So, you want to keep the family safe and secure, and your data private online.
This list is not exhaustive, but more based on what I do at home to be comfortable and make my family comfortable – and still let the use of computers be an easy thing, because if it’s too hard, people will find a way around it to make it easier. Easier always wins!
A good password matched with two factor authentication can do a lot to help you keep your account under your control. Passwords are kinda like a lock on the door, many people know how to get past them, but they are a small deterrent. Add two factor authentication and it puts a deadbolt on the other side which makes it not really with the effort unless there is something really juicy on the other side.
When using a password use a password manager. There are many of them. Unfortunately we are in capitalisms era of the subscription model so you will have to pay monthly/yearly instead of just for the software. I’ve used LastPass and 1Password. I am sure 1Password goes beyond the Mac now a days. A good manager lets you set up a family or sharing of passwords and lets you integrate into your browser/OS, to make it simple. ‘Cause if it’s not simple, you aren’t going to use it and use passwords like myPassword.
Many places, like banks and email providers also allow you to set up Two Factor Authentication. Do this. It’s the extra step that you get used to real fast that allows you to keep your account.
But why? Who cares if someone gets into my EPIC games account? There is a chance that you use the same password if you haven’t been using a manager for many accounts and then can try that password for other things, like a bank or email. With two factor authentication it makes it harder. Not impossible, but harder.
I use the Authy app and haven’t tried any others. It may be the best. It may be the worst. It works with all the accounts I set up with it and can use it as a widget on my phone.
I’m not a big fan of ads and ad trackers. More trackers than ads since the ads have stopped popping up and being all flashy and noisy.
With that I try to limit the amount of ads that I see/deal with online daily. For this I use pi-hole to control my DNS and sink them.
*Quick sidebar primer: DNS is what helps convert names into places so things like our browser or app knows where to get things. Controlling the DNS allows us to control where the computer thinks an add or something else is coming from. We shall talk more about it in a minute.
Pi-hole does require a separate computer to be set up on or set up on your home router to effectively. This can be a barrier to entry, but also a learning opportunity. A less expensive way to run it is on a raspberry pi.
There are also services that will help “keep the bad guys away” with DNS. These can be helpful for parental controls and concerns about gambling sites etc. They are not 100% (I’m sure they aren’t 80%, but they add a level of comfort and security).
Cisco bought Open DNS a few years ago and now. They have a few free and paid options to set up your DNS for home “protection”. What this does is now route your DNS traffic through them, instead of your ISP and allows them to make decisions based on your preferences. They now, instead of your ISP has logs of all the places you looked up.
Wait – what? My ISP has all this data on me?
Yes. Yes they do. They have it and sell it to advertisers and data brokers and anyone who will buy it to so they can make some more money.
Wait – what? That’s insane! They can see everything I do. That’s creepy.
Yes, yes they can. My ISP will see when I publish this online and the see the URL of where I went. There is not a person sitting there watching the data go by and what you are doing on your screen. They keep it in logs for X amount of time, try to make some money off of it. Maybe some pass it off to the NSA for cataloging, but in the end, they just want to make their customers happy enough that we keep paying them so really just try to provide a service.
Why are you telling me all of this then?
To talk about VPNs. There are a lot of advertisements for VPNs. Keep yourself private they say! Your ISP knows who you are they say! I need a VPN!
No, you probably don’t.
Remote workers should use a VPN. See, VPN is a virtual private network – meaning that in the simplest terms, it keeps all the data in that network (there are other things to consider, like split tunneling, data leaking when starting the tunnel, etc, but we aren’t going to talk about them) and that’s important for work. Work data should remain there and most of the time not on a person’s home computer so yeah for the VPN!
Home use of a VPN can be tricky, ineffective and give a very false sense of security so I will not recommend any that I see out there. Not that they are bad, it’s how they are used that is important.
Let’s say I want to “mask” where I am (like in a bad episode of CSI). I use a VPN on my home computer and send out a nasty email with a weird email account to the president of a big business. I also check and use this email from my phone that is connected to my home wifi, or from work. Oh, cool – they now know who I am and can figure these things out. I did not hide anything. I just paid someone for a VPN service that didn’t protect me, because I didn’t protect myself.
Better off is to practice good internet etiquette and not do illegal things. I am not putting on the argument that if you have nothing to hide don’t fear people watching you – I am saying they are better at watching then you/I am at hiding things so don’t be mean to people and try to be anonymous or do illegal things and think you are gonna get away with it because of a VPN.
If you don’t want Google guessing everything about you based on your search history or Verizon knowing everything as you search Yahoo!, there are alternatives. Get off of Chrome and use Brave. Also you can use DuckDuckGo or Bing to search and things are a little cleaner.
This. This is so your partner or kid don’t see what you are getting them for their birthday. It is not for hiding things from the police or anyone who can see/log your traffic (think your pi-hole server log). If you wouldn’t do it in front of someone then this is not a way to mask that. Just remember that.
If you are an activist/whistleblower/someone in need of secure safety look up how to protect yourself in many ways and do that. A VPN is not for that. This whole post is not for that.
Finally I’ll touch on secure communications, something a little more than a text message.
MMS and SMS messages are inherently insecure. They were created with security as an afterthought and that afterthought has been forgotten about.
iMessage is secure when all parties are using it. And this is how most secure messaging apps work. Many people use Facebook Messenger. I hear ya. Privacy can be turned on, but must be turned on and is run by Facebook, the company that provides a VPN so so they can see your traffic.
Facebook Messenger and What’sApp both use the technology developed by Signal as their underlying encryption, so why not just use Signal? You will actually be pretty surprised at home many people do use it. It has a good reputation and is actively being worked on for more features. If you have something you want to keep between you and the other person, this is a good option. I hear Telegram does much the same thing, but have not used it.
Is there ever an end?
This is not an exhaustive list or article and I know it’s missing things like links and footnotes to more reading, but things like privacy and security are always evolving and this is just the tip of my iceberg and what I do at home.
I didn’t even mention why Ring is a horrible thing and the IOT is a nightmare. see…