Empowering Yourself with Security

Photo by Jonatan Pie / Unsplash

So, you've heard about security, maybe someone tells you that you should "really do" something, or maybe you're at a point where keeping your digital life private is important. Or, perhaps, you're like me and want to increase the signal-to-noise ratio of people using privacy tools that don't need to hide to make it less suspicious for those that need to. Regardless, let me walk you through an opinionated list of options. I will definitely agree that there are other choices for each of these things and that they might be better for you, but this list will focus on simplicity and accessibility.

Alright, so, let's begin

Communication - Signal

Signal has been around for quite a while and has a growing audience. To use this app, you simply need to download it - from your phone click here or from a Windows desktop/laptop click here or a Mac, right here.

Why Signal? Signal is written in such a way that if anyone requests your data all they know is 1) when you created your account and 2) when you last logged in. None of your messages can be read due to encryption without one of the devices in the conversation. This helps prevent people from snooping on your communication. This also means not even Signal knows what you say, which significantly increases privacy. Lastly, to connect to someone, you simply need their phone number as usual.

One extra cool feature is that if you're running Android, you can set it as your default texting application - and if someone is on Signal it will defer to messaging them on Signal instead of through (unsecured) text. This helps make sure you don't need to ask people what their preferred chat is or not.

Signal not only has 1:1 chat, but also has group chats, an option to make messages disappear after a short amount of time, a gif keyboard (on mobile), and a bunch of other features that keep it from just being something nerds use. Since it uses data and not text messages, international messaging is free too, a nice little tip.

Email - ProtonMail

Protonmail has been a huge proponent in the privacy and security space. By default, it encrypts your email, prevents even Protonmail from seeing it, and historically has only responded to Interpol requests from Europe and they can only give a time and IP address the person on the warrant last logged in with. Their free tier is quite generous and the limits are really to keep spammers at bay. 150 messages per day, 1 GB of storage, and includes VPN (discussed below).

Okay Marty, but why use a company that you can pay for more email? No one has hacked Google and my gmail account is good for all of this stuff. And you are quite right.

However.

Google is notorious for giving out information to law enforcement, appropriately licensed investigators, and even had senior engineers simply log into your account without telling you. Imagine if you were emailing your doctor and someone could simply request that email - that could be very invasive and be really embarassing. They don't even need to tell you if someone has done that either.

Google and similar email providers live heavily on ads. Google has machines that look through your email and tailors ads to you. Wonder why that top part always has something you've been considering or done recently? Google is actively going through your email looking for keywords.

Where Protonmail (and many other paid email providers) come ahead is that you're paying them directly instead of advertisers. Your email is truly guarded and not even Protonmail can read your private communications. No one will know what you and your doctor emailed about or that time you signed up for meat sales from a local butcher.

The paid tiers are actually quite reasonable too, $4 a month gives you pretty much the same thing as Gmail, but with the added bonus of VPN. What's VPN? Well...

Internet Connection  (VPN) - ProtonVPN

A VPN is simply a tool that takes all your internet connection and encrypts it by sending it to servers and then to where it's going. It's a bit like instead of walking or driving a letter across town, you use the postal service. It's in a nice envelop, you pay a small amount, and no one (should) read the contents. It's not a perfect metaphor as the US postal service can open certain mail, but VPNs cannot.

VPNs used to be terribly complicated, but over time they've gotten a lot better. If you have a work computer, they probably use a VPN to get you into their internet and internal stuff. A VPN on your phone or personal computer works a little different as you are simply mailing your letters, so to speak.

How to use one? Proton again! They have a free one (included with the email setup above or directly here if you don't want to use ProtonMail) that works pretty well. Spending money gets you more speeds and more "locations" - but locations are a bit irrelevant for this usage of it. In theory, you can mail your internet traffic through somewhere like the UK to access things only allowed in the UK (like Channel 4), but for security, it doesn't matter where the internet traffic goes.

Once you install it ( Google Play/ iOS Store / Windows / Mac ), log in, and turn it on, you'll find that it has a "Quick Connect" button that does the job. In addition, it has a feature that blocks malicious software (malware) from being downloaded and can even do some AdBlocking.

Turning this on, especially on wifi you don't own (like Starbucks or an airport) keeps what you're doing secured from everyone else on the wifi. Do I turn my VPN on at home? No, I control that one. When I am on Wifi in a Home Depot? You bet I do. It's a trickier habit to get into, but one that makes your life more secure.

Security vs Privacy

Throughout this, you'll see I have conflated Security and Privacy as concepts - and that's intentional. They are different but for things involving personal communication, they overlap heavily. However, I am sorry to fellow security and fellow privacy individuals for mixing these together.

In Summary

There are several easy to use tools to make your communications more private and secure and protect yourself from actors who may be compromising what you are doing or things you have said. In a world where we are all closer due to communication tools, it's good to be aware of ones that affect your ability to keep secure, too.

Marty Henderson

Marty Henderson

Marty is a Staff Cloud Engineer and an AWS Community Builder. Outside of work, he fixes the various 3D printers in his house, drinks copious amounts of iced tea, and tries to learn strange new things.
Madison, WI