(3 mins read)
These are some things you can do to be safer on the internet, while only either
improving your overall experience of surfing the internet or not worsening it.
- Do not use Gmail (except for things like youtube or play store).
- Move to tutanota if you do not need IMAP.
- If you need IMAP, rethink if you actually need it.
- Custom clients like superhuman are known to be privacy invading. Unless your entire
job is to read and write emails, you probably don't need a custom client.
- If you still need IMAP, use protonmail with protonmail bridge.
BROWSER
top
- Use firefox.
- Disable all data collection from the settings and set all fingerprint protection
and stuff to max.
- Switch to DuckDuckGo from Google as your default search engine.
- Use uBlock Origin and ClearURLs extensions for ad blocking.
- Firefox's Gecko is the only other mainstream browser engine left apart from Apple's
webkit and Google's blink/chromium, you should support it.
- See Manifest V3.
MESSAGING
top
- Use signal.
- It's not the most secure and the phone number requirement is annoying but it's a
good sweet spot between adoption/UX/security.
NETWORK
top
- Your devices likely use your ISPs' default DNS servers.
- These servers are often unencrypted and your ISPs know what websites you visit.
- You can switch to custom DNS servers from your device settings (for example, 1.1.1.1
is a decent public encrypted DNS server from cloudflare).
- You likely don't need a VPN, and VPNs aren't as secure as not might think either
(see India, Russia, China, EU, UK, and fingerprinting).
- If you need a VPN, obscura is great (it's like a proxy before Mullvad).
KEYBOARD
top
- Your phone's keyboard can track a lot of what you do.
- For android, FlorisBoard is a good alternative.
- You can also just use GBoard but disable any sort of tracking from their settings.
- Brownie points if you can disable internet access for your keyboard too.
SIGNUPS
top
- Delete accounts of things you no longer use.
- Every time you signup for anything, spend a couple of extra minutes going through
their privacy settings and disabling any sort of data collection.
- Depending on yours and the companies' locations, they *may* be required to have
certain opt-outs.
- Check your devices' settings for these opt-outs too.
- You can use free tools like Mozilla Monitor, Mine, Optery, or paid ones like
Incogni for data removal requests (none of these work well).
- Use a password manager.
- Use a separate authenticator app for 2FA, (in case you were to ever get locked out
of the password manager).
- Do not buy an 8 sleep mattress.
WHY CARE
top
- Governments like your data, and your data will only ever be used against you.
See UK, US, India.
- Once your data has been collected, it *will* be breached.
- Filing deletion requests will, at best, erase some of it from some basic,
particularly visible kinda places. Just blocking some advertisers is all you can
do.
- It will stay forever in the archives of random osint researchers or scammers or
governments or hacking groups or something.