I wanted to share some recommendations you can implement to keep your web activity safe and secure. This is a simplified list of recommendations for friends and family looking to implement steps to reduce the risk of being exploited while online.
Desktop web browsing
Ad agencies will capture your information through special cookies often referred to as trackers. Trackers are used to build tracking-profiles by reading your browser history and location from your web browser. These agencies make money from commissions when you click an advert and/or by selling data between Data Brokers. Since these trackers do not provide any benefits to your online experience, it’s best to avoid them altogether. You can avoid trackers by (a) picking a web browser that blocks trackers by default or (b) by adding extensions to your existing browser. I recommend using Firefox since it blocks trackers by default.
Android web browsing
Similar to the desktop, I would recommend Firefox for Android users. You can get Firefox from the Play Store.
Apple iOS web browsing
Apple’s iOS platform does not let users change the default web browser. Safari has anti-tracker tools built-in, however, they are not enabled by default. To enable this features, open Settings app > select Safari > enable “Prevent Cross-Site Tracking”. Note, this feature does not block trackers, but it does limit what they can gather.You can also download Firefox for iOS from the App Store.
Brute Force is a method of hacking in which a malicious party will randomly attempt a number of popular passwords to gain access to a victims account. You should always avoid using a word from the dictionary in any of your passwords. Use the following link to determine how susceptible you are to a brute force attack: https://howsecureismypassword.net/ (when using this tool, your password will not be sent over the internet).
A password manager protects you by ensuring each of your passwords are very strong against Brute Force attacks. Your password manager will store all your strong passwords, so that the only password you have to remember is the password to access your password manager.
There are a handful of good password managers, including Last Pass, Dashlane, OnePassword, and Bitwarden. When considering free tier plans, Bitwarden is the most feature rich of the bunch and a great recommendation.
Find out more about Bitwarden here.
Temporary email service
Some websites will not let you see content or read an article until you have registered on the site. If you are new to that site, you may not want to share your personal email address due to the risk of spam or poor privacy policies. Your email address is a key piece of data that is used by Data Brokers to build your tracking-profile. Exposing your email to un-trusted third-parties is not in your best interest.
Temporary email services are a way to generate a one-time "throw away" email address you can use to register without having to compromise your personal data. Note: if you use a temporary email, you should not expect to be able to recover the emails sent to that address.
Temp-email is a good option. Learn more about Temp Mail here.
Alternatively, if you need to create an account in which you require persistent access but want to hide your personal email, you can use Firefox Private Relay which generates new email addresses that forward communications to your personal email.
Phone texting via SMS is an outdated and insecure technology for sending messages between phones. You should avoid sending any private messages via SMS as this technology is easy for malicious parties to hijack.
There are several good options available as secure SMS alternatives, but I like to recommend Signal as I believe it balances security and ease of use with few compromises. When using Signal, only messages sent to other Signal users will be secure. Signal app can also complete video-chats (similar to FaceTime or Skype).
If you choose to use Signal on your phone, you can get the companion Signal for Desktop app. You’ll be able to send secure messages to other Signal users via your PC.
That’s a wrap!
I wrote these recommendations to raise awareness and to provide some easy solutions you can use online. It is an oversimplification of many complex practices, but hopefully it serves it purpose. My recommendations should not be considered the only solution, but it is my attempt to balance security and ease of use.
Let me know if you have any questions about my recommendations, interest in alternative services I did not mention, or need assistance with implementing these tools.