Your Guide to Keeping Your Data Private – Part 1

June 17, 2013 at 12:09 pm

Today we’re kicking off a two part series on securing your digital life.  In this first part we’ll touch on passwords, PC security, and smartphone security.  Consider this the warm up for part two in which we’ll hit the nitty-gritty of securing your information online and in the cloud – where it is most vulnerable to NSA snooping.

First off, this guide is not comprehensive.  In it, I will assume that you have some knowledge of the Internet, computers and smartphones.  Also, I will not be held liable for how you use this information. Following these tips does not guarantee that your online presence will be untraceable or completely secure.  As with many things, your results may vary.

Second, security is a trade-off.  Generally, the more security layers you enable (and you do want layers) the less user friendly and convenient your environment will become.  That’s just the way it is.  You will have to find the balance between the two on your own.  If you are the only person using your network and you don’t mind the extra time and effort, by all means, build yourself a virtual vault inside a virtual bunker surrounded by a virtual wall and virtual moat guarded by virtual bit-breathing dragons.  However, if you have other users, family members, and friends who use your network frequently, expect to hear about it every time they get delayed by your security measures.

Third, the very best protection is abstinence. These tips will help, but nothing is impenetrable.  It is just a matter of skill, time and computing power until any system is compromised.  If you are exceptionally concerned with your Facebook information being compromise for example, delete your Facebook.  The only 100% effective way to secure your digital presence is to not have one.

Passwords

I will start off with this because passwords are the most common form of security measure and the most neglected.  The ability of a password to protect your data revolves around how good the password is.  So here are some guidelines.

  • Do not use a dictionary word in your password.
  • Do not use “password” “123456” “123abc” “iloveyou” or any other easily guessed password.  Don’t use your street address.  Use common sense.  Don’t use something that can be easily deduced.
  • Do not use the same password for all of your online accounts – if one becomes compromised, all of them are.  Use a different password each time.
  • Use a password manager on your PC.  I like LastPass.
  • DO use a password that is at the very least, 8 characters long.
  • DO use a mix of numbers, uppercase and lowercase letters, and symbols whenever possible.
  • The longer the password, the better.
  • Example of a good password: 6@DfsCkfGZg8%xCxV7

Yes, complicated passwords are hard to remember.  However, there are techniques to make it easier.  Start off by selecting a favorite quote or saying (not one that everyone knows you love).  Now take the first letter of each word, substitute numbers where possible (to = 2, for = 4, etc…) and add a leading or following symbol.  You now have a password that looks pretty random, but that you should be able to remember.

To test out your password strength check out this site: https://howsecureismypassword.net/ – it will show how long a modern desktop computer would take to crack your password.

PC and Network Security

I’ll begin with PC security, since this is how most people access the Internet.  Some of these suggestions are very basic, and you should be doing them whether or not you are worried about government snooping.  These tips are directed primarily at users of the Windows operating system, though while methods may differ, the concepts can also be applied to Apple and Linux systems.

Beginner (Do this stuff simply because you have a computer):

  • Install an anti-virus program and keep it updated.  I like Avast! – it’s free and does a good job.
  • Install Windows Updates regularly – Yes, I know it’s annoying to shut everything down and restart, but do it anyway. Many of the patches are to fix security flaws.
  • Keep your programs up to date – particularly Adobe Acrobat, Flash, and Java which are all popular targets for hackers.
  • Password protect your Windows login – don’t use your actual password as your password hint, and don’t keep it on a sticky note under your keyboard.
  • Make sure your WiFi is encrypted!  Use WPA2 with a strong password.  Do not use WEP unless you have no other choice – while better than nothing, WEP is very weak.

Advanced:

  • Encryption – Use full drive encryption to protect you data.  A Windows password will keep most people from getting in, but that won’t help if your hard drive is plugged into another computer as the data can be accessed without booting the OS.  There are a number of ways to do this.  Some versions of Windows include Bitlocker, this is a utility for hard drive encryption.  An alternative is to use a third party program like TrueCrypt, which is capable of encrypting full drives, boot sectors, and folders.  TrueCrypt when used with a strong passphrase has successfully foiled FBI cracking attempts.  TrueCrypt also allows users to create hidden encrypted areas of the hard drive.  If would-be snoops can’t find the encrypted section of the disk, they can’t attempt to crack it or compel the user to produce the password.
  • Run your own firewall and/or intrusion detection system – more on this in part 2.

Also, remember that digital security is great, but physical security is important too.  It is easier to exploit a system with direct access than it is to exploit it remotely.

Smartphone Security

Many people these days use smartphones and/or tablets – primarily Android devices and Apple iPhone/iPad.  These devices need to be secured as well.  My personal experience is with Android.  I have a Samsung Galaxy Nexus and a Nexus 7 tablet.  So as before, my tips are based on Android experience, but the same concepts will apply to Apple, Windows or Blackberry devices.

The Basics:

  • Use an anti-virus app.  I use Avast for Android.  Another good option is Lookout Security, with also includes a nice “find my device” feature.
  • Password protect your lockscreen.  Pin, password, pattern lock… just use something.  Be aware, Android offers a “face unlock” where the forward facing camera will unlock when it recognizes your face – this can be fooled with a photograph.  In a newer version it required you to wink in an effort to eliminate that workaround.
  • Uninstall apps you don’t use.
  • Do not connect to public wifi (you shouldn’t do this on your laptop either) unless you use a VPN – more on this in part 2.

Advanced:

  • Again, encryption.  Android offers a built in option to encrypt your device.  Do it.  This will help secure the data on your phone.
  • Don’t use SMS (text messaging).  I put this under Advanced because this will be a deal-breaker for many users.  SMS is unsecured and easy to intercept or snoop on.  The best option is to use a similar service that encrypts transmissions.  Android has an app called TextSecure that claims to do just that.  If you must use SMS, use it only for trivial things.  Never send important or sensitive information over SMS.
  • Use an app that encrypts your calls.  Android was one called RedPhone.  The catch, of course, is that you and the person you call both need to have RedPhone in order to use encryption.
  • If you have a phone with an unlocked bootloader, or one which is ‘rooted’, lock the bootloader and unroot.  Yes, it will cut back on your fun if you are into installing custom ROMs on your phone, but it will tighten up your phone’s security.

Most of these are just measures you should take regardless of anything else.  Admittedly, these measures will do little to protect your online presence – we’ll get into that in part 2.  The point that must be recognized with NSA snooping is that for the most part, it’s not happening on your local computer or smartphone.  It’s being done at the Internet Service Provider level, or the phone company level.  Neither of those are environments you can exercise control over.  The common theme in part two will be encryption in one form or another.  The premise behind that being, if you must send your traffic into a foreign network encrypting the data will make it harder for anyone to read the information you send.

Please share any comments, tips, or questions in the comments!  If you enjoyed this or any of the other articles on this site, please share it with your friends.


Unless otherwise expressly stated, this work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Based on a work at http://www.considerliberty.com.
Creative Commons Attribution-ShareAlike 4.0 International License.
Creative Commons License