Basic Web Browsing Privacy and OpSec Technique

Victor O. AlvarezVictor O. Alvarez
2 min read

Preserving privacy while using a digital computer is really hard. You have to keep in consideration your setup, Internet connection and many variables.

However, it is indeed possible to know and practice basic Operational Security techniques that help you at least be certain your data input does not traverse the Internet in-the-clear (un-encrypted) when browsing the web by leveraging HTTPS technology.

To accomplish this, you need to consider and watch closely two things:

  • The website you will open supports HTTPS.

  • Be certain that the website you are in supports HTTPS before submitting a form.

These two points will help you discern if your data is at risk when browsing the web with a modern computer.

HTTPS and TLS encryption are reliable and you can be confident it will protect your data. Unless a third-party is able to de-crypt it, which is highly improbable.

Workflow Example

While searching on Google or other Search Engines, before opening a link, take notice if the website supports HTTPS. Search engines like Google and DuckDuckGo display clearly if a website supports it by displaying the webpage full address above the link.

If a website supports HTTPS then go ahead and open it.

And if you are inside a website and you wish to open an external link, you should hover over the link with your mouse and the browser will show you a text line on the bottom left corner of the window with the complete link you'll open by clicking it.

Things to Know

Note: This list includes personal insights and are not facts whatsoever.

  • An HTTPS encrypted website does not reveal to third parties the complete URL you visit. It'll only reveal its own domain name. This means that your ISP or other networks your traffic goes through won't know exactly which part of the website you visited nor will it know the data you submitted or received. However, a third-party will indeed know you visited that website and domain name.

  • An un-encrypted website which does not use HTTPS, does reveal to third parties both the data you read and submit and the complete URL you visited. A third-party can know the website you visited, the complete URL and the complete data exchange you had with that website.

By taking into consideration these notes, you can see and know how to help yourself browse the web at least considering which websites to visit and when to share data.

0
Subscribe to my newsletter

Read articles from Victor O. Alvarez directly inside your inbox. Subscribe to the newsletter, and don't miss out.

privacySecurityweb

Written by

Victor O. Alvarez
Victor O. Alvarez

Software Developer