Safety: a list of techniques
Published 2024-05-20Updated 2024-05-22
Here you’ll find the most effective techniques to keep yourself safe online.
This guide is aimed at a general audience.
None of the content here is or will ever be sponsored by any company.
This guide started off as a suggestion list for family and friends.
I wanted to share something free to the world to help everyone be a little safer.
This is the result.
It’s important to note that digital safety is best approached in layers.
Just a single intervention here will not make users secure, but together the interventions create a strong web of protection.
- Make sure to turn on 2-factor authentication.
- Use a Yubikey (you’ll want two) for accounts that support them.
- Setup the Advanced Protection Program for your Google accounts.
- If on Apple, turn on Advanced Data Protection for iCloud.
- Use a password manager to generate and store passwords.
- Use Passkeys.
- Prefer built-in password managers (Chrome’s password manager, or Apple iCloud Keychain)
- If you need a cross-platform password manager use Bitwarden or 1Password
- Use a dice-based mnemonic password for computer logins or main passwords.
- Make sure to put a long and random passcode on your phone.
- Use Signal as your main messaging app.
- Block ads by using DNS or install the Ublock Origin browser plugin for desktops.
- Get notified about account breaches.
- Use a Google Pixel or an iPhone for a phone.
- Use a Chromebook or an iPad for a main computer.
- Stop using devices that no longer receive updates.
- Only install apps from the Google Play Store or the Apple App store on mobile.
- If you have to use Windows, stop paying for antivirus and use Windows Defender (built-in). Be very careful what apps you install, and prefer installing from Windows store or using Edge to get stuff done. Turn on disk encryption with Bitlocker.
- If you have to use MacOS, make sure to understand and turn on all security features.
- If you decide to use Linux, use a Chromebook.
- If you need different hardware or distros for linux, only use hardware vendors that regularly update firmware via
fwupdand consider immutable distros. - Avoid doing personal stuff on work computers, use your phone instead.
- Back. Up. Your. Shit. Do not pay for ransomware.
- Be careful about what content you post that includes your face and be mindful where you show your face in public, as facial recognition software has approached a highly dangerous era of accessibility.
- Beware of common scams or emails/links that contain malware like:
- Understand what stalkerware is and how to avoid it.
- Verify who people are, as people can fake and try to convince folks who they are in a process called social engineering.
- Know how to temporarily disable biometrics on Android and on iOS/iPadOS.
- Consider using a service that tries to remove your personal information from the web or doing a DIY approach to this.
- VPNs are usually not the tool you want for privacy.
- Public WiFi is usually totally fine
- The security tools and devices that ordinary folks have access to, allow for more power to the people than ever before. At the same time, those opposed to progress seek to limit tools and rights (and even books) that empower worker organization, law enforcement accountability, reporting on the conditions of animals in factory farms, the right of LGBTQ people to exist, and the right to protest. It is my hope that the tools in this list will help folks stay safe as they use their voices to stand against hate, discrimination, and oppression.
This article was orginally released into the public domain under the CC0. Attribution is not required, but appreciated =)