personal-security-checklist/2_TLDR_Short_List.md
2020-05-16 23:47:52 +01:00

19 KiB

Personal Cyber Security | TLDR Awesome PRs Welcome LicenseContributors

Contents

PERSONAL SECURITY CHECKLIST

This is the shortened version of The Complete Personal Security Checklist. It lays out the 20 most essential security + privacy tips, that you should complete to protect your digital life.

Authentication

Browsing

  • Use a Privacy-Respecting Browser, Brave and Firefox are gtrat options. Set your default search to a non-tracking search engine, such as DuckDuckGo
  • Do not enter any information on a non-HTTPS website (look for the lock icon), consider using HTTPS-Everywhere to make this easier
  • Block invasive 3rd-party trackers and ads using an extension like Privacy Badger or uBlock
  • Don't allow your browser to save your passwords or auto-fill personal details (instead use a password manager, and disable your browsers own auto-fill)
  • Clear your cookies, session data and cache regularly. You could use an extension such as Cookie-Auto-Delete to automate this
  • Don't sign into your browser, as it further allows for your browsing data to be linked to your identity
  • Consider using Decentraleyes to decrease the number of trackable CDN requests your device makes
  • Consider using compartmentalization to separate different areas of your browsing (such as work, social, shopping etc), in order to reduce tracking. This can be done with Firefox Containers, or by using separate browsers or browser profiles
  • Test your browser using a tool like Panopticlick to ensure there are no major issues. BrowserLeaks and Am I Unique are also useful for exploring what device info your exposing to websites
  • Keep your browser up-to-date, explore the privacy settings and remove unnecessary add-ons/ extensions (as they may make you more trackable)
  • For anonymous browsing use The Tor Browser, and avoid logging into any of your personal accounts

Phone

  • Have a strong pin/password on your mobile device.
  • Turn off WiFi when your not using it, and delete saved networks that you no longer need (Settings --> WiFi --> Saved Networks).
  • Don't grant apps permissions that they don't need. For Android, you can use Exodus to quickly see the permissions and trackers for each of your installed apps.

Email

  • It's important to protect your email account, as if a hacker gains access to it he/she will be able to reset the passwords for all your other accounts. Ensure you have a strong and unique password, and enable 2FA.
  • Emails are not encrypted by default, meaning they are able to be read by anyone who intercepts them as well as your email provider (Google, Microsoft, Apple, Yahoo etc all monitor emails). Consider switching to a secure mail provider using end-to-end encryption, such as ProtonMail or Tutanota.

Networking

  • Use a reputable VPN to keep your IP protected and reduce the amount of browsing data your ISP can log. (Note: VPN's do not provide ultimate protection as advertisers commonly state). See thatoneprivacysite.net for a detailed comparison chart. ProtonVPN has a free starter plan, Mullvad is great for anonymity. Other good all-rounders include IVPN, NordVPN, TorGuard and AirVPN.
  • Change your routers default password. Anyone connected to your WiFi is able to listen to network traffic, so in order to prevent people you don't know from connecting, use WPA2 and set a strong password.
  • Update your router settings to use a secure DNS, such as Cloudflare's 1.1.1.1, this should also speed up your internet. If you cannot modify your roters settings, you can set the DNS on your phone (with the 1.1.1.1. app), or Windows, Mac or Linux. DNS is the system used to resolve URL's to their server addresses, many DNS providers collect data on your browsing habbits and use it to target you with ads or sell it on.

Devices

  • Keep software up-to-date. Security fixes and patches are released as updates, so it is important to install updates when prompted, for your phone, PC, router, IoT devices and all software/apps.

📜 See More: The Complete Personal Security Checklist


OPEN-SOURCE, PRIVACY-FOCUSED SOFTWARE

Switch to alternative open-source, privacy-respecting apps and services, which won't collect your data, track you or show targetted ads.

Security

Browser Extensions

Privacy Badger - Blocks trackers. HTTPS Everywhere - Upgrates requests to HTTPS. [uBlock Origin] - Blocks ads, trackers and malwares. ScriptSafe - Block execution of certain scripts. WebRTC Leak Prevent - Prevents IP leaks. Vanilla Cookie Manager - Auto-removes unwanted cookies. Privacy Essentials - Shows which sites are insecure

Mobile Apps

Exodus - Shows which trackers are on your device. Orbot- System-wide Tor Proxy. Island - Sand-box environment for apps. NetGuard - Controll which apps have network access. Bouncer - Grant temporary permissions. Greenify - Controll which apps can run in the background. 1.1.1.1 - Use CloudFlares DNS over HTTPS. Fing App - Monitor your home WiFi network for intruders

Online Tools

εxodus - Shows which trackers an app has. ';--have i been pwned? - Check if your details have been exposed in a breach. EXIF Remover - Removes meta data from image or file. Redirect Detective - Shows where link redirects to. Virus Total - Scans file or URL for malware. Panopticlick, Browser Leak Test and IP Leak Test - Check for system and browser leaks

Productivity Tools

File Storage: NextCloud. File Sync: Syncthing. File Drop: Firefox Send. Notes: Standard Notes, Cryptee, Joplin. Blogging: Write Freely. Calendar/ Contacts Sync: ETE Sync

📜 See More: Complete List of Privacy-Respecing Sofware


SECURITY HARDWARE

There are also some gadgets that can help improve your physical and digital security.

There's no need to spend money- Most of these products can be made at home with open source software. Here's a list of DIY Security Gadgets.

📜 See More: Privacy and Security Gadgets


Thanks for visiting, hope you found something useful here :) Contributions are welcome, and much appreciated - to propose an edit raise an issue, or open a PR. See: CONTRIBUTING.md.


Found this helpful? Consider sharing, to help others improve their digital security 😇

Share on Twitter Share on LinkedIn Share on Facebook Share on Mastodon

Licensed under Creative Commons, CC BY 4.0, © Alicia Sykes 2020

Follow Alicia Sykes on Twitter