The Entrepreneur Forum | Financial Freedom | Starting a Business | Motivation | Money | Success

Welcome to the only entrepreneur forum dedicated to building life-changing wealth.

Build a Fastlane business. Earn real financial freedom. Join free.

Join over 80,000 entrepreneurs who have rejected the paradigm of mediocrity and said "NO!" to underpaid jobs, ascetic frugality, and suffocating savings rituals— learn how to build a Fastlane business that pays both freedom and lifestyle affluence.

Free registration at the forum removes this block.

What's your privacy setup?

McFirewavesJr

Silver Contributor
Read Fastlane!
Read Unscripted!
Speedway Pass
User Power
Value/Post Ratio
263%
Sep 27, 2015
216
567
Las Vegas, NV
I'm usually not the paranoid/conspiracy guy, but it recently started freaking me out to realize how much I was being spied on. From FB messenger scanning my conversations to offer me products, to websites installing keystroke spyware on my mobile and the realization that apple owns our fingerprints, voice print and soon face scan...

Currently in the process of cleaning up my stuff and doing a lot of "ungoogling";

  • Using a external hard drive instead of gDrive (until I find something I trust)
  • Factory reset my phone frequently (I'm actually in the process of leaving my smartphone at home and carrying around a basic phone, but this is not for security, it's a lifestyle choice)
  • Not using Chrome, google and gmail anymore
  • couple other things in progress.
What you guys do the escape the increasing surveillance from the Matrix?
 
Dislike ads? Remove them and support the forum: Subscribe to Fastlane Insiders.

Dunkafelics

Silver Contributor
Read Fastlane!
Read Unscripted!
Summit Attendee
Speedway Pass
User Power
Value/Post Ratio
229%
Jun 12, 2015
318
729
Vancouver, Canada
Interesting post and something I am looking to see what others do as well.

To be honest I am not too worried about the government or big corporations spying on what I am doing. I've never really thought it was the biggest issue unless you are doing something wrong (ie. criminal activity, terrorism, etc.)

I will say that I am more worried about those that partake in hacking, identity theft, etc. What do you guys do to combat these types of behaviours?
 

urianasi

Contributor
Read Fastlane!
Read Unscripted!
User Power
Value/Post Ratio
240%
Aug 17, 2017
20
48
US
I've worked in the infosec field for some time. I really like it. After reading many books on privacy and data, technical books on computer science, white papers on the subject, and worked in some projects I gotta say that you are right: it is a big issue. And something to freak about.

Let me start by saying that you can't rely only on tools if you want privacy. Tools will give you a degree of privacy, if used correctly, but it is well understood in the field that security is a process and not a few tools here and there. In software, flaws are inevitable, vulnerabilities exist in all programs and new ones are discovered all the time. All. The. Time.

The solution to this problem is to reduce the risk of exposure regardless of the product. Everything we use is built by others, how do we know they are trustworthy? We have to trust someone, right? Trust is a very big word. We don't realise how important it is.

Now, I don't want to over extend my post. We could fill a book on all the moral, ethical, psychological dilemmas on security. It is important to understand, though, that security is a process, not just the use of a tool.

Here are a few practices and tools that I use in a daily basis:
  • I pay for a VPN monthly. I can recommend you iVPN and Mullvad. I use OpenVPN client.
  • I don't have any social network. In those services, you're the product.
  • I store my pictures, docs, videos, and more in a Dropox account, but in an encrypted container. I encrypt my data in a container first, and then upload that file. In that way, I have a backup of my data, but it is encrypted with strong algorithms.
  • I use a password manager that generates passwords automatically for each new account. I don't even now my password from this forum. I use pwsafe, designed by Bruce Schneier, a famous Cryptologist and Author.
  • I browse in Firefox with some configurations and some addons: Privacy Badger, uBlock Origin, HTTPS Everywhere, NoScript, Profile Spoofing. I use it for online purchases, or other sensitive stuff. I use Google chrome for ocassional browsing.
  • I use Windows for ocassional browsing and playing games. I use GNU/Linux for everything else that requires other levels of protection, such as online purchases. I fully encrypt my Linux disks.
  • For communications I use Whatsapp. I know, I know. I would prefer to use Signal, but my family is far away and they are not tech savvy. Whatsapp implemented end-to-end encryption with the creator of Signal, so I decided to trust them.
  • This should be obvious, but I don't send any sensitive and private information through normal channels of communications.
  • I do use Gmail, but I also use Tutanota and Protonmail. Email is broken, though. The majority of the protocols on the internet like HTTP, TCP, SMTP were not designed with security in mind. Email it's fundamentally broken. If you want to communicate with other people securely, don't use email, use Signal.
  • I own an iOS smartphone. They are a problem from a security stand point, and I know it. I use it as much as a dumbphone as I can. I have the 16GB model, and I always have more than 5gb free. Like you said @Fred Chevry, a dumbphone won't improve security. 2G networks are encrypted but with a very weak algorithm, so they are fundamentally broken. I chose it because I consider iOS more secure than Android.
That's all I can think of right now. I might take other measures, but these are the most important ones. This is not bullefproof, there are some trade offs in my design, but it still considerably better than not using anything.

Some recommendations for the most protection you can have?
  • Use a VPN at all times. Don't trust your ISP provider.
  • Use Signal, if possible, for instant messaging and calls. Or, Pidgin + OTR.
  • Don't use the same laptop for browsing, playing games and make purchases online. Play in a console (DO NOT DOWNLOAD PIRATED GAMES), do ocassional browsing in a computer, and online banking and purchases in another computer used ONLY for that.
  • Encrypt your files before uploading them to the cloud.
  • Use TOR Browser, if possible, for private browsing.
  • Use PGP for emails. This is not bulletproof, but it's the best thing you can do with the broken SMTP protocol.
  • Encrypt your disks, and use GNU/Linux (Debian + LUKS). Use Tails or QubesOS in case you really want to be protected.
  • Use a password manager encrypted with a strong passphrase. Use pwSafe.
  • Use two factor auth in all web apps. If they don't have it, demand it (I recently wrote my bank about this... 2017 and no 2 factor auth, can you believe it?)
  • Don't just delete your files, shred them using Bleachbit.
And remember two things:
  1. Encryption is your friend, use it. Use it for communication, for disks, for everything.
  2. Have common sense. This is probably one of the most important things too... If you see an ad offering a free iphone, please don't click on it. Do not open any files from unknown sources. Don't rely on antivirus only (in fact, I don't even have one).
That's all I can think of, and that's probably almost everything I do to protect myself online.

Hope it helps!
 
Last edited:

McFirewavesJr

Silver Contributor
Read Fastlane!
Read Unscripted!
Speedway Pass
User Power
Value/Post Ratio
263%
Sep 27, 2015
216
567
Las Vegas, NV
I've worked in the infosec field for some time. I really like it. After reading many books on privacy and data, technical books on computer science, white papers on the subject, and worked in some projects I gotta say that you are right: it is a big issue. And something to freak about.

Let me start by saying that you can't rely only on tools if you want privacy. Tools will give you a degree of privacy, if used correctly, but it is well understood in the field that security is a process and not a few tools here and there. In software, flaws are inevitable, vulnerabilities exist in all programs and new ones are discovered all the time. All. The. Time.

The solution to this problem is to reduce the risk of exposure regardless of the product. Everything we use is built by others, how do we know they are trustworthy? We have to trust someone, right? Trust is a very big word. We don't realise how important it is.

Now, I don't want to over extend my post. We could fill a book on all the moral, ethical, psychological dilemmas on security. It is important to understand, though, that security is a process, not just the use of a tool.

Here are a few practices and tools that I use in a daily basis:
  • I pay for a VPN monthly. I can recommend you iVPN and Mullvad. I use OpenVPN client.
  • I don't have any social network. In those services, you're the product.
  • I store my pictures, docs, videos, and more in a Dropox account, but in an encrypted container. I encrypt my data in a container first, and then upload that file. In that way, I have a backup of my data, but it is encrypted with strong algorithms.
  • I use a password manager that generates passwords automatically for each new account. I don't even now my password from this forum. I use pwsafe, designed by Bruce Schneier, a famous Cryptologist and Author.
  • I browse in Firefox with some configurations and some addons: Privacy Badger, uBlock Origin, HTTPS Everywhere, NoScript, Profile Spoofing. I use it for online purchases, or other sensitive stuff. I use Google chrome for ocassional browsing.
  • I use Windows for ocassional browsing and playing games. I use GNU/Linux for everything else that requires other levels of protection, such as online purchases. I fully encrypt my Linux disks.
  • For communications I use Whatsapp. I know, I know. I would prefer to use Signal, but my family is far away and they are not tech savvy. Whatsapp implemented end-to-end encryption with the creator of Signal, so I decided to trust them.
  • This should be obvious, but I don't send any sensitive and private information through normal channels of communications.
  • I do use Gmail, but I also use Tutanota and Protonmail. Email is broken, though. The majority of the protocols on the internet like HTTP, TCP, SMTP were not designed with security in mind. Email it's fundamentally broken. If you want to communicate with other people securely, don't use email, use Signal.
  • I own an iOS smartphone. They are a problem from a security stand point, and I know it. I use it as much as a dumbphone as I can. I have the 16GB model, and I always have more than 5gb free. Like you said @Fred Chevry, a dumbphone won't improve security. 2G networks are encrypted but with a very weak algorithm, so they are fundamentally broken. I chose it because I consider iOS more secure than Android.
That's all I can think of right now. I might take other measures, but these are the most important ones. This is not bullefproof, there are some trade offs in my design, but it still considerably better than not using anything.

Some recommendations for the most protection you can have?
  • Use a VPN at all times. Don't trust your ISP provider.
  • Use Signal, if possible, for instant messaging and calls. Or, Pidgin + OTR.
  • Don't use the same laptop for browsing, playing games and make purchases online. Play in a console (DO NOT DOWNLOAD PIRATED GAMES), do ocassional browsing in a computer, and online banking and purchases in another computer used ONLY for that.
  • Encrypt your files before uploading them to the cloud.
  • Use TOR Browser, if possible, for private browsing.
  • Use PGP for emails. This is not bulletproof, but it's the best thing you can do with the broken SMTP protocol.
  • Encrypt your disks, and use GNU/Linux (Debian + LUKS). Use Tails or QubesOS in case you really want to be protected.
  • Use a password manager encrypted with a strong passphrase. Use pwSafe.
  • Use two factor auth in all web apps. If they don't have it, demand it (I recently wrote my bank about this... 2017 and no 2 factor auth, can you believe it?)
  • Don't just delete your files, shred them using Bleachbit.
And remember two things:
  1. Encryption is your friend, use it. Use it for communication, for disks, for everything.
  2. Have common sense. This is probably one of the most important things too... If you see an ad offering a free iphone, please don't click on it. Do not open any files from unknown sources. Don't rely on antivirus only (in fact, I don't even have one).
That's all I can think of, and that's probably almost everything I do to protect myself online.

Hope it helps!

Epic reply. Most of your recommendations can be applied with little effort, will start working on it right now. Thanks a lot.

@Dunkafelics It's perfectly understandable not to be worried about such issues if you are a law abiding citizen, but just like driving a car without insurance; it could go very well until it goes wrong.

The age of communication is still in it's early stages, but evolving incredibly fast. What is not a concern today could become one tomorrow and at that point it will be too late to act and protect yourself. What kind of threats could we be facing?
  • Crypto currency wallets theft
  • Online Banking...
  • Various Scam/Fraud
  • Increased insidious targeting from marketers
  • Could a hypothetical tyrannical government of the future profile you using private data?
  • Employers hiring private firms to look deeper in your life than they are supposed to?
  • The love of your life hiring cyber investigators to find out everything on you before your first date?
  • List goes on...
You could be very grateful TOMORROW for being preventive TODAY my friend!
 
Dislike ads? Remove them and support the forum: Subscribe to Fastlane Insiders.

McFirewavesJr

Silver Contributor
Read Fastlane!
Read Unscripted!
Speedway Pass
User Power
Value/Post Ratio
263%
Sep 27, 2015
216
567
Las Vegas, NV
@urianasi Do you have something to recommend for anti virus software?

Edit: I applied most of the strategies you recommended. It took about an hour (bit bleach ran for about 4 hours lol). Google ads now displays ads in languages I can't read because of Tor:rofl: and I'm fine with that.
 
Last edited:

urianasi

Contributor
Read Fastlane!
Read Unscripted!
User Power
Value/Post Ratio
240%
Aug 17, 2017
20
48
US
@urianasi Do you have something to recommend for anti virus software?

Edit: I applied most of the strategies you recommended. It took about an hour (bit bleach ran for about 4 hours lol). Google ads now displays ads in languages I can't read because of Tor:rofl: and I'm fine with that.

I don't use any antivirus. Why? Because they are not necessary... If you apply common sense. I mean, why will you need an antivirus if you don't allow scripts in webpages, you don't torrent, don't download any suspicious file, you don't allow macros in Word documents... They decrease system performance and usually give a false sense of security.

What do I use? A machine with a correctly configured firewall and I install updates daily.

You see... The majority of the people I've met that are experts in the field of security don't use an antivirus, because they apply common sense and they keep their software up to date. I'm not even kidding. Professionals use more adblocker than an antivirus.

And the last thing is that antivirus detection rate is very low. The problem with AV is that they usually compare new threats with existent ones, or they search for similar patterns. And although sometimes succeed, the majority of the time they don't. If the threat is new, you're basically screwed, with or without AV until you apply the patch.

Antivirus Software is the best example of a program that is treated as the ultimate solution for the problem of security. You think you are safe, "that's it, I'm already protected"... Wrong. Security is a process, not a tool.

However, sometimes you need to share your primary machine with family. If you do, or if you want an extra layer of protection, I would recommend Kaspersky, because experts agree that it's the one that is harder to bypass (spoiler alert: they bypass it anyway, although it took a little longer).

About your edit. That's great, you've applied some principles quickly. And you're using Tor, fantastic! (deep web? lol)... Just remember: it's a process, not a tool.

Cheers!
 

McFirewavesJr

Silver Contributor
Read Fastlane!
Read Unscripted!
Speedway Pass
User Power
Value/Post Ratio
263%
Sep 27, 2015
216
567
Las Vegas, NV
I don't use any antivirus. Why? Because they are not necessary... If you apply common sense. I mean, why will you need an antivirus if you don't allow scripts in webpages, you don't torrent, don't download any suspicious file, you don't allow macros in Word documents... They decrease system performance and usually give a false sense of security.

What do I use? A machine with a correctly configured firewall and I install updates daily.

You see... The majority of the people I've met that are experts in the field of security don't use an antivirus, because they apply common sense and they keep their software up to date. I'm not even kidding. Professionals use more adblocker than an antivirus.

And the last thing is that antivirus detection rate is very low. The problem with AV is that they usually compare new threats with existent ones, or they search for similar patterns. And although sometimes succeed, the majority of the time they don't. If the threat is new, you're basically screwed, with or without AV until you apply the patch.

Antivirus Software is the best example of a program that is treated as the ultimate solution for the problem of security. You think you are safe, "that's it, I'm already protected"... Wrong. Security is a process, not a tool.

However, sometimes you need to share your primary machine with family. If you do, or if you want an extra layer of protection, I would recommend Kaspersky, because experts agree that it's the one that is harder to bypass (spoiler alert: they bypass it anyway, although it took a little longer).

About your edit. That's great, you've applied some principles quickly. And you're using Tor, fantastic! (deep web? lol)... Just remember: it's a process, not a tool.

Cheers!

That was my guess for anti-virus. I was just wondering what to do for an initial clean or in case I fear infection. By the way my encrypted external hard drive is my new favorite thing!

Tor is great, but it definitely takes time to get used to. Leaving the google empire is not the most user friendly thing, but I'm cool with that.

Could you expand on the deep web...
 
Dislike ads? Remove them and support the forum: Subscribe to Fastlane Insiders.

urianasi

Contributor
Read Fastlane!
Read Unscripted!
User Power
Value/Post Ratio
240%
Aug 17, 2017
20
48
US
Well, the thing with Tor is that I only use for real private stuff. I mean, things that I don't want other people to know.

This happens rarely, but sometimes the bug bites me and I use tor, and access the famous deep web.

Tor is much slower because of the proxies, you're not connecting directly to the server you're requesting. So it is not my everyday briwser. But still, is good to have it, specially to avoid tracking or acces .onion sites.

The famous deep web is just that: sites that have a .onion file (like HTML) that are hosted in servers connected to the Tor network. It is famous because there are many things there considered ilegal or prohibited. Not everything, of course, but there are some rare sites like bitcoin escrow services, or the possibility to purchase false documents, rare porn and stuff like that. But like I said, there are also great sites related to privacy, papers, books, free education, interesting forums where you can have good discussions about computer security, etc.

And yes, leaving google is almost impossible. I use it at work A LOT. You can't really escape, but make sure remember that their model is advertising, and If you don't want it you can block tracking, ads, use Firefox with some extensions deleting cookies and you'll be fine.

Good luck!
 

eliquid

( Jason Brown )
EPIC CONTRIBUTOR
Read Fastlane!
Read Unscripted!
Summit Attendee
Speedway Pass
User Power
Value/Post Ratio
519%
May 29, 2013
1,876
9,731
I've done a lot that @urianasi has mentioned.

One thing I've done that I've done for a long time is the use of different "machines" for different tasks which was also mentioned earlier.

Example:
  1. I have a Macbook Pro that I only use for writing ( this is more for productivity, but also security too )
  2. I have a desktop that ONLY gets used when I need to log into very secure sites, like my online banking or purchasing stuff online/paypal, etc
  3. I use another desktop for browsing the web or playing games, etc.

I've moved to using Firefox more and more now on most machines with all the privacy settings and plugins as well as Tor.

I use Dropbox, but I also use BitSync ( it has a new name now, not sure I remember the new name ) and I was going to do the crypt container, but I opted for a custom script I wrote that simply 7-zips the file 3 times. 7-zip has 256 AES encryption and will modify the file names too... basically I 7-zip the file, then 7-zip that file, and 7-zip that file. Each level has its own unique password. It's a script so I just drop a file into a special folder and then all I need to do is enter in the passwords I want to use.

In this manner no one at DropBox can read my files, but anyone that gets access to my Dropbox will have to crack each level of zip with its own unique password too.

I've also started to use Protonmail and 2 Factor Auth.

I can tell you, it can be very very cumbersome to use 2 Factor Auth. I have it tied to my cell phone ( Samsung S 4 ) which is also encrypted and having to find my cell phone, have it powered, and enter in my password to unlock it 2x ( boot and login screen ) is a bit much for me trying to handle using 2fa as a first timer just to get to the Google Authenticator app to use Amazon and other things. But that's the tradeoff for security I guess.

I've done a lot more, and I am still learning daily though.
 

eliquid

( Jason Brown )
EPIC CONTRIBUTOR
Read Fastlane!
Read Unscripted!
Summit Attendee
Speedway Pass
User Power
Value/Post Ratio
519%
May 29, 2013
1,876
9,731
Last edited:

Raoul Duke

Legendary Contributor
FASTLANE INSIDER
EPIC CONTRIBUTOR
Read Fastlane!
Read Unscripted!
Summit Attendee
Speedway Pass
User Power
Value/Post Ratio
324%
Feb 26, 2016
2,209
7,149
I've worked in the infosec field for some time. I really like it. After reading many books on privacy and data, technical books on computer science, white papers on the subject, and worked in some projects I gotta say that you are right: it is a big issue. And something to freak about.

Let me start by saying that you can't rely only on tools if you want privacy. Tools will give you a degree of privacy, if used correctly, but it is well understood in the field that security is a process and not a few tools here and there. In software, flaws are inevitable, vulnerabilities exist in all programs and new ones are discovered all the time. All. The. Time.

The solution to this problem is to reduce the risk of exposure regardless of the product. Everything we use is built by others, how do we know they are trustworthy? We have to trust someone, right? Trust is a very big word. We don't realise how important it is.

Now, I don't want to over extend my post. We could fill a book on all the moral, ethical, psychological dilemmas on security. It is important to understand, though, that security is a process, not just the use of a tool.

Here are a few practices and tools that I use in a daily basis:
  • I pay for a VPN monthly. I can recommend you iVPN and Mullvad. I use OpenVPN client.
  • I don't have any social network. In those services, you're the product.
  • I store my pictures, docs, videos, and more in a Dropox account, but in an encrypted container. I encrypt my data in a container first, and then upload that file. In that way, I have a backup of my data, but it is encrypted with strong algorithms.
  • I use a password manager that generates passwords automatically for each new account. I don't even now my password from this forum. I use pwsafe, designed by Bruce Schneier, a famous Cryptologist and Author.
  • I browse in Firefox with some configurations and some addons: Privacy Badger, uBlock Origin, HTTPS Everywhere, NoScript, Profile Spoofing. I use it for online purchases, or other sensitive stuff. I use Google chrome for ocassional browsing.
  • I use Windows for ocassional browsing and playing games. I use GNU/Linux for everything else that requires other levels of protection, such as online purchases. I fully encrypt my Linux disks.
  • For communications I use Whatsapp. I know, I know. I would prefer to use Signal, but my family is far away and they are not tech savvy. Whatsapp implemented end-to-end encryption with the creator of Signal, so I decided to trust them.
  • This should be obvious, but I don't send any sensitive and private information through normal channels of communications.
  • I do use Gmail, but I also use Tutanota and Protonmail. Email is broken, though. The majority of the protocols on the internet like HTTP, TCP, SMTP were not designed with security in mind. Email it's fundamentally broken. If you want to communicate with other people securely, don't use email, use Signal.
  • I own an iOS smartphone. They are a problem from a security stand point, and I know it. I use it as much as a dumbphone as I can. I have the 16GB model, and I always have more than 5gb free. Like you said @Fred Chevry, a dumbphone won't improve security. 2G networks are encrypted but with a very weak algorithm, so they are fundamentally broken. I chose it because I consider iOS more secure than Android.
That's all I can think of right now. I might take other measures, but these are the most important ones. This is not bullefproof, there are some trade offs in my design, but it still considerably better than not using anything.

Some recommendations for the most protection you can have?
  • Use a VPN at all times. Don't trust your ISP provider.
  • Use Signal, if possible, for instant messaging and calls. Or, Pidgin + OTR.
  • Don't use the same laptop for browsing, playing games and make purchases online. Play in a console (DO NOT DOWNLOAD PIRATED GAMES), do ocassional browsing in a computer, and online banking and purchases in another computer used ONLY for that.
  • Encrypt your files before uploading them to the cloud.
  • Use TOR Browser, if possible, for private browsing.
  • Use PGP for emails. This is not bulletproof, but it's the best thing you can do with the broken SMTP protocol.
  • Encrypt your disks, and use GNU/Linux (Debian + LUKS). Use Tails or QubesOS in case you really want to be protected.
  • Use a password manager encrypted with a strong passphrase. Use pwSafe.
  • Use two factor auth in all web apps. If they don't have it, demand it (I recently wrote my bank about this... 2017 and no 2 factor auth, can you believe it?)
  • Don't just delete your files, shred them using Bleachbit.
And remember two things:
  1. Encryption is your friend, use it. Use it for communication, for disks, for everything.
  2. Have common sense. This is probably one of the most important things too... If you see an ad offering a free iphone, please don't click on it. Do not open any files from unknown sources. Don't rely on antivirus only (in fact, I don't even have one).
That's all I can think of, and that's probably almost everything I do to protect myself online.

Hope it helps!

Could I use Kali, in a way to find holes in my security? Not great for a daily OS though.
 

rogue synthetic

Gold Contributor
Read Fastlane!
Read Unscripted!
Speedway Pass
User Power
Value/Post Ratio
310%
Aug 2, 2017
348
1,079
Great advice here from @urianasi and @eliquid

I used to be much more paranoid about security, especially with regard to disk encryption and tunneling HTTP traffic. These days I'm less worried about it, not because the issues have changed but because using Truecrypt volumes and having to keep passphrases for three layers of EncFS partitions was past the point of diminishing returns for me. Even using password manager it just became too tedious, and hell if the NSA wants my stuff they're going to get it one way or another.

These days I'm in 80/20 mode on security. I do enough to deter the casual script-kiddies and drive-by Russians without making daily use painful.

I've only got the one desktop using Linux, with some Windows virtual box images I can fire up if need be. I keep Tails on a thumb drive in case of emergency. (Qubes is downright amazing but I'm still scared of it.) I do keep strong passwords/phrases on all my accounts, and use 2-factor wherever it's available. That's just good sense.

I use Firefox with uMatrix + uBlock Origin, tweaked to block the main offenders without making sites unusable. I've got Chromium and Vivaldi here as backups, though I barely use them and for nothing more than basic browsing.

I use an Android smartphone, but this is only because I loathe Apple. Since I'm an old luddite, I don't have any social media accounts to speak of, and I don't have anything secure on the phone anyway. I only switched to it from "analog" in the last year and it's mainly for taking pics of my kids.

I suppose if I were doing any "serious" work that involved the internet I'd add a VPN and use Tor more than I already do. I do agree with getting away from Gmail and the google ecosystem. Despite having an old gmail "main" account, I have backups on Tuta and Protonmail.

But my policy on this shows my age. I'm still in 90s mode, where you didn't put anything on the internet if you didn't expect it to turn up in the news. I don't suppose that's practical in a lot of ways now, but thinking that way and acting on it as much as is feasible can save a lot of headaches in the Age of Instagram.
 
Dislike ads? Remove them and support the forum: Subscribe to Fastlane Insiders.

eliquid

( Jason Brown )
EPIC CONTRIBUTOR
Read Fastlane!
Read Unscripted!
Summit Attendee
Speedway Pass
User Power
Value/Post Ratio
519%
May 29, 2013
1,876
9,731
Great advice here from @urianasi and @eliquid

I used to be much more paranoid about security, especially with regard to disk encryption and tunneling HTTP traffic. These days I'm less worried about it, not because the issues have changed but because using Truecrypt volumes and having to keep passphrases for three layers of EncFS partitions was past the point of diminishing returns for me. Even using password manager it just became too tedious, and hell if the NSA wants my stuff they're going to get it one way or another.

These days I'm in 80/20 mode on security. I do enough to deter the casual script-kiddies and drive-by Russians without making daily use painful.

I've only got the one desktop using Linux, with some Windows virtual box images I can fire up if need be. I keep Tails on a thumb drive in case of emergency. (Qubes is downright amazing but I'm still scared of it.) I do keep strong passwords/phrases on all my accounts, and use 2-factor wherever it's available. That's just good sense.

I use Firefox with uMatrix + uBlock Origin, tweaked to block the main offenders without making sites unusable. I've got Chromium and Vivaldi here as backups, though I barely use them and for nothing more than basic browsing.

I use an Android smartphone, but this is only because I loathe Apple. Since I'm an old luddite, I don't have any social media accounts to speak of, and I don't have anything secure on the phone anyway. I only switched to it from "analog" in the last year and it's mainly for taking pics of my kids.

I suppose if I were doing any "serious" work that involved the internet I'd add a VPN and use Tor more than I already do. I do agree with getting away from Gmail and the google ecosystem. Despite having an old gmail "main" account, I have backups on Tuta and Protonmail.

But my policy on this shows my age. I'm still in 90s mode, where you didn't put anything on the internet if you didn't expect it to turn up in the news. I don't suppose that's practical in a lot of ways now, but thinking that way and acting on it as much as is feasible can save a lot of headaches in the Age of Instagram.

I share a lot of your thoughts.

I'm not worried about the NSA or some alphabet gov agency.

I'm more worried about bank accounts, client information, customer data, my kids info, etc in the hands of some russian hacker or ID thief who could then sell it off to other people later or use the data in some unexpectant way.

Past that, I do get worried about being integrated too much in the Apple or Google or Microsoft ecosystem. AKA, having a lot of my "info eggs" in one basket so I do tend to move away from being integrated too much in those systems if possible. For example, I don't use Apple Pay and other systems where my data/info is stored in what I consider a "big target" other that what I just have to have on file min.

.
 

urianasi

Contributor
Read Fastlane!
Read Unscripted!
User Power
Value/Post Ratio
240%
Aug 17, 2017
20
48
US
Could I use Kali, in a way to find holes in my security? Not great for a daily OS though.

If you want to use it to find holes, yes you can. I use it from time to time to scan my networks and stuff.

However, some handy tools are available to download for any Linux distribution, like nmap for instance. If you use Linux, just install the tools you want and that's it. Kali has a bunch of them, and some of them you probably won't even use once.
 

urianasi

Contributor
Read Fastlane!
Read Unscripted!
User Power
Value/Post Ratio
240%
Aug 17, 2017
20
48
US
I used to be much more paranoid about security, especially with regard to disk encryption and tunneling HTTP traffic. These days I'm less worried about it, not because the issues have changed but because using Truecrypt volumes and having to keep passphrases for three layers of EncFS partitions was past the point of diminishing returns for me. Even using password manager it just became too tedious, and hell if the NSA wants my stuff they're going to get it one way or another.

Ah, yeah... The old problem between usability and security.

Sometimes it makes all things take longer or more difficult...
 
Dislike ads? Remove them and support the forum: Subscribe to Fastlane Insiders.

WildFlower

Bronze Contributor
FASTLANE INSIDER
Read Fastlane!
Speedway Pass
User Power
Value/Post Ratio
40%
Aug 21, 2009
272
110
Los Angeles Area
I'm usually not the paranoid/conspiracy guy, but it recently started freaking me out to realize how much I was being spied on. From FB messenger scanning my conversations to offer me products, to websites installing keystroke spyware on my mobile and the realization that apple owns our fingerprints, voice print and soon face scan...

Currently in the process of cleaning up my stuff and doing a lot of "ungoogling";

  • Using a external hard drive instead of gDrive (until I find something I trust)
  • Factory reset my phone frequently (I'm actually in the process of leaving my smartphone at home and carrying around a basic phone, but this is not for security, it's a lifestyle choice)
  • Not using Chrome, google and gmail anymore
  • couple other things in progress.
What you guys do the escape the increasing surveillance from the Matrix?
I keep aluminum foil in the car in case I need to disappear. ;) and it's not for a hat! ;P
 

WildFlower

Bronze Contributor
FASTLANE INSIDER
Read Fastlane!
Speedway Pass
User Power
Value/Post Ratio
40%
Aug 21, 2009
272
110
Los Angeles Area
TUrning your phone in a baked potato?
No it cuts the signal ;) I've had friends that had tracking devices put on their phones. One guy didn't realize that it was 2-way and all of a sudden it popped up on her phone him in a meeting on the video. She could see and hear everything he was doing, but he was doing it to her. creepy.
 
Dislike ads? Remove them and support the forum: Subscribe to Fastlane Insiders.

Mckenzie

Bronze Contributor
Read Fastlane!
Read Unscripted!
Speedway Pass
User Power
Value/Post Ratio
151%
Aug 25, 2013
139
210
I've worked in the infosec field for some time. I really like it. After reading many books on privacy and data, technical books on computer science, white papers on the subject, and worked in some projects I gotta say that you are right: it is a big issue. And something to freak about.

Let me start by saying that you can't rely only on tools if you want privacy. Tools will give you a degree of privacy, if used correctly, but it is well understood in the field that security is a process and not a few tools here and there. In software, flaws are inevitable, vulnerabilities exist in all programs and new ones are discovered all the time. All. The. Time.

The solution to this problem is to reduce the risk of exposure regardless of the product. Everything we use is built by others, how do we know they are trustworthy? We have to trust someone, right? Trust is a very big word. We don't realise how important it is.

Now, I don't want to over extend my post. We could fill a book on all the moral, ethical, psychological dilemmas on security. It is important to understand, though, that security is a process, not just the use of a tool.

Here are a few practices and tools that I use in a daily basis:
  • I pay for a VPN monthly. I can recommend you iVPN and Mullvad. I use OpenVPN client.
  • I don't have any social network. In those services, you're the product.
  • I store my pictures, docs, videos, and more in a Dropox account, but in an encrypted container. I encrypt my data in a container first, and then upload that file. In that way, I have a backup of my data, but it is encrypted with strong algorithms.
  • I use a password manager that generates passwords automatically for each new account. I don't even now my password from this forum. I use pwsafe, designed by Bruce Schneier, a famous Cryptologist and Author.
  • I browse in Firefox with some configurations and some addons: Privacy Badger, uBlock Origin, HTTPS Everywhere, NoScript, Profile Spoofing. I use it for online purchases, or other sensitive stuff. I use Google chrome for ocassional browsing.
  • I use Windows for ocassional browsing and playing games. I use GNU/Linux for everything else that requires other levels of protection, such as online purchases. I fully encrypt my Linux disks.
  • For communications I use Whatsapp. I know, I know. I would prefer to use Signal, but my family is far away and they are not tech savvy. Whatsapp implemented end-to-end encryption with the creator of Signal, so I decided to trust them.
  • This should be obvious, but I don't send any sensitive and private information through normal channels of communications.
  • I do use Gmail, but I also use Tutanota and Protonmail. Email is broken, though. The majority of the protocols on the internet like HTTP, TCP, SMTP were not designed with security in mind. Email it's fundamentally broken. If you want to communicate with other people securely, don't use email, use Signal.
  • I own an iOS smartphone. They are a problem from a security stand point, and I know it. I use it as much as a dumbphone as I can. I have the 16GB model, and I always have more than 5gb free. Like you said @Fred Chevry, a dumbphone won't improve security. 2G networks are encrypted but with a very weak algorithm, so they are fundamentally broken. I chose it because I consider iOS more secure than Android.
That's all I can think of right now. I might take other measures, but these are the most important ones. This is not bullefproof, there are some trade offs in my design, but it still considerably better than not using anything.

Some recommendations for the most protection you can have?
  • Use a VPN at all times. Don't trust your ISP provider.
  • Use Signal, if possible, for instant messaging and calls. Or, Pidgin + OTR.
  • Don't use the same laptop for browsing, playing games and make purchases online. Play in a console (DO NOT DOWNLOAD PIRATED GAMES), do ocassional browsing in a computer, and online banking and purchases in another computer used ONLY for that.
  • Encrypt your files before uploading them to the cloud.
  • Use TOR Browser, if possible, for private browsing.
  • Use PGP for emails. This is not bulletproof, but it's the best thing you can do with the broken SMTP protocol.
  • Encrypt your disks, and use GNU/Linux (Debian + LUKS). Use Tails or QubesOS in case you really want to be protected.
  • Use a password manager encrypted with a strong passphrase. Use pwSafe.
  • Use two factor auth in all web apps. If they don't have it, demand it (I recently wrote my bank about this... 2017 and no 2 factor auth, can you believe it?)
  • Don't just delete your files, shred them using Bleachbit.
And remember two things:
  1. Encryption is your friend, use it. Use it for communication, for disks, for everything.
  2. Have common sense. This is probably one of the most important things too... If you see an ad offering a free iphone, please don't click on it. Do not open any files from unknown sources. Don't rely on antivirus only (in fact, I don't even have one).
That's all I can think of, and that's probably almost everything I do to protect myself online.

Hope it helps!
WOW, thank you very much @urianasi for sharing your knowledge and the links to this all time important issue.
This thread really explaining to me why and how my life had been controlling and swirling around....I loose my daily focus....I lost myself on the web....

Thank you thank you
 

Mckenzie

Bronze Contributor
Read Fastlane!
Read Unscripted!
Speedway Pass
User Power
Value/Post Ratio
151%
Aug 25, 2013
139
210
[QUOTE="Fred Chevry, post: 639136, member: 34741"
  • Employers hiring private firms to look deeper in your life than they are supposed to?
  • ![/QUOTE]
My daughter's boyfriend is applying for a government job. They're checking him and every single persons he's associating with; asking for every single details from DOB, addresses, names & name changes, status...etc. He came to my house few days ago, asking me for ALL my very private information. OMG...I was so furious about this, I told him off...even my own mother doesn't even know 1/2 my privacy info.
F**k.
 

Post New Topic

Please SEARCH before posting.
Please select the BEST category.

Post new topic

Guest post submissions offered HERE.

New Topics

Fastlane Insiders

View the forum AD FREE.
Private, unindexed content
Detailed process/execution threads
Ideas needing execution, more!

Join Fastlane Insiders.

Top