Friday, January 31, 2014

Please Try These At Home

Inspired by my friend Paradox Olbers, here's my first annual list of security stuff that I recommend that you do.  I will help you if you need help finding and setting your preferences.

I follow all of these recommendations myself.  In each tool, I enable all of the protections.  I suggest that you do so as well.  That will cause a very few slimy web sites to not work very well.   You might have to list them as exceptions to the rules.  The privacy and security rules should be strict.  Complain to those sites.  Not working correctly with modern security has become completely unacceptable.

Web browsers: use only Firefox or Iron (Google's Chrome minus privacy leaks)
If your web browser is not Free (as in Freedom) Software or at least Open Source, they are hiding something.  If you can't audit it or have it audited, it is not safe.  Period.  You've heard me say this before.  The community-developed Free Software web browsers are actually better than the stuff that came with your computer---which can't be trusted. 
On those more secure platforms install:
  • HTTPS Everywhere to turn normal web connections into secure ones.  This is from the Electronic Freedom Foundation, AKA the good guys.
  • Adblock Plus to completely remove most advertising from your web experience.  Ads can be deceptive, with simulated popups that look like real warning messages from your computer.  Just say goodbye to all of them.  Turn on the feature that blocks Adobe Flash until/unless you click on the movie to start it playing.  Flash shouldn't be allowed to run unattended. 
  • Ghostery is a tool that blocks the invisible trackers, monitors, beacons and other  spyware that popular websites use or tolerate.  Crank it up to 11.  There is no reason to put up with any of this stuff.  Turn on the popup that shows you all the spyware that it found and blocked per page.   You will probably turn this feature off after a while.   I leave on.  It's pretty appalling, all this stuff that is hidden under most web pages.  It invades your privacy by tracking you and it slows the entire web down.  Slowing down the internet is bad.  That's damage.  We have to route around it.
If you have extremely good and pressing reasons that require you to use a commercial operating system, you need to plug the holes they left in.  Get a top-quality antivirus/anti-spyware package (Kaspersky, Norton, AVG) and keep it updated.  I don't consider that sufficient but I do consider it mandatory.

For Windows there's a free (as in price) version of AVG:
AVG Free Edition 64-bit
AVG Free Edition 32-bit

Don't use the same password on more than one web site.  Don't use overly simple passwords.  Follow the guidelines that each site will tell you, they are right to ask for better passwords.

Following these recommendations is not going to create peace in our time, but it will improve your security online.

People who sell or buy web advertising will say my stance is antisocial.  Tough.  Nobody ever said they were entitled to revenue streams.  This isn't censorship.  Content producers will claim that they will go out of business if you don't view the ads.  Tough.  If they reviewed all their ads, and insured your privacy, there would be no problem, but hey want to leave their pages full of messy invisible scripts and other stuff that you don't have control over.  Except that now you do have control.

I need you to know that you have that control.

No comments:

Post a Comment