The Art of Invisibility

1. Digital privacy is an illusion: Your online activities are constantly tracked

You would think, given the constant news about data breaches and surveillance campaigns by the government, that we'd be much more outraged.

Our digital footprint is vast. Every online interaction, from browsing websites to sending emails, leaves traces that can be collected and analyzed. Companies, governments, and hackers can potentially access this information. Even seemingly innocuous data can reveal much about our lives when aggregated.

Metadata is particularly revealing. While the content of our communications may be encrypted, the metadata (such as who we communicate with, when, and how often) can still provide a detailed picture of our lives. This information is often collected and stored by service providers and can be accessed by authorities.

Examples of tracked data:

• Websites visited
• Search history
• Email and messaging contacts
• Location data from mobile devices
• Purchase history
• Social media interactions

2. Encrypt your communications to protect against surveillance

To become invisible in the digital world you will need to do more than encrypt your messages.

Encryption is crucial for privacy. It scrambles your data so that only the intended recipient can read it. This applies to emails, text messages, and even voice calls. End-to-end encryption ensures that even the service provider can't access the content of your communications.

Tools for encrypted communication:

• PGP (Pretty Good Privacy) for email encryption
• Signal for encrypted messaging and voice calls
• HTTPS Everywhere browser extension to enforce encrypted web browsing

While encryption protects the content of your communications, it's important to remember that metadata can still reveal information about your activities. Using anonymizing tools like Tor in conjunction with encryption provides an additional layer of privacy.

3. Use strong, unique passwords and two-factor authentication

Your ideal text message app should also include perfect forward secrecy (PFS).

Password security is fundamental. Weak or reused passwords are a major vulnerability. Use long, complex passwords unique to each account. A password manager can help generate and store these securely.

Two-factor authentication (2FA) adds an extra layer of security. It requires a second form of verification, such as a code sent to your phone, in addition to your password. This makes it much harder for attackers to gain unauthorized access to your accounts.

Password best practices:

• Use at least 20-25 characters
• Include a mix of upper and lowercase letters, numbers, and symbols
• Avoid personal information or common words
• Never reuse passwords across accounts
• Consider using a passphrase instead of a single word

4. Be cautious with public Wi-Fi and use VPNs for added security

Public Wi-Fi wasn't created with online banking or e-commerce in mind. It is merely convenient, and it's also incredibly insecure.

Public Wi-Fi is a major security risk. These networks are often unsecured, allowing attackers to intercept your data. Avoid accessing sensitive information (like banking or email) on public Wi-Fi unless absolutely necessary.

A VPN (Virtual Private Network) encrypts your internet traffic. It creates a secure tunnel between your device and the VPN server, protecting your data from prying eyes on the network. However, be cautious when choosing a VPN provider, as they could potentially log your activities.

When using public Wi-Fi:

• Avoid accessing sensitive accounts
• Use HTTPS-enabled websites
• Connect through a VPN
• Disable automatic Wi-Fi connections on your devices
• Consider using your phone's mobile data instead

5. Social media and smart devices compromise your privacy

Every trip you take will be recorded somewhere.

Social media oversharing is a privacy nightmare. The information we voluntarily share on these platforms can be used to build detailed profiles of our lives, preferences, and relationships. Be mindful of what you post and review privacy settings regularly.

Internet of Things (IoT) devices collect vast amounts of data. Smart home devices, fitness trackers, and even cars are constantly gathering information about our habits and movements. This data can be vulnerable to breaches or accessed by manufacturers and third parties.

Steps to protect privacy on social media:

• Limit the personal information in your profile
• Use privacy settings to control who sees your posts
• Be cautious about third-party apps and quizzes
• Consider using separate accounts for different aspects of your life

6. Your physical movements can be tracked through various technologies

If you carry your cell phone with you throughout the day, as most of us do, then you are not invisible.

Cell phones are constant location trackers. Your mobile carrier knows your approximate location at all times based on the cell towers your phone connects to. Apps with location permissions can track your movements even more precisely.

Other tracking technologies are ubiquitous. License plate readers, facial recognition cameras, and even Wi-Fi hotspots can be used to track your movements in public spaces. Credit card transactions and transit cards also create a record of your physical locations.

Ways your movements are tracked:

• Cell phone connections to towers
• GPS data from smartphone apps
• CCTV cameras with facial recognition
• Automated license plate readers
• Electronic toll collection systems
• Credit card transactions
• Public transit card usage

7. Achieve anonymity through careful separation of identities and devices

To be invisible, you will need to start with a clean slate for each new secure contact you make.

True anonymity requires complete separation. This means using dedicated devices and accounts that are never associated with your real identity. Any slip-up can potentially link your anonymous activities back to you.

Operational security (OPSEC) is crucial. This involves carefully compartmentalizing your activities, using different identities for different purposes, and never mixing your real identity with your anonymous ones.

Steps for maintaining anonymity:

• Use separate devices for anonymous activities
• Purchase devices and prepaid cards with cash
• Use Tor and VPNs to mask your IP address
• Create new email addresses and accounts for each identity
• Never access personal accounts from anonymous devices
• Be aware of physical surveillance when using anonymous devices in public

8. Be aware of surveillance in public spaces and hotel rooms

If an attacker doesn't know the default password for a given hotel-room safe, another option for him is to literally brute-force the lock.

Public spaces are increasingly monitored. Cameras, facial recognition systems, and other tracking technologies are becoming more common in cities, businesses, and public transportation. Be aware of your surroundings and how you might be observed.

Hotel rooms can be vulnerable to surveillance. Electronic key cards, in-room safes, and even smart TVs can potentially be compromised. Take precautions to protect sensitive information and devices when traveling.

Hotel room security tips:

• Use your own portable lock on the door
• Inspect the room for hidden cameras
• Don't use the hotel safe for truly valuable items
• Be cautious with in-room Wi-Fi and smart devices
• Consider using a "do not disturb" sign to limit staff entry

9. Protect your data when traveling internationally

To protect my privacy and that of my clients, I encrypt the confidential data on my laptops.

Border crossings present unique privacy challenges. In many countries, authorities can search electronic devices without a warrant. This puts sensitive data at risk of exposure or seizure.

Strategies for protecting data while traveling:

• Encrypt sensitive files and entire hard drives
• Use a "travel" laptop with minimal data
• Store sensitive data in the cloud and access it securely once at your destination
• Consider using burner phones for international travel
• Be prepared to refuse to unlock devices (but be aware of potential consequences)

Remember that laws regarding device searches and data privacy vary by country. Research the specific regulations of your destination before traveling.

10. The Dark Web offers anonymity but comes with risks

Access to the Dark Web can be gained only through a Tor browser.

The Dark Web provides a level of anonymity. It uses special networks like Tor to obscure user identities and locations. This can be valuable for privacy-conscious individuals and those living under oppressive regimes.

However, the Dark Web has a dark side. It's also used for illegal activities and can be dangerous for inexperienced users. Law enforcement actively works to de-anonymize users engaged in criminal activities on these networks.

Dark Web considerations:

• Requires specialized software (Tor) to access
• Can provide increased anonymity, but not guaranteed
• Home to both legitimate and illegal activities
• Actively monitored by law enforcement
• Potential for scams and malware

11. Going invisible online requires dedication, vigilance and some monetary investment

To be invisible online you more or less need to create a separate identity, one that is completely unrelated to you.

Achieving true online invisibility is challenging. It requires a significant investment of time, effort, and potentially money. You must be constantly vigilant about maintaining separation between your real identity and your anonymous activities.

Necessary steps for invisibility:

• Purchase dedicated devices for anonymous use (laptop, burner phones, etc.)
• Use cash or anonymous payment methods for these purchases
• Create entirely new online identities unconnected to your real life
• Use advanced privacy tools like Tor, VPNs, and encryption consistently
• Be aware of physical surveillance and choose locations carefully when using anonymous devices
• Never mix anonymous and personal activities on the same devices or accounts

Remember that a single mistake can potentially compromise your entire anonymous identity. Weigh the benefits of invisibility against the effort required to maintain it.

Last updated: September 29, 2024