If you have landed on this page, I can probably relate to how you feel.
There are just so many tools, and ways you get recommended online to protect your privacy, right? π
Some say β use a VPN! Some tell you to stop using specific apps or services. And, others might suggest you to ditch your current operating system (desktop and mobile) if you would rather not be spied upon.
It is easy to get overwhelmed, and think β what should I do first? Should I put any effort at all? Moreover, is online privacy a myth, or just something only techies can pull off?
Here, I aim to simplify and mention what you really need to achieve online privacy without sacrificing the convenience of what you use on your desktop or mobile.
I promise this is your one-stop online privacy guide, and you will never want to look at another resource online π
1. Don’t Install a VPN Unless…
Before you install a VPN, you need to know what it does.
If your objective is to hide your real IP address, and hide activity from your ISP, you can use a VPN. However, you need to trust the VPN provider to not log your data. There is no way you can verify that from your end.
Moreover, you must ask yourself these questions if you are going to pay for a VPN service:
- What do I do by hiding my real IP address from web services?
- Do I need it for streaming when out of the country?
- Do I want to be anonymous using a VPN? Am I under active threat?
Before you think of some answers for yourself, let me help you with some pointers:
- A VPN does not make you anonymous. If you are an activist, or a whistleblower, you need to try Tor for that.
- It does not secure everything you do on the internet, just makes things private.
- A VPN is helpful if you are using Torrents (and want to keep your IP private), or circumventing geolocation restrictions on web platforms.
- It hides your internet activity history (websites you connect to, when do you connect to, and associated data) from your Internet Service Provider. Note that your ISP can only look at your requests to connect to websites, not the information you exchange on the internet.
If it sounds like something you could use (and majorly benefit). Go ahead.
Otherwise, just don’t.
You can choose to go with some popular names in the VPN space, but I would not take any names.
2. Try Encrypted DNS
What if you don’t need a VPN? What else can you do? Go the private DNS way. That’s precisely what I do, I do not prefer using a VPN unless I really need to.
An encrypted DNS service secures and protects you from ISPs snooping around the DNS queries.
For instance, if you are visiting a website without an encrypted DNS, your ISP can see details like source and destination IP address, and you will be vulnerable to DNS Hijacking attacks. Moreover, ISP or anyone can monitor/modify your DNS requests, putting you at risk.
But, with an encrypted DNS, your ISP only sees the name of the website you visit (no critical data associated with it) and your DNS queries cannot be meddled with. You are not entirely anonymous, but your web experience is more secure, and private.
Additionally: you can block malware/trackers using encrypted DNS.
I would suggest you to try these options (desktop and mobile):
- NextDNS (I use it, and if you subscribe to it through my link, I get a commission!)
- Cloudflare DNS
- Quad9
- Control D
Do not use a VPN + encrypted DNS together. When you use a VPN, the DNS requests are automatically encrypted.
3. Embrace Open-Source Tools (and Browser)
There are many proprietary apps and services that we use. And, I do not complain that they are bad.
But, if you want to enhance your privacy, try switching to apps and services that offer transparency in what they do, meaning, they are open-source in nature π
Make sure that the source code of the app is available with a GPL/MIT/Apache/Mozilla Public license.
For instance, you can try Bitwarden password manager over Dashlane. You can try the Simple Keyboard Android app over Google’s Gboard. You can use Mozilla Firefox browser over Google Chrome for desktop and mobile.
If you cannot stop using browsers like Google Chrome, you can choose to use DuckDuckGo browser for all the things you want private.
If you are using an Android device, it will be easy to find open-source apps using F-Droid.
4. Install Portmaster (for Windows and Linux users)
Sorry, macOS users! I don’t have anything for you here. Maybe some other time?
Portmaster is a wonderful piece of software that seamlessly lets you monitor your network, and helps block unnecessary connections to keep your network secure. Don’t worry, it is a free and open-source software, and it is damn easy to use! As soon as you install it, you are taken through a quick setup process, and you will be set.
You can look at the official setup video to get an idea (there are more videos on their channel):
If you are using Portmaster, you can set up an encrypted DNS through this tool, you do not need to set it up separately.
For instance, you can just type dot://<nextdnsID>.dns.nextdns.io
in the DNS server field of Portmaster to use NextDNS with it.
And, if you know what you are doing, you can make advanced configurations, or opt for the premium plans to log your network data and more.
π Sorry to interrupt! If you like what you’re reading, please follow the page on Mastodon, Instagram, Telegram, Twitter or Facebook to show your support.
5. Keep Your Email Private, But Don’t Go Overboard
Oh! Stop freaking out if you think people know what your email address is!
If you are using passkeys or have enabled multifactor authentication on your email account along with a strong password, calm down.
Sure, some privacy experts may tell you to “make a brand-new email ID and do not share it anywhere“.
Instead, just use services like DuckDuckGo Email Protection or Simplelogin to hide your real email using aliases when signing up for newer services, whenever you need.
It is practically a hassle to create a brand-new email ID that no one knows. As someone whose email is connected to countless services, I really do not have the time to make things more inconvenient.
I tried making a new account on privacy-focused email services like Proton Mail. I encourage you to do that as well. If you are not comfortable with tech giants scanning your data.
Because I haven’t ditched by Gmail, account, I juggle between more email accounts.
Sure, it has its benefits (concept of disinformation inspired by Rob Braxman).
But, if you want to enhance your privacy, you might want to switch to secure email providers like Proton and Tuta.
If you want to try, go ahead, maybe your real email address is filled with spam that you cannot control, or if you have the time, give your email a βfresh startβ. After all, it is your call to make π
But, you are perfectly fine with just email aliases, unless you would like to put extra efforts.
6. Don’t Overshare on Social Media
You might want to share every moment of your life on social media.
Well, unless you are an influencer (or someone who makes a living out of sharing updates on social media), you might want to limit what you share.
A malicious actor can use information from your social media activity. A social engineering attack (with email phishing or such) can be more effective with all the data you chose to share.
7. Secure Your Files and Messages
I have covered email addresses, browsing activity, IP address, and network privacy so far.
The two more important data points where you can enforce better privacy are:
- Your day-to-day digital conversations
- Files
For conversations, ensure that you are not using WhatsApp, WeChat, or anything similar for private conversations. While WhatsApp conversations are end-to-end encrypted, it is not the most private option.
I would recommend using Element, Signal, Threema, or Keybase. You can explore more as per your requirements.
For files, store your files completely offline (with encryption enabled) or encrypt them before uploading to the cloud by using a tool like Cryptomator.
8. Use a Privacy-focused Search Engine
You can stop using Google/Bing for your online searches, and switch to DuckDuckGo or Startpage.
DuckDuckGo can be a refreshing experience, and Startpage can be a closer experience to Google. Pick any of them.
9. Keep Your Stuff Updated & Keep It Simple
Whether it is your phone or computer, keep the operating system and applications up-to-date. It is one of the best ways to make sure you protect your data.
In addition, do not overcomplicate things or use various unnecessary services, that would expose your data to privacy risks.
I understand, in the digital era, it is tough to escape from apps and services, especially, if you are a tinkerer and explorer. But, if you can streamline and limit things you do on the internet, the easier it becomes to enhance your privacy.
10. Extreme Measures? You can if you like!
What I recommend above includes your daily convenience of using the same services you already do (for the most part).
But, do you want these things to happen?
- Prevent Google from tracking you
- Prevent Facebook from getting any information out of you
- Prevent websites/services to knowing anything about you
If that is what you want, you can follow some of these solutions:
- Use a separate de-googled phone (running CalyxOS or similar) to keep things hidden from Google/any other tech giant like Apple.
- Use the Tor browser (and Tor network) for anonymity and privacy
Phew…. That’s it for my online privacy tips for you! If you were reading this through until the end, I appreciate your time. Share it along with your friends/family as well!
You are welcome to leave your suggestions and ideas on what else I should cover here in the comments down below.