A Privacy & Security Toolkit

The tools below can immediately improve your overall Privacy and Security posture, are easy to setup, and mitigate the majority of risks we take with our data online.

  1. Purpose
  2. The Stack
    1. Layer 0
      1. VPN
      2. DNS
      3. TOR
    2. Layer 1
      1. Brave
      2. Firefox
      3. TOR
    3. Layer 2
      1. LastPass
      2. 1Password
      3. 2nd Factor Authentication
    4. Layer 3
      1. Email
      2. Messaging
      3. Search
      4. Social Media
  3. Ultimately
  4. More Resources

Purpose

When thinking about privacy & security for your devices that connect to the internet or the data you generate while you’re online, it’s important to understand that a single solution doesn’t exist, nor will it ever.

As technology evolves overtime and innovations are adopted widely around the Internet, the way we interact with the technology changes as well. It’s an individual’s responsibility to remain vigilant and spend some time considering the risks they may be taking when trying out a new app, or creating an account on a website. Unfortunately, for some individuals, the networks available to them are censored and hostile so they must consider protecting their location information or browsing history when conducting research or journalism.

Fortunately for us, technology is a great problem solver and many of these risks have already been mitigated by very common & simple tools that allow us to browse the internet in confidence.

With a little knowledge and a few tools we can be 100 time safer on a public wifi network while reviewing intimate finance or health documents. We can do research unhinged by social norms or taboos and journalism without fear of repercussion. Identity Thieves can remain at arms length, unable to use the most basic tactics.

Privacy and Security online is the ultimate expression of Personal Digital Sovereignty. Use the stack to get yourself up to speed and protected quickly and safely.

The Stack

Layer 0 (Network Security)

Your network security can be the single point of failure for your entire Privacy and Security Posture. If the data you transmit is over a compromised network, then it doesn’t matter how strong your password is, or how private your browser may be.

VPN

VPN stands for Virtual Private Networking. This technology routes all your Internet traffic through an encrypted tunnel to another network or gateway device before connecting you to the Internet. This removes your need to trust the network you’re directly connected to, but forces you to trust your VPN provider. There are some solid providers out there, but we use our own.

A VPN protects you by hiding your IP Address from websites you connect to, which hides your Geo-Location by IP Address, and encrypts your traffic so anyone on the same network as you (hackers, ISPs, Govt.) can’t see what websites you’re visiting. This also helps you remain anonymous on the websites you connect to, but only if it’s the only information you’re providing them.

VPN services are the only thing on this list that will cost you a little money. Beware free VPN services as they’re probably making money in other nefarious ways. However, the services provided are generally worth the cost. Our VPN plans start around $2/mo with a 12 month subscription.

DNS

DNS stands for Domain Name Resolution and is a basic Internet service that translates domain names like facebook.com and google.com to IP Addresses that computers connect to. Anyone with access to the DNS service you use could see what websites you visit by your computer’s DNS requests. A Private DNS service doesn’t log your requests, protecting the privacy of it’s users.

These services cost very little to provide and can often be found for free. Again, do the necessary research to make sure you’re going with a trusted provider.

Skylaski.com operates it’s own free to use Private DNS servers that follow our No-Log Policy. If you use our VPN, then you’re already using our Private DNS.

TOR

TOR will be mentioned more than once as it is actually a few different things. At the network level, TOR uses Onion Routing to route your traffic over an encrypted connection across random relays, potentially around the world. This is probably the most secure and anonymous routing protocol in existence. Not only is your IP Address hidden by 1 proxy like a VPN, but is encrypted independently across 3 or more proxies chosen at random.

Layer 1 (Browser)

Once your device is connected to a secure network, you should remain vigilant when using apps or software that use the Internet as well. Try to choose from well known publishers and make sure you keep everything as up to date as possible.

However, the tool everyone needs to browse the internet is a Web Browser. Most Browsers provide a good selection of privacy and security options, which should be explored in depth if you choose to use them. Below are some Browsers that have been developed with privacy as a priority.

Brave

Brave is a fairly new browser that places Privacy first, and uniquely leverages another new technology called Blockchain to attempt to pay users who choose to view ads and content creators who generate a lot of views.

Firefox

Firefox is a Mozilla Browser that has been around for a very long time. The project has pioneered many innovations in the browser space and continues to do so. Firefox has more recently placed a heavy emphasis on user privacy and security and has delivered an amazing Browser.

TOR

TOR is at it again. The TOR Browser is a Complete Anonymity focused browser that has the TOR Onion Routing protocol built into it. It can be run as a standalone Browser on most devices today and makes accessing Onion Services (Anonymous Websites) as easy as possible. You can also browse the normal internet using the TOR Browser and network as well, though the experience will be noticeably slower.

Layer 2 (Access)

Once you have your network and the browser you’re going to use to access it. You’ll need your username and passwords to access any services online like your bank or email account.

Most people store these in their head. While the skill itself is useful, it’s a bit impractical today considering every website we visit wants us to make an account. The only way to successfully access every site would be to use one or two passwords for hundreds of sites.

On top of that, these websites are constantly getting hacked and user information is dumped onto the dark web for sale on the cheap. The chances of having your account information somewhere on the Dark web today is high. The only protection against this reality is to use a different password for every single website you visit. This way, if your mechanic or other favorite online merchant gets hacked, only your account with that website is compromised.

This would not be possible without Password Managers. Not only do they remember passwords for you, but they can generate secure passwords when you’re creating an account, as well as auto-fill almost every potential form you come across making it easy to enter those super secure passwords we can’t remember. There are a handful of password managers on the market and if you’d like to know more check this out. Here are our recommendations.

LastPass

LastPass is probably the best bang for your buck, considering it’s absolutely FREE! Comes complete with all the features needed to be successful switching to using a password manager and sticking with it. Easy to use and has browser extensions and a mobile app.

1Password

1Password is another absolutely amazing password manager that will make sure your transition is as seamless as possible. Stop using sticky notes or precious memory to store your passwords. 1Password also has all the browser extensions you need and an app for mobile use.

2nd Factor Authentication

It’s worth mentioning that most places you are forced to have a password online also provide the option for 2nd Factor Authentication. These are services like; sending you a text message with a unique code before logging in, or asking for a code from an authenticator app, or physical security key.

No matter, what options are offered for 2nd Factor Authentication. Choosing at least one of them increases your account security immensely. Even if your password is stolen or leaked on the Dark Web, if 2nd Factor Authentication is enabled your account is still safe.

Make sure you check all your major accounts and ensure 2nd Factor Authentication is enabled. This can really save you in the long run.

Layer 3 (Services)

Choosing the right services for things like Email, Messaging, Search, ect can go a long ways towards ensuring your data is protected. We often don’t get to choose the tools we use to communicate with everyone, but when necessary these tools serve a huge purpose.

Email

ProtonMail is an email provider that offers a small inbox for free and automatically encrypts all email by default. A great provider of secure email.

Mailvelope is a nifty Browser extension that can manage PGP (Email Encryption) keys and auto-encrypt your email, even when using another web-based email provider (Like hotmail or gmail). Encrypt your regular email with Mailvelope.

Messaging

Signal is an open source, end-to-end encrypted messaging app that works on both Android and iOS as well as some desktops. Message your contacts securely as individuals or in groups, verify their identity and video chat.

DuckDuckGo is a privacy focused, complete search experience with apps and widgets for your phone as well as a privacy browser. No more “personalized” search results.

Social Media

Minds is one of the most unique platforms to come along in a long time. A complete social media platform with groups and blogs and all sorts of media, Minds runs on the Ethereum Blockchain, leveraging it’s own token to generate value for content creators and viewers alike.

Ultimately

The responsibility is on the user today to protect themselves while online. Your privacy and security are paramount to your Personal Digital Sovereignty.

This is just a beginning. These are the basics. The stack itself can and will change shape and take on new meaning as technology evolves.

There is also a compromise. As users we all live under unique circumstances. It might not be possible to completely remove Google or Facebook from our lives, but we can exercise the choices we do have on those platforms as well.

Most of our privacy and security is in this space, the settings. Today most of those settings default in the favor of those who need our data. Check them out, make sure they’re right for you.

More Resources

This is a never ending journey. To continue the path we highly recommend you check out the “Surveillance Self-Defense” guides hosted by the Electronic Frontier Foundation.

There are also some additional resources at our Forums.