Cybersecurity

Ten low-tech ways to protect your privacy online

Max Kabakov | iStock | Getty Images Plus

Despite the seemingly endless hack attacks, and a recent Pew study showing that Americans feel powerless to protect themselves against intrusions on their online privacy, few Americans do much in the way of adopting privacy enhancing measures.

But one privacy advocate has some advice: Do it.

"Resistance is not futile if you are not aiming for 100 percent perfection," says Nico Sell, co-founder of encrypted messaging service Wickr and organizer of hacker conference Def Con. Here are some low-tech tips to reduce your digital footprint and exposure. (Tweet This)

Self Censor: Search

The problem: Search engines such as Google have built their business models on selling keywords from user searches to advertisers, so searches are never private.

The solution: Don't ask Google anything you would not be comfortable sharing publicly—with your boss, lover or worst enemy. By self-censoring, you limit the information Google can sell advertisers. For highly sensitive searches, for example, health queries, go offline and ask your doctor. Another option? Avoid searching on Google altogether, says Adi Kamdar, an activist with the non-profit Electronic Frontier Foundation.

"You could also use search tools that don't collect data about you, such as DuckDuckGo." Looking for an alternative to Gmail? Protonmail is a freemium service offering end-to-end encryption so all your info is converted into code and protected from intruders, from when you hit send to when the email is read. It can't access your emails, so cannot sell your data to advertisers or turn emails over to the government.

Read More Ethical hacking: Are companies ready?

Mess with the System: Your Data

The problem: Data brokers are building a digital profile on you to sell you targeted ads.

The solution: Send mixed messages to search engines and the data brokers who harvest information from those searches. For example, when you pull up Google Maps to find the nearest hipster coffee shop, search for something out of character. "I often do searches for chainsaws, I also put into Google Maps wrong addresses just to gum up the system," says Sell. Also, limit the amount of personal information you share online including birthdays, phone numbers and addresses. If your birthday is already on Facebook, which Sell considers "a major breach of privacy," make up a fake birthday and spread it around to make it harder for thieves to steal your identity.


Eye Spy: Cameras

How to beat the hackers: CTO
VIDEO2:5202:52
How to beat the hackers: CTO

The problem: Cameras embedded in phones, tablets, smart TVs and security systems can be hijacked by hackers and turned into spy-cams (and the footage used for blackmail). "A kid could turn that on in half an hour; it's a well-known extortion technique," says Sell.

The solution: Cover all your inner-facing cameras with electrical tape or a sticker, easily removable for when you want to snap a pic or FaceTime with grandma. "It's an easy way to prevent this from happening and also a nice conversation starter to talk to people about personal privacy from the government, hackers, etc.," says Kamdar.

What about Dropcam or other cloud-connected cameras? "Oh my god, please don't do that," says Sell, adding, "If you must, unplug it when you aren't using it."

Read More Government hack raises red flags for investors

Do Not Track: Phones

The problem: Cell phones are connected to carrier networks, which collect detailed up-to-the-minute records of your location so you can make and receive calls, texts and emails.

The solution: When you're not making calls, Sell suggests keeping your phone in a Faraday Cage, a metallic box that blocks electricity and electrostatic forces and is, incidentally, also a favorite with survivalists. A low-tech low-cost option? Make your own by wrapping your cell phone in foil and sealing it in a plastic bag. If you think that's one step too far, Kamdar suggests simply being savvy about how much information you give away, "Be aware of the fact that your smartphone is a tracking device; not only is Verizon getting my location information, but I have location services enabled on Google, Facebook and probably other apps," says Kamdar. Many apps actively monitor users' locations, sending that information back to their creators, who are building business models on selling your data. Kamdar has this advice, "Be mindful about what you install and when you use it. Every month or two, take a look at the apps on your phone and uninstall the ones you aren't really using."


The Hackers Are Listening

The problem: Hackers can hijack the mic in your smartphone and turn it into a listening device. "We teach the kids to eavesdrop on a phone call with $500 and a backpack," says Sell.

The solution: When you're not listening to music, plug your headphone jack. A low-tech solution is to cut off the tip of old headphones and insert the pin-shaped plug into the device. (Or learn sign language).


Wifi Is Hostile: Avoid Unknown Public Networks

The problem: People think they're safe when logging on to a password-protected network, but public wifi is easily hacked.

The solution: Travelers beware! Only connect to public wifi if you know it is secure. For an added layer of security when connecting to wifi in a hotel, restaurant, cafe or airport, Kamdar has this advice: "Use things like Virtual Public Networks and be aware of what connections are encrypted and what are not." VPN's encrypt your Internet traffic, helping to prevent hackers snooping on browsing activity and capturing passwords. Alternatively, use a personal hot spot, such as a Mifi device. While no security is foolproof to a determined hacker, you can reduce your exposure and make it harder for hackers to target you.

Careful with Social: Skip Geo-Tags

The problem: Compulsive Instagrammer? Most users post most photos close to home, inadvertently making private information—such as home addresses—public. At the same time, there are entire companies whose business models are built on scraping the web for photos, analyzing the geotags and selling that information to advertisers.

The solution: Turn off geotagging when you post photos and status updates. "Though services like Facebook and Twitter do that automatically, they probably collect the information for themselves," said Kamdar. And remember, says Sell, "once you share something on most free services like Twitter's Vine or Facebook's Instagram or even Snapchat, you are granting lifetime control of that information to someone else, "the privacy settings aren't going to save you."

New Devices?

Malware criminals are focusing on mobiles.
VIDEO2:5702:57
Malware criminals are focusing on mobiles.

The problem: Smartphones, laptops and computers contain a portable goldmine of valuable personal information, catnip for identity thieves and data brokers.

The solution: When getting rid of a device, wipe it properly so personal photos and data are permanently removed. Using the built-in delete function is usually not enough, because most of the time hard drives can be reconstructed using readily available software. Use specialized services to properly delete information. Sell recommends Wickr's file shredder for mobile devices. Of course if you want to be super safe, as The Guardian newspaper did with the Snowden files, smash up your hard drive.


The Apps Are Watching: Skip Automatic Updates

The problem: Users configure app's privacy settings, but those settings can change with updates.

The solution: Update each app individually and purposefully configure privacy settings so you don't default to the most public options. Kamdar advises users to "be aware of what privacy settings are being changed when you update an app. App updates often contain crucial security updates, but sometimes they simply add unnecessary features."


Decrease Your Digital Footprint

The problem: Data has become so valuable to businesses, many are asking for information they do not strictly need, such as date of birth and Social Security numbers.

The solution: Always question why you are being asked to hand over that information. Do not give it up unless absolutely necessary. As Sell says, it's about "not being the low hanging fruit, not being the sucker."

Correction: An earlier version of this story misstated the hacker conference organized by Nico Sell.