1. Home

Encrypt all the things!

You are reading a single comment by @bobble and its replies. Click here to read the full conversation.

  • Tempted to dedicate a morning to reading this entire thread to get clued up, having discussed data and encryption with a chap at a bike coop we both volunteer at.
    Does anyone use signal over whatsapp? Just watched 'The Great Hack' tonight and its really scary being so naive

  • Which makes me tempted to spend a day writing up how I do the internet.

    A summary would be:

    • Pi-hole at home with almost all lists subscribed to and DNS-over-HTTPS configured against Cloudflare.
    • NetGuard on my mobile in a default deny config and I have manually allowed every domain from every app - only web browser use is allowed by default
    • Disable notifications on most apps (prevent background processing)
    • Use an app like Bouncer to grant app permissions like location temporarily rather than permanently
    • Delete most apps... just save links to their website on your device. i.e. Guardian app is riddled with tracking and adverts, but a link to the website that launches in Brave with JS disabled is not only faster but shows zero ads, and tracks nothing
    • Different browsers everywhere: Chrome = Google properties only, Brave with JS disabled by default = most browsing, Firefox for things I care about and want long sessions on (i.e. LFGSS), Firefox Focus = must have full JS but zero trust
    • Get off Facebook, Twitter, etc
    • Disable automatic image viewing in Gmail
    • Consider Protonmail if you want to go Google-less
    • I prefer Signal or Keybase. I tolerate WhatsApp and Slack (but no privacy on Slack - so professional use only). I won't use Telegram, kik, others.
    • I use BitWarden for password manager.
    • 2FA with dual-yubikeys on every service that allows it
    • Unique emails with every website - I'm a bit nuts and have wildcard aliases on multiple domains, but just using a couple of Google accounts and using the + separate is good enough in most cases: first.last+lfgss@gmail.com but if you have a few Google accounts that you use according to level of trust that is better (because websites will normalise email and some remove the + suffix)
    • Only use Google sign-in on sites I absolutely trust (LFGSS, Philips Hue, etc)
    • Only use home automation that functions without a working internet
    • Bluetooth disabled whenever I'm not actually using it (i.e. wireless headphones)
    • Google Maps timeline, Google Fit, etc... all disabled. The value is very minor but the data you provide to them is huge.
    • Garmin Fenix configured not to upload to Garmin Connect - reduces utility but you still have a watch with info, and can get the data files for activities and use offline - I do the same with my Hammerhead.
    • Use Plex and continue to buy and rip music and films and own your own copy
    • Don't connect your "Smart TV" to a network, if you have you should factory reset it
    • Connect games consoles and the like to your guest network
    • Have a guest network... either the one that a decent networking device supplies, or if you're an advanced user VLAN that stuff
    • If you can live with it, use a Linux - Ubuntu is good enough

    Of all of that... the things you should care about and do most:

    • Get off social media
    • Use unique email addresses
    • Use multiple browsers (uBlock in all) with JS disabled by default in the one you browse the web with
About

Avatar for bobble @bobble started

About Terms of Use Privacy Policy Cookie Policy Report a problem