Privacy and Security on the Web and IRL?

Simple living, extreme early retirement, becoming and being wealthy, wisdom, praxis, personal growth,...
TopHatFox
Posts: 2322
Joined: Thu Oct 17, 2013 10:07 pm
Location: FL; 25

Privacy and Security on the Web and IRL?

Post by TopHatFox »

I thought these two episodes were excellent!

https://radicalpersonalfinance.com/461- ... y-podcast/

https://radicalpersonalfinance.com/461- ... y-podcast/

I'm planning on reading some of the practical security and privacy books suggested in the notes. This is a skill set to build, and some of the low-hanging fruit are pretty easy to integrate into our web of goals. For instance, an RFID-blocking wallet is just about the same aesthetically as a standard wallet, but it hinders theft more. Or an encrypted email server like ProtonMail delivers e-mail just as good as Gmail.

Interesting stuff. What do you to protect your privacy and security?

onewayfamily
Posts: 56
Joined: Mon Jul 24, 2017 9:13 am
Contact:

Re: Privacy and Security on the Web and IRL?

Post by onewayfamily »

I definitely don't do enough but a couple pretty obvious tips that come to mind:
- 2-factor authentication on as many things as you can bear the additional annoyance with
- never send passwords, credit-card details etc. unencrypted (e.g. as plain text)
- install Prey on all of your devices (this helps just as much with losing your phone as if it gets stolen)
- password-protect all of your devices

In general though I think tools such as gmail, Google Drive, WatsApp etc. are pretty damn secure for the average user.

Campitor
Posts: 1227
Joined: Thu Aug 20, 2015 11:49 am

Re: Privacy and Security on the Web and IRL?

Post by Campitor »

  • Try to keep your online data as isolated from your real life as possible - don't publish addresses, birthdays, phone numbers, private emails, etc.
  • Beware of free devices such as thumb drives, software, etc., handed out at public events - lots of them contain malware.
  • Beware of free wifi and don't visit any of your financial accounts or input any data or passwords while you're on it.
  • There is only so much you can do to ward off a determined and skilled hacker(s) so its best to remain vigilant. Setup notifications thresholds for any bank accounts and credit cards.
  • Use 36+ character passwords wherever possible.

TopHatFox
Posts: 2322
Joined: Thu Oct 17, 2013 10:07 pm
Location: FL; 25

Re: Privacy and Security on the Web and IRL?

Post by TopHatFox »

Any other thoughts? As relatively HNW people, we do have more to lose than most~

TimeTravel
Posts: 71
Joined: Sat Dec 10, 2016 1:04 pm

Re: Privacy and Security on the Web and IRL?

Post by TimeTravel »

Some things which I do:

- use, long random passwords that I don't even know. Kept in encrypted password manager program
- use random answers to challenge questions
- 2FA when possible (use authenticator app as 1st preference, SMS second)
- veracrypt containers for sensative data kept on computer
- regular system backups to protect against ransomeware attacks
- updated anti-virus software
- run malwarebytes regularly to check for malware
- use Epic privacy browser and sandbox software if looking at higher risk sites or more privacy needed

User avatar
Ego
Posts: 6359
Joined: Wed Nov 23, 2011 12:42 am

Re: Privacy and Security on the Web and IRL?

Post by Ego »

-Lastpass with a yubikey second-factor authentication. After the password manager is installed, use it to generate extremely long gibberish passwords.

-VPN for both privacy and security for both computer and phone

-Setup two factor wherever possible and encrypt everything.

-Setup accounts to email or text you when transactions occur. If you use a google voice number it will send to both email & text

-Use Signal for text and encourage others to do the same.

-For privacy, run https://panopticlick.eff.org/ to see if your browser is trackable.

-Use a throwaway email when registering for sites that are not important.

-I plan to change my nationality with the various tech companies once the GDPR comes into force next May to aquire the additional protections it provides.

https://www.wired.co.uk/article/what-is ... fines-2018

vexed87
Posts: 1521
Joined: Fri Feb 20, 2015 8:02 am
Location: Yorkshire, UK

Re: Privacy and Security on the Web and IRL?

Post by vexed87 »

I used this to create very long but memorable passwords:
http://world.std.com/~reinhold/diceware.html

I use keepass to manage passwords from an executable on an encrypted USB drive, that way every service has a unique password. I don't like last pass because it stores your passwords remotely. Anyone could get hold of your passwords if they intercept your master password with a keylogger. At least keepass keeps the database locally, that sort of acts like a two factor authentication. Yes, of course this is not fool proof either, but it's an extra step.

I also delete/ban cookies on all devices. It means logging into websites more often, but it means you are harder to track, and your accounts are more secure. Also, never let another app remember your passwords etc, I use keepass only. two-factor auth. is essential for any e-mail addresses that are required to reset passwords. I used Tor for a while, but gave up on it because I don't browse the web looking for 'sensitive' stuff anyway.

Secure means less user friendly, so the degree to which you protect your data depends on the damage that could be done by someone accessing that data. I don't make my living on a PC, so at best, all I have to protect are personal photos, financial logins and email privacy. Any data I consider important and essential is backed up to multiple devices, including encrypted SD cards hidden in plain sight around the house. I'm glad I'm that anal about it, because my 1TB HDD failed without warning last week, and I might have lost all my digital media.

I can't login to my online banking without my USB drive (it is backed up in a secure location), but that makes it so much safer. For instance, no one could extort me for money if I don't have my USB drive on person. I literally don't know my passcodes for the majority of services, e-mail included.

luxagraf
Posts: 215
Joined: Tue Nov 26, 2013 4:32 pm
Contact:

Re: Privacy and Security on the Web and IRL?

Post by luxagraf »

Ego's advice is excellent, but I also think it's worth bearing in mind that identity theft and whatever else you're trying to protect against rarely happens by someone attacking you directly. You're interesting or valuable enough to target. Your data leaks when massive amounts of millions of people's data are bulk harvested from companies which for one reason or another have screwed up their security. And there's next to nothing you can do about that save making all-cash in-person transactions.

What these suggestions do is try to limit the damage and that's good, but it's not the same as being "secure" online, which no one is by virtue of the medium. So while all this stuff is good advice, it's also useless when your data is being stored outside your control, which is its every time you connect, for example, your credit card to an email address to get a reciept emailed to you (something I've noticed is increasingly common).

BMWalter333
Posts: 4
Joined: Fri Aug 25, 2017 1:16 pm

Re: Privacy and Security on the Web and IRL?

Post by BMWalter333 »

I always use "passphrases" instead of passwords. Think of a decently long sentence you will not forget, add a few numbers at the end, and you have a super long password that is much more difficult to hack.

User avatar
Ego
Posts: 6359
Joined: Wed Nov 23, 2011 12:42 am

Re: Privacy and Security on the Web and IRL?

Post by Ego »

onewayfamily wrote:
Sat Aug 19, 2017 7:33 am
- install Prey on all of your devices (this helps just as much with losing your phone as if it gets stolen)
Anyone else using one of these? Some of the other options are Lojack, Computrace and Cisco Meraki.

The Old Man
Posts: 503
Joined: Sat Jun 30, 2012 5:55 pm

Re: Privacy and Security on the Web and IRL?

Post by The Old Man »

https://haveibeenpwned.com/
The above site will tell you if your email has been hacked.

https://haveibeenpwned.com/Passwords
The articles they have on passwords are scary.

User avatar
Ego
Posts: 6359
Joined: Wed Nov 23, 2011 12:42 am

Re: Privacy and Security on the Web and IRL?

Post by Ego »

Google launched Advanced Protection for accounts today.

They use two physical security keys, the Yubico USB key for computers and the Feitian bluetooth enabled key for mobile devices. May be overkill for most.

https://www.wired.com/story/google-adva ... n-accounts

https://landing.google.com/advancedprotection/

User avatar
jennypenny
Posts: 6851
Joined: Sun Jul 03, 2011 2:20 pm

Re: Privacy and Security on the Web and IRL?

Post by jennypenny »

Isn't google who we're protecting ourselves from? ;)

User avatar
Ego
Posts: 6359
Joined: Wed Nov 23, 2011 12:42 am

Re: Privacy and Security on the Web and IRL?

Post by Ego »

Nah, we're protecting ourselves from super-cute, submissive looking robots. SFW
https://theconversation.com/super-cute- ... them-84428

User avatar
JWJones
Posts: 36
Joined: Fri Sep 22, 2017 5:44 pm
Location: Oregon
Contact:

Re: Privacy and Security on the Web and IRL?

Post by JWJones »

Ego wrote:
Tue Oct 17, 2017 7:19 pm
Nah, we're protecting ourselves from super-cute, submissive looking robots. SFW
https://theconversation.com/super-cute- ... them-84428
Hmm, cuteness must certainly be in the eye of the beholder, 'cause to me those things are damned ugly!

User avatar
Ego
Posts: 6359
Joined: Wed Nov 23, 2011 12:42 am

Re: Privacy and Security on the Web and IRL?

Post by Ego »

JWJones wrote:
Wed Oct 18, 2017 7:24 am
Ego wrote:
Tue Oct 17, 2017 7:19 pm
Nah, we're protecting ourselves from super-cute, submissive looking robots. SFW
https://theconversation.com/super-cute- ... them-84428
Hmm, cuteness must certainly be in the eye of the beholder, 'cause to me those things are damned ugly!
Don't worry, they will take that quote into consideration when presenting you with a version that YOU think is cuter that anything you could have imagined. :D

bryan
Posts: 1061
Joined: Sat Nov 29, 2014 2:01 am
Location: mostly Bay Area

Re: Privacy and Security on the Web and IRL?

Post by bryan »

One thing that I should aim to become better at is isolating my "personas" (identity) from each other while online. Some browsers/OSes offer such features for advanced users but I'm not sure to what extent they help keep you in check (e.g. warn/remind you if attempting to log in to any accounts, allow a blacklist of sites?).

User avatar
JWJones
Posts: 36
Joined: Fri Sep 22, 2017 5:44 pm
Location: Oregon
Contact:

Re: Privacy and Security on the Web and IRL?

Post by JWJones »

I have two email accounts, one is pretty secure (riseup.net) and the other is more so (protonmail.com). I have no social media accounts; not interested in being data-mined for advertising purposes.

I use the SeaMonkey browser with HTTPS Everywhere and uBlock Origin plug-ins, and also the Epic browser to access the web. I do not use any Google products (search, gmail, Drive, etc.). I do not allow the Flash plug-in on my computers, and only sometimes allow Java to run.

In the past, I went to even greater lengths for computer/web security. I used OpenBSD on both my laptop and desktop, and the xombrero browser.

As for IRL security, I carry a minimalist wallet, in my front pocket. I have studied various martial arts since the age of five (I'm 51 now), and practice "situational awareness." I also have a CCL, although I rarely carry.

For those interested, J.J. Luna's book "How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life" is pretty decent, in my opinion.

The Old Man
Posts: 503
Joined: Sat Jun 30, 2012 5:55 pm

Re: Privacy and Security on the Web and IRL?

Post by The Old Man »

JWJones wrote:
Thu Oct 19, 2017 11:12 am
For those interested, J.J. Luna's book "How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life" is pretty decent, in my opinion.
Concur. Its focus is on the real world. It is limited and out of date for the online world. What many forget is that the real world is important and is more important than the online world.

User avatar
JWJones
Posts: 36
Joined: Fri Sep 22, 2017 5:44 pm
Location: Oregon
Contact:

Re: Privacy and Security on the Web and IRL?

Post by JWJones »

General Snoopy wrote:
Wed Oct 25, 2017 8:13 pm
It is limited and out of date for the online world. What many forget is that the real world is important and is more important than the online world.
Yup, for the digital world, I would recommend this one:

https://www.amazon.com/dp/152277890X/

Post Reply