1. Home

Encrypt all the things!

You are reading a single comment by @hippy and its replies. Click here to read the full conversation.

  • You can't know unless you run it.

    But some VPNs are better than others, you can use Private Internet Access on all of your devices: https://www.privateinternetaccess.com/

    They have a mode called MACE, enable it to block adware and malware too (acts as a blocker in addition to privacy router).

    I'm revising my current strategy.

    I'd originally written recommendations with super-invasive adware and malware in mind, not state actors.

    I'm currently adapting what I do to be more secure against state actor over-reach.

    Right now, I'd simply suggest:

    • Use full disk encryption, and full device encryption on every device that supports it. Linux, Windows and Mac OS all support it. New iPhones should be encrypted by default, if your Android didn't come encrypted turn it on ASAP (may reset the device).
    • Use Chrome + uBlock Origin + HTTPS Everywhere for all Google stuff and super trusted (LFGSS)
    • Use Chrome Incognito + uBlock Origin + HTTPS Everywhere, left open max 24 hours, for social (Twitter and Facebook, etc)
    • Use Firefox + uBlock Origin + HTTPS Everywhere, permanently in private browsing mode (achieved via about:config) for everything else. Close the browser several times per day, whenever you are good to do so.
    • Use LastPass to make logins in this world not a hassle
    • Use Pinboard to make bookmarks in this world not a hassle
    • Use Yubikey 2FA with Google, Dropbox, LastPass
    • Use Authy 2FA with Google, Dropbox, Microsoft, Github, etc wherever any "enter 6 digit token" works
    • Use a VPN on all devices always, https://www.privateinternetaccess.com/ is very good and has a feature called MACE which additionally blocks ads and trackers ( https://www.privateinternetaccess.com/blog/2016/07/pia-adds-ad-blocker-introducing-private-internet-access-mace/ ). A second recommendation is https://www.perfect-privacy.com who also have a privacy mode for blocking ads and trackers.

    Other considerations:

    • Use Tor
    • Always power down your laptop when not in use (full disk encryption is only effective if the machine isn't on, as the disk is unlocked when it's on)

    That's pretty much where I currently am.

    Encrypt absolutely everything, only transfer to your computer things you trust or want to access, and only keep long-lived sessions for the super-trusted stuff otherwise start each day afresh.

  • I use multiple browsers on my mobile, and that includes Firefox and Dolphin Zero in addition to Chrome.

    Chrome on mobile doesn't allow installation of extensions, so I only use it for the things I trust (LFGSS).

    Firefox on mobile does allow extensions including uBlock, so I use Firefox on mobile for all things I do not trust. Typically always in private browsing.

    I'd always recommend Chrome, because I compartmentalise and use multiple browsers.

    Tor was recommended in the footer, but whether or not the performance drop-off is worth it is a consideration for you. I don't use Tor most of the time, but I have it installed for occasional use.

About

Avatar for hippy @hippy started

About Terms of Use Privacy Policy Cookie Policy Report a problem