What, Why, and How to Improve Your Security and Privacy
I thought I would share a few of the things that I personally do to improve my security and privacy online. I do all five of things I’ve included here and services I reference are ones I use, in many cases for several years. I’m not recommending anything that I don’t personally do.
What: Keep secrets safe.
Why: We all manage a lot of secrets. We have hundreds of passwords to various websites. You’re not using the same password all over the place right? We have a ton of other secrets too. Those random questions that some websites ask about where you were born or the name of your first pet? There are also more traditional secrets like banking information, or the combination to your safe. This stuff all needs to be kept accessible but very secure.
How: I use 1Password for all of my secret management. Specifically, I use 1Password for Families because it allows all four of us to have our own accounts, keep our own vaults, and share vaults between different family members as well. 1Password is a password manager, but it also manages any number of different secrets, including any random notes that you may want to keep in it’s encrypted database.
What: Use a unique email address per service.
Why: Whenever you create an account on a new service, you should create a brand new email address for that account. You know how people have been saying for years to never share passwords between websites? Well, you also shouldn’t share an email address. You see, if you sign up for dozens of websites using the same email address, those websites may share tracking information using your email address as a shared identifier! Gross right? Yeah. The way to defeat this is to make sure that the email address is unique for each service you use.
How: There are a number of ways to do this, and I’ve tried all of them.
Many services allow for “plus addressing”, so if your email address is foobar@proton.me
, you can make it unique by putting a + in it with some characters. So, foobar+lyft@proton.me
could be the address you give Lyft.
There are also email relayers just forward email to you through a random address. These can be hard to use because they are outside your usual email flow.
I’ve used Fastmail for years and they recently rolled out a Masked Email feature that is awesome. It is easy to create any number of addresses, I have hundreds of them. You can delete any of them at anytime to destroy an address, and fairly unique to Fastmail if you reply it will use your masked email address at the from address. They even supports custom domain names so all of my addresses are in the form of polar.bison4837@thingelstad.com
. The nice thing about this is that I could still get these masked emails on another provider if I setup a Catch All address.
Creating unique email addresses is key to limiting tracking.
What: You need a content blocker in your browser.
Why: Imagine if you didn’t have a spam filter on your email for a second. Imagine every single email you ever got just landed in your inbox. That is what is happening if you surf the web without a content blocker. Actually though, it is worse. Because you aren’t just letting every email in, you are letting infinite numbers of little programs run on your computer from any number of different companies. Those programs are tracking you and collecting up all sorts of information about you. Dozens (or more!) of them on every website you visit. Yes, it is terrible. Running a content blocker is the key. Some will get caught in the ethics of running an ad blocker, but good content blockers can selectively block by category. So, if you feel ads should stay that is fine. You can still block the trackers.
How: I’ve used 1Blocker for this and think it is absolutely the best. It has a robust set of categories and definitions are updated regularly. I love that I can create my own custom rules as well. I have a set of rules that stop all activity to any Facebook property. My Internet doesn’t even have Facebook services on it. It is fabulous.
What: Your searches should not profile you.
Why: Google knows what you’re thinking. Searching is a particularly effective way to build a profile of a person. No company should get to hear all the questions that you have in your brain.
What: I love the idea of just paying for search, and have been using Neeva for a long time. I pay a small fee, and in turn they don’t profile and harvest my inner thoughts. That seems fair to me. If you absolutely can’t see to it to pay for something, at least switch your search engine to DuckDuckGo and stop using Google. DuckDuckGo is way better for privacy.
What: Get a feed reader!
Why: New content is published everywhere, and the best way to preserve your privacy is to have a service to get it for you. Instead of subscribing to a YouTube Channel in YouTube, you can have your Feed Reader watch it and show you. YouTube then doesn’t get that data. Or, want to follow a Twitter account but avoid being logged into Twitter, good feed readers can do that too. Your Feed Reader gets to be your armored agent, going into various services and pulling new content for you. No algorithms here either, as the content is just shown in time order. Brilliant!
What: Feedbin is my favorite service here and I’ve been a subscriber for years. I use it for RSS feeds, email newsletters, Twitter accounts, YouTube channels, Medium, Substack, and the list goes on and on. I don’t have to go to all those things, I just go to Feedbin. No social amplification, no algorithms, no ads. Just the stuff I subscribed to in exchange for a small fee.