<div class="bbWrapper"><blockquote data-attributes="member: 50414" data-quote="urianasi" data-source="post: 638962"
class="bbCodeBlock bbCodeBlock--expandable bbCodeBlock--quote js-expandWatch">
<div class="bbCodeBlock-title">
<a href="/community/goto/post?id=638962"
class="bbCodeBlock-sourceJump"
rel="nofollow"
data-xf-click="attribution"
data-content-selector="#post-638962">urianasi said:</a>
</div>
<div class="bbCodeBlock-content">
<div class="bbCodeBlock-expandContent js-expandContent ">
I've worked in the infosec field for some time. I really like it. After reading many books on privacy and data, technical books on computer science, white papers on the subject, and worked in some projects I gotta say that you are right: it is a big issue. And something to freak about.<br />
<br />
Let me start by saying that you can't rely only on tools if you want privacy. Tools will give you a degree of privacy, if used correctly, but it is well understood in the field that <i><a href="https://www.schneier.com/essays/archives/2000/04/the_process_of_secur.html" target="_blank" class="link link--external" rel="nofollow ugc noopener">security is a process</a></i> and not a few tools here and there. In software, flaws are inevitable, vulnerabilities exist in all programs and new ones are discovered all the time. All. The. Time.<br />
<br />
The solution to this problem is to <i>reduce the risk of exposure </i>regardless of the product. Everything we use is built by others, how do we know they are <i>trustworthy? </i>We have to <i>trust </i>someone, right? Trust is a very big word. We don't realise how important it is.<br />
<br />
Now, I don't want to over extend my post. We could fill a book on all the moral, ethical, psychological dilemmas on security. It is important to understand, though, that <a href="https://ssd.eff.org/en/module/choosing-your-tools" target="_blank" class="link link--external" rel="nofollow ugc noopener">security is a process</a>, not just the use of a tool.<br />
<br />
Here are a few practices and tools that I use in a daily basis:<br />
<ul>
<li data-xf-list-type="ul">I pay for a VPN monthly. I can recommend you iVPN and Mullvad. I use <a href="https://openvpn.net/index.php/open-source.html" target="_blank" class="link link--external" rel="nofollow ugc noopener">OpenVPN </a>client.</li>
<li data-xf-list-type="ul">I don't have any social network. In those services, you're the product.</li>
<li data-xf-list-type="ul">I store my pictures, docs, videos, and more in a Dropox account, <b>but</b> in an encrypted container. I encrypt my data in a container first, and then upload that file. In that way, I have a backup of my data, but it is encrypted with strong algorithms.</li>
<li data-xf-list-type="ul">I use a password manager that generates passwords automatically for each new account. I don't even now my password from this forum. I use pwsafe, designed by Bruce Schneier, a famous Cryptologist and Author.</li>
<li data-xf-list-type="ul">I browse in Firefox with some configurations and some addons: Privacy Badger, uBlock Origin, HTTPS Everywhere, NoScript, Profile Spoofing. I use it for online purchases, or other sensitive stuff. I use Google chrome for ocassional browsing.</li>
<li data-xf-list-type="ul">I use Windows for ocassional browsing and playing games. I use GNU/Linux for everything else that requires other levels of protection, such as online purchases. I fully encrypt my Linux disks.</li>
<li data-xf-list-type="ul">For communications I use Whatsapp. <a href="https://www.eff.org/deeplinks/2016/10/where-whatsapp-went-wrong-effs-four-biggest-security-concerns" target="_blank" class="link link--external" rel="nofollow ugc noopener">I know, I know</a>. I would prefer to use Signal, but my family is far away and they are not tech savvy. Whatsapp implemented end-to-end encryption with the creator of Signal, so I <i>decided to trust</i> them.</li>
<li data-xf-list-type="ul">This should be obvious, but I don't send any sensitive and private information through normal channels of communications.</li>
<li data-xf-list-type="ul">I do use Gmail, but I also use <a href="https://tutanota.com/" target="_blank" class="link link--external" rel="nofollow ugc noopener">Tutanota </a>and <a href="https://protonmail.com/" target="_blank" class="link link--external" rel="nofollow ugc noopener">Protonmail</a>. Email is broken, though. The majority of the protocols on the internet like HTTP, TCP, SMTP were not designed with security in mind. Email it's fundamentally broken. If you want to communicate with other people securely, don't use email, use Signal.</li>
<li data-xf-list-type="ul">I own an iOS smartphone. They <a href="https://ssd.eff.org/en/module/problem-mobile-phones" target="_blank" class="link link--external" rel="nofollow ugc noopener">are a problem</a> from a security stand point, and I know it. I use it as much as a dumbphone as I can. I have the 16GB model, and I always have more than 5gb free. Like you said <a href="https://www.thefastlaneforum.com/community/members/34741/" class="username" data-xf-init="member-tooltip" data-user-id="34741" data-username="@Fred Chevry">@Fred Chevry</a>, a dumbphone won't improve security. 2G networks are encrypted but with a <a href="https://en.wikipedia.org/wiki/A5/1" target="_blank" class="link link--external" rel="nofollow ugc noopener">very weak algorithm</a>, so they are fundamentally broken. I chose it because I consider iOS <a href="https://ssd.eff.org/en/module/how-encrypt-your-iphone" target="_blank" class="link link--external" rel="nofollow ugc noopener">more secure</a> than <a href="https://blog.torproject.org/mission-impossible-hardening-android-security-and-privacy" target="_blank" class="link link--external" rel="nofollow ugc noopener">Android</a>.</li>
</ul>That's all I can think of right now. I might take other measures, but these are the most important ones. This is not bullefproof, there are some trade offs in my design, but it still considerably better than not using anything.<br />
<br />
Some recommendations for the most protection you can have?<br />
<ul>
<li data-xf-list-type="ul">Use a <a href="https://www.mullvad.net/" target="_blank" class="link link--external" rel="nofollow ugc noopener">VPN </a>at all times. Don't trust your ISP provider.</li>
<li data-xf-list-type="ul">Use <a href="https://signal.org/" target="_blank" class="link link--external" rel="nofollow ugc noopener">Signal</a>, if possible, for instant messaging and calls. Or, <a href="https://otr.cypherpunks.ca/" target="_blank" class="link link--external" rel="nofollow ugc noopener">Pidgin + OTR.</a></li>
<li data-xf-list-type="ul">Don't use the same laptop for browsing, playing games and make purchases online. Play in a console (DO NOT DOWNLOAD PIRATED GAMES), do ocassional browsing in a computer, and online banking and purchases in another computer used ONLY for that.</li>
<li data-xf-list-type="ul"><a href="https://www.veracrypt.fr/en/Home.html" target="_blank" class="link link--external" rel="nofollow ugc noopener">Encrypt your files</a> before uploading them to the cloud.</li>
<li data-xf-list-type="ul">Use <a href="https://www.torproject.org/projects/torbrowser.html.en" target="_blank" class="link link--external" rel="nofollow ugc noopener">TOR Browser</a>, if possible, for private browsing.</li>
<li data-xf-list-type="ul">Use <a href="https://www.gnupg.org/" target="_blank" class="link link--external" rel="nofollow ugc noopener">PGP </a>for emails. This is not bulletproof, but it's the best thing you can do with the broken SMTP protocol.</li>
<li data-xf-list-type="ul">Encrypt your disks, and use <a href="https://prism-break.org/en/categories/gnu-linux/" target="_blank" class="link link--external" rel="nofollow ugc noopener">GNU/Linux</a> (Debian + LUKS). Use <a href="https://tails.boum.org/" target="_blank" class="link link--external" rel="nofollow ugc noopener">Tails </a>or <a href="https://www.qubes-os.org/" target="_blank" class="link link--external" rel="nofollow ugc noopener">QubesOS </a>in case you really want to be protected.</li>
<li data-xf-list-type="ul">Use a <a href="https://pwsafe.org/" target="_blank" class="link link--external" rel="nofollow ugc noopener">password manager</a> encrypted with a strong passphrase. Use <a href="https://www.cs.ox.ac.uk/files/6487/pwvault.pdf" target="_blank" class="link link--external" rel="nofollow ugc noopener">pwSafe</a>.</li>
<li data-xf-list-type="ul">Use <a href="https://www.yubico.com/" target="_blank" class="link link--external" rel="nofollow ugc noopener">two factor auth</a> in all web apps. If they don't have it, demand it (I recently wrote my bank about this... 2017 and no 2 factor auth, can you believe it?)</li>
<li data-xf-list-type="ul">Don't <a href="https://www.usenix.org/legacy/event/sec08/tech/full_papers/halderman/halderman.pdf" target="_blank" class="link link--external" rel="nofollow ugc noopener">just delete</a> your files, shred them using <a href="https://www.bleachbit.org/" target="_blank" class="link link--external" rel="nofollow ugc noopener">Bleachbit</a>.</li>
</ul>And remember two things:<br />
<ol>
<li data-xf-list-type="ol">Encryption is your friend, use it. Use it for communication, for disks, for everything.</li>
<li data-xf-list-type="ol">Have common sense. This is probably one of the most important things too... If you see an ad offering a free iphone, please don't click on it. Do not open any files from unknown sources. Don't rely on antivirus only (in fact, I don't even have one).</li>
</ol>That's all I can think of, and that's probably almost everything I do to protect myself online.<br />
<br />
Hope it helps!
</div>
<div class="bbCodeBlock-expandLink js-expandLink"><a role="button" tabindex="0">Click to expand...</a></div>
</div>
</blockquote><br />
Epic reply. Most of your recommendations can be applied with little effort, will start working on it right now. Thanks a lot.<br />
<br />
<a href="https://www.thefastlaneforum.com/community/members/32175/" class="username" data-xf-init="member-tooltip" data-user-id="32175" data-username="@Dunkafelics">@Dunkafelics</a> It's perfectly understandable not to be worried about such issues if you are a law abiding citizen, but just like driving a car without insurance; it could go very well until it goes wrong. <br />
<br />
The age of communication is still in it's early stages, but evolving incredibly fast. What is not a concern today could become one tomorrow and at that point it will be too late to act and protect yourself. What kind of threats could we be facing?<br />
<ul>
<li data-xf-list-type="ul">Crypto currency wallets theft</li>
<li data-xf-list-type="ul">Online Banking...</li>
<li data-xf-list-type="ul">Various Scam/Fraud</li>
<li data-xf-list-type="ul">Increased insidious targeting from marketers</li>
<li data-xf-list-type="ul">Could a hypothetical tyrannical government of the future profile you using private data?</li>
<li data-xf-list-type="ul">Employers hiring private firms to look deeper in your life than they are supposed to?</li>
<li data-xf-list-type="ul">The love of your life hiring cyber investigators to find out everything on you before your first date?</li>
<li data-xf-list-type="ul">List goes on...</li>
</ul>You could be very grateful TOMORROW for being preventive TODAY my friend!</div>