Browsing the Internet Safely

We all use the Internet at some point: to conduct searches, communicate with other people or post information. The things we search for, our browsing patterns, histories – including what sites we visit and the things we might post might be of interest to other people for whatever reasons.  In this chapter, we will tackle how to browse the Internet securely and how to recognise and address the threats that may confront you in this regard.

Generally speaking, browsing the Internet is unsafe. Usually, on most websites you will see in the address bar – the Hypertext Transfer Protocol (HTTP) as the default networking protocol used by browsers. This protocol is what allows communication between you and the various websites you visit. However, using this mode of communication especially when using wireless networks transmits information in plain text. This would ordinarily not be a problem. However, it becomes a problem when you need to transmit sensitive personal data such as banking information, which therefore makes it unsafe. This can be said to be similar to sending personal information on a postcard. With free and open softwares, a third party is able to intercept the data you transmit online such as: passwords and usernames used on different websites.

As a solution, Hypertext Transfer Protocol Secure (HTTPS), exists to provide secure, encrypted communication between the user and a website.  It is important to note that most sites do not provide encryption or they do, but do not connect you to the HTTPS version of their website by default. Therefore you should always look out for ‘https’ in your URL, especially if you will be dabbling with sensitive personal information on a particular site. Major websites such as Google, Facebook and Twitter,  by default can now be reached through the HTTPS secure connection.

The diagram below attempts to explain the difference between HTTP and HTTPS:

HTTPS EVERYWHERE

As highlighted above, it is always safer to browse using the HTTPS protocol, however a lot of sites do not automatically default to their versions of this when they are available. An easy to use and transparent browser extension called HTTPS Everywhere, provides a fix for this problem, by rewriting all requests to websites to HTTPS. Note that HTTPS Everywhere only activates HTTPS on a particular list of sites and specifically those that support it or have that option. It therefore means it cannot make your connection to a website secure if that site does not offer HTTPS as an option. You may get the newest release of HTTPS EVERYWHERE from the official website here: https://www.eff.org/HTTPS-EVERYWHERE for the browsers Chrome, Firefox and Opera.

5.2 Using The Onion Router (TOR)

We have seen a growing trend in Africa where governments occasionally or wholly block certain content or websites (as a form of censorship) or conduct random or targeted surveillance on the online activities of people. Such measures have been legalised in a lot of countries the world over, and Zimbabwe is currently in the process of developing its cyber laws. There have been talks of banning some social media platforms popularly used in the country, supposedly for protecting national security as well as in response to the rise in cases of cyber abuses and cyber crimes.

While government surveillance and censorship maybe justifiable on  how countries protect themselves, sometimes citizens’ rights to privacy and access to information suffer in the process. Imagine if all your online activity is being tracked, your communications being read and your location being recorded without your willing participation. This does not only put you at risk of the physical threats discussed earlier, it also puts everyone else around you and those with whom you communicate at risk especially if the nature of your conversations are sensitive.

The Onion Router or TOR is intended to protect a user’s freedom, privacy as well as ability to conduct confidential business online by keeping their Internet activities from being monitored. TOR enables online anonymity through a system composed of some software and a network of servers that can hide information about a user’s location and other factors that may identify them. Using TOR makes it more difficult to trace a person’s Internet traffic, due to a system designed to negotiate a virtual tunnel by encrypting and randomly bouncing communications through relay networks across the globe. The software is open-source and can be accessed here: https://www.torproject.org.

HOW TO INSTALL TOR

Step 1. Double click Tor Browser Setup executable file to begin the installation process. In some cases, the Operating System Warning dialog box may appear. If it does, Select YES to start the Tor Browser installation and Choose the language from the pull-down menu and click OK.

Step 2: Choose the location to extract the Tor Browser and click Install.

Step 3. Click Install to begin extracting the Tor Browser.

Step 4: Click Finish.  This will open the Tor Browser console.

Step 5: Click Connect. Depending on your network and internet speed you will be allowed into the TOR network and the following window should appear.