As a modern digital citizen, its important to protect yourself and your data online. Below is a quick list of tools and introductions to concepts that can get you started. This is meant to be a basic guide for those who are new or curious about Privacy and Security online. The tools below can immediately improve your overall Privacy and Security posture, are easy to setup, and mitigate the majority of risks we take with our data online.
- The Stack
When thinking about privacy & security for your devices that connect to the internet or the data you generate while you’re online, it’s important to understand that a single solution doesn’t exist, nor will it ever.
As technology evolves overtime and innovations are adopted widely around the Internet, the way we interact with the technology changes as well. It’s an individual’s responsibility to remain vigilant and spend some time considering the risks they may be taking when trying out a new app, or creating an account on a website. Unfortunately, for some individuals, the networks available to them are censored and hostile so they must consider protecting their location information or browsing history when conducting research or performing journalism.
Fortunately for us, technology is a great problem solver and many of these risks have already been solved or mitigated by very common & simple tools that allow us to browse the internet in confidence.
With a little knowledge and a few tools we can be safe on a public wifi network while reviewing intimate finance or health documents. We can do research unhinged by social norms or taboos and perform journalism without fear of repercussion. Identity Thieves can remain at arms length, unable to use the most basic tactics.
Privacy and Security online is the ultimate expression of Personal Digital Sovereignty.
The stack is a concept to help compartmentalize privacy risks and mitigations.
Layer 0 (Network Security)
Your network security can be the achilles heel of your entire stack. If the data you send is over a compromised network, then it doesn’t matter how strong your password, or how private your browser is.
VPN stands for Virtual Private Networking. This technology routes all your Internet traffic through an encrypted tunnel to another network or gateway device before connecting you to the Internet.
This protects you by hiding your IP Address from websites you connect to, hides your Geo-Location by IP Address, and encrypts your traffic so anyone on the same network as you (hackers, ISPs) can’t see what websites you’re visiting.
Check out our VPN for more information.
DNS stands for Domain Name Resolution and is a basic Internet service that translates domain names like facebook.com and google.com to IP Addresses, that computers connect to. Anyone with access to the DNS service you use could see what websites you visit by your computer’s DNS requests. A Private DNS service doesn’t log your requests, protecting the privacy of it’s users.
TOR will be mentioned more than once as it is actually a few different things. At the network level, TOR uses Onion Routing to route your traffic over an encrypted connection across random relays, potentially around the world. This is probably the most secure and anonymous routing protocol in existence. Not only is your IP Address hidden by 1 proxy like a VPN, but is encrypted independently across 3 or more proxies chosen at random.
Layer 1 (Browser)
Once your device is connected to a secure network, you should remain vigilant when using apps or software that use the Internet as well. Try to choose from well known publishers and make sure you keep everything as up to date as possible.
However, the tool everyone needs to browse the internet is a Web Browser. Most Browsers provide a good selection of privacy and security options, which should be explored in depth if you choose to use them. Below are some Browsers that have been developed with privacy as a priority.
Brave is a fairly new browser that places Privacy first, and uniquely leverages another new technology called Blockchain to attempt to pay users who choose to view ads and content creators who generate a lot of views.
Firefox is a Mozilla Browser that has been around for a very long time. The project has pioneered many innovations in the browser space and continues to do so. Firefox has more recently placed a heavy emphasis on user privacy and security and has delivered an amazing Browser.
TOR is at it again. The TOR Browser is a Complete Anonymity focused browser that has the TOR Onion Routing protocol built into it. It can be run as a standalone Browser on most devices today and makes accessing Onion Services (Anonymous Websites) as easy as possible. You can also browse the normal internet using the TOR Browser and network as well, though the experience will be noticeably slower.
Layer 2 (Access)
Once you have your network and the browser you’re going to use to access it. You’ll need your username and passwords to access any services online like your bank or email account.
Most people store these in their head. While the skill itself is useful, it’s a bit impractical today considering any website we might visit typically asks us to create an account. The only way to successfully access every site would be to use one or two passwords for hundreds of sites.
On top of that, these websites are constantly getting hacked and user information is dumped onto the dark web, for sale on the cheap. The chances of having your account information somewhere on the Dark web today is high. The only protection against this reality is to use a different password for every single website you visit.
This would not be possible without Password Managers. Not only do they remember passwords for you, but they can generate secure passwords when you’re creating an account, as well as auto-fill almost every potential form you come across making it easy to enter those super secure passwords we can’t remember. There are a handful of password managers on the market and if you’d like to know more check this out. Here are our recommendations.
LastPass is probably the best bang for your buck, considering it’s absolutely FREE! Comes complete with all the features needed to be successful switching to using a password manager and sticking with it. Easy to use and has browser extensions and a mobile app.
1Password is another absolutely amazing password manager that will make sure your transition is as seamless as possible. Stop using sticky notes or precious memory to store your passwords. 1Password also has all the browser extensions you need and an app for mobile use.
2nd Factor Authentication
It’s worth mentioning that most places you are forced to have a password online also provide the option for 2nd Factor Authentication. These are services like; sending you a text message with a unique code before logging in, or asking for a code from an authenticator app, or physical security key.
No matter, what options are offered for 2nd Factor Authentication. Choosing at least one of them increases your account security immensely. Even if your password is stolen or leaked on the Dark Web, if 2nd Factor Authentication is enabled your account is still safe.
Make sure you check all your major accounts and ensure 2nd Factor Authentication is enabled. This can really save you butt in the long run.
Layer 3 (Services)
Choosing the right services for things like Email, Messaging, Search, ect can go a long ways towards ensuring your data is protected.
ProtonMail is an email provider that offers a small inbox for free and automatically encrypts all email by default. A great provider of secure email.
Mailvelope is a nifty Browser extension that can manage PGP (Email Encryption) keys and auto-encrypt your email, even when using another web-based email provider (Like hotmail or gmail).
Signal is an open source, end-to-end encrypted messaging app that works on both Android and iOS as well as some desktops. Message your contacts securely as individuals or in groups, verify their identity and video chat.
DuckDuckGo is a privacy focused, complete search experience with apps and widgets for your phone as well as a privacy browser. No more “personalized” search results.
Minds is one of the most unique platforms to come along in a long time. A complete social media platform with groups and blogs and all sorts of media, Minds runs on the Ethereum BlockChain, leveraging it’s own token to generate value for content creators and viewers alike.
The responsibility is on the user today to protect themselves while online. Your privacy and security are paramount to your Personal Digital Sovereignty.
This is just a beginning. These are the basics. The stack itself can and will change shape and take on new meaning as technology evolves.
There is also a compromise. As users we all live under unique circumstances. It might not be possible to completely remove Google or Facebook from our lives, but we can exercise the choices we do have on those platforms as well.
Most of our privacy and security is in this space, the settings. Today most of those settings default in the favor of those who need our data. Check them out, make sure they’re right for you.