Privacy guide
Here's some tips on how to improve your privacy on the net! Disclaimer: This is by no means expert-level information; this is just a random collection of useful tips gathered from the web.
- USE SECURE PASSWORDS! Never use the same password for multiple websites. Generate and store password with a password manager when possible, but do not use proprietary or cloud-based password managers. Good password managers include pass[1] and KeePassXC[2]. Your password manager should itself also be encrypted with a password. For password you aren't generating with a password manager, ensure they are memorable and use letters, numbers, and other characters. Avoid using names of pets, family members, or anything else that could be traced back to you.
- Use 2FA whenever possible. Do not use SMS, though! Use an OTP authenticator if available.
- Give fake answers for security questions, and store them in your password manager.
- Absolutely do not ever use Windows. Linux is a great alternative, seriously recommended. If you do decide to use Windows (don't!), you should look for one of the many tools available to harden it. Note that even with these tools, Windows is still a privacy and security nightmare, and should absolutely not be used for anything important.
- Don't use Google Chrome/Chromium. Firefox is a good alternative if you harden it[3]. Tor Browser is even better than Firefox, but keep in mind that Tor tends to be very slow, so if you are using an already slow internet connection you may want to avoid it. Also note that many applications (Discord, Atom, Element, to name a few) are written using "Electron", which is a modified version of Google Chrome with many sandboxing features removed. Electron has many known security vulnerabilities and should never be used.
- Avoid proprietary software when possible (open source rules!)
- Avoid web browsing when possible. In particular, do not use Google services; if you have a Google account, delete it. When using the web, do not give information (phone number, address, etc) to websites that don't have a good reason for needing it.
- Review all permissions granted to mobile apps; do not grant permissions which are not needed.
- Delete accounts you no longer use.
- Don't use SMS; it has no support for encryption whatsoever. You should also avoid chat services such as Discord which are known for heavy use of tracking and violating user privacy.
- Use a VPN or Tor. Note that using a VPN **does not automatically make your connection private**; you need to ensure that your VPN provider does not log your traffic and change your IP address frequently, and even then absolute anonymity is not guaranteed. The vast majority of commerical VPN services use deceptive marketing, and do not enhance your privacy whatsoever. Tor[4] is a much more reliable option, with the only major downside being that Tor is much slower than traditional VPN services. Unlike commerical VPN offerings, Tor is run by a 501(c)(3) nonprofit group aiming to protect human rights amongst prosecuted groups.
- Use secure email. Do not use a web email client; instead, download an open source client to your device, and ensure that your client is connecting to servers securely via IMAPS and SMTPS (rather than unencrypted IMAP or SMTP). Use OpenPGP[5] encryption to provide further protection. If you need an email address for an online account you don't care about, use a disposable email service such as Guerilla Mail[6].
- Do not use biometrics. Face recognition and fingerprint scanning is convenient, but not good for security. Most commerical face recognition devices can be defeated very easily.
- Full disk encryption should be used if your device contains information that you would not want someone to get hold off in the event that your device was stolen.
- Ensure your camera app does not save location tags. As an extra precaution, strip EXIF metadata from any images before you upload them to the internet.
You may not want or be able to follow all of the above rules, but you should follow as many as you can in order to ensure your safety on the internet.
[1] pass homepage[2] KeePassXC homepage
[3] Firefox hardening guide by PrivacyTools
[4] Tor Project homepage
[5] OpenPGP information and help
[6] Guerrilla Mail homepage
