DEV Community

What personal privacy/security measures do you take?

Ben Halpern on January 13, 2017

Collapse
 
tribex profile image
Joshua Bemenderfer

I don't talk to anyone. Does that count? :P

Collapse
 
paragoniescott profile image
Scott Arciszewski
  1. I keep my software up to date. If you do nothing else on this list, do that.
  2. I use Signal.
  3. For Windows before 10, I used to use EMET. It blocked a few Firefox crashes that were either non-reproducible bugs or active exploits over the years. :)
  4. For Linux, I use the grsecurity kernel patches. (I run Debian with the dotdeb repositories for PHP 7.)
  5. I do most of my casual Internet browsing with Tor Browser (via torbrowser-launcher) inside of a virtual machine. Once a site is trusted, I'll actually visit it in my host OS.
  6. I use password managers. Mostly LastPass (for casual use) and KeePass (for high-security use).
  7. I encrypt my hard drives (with a 64-character passphrase) and smartphones (with a passphrase, not a PIN).
Collapse
 
onebree profile image
onebree

What do you store in Keepass that falls under high security use? Why not just use KP for everything?

Collapse
 
ghost profile image
Ghost • Edited

Maybe he just prefers the UI of LastPass over KeePass, and is willing to compromise on some security for usability?

Thread Thread
 
paragoniescott profile image
Scott Arciszewski

Precisely.

Collapse
 
udiudi profile image
Udi

One of the biggest measures is not exposing it online like that :)

Collapse
 
ziaa profile image
Seyed Zia Azimi

To take it even one step further, Even I did not exposing anything should I write a comment for questions like this at all?!
Some sort of Privacy Paranoia! :D

Collapse
 
bahlo profile image
Arne Bahlo
  • Password manager (1Password)
  • 2FA wherever possible
  • Disk encryption (FileVault)
  • Network filter (Little Snitch)
  • File access filter (Little Flocker)
  • Micro/Webcam access warning (Micro Snitch)
  • Persistent install warning (BlockBlock)
  • Being careful when installing software (Brew if available)
  • Block ads (uBlock/1Blocker)
Collapse
 
tecno-security profile image
TECNO Security

I choose to strictly control my geographical location rights, recording rights, photo rights, etc. Because I don't want my privacy to be leaked when I don't know it when I go out, I will turn on the geographical location, but when I arrive at my destination, I will immediately turn off this function to protect my privacy. Is there anyone just like me?

Collapse
 
soundstruck profile image
Dina Gathe

Sorry to answer with a question, but how does encrypting your hard drive affect your software development environment, VMs etc.? Does it make things slower?

Recently started using Tor/Signal/ProtonMail, 2FA.

Collapse
 
sironfoot profile image
Dominic Pettifer

AFAIK it has no effect on read speed, and very slightly slows down write speed, but not noticeably.

Collapse
 
k2t0f12d profile image
Bryan Baldwin

I've physically removed the webcam, microphone, hard disk, and bluetooth/wifi chip out of my laptop. I boot the machine with a USB Tails w' persistent encrypted volume. I will be disabling Intel's Management Engine firmware a la hackaday.io once my Beagleboard arrives.

Collapse
 
fezvrasta profile image
Federico Zivolo
  1. Update software regularly
  2. Use 2FA wherever possible
  3. Use complex passwords generated by 1Password
  4. I have an interactive firewall on my Macs (HandsOff!)
  5. All the security features of macOS enabled
Collapse
 
oneearedmusic profile image
Erika Wiedemann

I've had to increase my laptop security on two different occasions two totally different ways - I'm looking forward to this thread to fill in some gaps.

~5 years ago someone got into and locked me out of several of my social media and email accounts by 1) me not logging myself out at the end of my session (on their computer), and b) successfully guessing my security questions. This was before MFA was near-standard, so I at least implemented my own version with notifications/email. I then set MFA up as soon as it was available. I've beefed up my security questions and use LastPass as a PW manager (that never remembers me). I also only use my own laptop, or another computer I strongly trust. I also have a backup email and phone contact number.

The second time my laptop was physically stolen from my apartment. Luckily I'm confident my password was strong enough, and there was very little data stored on the machine - everything was backed up and also stored in 'the cloud.' Since then I've moved out and encrypted my HDD. I hope to get a kensington lock soon to try and bolt down the machine if I have to leave it at home. The laptop webcam is also covered.

Collapse
 
ennor profile image
Enno Rehling (恩諾)

All the normal stuff (password manager, encryption), plus I unsubscribe from every online service that gets pwned, or is otherwise using bad security practices (like, sends forgotten passwords over email). And yes, that means I can no longer have a Tumblr, LinkedIn, or Adobe account, but these are the breaks.

Collapse
 
mathur_anurag profile image
Anurag Mathur 
  1. All software updated. Work windows laptop protected with AV/ Firewall/ Host IDS/Disk Encryption. Home MBP always updated with disk encryption.
  2. Always use HTTPS
  3. I use iPassword to manage and generate passwords.
  4. Always logout at the end of session from any website.
Collapse
 
henrebotha profile image
Henré Botha

I do almost nothing, and it's terrible. I should know better.

I've recently started using uBlock Origin. I used Adblock Plus before that, but that was to avoid seeing & loading ads, not to protect myself. Installing uBO was intended as a security & privacy measure.

Collapse
 
tscs37 profile image
Tim Schuster
  1. Keep up to date
  2. Don't do stupid
  3. Backups
  4. Backups
  5. Backups
  6. Backups
  7. Password Manager
  8. Using the Password Manager
  9. Catch-All Emails to detect and pinpoint leaks (I recommend using a suffix like "-ca" to filter out any spam from Catch-All, google is f.e. "google.com-ca@example.com")
  10. U2F
  11. In case 10 fails, 2FA using Google Auth or similar apps
  12. Don't use SMS or DIY-2FA (looking at you Steam)
  13. uMatrix for Malware Domains (not ads)
  14. ABP to block almost malicious ads (enabled acceptable ads because personal reasons)
  15. Backups
  16. Encrypting the important stuff (I don't see the usefulness of fulldisk encryption on anything but portable devices)
Collapse
 
nyambol profile image
Michael Powe
  • Private VPN on all devices <------ !!! (I use PIA, but really: they're all so cheap, you're crazy not to use one.)
  • Password Safe for storing/generating passwords (Handy and works on all devices.)
  • Minimum password length 12 characters
  • Don't do business with or give PII to unverifiable sites. Seriously, know who you're doing business with!
  • Whole disk encryption on my linux box (and it is built in on my work laptop)
  • Periodically review list of devices connected to my network, and make sure I can identify who/what they are
  • For streaming accounts, periodically change password and/or kick off any registered devices that I can't identify
  • Set PIN's for online purchases when possible (e.g., Amazon)
  • Hushmail (I don't use this much, but I keep an active paid account just because I want to be able to send encrypted mail sometimes.)
  • Webcam unplugged when I'm not using it
  • My financial information and will, &c are on a hidden VeraCrypt volume. My wife has a poop sheet on how to find it and get into it. The volume itself is on a USB drive.
Collapse
 
jakallergis profile image
John A. Kallergis

Whats a poop sheet?

Collapse
 
sironfoot profile image
Dominic Pettifer
  • Don't install Flash (or any browser plugins), disable it if a browser comes with it preinstalled (Chrome)
  • Full disk encryption for all devices.
  • Password manager (1Password) with unique passwords for every service.
  • Use devices that have biometric login (e.g. Fingerprint) so people don't see you typing in your password, and it's not recorded by a security cameras (may sound silly but think this will become a new attack vector in the future).
  • Try to point computer screens away from windows (as in the glass kind, not the OS). All it takes is a competitor renting an office opposite yours, and armed with a high powered telescopic camera.
  • Use an AdBlocker.
  • Try to get all my software from official app stores (Mac App Store)
Collapse
 
_saul_ profile image
Saul

I got a aluminum baseball bat in my room, althought i think its for softball. Two-step verification and secondary email account and phone number. Linux (Debian) my main OS. Is it weird that i don't trust password managers? i mean, i rather memorize the passwords, even if there are a lot. I use AdBlock, but im guilty of whitelisting some of my favorite content creators.

Collapse
 
steveloughran profile image
Steve Loughran

Two tier network at home: DMZ for consumer stuff, "critical" for work. iPhone over android. Moving to yubikey for auth and code signing. Make sure that second-hand cars we buy don't come with adobe flash.

Still vulnerable to leakage of personal data from many sites, and wilful actions of installed phone apps like airline check in ones. Run 1+ of: Maven, apt-get or brew every single day on that critical development laptop

If I consider where I am most vulnerable, it is in that automated download and execution of developer tools and application libraries, To put it another way: the code I've written over the years runs on thousands of developer boxes every day. These people are relying not just on my competence, but my goodwill and the quality and detail of the peer review process in those OSS projects.

Video: youtu.be/tcRjG1CCrPs

Collapse
 
ssmusoke profile image
Stephen Senkomago Musoke
  1. Use different passwords for each service

  2. Keep software up-to-date

  3. Only use a single card for online purchases, hidden behind Paypal

  4. Use Single Sign On (SSO) for a secondary social media account, rather than my primary email address

  5. Do not use public computers for access

  6. Encrypt hard drives

  7. Do not put anything online that I do not want there

  8. Notifications on accounts so that I know what is going on with my account at all times

  9. 2 factor authentication where possible

Collapse
 
legolord208 profile image
jD91mZM2
  1. Stay logged out of Facebook. No idea how it's secure, but f*ck it.
  2. 1Password! DUDURU DUUUU
  3. Private Internet Access! DUDURU DUUUU

  4. Body Guard.... Just kidding I'm not the queen.

Collapse
 
justriedy profile image
Justin Riedyk
  1. Updates, always updates
  2. Password manager and long passwords, very long passwords. Passwords you will never want to enter by hand.
  3. Two Factor Auth anywhere I can.
  4. Ad Blocker.
Collapse
 
ryencode profile image
Ryan Brown

I don't know most of my passwords. Password manager to keep, and autogen.
Keep updated software. Ad Block. NO FACEBOOK GAMES!

Collapse
 
mnlwldr profile image
manuel
  1. Keep my software up to date.
  2. I encrypt files with gpg
  3. I use Signal
  4. I use Tor
  5. Different passwords
  6. I use MiniKeePass on iOS
  7. I use 2FA where possible
Collapse
 
vpzomtrrfrt profile image
VpzomTrrfrt

I use a password manager, I think my phone's encrypted.

Collapse
 
tamas profile image
Tamás Szelei
  • 2FA wherever I can
  • LastPass & randomized passwords everywhere
Collapse
 
galvao profile image
Er Galvão Abbott

Taped webcam, encrypted hard drive on my notebook.

Collapse
 
pryl profile image
Priyal Kumar

libreCrypt
Riot and wire instead of Whatspp
choco install unchecky

Collapse
 
pryl profile image
Priyal Kumar

I love dev.to

Collapse
 
zeyadetman profile image
Zeyad Etman
  1. I created a small program to save my passwords using algorithm of combination of some words and site link.
  2. I use TOR.
  3. I use 2FA.
  4. I Tapped Webcam and microphone.