Las Vegas is a spectacle of sights, sounds, and entertainment. Can’t hide your enthusiasm. But no trip to Vegas is complete without trying your luck in one of the many casinos that are the foundation of the city, according to the advertising. Anyone can have fun in Vegas if they understand one key truth. There is no spoon? Not that truth. From the moment you land and slot machines welcome you at the airport, just know that everyone there wants your money. Remembering this will allow you to see past the veneer and shine.

The Internet is the online version of Vegas. You browse webpages, check out social media, and watch videos. But the reality is everyone, even the crazy cat lady who posts the cute videos of her houseful of felines, has helped build the Internet hoping to become rich and/or famous. Yes, there are charities online, but ultimately what are they asking for? Right, time, talent, and treasure. Along with the legitimate thieves and threat actors, browsing the Internet feels like walking through a jungle without getting stolen by a hidden jaguar.

But for every disease and ailment, there is a marketing department with a cure. Maybe the cure created the ailment to be relevant, but that’s a whole other discussion. You can’t swing a cat around your head without hitting some company offering to “hide” you on the Internet. Collectively, browsers have forced websites to secure mode, which encrypts all traffic between your computer and the website. You can verify this with the lock on the address bar. So when anyone asks how to stay anonymous online, my first question is always, why? What exactly is your goal?

Hide While Browsing

The thought you can creep around on the Internet undetected with a software you bought is misleading. Browsing creates records in multiple locations and unless you are using a fake ID online, everyone knows it’s you. Your computer, no matter which operating system, browser, or add-on software, maintains temporary files from the sites visited. This includes cookies, images, scripts, and text. And it doesn’t matter whether you use Incognito or Private browser settings, the history and temporary files are still maintained at the operating system level. Sure, you can choose to delete them every time the browser opens and closes, but records of browsing history remain.

Hide The Cookies!

Your primary concern for browsing safety is how your computer and browser manages cookies. Cookies are files stored on your computer by the sites you visit that hold personal information specific to that site. Most commonly, this includes login credentials, advertising, and trackers. Thanks to the European Union’s General Data Protection Regulations (GDPR) (Link), US lawmakers were forced to pass the Cookie Law, as it’s called (Link). Companies now must tell us how they using our collected information and give us the option to limit which cookies websites keep. Most people still choose convenience over privacy and companies know it.

Can’t Hide The Crumbs

Cookies are the most intrusive things on all legitimate websites. How do cookies work? Besides saving login info, you experience tracking cookies mostly through advertising. If you search for something specific, like new headphones on Google, a cookie deposits in your browser. When you go to Amazon or Facebook, you’ll notice advertisements for the same headphones because the new website reads the tracking cookies and knows what you searched for. Same concept when you’re talking about a product with your phone present and suddenly you are inundated with ads for that product. No, that’s real. That’s not your imagination (Link).

Read more privacy tips here (Link).

Hide Your Passwords

NEVER let your browser store your passwords. Why? They are poorly secured. Yes, I know they all say they encrypt the password file on your hard drive. But what if I simply walk up to your computer and look at them? Did you know if I can access your computer I can, with nearly 100% effectiveness, download a plain text version of all your passwords, including your WiFi passwords? Doesn’t matter if it’s Windows, Mac, or Linux. Doesn’t matter what antivirus you’re running. Browser password stores are insecure. Read about REAL password managers here (Link)!

Server-Side Snitches

The server hosting the website you visit also logs your public IP address and datestamp. Logs may include a full history of activity, clicks, downloads, and how long you spent on each page or item. The websites you visit and why determine the level of protection. Let’s say you want to send a copy of your resume to a job board while you’re at work. Just know that even a decent enterprise-level firewall and security configuration will prevent anything I’m about to tell you.

Virtual Private Networks (VPNs)

Advertisements for these personal services will tell you their VPN service allows you to browse anonymously and encrypt your traffic. This is true to a point. If you are using a public Internet, a VPN can encrypt the traffic from your computer to the destination. However, public networks with no passwords are breeding grounds for hackers and a VPN can’t protect you. The VPN is only encrypting traffic sent and received to the opposite host computer.

Learn how the Internet works here (Link)!

The VPN works when two endpoint devices negotiate and agree upon an encryption algorithm between the devices. However, this only encrypts traffic sent to the other end of the tunnel. Sure, they will encrypt and funnel all outgoing traffic, but local inbound scans by-pass the VPN. While you’re connected to your VPN, I can hack you on the same Wi-Fi. Further, instead of your traffic being seen locally, it is now being seen (and potentially copied) wherever the VPN provider’s Internet connection is. This is often another state or country where privacy laws may not exist!

While, yes, the local network does not know you are communicating with a job board because the data stream is encrypted, the end device still knows what you did and who you are because of your IP address provided by the VPN carrier. You aren’t anonymous, only bouncing through another location who are likely selling all your personal information with your permission! Didn’t you read the 72-page legal document when you signed up? VPNs are useful in certain situations, but the average Internet user will not benefit from it.

Proxies

A proxy is a device that interprets communication between you and the Internet, at least for our job board example. This proxy, depending upon its configuration, will mask your local IP address with its own before establishing a connection with the website. The proxy may even prevent certain types of traffic from passing, like scripts, malware, and may filter where you can go based on a list of known security treats.

Proxies get a bad rap in shows and movies, showing hackers bouncing through multiple proxies globally to hide who and where they are. Yes, there is a legitimate application known as Tor Onion Browser (Link) that uses this very concept to hide a user’s location. Again, no, this won’t protect your data, only your location. It works by using multiple proxies to bounce the communications across the Internet. The problem? It’s slow. Add to that everyone knows the Tor IPs and many websites are reluctant to work properly. Many require additional CAPTCHA verification before displaying anything, like Google. Plus, it’s not as anonymous as you may believe. Rumor has it that the Feds can track you through it but I know nothing!

Real-World Usage

For businesses, the proxy method overtook the VPN method in recent years. The product known as Software Defined Wide Area Networks, or SD-WAN, allows individual corporate offices to connect to one another across direct VPNs but then route out locally for Internet based traffic. This is a vast improvement over the Hub & Spoke model, where all remote sites connected to the main office then routed to the Internet. Internet typically lived only at the Main office, slowing everything down. Yes, there is a thing called split-tunneling, you trolls, but that isn’t secure, is it?

With SD-WAN, routing occurred at the site and only passed where it needed to go. Now, proxy services such as Zscalar, CloudFlare, and Viptella obfuscate, or hide, the IP addresses of any user connecting to the Internet. This prevents hackers and bots from actively attacking the systems. The proxy IP addresses are well known and webpages and carriers allow the traffic without incident. Compare it to the treatment of the open source Tor network traffic.

Eventually, a technology will come along and marry both SD-WAN and proxy services with an always-on, always-secure endpoint that provides maximum protection through Data Loss Prevention (DLP), Mobile Device Management (MDM), and Extended Device Response (XDR). It doesn’t exist yet in a fully functional model, but it’s coming.

For The Rest Of Us

So what is the average user to do to ensure protection on the Internet? Foremost, abandon the idea of complete anonymity online. You purchase your Internet access from a carrier to either your mobile phone or home/office address. They always know where you are and what public IP address you have. Even if you employ VPN, proxies, and bounce around the world, don’t think you can cover your tracks for illegal activity. Let’s just say the government has technology we’ve never seen. If you break a law, especially something Federal, you have no privacy or protection. For better or worse, you can thank the Patriot Act for that.

But let’s say you do want to protect yourself and “hide”. Start with a good firewall, not something you buy off the shelf at a store. The firewall you need will require a subscription to a quality proxy service. This can work either through your computer, directly through the firewall, or both. Best advice is don’t go places on the Internet you shouldn’t. You know what I mean. Learn what a Firewall is here (Link). You’d be surprised at the innocuous places where bad things hide.

Is It Worth It?

The main reason most want a VPN or Proxy is to mask their physical location. Yes, if you VPN to Europe, you have different options on Netflix. But here’s where Vegas comes back to bite you. VPNs and Proxies aren’t free. In fact, you pay usage charges for both. Not only are you handing all your browsing history, cookies, and data to an unknown third party for resell, but you’re paying them for the privilege.

Just because you have a proxy and a VPN, remember that where you go online leaves a fingerprint. Assume your entire Internet history is available for someone (or some AI) to cross-reference. Even protected, you may leave enough breadcrumbs from your patterns and site visits to point back to you. I’m not saying you can’t disappear and hide on the Internet, but doing it right typically requires breaking a few Federal laws. And they know where you live.