Safer Internet: Introduction: Topics

Summary | Not Covered | References, Check Lists


topics xwdSummary

  • Our topics parallel the sequence in Take Control of Your Online Privacy {TCYOP} discussed under Introduction: E-books -- plus pre-requisite offline practices for protecting local systems and info.
  • We'll cover these topics over six 2-hour sessions, which should allow enough time for you to understand background, context, tradeoffs, see demonstrations of settings/apps, and ask questions.
  • Typical privacy & security recommendations could be summarized in 15 minutes or so, e.g., free 1-page 'cheat sheet': Quick Start section {TCYOP-4: 11-12; TCYOP-3: 9-10} Fix the Easy Things; Choosing Better Passwords; About Two-Factor Authentication; Create Privacy Rules for Yourself; Purge Your Info from Data Brokers; Cope with Special Cases
  • summaryOr, you could read one of the ~50 overlapping 'fix this' articles available (Refs below) to improve some important practices, e.g., 'top-ten' check lists, best-practices, end-of-year reminders, New-Year's resolutions, after-the-fact-attack advice.
  • However, the goal of this course is for you to understand which of these many recommendations are the most important, why, and how to implement.
    Yes, I've perused and prioritized all of them -- so that you don't have to!
  • Introduction: The "Problem"
  • Approach: TCYOP; Info & Advice; Level of Detail; Tradeoffs
  • Audience: Who; Advice Levels / Tags
  • Settings: Devices & OS, Apps
  • Topics (this page): Table of Contents (TOC); below: # of Sessions; What We Won't Cover {TCYOP-4: 2-4; TCYOP-3: 2-4}
  • Finding More Help: Online; Groups, People
  • Discounts: E-books, 1Password, Witopia, etc.
  • E-books: TCYOP; Formats(.pdf, .epub, Kindle); Editions; Other e-books
  • Resources: this web site; article references
  • Navigation: Text / Image Size; Links; Search within a page; Top/Bottom of page controls; Slideshows
  • Handouts: print/pdf your own; e.g., print web page, with presentation points/discussion at top, possibly omitting References
  • Privacy, Security and Anonymity: Definitions & Analogies {TCYOP-4: 17; TCYOP-3: 15}
  • What Do You Have to Hide?: attacks, financial, health, identity theft, vehicles {TCYOP-4: 13-17; TCYOP-3: 11-15}
  • Who Wants Your Private Data?: companies, governments, hackers {TCYOP-4: 18-28; TCYOP-3: 16-28}
  • Develop a Privacy Strategy: Policy / Law; Behavior; Planning; Technology {TCYOP-4: 29-50; TCYOP-3: 29-38}
  • Offline Systems & Data {TCYOP: mentions importance of these in passing}
  • Passwords -- Introduction: Strength; Generate; Test; Store
  • Accounts: computers, phones
  • Backups: Incremental vs. Complete (Clone); Local vs. Remote (Cloud); also Death, Photos
  • Software Updates: Minor & Major System; App Stores; Replacing a Device
  • Encryption: archive or partition with files, notes; whole disk
  • Erasing Your Device: Secure Erase; Cleanup; Redaction; Recycling
  • Keep Your Internet Connection Private: connection encryption overview {TCYOP-4: 51-77; TCYOP-3: 39-63}
  • Encrypt Wi-Fi: Wi-Fi & Router Passwords; WPA2 Encryption; DNS (Domain Name System)
  • Use a VPN: Virtual Private Network, e.g., Witopia
  • Avoid Malware: User; App Stores; Anti-Virus; Browser Extensions; Flash; Java; cyberattacks / cyberwar
  • Turn Off Unnecessary Services: Lock Screen; Find My Mac/iPhone/iPad; Location; Camera; Microphone; Bluetooth
  • Use a Firewall: hardware, software
  • Browse the Web Privately: browsers {TCYOP-4: 78-109; TCYOP-3: 64-90}
  • Go to the Correct Site: Links; Bookmarks; Fraudulent Sites; Search
  • Use HTTPS: URLs; Updates; VPN; also, Certificates, OpenSSL
  • Manage Storage of Private Data: Private Browsing; Cookies; Autofill; Tracking; Browsing; Search; Download History; Caches
  • Block Ads: Popups, Tracking; Content Blockers, e.g., AdBlock Plus
  • Protect Passwords: Introduction: Strength, Generate, Test; Identity; Strength; Password Managers, e.g., 1Password; 2-Factor Authentication/2-Step Verification; Biometrics
  • Search Privately: Search Suggestions, Providers, e.g., DuckDuckGo
  • Anonymity: [3] Censorship, Wikileaks; Dark Web / Deep Net; NSA, CIA; Tor
  • Shopping: credit cards; ShopSafe; PayPal; Bitcoin
  • Improve Email Privacy: webmail (browser) vs. email client (app) encryption; phishing; spam; remote content {TCYOP-4: 110-131; TCYOP-3: 91-108}
  • Email: Anonymity: [3] additional encryption
  • Talk and Chat Privately: messaging, audio, video {TCYOP-4: 132-136; TCYOP-3: 109-114}
  • Keep Social Media Sort of Private-ish: Privacy Settings & Policies; Facebook; Twitter {TCYOP-4: 137-146; TCYOP-3: 115-120}
  • Share Files Privately: Apps, Music, Photos; Networks; also, BitTorrent, Copyright, Piracy {TCYOP-4: 147-155; TCYOP-3: 121-129}
  • Manage Your Mobile Privacy: Accounts; Backup; Encryption; Network; Location; Public Devices {TCYOP-4: 156-165; TCYOP-3: 130-139}
  • Keep the Internet of Things Private: Smart TVs, Wearables {TCYOP-4: 166-170; TCYOP-3: 140-144}
  • Maintain Privacy for Your Kids {TCYOP-4: 171-173; TCYOP-3: 145-147}
  • Course Updates: summary of significant changes

What We Won't Cover

  • Some intermediate [2] and most advanced [3] issues, unless there's time and student interest
  • Problems with your specific device & configuration (esp. non-Internet related); however, I may include tips about usage and cost, and interesting how-tos; also see More Help section for learning, troubleshooting recommendations
  • Other non-digital privacy / security issues: paper, home, surveillance, death, etc. -- some in Offline Reference sections
  • Internet history, technology questions and social issues ask me to re-offer OLLI course: Internet History and Issues

References: To Do (Not Do) / Check Lists

  • Apple: macOS: Security
    Software Updates; Gatekeeper; FileVault 2;
    Privacy Controls; Password Generator;
    iCloud Keychain; Sandboxing; Runtime protections;
    Antiphishing; Find My Mac
  • Apple: Manage Your Privacy
    Secure your Devices: passcode; Touch ID, Find My;
    Secure your Apple ID: password, security questions, 2-step verification;
    Stay secure: phishing, passwords, notifications;
    Sharing: iCloud settings, location data, apps, ads, private browsing, children's privacy, diagnostic data
  • Apple: iOS Security
    System Security: Secure boot chain; System Software Authorization; Secure Enclave; Touch ID; Face ID
    Encryption and Data Protection: Hardware security features; File Data Protection; Passcodes; Data Protection classes; Keychain Data Protection; Access to Safari saved passwords; Keybags; Security Certifications and programs
    App Security: App code signing; Runtime process security; Extensions; App Groups; Data Protection in apps; Accessories; HomeKit; SiriKit; HealthKit; ReplayKit; Secure Notes; Shared Notes; Apple Watch
    Network Security: TLS; VPN; Wi-Fi; Bluetooth; Single Sign-on; AirDrop security; Wi-Fi password sharing
    Apple Pay: Secure Element; NFC controller; Credit, debit, and prepaid card provisioning; Payment authorization; Transaction-specific dynamic security code; Contactless payments with Apple Pay; Paying with Apple Pay within apps, or on the web or with Handoff Rewards cards; Apple Pay Cash; Suica Cards; Suspending, removing, and erasing cards
    Internet Services: Apple ID; iMessage; FaceTime; iCloud; iCloud Keychain; Siri; Continuity; Safari Suggestions; Siri Suggestions;
    Device Controls: Passcode protection; iOS pairing model; Configuration enforcement; Mobile device management (MDM); Shared iPad; Apple School Manager; Device Enrollment; Apple Configurator 2; Supervision Restrictions; Remote Wipe; Lost Mode; Activation Lock
    Privacy Controls: Location Services; Access to personal data; Privacy policy
    Apple Security Bounty; iOS11 white paper; 1/2018
  • AARP: Online Safety AARP Technology Education and Knowledge (TEK) Center, e.g.,
    How Secure is Your Home Network?
    How to Practice Safe Browsing
    Keeping Your Computer Up to Date
    Seasons Cheatings: Protecting Yourself from Holiday Frauds & Scams
    Are Your Passwords Strong Enough
  • Back Up and Secure Your Digital Life
    product reviews: Hard drive;
    Online backup service; Cloud sync; Local backup software;
    Password manager: free, paid; Two-factor authentication;
    Virtual private network service; Secure browser extensions;
    Things to skip: Hard drive data-recovery plans;
    Traditional or free antivirus suites;
    Identity-theft protection; NYT; 11/14/2023
  • 9 Tips for Staying Safe Online with Your iPhone, Mac, or iPad
    1: Regularly Install Software Updates;
    2: Use Strong & Unique Passwords;
    3: Use a Password Manager;
    4: Use Two-Factor Authentication (2FA);
    5: Be Cautious with Sketchy Links & Websites;
    6: Be Cautious with Email Attachments;
    7: Ignore Scary Pop-ups and Alerts from the Web;
    8: Be Wary of Public Wi-Fi Networks;
    9: Backup Your Devices; OSXD; 8/14/2023
  • Let's bust these four myths of digital privacy and security
    1: Stop spammers by writing out “at” and “dot” in your email address;
    2: Digital criminals are dumb;
    3: You need a VPN to stay safe online;
    4: Your email address and phone number are secrets; WaPo; 2/17/2023
  • Lock down your Mac with these 10 security tips
    Choose a strong login password;
    Change your Lock Screen settings;
    Use Apple's password manager (or other PM);
    Turn on Find My Mac; Set up multiple users;
    Lock down your Mail; Limit your app downloads;
    Keep your software up to date; Use a VPN;
    Augment Apple’s XProtect antivirus; MW; 1/5/2023
  • Steps to Simple Online Security (ToC); articles:
    1: Always use strong passwords
    2: Set Up Two-Factor Authentication
    3: Enable Automatic Updates Everywhere
    4: Encrypt Your Computer's Storage
    5: Track or wipe a lost device
    6: Backups
    7: Secure Your Smartphone
    8: Free Antivirus Software Is Good
    9: Secure Your Web Browser
    10: Secure Your Wi-Fi
    Send messages and files safely
    Lock down social media accounts
    Extra security for financial and health data
    What to do if you think you've been hacked
    Secure small gadgets and smart-home devices
    Maintain privacy at international borders and protests
    Securely sell or donate old electronics
    Digital security for online dating and sexting; NYT; 4/1-4/22/2022
  • How to lock down your data and enhance privacy on iPhone and iPad
    Set a strong passcode & use biometrics;
    Edit your Lock screen; USB connections;
    Make sure Find My is enabled;
    Turn on App Tracking Transparency;
    Manage your permissions;
    Delete unused (or untrustworthy apps);
    Enable privacy in Mail (tracking pixels);
    Review Apple's privacy access;
    Wipe your EXIF data (location);
    Use strong passwords; ApIn; 3/29/2022
  • A Practical Guide to Securing Your Windows PC
    Click cautiously and install less;
    Don't put off automatic updates;
    Enable BitLocker;
    Back up your files;
    Set up Microsoft Defender properly;
    Secure your Windows login with a password (and consider logging in with Windows Hello);
    Remove software you don’t need (and any "bloatware");
    Do a permissions audit;
    Check your privacy settings;
    NYT; 3/4/2022
  • A Practical Guide to Securing Your Mac
    Be careful what you click and install;
    Don't turn off automatic updates;
    Enable FileVault;
    Enable the built-in firewall;
    Back up your files;
    Use a login password (and enable Touch ID if you can);
    Consider a guest account;
    Delete software you don’t need;
    Audit your privacy permissions;
    NYT; 3/4/2022
  • Privacy myths busted: Protecting your mobile privacy is even harder than you think
    settings alone aren't enough to secure your privacy,
    but they're a lot more powerful with the right apps;
    Use a PIN code to lock your phone
    -- not fingerprints or facial recognition;
    Disable location tracking;
    Turn off your mobile ad ID;
    Check your apps and accounts;
    Sign out of all other devices;
    Lock down your social media;
    Enable 2FA; Check for leaky apps;
    Fail-safe: Nuke your phone remotely;
    The real key to privacy: Add these five apps
    1. Signal Private Messenger App; 2. Surfshark VPN;
    3&4. Brave Browser and DuckDuckGo;
    5. BitWarden password manager; CNet; 1/9/2022
  • Securing your digital life:
    the key to protecting your digital life is to make it as expensive and impractical as possible
    for someone bent on mischief to steal the things most important to your safety, financial security, and privacy;
    Part one: The basics
    What in my digital life can give away critical information tied to my finances, privacy, and safety?
    What can I do to minimize those risks?
    How much risk reduction effort is proportional to the risks I face?
    How much effort can I actually afford?
    Reducing your personal attack surface: mobile, computers, browsers;
    threat modeling; Ars; 10/25/2021
  • Part two: The bigger picture—and special circumstances
    reduce the risks posed by data breaches and identity fraud
    Everything counts in multiple accounts
    When 2FA is not enough; Social exposure; Special cases; 10/27/2021
  • Part three: How smartphones make us vulnerable
    Targeted SMS phishing;
    Fleece apps and fake apps;
    Pigs to the slaughter: fake app stores;
    Ars; 11/14/2021
  • 6 Things You Need to Do to Prevent Getting Hacked
    Use Multi-Factor Authentication;
    Get a Password Manager;
    Learn How to Spot a Phishing Attack;
    Update Everything;
    Encrypt Everything;
    Wipe Your Digital Footprint;
    Wired; 8/29/2021
  • Five Tech Commandments to a Safer Digital Life
    Thou Shalt Not Use Weak Passwords
    Use Multifactor Authentication
    Thou Shalt Not Overshare
    Thou Shalt Not Share Data About Friends
    Remember to Stay Skeptical; NYT; 3/24/2021
  • How to Spring Clean Your Online Accounts Now That You're Stuck at Home
    Delete your unused accounts;
    Back up your stuff;
    Organize your photos;
    Declutter your devices;
    Catch up on your emails;
    Reset website permissions;
    Update your software;
    Analyze your fitness stats;
    Cancel some subscriptions;
    Turn on two-factor authentication; Giz; 3/26/2020
  • The Complete Guide to Avoiding Online Scams
    Never, ever click a link to your bank or financial institution from an email;
    Don’t give out your passwords;
    Use strong passwords (and secret questions);
    Don’t buy anything from a random email you receive;
    Watch out for job postings that look too good to be true;
    Do not give out your personal info or Social Security number;
    Take advantage of your browser’s security features;
    Ignore website popups that say you have a virus; LH; 1/13/2020
  • 8 Ways to Better Navigate the Internet in 2020
    Take back (some of) your privacy;
    Clean up after yourself;
    Mind your manners;
    Learn to fight fair;
    Write better emails;
    Think twice before you send that DM;
    Do a data ‘cleanse;
    Guard your health data; NYT; 12/26/2019
  • Staying safe online
    Use unique user name and password combinations on different websites;
    Sign up for 2-step verification on sites that offer it;
    Set up alerts for account changes;
    Contact details up to date (email, phone number, address, etc.)?
    Review your account at least monthly;
    Request and review your credit reports from the 3 major credit bureaus;
    On social media, don't share too much personal information, and check privacy settings; Vanguard; 10/29/2019
  • 10 Tips to Avoid Leaving Tracks Around the Internet
    Duck Google for email, search
    Jam Google (e.g., different gender)
    Avoid unnecessary web tracking
    Careful on public Wi-Fi
    Use Apple
    Don't "Sign in with Facebook"
    Identity theft, from a pro
    Don't use Facebook; NYT; 10/6/2019
  • 7 Cybersecurity Threats That Can Sneak Up on You
    Rogue USB Sticks
    Zombie (unused) Accounts
    Untrusted Browser Extensions
    Bogus Online Quizzes
    Leaky Photo Uploads
    Smart Home Snooping
    Malicious Charging Cables; Wired; 10/6/2019
  • 5 Cheap(ish) Things to Beef Up Your Digital Security
    1. A password manager, e.g., 1Password
    2. A virtual private network service (VPN)
    3. A two-factor authentication app, e.g., Authy (built-in to 1Password)
    4. A webcam cover
    5. A paper shredder; NYT; 9/25/2019
  • NYT: Secure Your Digital Life in 7 (Easy) Days:
    1. Set Up a Password Manager;
    2. Check Your Smartphone's Privacy Settings;
    3.Protect Your Browsing;
    4. Protect (Encrypt/Locate) Your Laptop;
    5. Vaccinate Your Computer;
    6. Get All the Software Updates;
    7. Lock Down Your Most Important Accounts (2FA)
  • 101 Data Security Tips: Quotes From Experts On Breaches, Policy, News 9/25/2019
  • 9 Seemingly Harmless Things You Should Never Do Online
    1. Don't Take Personality Quizzes From Unknown Sources in Social Media.
    2. Don't Post Your Full Birth Date and Hometown Online.
    3. Don't Use Public Wi-Fi Without Verifying that it's a Legitimate Network.
    4. Don't Follow Up a Gaming Session with Some Online Banking.
    5. Don't Click on Links or Attachments in Emails Without Verifying the Source.
    6. Don't Use The Same Password For Multiple Accounts.
    7. Don't Click Links To "Promotions" Sent Through SMS; MF; 7/2/2019
  • [2] 6 things you should do to protect yourself from hackers (but probably won't)
    #1: Know which public Wi-Fi to trust
    #2: Run tests for weaknesses
    #3: Disable and manage third-party permissions
    #4: Encrypt your data yourself
    #5: Overwrite any deleted files
    #6: Practice the ‘Principle of Least Privilege'; TNW; 4/14/2019
  • 15 strategies everyone should know to protect their online information
    1. Use a password manager
    2. Be fully aware of what you're sharing
    3. Avoid clicking on links
    4. Be diligent, aware, and cautious
    5. Enable double-confirmation on all accounts
    6. Use credit locks and cloud security
    7. Remove personal data from your social media
    8. Do your research
    9. Check your settings
    10. Protect your online browsing
    11. Stop using the same password for everything
    12. Stick with reputable sites
    13. Close old accounts you’re no longer using
    14. Start over with a new credit card and new accounts
    15. Remove yourself from people search sites; TNW; 2/15/2019
  • How to Do a Data 'Cleanse'
    1. Have you backed up your data?
    2. Are your phone's photos safe?
    3. Have you cleaned out your machine?
    4. Is your software up-to-date?
    NYT; 2/1/2019
  • How to Protect Yourself on Data Privacy Day
    1. Own Your Online Presence
    2. Keep a Clean Machine
    3. Protect Your Personal Information
    4. Connect with Care
    5. Be Web Wise; National Cyber Security Alliance (NCSA); OR DOJ; 1/29/2019
  • Keep your digital life secure with these 6 simple tricks
    1. Set boundaries. Decide -- on your own, and in advance -- what data you're willing to share with apps and online services, and stick to those limits
    2. Burst your filter bubble. People who get their news primarily -- or exclusively -- from social media are subjecting themselves to the whims of the algorithms that decide what to display to each user
    3. Manage your passwords
    4. Turn on multi-factor authentication
    5. Delete apps you don't use
    6. Keep the apps you do use up-to-date; TNW; 1/12/2019
  • Cybersecurity 101
    Why you need to use a password manager;
    Two-factor authentication can save you from hackers;
    How to protect your cell phone number and why you should care;
    How to browse the web securely and privately;
    How to choose and use an encrypted messaging app; TC; 12/25/2018
  • Online security tools: The holiday gift that shows you really care
    Give a password management app or subscription;
    Add a second factor to complement a password;
    Sign them up for account breach notifications;
    Install free or paid anti-malware software;
    Set up online backups;
    Turn on FileVault on their Macs;
    Set up a VPN account;
    Credit freeze; MW; 12/5/2018
  • Bad (Better) Consumer Security Advice
    unsecured Wi-Fi & VPN;
    proactively create accounts: Social Security Admin., IRS, USPS;
    two-factor authentication;
    strong passwords, unique for each account (but don't change frequently);
    credit freezes;
    airport outlets? Schneier; 12/4/2018
  • After Marriott Breach, How to Protect Your Information Online NYT; 11/30/2018
  • Guide to Not Getting Hacked
    Review Your Threat Model
    Keep OS and apps up to date
    Use a Password Manager
    Use two-factor authentication
    Don't use Flash
    Do use antivirus
    Do use an ad blocker
    Do use a VPN
    Disable macros
    Backup files
    Don't overexpose yourself for no reason
    Don't open attachments without precautions
    Do opt out of data broker websites
    Do sext if you want, but do it safely
    Mobile Threat Model
    If you can, get an iPhone
    If you love Android, get Pixel
    Lock up that Telephone Number
    Threat Model (privacy and surveillance)
    Signal
    Social Media
    Device Cameras, Microphones, and the Internet of Things
    Chatting
    Tor Browser
    Virtual Private Networks
    PGP
    Private Email Servers (don't do it)
    Encrypt your Hard Drive
    Credit Cards
    Data Retention for Lawyers, Journalists, and Anyone Else
    Log Off
    version 3: MB; 11/12/2018
  • How to Make Your Mac as Secure as Possible
    Software Update
    Identified Developers
    File Vault
    Location
    Spotlight Suggestions
    DNS; LH; 10/5/2018
  • How to Be Invisible Online (Without Going off the Grid) infographic;
    1. How to Anonymize Everything You Do Online: Go Incognito; Block 3rd Party Cookies; Tailor Permissions for Websites You Access; Use HTTPS Everywhere
    2a. On Facebook: Limits Access to Future Posts; Change Public to Friends-only; Stop People Using Your Personal Info for Finding You; Prevent Your Name Being Linked with Ads; Block Facebook Ads from Accessing Your Data
    2b. On Twitter: Prevent Twitter from Tracking You; Stop Including Location Data in Tweets; Stop Twitter from Using Your Contacts
    2c. On Instagram: Make Your Posts Private; Prevent Instagram from Sharing Info with other Social Network Sites
    2d. On Snapchat: Make Sure Only Your Friends Can Contact You; Select Who You Want to See Your Stories; Remove Yourself from the 'Quick Add' Section; Move Private Snaps Saved in your Memories to 'My Eyes Only'; Pay Attention to Screenshot Notifications
    3a. On iOS: Remove Website Tracking Data in Safari; Enable Fraudulent Website Warning; Block Ad Tracking
    3b. On Android: Opt Out of Ads Personalization; Disable Google Backup; 8/28/2018
  • Gizmodo: 6 Ways You're Risking the Security of Your Gadgets Without Thinking
    1. Watching TV and movies illegally
    2. Sharing your accounts with other people
    3. Using short PIN codes and pattern unlock
    4. Practising poor USB security
    5. Leaving your webcam and mic uncovered
    6. Not updating your software; Giz; 7/4/2018
  • Motherboard: Security Tuneup
    1. You Should Take Five Minutes to Update Your OS and Apps;
    2. It's Time to Actually Use Your Password Manager;
    3. You Should Be Using Two-Factor Authentication on Everything;
    4. Ad Blockers Are Good for Security, Too;
    5. Seriously, Stop Using Flash;
    [3] 6. Put an Extra Passcode On Your Cellphone Account (SIM hijacking)
    7. If You Use Word, You Need to Turn Off This One Feature: disable macros; MB; 5/23/2018
  • Gizmodo: All the Annoying Tech Chores You Need to Do When You Have Time
    Update your software;
    Free up some space;
    Scan for problems;
    Get your photos organized;
    Update your router;
    Move to the cloud;
    Untangle your wires;
    Clean your gadgets; Giz; 1/2/2018
  • 5 New Year's Resolutions to Protect Your Technology
    1. Update Your Software;
    2. Read Privacy Policies;
    3. Delete Unnecessary Apps;
    4. Use a VPN;
    5. Protect Your Hardware; NYT; 12/27/2017
  • Guide to Digital Security choose your profile:
    [1-2] Civilian: You're a regular user, but hackers and malware are lurking;
    7 Password Tips; Basic Smartphone Security; Resist Phishing Attacks; Keep Your Kids Safe; Protect Yourself from Doxing;
    [3] Public Figure: Activist? Journalist? Politician? Consider yourself a target;
    How to Encrypt All Your Data; Google Advanced Protection: a Step-by-Step Look; Use Tor for more than just Browsing; Physical Steps to Amp up your Digital Security;
    [3+] Spy: Professionals are after you. Time to get serious;
    How to Remove the Mic from your Devices; Sniff Out Bugs Planted in your Room; Extra Paranoid Measures for Superspies; Wired; 12/9/2017
  • [3] Physical Measures to Amp Up Your Digital Security
    Tape Over Your Webcam;
    Slap on a Privacy Shield;
    Use a Physical Authentication Key; Wired; 12/9/2017
  • [3+] Extreme Security Measures for the Extra Paranoid
    The Air Gap Up There;
    Faraday Cage aux Folles;
    Frickin' Laser Microphones;
    Literally Put a Blanket Over Your Head; Wired; 12/9/2017
  • Take These 7 Steps Now to Reach Password Perfection
    1. Use a password manager
    2. Go long
    3. Keep 'em (special chars) separated
    4. Don't change a thing
    5. Single-serve only
    6. Don't trust your browser
    7. Add two-factor too; Wired; 12/9/2017
  • How to Secure Your Mac
    Part 1 secure setup, non-admin account, parental controls, privacy settings; MW; 11/9/2017;
    Part 2 [3] firmware passwords, iCloud two-factor authentication, Safari Browser, Time Machine; MW; 11/15/2017
  • Gizmodo: 5 Incredibly Stupid Security Mistakes You Make Everyday
    1. Using the same login details everywhere/forever;
    2. Not protecting your phone’s lock screen;
    3. Not using two-step authentication;
    4. Sharing too much information;
    5. Using Wi-Fi without thinking; Giz; 10/4/2017
  • How to Create a Strong Password
    make your passwords very long
    don't use a common phrase
    test your password
    don't reuse your password
    use a password manager
    don't store passwords in your browser
    follow the rules every time
    use two-factor authentication
    don't ruin all this by using security questions
    remember, everything is broken; LH; 8/14/2017
  • A Hacker's Guide to Protecting Your Privacy While Dating
    1. Don't share your passwords or devices;
    2. Set up a Google Voice number to use for first dates;
    3. Use a VPN on shared Wi-Fi networks, including your home network;
    4. If you're going to make a sex tape, do it consensually and privately; Giz; 7/30/2017
  • 10 ways to protect your privacy now
    1. Don't overshare on social media;
    2. Take control of your children's devices;
    3. Secure your Wi-Fi;
    4. Become a password master;
    5. Keep software up to date;
    6. Be browser-savvy;
    7. Be a ghost (Ghostery);
    8. Be app-aware;
    9. Arm your computer (firewall, AV);
    10. Shred your documents; MT; 7/9/2017
  • Protecting Your Digital Life in 9 Easy Steps
    1. Download Signal, or Start Using WhatsApp to send text messages;
    2. Be wary of clicking on unfamiliar links or documents and apply software updates;
    3. Protect your computer’s hard drive with FileVault or BitLocker — and back up your data to an online backup service, external hard drive, or both;
    4. The way you handle your passwords is probably wrong and bad (use strong unique passwords, stored in a password manager);
    5. Protect your email and other accounts with two-factor authentication;
    6. Use a browser plug-in called HTTPS Everywhere;
    7. Invest in a Virtual Private Network, or VPN;
    8. Remember that incognito mode isn’t always private;
    9. Do sensitive searches in DuckDuckGo;
    Bonus: cover your webcam with tape; NYT; 5/16/2017
  • How Not to Protect Your Privacy Online
    1. Deleting your browsing history doesn’t work;
    2. Using an incognito window doesn’t work;
    3. Installing an ad blocker doesn’t work; Giz; 3/31/2017
  • How to Snoop-Proof Any Phone or Tablet
    passcode;
    lockscreen;
    apps (Signal, Whatsapp, browsers);
    VPN;
    minimize stored data; Giz; 3/3/2017
  • Consumer Reports: 66 Ways to Protect Your Privacy Right Now
    1. Check Your Data Breach Status
    2. Stop WiFi Imposters
    3. Use 10-Minute (Temporary) Mail
    4. See Who Shared Your Private Data
    5. Lock Your Screens: Long PIN;
    6. Try to Be Unique;
    7. But Not Too Personal;
    8. Do Better Finger Art
    9. Snail Mail Privacy: Shred These 5 Document Types;
    10. Shut Off the Flow of Credit Card Offers;
    11. Receive Less Mail
    12. Return to Sender
    13. Turn On Automatic Updates
    14. Make Sure There's Info-Security Staff
    15. Make Unbreakable Passwords: Stop Making Sense
    16. Use a Password Manager
    17. Got a Great One? Okay, Write It Down.
    18. Be Password Loyal (password entropy)
    19. Stop ID Theft After a Death
    20. Two-Factor Authentication
    21. Activate a PIN
    22. Watch Your Bills
    23. Let Google Scan Your Files
    24. Check on the Kids
    25. Lock Down Your Baby Monitor
    26. Outwit Your Smart TV
    27. Shut Down Webcam Creeps
    28. Deploy Your Firewall
    29. Restrict File Sharing
    30. Cloak Your Computer
    31. Do All of This Automatically
    32. Use a VPN
    33. You Know What? Just Fake It.
    34. Use Everyday Encryption: Do Your Phone First
    35. Encrypt Your Computer or just Sensitive Files
    36. Encrypt Your USB Drive
    37. Stop Oversharing on Facebook: Keep GPS Data Private
    38. Turn on Log-In Approvals (two-factor authentication)
    39. Become Elusive
    40. Leave a Group
    41. Reduce Ad Overload
    42. Hide ID-Theft Clues
    43. Use Separate Browsers for low- and high-stakes websites
    44. Tuneup Home WiFi Privacy: Find an Ethernet Cable
    45. Get the Router's IP Number
    46. Update the Router Username and Password
    47. Change the SSID
    48. Then Hide It
    49. Embrace Encryption
    50. Update Firmware
    51. Make Sure Remote Management Is Off
    52. Shut It Down
    53. And, Uh—Maybe Get a New Router
    54. Check Links Before You Click
    55. Add HTTPS Everywhere
    56. Block Snoops
    57. Avoid Ransomware: Back Up Your Data
    58. Keep Software Updated
    59. Try Haggling (Ransom discount)
    60. But Not Right Away (if you're going to pay)
    61. Use Ubuntu OS
    62. Scoff at Fake Email Notices
    63. Call Customer Service
    64. Tighten Google Privacy: Tweak the Settings
    65. Make Google Forget You
    66. Keep Your Fitness Data to Yourself; CR; 2/21/2017
  • Your 5 Totally Achievable Security Resolutions for the New Year
    1. Set Up a Password Manager;
    2. Enable Two-Factor Authentication;
    3. Make Backups;
    4. Know How to Use a VPN;
    [2] 5. Use End-to-End Encrypted Chat Apps; Wired; 12/29/2016
  • Five Resolutions to Simplify Your Tech Life
    1. Clean Up Your Password Hygiene;
    2. Maintain Your Devices;
    3. Mind Your Infrastructure;
    4. Be Less Wasteful (recycling);
    5. Be a Smarter Shopper; NYT; 12/27/2016
  • Let Your Whole Family Watch This Internet Security Basics Course
    How to choose a good password;
    How to know when to trust a website;
    Why we need all those software updates;
    How to protect your phone from hackers;
    How to protect your home from the Internet of Things;
    5 ways to protect yourself online; videos; LH; 12/15/2016
  • EFF (Electronic Frontier Foundation): Surveillance Self-Defense e.g., How-To Tutorials:
    Avoid Phishing Attacks;
    [3] Circumvent Online Censorship;
    Delete your Data Securely on Linux, Mac OS X, Windows;
    Enable Two-factor Authentication;
    Encrypt Your iPhone, Your Windows Device;
    [3] Install and Use ChatSecure;
    Use KeePassX password manager;
    [3] Use OTR (Off-the-Record) for Mac, Windows, Linux;
    [3] Use PGP (Pretty Good Privacy) for Linux, Mac OS X, Windows;
    [2] Use Signal for Android, iOS;
    [3] Use Tor (The Onion Router) for Windows, Mac OS X;
    [2] Use WhatsApp on Android, iOS; EFF; 12/1/2016
  • A beginner's guide to beefing up your privacy and security online
    Install updates, especially for your operating system and your browser;
    Use strong passwords and passcodes;
    Encrypt your phones and computers;
    Two-factor authentication;
    Using a password manager (and good password practices);
    [2] Using Signal for SMS and voice calls;
    Using VPNs, especially on public Wi-Fi;
    E-mail security (is hard to do);
    Deleting old e-mails; Ars; 12/1/2016
  • 3 Ways to Boost Your Family's Online Security This Holiday
    1. Download Firmware, Operating System, and App Updates;
    2. Securely Configure Wi-Fi Networks;
    3. Strengthen Email Password; Wired; 11/24/2016
  • 11 security basics that keep you safe from holiday tech dangers slideshow
    1. Card skimming;
    2. Support scams;
    3. Phishing;
    4. Public Wi-Fi;
    5. Internet of Things;
    6. System and software patching;
    7. Ad blocking;
    8. Two-factor authentication;
    9. Check statements;
    10. RFID protection;
    11. EMV cards (Europay-Mastercard-Visa chip); MW; 11/22/2016
  • 10-Minute Digital Privacy Tuneup
    Turn on Automatic Updates;
    Use Screen Locks on Every Device;
    Check Your Data-Breach Status;
    Use Temporary Email Addresses;
    Cover Your Laptop Webcam;
    Use the HTTPS Everywhere Browser Extension;
    Turn Off Location Tracking in Apps; CR; 9/20/2016
  • 12 Security Tricks to Stay Safe Online
    1. Keep your software up to date;
    2. Trim down your browser;
    3. Turn on two-step verification;
    4. Check activity on your accounts;
    5. Protect your phone's lock screen;
    6. Protect your laptop account;
    7. Embrace end-to-end encryption;
    8. Be careful on public wi-fi;
    9. Don't share more than you need to;
    10. Check your key accounts;
    11. Get help with online security;
    12. Use a few real-world hacks, e.g., tape over webcam, wired connection, no passwords on post-its; Giz; 8/5/2016
  • Mac News Network: security best practices:
    part 1 passwords, Wi-Fi, encryption, phishing; 6/6/2016;
    part 2 password managers, downloads, account security; 6/8/2016;
    part 3 unregistering devices, private browsing mode, VPNs; 6/10/2016
  • Top 10 Tech Security Basics Every Person Should Follow
    1. Watch Out for Social Engineering Attacks;
    2. Make Your Phone's Lock Code More Secure;
    3. Back Up Your Computer Automatically;
    4. Install the Best Antivirus and Anti-Malware Software;
    5. Lock Down Your Wireless Router;
    6. Never Send Sensitive Information Over Email Unless It's Encrypted;
    7. Don't Use Public Wi-Fi Without a VPN;
    8. Use a Password Manager;
    9. Use Two-Factor Authentication;
    10. Regularly Review Your App Permissions and Security Settings; LH; 3/26/2016
  • 9 Facts About Computer Security That Experts Wish You Knew
    1. Having a strong password actually can prevent most attacks;
    2. Just because a device is new does not mean it's safe;
    3. Even the very best software has security vulnerabilities;
    4. Every website and app should use HTTPS;
    5. The cloud is not safe -- it just creates new security problems;
    6. Software updates are crucial for your protection;
    7. Hackers are not criminals;
    [2] 8. Cyberattacks and cyberterrorism are exceedingly rare;
    [3] 9. Darknet and Deepweb are not the same thing; Giz; 8/9/2015
  • Google: Comparing Expert and Non-Expert Security Practices
    Use antivirus;
    Install latest OS updates;
    Turn on automatic updates;
    Update applications;
    Clear cookies;
    Use unique, strong passwords; Don't write down passwords;
    Save passwords or use a password manager;
    Check if HTTPS; Look at the URL bar;
    Be skeptical of everything;
    Be suspicious of links -- don't click links from unknown people;
    Don't enter passwords on links in email; Don't open email attachments;
    Visit only known websites;
    Use two-factor authentication; 7/23/2015
  • Oregon State Public Interest Research Group (PIRG): Resource Guide to Online Privacy
    1. Social Media Privacy;
    2. Secure Passwords;
    3. Stop Cookies;
    4. How to avoid viruses;
    5. Keeping your Social Security Number secure;
    6. Secure Websites;
    7. Scam Email; 11/7/2013
  • Electronic Frontier Foundation: Ten Steps You Can Take Right Now Against Internet Surveillance
    1. Use end-to-end encryption;
    2. Encrypt as much communications as you can;
    3. Encrypt your hard drive;
    4. Strong passwords, kept safe;
    [3] 5. Use Tor;
    6. Turn on two-factor (or two-step) authentication;
    7. Don't click on attachments;
    8. Keep software updated, and use anti-virus software;
    9. Keep extra secret information extra secure;
    10. Be an ally to EFF; 10/25/2013