[–]realeyes_realize_ 9 points 9 hours ago* Non-paranoids guide:* encrypt e

1.  
2. [–]realeyes_realize_ 9 points 9 hours ago*
3. Non-paranoids guide:
4. * encrypt everything.
5. * Get a password manager with a long complex password that generates the maximum size passwords allowable. Replace all previous passwords with it.
6. * Make backups, remember 3-2-1 (3 backups, 2 local, with at least 1 nonlocal).
7. * Don't ever put anything you can't explain to your mother or in court on anything remotely associated with the internet.
8. You can go further with the 30 day challenge.
9. What OS are you inquiring about? Malware and virus detectors are going to vary accross platforms.
10. VPNs are encrypted traffic, so they aren't viewable easily by outside factors. You can use them to get around certain country's restrictions, as well as prevent your ISP and associates from viewing your browsing history. (There are ways around this, but KISS for now). There are no good free VPNs for privacy, they are like Google. They are providing a free service becase they are selling various levels of your information to others.
11. It depends on what you are comfortable with and how much annoyance you are willing to deal with. I would recommend most of what's in the 30 day challenge without being overly paranoid.
12. What level of paranoid you should reasonably be depends upon your threat model. Search around here for that, there are better posts than what I can summerize here.
13. Most people here would discourage Chrome (or Android) use because of the nature of how Google makes money (i.e. by selling your data) but if you insist, some adblocker, NoScript/ ScriptSafe, Disconnect/ Privacy Badger, Do Not Track Me, HTTPS Everywhere, a VPN, an anti-malware and anti-virus. There may be better Chrome extensions if you use the tools in the sidebar.
14. Encryption, full disk and nested file, are reasonable ways to protect your files. Apps are a seperate issue, though, due to the their monetization scheme. If it's a free app, it would be reasonable to assume that, on some level, it is monitoring you and feeding that data to be sold elsewhere. The best course would be to not have them, otherwise lock down the restrictions and permissions on your phone and be wary of apps that request permissions beyond their scope of use (like a game app asking to have access to your contacts or geolocation).
15. Edited: removed Adblock Plus.
16. permalinkembedsavereportgive goldreply
17. [–]povertylover 5 points 8 hours ago
18. Adblock plus is crap. uBlock origin in medium mode is the best out there. For OP, privacytools.io is a great site for info.
19. permalinkembedsaveparentreportgive goldreply
20. [–]Layce_Kayse[S] 2 points 7 hours ago
21. I use windows OS btw
22. permalinkembedsaveparentreportgive goldreply
23. [–]Layce_Kayse[S] -1 points 7 hours ago
24. I'm sorry but, I don't understand half of this. I was expecting people to be a lot clearer and dumb things down for a beginner who looked to this subreddit before even looking to google.
25. permalinkembedsaveparentreportgive goldreply
26. [–]realeyes_realize_ 4 points 6 hours ago
27. What's not clear? If you go to the 30 day challenge link I provided for you, there is literally a list which provides you with a step-by-step tutorial for everything.
28. Start Here. This walks you through updating Windows.
29. This talks you through antivirus.
30. Here are instructions on passwords and encryption.
31. Password Managers.
32. You can also search around on this sub or it's wiki for any follow on questions.
33. permalinkembedsaveparentreportgive goldreply
34. [–]HangingMobster 5 points 6 hours ago*
35. Okay... I can understand that not having your own money can be tricky when you want to take extra security measures but don't get, and I repeat do not get free VPN. How do you think their business works? Where do you think they get money from? I'll tell you. Your data. Selling it and exploiting it. Yes, the same data you want to protect. If you don't have money to spare or cannot talk your parents into getting a proper VPN for your and their safety then at least get the one that has free plan alongside to paid ones. I myself had limited amount to spare for a VPN so I am sharing my account with my roommates by setting it up on our router and they paid their 2/3 of the plan that I got from NordVPN but before that we all were using free ProtonVPN plans which was great even if a bit limited. We also used TunnelBear before they sold themselves out and Speedify but it was quite slow (oh the irony).
36. permalinkembedsavereportgive goldreply
37. [–]gutigen 3 points 7 hours ago
38. Does anybody know of a truly free malware fighter and virus cleaner that does have the same trial version BS that other so called free protectors use?
39. You don't need any of that on Linux, Windows is basically malware and you should not be using it if you value security and privacy. Linux is also free and developed by thousands of people and corporations from all over the world.
40. Is there any good, and free VPNs out there and what are the benefits of using a VPN?
41. If something is free then you are the product, a free VPN will 100% either monetize on data they collect about you or are a honey pot (yes, gov agencies and criminals do run VPN services).
42. As for benefits, well your ISP won't see what you are doing on the internet, nor anyone on public wifi. It will also change IP address that websites and services collect from you, since traffic goes to another computer (server) first before reaching them.
43. How safe, is safe and where does it get to the point that you're paranoid, or for that matter, should I be paranoid and why?
44. Non-paranoid starts with open source - software with source code available for review and collaborative development, like Linux I mentioned earlier.
45. What should I do in order to protect my browser and browsing history as best as possible while avoiding history deletion or going into an incognito mode? I use chrome as my main browser. I would use Brave, but it's not as extensive and customizable as chrome.
46. Firefox with following addons should do - uBlock, uMatrix, https everywhere, Cookie Autodelete, Firefox Multi-account Containers. Also change search engine to DuckDuckGo or Qwant. Firefox is also way more customizable than Chrome and it's open source.
47. What do I do in order to make sure that none of my files and/or apps aren't being watched and/or taken from my computer while a copy's still on my own computer? Is this a paranoid question?
48. It's not paranoid, it's basic security and on Linux all you have to do is tick a box Encrypt my data, it will do that automatically on installation, after that on each boot it will ask for encryption password to unlock your files (it does not protect files when computer is running though, only at rest).
49. https://ubuntu.com should do the trick, it's easy to use (propably easier than Windows, my 58 year old mom is using it without any tech support from me).
50. permalinkembedsavereportgive goldreply
51. [–]Layce_Kayse[S] 2 points 7 hours ago
52. Okay, first of all, I'm only a teen and have no money to my name in order to pay for services such as ISP, and secound of all, I have no knowladge as to how to change my OS to linux, and if I did, I would because I already know how much easier it is to use than windows is.
53. Beside that, I don't have an external hard-drive in order to move the files that are important to me instead of having them be lost.
54. Lastly, I would still prefer to have an option for a 100% free malware and virus fighter because I don't trust linux.
55. permalinkembedsaveparentreportgive goldreply
56. [–]gutigen 3 points 6 hours ago
57. Lastly, I would still prefer to have an option for a 100% free malware and virus fighter because I don't trust linux.
58. Linux powers this website just like it powers 80% of the internet and 3 billion Android devices. Linux is open source which means everyone can read the source code, review it and even propose changes - it's as transparent as it gets.
59. Linux desktop version I mentioned (Ubuntu) has millions of users and is also open source, you can trust it just fine.
60. I have no knowladge as to how to change my OS to linux, and if I did, I would because I already know how much easier it is to use than windows is.
61. Well, backup of your data is essential, cause you would want to make a full disk wipe during installation if you want to use encryption (it's automatic and easy). Get an external drive, backup data, put Ubuntu on USB stick and just boot into it, installation is very easy. After that move your data back and you are good to go.
62. permalinkembedsaveparentreportgive goldreply
63. [–]BaronVSS 2 points 4 hours ago
64. Which version of windows are you using? If you're using 7 still, you're OK: there may have been some telemetry (sending things like your keystrokes, mouse clicks, used applications, etc) Microsoft sneakily put in with Windows Update, but you can remove those with a script If you're on 10 you're shit out of luck. 10 was designed from the ground up for big data gathering. You can break some of the spying, but not all of it.
65. When I was on Windows, I used the free version of MalwareBytes. I've never heard a bad thing said about it.
66. Don't use Google Chrome. It will send any and all data it can get from you (browsing habits, history, cookies, logins, even stuff like when you clicked on an element in the webpage.) Use Chromium, which is basically Chrome but without Google's spying. Download uBlock Origin. (I also have noScript, but that's probably a little over the top for someone just starting out.) Alternately, use Firefox. The same addons are available there. On that note, I'd also start using DuckDuckGo, since Google's data harvesting extends to just about every service they use.
67. There are no free VPNs that also won't spy on you. If you keep your OS up to date and set your network and sharing settings to not allow others access to your files, there should be no attack vector this way unless a literal nation state is specifically trying to get into your computer.
68. As for being paranoid, it largely depends on what threat model you have. A threat model is basically "What are you afraid of happening to you and how can you prevent this?" For example, if you don't want someone to create an accurate enough picture of you in order to blag their way into your bank account, you can adjust your security settings and remove any and all identifying information about yourself that isn't necessary. (You should probably also stop using social media entirely, or at least create a tiny minimal profile you log out of and never ever use if your social group expects you to have one)
69. permalinkembedsavereportgive goldreply
70. [–]Layce_Kayse[S] 1 point 3 hours ago
71. Okay, there is a lot to unpack here but, I have a lot to say anyway. So, first of all, I use discord and steam regularly and have a twitter and facebook but, don't have anybody to talk to on there and I follow a few people, but don't keep up with things.
72. So, I don't know if discord or steam counts towards social media but, if they do, then you asking me to stop using those is like me asking you to kill your first born child.
73. I am a recluse and have no real life friends, so I will lose all my friends if I stop using Discord and Steam.
74. Secound of all, I have been using uBlock Origins for a bit now on chrome, and I cannot change from chrome to firefox or chromium because of 2 reasons; 1, I don't know how the hell to find chromium and trust that it's the right one. 2, if I use anything but chrome, my computer freaks out and it ends up lagging to absolute shit and becomes very hard to use.
75. Three, I don't have a bank account, and I don't quite know how to check or add up my, threat model, as you put it.
76. permalinkembedsaveparentreportgive goldreply
77. [–]BaronVSS 1 point 2 hours ago
78. So long as you delete all cookies and install an anti-tracking addon FB/Twitter shouldn't be able to associate your browser activities with your account.
79. Steam is passable. Discord has frequently rejected requests for E2E encryption, something that every communications program worth its salt has. The only things you can do are convince people to move elsewhere or accept that you're going to be datamined if you don't want to give it up.
80. I use anything but chrome, my computer freaks out and it ends up lagging to absolute shit and becomes very hard to use.
81. That sounds like your computer has several serious underlying problems which you should try looking into as soon as possible.
82. permalinkembedsaveparentreportgive goldreply
83. [–]ET3 2 points 4 hours ago
84. I'll repeat what others have said about VPN and say you're far better off on a paid service. If you truly cant pay for one, the only one that might be OK is ProtonVPN. While I cant find it, I thought I read that their free service is paid for by their paid subscribers.
85. As for not knowing how to install Linux, there are tons of guides and videos out there. The official distro sites should all have walkthroughs. If you want to "try before you buy" you can always install VirtualBox or VMware Player and install the distro of your choice on there as a virtual machine.
86. I feel like learning to use Linux is just like learning a foreign language; immersion is key
87. permalinkembedsavereportgive goldreply
88. [–]Layce_Kayse[S] 1 point 3 hours ago
89. Got it, I can get why you say that. But, what's distro mean?
90. permalinkembedsaveparentreportgive goldreply
91. [–]ET3 1 point 3 hours ago
92. Distro is short for distribution. Since Linux is open source, there are lots of different organization who customize Linux in there own way. Some of the more popular ones are Ubuntu, Mint, and Debian
93. permalinkembedsaveparentreportgive goldreply
94. [–]PlagueD0k 1 point an hour ago
95. Quick list of all browsers and addons you'll need, as well as replacement software and VPN, phone, etc with explanations for everything. This is the quintessential beginners guide to privacy.
96. https://www.privacytools.io/
97. permalinkembedsavereportgive goldreply
98. [–]Physics-is-Phun 1 point an hour ago
99. You've gotten some good responses, but my impression is that they might be a little technical, for what you're used to. For what it's worth, here's what I'd recommend, point-by-point:
100. [about malware/virus cleaner]
101. This could depend on your operating system, but I'll assume it's Windows. A decent program for you to look at would be Malwarebytes' Anti-malware. It saved a couple of my computers, when I was young and didn't know any better, and they don't really pester you to get the premium version.
102. [about VPNs]
103. There are free VPNs out there, but unless you know what to look for, I would not trust anyone's word, if I were you. There are lists (search "thatoneprivacyguy vpn" and you'll find a really comprehensive list) that show you all the features of a bunch of VPNs side-by-side, so you can compare. The benefit of a VPN is supposed to be that your ISP (and arguably, no one on your network, if you're logging in from work) can monitor your traffic, because it's encrypted. You make a request for a page (say "reddit.com"), and it gets scrambled (over-simplified, but, say, to "123456.ABC"), with the address of your VPN's server attached. Your ISP then routes the request to the VPN's server, but can't tell that you ultimately want Reddit. Then, your VPN's server decrypts the message, sees you want "reddit.com," and loads it up, encrypts it, and sends it back to you. So, only you and your VPN know that you're looking at Reddit, not your ISP.
104. The trouble is that a lot of VPNs are "snake oil"; they will make claims to "keep zero logs," etc, etc. But many of these promises are empty, and more often than not, when the VPN costs no money to sign up, chances are their promises are quite empty.
105. If it were me, before I do anything about a VPN, I'd learn more about how they do what they do, and just try to do more to block ads/etc (such as add-ons like ublock origin, privacy badger, etc). Your ISP will still know what sites you visit, but at least there will be less tracking/less nuisance than before.
106. [how safe is safe, and should I be paranoid?]
107. This really depends on your comfort level. It is very, very easy to fall down a rabbit hole, on this subject, and falling down a rabbit hole is the easiest way to think to yourself "ugh, all this effort isn't worth it, I'm giving up and going back to my old ways." But the real truth is that small steps can make a huge difference.
108. For you, you need to ask yourself: "what data do I consider important enough to do something about? what lengths am I willing to go to in order to protect that data? And what are the consequences, if my solutions fail?"
109. As an example: "I want to make sure all my bank accounts, social media, etc are protected from password hackers." One thing you can do is use a password manager, such as LastPass, or KeePass, etc, which remembers all your passwords for you; the passwords can be long and complex, but you don't need to commit more than one "master" password to memory. What cost is it to you? Depending on what program you use, it can be free, or a few dollars a year; it will also involve an upfront investment of time (a few hours, probably) to change all your passwords. But now, if- say- your bank is compromised... your entire life isn't compromised at the same time. Replace the one password, and you're "secure" again.
110. Repeat the process for any problem. "I don't want tech companies knowing where I go, what I think, who I'm connected to, etc." One of the ways you can protect this info is by deleting your social media accounts. Are you willing to do that? (In this case, deleting your profiles will be effective, but in a limited way; your family/friends are connected to you, and may post about you, thus compromising aspects of your privacy. Are you willing to tell them never to share anything connected to you again? etc, etc.)
111. This process is called "threat modeling": a way of thinking about the threat, organizing what strategies you can take, what risks each strategy comes with, and picking the best option for you.
112. You could become a paranoid hermit who shuts down all accounts, switches to paper-based banking/etc, and lives in the hills, somewhere, but that would be a pretty big drag on your life. The question is what tradeoffs are you willing to live with so that you have the convenience you want, with what privacy you are comfortable living with.
113. If you particularly want more privacy, by default, the best way to get that is to get our government to change the law. Very, very difficult goal... but as we've seen with GDPR, not impossible. We just need enough people screaming about it to get it to happen.
114. [about protecting browsing history]
115. This really depends on who you're trying to protect it from. ISP? You would have to learn how to properly use VPNs and/or Tor (definitely don't use the latter without understanding the implications of using it, especially if you plan to log in to any service). From your family? Password-protect your user accounts on whatever devices you use, make sure they can't override it with an administrator account, and you should be basically good to go, unless your family is tech-savvy enough to have their router log what sites you go to (can be mitigated by VPN); this is possible, though not too, too likely, considering the general technical ability of your average users.
116. I will point out that Incognito mode DOES NOT MAKE YOU PRIVATE, it just doesn't keep a record of where you went, so make sure to be aware of that.
117. I would also recommend not using Chrome, but switching to Waterfox (if your computer is 64-bit; it's a fork of Firefox), or some other browser. You can see alternatives at privacytools.io, as others have suggested.
118. [about files/apps on my own computer]
119. This is the part that's really hard to answer without diving down the rabbit hole, but I'll give it a shot.
120. I have two levels of solution, for this one. First one: enable full-disk encryption on your computer. (WARNING: if you forget the password for your devices, then you're kinda super-boned. You might consider making a backup of any critical files, as others have suggested, off of this computer. You might do this anyway, as a general precaution against hard drive failure.) This prevents anyone from tampering with your device(s) unless they know the password. If your device is powered on, the encryption is disabled so you can work, which won't protect your devices... but as long as your password is pretty good, and you're careful not to leave it running without at least locking it, you're "reasonably" okay.
121. Second level: backup critical files, and then wipe your hard drive and re-install your operating system, then reload your backup files. Do still enable full-disk encryption. The benefit to this approach is that if there is any hidden spyware/malware you didn't take care of, it's almost certainly gone. (There are other concerns that spyware/malware can survive wiping, but this is unlikely, unless you're the target of a government agency, like the FBI, NSA, etc. and if that's the case... you're already boned.)
122. As for steps for you to take, I would recommend:
123. learning about how full-disk encryption works, and enabling it, if you think it's something you can live with. (make sure to have backups!)
124. use a password manager (whichever one works for you); clean up all those old accounts with good, unique passwords, and never reuse a password again (except, maybe, for throwaway email accounts).
125. delete social media (Facebook, Twitter, etc), or limit what you post to only professional posts that you would have no problem explaining to your mom or a court.
126. migrate your email from non-privacy-oriented providers (Google, Yahoo, etc) to ones that do more to respect your privacy (such as ProtonMail, Tutanota, Posteo, etc).
127. I would estimate that doing all that will put you in basically the top 10% of users, in terms of levels of privacy and security protections, since so many of us don't even do the bare minimum.
128. Hope that wasn't too long for you to digest, and hope that others would basically concur with what I wrote!
129. permalinkembedsavereportgive goldreply
130. [–]arnoldsjaf344 1 point 27 minutes ago
131. If you are concerned about privacy, try to avoid free stuff.:))
132. permalinkembedsavereportgive goldreply
133. [–]Palozmv 0 points 4 hours ago
134. The first step is to make throwaway Reddit accounts. I already know a lot about you based on your Reddit history.
135. permalinkembedsavereportgive goldreply
136. [–]Layce_Kayse[S] 1 point 3 hours ago
137. Yeah, I'm a really open person on reddit, so I don't quite care what my post history is.
138. permalinkembedsaveparentreportgive goldreply
139. [–]Palozmv 1 point 3 hours ago
140. Then all your efforts would be in vain. No software in the world would keep your safe if you freely consent to sharing information.
141. permalinkembedsaveparentreportgive goldreply
142. [–]Layce_Kayse[S] 1 point 3 hours ago*
143. and that's why I took so long to post on here is because of crazies like ya. Just because I share a lot of my personal info, does not mean I will not be protected and certainly does not mean I won't be safe from the government, it means I'll be safe enough to tell people what I want freely. Besides, that's what all of this is about, is it not? To be safe enough to be free to share information on your own terms?
144. permalinkembedsaveparentreportgive goldreply
145. [–]Palozmv 1 point 2 hours ago*
146. Look privacy is great and all but you're falling into the paranoia trap on sub, where people think the govt/Facebook/Google are tracking and collecting data on you with evil intentions. It's better to do research on your own, like understanding how things on the internet actually work instead of relying on others to provide such information. This is the new mass hysteria. Edit: also a bit naive to think that enhanced privacy will allow you to share info on your own terms. Case in point: shadow profiles or how about when your friend downloads an app that requests access to their contacts and they grant them. That app now has access to your info without you even knowing.