You are reading a single comment by @Velocio and its replies. Click here to read the full conversation.
  • Tempted to dedicate a morning to reading this entire thread to get clued up, having discussed data and encryption with a chap at a bike coop we both volunteer at.
    Does anyone use signal over whatsapp? Just watched 'The Great Hack' tonight and its really scary being so naive

  • Which makes me tempted to spend a day writing up how I do the internet.

    A summary would be:

    • Pi-hole at home with almost all lists subscribed to and DNS-over-HTTPS configured against Cloudflare.
    • NetGuard on my mobile in a default deny config and I have manually allowed every domain from every app - only web browser use is allowed by default
    • Disable notifications on most apps (prevent background processing)
    • Use an app like Bouncer to grant app permissions like location temporarily rather than permanently
    • Delete most apps... just save links to their website on your device. i.e. Guardian app is riddled with tracking and adverts, but a link to the website that launches in Brave with JS disabled is not only faster but shows zero ads, and tracks nothing
    • Different browsers everywhere: Chrome = Google properties only, Brave with JS disabled by default = most browsing, Firefox for things I care about and want long sessions on (i.e. LFGSS), Firefox Focus = must have full JS but zero trust
    • Get off Facebook, Twitter, etc
    • Disable automatic image viewing in Gmail
    • Consider Protonmail if you want to go Google-less
    • I prefer Signal or Keybase. I tolerate WhatsApp and Slack (but no privacy on Slack - so professional use only). I won't use Telegram, kik, others.
    • I use BitWarden for password manager.
    • 2FA with dual-yubikeys on every service that allows it
    • Unique emails with every website - I'm a bit nuts and have wildcard aliases on multiple domains, but just using a couple of Google accounts and using the + separate is good enough in most cases: but if you have a few Google accounts that you use according to level of trust that is better (because websites will normalise email and some remove the + suffix)
    • Only use Google sign-in on sites I absolutely trust (LFGSS, Philips Hue, etc)
    • Only use home automation that functions without a working internet
    • Bluetooth disabled whenever I'm not actually using it (i.e. wireless headphones)
    • Google Maps timeline, Google Fit, etc... all disabled. The value is very minor but the data you provide to them is huge.
    • Garmin Fenix configured not to upload to Garmin Connect - reduces utility but you still have a watch with info, and can get the data files for activities and use offline - I do the same with my Hammerhead.
    • Use Plex and continue to buy and rip music and films and own your own copy
    • Don't connect your "Smart TV" to a network, if you have you should factory reset it
    • Connect games consoles and the like to your guest network
    • Have a guest network... either the one that a decent networking device supplies, or if you're an advanced user VLAN that stuff
    • If you can live with it, use a Linux - Ubuntu is good enough

    Of all of that... the things you should care about and do most:

    • Get off social media
    • Use unique email addresses
    • Use multiple browsers (uBlock in all) with JS disabled by default in the one you browse the web with
  • NetGuard

    Very cool. Not heard of that one before. Any idea how it works without root? Does it pretend to be a VPN?

  • Why games console on guest network?

  • Nice list boss man

  • @Velocio thanks so much. You evidently care about all this and most people (me currently) don't do anything about it or understand it at all, so it would be beneficial.
    Definitely overwhelming but I actually have a month off at the moment so I can do parts of this. Please can I ask why use unique emails for every website? And why not connect your smart TV to a network - wouldn't that make it useless?

  • I seem to remember you used to use Lastpass. Any particular reason why you've moved from that to Bitwarden?

  • JS disabled

    What is JS?

  • Get off social media

    I stopped using Facebook a while ago. Only deactivated as I have to reactivate it briefly once in a while.

    I'm guessing LinkedIn is ok? I don't use it much its just there as a presence.

    I use Twitter too but not with my name or a photo of me. Is that ok?


Avatar for Velocio @Velocio started