Security and privacy

Today I want to share with you how I protect myself on the Internet. Many of you would say: "(sighs) Give me a break! I have nothing to hide and I don't care if Facebook, Google, Apple, or goverment knows what I'm doing! I don't care!" Well, I know and completely understand your feelings since I was just like you, I don't care.

Ok, I don't have time...show me your setup: TL;DR

I recommend you to watch this documentary and maybe you change your mind.

After watching this back in 2016 I've had considerable reasons to change the way I look at my virtual identity and privacy. I quickly realized that I have to change my old habits and a couple of things like:

  • passwords
  • two-factor authentication
  • email
  • social networks
  • instant messaging
  • vpn
  • tracking

It's kinda security audit so let me show you how you can improve your online security and privacy.

Passwords

I don't want to repeat what has been written so many times about passwords so I strongly recommend going through this awesome HowToGeek article. There is everything you need to know about how to create and memorize a good password. And here is my favourite XKCD comic about passwords.

Password manager

I'm a lazy person and I just don't like to create and memorize all my passwords so I'm using a password manager. The password manager is a software application that is used to store and manage the passwords that a user has for various online accounts and security features. Password managers store the passwords in an encrypted format and provide secure access to all the password information with the help of a master password. My personal preference is LastPass, but you can choose another one. Here is a comparison of the most popular password managers https://bit.ly/2ISHMze.

Two-factor authentication

Two-factor authentication (2FA) is a way to add additional security to your account. The first "factor" is your usual password that is standard for any account. The second "factor" is a verification code retrieved from an app on a mobile device or computer. 2FA is conceptually similar to a security token device that banks in some countries require for online banking. You should enable it wherever you can. Most of the services like Google, Facebook, Amazon support 2FA.

E-mail

Another chapter is your email account. Most of us (me included) use some of the most popular email services like Gmail, Hotmail, and so on. Most of them do not support encryption and you have no guarantee that your emails are safe. So I decided to switch my emails to ProtonMail. It's a Switzerland company and its datacenter is in a rocky mountain so it's pretty cool! On the other hand, because of the encryption they use to protect your data, resetting your password is different from other, less secure email services. Your password is used to decrypt your emails, and they do not have access to it. Therefore, if you forget your password, you will lose the ability to read your existing emails. However, I would suggest ProtonMail. It's free to use.

Social networks

You should consider using social networks but it's up to you. I wouldn't not recommend anything here. In the documentary above there is a lot of talking about surveillance etc. However, I still use most of the social networks but I have this in my mind all the time. If you are from Europe, you are a lucky person because corporations like Google and Facebook have to delete all of your data if you want...at least they should due to GDPR and other regulations of European Union.

Instant messaging

I suppose you're using some of the popular instant messengers like Facebook messenger, WhatsApp or Hangouts. But you should consider switching to more secure and encrypted one like Signal or Telegram.

VPN

A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running on a computing device, e.g. laptop, desktop, smartphone, across a VPN may therefore benefit from the functionality, security, and management of the private network. Main benefits using VPN:

  • More privacy. Your connections cannot be linked to your computer...and you. You can visit any website and your ISP doesn't know where you've been.
  • More security. VPN connections are secure. The network is hack proof and all of your Internet activity is encrypted and unreadable in transit.
  • More website access. No more blocks or censorship. They can't prevent you from getting to websites based on an IP address.
  • More anonymity. Your true IP address is hidden! You're unidentifiable online because you're constantly using a different IP address, never your own. In fact, it typically looks as if you're in a different part of the world from where you really are.

Encryption is a common part of a VPN connection. I'm using NordVPN but there are plenty of alternatives. There is a nice comparison https://bit.ly/2HGsxGQ.

Track stoppers

Another thing you should consider is to use some kind of web browser plugin to stop being tracked. I think the best one is Ghostery. Also, you should consider changing your main search engine from Google to DuckDuckGo.

TL;DR

So here is my setup...


security, password managers, vpn