Now days keeping your information private online is becoming more important that ever, multiple governments are attempting to push legislation that will weaken security measures such as encryption, that is a vital part of keeping your information safe, not just the information on your own computer either, this directly effects other organizations that hold personal information about you, such as banks, healthcare, social media and indeed the government itself.
You may think that government snooping is acceptable if you have nothing to hide but these measures will make it easier for criminals to gain access to your information, they claim this is to protect children or prevent terrorism, but there has never been any good evidence that this actually works, ultimately it’s about governments controlling what their citizens do and think, that is never acceptable.
Web Browsing
Your web browser is in many cases the number one weak point in your system, both for malicious software and leaking of information that can uniquely identify and track you, most web browsers fail to provide sufficient protection without additional tweaking or use of extensions, currently the best ones I would recommend are Brave (available for Windows, Linux, Mac, Android and iOS) and LibreWolf (Windows, Linux and Mac), if you are going to use anything else uBlock Origin is a vital extension, browsers definitely to avoid are Google Chrome, Chromium, Microsoft Edge and Opera.
You should never for any reason allow advertising, not only does this very negatively effect your privacy but it’s also the number one vector for malicious software, it goes without saying but you should always pay close attention whenever entering private information or downloading a file, always double check the URL carefully.
Passwords
One thing that many people fail at is proper password security, firstly you should always avoid anything that can be guessed, such as single words, names, dates, locations, etc. A passwords strength depends on its entropy which is determined by length + number of available characters, for this reason it’s always best to have a mix of lower case and upper case characters, numbers and symbols, a minimum good length for this kind of password is 14 characters which will provide more than 90 bits of entropy, using just lower case would require at least 20 characters to reach this entropy.
Passwords should also never be reused, you need ideally to have a unique one for each and every service you use, of course this will rapidly become impossible to remember so it’s important you use a password manager, this reduces the number of passwords you need to remember to one, the list of passwords is also encrypted, there are a number of password managers to choose from, some of the ones I can recommend are KeePassXC and BitWarden, writing your master password down is acceptable but it should be stored in a secure location such as a safe.
Should you have trouble remembering a traditional password an alternative method is to use a list of words, these should range from four to twenty words that are not easily guessed, a good example of this would be “Blame Product Mountain Nuisance Danger House 3” with the spaces removed.
Two Factor Authentication (2FA)
2FA (a subset of Multi-factor Authentication MFA) is a very useful addition to passwords, it relies on the fact that your authenticator device is separate from the device you are entering the password on (ideally), this means even if your main device is compromised an attacker cannot gain access without having control of the authenticator as well (again ideally), the authenticator can take the form of a smartphone, another computer or specifically designed hardware authenticators.
Three common methods are currently in use, SMS based authentication, which is least secure and not good for privacy, HOTP (HMAC based One Time Password) and TOTP (Time based One Time Password) which is an extension of HOTP, the latter two rely on a shared secret key between your account and the authenticator, TOTP has the added advantage that the generated code is only valid for a short time period. These are not perfect but if you have the option to do so you should make use them, two good software options for OTP are FreeOTP (Android and iOS) and andOTP (Android).
Operating Systems
It’s no secret that Windows is not particularly good for either privacy or security, so one consideration you need to make is whether it’s worth switching to a different operating system, this could be a whole article in itself so I will only say you should seriously consider switching to something like Mac or (better) Linux, this is not without drawbacks, but as Windows continues to grow more invasive the advantages of making the switch become more apparent.
Encrypted Communication
Communication software that proves end-to-end encryption is the only sure way to guarantee privacy, there are many options to choose from, not all of them good, currently the only ones I can recommend with any kind of guarantee are Signal (requires a phone), Jami and SimpleX.
Naturally these depend on convincing others to use them, something easier said than done.
File Encryption
The most reliable and secure tool for this by far is GnuPG, this is not exactly user friendly but there are numerous front-ends you can use if needed, this can also perform message encryption and authentication so it’s very useful if you want to send data over an insecure channel such as email, it’s widely used in the free software community.
For full disk encryption the two main choices are Veracrypt (Windows, Linux, Mac) and LUKS (Linux), keep in mind that many governments have laws that allow them to attempt to force you to hand over your key.
Social Engineering
Often the main threat isn’t your software or hardware itself but vulnerability to social engineering, anyone can fall victim to this but with a healthy amount of paranoia you can largely protect yourself from it, primarily you should always be alert for any suspicious behaviour such as encouraging you to visit a specific website, download a specific file, offering you something for free, being able to authenticate a person such as a friend with things like cryptographic keys (GnuPG is excellent for this) can also be a significant help.
For people you don’t know you should distrust anything they say, this includes the police, in many situations it’s better to not say anything than to interact with persons you cannot trust.
Conclusion
Given the way things are going it’s important that you take your privacy and security seriously, while this is often an uphill battle there is no doubt that it’s worth taking the time and effort required.