How is everyone tracked online? What does a website immediately know when you visit them?
Most people are unaware of the fact that they are being tracked online. Everything people do on the internet is being recorded and tracked by governments and organizations. In the previous article we saw how Facebook and Google collects information about users who surf the internet and use their services and how this data is utilized and sold to third party companies for advertising. If you haven’t read the previous article yet, be sure to check it out.
As we had earlier discussed, there are 7 parameters or factors to track each and every person online. In this article we shall go into detail, what the 7 parameters are and how you can stop giving out this information to every website you visit, thereby protecting your digital identity and privacy.
- IP Address
- MAC Address
- User Agents
- Website Trackers
- DNS Queries
These are the basic parameters that are used to identify an individual on the internet and make a profile on that person. We shall now go into details on what each of these parameters are. This topic will be divided into two parts. In this part (Part 1) we shall discuss in detail about IP Address, MAC Address and Cookies. We shall go over what these parameters are, how do they work, how they are tracked online and how you can spoof or protect these parameters from revealing details about you.
IP Address :
An IP Address (Internet Protocol Address) is a unique address that is used to identify a device on a the internet or a local network. This allows information/data to be sent between devices on a network. An IP address is a string of numbers separated by periods (for example – 192.168.0.1). Every device will have its own unique IP address. To know more about what an IP Address is and how each device is assigned a unique address, you can read this in-depth article from Kaspersky by clicking here.
Since every device on the internet has its own unique address, it can be used to track who you are, what websites you have visited and so on. An IP Address also gives information about the general location of a device which can reveal information about which city and country you live in. Fortunately, it is relatively easy for anyone to spoof their IP Address and stop their devices from revealing such information.
To do this, we can make use of VPN softwares or applications. A VPN (Virtual Private Network) essentially spoofs your IP Address with one of its own and then connects it to the internet. This means that any requests you make on the internet, goes to the VPN, the VPN replaces your IP Address with one of its own and then forwards the request to the website you are visiting. This ensures that your location and your actual IP Address remains hidden to the websites you visit and you are not tracked online when surfing the web.
MAC Address :
A MAC Address (Medium Access Control) address is a physical address used to identify a device. Unlike IP Address, which is a logical address assigned by the Internet Service Provider, a MAC address is hard coded on to every single device by the device manufacturer. A MAC address is essentially tied to your identity as it can prove that you are the owner of a particular device.
When you purchase any device and register it for warranty, the MAC address of the device is with your name, address, phone number and other personal information that is used to identify the owner of the device. To know more about what a mac address is and how it is used in device to device communication, you can read this Wikipedia article by clicking here.
A mac address is tied to an IP Address on the local network. This is essential for devices to communicate with each other and to the internet. Since mac and IP Address are tied together, identifying an IP Address on a local network will also reveal the mac address of a device and vice versa. To spoof the mac address of your device, you can use tools like Technitium Mac Address Changer or TMAC (for Windows), Macchanger (for linux) or MacDaddy (for Apple computers). Thus spoofing your IP address and mac address ensures certain degree of protection online and prevents you from being tracked online to a certain extent.
Most websites that you visit today require you to enable cookies for a greater user experience. Let’s see how true this is. For example, a person who uses Gmail everyday, will have Google’s cookies stored on their device. If there is no cookies stores, the user will have to login with the username and password each and every time they wants to access the website. If the cookie is deleted, the user automatically logs out from the website.
Many websites implement cookies that expire after a certain period of time. The cookies installed on devices by companies such as Google remain on a device for two years! A cookie not only automatically allows you to login to a website, it also tracks users browsing history and sends information about all the websites a user has visited to the parent company. This means that if you have signed in to Google and allowed for the cookies to be stored on your device, information of all the websites you visit and your online activity is sent to Google.
Apart from this, cookies also contain a parameter called Session ID – this is the parameter that keeps you logged in to a particular website. Hackers use a technique called session hijacking to capture the session id and can login to a website through your identity. Thus, if your device is compromised, or has malware, your session id can be leaked to sources and give them access to your online accounts.
There are a few methods through which you can eliminate the risk of using cookies. First and foremost is that you do not store any cookies on your device. Browsers can be configured to delete cookies on exit. But the trade-off by doing so is a degraded user experience. Every time you need to access Gmail or Facebook, you will have to manually login to the websites. Browsers can also be configured to delete history on exit, which ensures even more privacy since the cookies will not be able to track the websites visited, when there isn’t any in the browsing history.
In the next part we shall discuss about the next 4 parameters that make up the 7 parameters that determine how every individual is tracked online. If you haven’t checked out the previous article, be sure to check it out.