+
posts   tags   about  

Privacy Primer - Life edition

I have talked a lot about this topic in specific areas. Now lets talk about the general guidelines.

Golden Rules

  • Never share private information online.
  • Pin lock your credit cards.

For Most People

  • Don’t use a web browser made by an organization with a strong incentive to track you. Chrome is functionally a great browser but its owner made $79 billion in ad revenue from selling what it knows about you last year alone. I use librewolf
  • Avoid using search engines from ad companies (google, bing, yahoo) especially if you’re logged in.
  • Disable 3rd party cookies and use a privacy add-on such as uBlock Origin.
  • Get rid of any extension/plugin you do not need. They see everything you do in the browser, even over HTTPS sites – including the passwords and card numbers you type – and they can do a lot of damage.
  • Use a password manager to generate strong, different passwords for all your accounts. pass, or keepassx are great.
  • Be suspicious about the links you have received by mail, especially if you’re directed to a login page.
  • Use a firewall that blocks apps from getting to the internet until you’ve actively whitelisted them.
  • Don’t give 3rd party apps access to your accounts.

For More Concerned Ones

  • Avoid email providers from companies who want to track you (Gmail, YahooMail, Outlook, Hotmail…). Better host your own mails.
  • Use a no-logging VPN to access the web. Better host your own VPN
  • Log out when you’re done; for instance, before you navigate away or close the tab from Facebook or your bank.
  • Do not give out true information unless you have to.
  • Understand that vanilla email is public so if you want to protect your communication (eg. sensitive documents), at a minimum put it in a password protected zip file and send the password via a different channel (phone or text).
  • Use end-to-end encrypted messenger instead of SMS whenever possible, and advocate for those close to you to consider doing the same. Signal is the safest bet.
  • If you do use cloud storage, use a service that can’t read your content. Google drive, Microsoft OneDrive, iCloud, DropBox and others look at your files and can turn them over to 3rd parties. Some will even takedown what you’re “not allowed to have”. Nextcloud on your own server is recommended.

For Most Concerned Ones

  • When signing up for an account from which you don’t really need to receive email (eg: forums, game apps) use a different throwaway email address for each account.
  • For the reason above, use a different username for each new account.
  • Block trackers and disable 3rd party Javascript by default, only enabling it where required (eg: Javascript libraries delivered via large Content-Delivery-Networks). uBlock Origin addon makes this simple.
  • Make your browser even more private with arkenfox
  • Get a VPS and host everything you need.