In these last few months celebrities had their private (and nude) photos hacked and leaked online. Regular people (like you and me) had their credit cards, addresses, social security numbers, etc, sold in online black markets after hackers stole terabytes of data from hospitals, banks, large store chains, small mom & even pop shops. I bet that your entire identity is probably on sale *right*now* on Silk Road 2.0 for pennies.
Last year there was a lot of focus on governments and social networks invading your privacy. But that’s not really scary to most people (except journalists, activists, gamblers, and tax evaders). This year however, there is a lot of focus on everyday criminals invading your privacy and how much it costs you in both time and money. Such concerns apply to EVERYBODY, not just paranoid libertarians.
So here is what I do to protect myself online.
- I change my passwords for *everything* regularly. As well as my credit card numbers.
- I avoid putting my credit card number and personal information for online purchases. Instead I’ve started using digital cash (e.g. “bitcoins”) when I buy things online. This is also good because no criminals can intercept my information over wireless (actually a very common problem in cafe’s).
- I check my monthly statements from my credit union regularly to check for bogus charges.
I have the following plugins on my browser:
- HTTPS-Everywhere (which forces a secure connection if the option exists), Adblock (blocks ads, many of which track your online activities). I do not store a single password in the browser itself because that is unsafe.
- Flashblock (which blocks flash unless you allow it, because much malicious software is actually Flash),
- and LastPass (which allows me to keep a separate and complex passwords for every website, easily).
- I use DuckDuckGo instead of Google for web searches.
- I surf and buy in Private Browsing Mode so as limit how many cookies follow me around online. But honestly, this doesn’t do a whole lot for security.
Sometimes, I use TOR for browsing. But honestly, I don’t need to. I should just get a VPN for like $30/year. Some people however do legitimately need to use TOR (mostly in authoritarian countries), and the more people use the network the better it works, so perhaps it’s worth the occasional use.
Additionally I have a very long and complex password for my computer. I’m making encrypted backups of all my files. I’m encrypting my harddrive this weekend. I also want to get in the habit of encrypting emails. Nothing nefarious, but if my email is ever hacked then I don’t want someone rummaging through it to find private details, or any financial information that I share with friends and family.
On my phone I have a strong password, I’m setting up TextSecure and RedPhone to encrypt my text messages and phone calls with friends and family. It is *very* easy for anybody to listen to a cell phone call. So if you ever talk about finances with friends and family over the phone, then you would be a fool not to encrypt your call so that some punk down the street doesn’t hear it on a scanner and then go online to basically rob you.
So… this is a few hours of work to set up and learn, but once it’s in place then it maintains itself. Cyber crime is on the rise, so this stuff will become more and more important. If you are interested in setting up any of these tools then give me a buzz and I’d like to help. Also, if you want to encrypt your email as well then let me know and we can sign each others public keys. I hope this was helpful to somebody.