So, we talked about why you should care about security and how to protect yourself online, Now let’s talk about a few specific resources you can use.

EMAIL
This is one of the less critical steps,  especially if you utilize auto forwarding services from temporary email accounts,  but if you have sensitive information or are worried about hacking, you should consider an encrypted email service. Encrypted communications are just another level of security where even if someone intercepted an email,  or acquired your login information,  they would still have to work for the information.  The best encrypted email I have found so far is a Swiss company called Proton mail.  You can request a free email and be put on a wait list until they have sufficient server space, or pay for premium service with additional features. Proton mail specifically also has the ability to encrypt outgoing emails,  so even if you sent an email to a standard Gmail or yahoo account,  the email can’t be opened by the recipient with out a password to decrypt and open it. Also as a perk for those of you that don’t trust the government,  you can request a .ch vs .com email,  so your account is based in Switzerland and can’t even be hijacked by a federal subpoena.

MOBILE COMMUNICATIONS
Just like with email,  you should protect your mobile communications,  especially since a phone is so easy to steal or intercept via your service provider.  You doubtless have heard about the recent Apple pushback on decrypting phones.  Iphones are by default encrypted if you use password protection, while android devices must be manually encrypted in their security settings.  I strongly recommend everyone do this,  as it costs you nothing but increases your personal security from people attempting to steal personal information from your phone’s hard drive, it’s even giving the federal government trouble.  Note that encryption only protects locally stored data,  anything backed up on the cloud or elsewhere can still be seized via a warrant from Apple (Google, Dropbox, Verizon, etc.)
Just like with email,  you should consider an encrypted messaging service for your phone,  otherwise your service provider will still have a record of all your messages, and be prone to a malicious hacker.  As always, be wary of specific applications and do your research. For instance, the secure messaging service “WhatsApp” was purchased by Facebook about two years ago. Considering Facebook’s revenue model, which includes intensive data mining and advertising, it’s unlikely that “WhatsApp” is a very reliable encrypted messaging service.  Signal is a pretty good resource, however it is only secure through the data plan on Iphones.

That’s a basic rundown of digital security.  It’s enough to get you started if you decide protecting your identity is something worth pursuing, and should get you on your way towards a more secure, private lifestyle.

So last week I talked about why you should consider taking steps to protect yourself online,  and now I’ll discuss options on HOW to protect yourself online.   Basic practices,  like discussed earlier,  include being careful of what you share online like pictures and stories on social media.  Be aware of any information you might be accidentally giving away.

PSEUDONYMS
Some of the easiest practices are to use (partially) fake names or email addresses for services that require information for marketing purposes,  or “verifying your age”. Free services often sell this information to others for advertising to pay their bills.  You can use your middle name or nickname,  and anyone looking specifically for you will skip right by your info,  and anyone trying to steal your identity will have mis-matching information.  Having and using fake email accounts that auto-forward to your real email allow you to kill the spam flood once you realize someone has been sharing your info without having to lose your real email address. This can be done manually by creating alternate emails that auto-forward, or with services like junkmail.com or premium services like Blur.

BLUR
Blur is a service that is dedicated to its customers’ privacy and anonymity.  They pay their bills with subscriptions so you can trust they don’t sell or share your info. Free memberships allow you to automatically generate and keep track of multiple emails for privacy and spam filtering purposes in addition to generate and keep track of randomized strong passwords,  which can be created for individual websites.  It also blocks Web tracking (data collection) and allows auto-fill of their randomized information to make it easier for you to use.
Paid memberships give you the added benefit of “fake” credit cards to keep your purchases anonymous online. The service essentially allows you to instantly generate a digital prepaid (single or multi use) gift card that protects your account information and identity. You can also generate fake phone numbers similar to Google voice and have the option to perform data backups.   With all of Blur’s services,  you have the option to instantly delete any email,  credit card,  or number that you think is being abused and create a new one.

SEARCH ENGINES
Part of the reason Google is such a popular and efficient search engine is because it tracks everything anyone does on any of their many platforms.  They are able to sell advertisements at a frighteningly accurate rate.  This is why you frequently see ads online for something you looked at the week before.  Instead consider search engines that don’t track your search history like start page or duck duck go. Start page actually utilizes google to do all of its searches, so you still get great results, but it acts as a screen to prevent data collection.  Start page will even act as an intermediary for many websites,  protecting your IP address.

VPN
Virtual Private Networks (VPNs) are networks that hide your IP address (and therefore your address and identity) while surfing the Internet.  It allows you to access the web through servers across the world based on the VPN network you are using, so anyone tracking you online would think you were located in say Cambodia, Turkey, or Germany instead of on your couch in your hometown.  It is crucial when looking for a vpn service to understand how they fund their business,  there are certain “free” vpns that actually sell your information or your bandwidth. There are many options, but Private Internet Access seems to be the best one around at a decent rate, $3.33 per month for a year subscription on 5 devices, thats enough for a family. All you need to do is activate the vpn on your device, and you can go anywhere online anonymously (until you login to an account, like facebook or amazon, but then you should proceed as discussed earlier).  You can easily get around this by buying prepaid gift cards with cash in any store and checking out as a guest, or with the forwarding burner emails.

Next time we’ll discuss how to protect your communications.  Do you think any of these are reasonable precautions or just a bunch of paranoid mumbo jumbo?

So February was supposed to be where I learned some automation, but the Raspberry pi platform has been giving me some trouble, so I don’t think I’ll quite have that mastered by the end of the month. I have however started learning a little about cyber security and thought I could share a few easy steps with you to help protect your personal data.

EVEN IF YOU TRUST THEM
Personally, I don’t like anybody knowing any of my personal information, especially the government with their increasing mass surveillance and ever expanding list of laws and regulations. BUT, even for those of you who support the “nothing to hide, nothing to fear” mentality, consider this; you may trust the government, or Target, Home Depot, Amazon, or JP Morgan, to never do anything it wasn’t supposed to, but in the last several years there have been multiple highly publicized  hacks of vast amounts of personal data from companies like Home Depot, and the Federal Government.  Well-meaning companies, in addition to the government, collect and store vast amounts of data on their users which are prone to security breaches by people who want to steal your SSN or credit card accounts.

Even without worries over security breaches, there is the “creep factor” that companies like Target use their massive stores of data to predict major life events, like a woman’s pregnancy, accurate to within a two week delivery date so she will buy more from Target, before she’s told anyone else, including her parents.  Even if you have “nothing to hide”, you wouldn’t want somebody knowing when you go to the bathroom or have an intimate moment with your partner, would you?

WHERE TO START, HOW TO THINK
This is where we get into the basics. Before you start looking for encryption services or apps, the most important thing to consider when implementing privacy online is how they make their money, because nothing is truly free. Even if someone developed a great program or service for free, it still costs money to maintain servers, hard drives, and security to protect it from being hacked. Do you pay for their services, or do they cover costs with grants and donations? If not, then you are their product, not their customer.

Companies like Google and Facebook, which offer services for free to billions of people, need to pay for their infrastructure and employees salaries, even if they were non profit (they aren’t). They do this by collecting absurd amounts of data on their users and selling it as highly specified and highly efficient advertising to other companies (read Target story above). Ever wonder how something you looked at on Amazon shows up on Facebook two weeks later? Now you know. Even if you don’t use security/privacy services, this is an important fact to realize.

BASIC STEPS
Be aware of what photos you post anywhere online, and realize that smart phones and cameras now embed the location the photo was taken into the file. This means someone can extract your home address, where you work, or what gym you go to, even if you go to great lengths to avoid details in your pictures like a street sign or house number.

Whenever possible, pay with cash. I’m guilty of it, I know plastic is easier, but every little purchase you make tells the world where you are at any point in the day, and what you like to buy. It allows strangers to determine your habits, helping them to predict where you are going to be, when you won’t be home, or what you are willing to buy.

A simple yet vastly overlooked non Internet-specific security precaution to consider is telegraphing personal life details in your day-to-day activities. “My child is an honor student” bumper stickers tells strangers where your kid goes to school and approximate age. School/sport team clothing lets strangers know where they can find you.  Those stick figure families on the rear car window are excellent for predators assessing the weaknesses of a potential target: single mom or military dad says there likely isn’t an adult male in the house. Kids telegraph the gender and age of the children in the house. No pets mean no animal to alert you of intruders. Kids in sports gear means it’s likely nobody is home in the early afternoons. All they need to do is follow you home.

WHAT NEXT?
This post is more to get you thinking about why you might want to protect your privacy and easy ways to do it. Next time I’ll go into tools and programs you can use to easily increase your security.