Tools and tips for internet privacy

Thought it might be useful to start a thread for people to share tools they use for enhancing their online security and privacy.

A few general things to keep in mind:

- There's probably no such thing as 100% security and privacy. That doesn't mean there's no such thing as better security and privacy. Just as doing things like locking your car door and not leaving valuable in your car won't guarantee it won't be broken into, but still greatly reduces the risk, you likely can't 100% block all tracking and security threats online but can still do a lot.

- The context here is general audience, not people who face targeted attacks. Some people can get overy paranoid IMO when discussing online security and privacy. Obviously if a government or other well-heeled organization is specifically coming after you, things are different -- but most of us aren't in that situation.


That said, here's some tools I use:

- Password manager. You should never re-use passwords across sites, or easily-guessed variations on the same password. Let's say you use the password p@ssword for some online store, and also for your bank. If that online store has a data breach, now your bank password is compromised too. How do the hackers know that's also your bank password? They don't, but it's trivial to take stolen login credentials and bulk attempt to log in to other sites. It's like finding a set of keys and then seeing which locks they fit, but online you can try thousands and thousands of locks very quickly. Having unique passwords per site guards against this.

I personally use lastpass, but others I've seen recommended and people be happy with are bitwarden and 1password (recommended by the NYT).

- Two Factor Authentication (2FA) for sensitive accounts such as banks, email, etc. This is usually something like a password plus a code sent to your phone, or a code on an authenticator app, or a yubikey. The idea here is that even if your password is compromised, that is not enough on its own to gain access to your account.

- Browser-based ad blocker. I use uBlock Origin. It not only blocks most ads, but also many trackers. On the ethics of this, some will argue that ads are needed to support the creation of all the content and services we're browsing. I do agree that people deserve to be paid for their work (and not just deserve -- need to be paid if we expect people to build and write stuff), but 1) I do try to pay for content I value. I have subscriptions to a few news sites, pay for Spotify to listen to music, etc. 2) Having ads in exchange for free content seems like a reasonable exchange. Having trackers that vacuum up my personal data and get resold to data brokers and weave me into a vast web of surveillance capitalism does not. I'm willing to pay for content. I'm not willing to pay to still get ads AND have my personal information be turned into a revenue stream powering mega corporations.

- DNS level ad and tracker blocker - https://nextdns.io/. Tools like uBlock origin only work on your browser, and are limited by your browser's capabilities (Firefox allows more ways for uBlock to work effectively, Chrome is making changes to make blockers less effective, and most browsers, including Microsoft Edge, are variants on Chrome). Something like NextDNS, OTOH, blocks things at your device level. I've only just started using it for a few weeks so can't give an in-depth opinion on it, but so far I've found it helpful for getting around sites that uBlock origin has trouble with.


Senior Planet just did a very helpful webinar on this topic.  In addition to the first two items you mentioned, they stressed how important it is to watch what you write on social media.


I've had many discussions with my elderly parent about the Internet security and scams.  I told them to assume every email/text is a scam if they don't know the person or if the company/person requests any information.  Even then it can be tricky, because some scams pretend to be someone you know.



In order to add a comment – you must Join this community – Click here to do so.