Well it's gotten way more complicated, but here's the 2019 update on what to do. Now this won't for everything and it will break some sites, but some good recommendations (with notes on issues) are:
- Cloak your DNS. Believe it or not ISPs do track what requests you are making. This is pretty simple thing to do. If you have an iPhone or Android, you can even download the Cloudflare 126.96.36.199 application. It's a bit technical, but you basically replace your default DNS with Cloudflare one. At some point they will implement DNS over HTTPS which will prevent snooping and prevent spoofing (those names both rhyme I just realized). For a Mac, it is is more complicated, for each Wifi access point, you access, you open up Apple/Preferences/Networking/Advanced/DNS and click on the
188.8.131.52. If you ever wonder why typing in a random wrong address leads you to an ad page, your ISP is looking at your DNS queries.
- Cloak your DNS on your phone. You can do the above or download the
184.108.40.206application which uses the VPN features to route traffic to the right place.
- Ad Blocking on a Mac. You should turn all all the Safari ad blockers and privacy stuff and I also load uBlock Origin. This is spread across all your Firefox and Chrome browsers automatically, but you have to load for each machine with Safari.
- Ad Blocking on an iPhone. This is more complicated because you should definitely load a Safari ad blocker. I use 1Blocker, but you also need to block applications which are notorious for leaking information. Disconnect has a nice application for this called Privacy Pro. Seems to work and it is incredible the number of trackers every IOS application has. It's really sad that Android won't even allow such a tool on their platform, but they are ad based after all. The only tip is that this conflicts the the Cloudflare 220.127.116.11 application, so if you use both, then you have to do the same go into the DNS of each Wifi network and set 18.104.22.168 there.
- As an aside, I use the free versions of 1Blocker and Privacy, I'm not quite sure what the pay ones buy you.
- Finally, if you are really paranoiac, then get NordVPN. This is a full VPN that is pretty inexpensive and seems reliable to me. The main reason I don't recommend using it full time is that certain sites like amazon.com and bankofamerica.com have blocked these VPNs for fraud reasons, so you have to know to connect and reconnect. And on laptops and phones, while you can set it for reconnect when you see a new network, I don't find that this works all the time. And with public wifi spots, it really is flaky. Still, if you are every in a place where you don't know if it is the real
Google Starbucksor someones laptop, then this is a good thing to do.