PRIVACY & SECURITY
Tips for privacy and security.
AVOID TRACKING FROM APPLE AND MICROSOFT OSs
Big tech companies such as Apple, Google, and Microsoft monitor user activities primarily at the operating system (OS) level.
However, don't limit yourself to their spyware OS, there are superior, free alternatives!
If your computer comes pre-loaded with Windows, you can switch to another OS if desired, no Microsoft loyalty required!
In conclusion, if you value your privacy, you should seriously consider to switch to Linux.
Personal Opinion: If you use your computer to browse the internet, check email, play games, perform office tasks, write, in fact anything that doesn't involve the use of proprietary software like Abobe (there are alternatives), there is no reason not to move to GNU/Linux. Linux does all this in a "cleaner", private and secure environment, it's so much better! Try it, it's free!
E-BANKING
It is important that you adopt the right reflexes to protect all of your confidential banking data, in particular the access codes to your e-banking platform and the codes of your bank cards.
1. Never access your e-banking platform by clicking on a link, shortcut or favorite.
- Always enter “the adress” in the browser and check for the presence of the padlock or the words “https://” in front of the address.
2. Be wary of links presented to you to carry out a financial transaction (pay, receive funds, etc.) with a card, TWINT, your e-banking or another means of payment.
3. Attacks from scammers can...
- Go through all channels, electronic (e-mail, SMS, messaging, classified ads site, social networks, etc.) or traditional (telephone, etc.).
- Be hidden behind a message or a contact appearing to come – with name and logo – from your bank, IT support, the police or justice, a package delivery service, or another service provider, or even a known person.
- Put forward various pretexts: alert to false IT support, activation of a new security device, transaction on a classified ads site, costs for receiving a package, etc.
4. Never give out your access codes.
- A bank advisor, employee or employee will never ask you for these codes (e-banking or cards). They are reserved for access to bank services or for your transactions, for your exclusive use.
5. Stay attentive when browsing the internet.
- Be careful with attachments: they may contain malware (malicious software).
- Beware of malicious links, which can be found in an email, a chat, an SMS, an instant messaging conversation or a website.
- A name or logo can be usurped: always check the consistency between the signatures, the address of the issuer and the links.
6. Keep your computer's operating system, antivirus, and software up to date.
-Never install software that allows a third party to take control of your computer, even if they claim it is to help you.
7. If in doubt, call your bank immediately. Outside of opening hours, you can have your accounts blocked.
- If you have allowed access to your computer, turn it off immediately, disable the internet connection and, when you turn the computer back on, immediately scan the entire hard drive with an antivirus.
BROWSER FINGERPRINTING
Browser fingerprinting is a process that collects information about a user's device and browser to create a unique identifier. This identifier can include details such as the operating system, browser type and version, installed fonts, and even hardware information, allowing websites to recognize users even without traditional cookies.
This technique is used by businesses to identify website visitors accurately, helping in fraud detection and tailoring user experiences. However, it also raises privacy concerns as it can track users' browsing histories and serve targeted advertisements or exploits.
What we can do
- Switch to a browser that provides built-in features to resist fingerprinting.
- Look for anti-fingerprinting tools in the form of browser extensions.
- Use a VPN that can mask your IP address and location, which are very significant pieces of information for fingerprinting.
- Keep your browser updated, so your old version will not give away your data.
- Disabling JavaScript can break a website’s functionality, but it also significantly reduces the data websites can gather about you.
source: Malwarebytes
Browsers With Fingerprinting Resistance
Firefox: Firefox has built-in features like Resist Fingerprinting (RFP) and Fingerprinting Protection (FPP) to minimize fingerprinting. RFP is particularly robust and is enabled by default in Tor Browser and Mullvad Browser but not enabled by default in Firefox!
⚠ Resist Fingerprinting (RFP) is not enabled by default in Firefox! You need to manually enable it through the advanced settings using about:config.
LibreWolf: Based on Firefox, LibreWolf hardens security and removes any "phoning home" features. It comes with uBlock Origin for anti-tracking and uses DuckDuckGo as its default search engine. It offers strong protection against web tracking and fingerprinting.
Mullvad Browser: Built on Firefox, this browser is designed to resist fingerprinting and comes with RFP enabled by default. It is designed to be used with minimal changes to default settings.
Tor Browser: This browser is built on Firefox and is designed to provide strong privacy and anonymity. It includes RFP and is recommended for users who need the highest level of protection against fingerprinting.
Brave: This browser includes a built-in content blocker and privacy features aimed at thwarting basic tracking scripts and enhancing user privacy. However, it does not blend in with a large crowd of users like Tor Browser or Mullvad Browser, which are more effective against advanced fingerprint tracking scripts.
🛈 For the strongest anti-fingerprinting protection, using Tor Browser or Mullvad Browser is recommended as they are purpose-built to defend against fingerprinting and have RFP enabled by default.
FRONT-ENDS
Save yourself from ads and tracking with privacy-friendly alternatives and front-ends through Farside.
PRIVACY-PRESERVING SEARCH ENGINES
Brave Search A privacy-preserving search engine based in the US. Search results are based on its own index. DuckDuckGo A privacy-preserving search engine based in the US. Search results are mainly based on Bing. eTools.ch A privacy-preserving meta-search engine based in Switzerland. MetaGer A privacy-preserving meta-search engine based in Germany. Search results are based on the index of other search engines and their own. Startpage A privacy-preserving search engine based in the Netherlands. Search results are mainly based on Google.
IDENTIFY PHISHING EMAILS
Quick tips for spotting phishing emails.
Unexpected Requests:
Be cautious of emails asking for personal information.
Urgency Tactics:
Phishers often create a false sense of urgency.
Check URLs:
Ensure links match the sender’s domain.
Look for Errors:
Authentic emails are professionally written, and free of errors.
Verify Sender’s Address:
Genuine emails only come from official domains.
🛈 STAY PROTECTED
- Double-check the sender’s email addresses.
- Avoid clicking on suspicious links or downloading unknown attachments.
- Keep your antivirus software updated.
- Keep your account secure by enabling two-factor authentication.
source: pCloud
WHAT MAKES A STRONG PASSWORD
Here are some key factors in password entropy:
- Length: Aim for at least 12 to 15 characters. Longer passwords are generally stronger.
- Complexity: Use a mix of letters (both uppercase and lowercase), numbers, and symbols.
- Avoid predictability: Don’t use easily guessed passwords like “123456”, “password”, or “qwerty”.
- Avoid personal information like birthdays, names of your pets or loved ones, or anniversaries.
- Uniqueness: Each of your accounts should have its own distinct password. If you reuse a password across multiple services, then a data breach on one service can result in hackers gaining access to all the other services secured with the same password.
source: Proton
MOBILE DEVICE BEST PRACTICES
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
source: National Security Agency (NSA)'s mobile device best practices guide
AVOID
DO
DO NOT
DISABLE
WI-FI
DO NOT connect to public Wi-Fi networks. Disable Wi-Fi when unneeded. Delete unused Wi-Fi networks.
APPLICATIONS
Install a minimal number of applications and only ones from official application stores. Be cautious of the personal data entered into applications. Close applications when not using.
TEXT MESSAGES
DO NOT have sensitive conversations on personal devices, even if you think the content is generic.
POP-UPS
Unexpected pop-ups like this are usually malicious. If one appears, forcibly close all applications (i.e., iPhone®2: double tap the Home button* or Android®3: click “recent apps” soft key).
CONTROL
Maintain physical control of the device. Avoid connecting to unknown removable media.
TRUSTED ACCESSORIES
Only use original charging cords orcharging accessories purchasedfrom a trusted manufacturer. DO NOTuse public USB charging stations.Never connect personal devices togovernment computers, whether viaphysical connection, Wi-Fi,or Bluetooth®.
CASE
Consider using a protective case that drowns the microphone to block room audio (hot-miking attack). Cover the camera when not using.
PASSWORDS
Use strong lock-screen pins/passwords: a 6-digit PIN is sufficient if the device wipes itself after 10 incorrect password attempts. Set the device to lock automatically after 5 minutes.
BIOMETRICS
Consider using biometric authentication for convenience when protecting data of minimal sensitivity.
SOFTWARE UPDATES
Update the device software and applications as soon as possible.
CONVERSATIONS
DO NOT have sensitive conversations in the vicinity of mobile devices not configured to handle secure voice.
ATTACHMENTS/LINKS
DO NOT open unknown email attachments and links. Even legitimate senders can pass on malicious content accidentally or as a result of being compromised or impersonated by a malicious actor.
MODIFY
DO NOT jailbreak or root the device.
BLUETOOTH
Disable Bluetooth® when you are not using it. Airplane mode does not always disable Bluetooth®.
LOCATION
Disable location services when not needed. DO NOT bring the device with you to sensitive locations.
POWER
Power the device off and on weekly.
VPN
What is a VPN
A Virtual Private Network (VPN) is a service that creates an encrypted connection between a device and the internet, routing data through a secure tunnel to a remote server. This encryption protects your online privacy and security by hiding your IP address and encrypting your internet traffic, making it difficult for others to track your online activities or intercept your data.
What are the benefits of a VPN
- Hiding your traffic from only your ISP.
- Hiding your downloads from only your ISP.
- Hiding your IP adress from websites.
- Allowing you to bypass geo-restrictions.
Reminder
- VPNs are not a silver bullet privacy tool.
- VPNs are a transfer of trust (VPN instead of your ISP).
- Encrypted DNS does not stop ISP logging.
- Do not use a VPN when accessing websites where your identity is known.
- Use Tor if you want anonymity.
USE YOUTUBE WITHOUT YOUTUBE
If you want a privacy-friendly front-end alternative to Youtube, replace www.youtube.com by farside.link/invidious in the URL, or copy and past the link in freetube.
YOUTUBE CHANNELS
These Youtube channels talk about Privacy.
The links below direct you on Youtube! If you want a privacy-friendly front-end alternative, replace www.youtube.com by farside.link/invidious in the URL, or copy and past the link in freetube.