Nowaday is easy to see news about attacks that have compromised privacy and security from both people and companies. Thanks to the hyperconnectivity that we have and a poor education about security and privacy we do not realize the footprint that we leave while doing our daily actions. Some examples could be when we rent a car and then connect the cell phone by bluethooth. We can synchronize all our contacts to the car without realizing it. Then when we return the car, the next user will have access to all our contacts.
The idea is to share some tools that will help us to protect our privacy and security in the internet world. Sometimes, we think that to protect ourselves we need to know about computers or invest money. But in this post I will show some free options that will improve our current situation.
The hell’s access
Passwords
Keeping different passwords is a tough task. Also, you need to change them from time to time. Moreover with the huge amount of accounts we create day to day it is really hard to keep passwords secure and avoid duplicating them. Finally but not less important several web pages/services were vulnarated by hackers. Getting to uncover our emails and sometimes even our passwords. This situation allows hacker to try in other web pages or services with these credentials creating a net of vulnerabilities. In this way not just our social media can be attacked, but also our home banking account and so on. You can check if your email has been compromised in the following sites, Mozilla Monitor and Pwned.
To solve this problem is as simple as downloading a password generator. This kind of application will create secure and strong passwords and avoid repeating them. From our side we just need to remember one or two strong secure passwords to get access to the application. Then using the application plug-in for the most modern web browser it will suggest auto-fill our credentials into the log-in pages. I suggest using Avira Password Manager because you can manage from both our mobile phone (Android, iOS) and laptop all your access. There are other applications that do the same work but they do not provide in the free tier the access to multiple devices at same time. From my point of view, it is a kill breaker feature because we use one or another depending on how we are moving along our day.
Two factor authentication (F2A)
Nowadays having strong passwords is not enough to keep all our access safe. So we should activate (in pages or services that allow us) the second factor authentication. This second code is a six digit password that changes periodically and will be requested after logged-in into a web page/service. Also if we want to do some actions inside a web page such as sell some of our crypto. To register the F2A, the application will scan a QR code with an application destined for that. From this blog we suggest use Authy because we can use it from our laptop or mobile device as well as keep all the codes synchronized between them. This is important because if we do not backup the recovery codes (a sheet with one or more codes given after registering the F2A), we will have a last chance to recover all our codes in case of lost or robbery of our personal devices.
The last advice is read and be careful. Each time a message is prompted, an unknown email takes some time to read and doubt about it. In this way we will know what we are doing and avoid be catched in some threat.
Reducing our digital footprint
Several times we were talking with friends about a new amazing bike, later we realized that we start seeing bike ads in social media or web browsing. The fact is our devices are listening to us. Also the installed applications that we use on our daily basis are collecting information about you or where we are moving on.
Radical changes
Google is the most famous and well known browser for all of us. But it‚Äôs the most intrusive because it records our data such as geo location (then they can suggest posts based on your location), preferences, etc without our consent. We can check this fact in the curated advertising that we will see in web pages or even among our search. There are other search engine options. In particular the one that I have been using since 13 years ago, it is DuckDuckGo. This engine does not track you and do not save nor sell our data related. Also we will see annoying advertising everywhere. A plus is that DuckDuckGo provides us with some extra commands in the search engine(for example if we put to search “jorge luis borges !w”, the !w command will show us the result in Wikipedia directly). There are several commands waiting for us.
Another improvement in our browsing is to start using Privacy Badger. It is a browser extension for all modern web browsers. This plug-in blocks libraries such as Google Analytics or hidden trackers embedded into the web pages. With that we will avoid the tracking and subsequent sale of this data to third-parties.
Access validation
Each time that we install a new application into our mobiles, they require in some manner to grant access to different mobile resources such as microphone, localization and so on. We should spend some time checking for those permissions that do not need to be accessed all the time and just allow them when we will use the application. Moreover we need to pay attention to those applications that request permission for resources that are not required for their right working. For example a stopwatch does not need access to our contact agenda or location.
Smart assistance
Finally, all our smartphones provide intelligent assistance that records part of our talks even when we are not using them. Hence we must keep them turned off and just use them when we need. Below I will share with you how to turn off the assistances for Android and iOS:
Deactivate "Hey Siri" (iOS):
- Configuration > Siri & Search.
- Toggle off "Listen for Hey Siri".
- Toggle off "Allow Siri when Locked".
Deactivate "Ok Google" (Android):
- Go to configuration.
- Google > Account Service > Search, Assistance and Voice > Voice.
- Voice Match and turn off Hey Google.