How to Protect Your Privacy: A Guide to Securing Your Online Activities, Privacy, and Identity: Location Independent Series, #5

By Jeff Blum

More and more of our life is becoming digital. Are you prepared to deal with the privacy and security implications? As a digital nomad, the author lives online more than most others and has sometimes had to learn about the issues involved the hard way. As an online researcher, he decided to take a comprehensive look at all aspects of cybersecurity and share that knowledge with you via this hands-on guide to the ever growing and complex world of digital security.

 

The following major topics are covered:

• Passwords: Everything You Need to Know
• Protecting Your Computer
• Protecting Your Mobile Devices
• Protecting Your Files (Encryption)
• Protecting Your Online Activity
• Protecting Your Network Connection

 

You'll also find helpful information and practical tips to secure your electronic devices, avoid social engineering (phishing) attacks, browse the Internet safely, deal with social media privacy concerns, remove your personal data from information brokers, keep your cloud data safe, avoid identity theft, choose and use virtual private networks (VPNs), and preserve or pass on accounts in case of death. Newer digital privacy issues like generative artificial intelligence (GenAI), passkeys, and automotive privacy threats are covered as well.

 

Each topic is covered in detailed, yet easy-to-understand language. In addition, throughout the book are references to almost 400 hundred useful resources.

• Language: English
• Publisher: Jeff Blum
• Release date: Nov 18, 2023
• ISBN: 9798223645054

Book preview

List of External Links

external links

liseries.com/protecting-your-privacy/

Introduction

Privacy is a complex issue with no simple solutions. And it’s not all or nothing. Charlie Warzel does a good job describing the stakes in his article, Slouching Toward ‘Accept All Cookies’,² which I recommend you read.

Privacy involves protecting yourself from a range of people who may be interested in your data, for different purposes. Some organizations, like search engines and social networks, want to invade your privacy in order to show you targeted ads. Both track an alarming amount of your personal information, locations, and preferences. Mostly, these companies use your data to target ads, personalize your user experience, and keep you using their services, but they also may resell that information to third parties. Good or bad, these organizations are at least partially transparent with their efforts.

Other companies are less transparent. They collect your data from public databases (e.g., courts, public voting records, phone directories, your state’s Department of Motor Vehicles) and your online and offline behaviors. They even track what you don’t do. And then they aggregate this data and sell it to third parties that want to market to you. These data brokers³ do this without your consent or knowledge. To learn more, check out ProPublica’s article, Everything We Know About What Data Brokers Know About You.⁴

Besides those concerns, you also have to worry about criminals. Typically, they want to steal your identity or access your bank, credit cards, and online accounts.

Finally, there are other groups to worry about, like government agencies, medical providers, DNA test companies, automakers, and even your employer.

When thinking about your privacy, consider which of the above you care about, how susceptible you believe you are, and what the consequences would be for exposing your personal information. Ultimately, you must decide what trade-offs—of time, effort, money, relevance, personalization, and convenience—you will make based on your needs, desires, fears, and resources.

What’s Your Data Worth? If you are curious just how much your personal data might be worth on the open market, it’s less than you think,⁵ as little as $2 to $5 for a username and password. Of course, that your data won’t fetch much on the open market doesn’t mean losing it won’t be potentially devastating to you personally.

In my book on saving, syncing and sharing your digital life,⁶ I compare the idea of backup to insurance. We could say the same for protecting your online privacy. Another analogy compares privacy to personal health. Depending on your health goals, you will behave in different ways, including regulating what you eat and deciding what type—and how much—exercise to engage in. As long as you’re as healthy as you wish to be, everything’s fine.

Only you can decide how healthy you want your privacy to be, but knowledge is power, so let’s consider what’s involved in strengthening your privacy:

The passwords you use to protect your files, devices, network, and online accounts.

Your computers, mobile devices, and smart devices.

Any files that may contain sensitive or identifying information.

Your online activity, including your browser setup and the personal information you share.

Your connection to the Internet.

In the following chapters, I will address all these issues.

Passwords

A password is often the foundation which supports your digital privacy efforts. The way you approach passwords, as with everything privacy related, is a tradeoff of convenience and security.

The key things to understand about passwords are their strengths and weaknesses, how to store and use them, and how to create good ones. It’s also good to consider related strategies like Multi-factor authentication,⁸ usernames, security questions, social login, and passkeys.

Of course, not all passwords are equally important. The ones you use for your electronic devices, email and financial accounts, and other accounts that store sensitive information are most critical. Other accounts which require a password but don’t store much personal information are less critical. You may choose to employ different strategies depending on the type of the account being protected or you may treat all accounts as sensitive and use the same strategy for creating, storing and accessing all your passwords.

Let’s get started with a detailed look at everything you need to know to make the right password choices.

TL;DR:⁹ The two most important rules for passwords are to never reuse one for multiple accounts and to always make them strong. A strong password is long, random text or a collection of random words (a passphrase¹⁰). Since humans aren’t good at generating random passwords, use a tool to create them. The best tool is a password manager like KeePass¹¹ or Bitwarden,¹² which not only can create random passwords for you, but can securely store and manage them. It will also integrate with your browser and mobile devices so you don’t have to enter your password manually each time you need one. You should also always choose extra authentication methods like multi-factor authentication for important accounts. Although less critical, try to use unique usernames and email addresses for sensitive accounts.

How Our Password Protections Fail

Passwords are a security measure, not a guarantee. Below I will go into detail about how bad actors defeat your passwords. I think it’s interesting and also helps illustrate how important this security measure can be in protecting your private information and data.

Hackers¹³ and other bad actors typically gain access to your passwords—and thus your accounts—by the following methods:

Guessing the password because it is simple (e.g., password, 12345, your son’s birthday)

Guessing the password by reuse (you reused credentials from a compromised account with other accounts)

Getting your password from a third party (usually by hacking a company or website or buying passwords from someone that did)

Stealing your password with a keylogger¹⁴ or other form of malware¹⁵

Getting your password via social-engineering¹⁶ techniques (the art of manipulating people into divulging confidential information; phishing¹⁷ is a common form of social engineering)

Stealing your password physically (if you wrote it down, either on paper or in an unprotected file that a thief can access)

Cracking¹⁸ your password using a variety of methods

Getting your password via a linked account (e.g., someone gets access to your email account or mobile phone, which is then used to reset your account passwords)

Resetting your password using social engineering

Some of these methods are a bit beyond your control (or, at least, are difficult to control) but most are things you can take active steps to avoid. In later chapters, I will talk more about phishing, malware, and keyloggers, but the focus of this chapter is on passwords. So, let’s take a bit of a deep dive into how hackers crack passwords.

Targeted Attack vs. Large-Scale Attacks

If you aren’t tech savvy or if you have watched too many Hollywood movies, you may think your biggest worry is that someone will target you personally. You may also reason that you aren’t really important or interesting enough to make a worthwhile target. But that’s simply not how you are most likely to have your accounts compromised. In fact, hackers get access to most accounts via large-scale server breaches which expose thousands or even millions of account details. Hackers then attack those compromised accounts with no specific malice toward any single person.

Of course, sometimes a hacker targets an individual. If so, the attacker usually uses one or more of the methods I already listed, like phishing or physical access to a password list or electronic device. If a hacker doesn’t have knowledge of your