this post was submitted on 21 Jul 2023
74 points (98.7% liked)

Cybersecurity

5754 readers
193 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 1 year ago
MODERATORS
 

So recently I've gotten a bit more serious about my internet security, and made some changes. Here's a short list of what I've done, but I'm wondering if I'm missing anything important:

  • Moved from Brave to Firefox
  • Bought my own domain for my email (so I can switch email providers at any time)
  • Switched to Duck Duck Go from google (It's gotten worse anyways)
  • Bought the Proton package (VPN, Encrypted email, etc...)
  • Installed Thunderbird (instead of microsoft mail app)
  • Installed uBlock Origin
  • Installed Bitwarden for password managing (My passwords are also no longer all the same)

Is there anything that I have missed that should be a priority for internet security?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 1 year ago (1 children)

You raise a good point. I would say for the most part, I fall under general purpose, with some exceptions. I guess what I’m wondering is, are there security/privacy things that everyone should have, but most people just don’t know about?

[–] [email protected] 3 points 1 year ago (2 children)

You’re doing just fine then! I’d look into hardened Firefox configurations and I’d probably honestly reduce what you’re all doing with email. It’s a bit redundant - to have three customizations to what’s essentially one experience.

Your browser will be fine 99% of the time with script blockers like umatrix, config hardening, not using chrome/chromium. So using protons web interface is probably just fine. Even then, emails usually not too crazy for the average user in terms of risk either, besides it being a focal point for pivoting off of (use different emails for different areas you want to segment and keep using that manager software (passwords, accounts etc)

Keepass is free and works great to secure your stuff

[–] [email protected] 3 points 1 year ago

Don’t even get me started on sms-based vulnerabilities (cough cough apple)

[–] [email protected] 3 points 1 year ago (2 children)

I really disagree re: email. Proton's web interface is fine, but if you're going to use a desktop client, and many people prefer to, I think thunderbird is a better choice than outlook. Further, having a personal domain for email is great if you ever want to switch providers. It's pretty much the only way to not have to email dozens of people telling them "Sorry, you won't be able to reach me at this address anymore." If you do any sort of business over email encrypting it is a good choice, because it is possible to both spoof email and to intercept and read it.

[–] [email protected] 1 points 1 year ago (1 children)

Good points! We’re actually in agreement on all of these things, my opinion about email was not including a desktop app as browser viewing for me has been just fine (remember I have multiple email accounts so each account gets relatively low traffic on a per account basis)

The custom domain thing seems handy but how often are you really changing emails if you have multiple to begin with too, either or works I’m just biased toward my own habits lol

[–] [email protected] 2 points 1 year ago (1 children)

You're doing it when protonmail goes out of business suddenly, or changes their privacy rules, or decides they want to raise prices and you don't want to pay. You can never really predict these things, and having a cheap (domain names can be like $15 a year) option is great.

[–] [email protected] 1 points 1 year ago

That’s a fair point.

Idk I think I’m to the point these days where if I were to lose access to a side account I had locked down that heavily it wouldn’t be with anything majorly important of my life and I’d just start that persona/online activities again with a new one

[–] [email protected] 0 points 1 year ago

Good points! We’re actually in agreement on all of these things, my opinion about email was not including a desktop app as browser viewing for me has been just fine (remember I have multiple email accounts so each account gets relatively low traffic on a per account basis)

The custom domain thing seems handy but how often are you really changing emails if you have multiple to begin with too, either or works I’m just biased toward my own habits lol