How to Become Invisible in the Digital World: 10 ways

To truly become invisible in the digital world, it is not enough to simply encrypt messages. It is also necessary to:

• Hide your real IP address — which is the point of entry to the internet, leaving behind your trace. It can reveal your location (down to a specific address) and your internet service provider.
• Erase data about your software and hardware — when you connect to the internet, websites receive reports about the software and hardware you are using. Various technologies can determine the exact software installed. Your browser provides the website with information about the version of your operating system and sometimes about other software you use on your computer.
• Protect your anonymity — identifying an individual on the internet is very difficult. Proving that it was specifically you behind the computer when something happened is quite complicated.

The facts are as follows: we live with the illusion that our privacy is confidential, and this situation has likely been going on for several decades.

10 ways to become invisible in the digital world

Incognito mode

The Sarbanes-Oxley Act of 2002 (SOX) is a federal law in the United States, governed by the Securities and Exchange Commission (SEC). Among other things, SOX requires publicly traded companies to have proper internal control structures to ensure that their financial statements accurately reflect their financial results. Recently, prosecutors have been more frequently invoking this article, recognizing its full potential. If you cannot prevent third parties from viewing your emails, listening to phone conversations, and reading messages, and if you cannot legally clear your browsing history, what can you do? To start with, you can try to prevent the saving of history.

In all browsers such as Firefox (Mozilla), Chrome (Google), Safari (Apple), Edge (Microsoft) incognito mode is provided, which works on any device, whether it’s a computer or a phone. You open a new browser window in this mode, and it will not save your search history or the list of visited pages for that session. Once you close this window, all traces of visited sites will disappear from your computer or mobile device. Privacy comes with some inconveniences: if you forget to bookmark a site of interest while working in private mode, you will have to search for it again next time, because the history is not saved.

Perhaps by using such a mode in Firefox or Chrome, you will feel invincible, but your anonymous page requests still pass through your internet service provider or mobile operator. And your provider can intercept any information that is transmitted unencrypted. If you visit a site that uses encryption, then your provider will receive metadata that can reveal that you visited a specific site on a specific date and time.

Incognito mode does not create temporary files, so neither your laptop nor your smartphone will have information about your internet activity.

HTTPS

When a web browser connects to a website, it first checks if encryption will be used and, if so, what type. The data transfer protocol is called HTTP, and it is specified before the address, like http://www.medium.com. In most cases, you can even omit the “www”.

When you connect to a website through an encrypted connection, the protocol changes. Instead of HTTP, you will see HTTPS. Now the URL looks like https://www.medium.com. HTTPS connection is more secure because it is a “point-to-point” scheme, meaning you connect directly to the website. There are also Content Delivery Networks (CDNs) that cache pages to reduce their loading time, regardless of your location in the world. So, there is another intermediary between you and the website.

Can someone see what you did on a particular website? Yes, if the interaction with the website was not encrypted. Here it should be noted that the Electronic Frontier Foundation (EFF) has created a browser extension called HTTPS Everywhere. This extension is suitable for desktop versions of Firefox and Chrome browsers, and even for Firefox for Android. Currently, there is no version for iOS. The HTTPS Everywhere extension brings significant benefits: during the first few seconds of the connection, the browser and the website exchange information about the type of protection to be applied. Ideally, Perfect Forward Secrecy (PFS) would be used. However, not all websites support PFS. And the negotiation of the type of protection does not always result in the selection of PFS — even when it is an option. The HTTPS Everywhere extension can force a website to use HTTPS whenever possible, even if PFS is not supported.

Authorization

Furthermore, it is important to remember that if you are logged into your Google, Yahoo!, or Microsoft account, all network traffic on your computer or mobile device will be recorded directly by the account itself. This is done to create your behavioral profile for targeted advertising. One way to avoid this is to always sign out of your Google, Yahoo!, and Microsoft accounts when you’re done using them. You can always log in again if needed.

Additionally, some browsers are embedded by default on mobile devices. These are not good browsers. They are subpar versions of desktop and laptop browsers and lack certain security and privacy features found in more reliable versions. For example, iPhones come with the Safari browser by default, but it is better to go to the App Store and download the mobile version of Chrome or Firefox. On Android devices, the latest models come with Chrome as the default browser. All mobile browsers, at the very least, support private mode.

If you are using a Kindle tablet, installing Firefox or Chrome may not be as straightforward, as they are not available in the Amazon store. You would have to take a workaround and install Firefox or Chrome through the Amazon Silk browser. To install the mobile version of the Firefox program on a Kindle tablet, follow these steps:

1. Open the Silk browser and go to the Mozilla FTP server at https://ftp.mozilla.org/pub/fenix/.
2. Choose the file with the .apk extension.

Certificates

Let’s talk about another factor that affects the security of the connection: every website should have a certificate — an independent guarantee that when you establish a connection with a website like Amazon, for example, you are actually exchanging data with the Amazon website and not with a fraudulent page imitating it. Modern browsers collaborate with third-party organizations known as certificate authorities, who compile up-to-date lists. Every time you connect to a website that doesn’t have a trusted certificate, the browser will show an error warning you that you can continue using the website at your own risk. If you trust the content of the website, you can make an exception. In general, if you are not familiar with a specific website, do not make any exceptions.

Moreover, there are not just one type of certificates used on the Internet, but several. The most well-known type, which you encounter almost everywhere, only confirms that the domain name belongs to the entity that requested the certificate, after undergoing email verification. This can be anyone, but it doesn’t matter — the website has a certificate that is recognized by your browser. The same can be said for the second type of certificates — those that verify the authenticity of the organization as a whole. This means that all websites on the same domain will have one certificate in common — that is, all subdomains on the site medium.com will have the same certificate.

However, the best certificates are considered to be those with extended validation. When entering a website with such a certificate, all browsers display a part of the domain name in green in the address bar (in all other cases, the entire URL is shown in gray). Additionally, when hovering over the address — https://www.medium.com — additional information about the certificate and its owner will be displayed (usually, this includes the city where the server is located). Undergoing real verification indicates that the company that owns this URL is legitimate, and this fact is confirmed by an independent certification authority.

Geolocation

Your browser on both your smartphone and computer tracks your location. How does this happen exactly? The IP address, which can be obtained through your browser, can give interested parties information about your internet service provider and narrow down the search area of your location on a map.

When you visit a website for the first time that specifically requests your location (e.g. a weather forecast website), your browser should ask you if you are willing to share your location with that particular site. If you agree, the site will automatically tailor its content to you, which is very convenient. For example, some websites will display advertisements for companies located in your region.

Can’t remember what you chose last time? Try visiting the page benwerd.com/lab/geo.php. It is one of many sites that allow you to check if your browser shares geolocation data. If it does and you want to remain invisible, disable this option. Fortunately, you can disable location tracking in your browser:

• In the Firefox browser’s address bar, type about:config. Perform a search and find the optiongeo.enabled, then set its value to false. Close the tab.

• In the Chrome browser, click on the three dots and select Settings → Privacy and Security → Site settings → Location. Toggle the switch to “Don’t allow sites to see your location” to disable geolocation.

• In the Edge browser, click on the three dots and select Settings → Cookies and site permissions → Location. Disable “Ask before accessing (recommended)” to disable geolocation.

Similar options are available in other browsers as well.

You can also spoof your location data:

• In Google Chrome, there is a built-in feature for changing geodata. Open Chrome and press the keyboard shortcuts Ctrl+Shift+I (Windows) to open the Developer Tools window. Click on the gear icon in the top-right corner of the panel that appears to open the menu. In the menu, select “Location,” and in the drop-down list for Geolocation, you can choose any location or enter precise latitude and longitude coordinates. You can use a well-known geographic point or choose coordinates in the middle of the ocean. In any case, the website will not know your actual location. You can hide not only your physical location but also your IP address.

• The Tor Browser changes the IP address that is transmitted to the viewed website. However, not all websites can be accessed through Tor.

Proxy Server

If you want to hide your IP address, use a proxy server. An open proxy server acts as an intermediary between you and the internet. Think of a proxy server like a translator for a foreign language — you speak to the translator, and they communicate with the foreigner, but your message remains unchanged.

Using a proxy server, you can also access websites that are blocked in a particular region. For example, if you live in a country where the search engine Google is prohibited. Or if you want to protect your identity while downloading copyrighted or illegal content through peer-to-peer networks.

However, a proxy server does not provide 100% protection. Each browser needs to be manually configured to use a proxy server. Even the best proxies are vulnerable to certain tricks that can reveal your real IP address, such as using Flash or JavaScript techniques. To prevent this, you can block or limit Flash and JavaScript support in your browser. The best way to prevent JavaScript scripts from tracking you through the browser is to use the HTTPS Everywhere extension.

There are many paid proxy servers available, but it’s important to carefully read the privacy policy of any service you sign up for. Pay attention to how the service encrypts transmitted data and how diligently it complies with laws and government requirements related to information disclosure.

You can find free proxy servers, but be prepared to deal with an avalanche of useless advertising. It’s better to avoid free proxies because when the service is free, you get exactly what you pay for. For example, using a free proxy server, you can also infect the attacker’s browser with malicious software and track their actions, such as reading emails forwarded through their proxy and monitoring all other illicit user activities.

When a service is free, you get exactly what you paid for.

When using a proxy server in combination with HTTPS, law enforcement agencies and intelligence services will only be able to see the IP address of the proxy server, but they won’t be able to see your actions on the website as this information will be encrypted. Regular HTTP traffic is unencrypted, so it’s always advisable to use HTTPS Everywhere.

NYM Connect

NYM provides privacy and anonymity on the internet by using a decentralized network and traffic mixing technology. Here’s how it works:

• Multi-level encryption of messages. When you connect your wallet or application to NYM Connect, it provides multi-level encryption of your messages and routes them through a gateway and the Nym mixnet.
• Traffic mixing. NYM Connect mixes your traffic with cover traffic and adds micro-delays, making it impossible for observers to track and analyze your communications and protect your IP address.
• Communication pattern protection. NYM Connect protects not only the content of your applications and wallets but also your communication patterns. This means that no one can track who you are communicating with or de-anonymize you.
• Connecting to the Nym mixnet network. NYM Connect connects wallets and messaging applications to the Nym mixnet network with just a click of a button.

These mechanisms together provide a level of privacy and anonymity that is difficult to achieve in traditional systems. However, like any tool, NYM should be used responsibly. Users should always be aware of their actions on the internet and how they can impact their privacy and anonymity.

We offer a step-by-step guide to connecting NYM on Windows.

• Downloading NYM Connect. Go to the official NYM website at https://nymtech.net/download/nymconnect and download the latest version of Nym Connect for Windows.

• Installing NYM Connect. Open the downloaded file and follow the installation instructions. You may need administrator permission to install the software.

• Launching NYM Connect. After installation, launch NYM Connect. You should see the main program window displaying the connection status.

• Connecting to the NYM network. To connect to the NYM network, click the circular button. NYM will begin establishing a connection to the network. This may take some time.

• Integration with your browser or application. To use NYM with your browser, you need to change the Socks5 proxy settings. Set the proxy server address to 127.0.0.1 and the port to 9050.

Please note that NYM is a powerful tool for protecting your anonymity on the internet, but it does not replace common sense and good security practices. Always be cautious online, even when using NYM.

Synchronization

For convenience, people often synchronize browser settings on different devices. For example, when you sign in to Chrome (using a Google account) or turn on a Chromebook, your bookmarks, tabs, history, and other browser settings are synced through your Google account. These settings are automatically loaded every time you open Chrome on a regular computer or mobile device. To choose which data to sync with your account or configure encryption:

• In the Chrome browser, go to the three dots in the top right corner, then go to Settings → You and Google → Sync and Google services, and uncheck the boxes. Your Google account provides complete access to managing information, in case you decide to opt-out of synchronization. Make sure automatic synchronization of sensitive information is disabled.
• In Mozilla Firefox, there is also a synchronization option: three dots in the top right corner → Settings → Sync.
• In the Edge browser: three dots in the top right corner → Settings → Profiles → Sync.

The catch is that a hacker only needs to make you log in to your Google account in Chrome or Firefox, and then all your search history will be downloaded to their device. Imagine if your friend sits behind your computer and logs into their account. Their search history, bookmarks, and other data will be synced. In other words, all this information will now be visible on your computer. Additionally, if you log in to a synced account on a computer and forget to log out, all your browser bookmarks and history will be visible to the next user. When you sign in to Google Chrome, it displays information from all Google services, including Google Calendar, YouTube, and others. If you have used such a computer to access the internet, be sure to sign out of your account when you are done.

Another drawback of synchronization is that all linked devices display the same content. If you live alone, there is nothing to worry about. But if you have a shared iCloud account with someone, it can lead to an unpleasant situation. For example, parents who allow their children to use their iPad may accidentally introduce them to adult content.

A shared computer or tablet in the family can invade a person’s personal space. One way to avoid this is to separate users, which is quite easy to do in Windows. Retain administrator rights for yourself so that you can manage system settings and set up separate additional accounts for family members. Each person will log in with their own password, and they will only have access to their own content, bookmarks, and browser history.
The Apple macOS operating system also allows for such separation.

However, only a few remember that they should also separate users in the iCloud account. And sometimes, seemingly without our fault, we become victims of betrayal from our own devices.

Network search

Cloud services create another interesting problem. Even if you clear your browsing history on your desktop computer, laptop, or mobile device, a backup of your search query history will be saved in the cloud. It’s slightly more difficult to delete the history stored on the servers of the search engine company, and even harder to prevent it from being saved altogether. It’s easy to see how a list of innocent search queries can be misinterpreted completely.

At least one company, Google, the owner of a search engine, has created several tools for configuring account privacy. These tools allow you to specify which information can be saved and which cannot. For example, on the page https://myaccount.google.com/data-and-privacy, you can disable tracking for advertising purposes, so that you won’t be shown ads for South America tours after browsing information about Patagonia. You can also disable the saving of search history altogether. Alternatively, you can avoid logging in to Gmail, YouTube, and any other Google account services while you are searching the Internet.

Even if you are not logged into your Microsoft, Yahoo!, or Google account, your IP address is still associated with each search query. One way to avoid this association is to use the proxy service of Google (startpage.com) or the search engine DuckDuckGo.

DuckDuckGo is the default search engine preferred in Firefox and Safari browsers. Unlike Google, Yahoo!, and Microsoft, DuckDuckGo does not have user accounts, and the company’s website states that it is a “search engine that doesn’t track you.” The company also has its own Tor exit node, so you can use DuckDuckGo for search while using Tor without experiencing any inconvenience¹.

Because DuckDuckGo doesn’t track your activity, search results will not be filtered based on previous search queries. Most people are not aware of this, but your previous search queries in Google, Yahoo!, and Bing influence the search results you see on those specific search engines. For example, if the search engine sees that you are interested in medical websites, it will filter the search results by placing medical-related results at the top. Why? Because very few of us bother to go to the second page of search results. There is even a joke about it: the best place to hide a dead body is on the second page of search results.

Some people may think that not having to scroll through irrelevant search results is convenient, but at the same time, you are giving the search engine the power to decide what you will find interesting and what you won’t. Ultimately, this is censorship.

DuckDuckGo shows relevant search results, but it focuses on the actual query rather than your search history.

Push technology

Push notifications are messages sent by websites or applications to a user’s device, even when the app or website is not active. These notifications can contain text, images, or other information designed to grab the user’s attention.

Security risks associated with push notifications include:

• Phishing and Fraud. Malicious actors may use push notifications to distribute phishing attacks, posing as trusted sources.
• Spam. Some websites may employ push notifications to send unwanted information or advertisements.
• Tracking. Companies can use push notifications to track user activity and collect personal data. Governments worldwide have been known to request information about push notifications from Google and Apple for user surveillance. While these messages pass through encrypted gateways like Google Firebase Cloud Messaging and Apple Push Notification Service, the companies themselves act as intermediaries in transmitting metadata ². This allows interested parties to obtain information about the apps used, other participants in conversations, and potentially the device owner’s location.
• Information overload. Excessive push notifications can lead to information overload and create a negative user experience.
• Data Security. If the transmission of push notifications is not encrypted, it can result in leaks of confidential information.

To ensure security, we recommend carefully managing push notification permissions, verifying their legitimacy, avoiding falling for phishing notifications, and regularly reviewing security settings on devices and applications.

Conclusion

In this article, we have covered several ways to become invisible in the digital world, such as:

• Incognito mode — allows you to not save your browsing and search history in the browser.
• HTTPS — provides a secure connection between the browser and the website.
• Authorization — requires logging out of your Google, Yahoo!, or Microsoft accounts to avoid tracking your activity.
• Certificates — verify the authenticity and encryption of websites.
  Geolocation — can be disabled or falsified in the browser to prevent disclosing your location.
• Proxy server — acts as an intermediary between you and the internet, hiding your IP address.
• NYM Connect — ensures privacy and anonymity online using a decentralized network and traffic mixing technology.
• Syncing — can be disabled or configured to not transfer your browsing history and settings to other devices.
• Network search — can be cleared or not saved in the cloud, and alternative search engines that do not track you can be used.
• Push technology — refers to a communication method where information is sent from a server to a client without the client explicitly requesting it. It’s commonly used for real-time updates, notifications, and content delivery.

We hope that these tips will help you protect your privacy and anonymity online. Stay vigilant and stay safe on the internet!

¹ FC. Inside DuckDuckGo, Google’s Tiniest, Fiercest Competitor — 2.02.2014
² DocumentCloud. Wyden letter to Department of Justice regarding smartphone push notification surveillance — 6.12.2023