Winstep

Software Technologies


 Winstep Forums


Print view
Board index : Winstep Forums : Articles  [ 1 post ]
Author Message
 Post subject: Online Security & Privacy (Windows) 101
PostPosted: Tue Nov 22, 2022 2:41 am 
Offline
Global Moderator
Global Moderator

Joined: Sat Apr 07, 2018 7:19 pm
Posts: 1723
Location: Here, there, and everywhere
Online Security & Privacy (Windows) 101


So you think you have nothing to hide and you are not scared for your security and privacy online? Really? Well, if you are a typical Windows (or for that matter, Mac) user, you really ought to be scared witless!

Consider this to begin with. Privacy is a fundamental human and civil right. Your data - any data you have stored on your PC and data generated by your PC's operating system and applications as well as by your browsing the web and other online activity - are yours and yours alone. Give any entity - the OS provider, any programmes, or any website - access to your data and in effect you allow your right to privacy to be violated and thus you effectively surrender your right to privacy. It is not about having or not having anything to hide, it is about your fundamental rights being taken away from you unless you defend yourself as vigorously as possible!

The very first thing you need to consider and check very carefully is whether your operating system itself is configured as thoroughly as possible to make it as secure as possible. As a preamble to this, check that you have an Administrator account for emergencies and an ordinary User account that you should be using in day to day operation, and that both accounts are protected by secure passwords. A secure password should be between at least 24 and preferably 128 characters long and consist of a random mix of upper and lower case letters, numbers, and symbols and should not contain any recognisable words. You should keep a written note of these passwords in a safe location for easy reference as you may well be unlikely to memorise a secure password. If you share your device with others, e.g. family members, create a separate ordinary User Account for each of them. Ideally, you should also set UEFI/BIOS and Boot etc. passwords, again secure ones, in case your equipment should ever get stolen or otherwise interfered with. You should also entirely disable that Mega-Spy Cortana (or indeed its equivalent in macOS) and, unless you really, really need it at all times, disable any microphone/s and web cams in UEFI/BIOS and only enable when needed.

Having achieved the above preamble, it is now time to check your OS configuration. For this, you should really be completely offline.

You should check and if necessary configure every last setting in the Administrative Tools section, specifically in Local Security Policy and Windows Defender with Advanced Security. If you find this is beyond your capabilities, check Help or ask a knowledgable friend for help.

You should also consider encrypting all your disk drives. However, do stay well clear off BitDefender. The safest, and most secure, encryption utility around at present is a free and open source one called Veracrypt. If you are not familiar with encryption, read its manual/help file first, and again, seek help, for which you could also use online forums. Again, encrypting your drives - with the strongest encryption possible - should be done with your PC offline.

Make no mistake, it starts with your OS constantly gathering all kinds of data from you and sending them back to Microsoft (or indeed Apple), such as your location, when you go online and how long you stay online, how active you are, your connections online, and a whole lot more. That is invading your privacy! It is comparable to someone spying on you, putting hidden cameras and microphones into your home and keeping track of everything you do and say in your home and when you do it or say it. How would you like that?

But that is only the beginning. Whenever you register or 'activate' a piece of software, the software's originator can and often does get a whole lot of data about your system and you. Many applications regularly gather data and send them back. And then there are things like email and websites. A veritable data mining trap!

And 'Big Tech' is making billions from your data! Even many websites make money from your data, including most 'free' email providers. (Remember, there is no such thing as a free lunch!)

And do not forget security. There are a myriad of dangers or potential dangers lurking out there. A hacker might hijack your PC to use as a spam bot or for other nefarious purposes. Malware and spyware could get onto your system. All your data could get stolen and/or destroyed, or encrypted for ransom. (The latter is a bit unlikely, but not impossible.)

However, the issue of your online security and privacy does not end there by any means - so far, this has been merely the beginning of this saga!

The wider problem with regard to online privacy is that its commonplace erosion and violation, in effect, enable total surveillance of the individual and/or household, not only by the 'Big Tech' corporations but equally sinisterly by the state. Think about this very carefully. This means the total loss of privacy, freedom of speech and expression, and ultimately, freedom, civil liberties, and democracy themselves and results in a totalitarian state. You only have to take a close look at China to see how far this scenario is already in effect there. In many Western countries - including much of the UK - CCTV cameras are spying on people almost as extensively as in China, with facial recognition not far off. Got a credit and/or debit card? Every time you use one, you leave a trail about where, from whom you bought what and when, and so on. And payment methods such as PayPal, GooglePay, and ApplePay are no better if, indeed, not worse. (Crypto currencies can provide some sort of anonymity but are still financially insecure in that their value can fluctuate wildly from one moment to the next. ) Do you use any kind of Loyalty Card? Same principle as credit and debit cards, the only difference being that the store or stores get your information in totally personally identifiable form at a glance. Granted, these latter can save you a penny or two or even a quid or two, but that in effect represents thirty pieces of silver - you are betraying and selling out your own privacy cheaply.

Got a 'Smart Speaker' and/or 'Smart TV' and similar gadgets, a 'Smart Home'/IoT - Internet of things - and the like? The first two will listen to every word that is spoken within 'earshot' of the device and send it all back to the provider of the service. A perfect spy on your privacy in your own home!

'Big Brother' could only have dreamed of such mechanisms! And yet, most people don't give these things a second - or even first! - thought. How sad is that!?

If you are not thoroughly horrified, nay, completely scared out of your wits by now, then in all probability no one can even hope to help you.

However, if you are concerned at all, then ensuring that your online life under Windows (and Mac, as well as of course your 'smartphone' - more on the latter in a separate article to come) is as safe and above all as private as it possibly can be will be a good step in the right direction for you personally as well as help to save all our freedoms, civil liberties, and even democracy itself. All of these are under threat as never before.

Consequently, the remainder of this article will attempt to help you achieve the aim of making your online life under Windows - and, in principle, macOS - as private and safe as possible. Ideally, of course, you could decide to dump Windows - or macOS - and run one - up to date - form or another of Linux, which is free and open source and above all in itself infinitely more private and secure. However, we shall not explore this avenue here, it is well beyond the remit of this article and besides, we shall assume that for one reason or another you need or want to continue using your current operating system.

Your next step should be installing and setting up a Virtual Private Network, or VPN. While there are a great many of these available now, for maximum security and privacy - even virtual anonymity online - there is only one to consider. This is Proton VPN, and even the free version is far superior to and faster than any of the others. For the ultimate in privacy, security, and speed you may however want to consider the paid version. Proton is a fully integrated privacy ecosystem, and both the free and paid version also include secure, end to end encrypted email (Proton Mail), Proton Calendar, and Proton Drive (a Cloud Drive), both also fully encrypted. For more information on all of these please consult the Proton website - https://proton.me . I really cannot recommend Proton highly enough and indeed am a user myself of course, using 2-year subscriptions to Proton Infinity. The paid versions are very reasonably and competitively priced also, incidentally.

If it is maximum privacy and security you want, the Proton Ecosystem suite is what you need. With the paid Proton Infinity, you could even set up a combined VPN/TOR network connection for complete TOR anonymity! This would route all your internet connections via the Proton VPN and then the TOR network, and obviate the need to use TOR Browser. However, with other Proton VPN configurations it is recommended that you use TOR Browser for as much of your web activity as possible.

All of Proton's apps are fully open source and moreover independently audited once a year, with the results published on their website. So you can be sure that there are no nasty hidden surprises anywhere! The strongest, most secure encryption is used throughout, and Proton is also a cross-platform environment so you are able to use it on all your devices, be that Windows or Mac PC, Linux PC, Android phone or tablet, or iOS phone/padOS tablet, protecting your privacy and security everywhere. All Proton apps are simplicity itself to set up and use, too, but if you ever need it, Proton's support is absolutely world-class and second to none.

Proton also keeps no logs of any kind, ensuring privacy by default, and any data or files such as your mailbox, calendar/s, and Proton Drive are fully encrypted with zero-access encryption - in other words, you and only you alone can access these. Furthermore, Proton is protected by Swiss privacy laws. Proton can be summed up as kind of the Burger King of freedom and privacy - your data, your way and your rules!

At this point I should make it absolutely clear that I am in no way connected to or affiliated with Proton. I am merely a privacy and security conscious user who appreciates what Proton does and what it delivers. As a privacy and security advocate I can only be a Proton advocate because it is simply the best there is for privacy and security.

Beyond this, it is also time to consider the Browser/s that you use. If you value your privacy and security and have come along thus far, do not under any circumstances use Microsoft's Internet Explorer or Edge - or Apple's Safari - not ever! Also, throw out Chrome and/or any Chrome/Chromium based browsers such as Opera, as well as any Chrome apps. The most secure and private - if set up properly - standard web browser there is is Firefox, which you should download and configure very carefully, if you don't have it already. You should also get TOR Browser - which is based on Firefox - for maximum browsing privacy and security.

Also, never, ever use any Google services/sites if you possibly can avoid them. DuckDuckGo is a far better search engine than Google and does not bombard you with ads and sponsored links but simply gives you the most relevant results for what you are looking for. It also offers an instant, free machine translation service every bit as good as any. Furthermore, DuckDuckGo does not track you in any way, nor does it keep logs. It is fully committed to user privacy.

A further essential measure to protect your security and privacy is a safe, reliable Anti-Virus cum Firewall utility. Here I would suggest you look no further than ESET Internet Security. The Firewall aspect of this - inevitably - works in conjunction with Windows Defender and makes this much more secure. In total, ESET is second to none in my experience, and OEM versions at a price lower than an official ESET renewal price can be found quite easily. Again, the value for money factor is the same as for Proton. Simply a no-brainer. Also like Proton, ESET is a cross-platform application and so is also available for macOS - which increasingly needs such protection as much as Windows - as well as mobile devices. (A Linux version of the AV side is discontinued, presumably due to lack of uptake - Linux just does not need AV.)

Like all privacy and security apps/utilities, ESET will require some patient and thorough setting up and configuring. Customer support is, in my experience, very good.

Also, you ought to consider not using the Windows Recycle Bin/Waste Bin. It leaves all your deleted data easily recoverable even when you delete the files in it. This is no problem of course if all your drives are securely encrypted with strong encryption - deleted data remain encrypted and cannot be recovered without access to your password for your drives. However, if you do not encrypt your drives, you are strongly urged to use a secure deletion utility such as Eraser instead. This deletes your data and over-writes them multiple times with random data, rendering them virtually impossible to recover.

Eraser is free of cost also free and open source software - always something to look out for. Even for Windows (and perhaps macOS?) there are an increasing number of free and open source applications available, including some of the better known Linux ones like The GIMP - The GNU Imaging Programme - an excellent graphics application, and many free and open source file managers and other utilities. With open source software you can be sure of not importing another spy onto your PC.

Some final considerations now for you to ponder. Email to begin with - everybody uses email in one way or another. If you use any of the widely available 'free' email services, especially the likes of Gmail, Outlook.com, Yahoo and so on, you may want to consider dropping these violators of your privacy altogether. Quite apart from such things as tracking you online, Gmail for example scans all your incoming and outgoing mail and analyses these data among other things to learn your interests, buying habits and more to bombard you with targeted advertising. Your data will also be shared with 'partner' organisations. You really ought to think about using some form of end to end strong-encrypted email, and once again, I would refer you to the Proton Ecosystem and its Proton Mail component.

Social media are also strongly suggested to take into consideration if you use any of these. They are of course best avoided altogether. However, if you feel you cannot live without them, you ought to consider clearing out your existing account/s altogether and then closing them, and setting up new but 'anonymous' ones. (A free email address 'anonymiser' utility, Simple Login, is now available integrated with Proton - very useful for websites that you do not want to give your email address to so you cannot be bombarded with spam!) Simply use a 'fake' ID for your new social media accounts and use only with your real-life friends and family, and make them readable by friends and family only. Even after that, be cautious in whatever you post and comment. It is especially recommended that you do not post personal photographs - you can always share these with friends and family through the Proton Drive utility, for instance. Bear in mind that anything you post on social media is always available to the service provider and may well be retained by them for years.

Furthermore, if you possibly can, try to avoid some of the biggest 'data harvesters' and privacy violators out there on the web, that is, almost any online shopping facility but most specifically the biggest of them all, Amazon, and also Ebay and similar sites. If you must use any of these, Amazon for example at least will let you use them via the TOR browser, so they cannot in any way discover your VPN, let alone your ISP.

Having configured your OS and applications to make them as secure and private as possible and followed this with perhaps encrypting your disks, but certainly with setting up a truly private, secure VPN - ideally, Proton Privacy Ecosystem's VPN - as well as set up and configured truly private and secure web browsers, and having followed the remaining steps, you are then well on your way to protecting your privacy and making your PC as secure as you can under Windows or macOS. All that remains is to use a bit of common sense in using your computer and to avoid all conceivable risks.

That concludes this introduction to privacy and security on your Windows - or macOS - system and the wider importance of defending your privacy. Similar guides are planned for mobile devices, i.e., so-called smartphones (they are not, they are really quite dumb!) and tablets, and finally, for Linux, and should be along in due course.

I wish you truly private and secure computing, whatever platform or device you may use, and close in the hope that you may contribute to the fight for privacy, freedom, and democracy for all.


November 2022
© nexter
All rights reserved

_________________
nexter - so, what's next?


Back to top
 Profile  
 
Post new topic Reply to topic Board index : Winstep Forums : Articles  [ 1 post ]
Display posts from previous:  Sort by  

Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to: