How to Encrypt Internet Connections (6 Options)
Encrypting Internet traffic sounds cool, but how exactly do you do it? And what are the perks of bothering with this in the first place?
Well, here’s an in-depth and easy-to-scan article about how to encrypt Internet connections. Don’t worry – it’s a quick read, nine minutes tops.
What Exactly Is Encryption?
To keep things simple, encryption is the process of turning data from a readable format into an unreadable one. At its core, it’s all about using an encryption key to secure the data. Only someone who has that key (or a specific decryption key) can read it.
“Unreadable format” is pretty vague, but you can use this tool to get an idea of how it would look like.
In our case, we used the AES-256 cipher to encrypt this message “Hi guys!”. This is the encryption key we used “fgj5kig0813sfdfewbasd3453gafvafg.” Encrypted, the message looks like this “bTFR+qKhkQt2djukrfX+Zw==.”
Anyone who tries to monitor the contents of that message will only see that encrypted output. Only someone who has the original encryption key or a different decryption key can decrypt the message to see the “Hi guys!” text.
Can Encryption Be Cracked?
If you use an outdated encryption cipher (like Blowfish) with a small key size (64 bits, for example), a brute-force attack can crack it.
But if you stick to modern ciphers like AES and large key sizes (128-bit and upwards), you’re safe. If Tianhe-2, the fourth fastest supercomputer in the world, would try to crack a message encrypted with AES-256, it would take it around 9.63×1052 years (1052 in this case is a 1 with 52 zeroes, so that times 9).
Of course, as supercomputers become more and more advanced in the future, they’ll be able to crack modern ciphers faster. But, at the same, encryption ciphers will also become more advanced, so they cancel each other out.
Why Do You Need to Encrypt Your Internet Connection?
Is there any point to even bother doing this?
Yes. In fact, there are many reasons to make your Internet traffic unreadable:
- First of all, hackers can eavesdrop on and intercept unencrypted connections. They can either steal sensitive information that way (credit card details, passwords, etc.), or redirect you to phishing websites (since they see what URLs you are going to access).
- Cybercriminals can trick your device into connecting to a fake WiFi network which they run. If that happens, they can monitor all your online communications.
- Unencrypted traffic means your ISP can analyze your data packets to see what websites you browse and what web apps you use. With that information, they can throttle your bandwidth.
- If you use unencrypted connections, that pretty much means you’re okay with your ISP selling your browsing data to advertisers.
- Not encrypting your traffic means network admins can monitor it. That can be a problem if you are caught accessing “distracting” websites at work or school – like YouTube, Facebook, or Twitter.
- Stop governments from spying on everything you do on the Internet.
“But I’m already using encrypted WiFi, so I’m fine, right?”
Not really. When you look up how to encrypt Internet connections on Google, many articles will tell you to use encrypted networks (basically, the ones that require a password to get access).
Well, here’s the problem – most networks use WPA2 for encryption. Unfortunately, that security standard isn’t very good, and has serious vulnerabilities. You can actually find a lot of tutorials online showing you different ways to crack WPA2 passwords (here, here, and here).
The new WPA3 encryption standard is supposed to fix those problems, but even it isn’t without flaws.
Plus, here’s another issue – some networks might require a password to use them, but they might use outdated encryption like WEP and WPA.
Overall, just because you use encrypted WiFi doesn’t mean your data is safe.
How to Encrypt Internet Connections
Based on our research, you have six options at your disposal. It’s not mandatory to use all of them, but if you really want to make sure none of your traffic is exposed, it’s best to try them all together:
1. Only Browse HTTPS Websites
HTTPS is the standard nowadays, and some browsers won’t even let you connect to an HTTP website – and for good reason! HTTP means the website doesn’t encrypt your connection requests and responses. So anyone can spy on them.
If you only use an HTTP website to check out memes, it’s not that bad. But if you use it to make payments or type in personal information, you’re gonna have a bad time since anyone can see that data.
So if you really want to learn how to encrypt Internet connections, we highly recommend avoiding HTTP websites. Only browse HTTPS sites since they automatically encrypt your traffic when you visit them.
2. Use HTTPS Everywhere
HTTPS Everywhere is a browser extension for Opera, Chrome, Firefox, Tor, and Brave that automatically redirects all HTTP links to HTTPS pages if they are available. It’s pretty useful since some large websites still don’t use HTTPS.
Of course, HTTPS Everywhere won’t really help you if the site just doesn’t support HTTPS. But it’s still a nice security measure to have.
Lastly, consider using uMatrix and uBlock Origin too. They don’t encrypt your connection, but they can block malicious scripts and ads. That really comes in handy if you somehow land on a shady HTTP website.
3. Only Use End-to-End Encrypted Messaging Apps
When you want to message someone, you just type a text in your smartphone and send it, right? Or you send them a message over Facebook Messenger.
Those methods are convenient, sure, but they’re not really private. Text messages can actually be exposed or leaked if the company handling them doesn’t use any encryption to secure them. Also, Facebook Messenger doesn’t use end-to-end encryption by default, meaning the company can keep tabs on your conversations with your friends.
And that’s not all. Consider the fact that the NSA is known to collect millions of text messages, and that companies like Apple, Facebook, and Skype are part of their surveillance program (PRISM).
Sure, you can use end-to-end encryption with Facebook Messenger if you enable the Secret Conversation feature. But here’s the problem – it won’t encrypt group messages, GIFs, payments, or voice and video calling. And again – Facebook is part of the NSA’s surveillance program. Just how much can you trust their encryption?
If you really want to secure your connections, you need an app that doesn’t raise any red flags. Here are some recommendations:
- Signal – The app has been recommended by privacy advocates like Edward Snowden and Bruce Schneider, and it’s even the app of choice for the European Commission. Besides having end-to-end encryption, it’s also open-source. While it recently had an eavesdropping exploit, the issue got fixed quickly.
- Wickr – While mostly aimed at businesses, individuals can use it too. It’s opens-ource, has end-to-end encryption, and doesn’t require an email address or phone number to sign up.
- LINE – A very secure app that started out as a communication solution developed by Japanese engineers after an earthquake in 2011.
- Threema – While not free, it offers excellent security – end-to-end encryption, no phone numbers required, and it deletes your messages from their servers once they’ve been delivered.
Let’s also take a look at one encrypted messaging app that pretty much everyone recommends:
- WhatsApp – While it does offer end-to-end encryption and Facebook confirmed they can’t read WhatsApp messages, there’s still the PRISM issue – namely that Facebook is part of it. That pretty much means they share data with the NSA. Also, the app had problems with spyware in 2019.
We’re not saying you shouldn’t use WhatsApp at all. But if you do, be wary of what you share on it.
4. Use DNS Over HTTPS
DNS stands for Domain Name System, and its role is to translate IP addresses into website names and vice versa.
When you want to connect to a website by its name, your browser will send a DNS query to your ISP’s DNS server to retrieve the site’s IP address.
So far so good, but here’s the problem – DNS queries aren’t usually encrypted. That opens you up to many risks – MITM attacks, ISPs spying on your browsing, and DNS filtering.
How do you use DNS over HTTPS, though?
It’s not too hard since most browsers already support it. Here’s a guide showing you how to enable it. If you want to use DNS over HTTPS outside your browser, try out 126.96.36.199 (tutorials included on the site). It’s much faster than OpenDNS or Google Public DNS.
5. Use a VPN
- You use a VPN client on your device to connect to a VPN server.
- The client and the server negotiate the connection, and establish an encrypted tunnel between them.
- From then on, all your traffic will pass through that tunnel. If anyone tries to monitor it, they’ll just see gibberish (like the encrypted message example we gave at the start).
VPNs are very simple to use, and most of them use the latest encryption ciphers. You can read more about VPN encryption in our guide.
Start Encrypting Your Internet Connections With CactusVPN Right Away!
If you need a VPN, just check out our service. We offer AES-256 encryption for most protocols, which is basically military-grade security. Besides that, we don’t keep any logs, offer secure protocols like IKEv2, SoftEther, and OpenVPN, and we have support for DNS over HTTPS.
If you want to test out our VPN first, use our free trial.
6. Use Encrypted Email Services
Gmail, AOL, and Yahoo! might be popular and convenient, but they’re not a good way to encrypt all the email data that goes through your Internet connection. Here’s why:
- Google lets third-parties scan your emails. Yahoo! and AOL have also been accused of scanning emails for data they can sell to advertisers.
- Around three billion Yahoo! accounts were exposed to a data breach.
- AOL reportedly has the highest email breach rate.
- Despite making promises, Yahoo! and Google haven’t implemented end-to-end encryption yet, meaning they can scan your emails on their end. Many other email providers on the market had no problem offering it, so this is a pretty big red flag.
Also, you can read more about email encryption in our guide.
Should You Encrypt Your Connections With Tor?
A lot of articles and people will tell you to do this. It’s mostly because Tor adds multiple layers of encryption to your connections (usually three).
While that does sound good, there are some problems:
- The exit node (the last Tor server your traffic passes through) decrypts your data. So it can see the contents of your traffic. If a cybercriminal or a government agent were to run the node, they could spy on your Internet connections.
- Wait – hackers and government agents? Running my Tor nodes? It’s more likely than you think. Researchers managed to find malicious nodes before, and it’s not exactly a secret that law enforcement agents might actually run some nodes.
- Tor has some suspicious links to the US government. You can read more about them here (points #5 and #6).
If you really want to encrypt your Internet connection with Tor, you need to run it over a VPN. By that, we mean you should connect to a VPN server before connecting to the Tor network. That way, even if a malicious node decrypts your Tor traffic, the person running it will only see encrypted VPN traffic.
However, keep in mind that if you do that, you’ll get pretty bad speeds. Tor already has slow speeds, and a VPN slows them down too.
Remember to Use Antivirus Software Too!
Encryption is a great way to protect your data from hackers, but it can’t protect your device from malware infections. All the solutions mentioned in this article will only secure your data at the online level, not the offline or hardware ones.
So make sure to use antivirus solutions on all devices.
How to Encrypt Internet Connections – The Bottom Line
Encrypting your web traffic is very important if you want to avoid cyber attacks, pervasive ISP spying, and government surveillance.
The best way to encrypt your connections is to use encrypted messaging apps, VPNs, encrypted email services, DNS over HTTPS, HTTPS websites, and HTTPS Everywhere.
Know how to encrypt Internet connections in other ways? Go ahead and share your thoughts with us in the comments or on social media.