Internet and Crypto Security
We are moving into the age of the Internet of Value (Web 3.0)
To travel these waters unprotected is a madness.
Let alone the bad actors, the fact of the matter is that Big Tech has the ability to track your every move. From the stuff they warn you about in those T’s and C’s we never read, to the less known methods like pixel tracking.
It goes without saying, all habits and activity is recorded and used to profile you. The principle is; “why should I freely offer this info to them when they monetize it and make money off me” by turning me into a digital information asset to observe buying behavior??
Quite frankly that’s offensive to me. (let alone all the other issues that are of concern)
Here is a list of certain actions you can take to move away from simply being a soft target and a ‘data asset’ on the web.
DONT USE POPULAR SOCIAL MEDIA FOR PERSONAL STUFF, like Whatsapp, Facebook or YouTube, except as information channels only. Maintain a ‘greyman’ status only.
If you must, use Signal, Gab or Odysee instead.
Then some precautions:
1. Never reuse passwords, use a random password generator
2. Install a VPN, preferably a decentralized one, Mullvad or Mysterium.
3. Use the VPN, especially on public WiFi
4. Use Brave, DuckDuckGo, Firefox or Onion browser
5. Use a password manager like 1Password, prefer Bitwarden
6. Use 2-factor authentication for everything. Google, prefer Authy, consider using hardware-based 2FA like Yubico or Thetis
7. Use a privacy search engine like SearX, and set it as default.
8. Use a secure mail service like Protonmail or Skiff
9. Make sure to turn on Firewalls or download LuLu https://objective-see.com/products/lulu.html
10. Harden your browser by installing the correct extentions: Privacy Badger, HTTPS everywhere and uBlock. Uninstall all unneccesary Chrome extensions as they can be dangerous
11. If you must use a Chrome extension, then setup crypto wallets on separate browser profiles
12. Clear google activity https://myactivity.google.com/myactivity
13. Turn off Ad tracking. Navigate to Google’s Ad Settings page. Toggle “Ad personalization” to off. Then click the “Control ad personalization on other websites & apps that use Google ad services” link to opt out of ads by Google partners on non-Google websites.
14. Secure your mobile phone, telco accounts and router. Don’t use USSD codes, clear them: ##61#, ##62#, ##67#, #662#
15. Consider using a disposable number if required for log-in on the web. Available on quackr.io
16. Be aware that antiviruses secure your computer, but dont provide ANY privacy. Programs share data all the time. DO ensure you have at least a Firewall.
17. Ignore all giveaway tweets and DMs
18. Never download or open files from strangers
19. Don’t scan random QR codes
20. Be careful with cold emails/messages
21. Don’t click on ads — especially Google Search ads
22. Consider obfuscating your MAC address, using a program like Technitium for Windows or Terminal openssl rand -hex 6 | sed 's/\(..\)/\1:/g; s/.$//' | xargs sudo ifconfig en0 ether for Mac.
23. Use a crypto hardware wallet like Bitbox Trezor or Ledger. Consider a multi sig wallet like Safe Wallet.
Use a metal storage seed backup tool like Cryptosteel or Cobo to protect your crypto seed phrase from being destroyed by fire, acid etc
24. Consider using privacy coins such as Monero and Pirate Coin
25. Use decentralized exchanges, or non KYC exchanges like Bisq, TradeOgre, ZigZag and IncognitoDEX.
Mixers can also be used, see https://beincrypto.com/learn/best-bitcoin-mixers/
26. Learn to check tokens and projects on Etherscan, DexTools, honeypot.io and tokensniffer.com/
27. Limit smart contract approvals. Use Etherscan to revoke contracts with unlimited token approval.
28. Don’t doxx yourself — use an exchange wallet to send funds to others
29. Scrub your MetaData. All documents, files, pictures, video’s etc have metadata attached that reveal a lot, including location and user ID. Some apps are good like Signal. Sidestep issues by using screenshots and text files. Also consider using a tool like MAT (metadata anonymization toolkit) or EXIFTOOL. Remember direct photo uploads contain metadata, upload screenshots instead
30. BE VIGILANT
………..if you want to read more:
Phone spyware: https://youtu.be/zy8EZOU2UkA
Setting up Onion over VPN:
The onion over VPN setup offers several benefits:
1. Open your VPN app and connect to it.
2. After the VPN connection is established, open Tor Browser
Thats it!!
- Your ISP can see that you’re using a VPN, but not that you’re using Tor
- The Tor entry node cannot see your real IP address, only that of the VPN server
- Your VPN cannot see what sites you visit or the contents of your connection
• You can access both dark web .onion sites
• You can anonymously surf the clear web
• You get the flexibility to use a VPN by itself with a normal browser for non-critical tasks
A NOTE ON DECENTRALIZED VPN’s
I prefer DVPN’s as there is less trust involved; no central office, no honey pot for hackers and no location to be subpoenaed. A service anonymously distributed across the web is much more secure.
Lastly, go deeper, very deep, here:
https://prism-break.org/en/categories/ios/
Be safe. Trust no one. Verify everything.
