All of us have made privacy mistakes at some point in our privacy journeys. In an effort to help those earlier on in that journey, please share some of the mistakes you’ve made, and how you could have prevented it.
Used Facebook for years.
I knew Instagram was privacy invasive long before I ever started using it. Still decided to use it for some reason. Anyways, glad to have my dopamine receptors back.
True story:
When I was a kid I wrote a review for Dexter’s Laboratory on the internet. I wrote “I think the show fuckin sucks!”. I don’t know why. Again, I was like 10. AOL ratted me out to my parents somehow and I got banned from the dial-up for a week.
I use Discord, though only in a web browser and only for semi-public chats. I might be using Discord less if I had gotten some friend groups onto something like Matrix.
Same, I can recommend vesktop to at least have a dedicated window for it, + some customization. I used discord-sandboxed before, but that stopped working.
It’s been quite a journey:
- Posting accurate personal info to my Google+ account when I first signed up
- Signing in to Google on my phone and browser
- Using an Android phone from eBay of dubious origin
- Sending confidential info via email
- Using the same gmail address for everything
- Signing up for things with my real info when it wasn’t necessary
- Handing out my phone number to loyalty programs
- Running hacked game APKs without checking for malware
- Using the User Agent Switcher extension on MS Edge, which was subsequently updated to include an infostealer
- Using browser extensions of unknown provenance
How to avoid:
- Ironically, Windows 10 started me on my privacy journey. Microsoft was in my face enough with privacy offenses that I began moving to Linux and investing time into my privacy.
- Don’t post unnecessary info to social media.
- Never email confidential info.
- Use a password manager, or at least some organized text file if you have an encrypted disk.
- FOSS software is more available and user-friendly than ever, always look for a FOSS alternative.
Wouldnt you like to know
I bought a two year sub for proton.
I pay monthly but I migrated everything to their platform and now I need to calm myself a little bit and think about which services I will migrate to
Posteo is something you should check out for email.
Using a VPN for torrents and forgetting to set it up to kill the network connection when VPN is lost. Got a couple “love letters” from my ISP that way.
I taped my latest DMCA letter to the wall to remind myself of this. I also wrote a small script to kill torrent processes and eventually break the software adapter if needed if certain gateways are reachable.
Looks like a hacky and far from perfect approach here. In the gap where you lose your VPN connection and the script triggers, there’s a timeframe that your torrent software will leak a lot of data. A better approach here is to enforce only VPN connections via your firewall. Whitelist outgoing connections to your VPN destination, blacklist the rest. On Linux make the torrent systemd unit also have a dependency on the VPN connection, that it: your torrent service won’t start if the VPN service isn’t active. So in case your VPN disables at some point,the firewall will still do its work.
Using the same username ober multiple platforms
