Cybersecurity

5404 readers

85 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

What steps can I take to be more secure on the internet? (lemmy.world)

submitted 1 year ago by Tobin@lemmy.world to c/cybersecurity@sh.itjust.works

70 comments fedilink hide all child comments

So recently I've gotten a bit more serious about my internet security, and made some changes. Here's a short list of what I've done, but I'm wondering if I'm missing anything important:

Moved from Brave to Firefox
Bought my own domain for my email (so I can switch email providers at any time)
Switched to Duck Duck Go from google (It's gotten worse anyways)
Bought the Proton package (VPN, Encrypted email, etc...)
Installed Thunderbird (instead of microsoft mail app)
Installed uBlock Origin
Installed Bitwarden for password managing (My passwords are also no longer all the same)

Is there anything that I have missed that should be a priority for internet security?

you are viewing a single comment's thread
view the rest of the comments

[–] citizen@sh.itjust.works 13 points 1 year ago* (last edited 1 year ago) (1 children)

MFA all accounts that support it
important accounts use hardware key like Yubikey
Ditch SMS mfa use Authenticator or hardware key
custom email aliases (proton have SimpleLogin) use separate email for every account just like password
change your browsing habits from YouTube instagram twitter to privacy alternatives (there is Firefox plugin Privacy Redirect)
use separate vm for higher risk browsing or separate computer (tails)
get VoIP phone number redirect your current phone to VoIP.
use pre paid phone only for internet and never use it for phone or sms. For more paranoid activate away from home using fake name (Mint mobile for instance doesn’t check if it’s real)
use phone that was never registered to your name (don’t reuse old phones)
setup always on VPN on your home on router with killswitch so you never reveal your IP accidentally
use privacy oriented DNS service

If you into privacy I recommend Extreme Privacy book that goes over many things. The lengths that you go to protect your privacy will depend on your threat model. Privacy is expensive unfortunately.

[–] 14th_cylon@lemm.ee 8 points 1 year ago* (last edited 1 year ago) (3 children)

custom email aliases (proton have SimpleLogin) use separate email for every account just like password

voluntarily subjecting yourself to mitm attack is... uh... not the smartest idea in the world 😂

and definitely not something you should advise to someone asking how to increase their security.

get VoIP phone number redirect your current phone to VoIP.

you have to pay for every such call. and what is the security gain here?

use phone that was never registered to your name (don’t reuse old phones)

that is to protect you from nsa, in some enemy of the state scenario?

setup always on VPN on your home on router with killswitch so you never reveal your IP accidentally

again, what scenario is this useful in? lets say i am not really into international terrorism...

The lengths that you go to protect your privacy will depend on your threat model.

yeah, and reading your advises, you are obviously some james bond hunted by 10 enemy intelligence services at once 🤣

[–] venoft@lemmy.world 5 points 1 year ago (1 children)

Why would using email aliases increase you mitm attack vector threat?

[–] 14th_cylon@lemm.ee 1 points 1 year ago

because unless you use some paranoid email that can do this in house (and majority of people do not) it means using third party service, which is, by definition, that man in the middle.

[–] citizen@sh.itjust.works 5 points 1 year ago

Thanks for your comments I had a good laugh as well. Take my upvote 😂

[–] KingJalopy@lemm.ee 1 points 1 year ago (1 children)

I don't understand. Can you explain?

[–] 14th_cylon@lemm.ee 2 points 1 year ago (1 children)

i think the person i am replying to is watching too much tv and his advices are silly and/or bad. if your question is more specific, well, be more specific ;)

[–] KingJalopy@lemm.ee 2 points 1 year ago (1 children)

Shit I replied to the wrong comment my bad.

[–] 14th_cylon@lemm.ee 1 points 1 year ago

ok then