCL every day. It just wouldn't be good if my visits to TUSCL (or certain other web sites) were to become known at home or work, so I am very, very careful. I'm sure many of you are in the same situation. With that in mind, here is a discussion of various privacy techniques, with comments about convenience and security. First some techinques for browsing from home, on your own computer: Not doing anything: Visit whatever websites you want and forget about it. This is obviously extremely simple, but is almost certain to reveal your browser habits. Does anyone ever have access to your computer when you aren't around? Your family, while you're at work? A cleaning lady? A visitor? Even if someone isn't snooping, someone could go to your browser, start typing in an address, and then the address bar could reveal many of the sites you visit. Someone who is actively snooping can look at your browsing history. If you want to keep your browsing private, then you have to take care -- doing nothing means you will get caught. Clearing your browser history: This is better than doing nothing, but has lots of problems. First, you have to remember to clear the browser history each time you visit a site you'd like to keep private. Second, the entire history disappears, and that itself can raise suspicions. If someone notices, you look like you're hiding something. Finally, it leaves other browser clues intact, such as ... Clearing cookies: Most sites that you visit will leave "cookies" on your computer.  Cookies are convenient, identifying you to the website on return visits.  But cookies are also easy to examine. Your browser will display them if you know where to look, identifying the issuer, (e.g. tuscl.net).  Someone curious about the sites you visit is likely to check your cookies, if he or she is savvy.  You can clear the cookies (exact technique depends on your browser), but again, you have to remember to do it.  And it's inconvenient. You can remove cookies selectively (e.g. so that nytimes.com continues to recognize you), but then you can miss something. Selective clearing is likely to be ineffectual. If you visit a website, you get their cookies, but you may also get cookies from advertisers with suggestive names. Private browsing: Some browsers, (like Safari, on the Mac) allow you to do private browsing, in which the browser doesn't record sites you visit in the browser history. That leaves your previous history intact, which is good, but if you forget to turn it on, your private browsing shows up in your browser history. Downloading: If you download things you'd rather not have your family see, then the question is where to put the downloaded files. Picking an obscure folder doesn't really hide things very well. Searching the entire hard disk for pictures or images is easy for anyone to do. And opening download files will be tracked (e.g. Recently Opened documents).  You could encrypt your downloads, but again, that's going to look pretty suspicious. Creating a separate account: One very safe thing to do is to set up a separate account on your computer whose password is known only to you. As long as you browse and download from there, then your activities are safe from most users. However, anyone who has "administrator" or "root" access will be able to get into this account very easily. Another drawback is that the existence of this account will be known to anyone who sees a login screen listing accounts. If you're going to use a separate account on a shared computer, then 1) make SURE that no one else has admin access, and 2) make sure the name on the account is innocuous. "Pornhound" is probably a bad choice. Using a separate computer: Obviously highly secure, but also highly obvious. Using a virtual machine: You can create a "virtual machine" on your computer, using products from VMWare or other companies. The virtual machine is basically a completely separate computer, but it runs as a program on your actual computer. This is much more discreet that a separate account -- there is no additional account visible to someone using your computer. The virtual machine itself is inside your account so only you or an administrator has access to it. And even if someone starts the virtual machine, they'd still need an account name and password to get in, so you should obviously pick these carefully, (e.g. don't use the same account and password you do on your computer). Anything done inside the virtual machine stays inside the virtual machine. You can browse freely from inside the virtual machine, download stuff, and so on, and it will be completely invisible to anyone else using your computer. Of course, the virtual machine takes up some disk space. If you're tight on disk space, this won't work for you. But disk space is very cheap now. The major drawback of virtual machines is that they can be difficult to set up. The virtual machine software creates a blank computer -- you will then need to install Windows or some other operating system. If you aren't comfortable administering your computer, this may not be a good option for you. Using an external disk: The basic idea is to keep all your private browsing and downloading on an external disk. Obviously, this is not secure if you leave the disk lying around, or especially attached to the computer. There are two approaches to doing making this work. One is to keep the virtual machine on the external disk. The virtual machine software could be on this disk too, which is even safer.  You plug in the external disk, start the virtual machine, do your browsing. When you're done, you shut down the virtual machine and remove the external disk. The second approach is to put an entire operating system on the external disk. I don't know how well this works with Windows on the external disk, due to Windows and application registration issues. It would work fine with Linux. About browsing at work or using a work computer: DON'T. Just don't do it. Ever. Your work computer belongs to your employer, who may be monitoring your activity. Even if you take the steps listed above on a computer at the office, your browsing could easily be traced by network administrators.  The sites that you visit go through company computers, and they could be logging every page you visit. If you work on the road or at home, but connect through a VPN, you could still be traced by a network administrator. And even if you don't use a VPN, the computer belongs to your company. They can take it from you and examine it at any time. Let's be careful out there.

7 comments

mtnboy49
•
15 years ago
Great warnings.  I have Webroot Windows Washer on my own computer.  I also downloaded a Free Windows Washer.  They supposedly take all those erased files and overwrites them so even Norton can't get them.  I tested it when I had NOrton and it seemed to to the trick Also look in the Local Settings\Application Data\Macromedia And there are cookies and Temporary Internet Files in several places.  Clearing cookies, files and history don't get all the places.  Look also in C:\Documents and Settings\<Your Account>\Local Settings\Temporary Internet Files\[view link]5 Clean up...Stay safe
emmett
•
15 years ago
I don't know Webroot Windows Washer, but it sounds like it destroys the content of files that you've deleted. (When you delete a file, the bits are still usually on the disk and findable with the right tools.) But that addresses a completely different problem. If you have a picture of yourself posing with your favorite porn star at a strip club, and you HAVEN'T deleted it, then it sounds like this windows washer won't prevent snoopers from simply finding it with a search for all files that end in "jpg".
Officer
•
15 years ago
good article...very informative
mreef
•
15 years ago
I use 4 browsers, Firefox, IE, Chrome and Safari.  IE, Chrome and Safari all have the default settings for saving history, cookies, etc. But I have FF configured to clear all settings (there are 9 distinct options) when exiting.  So I always browse tuscl and other such sites under FF and always make sure to exit the browser before leaving my computer. This works great for my situation (wife and kids at home, but this is my personal laptop and others don't use it). One caveat:  with this configuration you need to make sure all FF windows have closed so the process exits.  If you have a popup window and you close the main browser window, FF is still running and will not clear your history.   You must explicitly select File | Exit.
MajorBoobage
•
15 years ago
I have a company laptop that I tend to carry with me when travelling, even if it's not business travel. A couple of times in a pinch I've had to use it to access TUSCL or [view link] when on the road. I made sure I was NOT on the VPN at the time, and I cleared my browsing history afterward. It's possible that my company still could have tracked my movements, but as I was not connected to their network it's pretty doubtful. Still, I would agree with Emmett that this practice is really, really dangerous.
Player11
•
15 years ago
Good Article.  I have a separate laptop for this kinda stuff than the company laptop.  Any pics I download I put on a flash drive. You do not want to use any kind of work computer for this as there are all kinda company snoops who will spy on you.  I know of a woman manager who would access the web browsing history of her reports from home.  She had 2 small children under 3 - looks like the bitch would have had something better to do.  At another place the department manager was a fanatic about coming down hard on anyone caught doing personal business on company time.  He was the kinda guy who likes to come in and fire people and at his prior location had fired half the people.  When there is a mgt change try to check the guy out to avoid being blindsided.  Some of these people aren't getting any real ass (or dick) and get off with power, lording it over people.
earlyriser60609
•
15 years ago
Clearly any moron that works in an office environment that uses a company computer to visit certain sites should be fired but the poor guy who has to travel on behalf of the company, alone in a hotel room, separated from his family and friends at night, is he to be punished too?  isn't there a distinction that can be made given browsing history and cookies are deleted?  I don't know, just asking...

You must be a member to leave a comment.Join Now

Want 4 weeks free VIP to tuscl?

Write an article