DEV Community

Ben Halpern
Ben Halpern Subscriber

Posted on

What personal privacy/security measures do you take?

Top comments (34)

Collapse
 
tribex profile image
Joshua Bemenderfer

I don't talk to anyone. Does that count? :P

Collapse
 
paragoniescott profile image
Scott Arciszewski
  1. I keep my software up to date. If you do nothing else on this list, do that.
  2. I use Signal.
  3. For Windows before 10, I used to use EMET. It blocked a few Firefox crashes that were either non-reproducible bugs or active exploits over the years. :)
  4. For Linux, I use the grsecurity kernel patches. (I run Debian with the dotdeb repositories for PHP 7.)
  5. I do most of my casual Internet browsing with Tor Browser (via torbrowser-launcher) inside of a virtual machine. Once a site is trusted, I'll actually visit it in my host OS.
  6. I use password managers. Mostly LastPass (for casual use) and KeePass (for high-security use).
  7. I encrypt my hard drives (with a 64-character passphrase) and smartphones (with a passphrase, not a PIN).
Collapse
 
onebree profile image
onebree

What do you store in Keepass that falls under high security use? Why not just use KP for everything?

Collapse
 
ghost profile image
Ghost • Edited

Maybe he just prefers the UI of LastPass over KeePass, and is willing to compromise on some security for usability?

Thread Thread
 
paragoniescott profile image
Scott Arciszewski

Precisely.

Collapse
 
udiudi profile image
Udi

One of the biggest measures is not exposing it online like that :)

Collapse
 
ziaa profile image
Seyed Zia Azimi

To take it even one step further, Even I did not exposing anything should I write a comment for questions like this at all?!
Some sort of Privacy Paranoia! :D

Collapse
 
bahlo profile image
Arne Bahlo
  • Password manager (1Password)
  • 2FA wherever possible
  • Disk encryption (FileVault)
  • Network filter (Little Snitch)
  • File access filter (Little Flocker)
  • Micro/Webcam access warning (Micro Snitch)
  • Persistent install warning (BlockBlock)
  • Being careful when installing software (Brew if available)
  • Block ads (uBlock/1Blocker)
Collapse
 
tecno-security profile image
TECNO Security

I choose to strictly control my geographical location rights, recording rights, photo rights, etc. Because I don't want my privacy to be leaked when I don't know it when I go out, I will turn on the geographical location, but when I arrive at my destination, I will immediately turn off this function to protect my privacy. Is there anyone just like me?

Collapse
 
soundstruck profile image
Dina Gathe

Sorry to answer with a question, but how does encrypting your hard drive affect your software development environment, VMs etc.? Does it make things slower?

Recently started using Tor/Signal/ProtonMail, 2FA.

Collapse
 
sironfoot profile image
Dominic Pettifer

AFAIK it has no effect on read speed, and very slightly slows down write speed, but not noticeably.

Collapse
 
k2t0f12d profile image
Bryan Baldwin

I've physically removed the webcam, microphone, hard disk, and bluetooth/wifi chip out of my laptop. I boot the machine with a USB Tails w' persistent encrypted volume. I will be disabling Intel's Management Engine firmware a la hackaday.io once my Beagleboard arrives.

Collapse
 
fezvrasta profile image
Federico Zivolo
  1. Update software regularly
  2. Use 2FA wherever possible
  3. Use complex passwords generated by 1Password
  4. I have an interactive firewall on my Macs (HandsOff!)
  5. All the security features of macOS enabled
Collapse
 
oneearedmusic profile image
Erika Wiedemann

I've had to increase my laptop security on two different occasions two totally different ways - I'm looking forward to this thread to fill in some gaps.

~5 years ago someone got into and locked me out of several of my social media and email accounts by 1) me not logging myself out at the end of my session (on their computer), and b) successfully guessing my security questions. This was before MFA was near-standard, so I at least implemented my own version with notifications/email. I then set MFA up as soon as it was available. I've beefed up my security questions and use LastPass as a PW manager (that never remembers me). I also only use my own laptop, or another computer I strongly trust. I also have a backup email and phone contact number.

The second time my laptop was physically stolen from my apartment. Luckily I'm confident my password was strong enough, and there was very little data stored on the machine - everything was backed up and also stored in 'the cloud.' Since then I've moved out and encrypted my HDD. I hope to get a kensington lock soon to try and bolt down the machine if I have to leave it at home. The laptop webcam is also covered.

Collapse
 
ennor profile image
Enno Rehling (恩諾)

All the normal stuff (password manager, encryption), plus I unsubscribe from every online service that gets pwned, or is otherwise using bad security practices (like, sends forgotten passwords over email). And yes, that means I can no longer have a Tumblr, LinkedIn, or Adobe account, but these are the breaks.