Being safe online
4 min read

Being safe online

Or "internet hygiene" as it's called nowadays.

This is a topic I've been meaning to write a post on for a long time. It'll be quite long but I think it should prove valuable to a few people - these are all products & services that I've either used, or still use. They all fall in line with best practices adopted by guides such as Privacy Guides.

THIS POST IS BROUGHT TO YOU BY A VPN

Bet you're sick of these Youtube ad placements too. VPNs are useful but they're not all they're made out to be either. They won't prevent you from getting malware, nor are all of them what they claim to be.

That said, I highly recommend everyone use a VPN. Seeing as we deal in torrents, it's even more important. VPNs work by connecting to a remote server and tunnelling all your traffic through said server. It protects you from things like IP grabbers. It protects you from your ISP. It protects you if you're using open WiFi. It can help in protecting you from services like Facebook by removing their ability to track your browsing habits. It can help protect you from things like over-reaching government agencies, like in the US and UK. If you torrent things like Movies or Music, it can protect you from DMCA letters.

To reiterate, torrents broadcast your IP address because it's peer to peer - you should always be using a VPN.

As for what VPN to choose, I always recommend Mullvad. They don't do things like affiliate marketing and they'll even accept payment by cash in an envelope. You can read more about their policies here. Mullvad are fantastic, everyone I've recommended has loved it.

I recommend using Wireguard as your VPN tunnel where possible. If you run a linux distro, wireguard was incorporated into the linux kernel itself from version 5.6 onwards. You can combine Wireguard with Mullvad including a killswitch and have a complete setup. You can test your connection here.

Browsers

Firefox. Nothing else comes close unless you're using a fork such as Librewolf.

Firefox allows you to customize it and enforce your own settings. You should always:
1. Configure strict tracking protection.
2. Ensure Firefox sends "do not track" requests.
3. Does not save your logins & passwords (we'll get to this later).
4. Doesn't save any of your browsing or usage data.
5. Does warn you about potentially dangerous downloads.
6. Does query OSCP responses.
7. Does enforce HTTPS only.
8. Blocks all popups.

You can almost but not quite achieve the same thing with Chromium as it's "de-googled". Why bother though when you can just use Firefox instead?

Browser extensions

Ublock Origin is mandatory. It's open source and it doesn't accept payment to whitelist ads like other "adblockers" do.

While other extensions might be "nice to have", they're really not all that necessary. With a good VPN, correctly configured Firefox & Ublock origin, you're already 90% done. As for the other 10%...

A healthy dose of common sense.

There might very well be horny singles in your area, but they won't be advertising to you on porn sites bro.

Don't use "free" VPNs, it's highly probable that the "free" VPN you're using is either A) collecting and selling your data or worse B) providing your own internet connection as a VPN to other users. As the old saying goes, "if it's free, you're the product". Like email, VPNs are worth paying for which leads us nicely into...

Email

All things considered, I don't consider this as important as the other steps in this guide however it deserves a mention too.

Yes, email is worth paying for. Tutanota, Protonmail, Mailbox.
It's worth noting that while your email will be encrypted, email headers are not. Also, these companies will obey court orders.
You can also use things like GPG to further encrypt, decrypt and verify email.

Account security & passwords

Every service should offer a version of Multi Factor authentication. If it does, you should always avail of it.

Always use a Password Manager. There are several ways you can do this:
1. Self host Bitwarden.
2. Use KeepassXC in conjunction with something like Nextcloud, Dropbox etc.

Bitwarden and KeepassXC can both integrate with your browser very easily.
There's absolutely no reason not to use a password manager. If you're not using a password manager, you're actively sabotaging yourself and frankly I'm surprised you're even reading this article. Reminder too, that Lastpass is not safe and has been breached several times (most recent).

TOR

TOR is awesome, however it's slow and that's less than awesome. If you wear a tinfoil hat, nothing beats it. We don't currently offer a .onion service however we don't actively block TOR exit nodes either.

Search Engines

This will mostly be user preference because by now you've ads blocked and most tracking blocked so this doesn't matter as much.

Duckduckgo is pretty good, but it uses Bing under the hood.
You could also use a public SearxNG instance if so inclined.

Real time protection

Also known as an "anti virus".

To be blunt, you don't need one. If you're on Windows you have one installed already and it's not as bad as you think - it's called Windows Defender. It doesn't get the credit it deserves because it's made by Microsoft but it's actually quite good.

You don't need one because:
1. By now, you've already got all ads blocked.
2. You're not clicking on download links in your email.
3. You're not downloading weird executables from sites you've never seen before.

If you're paying for an Antivirus you're smart enough to know what malware is and if you're this smart, you should know how to avoid it in the first place. It can encourage carelessness and recklessness. If you use one and and you're happy with it, great! Just remember that no anti-virus can ever offer 100% guaranteed protection.

Be mindful of how much you share.

You don't need to tell discord friends your real name, or any information about where you live. You can be friendly and have fun while also being careful, it just requires a little restraint sometimes.

Useful resources

https://www.eff.org/
https://www.privacyguides.org/