The Internet is wonderful, but it can also be horrible; as all those families whose lives have been destroyed because their bank accounts have been hacked, because their personal information has been published, or because their work has been stolen, attest. Lets discuss about steps you need to take to be safe on the internet.
Even if you think you don’t do anything important on the Internet, that doesn’t mean you’re not in danger. For an attacker, the slightest slip can be enough to gain access to your entire digital life. And if one thing is easy, it’s finding slips; yet most people still use insecure passwords, or have habits that make them very easy victims.
Tips for being safe on the Internet
Fortunately, protecting yourself on the Internet is really easy; much more than you might think. The hardest thing, in fact, is to change our habits and start following expert advice. But what exactly should we do to ensure our protection on the Internet?
The Security Checklist project was born to make it very clear. It is an open-source project that compiles a list of tips and practices that we should follow. The good thing about this website is that we can cross out the tasks as we complete them, and there are also a lot of links to resources and programs that can help us.
Use a password manager
It is very important to use a different password for each service we use. This way, if an attacker gets the password for a site, he won’t be able to use it for the rest. Of course, thinking up a different password for each web or app, and remembering them all, can be difficult.
That’s why the first thing you should do is use a password manager. Any self-respecting browser, such as Chrome or Firefox, has a built-in password manager; it should appear as a pop-up message when you enter a password on a site. In addition, Google is working on a password generator.
You can also use specially designed programs to store passwords in encrypted form and generate secure passwords.
Create a hard to guess code for your mobile
If someone got your cell phone, I’d have access to practically your whole life. For example, you could use the apps you have installed, such as your bank’s app. That’s why it’s important to protect it, even if we use authentication methods like fingerprint or FaceID (or instead of these systems).
The unlock key of our mobile should have at least six digits; it’s better if it has letters as well as numbers. Also, make sure that the device is not unattended for more than a couple of minutes.
Use two-step authentication
Although not infallible, two-step authentication has become fashionable in many services. It’s another layer of security, in addition to passwords, that asks us to identify ourselves with a second device or account.
For example, with Google we can make that, once the password is introduced, we have to accept the connection with our mobile; however, the telephone number by itself is not a good authentication method in two steps. If the service or web you use allows authentication in two steps, we always recommend using it.
Encrypt your devices
In the worst case scenario, if an attacker manages to steal your mobile or laptop and skip authentication, you shouldn’t let them see everything you have stored. The solution is to encrypt the device, so that it requires a password without which the content cannot be seen.
Fortunately, most operating systems already allow you to encrypt your hard drive or internal memory, from Windows (BitLocker) to Mac (FileVault) and Android. They also allow you to encrypt your backups, such as iOS.
DNS servers are responsible for “translating” the addresses you enter in your browser to IP addresses that the system understands. Therefore, each time you want to enter a website, an external server receives a request from which website you are looking. That means that, if you haven’t touched anything, your operator is logging all the pages you visit.
The solution is to change the DNS of your computer and your mobile, for other services focused on privacy. Google offers one, the famous 220.127.116.11, and recently Cloudflare has launched a very attractive 18.104.22.168, which we can also use on mobile phones.
However, remember that VPNs are not magic solutions to the privacy problem; in some cases they can be used to spy on you.
Check your personal privacy
There’s been a lot of jokes about sticking a piece of paper on the webcam, but the truth is it’s not a bad idea. There are special covers for laptop webcams, which protect us in case our system is hacked to record private videos.
Perhaps more important is to make sure that when you use your mobile in public, no one is watching you. Something difficult with screens as big as the current ones, although at least there are privacy filters that block the light at certain angles.
Use a privacy-centric browser
Your browser can be used to record which sites you visit. The most controversial in this case is Chrome, owned by Google, which has implemented a number of functions that record our behavior. You can deactivate them, or use another browser such as Firefox
Use a privacy-based search engine
Everything you look for on Google is used to create a profile that records your data, your behavior, your tastes and much more. If you are worried, unfortunately there are not many alternatives that are up to the task.
The best, without a doubt, is DuckDuckGo. This search engine is based primarily on privacy: it does not record what we are looking for nor does it have advertising crawlers.
Use a secure email provider
Email from most free services like Gmail or Outlook isn’t entirely secure; it’s usually not encrypted, and the contents of emails can be read to show us advertising.
Other providers, such as ProtonMail or FastMail, offer to encrypt the mail, and the content will always be private.
Check the permissions used by apps
The two big mobile systems, iOS and Android, have permission systems that limit what apps can see or access. But those permissions may have changed, or you may have approved them without realizing it.
Erase metadata from your photos
Today’s cameras record all kinds of information in each photo, such as location. Most apps and systems allow you to disable metadata inclusion, or you can delete them with programs.
Check your settings on social networks
We spend more and more time on social networks, and that’s why it’s normal for them to have more and more personal information. Information that can be used by third parties to track us, and that can even be stolen.
How to know what data Twitter has about us
Most social networks have one or more privacy sections, where we can check what information they have, download it, and delete it.
Use encrypted messaging apps
Not all messaging apps are the same; more and more apps are encrypting our messages, but the encryption key is kept so that messages can be logged and read. That’s why apps are being born as Signal, focused on privacy.
Beware of phishing
Phishing is a technique consisting of deceiving ourselves, making us believe that we are talking or communicating with someone who is not. The most common example is that of mails that pass for our bank to get our account data, but it is not the only one.
It is also possible to be called by phone, posing as employees or even family or friends. In many cases, we will not know where we are until too late.
Keep your devices up to date
There is no infallible system. It is inevitable that security bugs are found in your system, the important thing is that companies develop updates quickly, and that users install them. If you have pending updates on your device, it’s best to install them as soon as possible.
If you know English, it is advisable to enter Security Checklist and cross out the tasks as we apply them. What other security tips can you think of?