Being safe online
5 min read

Being safe online

Or "internet hygiene" as it's called nowadays.

This is a topic I've been meaning to write a post on for a long time. It'll be quite long but I think it should prove valuable to a few people - these are all products & services that I've either used, or still use. They all fall in line with best practices adopted by guides such as Privacy Guides.
It might also sound a bit arrogant in some places, enjoy!

NB: This is a draft and might change a bit in the coming hours/days.

THIS POST IS BROUGHT TO YOU BY A VPN

Bet you're sick of these Youtube ad placements too. VPNs are useful, sure but they're not all they're made out to be either. They won't prevent you from getting malware, nor are all of them what they claim to be.

That said, I highly recommend everyone use a VPN. Seeing as we deal in torrents, it's even more important. VPNs work by connecting to a remote server and tunnelling all your traffic through said server. It protects you from things like IP grabbers. It protects you from your ISP. It protects you if you're using open WIFI. It can help in protecting you from services like Facebook by removing their ability to track your browsing by IP address. It can help protect you from things like overly protective government agencies, like in the US and UK. If you torrent things like Movies or Music, it can protect you from DMCA letters.

To reiterate, torrents broadcast your IP address because it's peer to peer - you should always be using a VPN.

As for what VPN company to choose, I always recommend Mullvad. They don't do things like affiliate marketing and they'll even accept payment by cash in an envelope. You can read more about their policies here. Mullvad are fantastic, everyone I've recommended has loved it.

Full disclosure, we also recommend NordVPN as we're an affiliate of theirs. To their credit, Nord have successfully verified their "no logging" policy three times. Notably, this audit was done by Deloitte, a world renowned auditor you may have heard of.

I recommend using Wireguard as your VPN tunnel where possible. If you're fortunate enough to be using a linux distro, wireguard was incorporated into the linux kernel itself from version 5.6 onwards. You can combine Wireguard with Mullvad including a killswitch and have a complete setup. NordVPN has their own "installer" which is built around wireguard. Whichever you choose, you should always make sure a killswitch is configured so as not to accidentally leak your IP if your connection to the VPN falters.

Browsers

Firefox. Nothing else is acceptable, unless you're using a fork such as Librewolf.

Firefox allows you to customize it and set your own strict settings. You should always:
1. Configure tracking protection.
2. Ensure firefox sends "do not track" requests.
3. Does not save your logins & passwords (we'll get to this later).
4. Doesn't save any of your browsing or usage data.
5. Does warn you about protentially dangerous downloads.
6. Does query OSCP responses.
7. Does enforce HTTPS only.
8. Blocks all popups.

You can almost but not quite achieve the same thing with Chromium as it's "de-googled". Why bother though when you can just use Firefox instead?

Browser extensions

Ublock Origin is mandatory. It's open source and it doesn't accept payment to whitelist ads like other "adblockers" do.
Adnauseam also deserves a mention just because of the sheer chaos it can cause for advertisers.

While other extensions might be "nice to have", they're really not all that necessary. With a good VPN, correctly configured Firefox & Ublock origin, you're already 90% done. As for the other 10%...

A healthy dose of common sense.

There might very well be horny singles in your area, but they sure as hell won't be advertising to you on porn sites bro.

Don't use "free" VPNs, it's highly probable that the "free" VPN you're using is either A) collecting and selling your data or worse B) providing your own internet connection as a VPN to other users. As the old saying goes, "if it's free, you're the product". Like email, VPNs are worth paying for which leads us nicely into...

Email

All things considered, I don't consider this as important as the other steps in this guide however it deserves a mention too.

Yes, email is worth paying for.
Tutanota
Protonmail
It's worth noting that while your email will be encrypted, email headers are not. Also, these companies will obey court orders.
You can also use things like GPG to further encrypt, decrypt and verify email.

Account security & passwords

Every service should offer a version of Multi Factor authentication. If it does, you should always avail of it.

Always use a Password Manager. There are several ways you can do this:
1. Self host Bitwarden.
2. Use KeepassXC in conjunction with something like Nextcloud, Dropbox etc.

Bitwarden and KeepassXC can both integrate with your browser very easily.
There's absolutely no reason not to use a password manager. Stay away from gutter-trash like Lastpass and sorry boomer, post-it notes are dumb. If you're not using a password manager, you're actively sabotaging yourself and frankly I'm surprised you've even read this article.

Tor

Tor is awesome, however it's slow and that's less than awesome. If you wear a tinfoil hat and believe in chemtrails, nothing beats it.
Note: If you're doing stuff that's turbo illegal, Tor won't save you - don't drop the soap.

Search Engines

This will mostly be user preference because by now you've ads blocked and most tracking blocked so this doesn't matter as much.

Duckduckgo is pretty cool, but it uses Bing under the hood.
You could also use a public SearxNG instance if so inclined.

Real time protection

Also known as an "anti virus".

To be blunt, you don't need one. If you're on Windows you have one installed already and it's not as bad as you think - it's called Windows Defender. It doesn't get the credit it deserves because it's made by Microsoft but it's actually quite good.

You don't need one because:
1. By now, you've already got all ads blocked.
2. You're not clicking on download links in your email.
3. You're not downloading weird executables from sites you've never seen before.

I am 100% serious, you do not need one. Take that 45dollars or whatever you're paying for your AV and donate it to something like Doctors without Borders or UNICEF. If you're paying for an Antivirus you're smart enough to know what malware is and if you're this smart, you should know how to avoid it in the first place. It doesn't make you "smart" or more informed, it makes you look gullible and shows that you don't trust your own ability to browse the big bad internet safely.

Be mindful of how much you share.

Here's a fun example. Ever see those things online that were like, "find out your pornstar name"? Basically, it'd ask you to combine your first pets name with the street name you grew up on. Seems harmless right?
Until you realise simple questions like that are the most common security questions. Thankfully this isn't really a thing anymore due to MultiFactor Authentication but it serves as a good example as to how easy it can be to unwittingly gather sensitive information.

You don't need to tell discord friends your real name, or any information about where you live etc. You can be friendly and have fun while also being careful, it just requires a little restraint sometimes.

Useful resources

The EFF https://www.eff.org/
https://www.privacyguides.org/