A Crash Course on Protecting Yourself Online
privacy has never been more important
Browsing:
stop using chrome, and swap to Firefox - on desktop and mobile (use firefox focus on mobile)
use https://duckduckgo.com instead of Google as your default search engine [https://appletoolbox.com/change-default-search-engine-iphone-browser/]
when doing research or activism use: https://www.torproject.org
NEVER visit your blog or login to your social/email/work/personal accounts while browsing with tor
Recommended Firefox extensions:
https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/
https://addons.mozilla.org/en-US/firefox/addon/decentraleyes
https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers
https://addons.mozilla.org/en-US/firefox/addon/facebook-container/
consider running:
https://addons.mozilla.org/en-US/firefox/addon/noscript/
this will break 95% of sites bc the modern web uses javascript, but javascript is also how most modern trackers work
blocking 1st part cookies: https://support.mozilla.org/en-US/kb/third-party-cookies-firefox-tracking-protection?redirectslug=disable-third-party-cookies&redirectlocale=en-US
always block 3rd party cookies, blocking 1st party cookies will also break sites
Email:
stop using google suite (Gmail especially) if possible, especially for anything health/political related ( use https://proton.me/mail )
have unique https://proton.me/mail emails for health, political, and personal - never ever email across those accounts, or share contacts across accounts, forward messages, etc
use a service like https://relay.firefox.com to conceal your actual email address:
Secure Messaging Tools
stop using SMS/iMessage - Whatsapp is ok for 1-to-1, but it’s not safe for group chats
do not use telegram, slack, discord, or direct messages on social platforms for any sensitive conversations
never click on links from SMS [https://www.bejarano.io/sms-phishing/]
Account Security:
use 2FA - ideally a physical key https://www.yubico.com/products/
use a password safe like https://1password.com/
use complex passwords that do not repeat
DNS
if you are familiar with Docker/Linux I highly recommend using:
Alternative:
https://1.1.1.1 is a decent fallback option, but doesn’t have any blocking, and is operated by Cloudflare
use a VPN service that has an ad-blocking add-on: https://www.privateinternetaccess.com/ad-blocking-vpn
Gmail/Youtube/Google History
run security checkup: https://myaccount.google.com/security-checkup
delete and turn off all your history for your google account (web/app, location & youtube): https://myactivity.google.com/myactivity
Health/Fitness/Data Trackers
disable and delete as fast as possible, Fitbit and Apple watches already track your period/sleeping/health habits which could be leveraged against you
buy reproductive healthcare products with cash locally, stop buying pads/tampons/condoms, etc on amazon
Phone Privacy
delete TikTok, please: https://news.yahoo.com/tiktok-employees-china-secret-access-135758775.html
Android:
iPhone:
Protecting your identity/accounts
create a unique user on your computer for protected browsing, always browse connected to a VPN + Tor, and never log in to any of your personal accounts (social, Slack, Spotify, etc).
check your passwords and email addresses on https://haveibeenpwned.com/
try to keep your online identities as compartmentalized as possible
VPN:
look at using a VPN service that doesn’t log data
macOS
use FileVault to encrypt your hard drive: https://support.apple.com/en-us/HT204837
turn on the built-in firewall: https://support.apple.com/guide/mac-help/block-connections-to-your-mac-with-a-firewall-mh34041
consider using these security tools: https://objective-see.org/
INSTALL YOUR SECURITY UPDATES
additional resources