Your personal data is very valuable. It is no wonder that hackers, governments, and corporations are trying to collect and catalog everything about you. Your search quires, your entertainment choices, your web history, online chats, and posts all paint a very detailed picture about who you are. Would you be comfortable sharing 100% of your online history with even the closest people to you in your life? Probably not – so why would you want to share it with people who have financial incentives to exploit all of your personal data and have access to it? There is a solution to stop the tracking though. And that is to take matters into your own hands and start protecting your data by changing your habits and using the correct software to enhance your privacy and anonymity.
Lets get one thing out of the way immediately. These steps I’m going to tell you are going to add a bit of a challenge to your computer and browsing habits. The web is designed in such a way as to not be private, combine that with a life of people being conditioned to trade off their privacy for convenience and you have the bulk of people relying on services such as google that heavily mine your data. In this article I’m going to start you down the right path to enhancing your privacy and security but it’s going to make things a bit more complicated as it requires a few more steps.
The first thing we will discuss is decentralizing your online accounts. Most people are using a single non-privacy respecting email (Gmail, Yahoo, Outlook, Hotmail, AOL, etc.) to sign up for everything from Netflix to Spotify, Grubhub, Uber, Amazon, etc. and what’s worse is they will oftentimes use the same password across all of these accounts including the email login. Just by doing this there is so much of your information that is going to be concentrated within that single email address! Especially, if you’re also using it as your primary email for correspondence. And if you’re reusing passwords any one of the services that are connected to it has a data breach that releases that password then your email and password will become available to that hacker and then they have access to everything and vice versa if the email service itself has a breach then all of the accounts that are connected to it become vulnerable to hacking. The most simple way to prevent this issue is to use a password manager along with multiple different email addresses. Way your all of your accounts won’t get hacked if one of your accounts happens to have a security breach. Also, your services cannot be personally linked to one another. This is one of the ways a dox might happen. Where one account that might be anonymous is linked to an account with personal information. For securing your passwords I recommend using KeePassXC or GNU password manager. Its best to avoid any password manager solution that asks you to pay money or does an online registration and syncing of your data to their cloud as that would compromise the anonymity of it. Unless you use Tor and a burner email to sign up for it then it’s going to be a little bit safer than just using clear-net and an email that is connected to your identity. However, again I suggest simply using an offline password manager since any password manager that needs an internet connection to work may be vulnerable to any type of eavesdropping that may happen when data from your computer is sent between it and a server. Of course, it’s also worth mentioning the (((Richard Stallman))) approach to password management and that’s to simply keep your passwords written down somewhere and keeping your damn mouth shut about it. As he would say,” You can’t hack pen and paper.” A Jew, but good advice nonetheless.
Now, when thinking through all of these things one important thing to keep in mind when securing your online activity is to create a “threat model”. This is simply a cyber security term used to by professionals when strategizing how to identify and defend a system from cyber threats. The process includes identifying defense mechanisms or weaknesses in a system and then provide the necessary mitigation. The most important part and the one we will be focusing on in this article is who and what you are actually going to be securing your data from. I must preface this by saying not to use this as your only source of legal advice but if your threat model includes law enforcement then you should take the additional step of not using any biometrics to secure any of your data or devices because fingerprints, face scans, and iris scans can be forcefully taken from you to unlock your data and unlock your devices. While passwords cannot unless of course you willingly give them up (that is unless you are subjugated to enhanced interrogation techniques) Again, this is not legal advice and I urge you to check local court cases where judges made rulings, such as the San Bernadino case. In general, European citizens have much more protection from these things than those in Asia or the Americas. So in addition to not using biometrics, an LE or government threat model should include having two-factor authentication for your hardware, for example a YubiKey for example. There are some downsides to using a hardware security key, if this key were to become lost or damaged all of your accounts that are connected to it would become inaccessible. Still, if the glow boys ever come knocking at your you can simply destroy your YubiKey Hillary Clinton style with a hammer and then all of those accounts would be inaccessible.
Next up we’re going to talk about real-time communication. For that there are a few options but this is where some additional work needs to be done for messaging. You will want to avoid SMS (short message service) at all costs. The detested green bubbles on an iPhone would be an example of an SMS conversation. These communications are not encrypted at all, meaning that they can be intercepted in plain text by cellular carriers, governments, or any hackers that decide to eavesdrop. In order to avoid SMS being used, both parties have to use the same kind of service that supports end-to-end encryption. This is where the toughest part is going to come in because obviously you’re going to need to get your normie friends, any family who still talks to you, or whoever you want to communicate with to use one of these services that they’ve probably never heard of such as Signal, Telegram, Element, Threema, Dust, and so on. These services generally aren’t advertised very much unless they follow Elon Musk on twitter. In general, it’s going to be a little bit tough to get normies to use them but they’re not terribly difficult to use. If you’re savy and have some experience with the aforementioned you’ll probably notice that the more secure the messenger is the less features it has. The easiest ones for n00bs are probably going to be Telegram or Signal. Remember Telegram does not do end-to-end encryption in its chats by default, that must be enabled. Signal is also an open source messenger that features end-to-end encryption with voice as well as video calling. It’s pretty easy to use but there are a handful of disadvantages to Signal. First, it’s still a centralized service. What this means is that its going to be more susceptible to backdoor access by any governments. Second, Signal’s ownership of the service could also very easily change into the hands of someone who doesn’t really care so much about the end user’s privacy. If a company getting into the hands of some non-privacy respecting entities is a major concern then I recommend that you use and convince your certified non-normie friends to use a federated service like Element or use a peer-to-peer solution such as Briar or Jami. Some more examples of federated privacy respecting social media platforms are Pleroma and Mastadon. I’ll be honest, they’re mostly platforms for nerds and weebs. That is, if you’re a verified oldfag then I don’t need to explain to you what type of political influence nerds and weebs on anonymous message boards have. Anyways, look out for those names in the news in the next couple of years when they start talking about censorship on Facebook and Twitter and what to do about it. Trust me, that problem has been solved but first thing you need to get off all social media now!
While we’re still on the topic of browsers its important to mention you should also avoid using search engines that are built to track your online activity across the web. Yes this means that Google and Bing should not be used for your search queries moving forward. At least not within the same privacy browsing profile. This doesn’t mean you can never use these searches, just use them sparingly and definitely not for anything that could be considered remotely dissident. Instead, you should be using services like (((DuckDuckGo))) owned and operated by a Jew which is probably the best Google alternative with a good track record. At the least it’s not connected to Google’s add engine nor does it manipulate search results. If you really wish to be the search engine dissident you can use start page to emulate google results in a more private way. For even better search privacy the search engine I’d recommend most is Searx as it is the most open (not open source) and transparent search engine that is currently available on the web. In reality you’re simply going to want to implement the use of multiple profiles within the browser for different use cases since even if you’re using a more privacy focused search engine other web pages you may have open can track your search results and target you adds. Maybe you still want to browse normie YouTube from time to time and leave comments, likes, and subscribes to your favorite content creators page. Its helpful maybe even for uploading videos if you’re a content creator yourself. Tl;dr if you just want to view other random things that you know you aren’t going to need a profile for to interact with it’s best to just browse to those pages from another browser profile altogether where you aren’t signed into your social media accounts. This will prevent those sites from tracking your watch history within the accounts themselves because of course they ultimately control the account they let you have for free. I’m sure you’ve heard this before but anytime there’s a service where something is free chances are you are the product.
There’s also much more to be taken into account to really protect your online security like securing your home wi-fi, securing your computers, your smartphones, and also how to just surf the internet without really revealing your identity. There are plenty of lengthy books, online tutorials, and classes all dedicated to the topic. This was meant to be an informative write-up to get you interested and researching these things on your own. Each person’s needs will be different and instead of trying to tell someone “you must do this or you must do that” it’s better to explain what’s out there, how it works, and why you may need it. The rest of the puzzle is up to you to solve, but when you do it correctly on your own it’s much more rewarding than paying someone else to do it or letting someone else decide what is best for you. Remember, you don’t have to start out with the devices you currently own – used cellphones and laptops to mess around with are cheap. As long as you aren’t storing important personal information on them the worst thing that can happens is you brick them. Learning to un-brick a phone or computer is also a rewarding skill to have. Another little tip is to think of online security like training form for lifting, the more you do it the more natural it becomes. Once you are finally confident in your skills you can start switching over to your “secure phone” or your “secure laptop” as your daily drivers. In the future, I may set up a way for you dear reader to get in contact in order to submit Q&As.