Privacy and Security Tips for Online Betting

Common Internet Privacy Threats

List of internet dangers in India

Assaults on internet privacy come from many directions. Governments, internet service providers, and malicious hackers can chip away at privacy in a myriad of ways. Security is an evolving set of habits, not a constant state to be achieved, contrary to popular thought.

When online, users are concerned about privacy for various reasons. The good news is that a great deal of privacy can be achieved depending on how users conduct themselves on the internet.

But users have to remain vigilant””using common sense and some technical knowledge to stay safe.

Threats to online privacy generally stem from two sources – revealing your IP address and social engineering attacks.

An IP address is unique identifier which can be used to locate the geographical location of a user and can be tracked across different sites to potentially learn everything you do online. Depending on what you do online, this can reveal a lot and as far as privacy is concerned is one of the most important aspects of online activity to protect.

Try a search for “What is my IP address?” and you’ll see why this needs to be hidden.

There are some very simple way to go about hiding this. Some of these methods have the added benefit of hiding activity from an internet service provider, who are often eager to curtail activities such as online betting and peer-to-peer file sharing.

Despite the amazing software and tools available to protect people on the internet, the largest threat to users’ privacy is themselves. Poor habits can readily undo the strongest protections. Hackers know this. Human error is the number one way malicious parties compromise computers and networks.

For example, when large companies pay to have their network security tested, the testers will generally be able to find a vulnerability by simply dropping a USB drive or DVD loaded with malicious code. Sometimes they make it a little more tempting by writing “Confidential,” or putting a competitor’s logo on it. For the average user, the bad habits can be different but equally as detrimental.

The best piece of advice for staying private on the internet is to separate public and private profiles. If a user doesn’t want a betting site associated with them, but logs on at the same time every day at the same time he or she logs on to social media sites, it becomes easy to correlate the two identities.

A good rule of thumb is that when trying to stay private, users shouldn’t mention anything from their personal life (tattoos, geographical location, favorite color, etc).

If you aim to play on an online casino from India it is wise to hide your identity as IP tracking is the only way goverment institutions have to prosecute online gamblers.

Recommended Security and Privacy Setup

This guide will help you configure a security and privacy protection combination depending on the level of security you are looking for and the effort you are willing to put in.

Basic

Anti-Virus + Anti-Spyware + Strong Passwords

We recommend the basic setup for everyone  for security purposes.

Good

Anti-Virus + Anti-Spyware + Strong Passwords + VPN

Adding the VPN will help add a level of privacy to your internet activity.

Better

Anti-Virus + Anti-Spyware + Strong Passwords + VPN + Password Authentication

The addition of Password Authentication will add an additional layer of security to your accounts.

Best

Anti-Virus + Anti-Spyware + Strong Passwords + VPN + Password Authentication + Live Boot Operating System + Anonymizing  Networks

This setup takes a lot of effort and to an extent, knowledge. However, it provides one of the highest levels of protection available.

Methods to Protect Privacy

Proxy Server

One of the simplest means of hiding an IP address is using a proxy [1]. This is a site which will connect to another site for you, giving the destination site the proxy’s IP address instead of your actual address. However, these sites are generally well known and connecting to them is unencrypted, which still allows ISPs and malicious hackers to look in on your activities.

Recommended Proxy Servers:  Proxy.org    [2]

Virtual Private Network (VPN)

Proxies are best used in conjunction with a  Virtual Private Network, or VPN [3].

A VPN consists of special software which allows an encrypted connection to a remote network which will then connect to destination sites. Because the traffic is encrypted, it allows your activities to evade prying eyes on a public network (such as coffee shop wifi).

Like everything on the internet, these come in two flavors – free and paid. And also like everything on the internet you’re either being sold a service or you’re being sold as a service to someone else. For true privacy, free VPNs are never recommended because they always log data. When choosing paid services, look for those that allow connections to servers in multiple countries (especially ones that have strong privacy laws such as Sweden).

The best VPNs will also allow anonymous payments (such as Bitcoin or retail gift cards) and fake or disposable email addresses for registration. Good VPN services shouldn’t log data either.

As mentioned, this security can be layered with proxies (which can also be layered with other proxies) making an IP address even more hidden. The more layers of security you have between you and a website, the better the chance of not revealing an IP address.

Recommended VPN: HideMyAss.com and IpAanish.com

Here is a short tutorial video on how to setup HideMyAss VPN

Anonymizing Networks

How to hide yourself in the internet India

Another popular way to use the internet anonymously is through use of anonymizing networks, such as I2P [4] and the Tor network [5].

I2P works by sending encrypted messages between apps. It obscures both the sender and receiver of communications. It allows special sites to be set up (called “eepsites”) which are only accessible on the I2P network.

Tor works much like a VPN, encrypting traffic and sending it through other servers. However, unlike a VPN, Tor traffic is encrypted and bounced to multiple servers before being unencrypted by the exit node which connects to the destination website.

Because of its unique protocol, there are websites which can only be accessed by using Tor. The software has been used by whistle blowers, private citizens in oppressive countries, and government agencies to hide users’ identities. Unfortunately, it has also been used by criminals making Tor users potential targets for state-sponsored malware to catch bad guys. Out of these two, Tor is much larger and more common network than I2P.

VPNs, I2P, and Tor each have their own advantages and disadvantages. If you are looking to spoof your location (make it look like you’re somewhere specific) VPN is a great choice, whereas doing this with Tor or I2P is difficult. Usually, users won’t notice much of a drop in speed with a good VPN. I2P can also see fast speeds, since it doesn’t pass through any other nodes. It was made for peer-to-peer sharing, so that a lot of activity won’t bog down the network for everyone. Tor on the other hand is typically very slow since it depends on a very large network with many nodes.

VPNs have all the traffic pass through a centralized location, so users have to trust that the service isn’t acting maliciously and hasn’t been compromised by other parties. Tor and I2P are decentralized, making trust in their security much easier. So one of these services is not a replacement for the others, rather they are all complementary tools to retain privacy on the internet.

Recommended  Anonymizing Networks:  I2P and Tor

Privacy Focused Search Engines

This is good for any internet search, but there are some search engines that were created with privacy in mind for the users.

Most search engines will record your search data, IP address, and so on. They use this primarily for marketing purposes, where ads will be tailor made for you depending on your internet behavior. Using a privacy focused search engine adds an additional layer of privacy protection. It is easy to use, simply preform your searches with these search engines instead of Bing.com or Google.com.

Recommended Privacy Focused Search Engine: Duckduckgo.com

*Online gambling from India hasn ´t been fully forbidden since the laws are old and ambiguous not clearly defining which games are legal to play and which aren ´t. For the moment several bookmakers allow users from India without penalty, but it is always wise to consult the laws of your province concerning gambling.

The Complicated Threat of Social Engineering

Securing your IP address is not enough to assure privacy though. The most frequent way for people to compromise their security is through social engineering. This involves manipulating the human element to perpetrate an attack.

People are the most vulnerable and easily compromised aspect of any secured network. For example, phishing is a form of social engineering, using low-tech emails to gain login credentials, social security numbers, credit card numbers, etc. Social engineering is also used to trick people into installing malicious software which can be used to unmask users trying to stay private.

While the best defense against social engineering is vigilance and common sense (and sometimes not-so-common sense), there are a few things that will help protect your privacy when online.

How to Protect Yourself From Social Enginneering

Look for Secured URLS (HTTPS) – Difficulty Level: Novice

 Always use HTTPS when possible. This allows a secure, encrypted connection to websites which support the HTTPS protocol.

Firefox and Chrome both have an add-on available from the Electronic Frontier Foundation called HTTPS Everywhere  [6] which makes HTTPS connections by default. The protocol is seeing more widespread use, but it still has ways to go.

Not using HTTPS could allow someone on the same network to easily view the traffic and potentially hijack online accounts. Using the HTTPS add-on is the easiest thing anyone could do to protect their traffic.

Anti-Virus Software – Difficulty Level: Novice

The usual computer security advice is always applicable. Use anti-virus software.

Windows comes default with Windows Defender, which is very effective. However, it is usually recommended to have multiple anti-virus programs installed (although not running simultaneously). Some programs can miss pieces of malware and having multiple programs helps to fill in these holes. But having them running live protection at the same time and cause them to interfere with each other.

Anti-spyware is equally helpful in keeping a computer protected. Spyware is used to track users and most commonly target them with ads. But it can just as easily be used to compromise privacy in other respects. They’re only effective when used correctly though, so it is important that they are updated (use auto-update if possible) and used frequently (scheduled scans are the easiest way to accomplish this).

Many times, these programs include additional features such as rootkit scans, which allow for deeper checks to dig out more nasty programs. Over time, these tools can become obsolete, so users should make sure to keep their software updated and be aware of the latest technologies to protect themselves on the web.

Recommended Anti-Virus/Spyware Software:  avast.com [7]  and  kaspersky.co.in  [8]

Strong Passwords – Difficulty Level: Novice

Learn how to make a strong password easy to remember India

In addition to using anti-virus, the most commonly recommended (and neglected) aspect of security is strong passwords.

Never use the same user name and password combination on different accounts. On sites where privacy matters, don’t use a name that you publicly display elsewhere. With passwords, the longer and more random it is, the smaller probability of it being cracked. A long password that isn’t random is almost useless. If it’s 120 characters, but it’s a verse from the Iliad, there’s a good chance of it being broken.

Numbers and symbols add complexity and should be used as much as possible. Security researcher Bruce Schneier [9] has come up with one of the strongest methods for inventing a password.

Take a sentence that is memorable, and come up with a scheme for abbreviating it using substitutions and punctuation. For example, the sentence “It’s all about risotto. I’ve never eaten risotto,” could become I’sa11aR;1’3nEatNR. This is a password which could be recalled by remembering the seed and the kind of scheme used to randomize it.

Password Authentication/Verification  – Difficulty Level: Intermediate

Since the most complicated password could be captured through a key logger, phishing, or some other social engineering attack, it is advised to use two-factor authentication when possible [10].

The term two-factor authentication is general, just meaning that two separate actions are required to sign in to an account. Most commonly, for online services this is in the form of a chosen password plus a one-time password.

There are various methods for accomplishing the second part. Google has an app called  Authenticator [11] which produces a new random string of numbers every so many seconds. Once Authenticator is associated with an account, the account requires both the user chosen password and the one-time password to sign in.

Tip: The availability of this method will depend on the site or service that requires the password for log-in (i.e. betting site, ewallet, email, etc).

Betfair Betting Exchange: Log-in to your account. Go to “My Betfair Account”. Look for “Account Details”. Under the “My Security” tab you will see the screen for authentication setup. Follow the instructions and select your options.

Neteller eWallet: Sign-in to your Neteller account and find the setting page. Be sure to have your mobile device with you. Follow the instructions to activate authentication.

Gmail eMail Service:  Simply go to the reference section with numeral  [12] and follow the steps to sign up for a 2 step verification.

Live Boot Operating System – Difficulty Level: Advanced

Some users prefer to do so using a live boot operating system.

These are operating systems which boot off of removable media, such as a USB drive, CD, or DVD. As such, they generally do not use the hard disk on the computer, only operating from RAM, leaving little to no trace on the host machine. They can be used on a public computer to avoid malware on the machine and allow connection to Tor or a VPN.

Linux operating systems such as Tails [13] and Liberté [14] are two popular distributions that connect through Tor by default, allow the boot disk to be encrypted, and will erase the only remnants of itself from the computer upon shutdown.

Liberté allows I2P to be run through the Tor network, doubling up on security. If the drive is encrypted, it also makes it a good way to carry personal files. The process for installing these has been made simple, making it a very convenient way to keep personal settings and files portable while still retaining a great deal of privacy.

The fight to stay private on the internet requires careful hands and a whole new set of habits, but it is a worthwhile fight. Fortunately, there are many tools available to shield users’ identities when surfing the internet. But over time, these tools become obsolete against more powerful computers and more advanced attacks. Using the latest tools is important and using them correctly even more so. But what will always hold constant is the necessity to have good habits.

Additional Privacy and Security Tips

Please add content here in bullet point form.

References

[1]  proxies.us, What Are Web.Based Proxy Sites?, 2002

[2]  proxy.org, Recommended Proxy Servers, 2015

[3]  privateinternetaccess.com,  Protect Your Privacy With a  VPN Tunnel, 2015

[4]  geti2p.net, The Invisible Internet Project, 2015

[5]  torproject.org,  Anonymity Online, 2015

[6]  eff.org, HTTPS Everywhere, 2015

[7]  avast.com, Avast Antivirus Software, 2015

[8]  kaspersky.co.in, Kaspersky Anti Spyware Software, 2015

[9]  schneier.com,  Choosing Secure Passwords, 2014

[10]  lifehacker.com,  Here’s Everywhere You Should Enable Two-Factor Authentication Right Now, 2013

[11]  play.google.com,  Google Authenticator, 2013

[12]  google.com, Google Account 2 Step Verification Process, 2015

[13]  tails.boum.org, The Amnesic Incognito Live System, 2015

[14]    dee.su, Liberte Linux, 2012