TMCnet Feature Free eNews Subscription
March 25, 2019

Online privacy: Three threats to watch out for

Keeping your data and activities private online can feel like an impossible task. From tracking cookies to outright snooping, it sometimes feels like anything you do while connected to the internet is being watched, logged, or sold to advertisers. Many of us have adopted Virtual Private Networks (VPNs) as a result, seeking to encrypt our connections and mask device details for a truly private browsing experience.



The problem is that VPNs aren’t perfect. The reason that some of them include kill switches, for example, is that your private connection can drop. If that happens, it leaves your previously hidden data exposed – but even when you are connected via VPN, certain details can slip through the net.

There are three key things that can compromise your privacy even when you’ve bolted on extra measures like VPNs, but thankfully there are also simple ways to find out if any are affecting you.

1. DNS leaks

DNS stands for Domain Name System, and it’s essentially the thing that turns the web addresses we read – like Google (News - Alert).com or BBC.co.uk – into numerical IP addresses that computers can process. When you enter a website into your URL bar, that name is sent to a DNS server and matched to an IP address so that your request is forwarded to the right computer. Usually, that server belongs to whoever provides your internet service.

All internet traffic must pass through a DNS server to get to its destination, which can pose a big issue in terms of privacy. The IP of the person sending the request and the IP they are requesting are both logged, which is why VPNs are often employed to divert those details through an anonymous server. That way, rather than your internet service provider being able to monitor your browsing activities, all they’ll see is that you’re connected to a VPN.

Unfortunately, there may be instances where your device fails to recognise that you’ve installed a VPN and will bypass the anonymous servers, instead sending your DNS request directly to your ISP. This is called a DNS leak, and it means that your activities can still be tracked even when using a VPN. Often, it’s caused by poor VPN configuration.

Why DNS leaks matter

Like many things online, you may think that if you’re not doing anything you shouldn’t be, you’ve nothing to hide. But IP tracking can be used for a number of things.

Aside from cutting off activities like streaming international shows, if your IP address is leaked it can compromise basic browsing privacy.

As an example, when one privacy organisation tried looking up the IP addresses of web users who had edited Wikipedia entries, they were able to find details as personal as sexual preference – as well as seeing which other sites those people spent time on. Employers can investigate IPs associated with their staff, and given that it’s legal for Internet Service Providers (ISPs) to sell browsing information to third parties (for use in targeted ads, among other things), it’s important to find out whether you’re suffering a DNS leak.

Tools like HMA!’s DNS leak checker can identify whether your VPN is being bypassed, and there are several ways to tackle the problem.
 

2. WebRTC Leaks

The RTC in WebRTC stands for “Real-Time Communications”. WebRTC is a browser-based technology used in video calling and similar tasks, and it’s designed to deliver information that’s being transferred quickly and efficiently without the need for extra plugins. In most browsers, it’s enabled by default rather than being something you need to add or switch on.

Your web browser, such as Firefox or Google Chrome, likely uses WebRTC to speed up services like video chat that require a lot of bandwidth. It enables efficient IP sharing, using carefully thought-out techniques to find your real IP address with the aim of providing the best real-time service it can.

Of course, if you’re trying to hide your IP address, the fact WebRTC can find your real one quickly is more of a flaw than a boon. Even if you aren’t experiencing a DNS leak, and your IP is hidden for ordinary online activity, some popular browsers are highly prone to WebRTC leaks because this kind of traffic can bypass VPN connections.

Avoiding WebRTC leaks

Much like a DNS leak, a WebRTC leak can expose your IP address while you’re online. The easiest way to ensure that your VPN isn’t sidestepped, and that your IP remains private, is to switch WebRTC off within your browser.

This is a pretty simple task, but if you’d prefer not to fiddle with your browser’s settings, another alternative is to look for a VPN provider that offers built-in WebRTC protection.
 

3. VPN dropouts

Last, but by no means least, is the risk that your VPN cuts out altogether. Though you might not expect to notice a DNS or WebRTC leak without checking for one, you’d expect to notice if your VPN suddenly disconnected. Sadly, that isn’t always the case.

A network drop might only last a fraction of a second before you’re back in action, but that fraction of a second is all it takes for a savvy, malicious third party to access your data. And we’re not just talking about IP addresses here, we’re talking about file transfers, personal details being entered into web forms and anything else you might be doing online during that moment when you are no longer encrypted.

VPN dropouts can occur as a result of conflict with firewalls and antivirus packages, or simply because your WiFi (News - Alert) or mobile data network is having issues.
 

Protecting yourself in a dropout

The simplest way to know that your data and privacy won’t be compromised in the event of a network dropout is to make sure you use a VPN service that includes a kill switch function – and to ensure that function is always switched on.

A kill switch is a simple security add-on, and when enabled it makes sure that if your VPN connection drops, so does your whole internet connection. If you’re entering or transferring personal data, it won’t be sent unprotected – it simply won’t be sent at all until the VPN protection is back in place.

This also prevents your IP from being exposed, so it’s an important feature if privacy is a concern.

While VPNs aren’t perfect, they are still an increasingly important feature of any modern privacy and security setup. With cybercrime on the rise and new tactics developing all the time, taking advantage of end-to-end encryption and anonymous IPs is a must. Just be sure to check that your VPN is working as it should be, and if not, take steps to resolve any leaks or issues at hand.



» More TMCnet Feature Articles
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE

LATEST TMCNET ARTICLES

» More TMCnet Feature Articles