Virtual Private Networks, while not absolutely necessary or a complete defense in themselves, are the bast starting place for a privacy/security-minded individual on the internet. I do not have the space and time here to do a full exploration of VPNs, but I can give a brief overview.
All of the internet traffic you generate is sent from your machine, through your connection, directly to your ISP (Comcast, Century Link, Verizon, etc.), more or less. At which point, their servers analyze that traffic and route it to the appropriate destination (more or less). That destination receives your information and usually sends something back to your machine, via the ISP. The method by which “they” know where to send your information is by way of IP addresses. Your machine is assigned a special address that has all of your traffic and history tied to it (more or less).
Unscrupulous corporations, such as Google, the NSA, your ISP, and other more secret covens of crackers, can access and track that information sent between your machine and the rest of the world. Using this information and access, they can do relatively minor things like look at your naked pictures, steal your credit card number, or break your computer. With a little more elbow grease and smarts, “they” can plant any sort of evidence on your machine and ISP records to convict you of pedophilia, terrorism, or not liking the president, at which point you can expect modern-day ninjas to kill you in your sleep or disappear you into a black-site prison.
How does one protect themselves from such things without unplugging one’s computer and setting it on fire? Enter Virtual Private Networks.
Essentially, a piece of VPN software such as ProXPN encrypts your data on your machine before sending it to your ISP. It scrambles all of the data in a manner that only someone with the right secret code can un-scramble it, sticks it in what amounts to an envelope, labels the envelope “forward to this server over here”, and sends it to the ISP. The ISP sees this envelope the same way it sees any other traffic, and routs it to the server in question just like in the scenario before. This server, upon receiving the traffic from your ISP, then decrypts (un-scrambles) the information and sends it to the end destination. This way, the site that you want to visit sees the server and thinks that it is you, and uses the VPN server as the end destination and IP address to send information back to. The server then encrypts the data, sends it back to the ISP labeled “Forward to this guy,” and your machine decrypts the information on your machine itself.
This method makes your traffic essentially invisible to the ISP and makes most web-based cracker attacks. Also, you can get a discount when signing up, using Bitcoin!