Easy Guide to Online Privacy

Easy Guide to Online Privacy
Compulsive sharing of information whether online or in public is not safe from adversaries. Your activities online are surveilled, and personally identifiable information is transmitted to websites when you visit them. You can go to such lengths as Richard Stallman to avoid online surveillance, or adopt our recommend tools and security practices.

Online Privacy

Have a security mindset and practice good OPSEC…

1. Never assume security, assume it is unsecured.
2. When security is needed, implement proper security practices.
3. Know what needs to be protected.
4. Know how to protect it.

Start protecting your data by encrypting everything…

1. Use full disk encryption using a trusted encryption suite on all computers and mobile devices. We recommend GnuPG (Windows/Mac/Linux, Free), Truecrypt (Windows/Mac/Linux, Free), 7-zip (Windows, Free) and Disk Utility (Mac, Free). In Mac OSX you can also set disk encryption in System Preferences > Security > Filevault.

2. Encrypt your connection, computers and mobile devices with a VPN service that does not log user activities such as Private Internet Access. Our other recommend providers can be found here.

3. Browsing the web using a VPN and TOR/Tails adds a considerable level of privacy protection, however you can harden conventional browsers by browsing in privacy/incognito mode and installing HTTPS Everywhere, Disconnect (Firefox/Chrome/IE/Safari) and Adblock Plus (Firefox/Chrome). Use search engines that do not track you like Startpage, Blekko, Duckduckgo and Ixquick. In addition to using these extensions, it is good practice to turn off cookies using the Do Not Track (DNT) setting which is available in most browsers.

It’s good practice to avoid using the same website for both web-based email and search since the web-mail account connects you to your web searches. Additionally, avoid installing search engine toolbars which may permit the collection of your web browsing habits. Be wary of installing free software that you do not trust.

4. Encrypt emails using GnuPG (Windows/Mac/Linux, Free) or Mailvelope(Chrome, Firefox) for webmail. Good adjunct mail services are Guerrilla Mail (Disposable Temporary E-Mail Address), Riseup (Secure and Private email accounts), and anonymous email provider Tor Mail (Tor required). Secure instant messages using Cryptocat (Most browsers & iPhone) and Wickr (iPhone/Android). Use Cryptstagram to upload encrypted photos.

It’s good practice to enclose mobile devices in a Faraday cage which blocks transmission of wireless signals to/from the device. You can make your own or buy one from a vendor such as Offpocket. By blocking transmissions such as WiFi and GPS to/from the device, you effectively deny adversaries and advertisers geo-location and pattern data.

5. Encrypt all important data files using a trusted encryption suite before uploading to services such as Dropbox or Google Drive. Cryptonite allows you to export and open encrypted directories and files on your Dropbox and phone.

Stop compulsively sharing your information (stfu), check privacy settings across your social network, encrypt critical data and networks, shred browsing history, disable cookies, use effective password protection and leave your phone behind and go outside more often. Adversaries are always looking for vulnerabilities, be proactive and practice good online OPSEC in this “Golden Age of Surveillance”.

For more information visit Prism Break and The Ultimate Privacy Guide

Leave a Reply

Your email address will not be published. Required fields are marked *