How to safely and securely surf the web

When surfing the web, you should maintain a minimal amount of operational security.  Every website you visit logs your IP address, giving bad actors a starting point to locate your home network.  It's also a good idea to keep your identity hidden.

An easy way to hide your location is to use a virtual private network.  With a VPN, an encrypted tunnel is established between your machine and a provider who routes your traffic to your destinations.  I use a product called ProtonVPN, a provider based in Switzerland.  I'm in Indianapolis, but when I'm connected to my VPN, I appear to be in Denver.

 

VPN IP

 

You need a safe and secure web browser.  Many websites load their pages down with ads and trackers that make your browser sluggish and compromise your browsing habits.  Worse, you could hit a malicious site that puts you at risk.  Most popular browsers are difficult to configure to ensure security.  Therefore, I recommend using the Brave browser.  This product was created by the co-founder of Netscape (remember them?) and Mozilla Firefox, and the creator of JavaScript, which almost every website is dependent on.  They are industry leaders in security and privacy, so you're in good hands.

 

Brave on USA Today

 

After installation, make the following configurations:

  • Ads and trackers are blocked
  • connections encrypted (HTTPS everywhere)
  • 3rd party cookies blocked
  • block all fingerprinting
  • send a "Do Not Track" request with browsing traffic
  • Safe Browsing is toggled on

This browser is tailor made for privacy and security.  If you would like an extra level of anonymity, Brave has a Tor browser integrated.  After you start using Brave, you should notice a dramatic speed improvement with page loads.

With this secure browser, you need a search engine that doesn't track your searches.  DuckDuckGo has been rapidly gaining market share over the past few years as security awareness grows.  When you install Brave, set your default search engine to DuckDuckGo.

 

DuckDuckGo

 

The final items of importance are password management and private email.  When you register an account on a site, you typically enter a username and password with an email address for confirmation.  Most people use a weak password that's easy to crack, and it's probably one used across all websites.  I use Bitwarden for password management.  When creating a new account, Bitwarden generates a secure password to copy and paste into the registration fields.  When you visit that site, Bitwarden notifies you that a login is available.  Simply click on the icon, then click on the login you want (you can store multiple), and you're promptly logged in with no keystrokes.  It's very convenient as well as secure.

It's bad practice to use your personal email for account registrations.  Your identity is likely tied to that email and should only be used between trusted parties, like friends, family, and work associates.  I use ProtonMail, a product from the same company as ProtonVPN.  ProtonMail uses end-to-end encryption, which means your keys are not stored on the mail server with your data.  Create a new email account and use it for new registrations, or when exchanging emails with untrusted parties.

If you use these tools for web surfing, and you never click on any strange links from unknown sources, you can surf the web with confidence.  Your location will be hidden, you won't be tracked and susceptible to malware, your page loads will be faster, your account registrations will be secure, you won't have to worry about remembering passwords, and your email address won't compromise your identity.