Digital Privacy, a Primer

A disclaimer up front: I intend this post to be a baseline. If you have spent even a little time working on personal privacy on the internet, you’re probably familiar with a lot of or all of the things I’m about to mention.
Second disclaimer: I am not a professional cybersecurity expert, nor am I an expert of any kind.

Digital privacy is important for everyone, but especially those of us who intend to act in resistance or opposition to the oppressive systems that we must operate in. We are well past the days of “don’t share your personal details with strangers on the internet.” The digital landscape of the 2020s is one that is usually just passively stealing data, but is often actively predatory. If you want to keep your data, your devices, and yourself safe online, these are the things I would start with. Strap in, this is gonna be a long one.

Section 1: The Basics — these are what I consider the absolute minimum of digital security

  • Get a password manager. I use Enpass personally, but there are plenty of good options out there, such as Keeper and Bitwarden. Using the password manager, adhere to these password best practices. Your password should be:
    • At least 10 characters, preferably 12 or more. For example, a 6-character password can be brute forced in about 0.06 seconds, a 12-character password will take 34 thousand years
    • An arbitrary combination of uppercase, lowercase, numbers, and symbols
    • Entirely unique, not just a template with a few changes each time
    • Non-identifying. Do not use names, dates, places, or personal info, even if you obfuscate by adding in numbers or symbols
  • You can use this password tester to check the strength of your passwords
  • Make your master password (the one for your password manager) the strongest possible password you can easily remember – using a long string of words can work in place of an arbitrary password if necessary. Physically write down your password as a back-up, and store it with your personal documents.
  • Use a privacy-friendly web browser. The most popular is Firefox, but there are plenty of options. I personally do not recommend Chromium browsers, but I know many people swear by Brave. For a more intense version of Firefox, I recommend LibreWolf or Mullvad Leta.
    • Change the security settings on your browser to the strictest that you are comfortable with. Keep in mind that there will always be a trade-off of convenience for security.
    • Install some or all of the following extensions/plugins:
      • uBlock Origin
      • Privacy Badger
      • Decentraleyes
      • ClearURLs
  • Wherever possible, set up two-factor or multi-factor authentication. A text or email verification is the minimum, but a one-time code using a service like Google Authenticator or Ente Auth is much better. Many password managers will also be able to do this natively.
    • For those who want a step up in security, you can use a physical security key such as Yubikey. Just don’t lose it.
  • When signing up for a new website or service, avoid using the “sign in with Google/Facebook” options. Instead, make a new username/password every time and add it to your password manager. The more your accounts are connected, the more vulnerable they are.
  • Never click on a link when you are not absolutely certain where it leads. You can use this URL checker to see where a link leads before you click it, but you can always just ignore it.
  • Never access or input sensitive information on a public or unsecured wifi network. If you need to, use a VPN (more on that a little further down).
  • I suspect this one goes without saying, but never leave your personal devices unattended in a public or unfamiliar place.

Section 2: Going a Little Further — these are things that I personally do or recommend, in addition to the basics above

  • Use a VPN (Virtual Private Network), especially when connected to a public, unsecured, or unfamiliar wifi network. I personally use Mullvad, but there are plenty of good options out there. A quick google will get you lots of choices. Here are some considerations:
    • Does the VPN store logs or data about your internet activity, even anonymized?
    • Is the VPN company based in one of the Five Eyes countries, or the secondary Nine Eyes countries? Google this for more info.
    • Does the VPN have a killswitch? Is it on by default?
    • Does it offer more advanced security features like multihop, DAITA, or quantum-resistant tunneling?
  • Encrypt your computers hard drive. On Mac, this feature is called FileVault, on Windows it’s called BitLocker. For Linux users, look up encryption for your preferred distro.
    • This is an extremely important password, and you should keep a physical copy with your personal documents along with your master password.
  • For situations where you don’t want to share your personal phone number, consider getting a VOIP number, through services like Google Voice or Burner.
  • For situations where you don’t want to share your personal email address, you can use a service like 10-Minute Mail for short-term throwaway addresses, or something like Addy.io for long term aliases.

Final Section: A Privacy Mindset

Tools like the ones listed above are a huge step to being more secure online, but they’re only going to be truly effective if you behave on the internet in a secure way. Putting your real name and address into any old website that asks you to make an account puts you more at risk. Allowing location services on the Dunkin Donuts app because it’s just so convenient means that one more corporation knows where you’re going. Getting a wifi enabled coffee maker just gives someone a much easier point of entry into your network. Often bordering on always, convenience is at odds with privacy.

When I say a privacy mindset, I mostly mean that you should be intentional about what you do online. You should think twice before you make a new account. You should make it a habit to turn on your VPN when you leave the house. You should default to leaving location services off and use a 6-digit PIN instead of Face ID. You should avoid complacency, because you are most valuable to some faceless corporation who wants to sell your life away when you are complacent.

Whew. Okay, I know that was a LOT of text. Sorry about that. But there’s a lot of stuff that can screw with your digital safety, so there a lot of things we need to do to keep ourselves safe. You do not have to take my word on this stuff. Do some googling, go to r/privacy or find the million people on TikTok who do this stuff professionally (or at least say they do, be careful!).

And remember, you’re only as secure as your least secure friend, so be sure to encourage those in your orbit to improve their security as well. Hell, send them this blog post! I could always use the exposure.

~Inchoate Clay

Post Views: 13

Posted

in

,

by

Inchoate Clay

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *