Summary | Not Covered | References, Check Lists
Summary
- Our topics parallel the sequence in Take Control of Your Online Privacy {TCYOP} discussed under Introduction: E-books -- plus pre-requisite offline practices for protecting local systems and info.
- We'll cover these topics over six 2-hour sessions, which should allow enough time for you to understand background, context, tradeoffs, see demonstrations of settings/apps, and ask questions.
- Typical privacy & security recommendations could be summarized in 15 minutes or so, e.g., free 1-page 'cheat sheet': Quick Start section {TCYOP-4: 11-12; TCYOP-3: 9-10} Fix the Easy Things; Choosing Better Passwords; About Two-Factor Authentication; Create Privacy Rules for Yourself; Purge Your Info from Data Brokers; Cope with Special Cases
Or, you could read one of the ~50 overlapping 'fix this' articles available (Refs below) to improve some important practices, e.g., 'top-ten' check lists, best-practices, end-of-year reminders, New-Year's resolutions, after-the-fact-attack advice.- However, the goal of this course is for you to understand which of these many recommendations are the most important, why, and how to implement.
Yes, I've perused and prioritized all of them -- so that you don't have to! - Introduction: The "Problem"
- Approach: TCYOP; Info & Advice; Level of Detail; Tradeoffs
- Audience: Who; Advice Levels / Tags
- Settings: Devices & OS, Apps
- Topics (this page): Table of Contents (TOC); below: # of Sessions; What We Won't Cover {TCYOP-4: 2-4; TCYOP-3: 2-4}
- Finding More Help: Online; Groups, People
- Discounts: E-books, 1Password, Witopia, etc.
- E-books: TCYOP; Formats(.pdf, .epub, Kindle); Editions; Other e-books
- Resources: this web site; article references
- Navigation: Text / Image Size; Links; Search within a page; Top/Bottom of page controls; Slideshows
- Handouts: print/pdf your own; e.g., print web page, with presentation points/discussion at top, possibly omitting References
- Privacy, Security and Anonymity: Definitions & Analogies {TCYOP-4: 17; TCYOP-3: 15}
- What Do You Have to Hide?: attacks, financial, health, identity theft, vehicles {TCYOP-4: 13-17; TCYOP-3: 11-15}
- Who Wants Your Private Data?: companies, governments, hackers {TCYOP-4: 18-28; TCYOP-3: 16-28}
- Develop a Privacy Strategy: Policy / Law; Behavior; Planning; Technology {TCYOP-4: 29-50; TCYOP-3: 29-38}
- Offline Systems & Data {TCYOP: mentions importance of these in passing}
- Passwords -- Introduction: Strength; Generate; Test; Store
- Accounts: computers, phones
- Backups: Incremental vs. Complete (Clone); Local vs. Remote (Cloud); also Death, Photos
- Software Updates: Minor & Major System; App Stores; Replacing a Device
- Encryption: archive or partition with files, notes; whole disk
- Erasing Your Device: Secure Erase; Cleanup; Redaction; Recycling
- Keep Your Internet Connection Private: connection encryption overview {TCYOP-4: 51-77; TCYOP-3: 39-63}
- Encrypt Wi-Fi: Wi-Fi & Router Passwords; WPA2 Encryption; DNS (Domain Name System)
- Use a VPN: Virtual Private Network, e.g., Witopia
- Avoid Malware: User; App Stores; Anti-Virus; Browser Extensions; Flash; Java; cyberattacks / cyberwar
- Turn Off Unnecessary Services: Lock Screen; Find My Mac/iPhone/iPad; Location; Camera; Microphone; Bluetooth
- Use a Firewall: hardware, software
- Browse the Web Privately: browsers {TCYOP-4: 78-109; TCYOP-3: 64-90}
- Go to the Correct Site: Links; Bookmarks; Fraudulent Sites; Search
- Use HTTPS: URLs; Updates; VPN; also, Certificates, OpenSSL
- Manage Storage of Private Data: Private Browsing; Cookies; Autofill; Tracking; Browsing; Search; Download History; Caches
- Block Ads: Popups, Tracking; Content Blockers, e.g., AdBlock Plus
- Protect Passwords: Introduction: Strength, Generate, Test; Identity; Strength; Password Managers, e.g., 1Password; 2-Factor Authentication/2-Step Verification; Biometrics
- Search Privately: Search Suggestions, Providers, e.g., DuckDuckGo
- Anonymity: [3] Censorship, Wikileaks; Dark Web / Deep Net; NSA, CIA; Tor
- Shopping: credit cards; ShopSafe; PayPal; Bitcoin
- Improve Email Privacy: webmail (browser) vs. email client (app) encryption; phishing; spam; remote content {TCYOP-4: 110-131; TCYOP-3: 91-108}
- Email: Anonymity: [3] additional encryption
- Talk and Chat Privately: messaging, audio, video {TCYOP-4: 132-136; TCYOP-3: 109-114}
- Keep Social Media Sort of Private-ish: Privacy Settings & Policies; Facebook; Twitter {TCYOP-4: 137-146; TCYOP-3: 115-120}
- Share Files Privately: Apps, Music, Photos; Networks; also, BitTorrent, Copyright, Piracy {TCYOP-4: 147-155; TCYOP-3: 121-129}
- Manage Your Mobile Privacy: Accounts; Backup; Encryption; Network; Location; Public Devices {TCYOP-4: 156-165; TCYOP-3: 130-139}
- Keep the Internet of Things Private: Smart TVs, Wearables {TCYOP-4: 166-170; TCYOP-3: 140-144}
- Maintain Privacy for Your Kids {TCYOP-4: 171-173; TCYOP-3: 145-147}
- Course Updates: summary of significant changes
What We Won't Cover
- Some intermediate [2] and most advanced [3] issues, unless there's time and student interest
- Problems with your specific device & configuration (esp. non-Internet related); however, I may include tips about usage and cost, and interesting how-tos; also see More Help section for learning, troubleshooting recommendations
- Other non-digital privacy / security issues: paper, home, surveillance, death, etc. -- some in Offline Reference sections
- Internet history, technology questions and social issues ask me to re-offer OLLI course: Internet History and Issues
References: To Do (Not Do) / Check Lists
- Apple: macOS: Security
Software Updates; Gatekeeper; FileVault 2;
Privacy Controls; Password Generator;
iCloud Keychain; Sandboxing; Runtime protections;
Antiphishing; Find My Mac - Apple: Manage Your Privacy
Secure your Devices: passcode; Touch ID, Find My;
Secure your Apple ID: password, security questions, 2-step verification;
Stay secure: phishing, passwords, notifications;
Sharing: iCloud settings, location data, apps, ads, private browsing, children's privacy, diagnostic data - Apple: iOS Security
System Security: Secure boot chain; System Software Authorization; Secure Enclave; Touch ID; Face ID
Encryption and Data Protection: Hardware security features; File Data Protection; Passcodes; Data Protection classes; Keychain Data Protection; Access to Safari saved passwords; Keybags; Security Certifications and programs
App Security: App code signing; Runtime process security; Extensions; App Groups; Data Protection in apps; Accessories; HomeKit; SiriKit; HealthKit; ReplayKit; Secure Notes; Shared Notes; Apple Watch
Network Security: TLS; VPN; Wi-Fi; Bluetooth; Single Sign-on; AirDrop security; Wi-Fi password sharing
Apple Pay: Secure Element; NFC controller; Credit, debit, and prepaid card provisioning; Payment authorization; Transaction-specific dynamic security code; Contactless payments with Apple Pay; Paying with Apple Pay within apps, or on the web or with Handoff Rewards cards; Apple Pay Cash; Suica Cards; Suspending, removing, and erasing cards
Internet Services: Apple ID; iMessage; FaceTime; iCloud; iCloud Keychain; Siri; Continuity; Safari Suggestions; Siri Suggestions;
Device Controls: Passcode protection; iOS pairing model; Configuration enforcement; Mobile device management (MDM); Shared iPad; Apple School Manager; Device Enrollment; Apple Configurator 2; Supervision Restrictions; Remote Wipe; Lost Mode; Activation Lock
Privacy Controls: Location Services; Access to personal data; Privacy policy
Apple Security Bounty; iOS11 white paper; 1/2018 - AARP: Online Safety AARP Technology Education and Knowledge (TEK) Center, e.g.,
How Secure is Your Home Network?
How to Practice Safe Browsing
Keeping Your Computer Up to Date
Seasons Cheatings: Protecting Yourself from Holiday Frauds & Scams
Are Your Passwords Strong Enough - Back Up and Secure Your Digital Life
product reviews: Hard drive;
Online backup service; Cloud sync; Local backup software;
Password manager: free, paid; Two-factor authentication;
Virtual private network service; Secure browser extensions;
Things to skip: Hard drive data-recovery plans;
Traditional or free antivirus suites;
Identity-theft protection; NYT; 3/7/2024 - 9 Tips for Staying Safe Online with Your iPhone, Mac, or iPad
1: Regularly Install Software Updates;
2: Use Strong & Unique Passwords;
3: Use a Password Manager;
4: Use Two-Factor Authentication (2FA);
5: Be Cautious with Sketchy Links & Websites;
6: Be Cautious with Email Attachments;
7: Ignore Scary Pop-ups and Alerts from the Web;
8: Be Wary of Public Wi-Fi Networks;
9: Backup Your Devices; OSXD; 8/14/2023 - Let's bust these four myths of digital privacy and security
1: Stop spammers by writing out “at” and “dot” in your email address;
2: Digital criminals are dumb;
3: You need a VPN to stay safe online;
4: Your email address and phone number are secrets; WaPo; 2/17/2023 - Lock down your Mac with these 10 security tips
Choose a strong login password;
Change your Lock Screen settings;
Use Apple's password manager (or other PM);
Turn on Find My Mac; Set up multiple users;
Lock down your Mail; Limit your app downloads;
Keep your software up to date; Use a VPN;
Augment Apple’s XProtect antivirus; MW; 1/5/2023 - Steps to Simple Online Security (ToC); articles:
1: Always use strong passwords
2: Set Up Two-Factor Authentication
3: Enable Automatic Updates Everywhere
4: Encrypt Your Computer's Storage
5: Track or wipe a lost device
6: Backups
7: Secure Your Smartphone
8: Free Antivirus Software Is Good
9: Secure Your Web Browser
10: Secure Your Wi-Fi
Send messages and files safely
Lock down social media accounts
Extra security for financial and health data
What to do if you think you've been hacked
Secure small gadgets and smart-home devices
Maintain privacy at international borders and protests
Securely sell or donate old electronics
Digital security for online dating and sexting; NYT; 4/1-4/22/2022 - How to lock down your data and enhance privacy on iPhone and iPad
Set a strong passcode & use biometrics;
Edit your Lock screen; USB connections;
Make sure Find My is enabled;
Turn on App Tracking Transparency;
Manage your permissions;
Delete unused (or untrustworthy apps);
Enable privacy in Mail (tracking pixels);
Review Apple's privacy access;
Wipe your EXIF data (location);
Use strong passwords; ApIn; 3/29/2022 - A Practical Guide to Securing Your Windows PC
Click cautiously and install less;
Don't put off automatic updates;
Enable BitLocker;
Back up your files;
Set up Microsoft Defender properly;
Secure your Windows login with a password (and consider logging in with Windows Hello);
Remove software you don’t need (and any "bloatware");
Do a permissions audit;
Check your privacy settings;
NYT; 3/4/2022 - A Practical Guide to Securing Your Mac
Be careful what you click and install;
Don't turn off automatic updates;
Enable FileVault;
Enable the built-in firewall;
Back up your files;
Use a login password (and enable Touch ID if you can);
Consider a guest account;
Delete software you don’t need;
Audit your privacy permissions;
NYT; 3/4/2022 - Privacy myths busted: Protecting your mobile privacy is even harder than you think
settings alone aren't enough to secure your privacy,
but they're a lot more powerful with the right apps;
Use a PIN code to lock your phone
-- not fingerprints or facial recognition;
Disable location tracking;
Turn off your mobile ad ID;
Check your apps and accounts;
Sign out of all other devices;
Lock down your social media;
Enable 2FA; Check for leaky apps;
Fail-safe: Nuke your phone remotely;
The real key to privacy: Add these five apps
1. Signal Private Messenger App; 2. Surfshark VPN;
3&4. Brave Browser and DuckDuckGo;
5. BitWarden password manager; CNet; 1/9/2022 - Securing your digital life:
the key to protecting your digital life is to make it as expensive and impractical as possible
for someone bent on mischief to steal the things most important to your safety, financial security, and privacy;
Part one: The basics
What in my digital life can give away critical information tied to my finances, privacy, and safety?
What can I do to minimize those risks?
How much risk reduction effort is proportional to the risks I face?
How much effort can I actually afford?
Reducing your personal attack surface: mobile, computers, browsers;
threat modeling; Ars; 10/25/2021 - Part two: The bigger picture—and special circumstances
reduce the risks posed by data breaches and identity fraud
Everything counts in multiple accounts
When 2FA is not enough; Social exposure; Special cases; 10/27/2021 - Part three: How smartphones make us vulnerable
Targeted SMS phishing;
Fleece apps and fake apps;
Pigs to the slaughter: fake app stores;
Ars; 11/14/2021 - 6 Things You Need to Do to Prevent Getting Hacked
Use Multi-Factor Authentication;
Get a Password Manager;
Learn How to Spot a Phishing Attack;
Update Everything;
Encrypt Everything;
Wipe Your Digital Footprint;
Wired; 8/29/2021 - Five Tech Commandments to a Safer Digital Life
Thou Shalt Not Use Weak Passwords
Use Multifactor Authentication
Thou Shalt Not Overshare
Thou Shalt Not Share Data About Friends
Remember to Stay Skeptical; NYT; 3/24/2021 - How to Spring Clean Your Online Accounts Now That You're Stuck at Home
Delete your unused accounts;
Back up your stuff;
Organize your photos;
Declutter your devices;
Catch up on your emails;
Reset website permissions;
Update your software;
Analyze your fitness stats;
Cancel some subscriptions;
Turn on two-factor authentication; Giz; 3/26/2020 - The Complete Guide to Avoiding Online Scams
Never, ever click a link to your bank or financial institution from an email;
Don’t give out your passwords;
Use strong passwords (and secret questions);
Don’t buy anything from a random email you receive;
Watch out for job postings that look too good to be true;
Do not give out your personal info or Social Security number;
Take advantage of your browser’s security features;
Ignore website popups that say you have a virus; LH; 1/13/2020 - 8 Ways to Better Navigate the Internet in 2020
Take back (some of) your privacy;
Clean up after yourself;
Mind your manners;
Learn to fight fair;
Write better emails;
Think twice before you send that DM;
Do a data ‘cleanse;
Guard your health data; NYT; 12/26/2019 - Staying safe online
Use unique user name and password combinations on different websites;
Sign up for 2-step verification on sites that offer it;
Set up alerts for account changes;
Contact details up to date (email, phone number, address, etc.)?
Review your account at least monthly;
Request and review your credit reports from the 3 major credit bureaus;
On social media, don't share too much personal information, and check privacy settings; Vanguard; 10/29/2019 - 10 Tips to Avoid Leaving Tracks Around the Internet
Duck Google for email, search
Jam Google (e.g., different gender)
Avoid unnecessary web tracking
Careful on public Wi-Fi
Use Apple
Don't "Sign in with Facebook"
Identity theft, from a pro
Don't use Facebook; NYT; 10/6/2019 - 7 Cybersecurity Threats That Can Sneak Up on You
Rogue USB Sticks
Zombie (unused) Accounts
Untrusted Browser Extensions
Bogus Online Quizzes
Leaky Photo Uploads
Smart Home Snooping
Malicious Charging Cables; Wired; 10/6/2019 - 5 Cheap(ish) Things to Beef Up Your Digital Security
1. A password manager, e.g., 1Password
2. A virtual private network service (VPN)
3. A two-factor authentication app, e.g., Authy (built-in to 1Password)
4. A webcam cover
5. A paper shredder; NYT; 9/25/2019 - NYT: Secure Your Digital Life in 7 (Easy) Days:
1. Set Up a Password Manager;
2. Check Your Smartphone's Privacy Settings;
3.Protect Your Browsing;
4. Protect (Encrypt/Locate) Your Laptop;
5. Vaccinate Your Computer;
6. Get All the Software Updates;
7. Lock Down Your Most Important Accounts (2FA) - 101 Data Security Tips: Quotes From Experts On Breaches, Policy, News 9/25/2019
- 9 Seemingly Harmless Things You Should Never Do Online
1. Don't Take Personality Quizzes From Unknown Sources in Social Media.
2. Don't Post Your Full Birth Date and Hometown Online.
3. Don't Use Public Wi-Fi Without Verifying that it's a Legitimate Network.
4. Don't Follow Up a Gaming Session with Some Online Banking.
5. Don't Click on Links or Attachments in Emails Without Verifying the Source.
6. Don't Use The Same Password For Multiple Accounts.
7. Don't Click Links To "Promotions" Sent Through SMS; MF; 7/2/2019 - [2] 6 things you should do to protect yourself from hackers (but probably won't)
#1: Know which public Wi-Fi to trust
#2: Run tests for weaknesses
#3: Disable and manage third-party permissions
#4: Encrypt your data yourself
#5: Overwrite any deleted files
#6: Practice the ‘Principle of Least Privilege'; TNW; 4/14/2019 - 15 strategies everyone should know to protect their online information
1. Use a password manager
2. Be fully aware of what you're sharing
3. Avoid clicking on links
4. Be diligent, aware, and cautious
5. Enable double-confirmation on all accounts
6. Use credit locks and cloud security
7. Remove personal data from your social media
8. Do your research
9. Check your settings
10. Protect your online browsing
11. Stop using the same password for everything
12. Stick with reputable sites
13. Close old accounts you’re no longer using
14. Start over with a new credit card and new accounts
15. Remove yourself from people search sites; TNW; 2/15/2019 - How to Do a Data 'Cleanse'
1. Have you backed up your data?
2. Are your phone's photos safe?
3. Have you cleaned out your machine?
4. Is your software up-to-date?
NYT; 2/1/2019 - How to Protect Yourself on Data Privacy Day
1. Own Your Online Presence
2. Keep a Clean Machine
3. Protect Your Personal Information
4. Connect with Care
5. Be Web Wise; National Cyber Security Alliance (NCSA); OR DOJ; 1/29/2019 - Keep your digital life secure with these 6 simple tricks
1. Set boundaries. Decide -- on your own, and in advance -- what data you're willing to share with apps and online services, and stick to those limits
2. Burst your filter bubble. People who get their news primarily -- or exclusively -- from social media are subjecting themselves to the whims of the algorithms that decide what to display to each user
3. Manage your passwords
4. Turn on multi-factor authentication
5. Delete apps you don't use
6. Keep the apps you do use up-to-date; TNW; 1/12/2019 - Cybersecurity 101
Why you need to use a password manager;
Two-factor authentication can save you from hackers;
How to protect your cell phone number and why you should care;
How to browse the web securely and privately;
How to choose and use an encrypted messaging app; TC; 12/25/2018 - Online security tools: The holiday gift that shows you really care
Give a password management app or subscription;
Add a second factor to complement a password;
Sign them up for account breach notifications;
Install free or paid anti-malware software;
Set up online backups;
Turn on FileVault on their Macs;
Set up a VPN account;
Credit freeze; MW; 12/5/2018 - Bad (Better) Consumer Security Advice
unsecured Wi-Fi & VPN;
proactively create accounts: Social Security Admin., IRS, USPS;
two-factor authentication;
strong passwords, unique for each account (but don't change frequently);
credit freezes;
airport outlets? Schneier; 12/4/2018 - After Marriott Breach, How to Protect Your Information Online NYT; 11/30/2018
- Guide to Not Getting Hacked
Review Your Threat Model
Keep OS and apps up to date
Use a Password Manager
Use two-factor authentication
Don't use Flash
Do use antivirus
Do use an ad blocker
Do use a VPN
Disable macros
Backup files
Don't overexpose yourself for no reason
Don't open attachments without precautions
Do opt out of data broker websites
Do sext if you want, but do it safely
Mobile Threat Model
If you can, get an iPhone
If you love Android, get Pixel
Lock up that Telephone Number
Threat Model (privacy and surveillance)
Signal
Social Media
Device Cameras, Microphones, and the Internet of Things
Chatting
Tor Browser
Virtual Private Networks
PGP
Private Email Servers (don't do it)
Encrypt your Hard Drive
Credit Cards
Data Retention for Lawyers, Journalists, and Anyone Else
Log Off
version 3: MB; 11/12/2018 - How to Make Your Mac as Secure as Possible
Software Update
Identified Developers
File Vault
Location
Spotlight Suggestions
DNS; LH; 10/5/2018 - How to Be Invisible Online (Without Going off the Grid) infographic;
1. How to Anonymize Everything You Do Online: Go Incognito; Block 3rd Party Cookies; Tailor Permissions for Websites You Access; Use HTTPS Everywhere
2a. On Facebook: Limits Access to Future Posts; Change Public to Friends-only; Stop People Using Your Personal Info for Finding You; Prevent Your Name Being Linked with Ads; Block Facebook Ads from Accessing Your Data
2b. On Twitter: Prevent Twitter from Tracking You; Stop Including Location Data in Tweets; Stop Twitter from Using Your Contacts
2c. On Instagram: Make Your Posts Private; Prevent Instagram from Sharing Info with other Social Network Sites
2d. On Snapchat: Make Sure Only Your Friends Can Contact You; Select Who You Want to See Your Stories; Remove Yourself from the 'Quick Add' Section; Move Private Snaps Saved in your Memories to 'My Eyes Only'; Pay Attention to Screenshot Notifications
3a. On iOS: Remove Website Tracking Data in Safari; Enable Fraudulent Website Warning; Block Ad Tracking
3b. On Android: Opt Out of Ads Personalization; Disable Google Backup; 8/28/2018 - Gizmodo: 6 Ways You're Risking the Security of Your Gadgets Without Thinking
1. Watching TV and movies illegally
2. Sharing your accounts with other people
3. Using short PIN codes and pattern unlock
4. Practising poor USB security
5. Leaving your webcam and mic uncovered
6. Not updating your software; Giz; 7/4/2018 - Motherboard: Security Tuneup
1. You Should Take Five Minutes to Update Your OS and Apps;
2. It's Time to Actually Use Your Password Manager;
3. You Should Be Using Two-Factor Authentication on Everything;
4. Ad Blockers Are Good for Security, Too;
5. Seriously, Stop Using Flash;
[3] 6. Put an Extra Passcode On Your Cellphone Account (SIM hijacking)
7. If You Use Word, You Need to Turn Off This One Feature: disable macros; MB; 5/23/2018 - Gizmodo: All the Annoying Tech Chores You Need to Do When You Have Time
Update your software;
Free up some space;
Scan for problems;
Get your photos organized;
Update your router;
Move to the cloud;
Untangle your wires;
Clean your gadgets; Giz; 1/2/2018 - 5 New Year's Resolutions to Protect Your Technology
1. Update Your Software;
2. Read Privacy Policies;
3. Delete Unnecessary Apps;
4. Use a VPN;
5. Protect Your Hardware; NYT; 12/27/2017 - Guide to Digital Security choose your profile:
[1-2] Civilian: You're a regular user, but hackers and malware are lurking;
7 Password Tips; Basic Smartphone Security; Resist Phishing Attacks; Keep Your Kids Safe; Protect Yourself from Doxing;
[3] Public Figure: Activist? Journalist? Politician? Consider yourself a target;
How to Encrypt All Your Data; Google Advanced Protection: a Step-by-Step Look; Use Tor for more than just Browsing; Physical Steps to Amp up your Digital Security;
[3+] Spy: Professionals are after you. Time to get serious;
How to Remove the Mic from your Devices; Sniff Out Bugs Planted in your Room; Extra Paranoid Measures for Superspies; Wired; 12/9/2017 - [3] Physical Measures to Amp Up Your Digital Security
Tape Over Your Webcam;
Slap on a Privacy Shield;
Use a Physical Authentication Key; Wired; 12/9/2017 - [3+] Extreme Security Measures for the Extra Paranoid
The Air Gap Up There;
Faraday Cage aux Folles;
Frickin' Laser Microphones;
Literally Put a Blanket Over Your Head; Wired; 12/9/2017 - Take These 7 Steps Now to Reach Password Perfection
1. Use a password manager
2. Go long
3. Keep 'em (special chars) separated
4. Don't change a thing
5. Single-serve only
6. Don't trust your browser
7. Add two-factor too; Wired; 12/9/2017 - How to Secure Your Mac
Part 1 secure setup, non-admin account, parental controls, privacy settings; MW; 11/9/2017;
Part 2 [3] firmware passwords, iCloud two-factor authentication, Safari Browser, Time Machine; MW; 11/15/2017 - Gizmodo: 5 Incredibly Stupid Security Mistakes You Make Everyday
1. Using the same login details everywhere/forever;
2. Not protecting your phone’s lock screen;
3. Not using two-step authentication;
4. Sharing too much information;
5. Using Wi-Fi without thinking; Giz; 10/4/2017 - How to Create a Strong Password
make your passwords very long
don't use a common phrase
test your password
don't reuse your password
use a password manager
don't store passwords in your browser
follow the rules every time
use two-factor authentication
don't ruin all this by using security questions
remember, everything is broken; LH; 8/14/2017 - A Hacker's Guide to Protecting Your Privacy While Dating
1. Don't share your passwords or devices;
2. Set up a Google Voice number to use for first dates;
3. Use a VPN on shared Wi-Fi networks, including your home network;
4. If you're going to make a sex tape, do it consensually and privately; Giz; 7/30/2017 - 10 ways to protect your privacy now
1. Don't overshare on social media;
2. Take control of your children's devices;
3. Secure your Wi-Fi;
4. Become a password master;
5. Keep software up to date;
6. Be browser-savvy;
7. Be a ghost (Ghostery);
8. Be app-aware;
9. Arm your computer (firewall, AV);
10. Shred your documents; MT; 7/9/2017 - Protecting Your Digital Life in 9 Easy Steps
1. Download Signal, or Start Using WhatsApp to send text messages;
2. Be wary of clicking on unfamiliar links or documents and apply software updates;
3. Protect your computer’s hard drive with FileVault or BitLocker — and back up your data to an online backup service, external hard drive, or both;
4. The way you handle your passwords is probably wrong and bad (use strong unique passwords, stored in a password manager);
5. Protect your email and other accounts with two-factor authentication;
6. Use a browser plug-in called HTTPS Everywhere;
7. Invest in a Virtual Private Network, or VPN;
8. Remember that incognito mode isn’t always private;
9. Do sensitive searches in DuckDuckGo;
Bonus: cover your webcam with tape; NYT; 5/16/2017 - How Not to Protect Your Privacy Online
1. Deleting your browsing history doesn’t work;
2. Using an incognito window doesn’t work;
3. Installing an ad blocker doesn’t work; Giz; 3/31/2017 - How to Snoop-Proof Any Phone or Tablet
passcode;
lockscreen;
apps (Signal, Whatsapp, browsers);
VPN;
minimize stored data; Giz; 3/3/2017 - Consumer Reports: 66 Ways to Protect Your Privacy Right Now
1. Check Your Data Breach Status
2. Stop WiFi Imposters
3. Use 10-Minute (Temporary) Mail
4. See Who Shared Your Private Data
5. Lock Your Screens: Long PIN;
6. Try to Be Unique;
7. But Not Too Personal;
8. Do Better Finger Art
9. Snail Mail Privacy: Shred These 5 Document Types;
10. Shut Off the Flow of Credit Card Offers;
11. Receive Less Mail
12. Return to Sender
13. Turn On Automatic Updates
14. Make Sure There's Info-Security Staff
15. Make Unbreakable Passwords: Stop Making Sense
16. Use a Password Manager
17. Got a Great One? Okay, Write It Down.
18. Be Password Loyal (password entropy)
19. Stop ID Theft After a Death
20. Two-Factor Authentication
21. Activate a PIN
22. Watch Your Bills
23. Let Google Scan Your Files
24. Check on the Kids
25. Lock Down Your Baby Monitor
26. Outwit Your Smart TV
27. Shut Down Webcam Creeps
28. Deploy Your Firewall
29. Restrict File Sharing
30. Cloak Your Computer
31. Do All of This Automatically
32. Use a VPN
33. You Know What? Just Fake It.
34. Use Everyday Encryption: Do Your Phone First
35. Encrypt Your Computer or just Sensitive Files
36. Encrypt Your USB Drive
37. Stop Oversharing on Facebook: Keep GPS Data Private
38. Turn on Log-In Approvals (two-factor authentication)
39. Become Elusive
40. Leave a Group
41. Reduce Ad Overload
42. Hide ID-Theft Clues
43. Use Separate Browsers for low- and high-stakes websites
44. Tuneup Home WiFi Privacy: Find an Ethernet Cable
45. Get the Router's IP Number
46. Update the Router Username and Password
47. Change the SSID
48. Then Hide It
49. Embrace Encryption
50. Update Firmware
51. Make Sure Remote Management Is Off
52. Shut It Down
53. And, Uh—Maybe Get a New Router
54. Check Links Before You Click
55. Add HTTPS Everywhere
56. Block Snoops
57. Avoid Ransomware: Back Up Your Data
58. Keep Software Updated
59. Try Haggling (Ransom discount)
60. But Not Right Away (if you're going to pay)
61. Use Ubuntu OS
62. Scoff at Fake Email Notices
63. Call Customer Service
64. Tighten Google Privacy: Tweak the Settings
65. Make Google Forget You
66. Keep Your Fitness Data to Yourself; CR; 2/21/2017 - Your 5 Totally Achievable Security Resolutions for the New Year
1. Set Up a Password Manager;
2. Enable Two-Factor Authentication;
3. Make Backups;
4. Know How to Use a VPN;
[2] 5. Use End-to-End Encrypted Chat Apps; Wired; 12/29/2016 - Five Resolutions to Simplify Your Tech Life
1. Clean Up Your Password Hygiene;
2. Maintain Your Devices;
3. Mind Your Infrastructure;
4. Be Less Wasteful (recycling);
5. Be a Smarter Shopper; NYT; 12/27/2016 - Let Your Whole Family Watch This Internet Security Basics Course
How to choose a good password;
How to know when to trust a website;
Why we need all those software updates;
How to protect your phone from hackers;
How to protect your home from the Internet of Things;
5 ways to protect yourself online; videos; LH; 12/15/2016 - EFF (Electronic Frontier Foundation): Surveillance Self-Defense e.g., How-To Tutorials:
Avoid Phishing Attacks;
[3] Circumvent Online Censorship;
Delete your Data Securely on Linux, Mac OS X, Windows;
Enable Two-factor Authentication;
Encrypt Your iPhone, Your Windows Device;
[3] Install and Use ChatSecure;
Use KeePassX password manager;
[3] Use OTR (Off-the-Record) for Mac, Windows, Linux;
[3] Use PGP (Pretty Good Privacy) for Linux, Mac OS X, Windows;
[2] Use Signal for Android, iOS;
[3] Use Tor (The Onion Router) for Windows, Mac OS X;
[2] Use WhatsApp on Android, iOS; EFF; 12/1/2016 - A beginner's guide to beefing up your privacy and security online
Install updates, especially for your operating system and your browser;
Use strong passwords and passcodes;
Encrypt your phones and computers;
Two-factor authentication;
Using a password manager (and good password practices);
[2] Using Signal for SMS and voice calls;
Using VPNs, especially on public Wi-Fi;
E-mail security (is hard to do);
Deleting old e-mails; Ars; 12/1/2016 - 3 Ways to Boost Your Family's Online Security This Holiday
1. Download Firmware, Operating System, and App Updates;
2. Securely Configure Wi-Fi Networks;
3. Strengthen Email Password; Wired; 11/24/2016 - 11 security basics that keep you safe from holiday tech dangers slideshow
1. Card skimming;
2. Support scams;
3. Phishing;
4. Public Wi-Fi;
5. Internet of Things;
6. System and software patching;
7. Ad blocking;
8. Two-factor authentication;
9. Check statements;
10. RFID protection;
11. EMV cards (Europay-Mastercard-Visa chip); MW; 11/22/2016 - 10-Minute Digital Privacy Tuneup
Turn on Automatic Updates;
Use Screen Locks on Every Device;
Check Your Data-Breach Status;
Use Temporary Email Addresses;
Cover Your Laptop Webcam;
Use the HTTPS Everywhere Browser Extension;
Turn Off Location Tracking in Apps; CR; 9/20/2016 - 12 Security Tricks to Stay Safe Online
1. Keep your software up to date;
2. Trim down your browser;
3. Turn on two-step verification;
4. Check activity on your accounts;
5. Protect your phone's lock screen;
6. Protect your laptop account;
7. Embrace end-to-end encryption;
8. Be careful on public wi-fi;
9. Don't share more than you need to;
10. Check your key accounts;
11. Get help with online security;
12. Use a few real-world hacks, e.g., tape over webcam, wired connection, no passwords on post-its; Giz; 8/5/2016 - Mac News Network: security best practices:
part 1 passwords, Wi-Fi, encryption, phishing; 6/6/2016;
part 2 password managers, downloads, account security; 6/8/2016;
part 3 unregistering devices, private browsing mode, VPNs; 6/10/2016 - Top 10 Tech Security Basics Every Person Should Follow
1. Watch Out for Social Engineering Attacks;
2. Make Your Phone's Lock Code More Secure;
3. Back Up Your Computer Automatically;
4. Install the Best Antivirus and Anti-Malware Software;
5. Lock Down Your Wireless Router;
6. Never Send Sensitive Information Over Email Unless It's Encrypted;
7. Don't Use Public Wi-Fi Without a VPN;
8. Use a Password Manager;
9. Use Two-Factor Authentication;
10. Regularly Review Your App Permissions and Security Settings; LH; 3/26/2016 - 9 Facts About Computer Security That Experts Wish You Knew
1. Having a strong password actually can prevent most attacks;
2. Just because a device is new does not mean it's safe;
3. Even the very best software has security vulnerabilities;
4. Every website and app should use HTTPS;
5. The cloud is not safe -- it just creates new security problems;
6. Software updates are crucial for your protection;
7. Hackers are not criminals;
[2] 8. Cyberattacks and cyberterrorism are exceedingly rare;
[3] 9. Darknet and Deepweb are not the same thing; Giz; 8/9/2015 - Google: Comparing Expert and Non-Expert Security Practices
Use antivirus;
Install latest OS updates;
Turn on automatic updates;
Update applications;
Clear cookies;
Use unique, strong passwords; Don't write down passwords;
Save passwords or use a password manager;
Check if HTTPS; Look at the URL bar;
Be skeptical of everything;
Be suspicious of links -- don't click links from unknown people;
Don't enter passwords on links in email; Don't open email attachments;
Visit only known websites;
Use two-factor authentication; 7/23/2015 - Oregon State Public Interest Research Group (PIRG): Resource Guide to Online Privacy
1. Social Media Privacy;
2. Secure Passwords;
3. Stop Cookies;
4. How to avoid viruses;
5. Keeping your Social Security Number secure;
6. Secure Websites;
7. Scam Email; 11/7/2013 - Electronic Frontier Foundation: Ten Steps You Can Take Right Now Against Internet Surveillance
1. Use end-to-end encryption;
2. Encrypt as much communications as you can;
3. Encrypt your hard drive;
4. Strong passwords, kept safe;
[3] 5. Use Tor;
6. Turn on two-factor (or two-step) authentication;
7. Don't click on attachments;
8. Keep software updated, and use anti-virus software;
9. Keep extra secret information extra secure;
10. Be an ally to EFF; 10/25/2013