How to Be Invisible on the Internet. 10 Identifiers to Eliminate

00:00

how can you be invisible on the internet

00:03

invisibility means you're still on the

00:05

internet but no one can see you there

00:08

the problem will be from certain

00:09

identifiers that accompany you as you

00:12

surf the interwebs or use apps in this

00:16

video I'll discuss 10 of these

00:19

identifiers what I will explain today is

00:21

how to hide these 10 identifiers so no

00:24

one can tell who you are have I caught

00:27

your interest if so then stay right

00:32

[Music]

00:36

there let's start with a basic premise

00:39

the internet is designed to track US

00:42

ever since the internet was invented to

00:45

even send information from one internet

00:47

node to another required

00:50

addressing thus we have the IP address

00:54

IP addresses are often fixed and

00:57

longterm phones obviously have phone

00:59

numbers but but they also have the IMEI

01:02

which is attached to the cell baseband

01:04

modem phone subscriptions are connected

01:07

to the imy identifier phone numbers are

01:10

in databases of contact list that big

01:13

Tech platforms collect on the network we

01:16

also have Hardware identifiers each

01:18

network connection whether to Bluetooth

01:21

internet cell data all require another

01:24

identifier called the MAC address this

01:28

is unique to each device on wireless

01:31

devices these Mac addresses are even

01:33

broadcast over the air so listening

01:36

devices nearby can read them Computing

01:39

devices have serial numbers built in for

01:42

example like CPU

01:44

identifiers operating systems also have

01:47

license numbers that are unique to your

01:49

device for example on Windows this is

01:51

the Windows product ID there are

01:54

temporary identifiers that are used to

01:56

Mark devices on phones there is the

01:59

advertising ID which is an identifier

02:01

made known to advertises to recognize

02:03

your device on all browsers platforms

02:06

can drop a little identifier on your

02:08

device called a cookie so that websites

02:11

can track you they can also do a browser

02:14

fingerprint so they can recognize you if

02:16

you return every time you log into

02:19

Google Facebook or Instagram traces of

02:22

those IDs are visible on most platforms

02:24

and they can then be used to track you

02:26

over the

02:27

Internet another way of identifying you

02:30

is via location tracking if your

02:33

location is recorded that is easily

02:36

transformed into a street address then

02:39

of course there are plenty of public

02:41

databases that can convert that to a

02:44

real name finally you often use an email

02:46

address to log in to various platforms

02:49

these email addresses are in contact

02:51

list as well as records of the platform

02:54

itself the email address is often a

02:56

direct identifier by itself fact if you

03:00

do nothing everything you do on the

03:03

internet can be attributed to you using

03:05

some or all of these

03:08

identifiers your goal if you want to be

03:11

invisible on the Internet is to

03:12

eliminate as many of these identifiers

03:15

from your internet actions this way you

03:18

become pseudo Anonymous you're there but

03:21

no one knows who you are exactly let's

03:24

jump into the 10 identifiers that we

03:27

will try to remove from your internet

03:29

action today I will indicate a threat

03:32

level with each of these from 1 to 10 so

03:34

you can prioritize which to work on

03:37

first this list is not sorted by threat

03:40

levels so watch them all number one IP

03:43

address Threat Level 10 out of 10 this

03:48

identifier is the most basic and should

03:50

be the most feared you cannot go on the

03:52

internet and do any kind of data

03:54

exchange without passing an IP address

03:58

the question is if the the IP address is

04:01

yours one of the most important

04:03

techniques for protection is to use a

04:05

VPN a VPN shows the IP address off the

04:09

VPN service and not yours this is

04:13

critical in the home if you're using a

04:15

Broadband cable modem to supply your

04:18

internet why is this critical because

04:21

your IP address at home sticks with you

04:25

my IP address at my home hasn't changed

04:28

in 20 years the ISB obviously knows who

04:31

I am since they send me a bill and send

04:35

technicians to fix my

04:37

internet and they have a record of the

04:39

IP address assigned to me at any given

04:42

moment any website or app you visit can

04:45

see this IP address even worse your

04:48

emails include this IP address if you're

04:52

using some standard email product and

04:54

your IP address is sent to the email

04:56

service provider and it's even in the

04:59

header of every email you send to others

05:03

let me alter the threat scenario here

05:06

sometimes you do not need a VPN

05:09

currently the Internet only routs

05:11

traffic using IP addresses in IP V4

05:15

format version 4 most cell phone

05:18

carriers and starlink now use the new

05:21

IPv6 format internally on their Network

05:26

version six this means that they can not

05:29

pass an ipv4 address unique to you to

05:34

any platform watching your traffic you

05:37

in fact share ipv4 addresses with all

05:39

the users of the cell service or

05:42

starlink the IP addresses that appear

05:45

for your traffic is actually the

05:47

carrier's ipv4 router that connects to

05:50

the internet and translates the IPv6

05:53

address of all of the people on that

05:58

location this means means that even

06:00

without a VPN you are invisible already

06:03

as long as you're not using your own

06:06

cable modem on your home network this

06:09

gives you another option to protect your

06:11

IP address without an additional cost

06:15

another option is to use tour a tour

06:18

browser will anonymize your IP address

06:21

and is the most invisible of all options

06:24

and it is free however you will find

06:27

that many sites now reject tour

06:30

connections because hackers tend to use

06:33

tour it is also terribly slow so this

06:36

becomes impractical Beyond occasional

06:39

use also think about the email using

06:41

email services that don't show your IP

06:44

address we for example have a bmail

06:47

product that does that no IP addresses

06:50

on the header number two phone numbers

06:54

Threat Level 8 out of 10 phone numbers

06:57

have turned into an internet ID

07:00

especially since most people have mobile

07:02

phones and every platform knows that

07:05

what really identifies you is if you go

07:07

to a platform and you give them your

07:09

phone number for twoof Factor

07:12

authentication or

07:14

2fa obviously this means if you set up

07:17

multiple accounts let's say in Google

07:19

then they will know which accounts

07:20

belong to the same person just from the

07:23

phone number but this in itself isn't

07:26

the main identifier phone number

07:28

directories are known to carriers but

07:31

are not distributed anymore the main

07:33

source of phone number directories which

07:35

reveal your name and potentially your

07:38

address are actually the contact lists

07:41

uploaded by your friends you cannot

07:45

control this and there is a 99% chance

07:48

that your oldtime phone number is in

07:51

some contactless database in a big Tech

07:54

platform they don't have to pay for this

07:56

and it is uploaded willingly so when

07:59

when you give a platform your regular

08:01

phone number for tofa then they can

08:04

actually verify what your real name is

08:06

well there goes your invisibility the

08:09

solution is actually simple have a

08:12

dedicated phone number for TFA a second

08:16

phone number you can put it on another

08:19

phone it will need another sim card you

08:23

must never give this number out to any

08:25

contact so it doesn't appear on a

08:27

contact list the effect is immediate if

08:30

a platform seeks to identify you your

08:33

phone number will not match to anyone's

08:36

contact list you will be invisible your

08:40

main phone number can be the same your

08:43

friend can call you on that but never

08:45

use that main phone number for TFA with

08:48

one exception that I make and that is

08:50

for

08:51

banks number three IMI and MZ Threat

08:57

Level 9 out of 10

09:00

your mobile phone has so many

09:02

identifiers so we'll start with these

09:04

two the MZ is attached to your sim card

09:08

when you insert a SIM card your phone

09:10

will actually broadcast This MC on the

09:15

airwaves this is a specific threat when

09:18

dealing with government since they can

09:19

use a device called Stingray to listen

09:22

for

09:24

MZ the other identifier is the IMEI

09:27

which is permanently attached to your

09:29

phone Hardware it sticks with you until

09:32

you change phones but neither of these

09:34

are the threat to the internet

09:36

invisibility the reason is that a

09:38

platform cannot see your IMEI or MZ

09:41

directly and governments only look at it

09:44

if they use it on radio interception for

09:47

example if you go to Tik Tok it cannot

09:49

find your IMI or MZ the real threat is

09:53

from the phone OS which is Google

09:56

Android or Apple iOS these OS can

09:59

identify your device identifiers and

10:01

store it on their database so this ruins

10:04

any plans for invisibility on these

10:06

devices you cannot hide from the OS of

10:09

what I call a normie phone the best

10:12

solution for a phone is to use a the

10:14

Google Phone this means having a phone

10:17

with a different OS based on Android

10:19

open- source project or

10:22

AOSP these kinds of phones do not have a

10:25

connection with Google and do not give

10:28

access

10:29

to the hardware identifiers this has a

10:32

high Threat Level because these

10:34

identifiers are used to track you on all

10:36

other devices with a technique called

10:40

cross device tracking number four Mac

10:44

addresses Threat Level two out of 10 Mac

10:47

addresses are indirect identifiers this

10:51

is a common misconception about the

10:53

seriousness of a MAC address by many

10:55

people the MAC address is not visible to

10:57

any platform automatically it is not

11:00

part of the Internet Protocol however

11:02

some apps intentionally collect the MAC

11:05

address and then use this in extremely

11:08

privacy invasive ways the main culprit

11:11

here is meta these apps actually spy on

11:15

the Mac addresses of the local area

11:17

network these then can be used to verify

11:20

your

11:21

identity it is also used to spot you in

11:25

other environments other Zuck book users

11:28

can detect your Mac address at a Walmart

11:30

Wi-Fi for example and then Zach will

11:33

know you are at Walmart or that you are

11:36

near other people the other way that Mac

11:39

addresses are dangerous is through the

11:41

listening of Bluetooth Mac address

11:44

broadcast which have been added to iOS

11:47

and Google Android this was added to

11:50

these os's to do contact tracing during

11:53

the covid crisis although I can't be

11:56

certain they collect this data today the

11:59

phones have a builtin capability to

12:02

collect other Bluetooth Mac addresses

12:04

near it the solution is to use a the

12:08

Google phone not that this can stop

12:11

others from listening to your Mac

12:13

address that will

12:15

continue however the MAC address will

12:18

not be connected to you since Google

12:20

will not know it belongs to you it will

12:23

just be some random Mac address and

12:26

again I repeat this a the Google phone

12:29

has no Google ID so that's why secondly

12:33

be sure to not use any zaching meta

12:36

platform since they are the primary

12:37

users of Mac address tracking number

12:41

five CPU identifiers and Os license

12:45

numbers Threat Level two out of 10 let's

12:49

say you're using

12:51

Windows this will have a similar problem

12:53

to the mobile phone using iOS or Google

12:57

Android it would be be possible for apps

13:00

to send the CPU identifier or the

13:02

Microsoft product ID to the platform the

13:06

problem is that this threat is not

13:08

limited to a Microsoft any app could

13:11

retrieve this information on Windows

13:14

this is available in the Windows

13:16

registry if a platform requires access

13:19

only via an executable rather than a

13:21

browser this should alert you to the

13:24

possibility that this additional

13:26

information is retrieved obviously anyos

13:30

can collect this and send it to HQ but

13:33

it is more of a threat when it is used

13:35

with specific knowledge of what you're

13:38

doing by some app let's say you are

13:41

required to use an app to access some

13:43

corporate system then that corporate

13:45

system could see if you're a valid user

13:48

by sending the Microsoft product ID from

13:51

your computer this can then be used to

13:54

check that the hardware is validated as

13:56

well the problem is any app could do

13:59

this the solution is to use a virtual

14:02

machine on your computer nowadays a

14:04

virtual machine software is not so slow

14:07

anymore on Windows and Linux the common

14:10

free virtual machine software is virtual

14:13

box from Oracle it is free and the best

14:17

way is to actually install Linux on the

14:20

virtual machine virtual machines do not

14:23

have an actual Hardware identifier for

14:25

the CPU and by using Linux you eliminate

14:28

the the risk of the OS identifier being

14:31

sent number six advertising IDs Threat

14:35

Level one out of 10 advertising IDs are

14:40

temporary identifiers used on your

14:42

devices to attract you now I say

14:44

temporary but likely 99% of you would

14:48

keep the same advertising ID for the

14:50

long term because you will not disable

14:52

this it's an extra step and many of you

14:55

don't even know what it is the

14:56

advertising ID is a volum voluntary

14:59

identifier that is sent with any traffic

15:02

and retrieve by apps there's an

15:04

advertising ID on all operating systems

15:07

outside of Linux and the Googled os's

15:11

both mobile and desktop the solution to

15:14

this is to opt out you can opt out from

15:18

Google Android Apple iOS Mac OS and

15:21

windows or if you cannot opt out you can

15:24

change the advertising ID frequently in

15:27

some privacy settings

15:29

the OS can generate a new one this is a

15:32

threat only from thirdparty platforms by

15:34

the way and it is not a permanent threat

15:37

Google and apple can track you via other

15:39

means if you're using their OS so

15:43

fortunately this is a threat with a

15:45

limited scope number seven cookie

15:48

trackers and browser fingerprints Threat

15:51

Level two out of 10 cookie trackers and

15:54

fingerprinting your browser are

15:56

alternate ways of identifying you for

15:58

advertising purposes similar to the

16:01

advertising ID Believe It or Not these

16:04

are not all that important to your

16:07

invisibility unless they're connected to

16:09

your Google ID or some meta ID so let's

16:13

wait to explain a more detailed solution

16:17

in the next item absent the Google ID or

16:21

meta ID these trackers have a very

16:23

short-term impact they can identify you

16:26

temporarily but it is not permanent so

16:28

this is not as important as it would

16:30

seem at least until a Google ID is

16:33

matched to it for this reason I don't

16:35

really do anything special to cookies in

16:38

general sites will always ask you to

16:40

accept cookies and I do accept them

16:43

mostly there are browsers that will

16:45

automatically delete cookies after each

16:47

session and that really is the only

16:50

important solution for example Brave

16:53

browser will do this automatically clear

16:56

cookies if you feel this to be a threat

16:59

in some way browser fingerprinting

17:02

specifically can be minimized by making

17:04

your browser as plain vanilla as

17:06

possible do not use browser extensions

17:09

and use many browsers as a habit you can

17:12

even use a different time

17:14

zone number eight Google ID and meta ID

17:19

Threat Level 10 out of 10 as I just

17:23

explained the cookie and browser

17:24

fingerprint problem isn't that serious

17:27

until you add the Google ID into the

17:30

equation I'll add meta in here later the

17:33

specific threat comes from the Google ID

17:36

being stored in a cookie when you are

17:38

logged into Google on a browser this

17:41

Google ID will be in a cookie for sure

17:44

the effect of this is that any website

17:46

with Google analytics Google AdSense

17:49

will automatically detect this Google ID

17:52

since the majority of all websites have

17:54

Google analytics or AdSense then it is

17:57

safe to say that Google will know

17:58

practically every website you visit and

18:01

it will be specifically attributed to

18:04

your Google ID meta has their own

18:07

equivalent like the Facebook like button

18:09

which will capture your IDs from meta

18:12

properties like Facebook WhatsApp and

18:15

Instagram the solution is to isolate

18:18

these to a separate browser only use

18:20

Google on One browser if you're logged

18:23

in for example Chrome but do not go to

18:28

any other website on Chrome do it from

18:31

another browser this way the Google ID

18:34

or any meta ID will not leak anywhere

18:38

you can go to Google on another browser

18:41

as long as you never log in to Google on

18:45

that browser I hesitate to give a

18:47

solution for meta because of the MAC

18:50

address tracking I mentioned earlier

18:51

among other things they also do facial

18:53

recognition the best solution is to

18:55

abstain from meta number nine n location

18:59

tracking Threat Level 9 out of 10 the

19:03

risk of location tracking is that if you

19:05

are Cavalier about this piece of data

19:07

and don't turn off location permissions

19:09

on everything at some point some third

19:12

party will capture your location

19:13

information with your IP address this is

19:18

a frequently sold piece of information

19:20

by thousands of apps and unfortunately

19:24

once your IP address is recorded with

19:26

the location then anyone can do a lookup

19:29

and find out exactly who you are just by

19:32

looking at your IP address either as

19:35

capture by an app a website or through

19:38

your email the result will be that you

19:40

will be in a lookup database sorted by

19:43

IP address and from there it will show

19:46

your location there are many suppliers

19:49

of this data including companies like

19:52

here.com and Skyhook Wireless the

19:55

solution is to always use a VPN because

19:58

the location information if accidentally

20:01

captured is a value only it's a data

20:03

pair with your IP

20:06

address and of course always turn off

20:09

location permissions especially if

20:11

you're at home you can never be sure

20:14

which apps are selling your location and

20:17

IP address data one of the most

20:19

well-known apps that do this is the

20:21

weather channel app which is owned by

20:24

IBM the other fear with location

20:27

tracking is that Google and apple always

20:30

know where you are 247 your location

20:33

data is then used to provide Geo fencing

20:35

services to government agencies if

20:38

you're using a d Google phone then you

20:40

are safe from this number 10 email

20:43

address used as login Threat Level 6 out

20:47

of 10 if you use a specific email

20:50

address to log to a platform then the

20:52

platform can check the same contact list

20:54

where they find your phone number to

20:56

also see your real name

20:58

so in essence the phone number and email

21:01

are connected identifiers the solution

21:03

here is to use different email addresses

21:05

for each platform some email products

21:07

can allow an ilas like

21:10

bmail this ensures that your email will

21:13

not be found in any contact list since

21:16

you will not give this alas email to

21:19

your contacts so there you are 10

21:22

identifiers that you must attempt to

21:24

hide from the internet at all times use

21:28

the Threat Level to gauge the importance

21:30

of these to your privacy actions

21:33

unfortunately know that you cannot

21:35

delete data that is already known on the

21:38

internet you can only move forward to

21:40

eliminate future data keep that in mind

21:43

the sooner you start implementing these

21:45

actable items the better for your

21:47

privacy good luck privacy is something

21:50

we all have to work on it does not come

21:52

to us automatically I try to make it

21:54

easier by starting a company to help the

21:56

average person with private Solutions

21:59

the main threat currently is the Google

22:01

ID which is on your phone there are

22:03

hidden Communications between common

22:05

phones and big Tech which reveal device

22:09

identifiers and 24/7 location tracking

22:13

that points to you we sell various

22:15

models of the Google phones in our store

22:17

these phones are around $400 so they are

22:20

cheaper than normal phones we have the

22:23

bytes VPN service which I started a few

22:25

years ago as I discussed in this video a

22:28

VPN is important to hiding your IP

22:31

address our VPN service is unique

22:33

because it includes ad blocking via a py

22:36

hole server which also serves to

22:38

anonymize your DNS we have a related

22:41

Brax router product that can allow you

22:44

to VPN your entire home internet traffic

22:47

this keeps everything simple if you have

22:50

many devices we have a Brax mail service

22:53

that hides identity information from

22:55

your email and prevents you from showing

22:58

up on contact lists it also eliminates

23:01

IP addresses from showing up on the

23:03

header or in logs we offer unlimited

23:06

aases seven domains and web mail check

23:10

that out for $50 a year all these are on

23:13

my store on bra. May sign up on there

23:17

and you will not be asked for personal

23:19

information like email I also want to

23:22

remind you that I've moved my live

23:25

streams to rumble and robra . locals.com

23:29

these live streams are on Thursdays 8:00

23:32

p.m. Pacific Time join me there if you

23:35

want to ask questions live thank you for

23:38

watching and see you again next

23:41

[Music]

23:45

time