Greetings Lobster-ers!
In the last few days, I’ve had a dearth of people ask about how to secure their data, remove data from various systems, switch to “better communication systems” (Signal, fediverse), and other types of data that could be criminalized. Some of that can include eliminating period tracking, or otherwise getting people to fill fake data.
I’m looking for simple concise bullet-points that we can run through to increase our security profile.
I saw the generic guides posted over at https://ssd.eff.org/ , but its more long-form and less bullet-point things at a time. I would appreciate if people have lists of links to secure/privatize/eliminate accessibility of their life. Again, this could be a nothing. In the good case, people can get a better security footprint and gain better control over their hardware and online lives. In the worst cases, could save people from potential criminalization or violence.
I would greatly appreciate any kind of leveling / tiering for any kind of security and privacy advice.
It’s rather unavoidable that whenever you ask someone about their take at privacy, you will find out you probably lost your both kidneys and half a lung, and your personal online privacy is a lost cause… unless you do some crazy witchcraft only they know about.
What I would prefer instead is some sort of tiering, along the lines of:
Bonus: What you can do if you suspect identity theft, privacy leaks and others
I would start with requirements that start with
1- https://digdeeper.neocities.org/articles/fake_initiatives
2- https://digdeeper.neocities.org/articles/botnet
3- https://digdeeper.neocities.org/articles/bypassing
comprehensive reference with efforts in accuracy and wide scoped analysis coverage
https://research.tue.nl/en/publications/communication-in-a-world-of-pervasive-surveillance-sources-and-me
https://anonymousplanet.org/guide.html
If this is to protect you from a large government, the chances are near zero. Even other large governments have a terrible track record of protecting themselves from each other. An individual has little hope, if they are actively being targeted. Their efforts are better spent organizing politically and monitoring/replacing the people in charge.
I like what @superdurszlak said here: https://lobste.rs/s/e1erlw/securing_ones_tech_digital_footprint#c_2fv1ke
Signal is the current gold standard for synchronous communications(chat basically). With the “Note to Self” feature, it also works as a global copy/paste and quick little notepad for yourself too.
Apple’s Mobile platforms are arguably still the gold standard security/privacy wise. Do more computing on iPhones and iPads. Be careful of app permissions, share your location with no 3rd party apps if you can, absolutely don’t share precise location data with anything if you can.
Learn how to lock your devices(it’s more complicated than one thinks, practice locking it securely), use a passcode only(if you can handle the ease of use issues) and keep your device up to date.
On iOS and Android eco-systems, you can turn on the protected mode. Absolutely read their documentation before doing as it has ease of use consequences.
On iOS it’s called ‘Advanced Data Protection’. Also, turn off accessing their services on the web if you can live with it(since many don’t even realize you can access these services on the web, it’s possible). Also turn on contact verification. Read through their support documentation around privacy and security and understand what you are signing yourself up for. Also Lockdown mode: https://support.apple.com/en-us/105120
Yes, you can make the Android system be roughly as secure, but not by default, or by just changing a few easy to find settings. You have lots of hoops and complications to jump through. Triply so if you don’t trust Google.
The good of this ecosystem, you can use it even if you don’t trust Google, by using GrapheneOS or something(I’m not up to speed on the latest here). If you don’t trust Apple, you pretty much can’t use any Apple device, ever.
There are 3rd party secure period trackers, but unless you NEED to track it electronically, I’d suggest you just don’t. A paper calendar hung on the fridge or bathroom mirror works very well.
I played a bit with creating a Git-based Markdown “wiki” (but in Spanish, and oriented to Spain). I feel there’s a huge dearth of this kind of information.
Actually, the Spanish government has a site about this that is not great, but it’s much better than I expected. But I feel these things should have public trackers, accept contributions, etc. (e.g. “edit this page” that sends a public change request).
My dad (70-something) is a bit scared of online interactions, and frequently forwards me and my brother stupid advice from general media. I would really love to have a good checklist of “if you follow this advice, you’re 95% there”. Something that is written for people who don’t “know”.