People are asking me all the time, does this or that behavior or software make my internet experience ‘safer’ from hacking, surveillance, and censorship. There is a lot of sound advice out there, but you’re always going to get the odd-ball that says this isn’t safe anymore, or that isn’t safe anymore; if this or that person wants you bad enough, they’re going to get you. I’ve heard it all.
In this post, I’m going to lay it straight out for you, as I see it.
Right off the bat, no, if someone wants you bad enough, they can’t get you. Sure, if they have massive governmental or corporate resources, yeah maybe. If you are focused on and ‘they’ have these kinds of resources, then probably over time you will be ‘had’. That being said, if you’re not breaking the law, then what is there for entities with these kinds of resources going to ‘get’? Your email from aunt Mable with her latest jam recipe? This post is for the average Joe/Jane, whom has no intention of breaking the law, and simply wants some peace of mind while using the internet.
With that out of the way, here are some techniques ranging from the quite reasonable, to the quite paranoid. Nobody need to have any great amount of computer experience to do these things. You don’t need to be a hacker, a programmer, nor some sort of IT specialist. If you can download and install/configure an application, then you can do these things.
You’ll be working toward a private and anonymous internet connection; a secure and isolated space to run your browser from; and a well configured browser. For the truly paranoid, you can encrypt partitions or entire hard drives, and/or you can use an encrypted USB boot key to log on to your PC. In the latter case you wont know any of the log in credentials, and you will NOT be able to log onto your PC without the USB key.
Do I think Linux is more secure than Windows, without a doubt. However, I will say that later versions of Windows are pretty darn secure. Sadly though, most people by refusing to log in with a user account vs. an administrator account basically void most of the benefits Windows security has to offer.
First and foremost, you want to be using a VPN. You want to use a VPN service you have to pay for, and one you feel you can trust. A VPN is your first line of defense. You can find out more about VPN’s by clicking here.
Second, you want to use a free and open source browser, such as Mozilla Firefox. You will also want to configure your browser as to make your browsing experience as private and anonymous as possible. The first add-on to your browser WILL be HTTPS Everywhere. Beyond that, you can see more of my recommendations here.
If you run Windows, you will want to run your browser in a sand-boxed environment. Do this, and you will never be plagued by any malware from a website through your browser. It’s a good idea to sand-box your email client as well. The best app I know of to do this is Sandboxie.
This is it folks. The average person with nothing to hide can simply stop here. Reasonably, this is all you need to have a warranted peace of mind while browsing the net. However, anything less…well lets just say if you use anything less, you’ll be under a false sense of security.
If you feel you need another layer of anonymity beyond your VPN, consider using Tor; then you can explore combining the two. Keep in mind however, you are going to take a noticeable hit in speed performance using Tor. While this is not so evident under a VPN, combining VPN with Tor is going to be a significant hit in performance.
As far as I am concerned, why go though all this effort if you don’t use encrypted email. You can either use email encryption through your email client, or via web-driven email services that provides encryption; such as ProtonMail or RiseUpMail. Here are some links for you to browse on the topic.
I honestly think that every person should have at least one encrypted directory. Doing this is fairly straight forward using software such as TrueCrypt or Veracrypt. Do I think TrueCrypt is still a great encryption software, yes. I’m not going to haggle over it though. If you have an issue with TrueCrypt, then use whatever your comfortable with. Would I use Microsoft or Apple encryption technology? Flatly, no.
If you are truly paranoid or plan on breaking the law, then you should consider taking encryption to the drive level, and employ a USB boot key to log on to your dedicated ‘law-breaking’ PC. If you have the skill to break the law, then you already have the skill to employ these technologies and techniques. This is well beyond the scope of this post, for the regular end-user.
Thats it folks. DO THESE THINGS, and you can be reasonably at peace while using the internet. Keep in mind though, your habits will break you quicker than anything.
Do NOT ever let anyone tell you this or that is no good anymore. Nothing could be further from the truth. If it were true, governments would not be trying to make things like VPN and Tor unlawful to use. Every person in the world should be using the first 3 sets of advice given on this post, as well as using encrypted email, and encrypting at least on directory on your drive(s).
It’s your responsibility to provide your own privacy/anonymity/security; nobody else is going to do it for you.