Browsing the Web also leaves you open to suspicious employers, disgruntled clients, angry employees, insurance adjusters, competitors, loan officers, and more than a dozen government agencies. And let's not forget would-be stalkers; your ex; and anyone else whose political, religious, or sports sensibilities you may have unwittingly offended.
But there's no need to work yourself into a paranoid fit. Protect your privacy on the Web with a few precautionary steps.
First and foremost, unlist yourself from your local phone directory. Better still, put your phone number under your pet parakeet's name; it will save you the $40 to $65 that your phone company charges you to be unlisted. Dozens of Web directory sites cull their listings from the white pages. BigBook, Bigfoot, and InfoSpace.com are a few of the better known, and new directories sprout every day; you can also individually request that they remove your listing.
Armed with only your phone number or your name, anyone can use these online directories to dig up door-to-door directions to your home. Worse, they can find your e-mail address. Plugged into any old search engine, this address reports everywhere you've left footprints on the Net, particularly newsgroups. By severing your name from your phone number and e-mail address, you become harder to track.
Keep in mind, however, that an e-mail address also offers cover. Keep several addresses—and use each strategically. For example, you should never use your company e-mail address to shop, play games, visit discussion groups, or download anything unrelated to how you earn your salary.
For private e-mail, use an anonymous remailer, which strips your name, e-mail address, and other revealing information from any message you send. Anonymizer.com pioneered this service, though hundreds of sites now offer it, including AnonMailNet, MailAnon, and Replay Associates Anonymous Remailer. The Electronic Privacy Information Center also maintains a list of reliable remailers.
For safeguarding sensitive info, e-mail encryption is a must. You can choose from dozens of encryption apps. The easiest to use is Network Associates McAfee PGP Personal Privacy. For$40, you can make your e-mail—and any file on your hard drive—safe from prying eyes. Or download a freebie version of PGP from MIT. You can also check out Ultimate Anonymity. For $14, it gives you all you need to browse the Web, send encrypted e-mail, and post to newsgroups incognito.
CenturionSoft's Steganos lets you hide data on your hard drive too. Why? Once your boss or nosy cube neighbors see you've encrypted a file, they're sure to wonder what's in it. But hiding the file—and destroying the original with Steganos's built-in shredder—keeps the curious at bay. Buy it online or check out a demo at www.centurionsoft.com.
There's no such thing as anonymous e-shopping. But you face similar risks that someone will cadge your info when you shop in the real world and pay with a credit card or personal check.
Your best bet is to use a front. Anonymizer.com and ProxyMate offer proxy services that conceal your identity and prevent Web sites from gathering information about you. Both are free, but Anonymizer.com also offers a $49.99 premium service for faster response and browsing sans banner ads.
Despite cookies' bad rep, many sites still use them to follow you around their pages, note where you linger, and build a dossier on your buying and browsing habits. If you want to know when a site is about to drop a cookie in your file, set your browser to alert you. In Microsoft Internet Explorer 4.0 and later, go to the View menu and choose Internet Options. Click on the Advanced tab and scroll down to Security. Under Cookies, select either Disable All Cookie Use or Prompt Before Accepting Cookies. In Netscape Navigator 4.0 and later, select Preferences from the Edit menu, then choose Advanced. Either select Disable Cookies or check Warn Me Before Accepting a Cookie.
Remember, though, that in many cases you'll need to accept cookies for a site to work properly. Sites that require you to accept cookies include financial institutions and those that sell pay-per-view content— usually any site that requires you to log in with a username and a password.
Also consider a blocking program such as Cookie Crusher from The Limit Software or Kookaburra Software Cookie Pal. WRQ AtGuard includes a feature that lets you block referrer fields, which means nosy sites can't tell where you've been. (For more on AtGuard, see the Internet Speed Tricks section of this story. JunkBusters is a proxy service that zaps cookies before they deposit themselves on your hard drive.
No matter how lightly you tread through cyberspace, your PC still collects clues about where you've been. Anyone passing by your unattended system can, click by click, piece together enough information from your hard drive to get you fired, divorced, publicly flogged, or legally sedated. This information can be misleading— how often has a vague listing in a search engine steered you to a porn site? But outsiders will draw their own conclusions.
Your Web browser's cache provides a treasure trove of information about you. Dump it. In IE4 and later, choose View Internet Options, General, and set History to 0 days. In Navigator, click on Edit, Preferences, Advanced, and Cache. Then select Clear Disk Cache. You'll also want to delete the Recent Site History. Using Notepad, open the PREFS.JS file (located in the Netscape\ Users\[your username] directory). Now delete all references that start with user_pref("browser.url_ history.URL_x"), with x being a number.
Cover your tracks completely all the time with WebStealth's $12.95 WebEraser, which rids you of cookies and zaps from your browser's cache any trace of where you've been online.
You're addicted to high-speed Net access. But a constant connection leaves your PC wide open. Even corporate firewalls can't always detect intruders that infiltrate your PC via your fixed IP address. Sybergen Networks SyShield protects your system and automatically yanks your connection when it senses a breach. ZoneAlarm, a free utility from Zone Labs, blocks spyware like BackOrifice as well as Trojan horse viruses.
We know you have better things to do with your time than examine your browser's COOKIES.TXT file. But if you do, we bet you'll find lots of cookies from DoubleClick, an Internet direct marketer and banner-ad producer. Sure, cookies don't identify you by name—yet. It's only a matter of time before companies such as DoubleClick begin to link your Web browsing habits with your name, phone number, and annual income. To trade in your DoubleClick cookies for blank ones, go to ad.doubleclick.net/cgi-bin/optout? and follow the prompts.
Browse anonymously. Fight spam. Protect your e-mail from prying eyes. Zero-Knowledge Systems Freedom does all that and more. For $50 a year, Freedom lets you create up to five digital IDs to use online so you can keep your real identity top secret.
Windows is out to get you. Or at least it seems like it when files you thought you'd deleted come back to haunt you. Wipe out files completely with FolderBurn 1.0 (a free download at www.hackers.com/files/sin/fburn.zip), which overwrites the space on your hard drive where deleted data once lived. To double-check that FolderBurn did its job—and peek at all your files, even those that Windows keeps hidden—put Briggs Softworks' Directory Snoop 3.00 on the case. Try it for free; it costs $29 to register.
If you want to do more in newsgroups than just lurk, here's how to keep your musings from being archived for eternity.
- Some e-mail programs let you use the default header x-no-archive: yes. This will keep you out of most archives.
- Add the same header (x-no-archive: yes) to the first line of all your messages. It's not foolproof, but it will work in many cases.
- Use Anonymizer.com for free anonymous remailing and undercover browsing.
- Set up a free Web-based e-mail address just for newsgroup posting.
There are two ways to fight spam: with a filter program or with a proxy service. These products and services are your best lines of defense.
This freebie removes your name from services and mailing lists that use your e-mailbox as a dumping ground. It even lets you cancel your ISP— no 20-minute phone call to customer service required.
This free proxy service zaps banner ads and cookies. Best of all, it protects your e-mail address from bots that scour the Web for victims.
Keeps your in-box free of junk better than any antispam utility we've found. It updates its huge collection of spam filters regularly and automatically updates your copy of Spamkiller when you log on. Try it for free; buy it for $29.95.
Signed and SealedThe easiest way to confuse would-be spammers or marketing hawks is to use one or two alternate e-mail addresses as a decoy. For Web-based mail with more than just a Send button, check out our top five picks.
Message filtering deflects spam. As an American Express cardholder you get extras such as mail forwarding and access to your account through your standard e-mail app.
In addition to being a free e-mail account, it also works with existing accounts. Its unique touch? Call in from anywhere and get your messages over the phone.
Doubles the space you get from most Web-based e-mail providers to 10MB. Plus 20MB of free Web space.
Notifies you instantly of new mail after you download a small applet and doesn't choke on multimedia attachments.
Powered by Lycos, ZDNet Mail offers solid free e-mail service. Check mail from any POP account too.
The best way to see where your small-office network's security holes are is to put a hacker to work. But that doesn't mean hiring the geeky kid across the way who boasted he broke into the Pentagon's Web site. Use a port scanner instead. We like Rhino9's Ogre, which lets you hack your own network to highlight any weak spots you've overlooked.