1. Home

Encrypt all the things!

You are reading a single comment by @bobble and its replies. Click here to read the full conversation.

  • Which makes me tempted to spend a day writing up how I do the internet.

    A summary would be:

    • Pi-hole at home with almost all lists subscribed to and DNS-over-HTTPS configured against Cloudflare.
    • NetGuard on my mobile in a default deny config and I have manually allowed every domain from every app - only web browser use is allowed by default
    • Disable notifications on most apps (prevent background processing)
    • Use an app like Bouncer to grant app permissions like location temporarily rather than permanently
    • Delete most apps... just save links to their website on your device. i.e. Guardian app is riddled with tracking and adverts, but a link to the website that launches in Brave with JS disabled is not only faster but shows zero ads, and tracks nothing
    • Different browsers everywhere: Chrome = Google properties only, Brave with JS disabled by default = most browsing, Firefox for things I care about and want long sessions on (i.e. LFGSS), Firefox Focus = must have full JS but zero trust
    • Get off Facebook, Twitter, etc
    • Disable automatic image viewing in Gmail
    • Consider Protonmail if you want to go Google-less
    • I prefer Signal or Keybase. I tolerate WhatsApp and Slack (but no privacy on Slack - so professional use only). I won't use Telegram, kik, others.
    • I use BitWarden for password manager.
    • 2FA with dual-yubikeys on every service that allows it
    • Unique emails with every website - I'm a bit nuts and have wildcard aliases on multiple domains, but just using a couple of Google accounts and using the + separate is good enough in most cases: first.last+lfgss@gmail.com but if you have a few Google accounts that you use according to level of trust that is better (because websites will normalise email and some remove the + suffix)
    • Only use Google sign-in on sites I absolutely trust (LFGSS, Philips Hue, etc)
    • Only use home automation that functions without a working internet
    • Bluetooth disabled whenever I'm not actually using it (i.e. wireless headphones)
    • Google Maps timeline, Google Fit, etc... all disabled. The value is very minor but the data you provide to them is huge.
    • Garmin Fenix configured not to upload to Garmin Connect - reduces utility but you still have a watch with info, and can get the data files for activities and use offline - I do the same with my Hammerhead.
    • Use Plex and continue to buy and rip music and films and own your own copy
    • Don't connect your "Smart TV" to a network, if you have you should factory reset it
    • Connect games consoles and the like to your guest network
    • Have a guest network... either the one that a decent networking device supplies, or if you're an advanced user VLAN that stuff
    • If you can live with it, use a Linux - Ubuntu is good enough

    Of all of that... the things you should care about and do most:

    • Get off social media
    • Use unique email addresses
    • Use multiple browsers (uBlock in all) with JS disabled by default in the one you browse the web with

  • @Velocio thanks so much. You evidently care about all this and most people (me currently) don't do anything about it or understand it at all, so it would be beneficial.
    Definitely overwhelming but I actually have a month off at the moment so I can do parts of this. Please can I ask why use unique emails for every website? And why not connect your smart TV to a network - wouldn't that make it useless?

  • Divide or be conquered basically.... (that correct vb?) Less they know the better. Also why he uses multiple browsers.

  • why use unique emails for every website?

    Because companies and advertisers are not allowed to share your personal data and data points.

    So they get around this by masking your email and turning the data into abstractions... and then they share that.

    If entities on both sides share the same method (and they do)... then they have essentially obeyed the letter or laws on data privacy but not the spirit... as they have swapped and associated data about you with profiles on you that other companies hold.

    The email is the #1 identifier.

    And why not connect your smart TV to a network - wouldn't that make it useless?

    Yes :)

    https://www.nytimes.com/2018/07/05/business/media/tv-viewer-tracking.html

    But you really really don't want to use your Smart TV.

    Buy an Apple TV or Nvidia Shield instead... or just plug in a ChromeCast and cast whatever you want to watch.

  • Some smart TVs do a lot of tracking and reporting back. I think it was Samsung that was recording pretty much everything that was said in the room and reporting back.

    Separate email addresses means that you can keep track of who's been sharing your email and spamming and block them. Also means your login details are unique to each site so if one gets hacked it won't compromise any others. I use a domain on gandi.net for this. Also means you can avoid Gmail if you want

  • Please can I ask why use unique emails for every website?

    I just received an email to myfitnesspal2011@mydomain.tld:

    Hi, I know one of your passwords is: anactualpasswordthatiused
    blah blah i have video of you wanking, pay me 1 million dollar in bitcoin etc...

    I know that this is from an account that I set up on myfitnesspal. In 2011.

    I'm not concerned, as 1) I used a unique password for that site (also, fuck that site for storing plain text / nonhashed passwords), and 2) I only used that email on that site.

    That account may be compromised, but I otherwise have nothing to be concerned with.

    (Worth noting - All of my memorable information / additional security questions are all 128+bit randomly generated passwords too. I mean- why compromise every account with the same easily remembered & easily guessed information?)

About

Avatar for bobble @bobble started

About Terms of Use Privacy Policy Cookie Policy Report a problem