Sign in Subscribe

Warnings And Cautions For More Private, More Secure Online Living

Warnings And Cautions For More Private, More Secure Online Living
Photo by Markus Spiske / Unsplash

You may be an Internet veteran for whom words like Mosaic and dial-up have meaning. Or you may be a newbie who just got your first email address yesterday. Whichever you are, the following warnings are intended to be practical advice you can use to improve your security and privacy online, and we could all use a bit more of that these days.

1 - You Are Using Insecure Software

Devices don't come with warnings like this, do they?

All software has vulnerabilities, and that's a fact. Programmers are people, and they're often rushing to meet a production schedule, dealing with all the other things that make life complicated. Even AI won't "fix" this. So get used to patching and updating your software early and often. If you don't use software delete it! Unused software - especially apps on a phone or tablet - are just potential security risks waiting to happen.

Along with that remember that out of support means out of security updates. I know, you really love your Windows 7 laptop, or you can't really afford to update your 6 year old cell phone, and you're not even sure how many presidents ago you bought your home firewall/router. Unfortunately when a manufacturer stops supporting software or hardware with security updates anybody still using those unsupported systems are increasingly likely to have their security compromised. For some things, like laptops and some routers, there are open source software projects you can switch to, but for many things, including cell phones, your only choice to keep up with support is to buy a new device.

2 - Shared Data Can Become Lost Data

Every time you give data about yourself to a company or organization it has the possibility of being lost through a breach or other ways. If you doubt you've had this happen to you just go to https://haveibeenpwned.com/ and put in your email address to see what breaches your data has already been part of.

You do have some options to help minimize your chances.

  1. Don't give your information out - or at least minimize what you do give. This isn't just about online, when a healthcare provider asks for your social security number you can challenge why they need it as an example. Often times they're asking for information they no longer need, or information they would "like" to have.
  2. When you end a relationship with a company, request that they delete all your data. Some companies will comply, others may not. Check your local laws to see if they are required to.
  3. Skip the customer loyalty programs - perhaps one free burrito with every $200 spent isn't really worth the personal data.

3 - The Economy of the Internet is Based On Surveillance

Those corporate owned free services you use, like Facebook, Gmail, and OneDrive may not cost you money, but you're paying for them in data. Those apps on your phone are continually connecting to data brokers to get and share data about you. And that digital assistant you talk to for dimming your lights, playing your music, and creating your shopping list is using that data to monitor you. Don't believe me? Actually read that EULA you scrolled to the bottom of without reading so the "accept" button would work.

About the only good news here is that no, your devices probably aren't using your camera and microphones to actively observe you and report back. Probably. Yet. Makes a great dystopian fever dream though, doesn't it?

This surveillance is how you pay for these services. The data gathered is used for things like targeted advertising - why when you spend an hour on a search engine looking up information about refrigerators you suddenly see appliance store ads all over your social media feed. You do have options to help here, but vigilance is key.

  1. Every new service/app/etc. you sign up for, make the first thing you do editing the privacy and sharing settings. These will vary on every service. Some may be "opt-in" to tracking (you lucky folks who live in the EU for example) but most will be "opt-out." Websites and services will change these periodically, such as automatically opting you in to sharing your data and posts to train an AI LLM, and you'll have to periodically go back and opt-out of new "stuff."
  2. Minimize the number of "apps" on your phone/tablet/etc. Restrict your app permissions to only what they absolutely need - if you don't do voice calls over that app why does it need access to the microphone? - and install a tool like DuckDuckGo's mobile app with App Tracking Protection.
  3. Leave corporate social media behind for the Fediverse, and leave corporate "free" solutions like email and cloud storage for ones that you have to pay for that include privacy in their promise to you. There are replacements built by and run by enthusiasts and not-for-profit orgs who are focused on providing a great social media service to you, not making money off of your data. (but that means you will probably need to donate to them in order to fund their operating costs - nothing is truly cost free) And there are several privacy-focused email, calendar, storage, and office suites that won't slurp down your data the way Gmail, OneDrive, and the like will.
  4. Ditch the mainstream browsers as well, especially whatever one is default on your device. Firefox and DuckDuckGo, while not perfect, are great alternatives no matter what platform you're on.
  5. If you want to go really epic, ditch Windows for Linux, and ditch Android for GrapheneOS as your operating systems on your devices. But every little step helps.

4 - If You Create Your Own Passwords They Aren't Very Good

Assuming you create a different password for every site and service you use, I'm betting you have some sort of "system" where you make minor changes to a single password to work for every site. I'll also bet that your self-made passwords are relatively short (less than 14 characters). But odds are that if you're thinking up all your own passwords you're reusing passwords across sites.

You need to be using a Password Manager. Modern ones are fantastic, cross-platform (work on your phone, tablet AND computer), and can be extremely convenient to use. There are some free ones, but please, avoid ones that are built-in to your browser or your operating system, these generally have significant limitations.

5 - Privacy and Security Require Legislation

Unfortunately even as we practice better privacy and security as best we can there are still key aspects we can't make happen by ourselves. State and federal regulation needs to be part of the solution, and would relieve a lot of the burden off of us individually. The EFF has a great primer on how to make an impact when you choose to reach out to your legislators on these topics.

This site is devoted to sharing information about privacy and cybersecurity to help everyone who visits become more aware of these subjects. It is my hope that you can use this information to better protect yourself, your family, your data, and your organization.

Feel free to explore the site, tracking free. We do offer subscriptions to get updates for new posts, but that's it. If you find this content useful, please recommend it to others - that's what this is for after all!

💡
Whenever I make product recommendations or endorsements please remember that I have no financial ties to the products, solutions, or companies mentioned unless I've explicitly said otherwise. My recommendations are based on my personal experience and may not meet your needs specifically. Make your own choice based on your own needs, but you could do worse than starting with the recommendations I've made.