372 lines
32 KiB
Plaintext
372 lines
32 KiB
Plaintext
|
===An Internet Primer===
|
|||
|
|
|||
|
Non-profit and free for redistribution
|
|||
|
Written on August 24th | 2016
|
|||
|
Published on August 24th | 2016
|
|||
|
|
|||
|
For entertainment and research purposes only
|
|||
|
|
|||
|
++++++++++++++++++++++++++++++++++++++
|
|||
|
|
|||
|
===DISCLAIMER===
|
|||
|
The Paranoid's Bible and its writers hold no responsibility for the acts of others.
|
|||
|
|
|||
|
The Paranoid’s Bible and its guides are for research and entertainment purposes only.
|
|||
|
|
|||
|
Please visit our blog for more PDFs and information: http://www.paranoidsbible.tumblr.com/
|
|||
|
|
|||
|
++++++++++++++++++++++++++++++++++++++
|
|||
|
|
|||
|
===Preface===
|
|||
|
While many still argue about how their own views on the history of the internet are the truth, we do know the core timeline consists of the “Electronic computer” being developed in the 1950s. From there the ARPANET was created and quickly adopted the Internet Protocol, which soon began a wildly discussed and argued about origin story of the internet sometime in the 80s.
|
|||
|
|
|||
|
However, while many will even argue the core facts to the point of the internet being born either earlier or later in the timeline, we do know that Usenet wasn’t too far away. With the birth of Usenet, things like the BBS, Internet forum and terms like “Eternal September” quickly cropped up in a rapid session of growth and expanse.
|
|||
|
|
|||
|
Now things like Blogging or Social Media are common, and people with rose tinted glasses grow remorseful of how inclusive the internet has become.
|
|||
|
|
|||
|
Now, the early adopters and users aren’t too far off with their remorse, sadly… You see, many of the modern day users have grown complacent and wholly unaware of even the simplest uses of OPSEC. This guide aims at giving the average user a simple and quick primer to enhance their privacy and security when using the internet.
|
|||
|
|
|||
|
This guide isn’t a quick-fix or one-button solution to your problems or concerns, however it’s better than nothing when paired with the other guides listed in the “Blue Primer”.
|
|||
|
|
|||
|
__References__
|
|||
|
• Net History (http://www.nethistory.info/History of the Internet/origins.html)
|
|||
|
• Internet Society (http://www.internetsociety.org/internet/what-internet/history-internet/brief-history-internet)
|
|||
|
• History of the Internet (https://en.wikipedia.org/wiki/History_of_the_Internet)
|
|||
|
• ARPANET (https://en.wikipedia.org/wiki/ARPANET)
|
|||
|
• Internet protocol (https://en.wikipedia.org/wiki/Internet_Protocol)
|
|||
|
• Usenet (https://en.wikipedia.org/wiki/Usenet)
|
|||
|
• BBS (https://en.wikipedia.org/wiki/Bulletin_board_system)
|
|||
|
• Internet Forum (https://en.wikipedia.org/wiki/Internet_forum)
|
|||
|
• Eternal September (https://en.wikipedia.org/wiki/Eternal_September)
|
|||
|
• OPSEC (https://en.wikipedia.org/wiki/Operations_security)
|
|||
|
• Blog (https://en.wikipedia.org/wiki/Blog)
|
|||
|
• Social Media (https://en.wikipedia.org/wiki/Social_media)
|
|||
|
|
|||
|
++++++++++++++++++++++++++++++++++++++
|
|||
|
|
|||
|
===The Browser===
|
|||
|
The gateway to the internet, for the modern and average user, is their browser (https://en.wikipedia.org/wiki/Web_browser). It’s a piece of software meant to help people transverse the World Wide Web by retrieving and presenting information resources taken from the internet.
|
|||
|
|
|||
|
The modern browser is pre-built, requires hardly any tweaking, and is rarely, if ever, fully customizable. However, as more people aim for a free software or an open-source style of use, more browsers do offer some level of customization that range from modifying the settings under the hood to themes and other frivolous aesthetical customizations.
|
|||
|
|
|||
|
With so many choices, people usually stick to Internet Explorer or Google chrome; however these browsers leave a lot of wanting when it comes to usability. Chrome also has a notorious past of spying on you (http://betanews.com/2015/06/24/is-google-chrome-spying-on-you/) without giving you a warning, which shouldn’t be such a surprise with all the claims of Chrome being a botnet (https://wiki.installgentoo.com/index.php/Botnet) and not asking permission (http://www.netcompetition.org/antitrust/google-on-chrome-we-dont-need-your-permission) for accessing a user’s computer.
|
|||
|
|
|||
|
Ultimately, anything with Microsoft or Google is unavoidable, sadly, and a lot of work has to take place in order to avoid leaking information or having it sold. But that’s the way things flow as of late, especially when “Don’t Be Evil” is dropped in favor of “Do the Right Thing” (http://blogs.wsj.com/digits/2015/10/02/as-google-becomes-alphabet-dont-be-evil-vanishes/).
|
|||
|
|
|||
|
So, what does that mean for the average user?
|
|||
|
|
|||
|
Research your quickly dwindling choices for what browser you should use, which will reside between two browsers and one’s many, many flavors.
|
|||
|
|
|||
|
If you want something other than Mozilla Firefox, then try Brave (https://brave.com/) (Not recommended due to its newness) or Palemoon (https://www.palemoon.org/) (Based upon a fork of Firefox) or IceCat (https://www.gnu.org/software/gnuzilla/). However, for the sake of usability and quick to use features, we recommended, begrudgingly, Mozilla Firefox (https://www.mozilla.org/en-US/firefox/new/).
|
|||
|
|
|||
|
When you visit Firefox’s webpage, select the appropriate version for your operating system. Once downloaded, double click and follow the on screen prompts. When it comes to selecting “Standard” or Custom” ensure you select custom.
|
|||
|
|
|||
|
***Leave the default installation path, unless you wish to install elsewhere. ***
|
|||
|
|
|||
|
***The reason for removing the installation service is quite simple: *** Less communication between the browser and other sources, the less information leaked. Now ensure you've also unchecked/disabled the "Maintenance service" before proceeding.
|
|||
|
|
|||
|
Selecting shortcuts/icons is ultimately up to you. The same applies to it being the default browser—it’s up to you.
|
|||
|
|
|||
|
Once installed, it’s time for some basic customization and add-on installation.
|
|||
|
|
|||
|
The first thing you’ll notice is an “import wizard” pop-up. You don’t want to import anything unless you’ve some backups of your bookmarks. Other than that, ignore it and wait for the browser to load. From there, we’ll ignore the “Firefox account” prompt. You don’t want to sync or backup, anything, unless it’s an html or json file for your bookmark backups. Syncing accounts and saving passwords spells doom, gloom and big brother (sometimes literally your big brother or sister) spying on your info and peaking into your accounts and other online items (if not leaking it in a data dump).
|
|||
|
|
|||
|
Seriously, ignore prompts to sync or save information.
|
|||
|
|
|||
|
You’ll also want to ignore the private browsing mode. It’s not private, information is still saved, and people can still use exploits to get at your information.
|
|||
|
|
|||
|
Press the ALT button on your keyboard to get the menu bar to appear. From there, select the tools menu and then the “Options” submenu.
|
|||
|
|
|||
|
Press ALT button > Tools menu > Options sub-menu.
|
|||
|
|
|||
|
When the options window pops up, you’ll want to start in the “General tab”
|
|||
|
|
|||
|
Disable/uncheck “Always check if Firefox is your default browser” and set your homepage to whatever you want. Never let files save to downloads, you want to have it “Always ask” where to save them. On top of that disable all the "Tabs" options but "Open news windows in a new tab instead".
|
|||
|
|
|||
|
We do suggest using “Start Page” (https://www.startpage.com/) for your homepage and search engine needs.
|
|||
|
|
|||
|
Now click the "Search" tab and uncheck everything and delete all the "One-click Search Engines" options. From there, Go to the start page website, you should see an “Add to Firefox” option, select that. You should also, to prevent accidental use, remove all other search engines from the “Search” tab. Google, among several other engines, tend to cache and keep track of your search history and click stream (https://en.wikipedia.org/wiki/Clickstream). On top of that, Google, Yahoo, Microsoft, and a few others, will store and keep your search history saved to your accounts if logged into them, at all, while searching.
|
|||
|
|
|||
|
On the “Content tab,” uncheck/disable everything but "Block pop-up windows". Now select the “Advanced” button and click it. From there, disable the option titled "Allow pages to choose their own fonts, instead of my selection above". This just prevents sites from using intrusive and generally distasteful fonts and also limits their control over your browsing experience and browser.
|
|||
|
|
|||
|
Everything in the “Applications tab” should be set to always ask or preview in Firefox. The only thing you can safely set to a default application would be shockwave flash, which should be disabled by default in the plug-ins menu.
|
|||
|
|
|||
|
The “Privacy tab” should be straightforward; however most will recommend that you disable “Third-party cookies" but since this primer is aimed at providing some security, privacy, yet retain usability for the average user…
|
|||
|
|
|||
|
You should disable everything but: "Use Tracking Protection in Private Windows"; "Accept cookies from sites"; Clear history when Firefox closes.
|
|||
|
|
|||
|
Set 3rd party cookie to never, if you wish, however some banking sites lose functionality due to this. You should also set "Keep until" to "I close Firefox".
|
|||
|
|
|||
|
Now click the "settings..." tab on on the Privacy menu and select everything there.
|
|||
|
|
|||
|
In the “Security tab,” it’s again straightforward; however please do understand that the whole “Blocking dangerous and deceptive content” options are disabled due to the fact that, again, the less communication given over to the browser and its creators the better you’re off security and privacy wise.
|
|||
|
|
|||
|
Basically uncheck everything but "Warn me when sites try to install add-ons".
|
|||
|
|
|||
|
***Ignore the sync tab. ***
|
|||
|
|
|||
|
Everything in the “Advanced tab” is straight forward and should be self explanatory.
|
|||
|
|
|||
|
Advanced > General > Disable/uncheck everything but the four settings under "Browsing.
|
|||
|
|
|||
|
Advanced > Data Choices > Uncheck all
|
|||
|
|
|||
|
Advanced > Network > Check all and set cache to 0
|
|||
|
|
|||
|
Advanced > Update > Uncheck all and set to "Never check for updates"
|
|||
|
|
|||
|
Advanced > Certificates > Set to "Ask me every time" and check the one setting there.
|
|||
|
|
|||
|
Once done, exit out of Firefox and start it up again. This is just to ensure everything sticks and is working due to some of the more current versions of Firefox have had a habit to ignore settings from time to time and resetting things to default.
|
|||
|
|
|||
|
Now we’ll go to the Firefox Add-on page and work our way toward customizing Firefox a bit to improve usability and its overall feel.
|
|||
|
|
|||
|
First off, we’ll work on the aesthetics aspect a bit just to improve the overall feel of the browser due to its copy-catting of the Apple simplicity meme.
|
|||
|
|
|||
|
***You’ll want these add-ons:***
|
|||
|
• Black YouTube Theme - https://addons.mozilla.org/en-US/firefox/addon/black-youtube-theme
|
|||
|
• Classic Theme Restorer - https://addons.mozilla.org/en-US/firefox/addon/classicthemerestorer/
|
|||
|
• Smaller View - https://addons.mozilla.org/en-US/firefox/addon/smaller-view/?src=search
|
|||
|
|
|||
|
You should notice a considerable difference in your browser once restarted. More precisely, it’ll be easier to navigate and find your menus now. The YouTube theme is simply preference and feels easier on the eyes compared to the default theme of the site.
|
|||
|
|
|||
|
Now, before we continue forward with the add-ons. Let’s do a bit of tweaking to the look of the browser. You should see icons on the upper right-hand corner. Right-click on the icons and select “Customize,” which should open up a new tab/window that’ll allow you to move the icons as you wish.
|
|||
|
|
|||
|
Remove all the icons present, except the down arrow/download icon. From there, close the window and right-click on the bar, again, and select the three bars/toolbars shown. You can also ignore the “Menu Bar” option if you wish to just use the orange drop-down menu.
|
|||
|
|
|||
|
In the URL bar, type in About:config.
|
|||
|
|
|||
|
You should see something similar like the below cap. Uncheck the “Show this warning next time”. And then, from there, click the “I’ll be careful, I promise!” button.
|
|||
|
|
|||
|
In the search bar within the about:config window, ***enter this:*** browser.newtabpage.directory.source
|
|||
|
|
|||
|
You should see a string with the name you searched, double-click it and delete the string of text.
|
|||
|
|
|||
|
Once done, exit out of that tab and open a new tab. Click the cog wheel icon in the right-hand corner and select “Show blank page”. You should now be rid of those pesky tiles and most of the ADs that Firefox forces down your throat.
|
|||
|
|
|||
|
You can now add the rest of the add-ons, which you can find listed below.
|
|||
|
|
|||
|
Add-ons:
|
|||
|
• Better Privacy - https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/
|
|||
|
• BluHell Firewall - https://addons.mozilla.org/en-US/firefox/addon/bluhell-firewall/
|
|||
|
• Configuration Mania - https://addons.mozilla.org/en-US/firefox/addon/configuration-mania-4420/
|
|||
|
• Decentraleyes - https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/
|
|||
|
• Disconnect - https://addons.mozilla.org/en-US/firefox/addon/disconnect/
|
|||
|
• HTTPS Everywhere - https://www.eff.org/Https-everywhere
|
|||
|
• PureURL - https://addons.mozilla.org/en-US/firefox/addon/pure-url/
|
|||
|
• Quick Java - https://addons.mozilla.org/en-US/firefox/addon/quickjava/
|
|||
|
• Self-Destructing Cookies - https://addons.mozilla.org/en-US/firefox/addon/self-destructing-cookies/
|
|||
|
• Smart Refer - https://addons.mozilla.org/en-US/firefox/addon/smart-referer/
|
|||
|
• Track Me Not - https://addons.mozilla.org/en-US/firefox/addon/trackmenot/
|
|||
|
|
|||
|
Now restart the browser.
|
|||
|
|
|||
|
You should get a pop-up from HTTPS Everywhere, hit “No” and then right-click anywhere and select “Customize”.
|
|||
|
|
|||
|
You’ll want everything arrange to your own taste, note that there exists an icon with two cog wheels. This belongs to “Configuration mania” and should be added for ease of use and access.
|
|||
|
|
|||
|
Now, click the orange menu button and click the add-on menu.
|
|||
|
|
|||
|
We’ll be working our way down the list, alphabetically, and modifying a handful of settings for some of the add-ons before we end this chapter.
|
|||
|
|
|||
|
Starting with “Better Privacy,” go ahead and hit “Options”. You’ll want to select the “Options & Help” tab and adjust your settings to look similar to the ones listed below:
|
|||
|
• Delete flash cookies on exit - checked
|
|||
|
• Add LSO item to Firefox ‘Clear History’ dialog – unchecked
|
|||
|
• Always ask - unchecked
|
|||
|
• Delete flash cookies on application start - checked
|
|||
|
• Delete cookies by timer – checked
|
|||
|
• Not if modified within time interval – checked
|
|||
|
• Time interval 1 second
|
|||
|
• LSO delete shortcut – blanked
|
|||
|
• Also delete flashplayer default cookie – checked
|
|||
|
• On cookie deletion also delete empty cookie folders – checked
|
|||
|
• Notify if new LSO is stored – unchecked
|
|||
|
• Auto protect LSO sub-folders – checked
|
|||
|
• Disable ping tracking
|
|||
|
• Prevent Firefox ‘Clear recent history function’ – checked
|
|||
|
• Portable mode – unchecked
|
|||
|
|
|||
|
Everything else can be ignored and you can go directly to “Configuration Mania” and select “Options”.
|
|||
|
Browser tab > Tab Browsing > Everything checked but the below:
|
|||
|
• Enable about:newtab – unchecked
|
|||
|
• Close the window when closing its last tab – unchecked
|
|||
|
• Open the results in a new tab when searching from search bar –unchecked
|
|||
|
• On CTRL + TAB – unchecked
|
|||
|
• On taskbar (windows 7) – unchecked
|
|||
|
|
|||
|
Now head over to the “Bookmark icons (favicons)” tab.
|
|||
|
Browser tab > Bookmark icons > Uncheck the two settings there.
|
|||
|
|
|||
|
Finally go to the “Web API” tab in browser tab and deselect/uncheck everything there.
|
|||
|
|
|||
|
From there, find the “Security” tab that should be right under the “Browser” tab and select the “Javascript” tab, everything there should be checked and all the other tabs left alone.
|
|||
|
|
|||
|
Now, before we select “Smart Refer” please go to about:Config by entering “About:config” into the URL bar. From there, search for: network.http.sendRefererHeader
|
|||
|
|
|||
|
You’ll want to either set it to 0 to not send a ref or to 1 to keep things somewhat clean and compatible. 2, however, is default and will always send a ref. So, ‘0’ if you don’t want to send a ref or ‘1’ to prevent most cross-site tracking and keep compatibility when visiting websites.
|
|||
|
|
|||
|
Now go to “Smart Refer” and select “Options”.
|
|||
|
|
|||
|
***Set the drop down to: *** Send nothing as a referrer, looking like a direct hit.
|
|||
|
|
|||
|
Once done, go and mosey on over to “Track Me Not” and hit “Options”.
|
|||
|
|
|||
|
Set your settings as such:
|
|||
|
• Enabled – checked
|
|||
|
• Use tab search – unchecked
|
|||
|
• Enable query burst – checked
|
|||
|
• All search engines checked
|
|||
|
• Query frequency: 10 per min
|
|||
|
• Disabled – checked
|
|||
|
• Persistent – unchecked
|
|||
|
• Use list – checked
|
|||
|
• Generate queries – unchecked
|
|||
|
|
|||
|
Once you’re in TMN’s options, you’ll want to use recommend RSS feeds for the add-on (hit validate once done): http://www.nytimes.com/services/xml/rss/nyt/HomePage.xml|http://rss.cnn.com/rss/cnn_topstories.rss|http://rss.msnbc.msn.com/id/3032091/device/rss/rss.xml|http://www.theregister.co.uk/headlines.rss|www.reddit.com/r/science/.rs|http://www.reddit.com/r/aww/.rss|http://www.reddit.com/r/kawaii.rss|http://www.reddit.com/r/kittens.rss|http://www.reddit.com/r/pcmasterrace.rss|http://www.reddit.com/r/steam.rss
|
|||
|
|
|||
|
We also recommend these words for your black list: bomb,porn,pornographie, porn, pornography, rape, rapists, rape culture, bombs, pipebomb, ied, bdms, bdsm, raping, raped, murder, murdering, lolicon, loli, cp, child porn, pthc, jbhc, shota, shotacon, ISIS, ISIL
|
|||
|
|
|||
|
Once done with the add-ons, head on over to about:Config once more. You’ll want to implement these three settings to ensure you limited some of the tracking methods employed by websites and online trackers commonly found on Tumblr and other social media platforms.
|
|||
|
|
|||
|
===Settings to change:===
|
|||
|
• browser.display.use_document_fonts = 0
|
|||
|
• dom.storage.enabled = false
|
|||
|
• browser.sessionhistory.max_entries = 2
|
|||
|
|
|||
|
Once done, you can add whatever add-ons you want, ***however remember this simple rule: *** If you don’t need or use it, don’t install it or enable it.
|
|||
|
|
|||
|
That’s why we had you install Quick-Java.
|
|||
|
|
|||
|
Quick Java’s little bar, which is added to Firefox upon installation, allows you to disable and enable certain plug-ins on the fly. This is a wondrous little time saver and is a good thing to have at hand when you wish to browse the internet.
|
|||
|
|
|||
|
When browsing, without having to login or watch something, your settings with quick-java should look something like this:
|
|||
|
Everything red/disabled but I (Images); A (Animations); CS (Style)
|
|||
|
|
|||
|
When you do need to log into an account or want to watch YouTube or something similar, you’ll need it to look like this:
|
|||
|
Everything red/disabled but JS (Javascript); C (Cookies); I (Images); CS (Style)
|
|||
|
|
|||
|
Give or take the fact that you may need to enable flash (The “F” button). However, YouTube, and some other sites, are offering the use of HTML5 and Flash. So, if you don’t need to enable flash, don’t do so. Flash can leak a lot of data in the end. It also helps to outright not have anything enabled (sans the last three buttons) when you’re just doing research or looking up something.
|
|||
|
|
|||
|
Only enable cookies and JavaScript (the “JS” and “C” buttons) when you actively need to log into an account or a website.
|
|||
|
|
|||
|
This will help lessen the data diarrhea your browser has and help you retain some privacy without breaking your browser, yet many more configurations and add-ons are needed to even achieve some form of security or privacy.
|
|||
|
|
|||
|
***And, just as an FYI: *** This shouldn’t break your browser, at all, or your use of any websites. If something doesn’t work properly, try disabling BluHell Firewall by clicking the blue-devil icon on your browser. If that doesn’t work, try disabling Clean links, which has an icon of a broom wrapped in a chain-link. Outside of those two add-ons, you don’t need to disable anything as nothing should break or prevent you from logging into any websites.
|
|||
|
|
|||
|
Ultimately though, this configuration, and the add-ons suggested, only helps lessen the effectiveness of the trackers and counters offered to civilians and the public at large. Some Ads will be blocked, along with a metaphorical ton of malicious content, however you’ll need to look into using Peerblock and Hostman if you want to lessen it even more so than what you can with this browser setup.
|
|||
|
|
|||
|
We offer two guides that discuss the use of Peerblock and Hostman, among other things. However, save those for a later date as they’re a bit more advanced than what this guide has to offer. We’ll also be hosting what we call the “Blue Primer,” which is an archive of the most basic of information for those who wish to lessen their data footprint, prevent tracking and lessen their chances of being doxed.
|
|||
|
If you haven’t gotten this guide from the blue primer, please look into downloading it and reading the other guides within it.
|
|||
|
|
|||
|
As for this chapter of this guide… you’re done!
|
|||
|
Move on to the next chapter, reader.
|
|||
|
|
|||
|
***P.S:*** Avoid using password storage, password sorters and similar features or add-ons. Write down your password, if you must, and hide it where no-one will find it but you.
|
|||
|
|
|||
|
++++++++++++++++++++++++++++++++++++++
|
|||
|
|
|||
|
===E-mail===
|
|||
|
Electronic mail (https://en.wikipedia.org/wiki/Email), shortened to E-mail, is one of many means to exchange digital messages between computers and their users. However, since seeing frequent use in the 60s to now, e-mail has become used more as a means of identification than communication when needing to sign up for an account or do some sort of business based task, or being a responsible adult and working on your taxes or banking.
|
|||
|
|
|||
|
Now, e-mail is just one of the many methods sites use to prevent bots, scammers and spammers from joining their communities. When you need to sign up for an account, you usually need to provide an e-mail from a provider that they’ve yet to blacklist (***Example:*** most common temporary e-mail services have been blocked by FaceBook).
|
|||
|
|
|||
|
The average internet user will usually use of the main three: Google; Hotmail/Live/Outlook; Yahoo.
|
|||
|
• https://www.gmail.com/
|
|||
|
• https://login.live.com/
|
|||
|
• https://login.yahoo.com/
|
|||
|
|
|||
|
Sometimes Yandex (https://mail.yandex.com/), among similar non-US based e-mail providers will be used, however the main three tend to rule. The issue with the main three (Shortened from now on to MT) is that they require a lot of data and “verifications” to ensure that it’s you who’re signing up or at least not someone with malicious intent.
|
|||
|
|
|||
|
This wouldn’t be such a large issue if it wasn’t for the fact that the MT are notorious data collectors who work in unison with the government, among other groups, to not only data-mine and spy, but also possibly put down dissenters. If any of this comes to light as being true and not just some gossiping theories put forth by many privacy groups, then that just shows how much of your information is at stake.
|
|||
|
|
|||
|
However, with the MT track records, it shouldn’t be that big of a stretch to see how or why they’d work with the government. But what does this mean for you, someone who needs an e-mail address and doesn’t want to risk their information or someone knowing they’re a part of “Sexy Jewish Singles” with the kink of “Eating pork on the Sabbath”?
|
|||
|
|
|||
|
Well, the first step you should take, outside of doing the bare minimum to secure your browser, would be to look into using alternative e-mail providers when signing up for an account. There are numerous providers, however not all will exist or become permanent fixtures in the years to come, which means you have to pay attention to news and keep an eye on the services to use.
|
|||
|
|
|||
|
As of now, Privacy Tools has a wonderful list of e-mail providers (https://www.privacytools.io/#email) you can use, and since most of us are frugal-minded to the point of being cheap, these four should hopefully sedate your lust for a free, secure e-mail provider.
|
|||
|
|
|||
|
E-mail providers:
|
|||
|
• Mail Fence - https://www.mailfence.com/
|
|||
|
• Open Mail Box - https://www.openmailbox.org/
|
|||
|
• Proton Mail - https://protonmail.com/
|
|||
|
• Tutanota - https://tutanota.com/
|
|||
|
|
|||
|
The four e-mail providers are free, yes, and support a variety of features aimed at protecting your privacy, however they aren’t like your usual e-mail provider. They often don’t ask for a secondary e-mail or a security question, nor do they offer any means to do so in case of someone taking over.
|
|||
|
|
|||
|
Another issue, for many, is the fact that you can’t sync or linking accounts together—this is a good thing, though. Syncing, storing or linking accounts is something you shouldn’t do, at all. Your accounts should always be separated, never touching and kept as far apart from each other as possible.
|
|||
|
|
|||
|
Now, personally, we recommend you use a mix of these e-mails each time you create an account or sign up for some service or another that isn’t tied to you offline(***Example:*** like banking, bills, school or work). You see, as much as we dislike the MT, you should honestly have one account on each specifically for stuff that’s offline. The reason for this is simple: You’ll generate enough of a trail to not be suspicious.
|
|||
|
|
|||
|
For instance, Google, as much as it’s a heavily invasive mega-corp, does have a pretty decent setup for their GMAIL service. You should create an account there and have it used specifically for your banking, bills and similar items.
|
|||
|
|
|||
|
Hotmail/Outlook/Live mail is way below GMAIL, however you should use this specifically for school and similar items to keep people away from your financial records, yet close enough to a normal provider that no one will question you if you simply state that they can send it to you over e-mail instead on some social media site.
|
|||
|
|
|||
|
Yahoo, as much as it’s a disastrous service and corporation, won’t look out of place for business related subjects or questions. It’s simply a matter of coming up with a professional sounding username for the MT accounts and keeping them separated from each other. Never using the same MT account for different applications or accounts, and never letting them touch each other.
|
|||
|
|
|||
|
With that out of the way, however, you should try to keep each account, regardless of the provider, isolated from each other—never using the same user, password, secondary e-mail, or information, ever. The only time you should ever use your legitimate information is for the MT accounts, which should only be used for work, school or financial items.
|
|||
|
|
|||
|
***Remember:*** Never save your passwords on your computer and never use a password manager. Write down your password and the piece of paper with it somewhere safe and away from people trying to find it. Use a lockbox if you must, but never save this info on your computer. Also look into writing down each account’s information down and hiding that paper, too, so you never forgot it.
|
|||
|
|
|||
|
***Remember 2:*** Use one of the free e-mail services to create a mess free secondary e-mail to use with the MT e-mails.
|
|||
|
|
|||
|
++++++++++++++++++++++++++++++++++++++
|
|||
|
|
|||
|
===Passwords===
|
|||
|
Your password (https://en.wikipedia.org/wiki/Password) is the key to your account, without it you can’t login without going through an entire process of laziness meant to make it easier on the geeks who run the website you’re a part of or at least the “Help desk”.
|
|||
|
|
|||
|
You see, that’s all a lost password request is: Laziness.
|
|||
|
|
|||
|
It doesn’t mean you’re lazy, though, it just means you’re forgetful like everyone else. However, the people who run the site don’t want to deal with properly verifying your claim to your account, so they created these claims of simplicity where you submit a request to retrieve or change your password.
|
|||
|
|
|||
|
That is where laziness comes in.
|
|||
|
|
|||
|
Anyone who spent time researching you and applied a liberal dose of social engineering will be able to guess certain security questions and your e-mail addresses to the point of being able hijack your account(s). This is why it pays to keep e-mails separated, not to use the same username twice, and to have a strong password.
|
|||
|
|
|||
|
Your password should be eight (8) to 15 (15) characters long and consist of randomly select characters that range from upper case letters (ABC) to lowercase letters (abc) to numbers (123), punctuation (.,;?!) and special characters ($%#).
|
|||
|
|
|||
|
Your password will not only be hard to remember, but also hard to guess. This is why you should write it down on a piece of information and hide it in a lockbox or locked drawer where no one will get at it, ever.
|
|||
|
|
|||
|
You should also avoid password managers, syncing your information, using “Master passwords,” reusing your password, or saving it on your computer or phone. Think of your password as a unique key and each account a unique door—you need a specific key for a specific door, ergo never use the same password twice.
|
|||
|
|
|||
|
Always randomize your passwords, their length and the characters used to the point of each one never being overly similar.
|
|||
|
|
|||
|
++++++++++++++++++++++++++++++++++++++
|
|||
|
|
|||
|
===Accounts===
|
|||
|
An account is like a membership you apply for when you join a community or a website. And like a membership, the difficulty to obtain an account ranges from something as easy as a username + password or to the near-impossible where you need to provide an arm length’s of information and an invite code.
|
|||
|
|
|||
|
Regardless of what you’re signing up for, however, you need to learn to compartmentalize each account and profile into its own isolated object. You don’t need to interlink your information, account or anything like that. You don’t even need to sync it up to your e-mails or our phone.
|
|||
|
|
|||
|
You don’t need 40+ accounts across the internet.
|
|||
|
|
|||
|
You need what you need, and at that, you only need it if there’s a reason for it.
|
|||
|
|
|||
|
So, in theory, what accounts do you truly need?
|
|||
|
|
|||
|
===Steam or Origin?===
|
|||
|
|
|||
|
You don’t need them, however gaming is a decent way to unwind and do something mindlessly to try and clear your head of troublesome thoughts. Honestly, though, do you really need any of those accounts?
|
|||
|
|
|||
|
Well, yes, if you don’t believe in piracy or simply wish to support the developers you prefer. But you don’t need it to live or survive. There are plenty of non-DRM options that range from freeware to physical media options that don’t need an internet connection in order to play it.
|
|||
|
|
|||
|
===YouTube?===
|
|||
|
|
|||
|
You don’t need to one to watch videos or enjoy them. You only need an account if you, yourself, plan to comment, rate or upload videos. Do you really need to do that? There hundreds of ways to express yourself that don’t require you sitting in a chair, staring at your computer, and reviewing bottles of Fuji water from when it first was released.
|
|||
|
|
|||
|
You’ll need accounts or simply want to make an account, for whatever reason, and participate in the community or reap the benefits of releasing your information for that slim chance of being “Internet famous”.
|
|||
|
|
|||
|
No matter the reason, though, you need to treat your account and its associated profile as a contained fire during a camping trip. You want to give only as much information as is required, not what they offer you to give up.
|
|||
|
|
|||
|
For instance: Your username shouldn’t be your real name or a nick name that you’ve been called before. It should be completely unique and unrelated to anything else you’ve made, claimed, were called or even thought about using. It should also be different from the e-mail address that you’re using for the account.
|
|||
|
Ultimately, outside of paid accounts or billing information, not a single thing on your profile should lead back to you or be associated with you or anything related to you. You shouldn’t use the same password, e-mail address, username or anything that you’ve used on another account. And, at that, no account should be linked, synced or associated with each other in any way possible.
|
|||
|
|
|||
|
These accounts and profiles, depending on their settings, should be made as private as possible and be as minimalistic as possible. You could, in theory, supply false information in your bio or “about me” to create a false digital trail just in case, however leaving no information is better than leaving some.
|
|||
|
|
|||
|
And, truthfully, you should avoid having more than ten (10) accounts at any given time. When an account is no longer useful, you should just follow the Paranoid’s Bible PDF and how to properly dispose of an account and the information associated with it.
|
|||
|
|
|||
|
Never leaving a trace behind and letting the account and its information pass peacefully away before deletion.
|
|||
|
|
|||
|
++++++++++++++++++++++++++++++++++++++
|
|||
|
|
|||
|
===Afterword====
|
|||
|
This is nothing more than the barest basics needed to keep some sort of privacy when using the internet and trying to avoid being doxed during some kind of discourse. This won’t make you 100% anonymous, nor will it make you undetectable when it comes to the government, yet it’s better than nothing.
|