Privacy and security in 20-9

Hi,
I know this has come up before, but I am curious if anybody had altered their typical privacy/security practices in recent times.

I kinda took a deep dive:
- changed all passwords and usernames to unique names
- switched from gmail to protonmail
- took family pics/ videos off Google and started using a NAS (18tb Raid 5) with valid SSL certs
- put 2fa on everything (except a dummy account for Indigo’s mail scanner)
- locked down all ports (i am investigating indigo actions to toggle ports on the server)
- disabled UPnP (was getting UPnP errors on Sonos plugin anyway)
- made all my passwords pretty darn long
- changed forum usernames where applicable (I couldnt bring myself to change this one)
- planned a switch to Indigo Reflector
- deleted FB profile
- switched from Google to DuckDuckGo and Firefox

I am curious what other people are doing.


MunDMC
Fitter. Happier. More productive.

[jay (support)]

I've not used any Google service that requires a login for years (I don't trust any company whose primary product is me). I also switched to Bing years ago and more recently switched from that to DuckDuckGo.

I'm more and more allowing Safari's strong password suggester to create my passwords so each site gets it's own unique long password. This can sometimes still be a pain if the UI to autofill from the keychain (or the new fill functions on iOS) don't work for some reason, but that's becoming less of an issue. And I use Safari (on the Mac rather than Chrome or FireFox) so the password integration is great. I am totally annoyed at those large websites that can't be bothered to test on Safari (even on iOS!!) so I generally just find alternatives when necessary. I keep Chrome installed for the flash-based websites that are still (somehow) around, but I don't use it often for that. Mostly, I keep Chrome and FF around to test our website.

I use all of the iCloud services (mail, picts, docs, keychain, etc). So far I continue to trust that Apple will continue to put personal privacy ahead of all else. But I'm also watching them carefully.

I haven't done anything to try and lock down my Mac really - rather, I'm trusting that only people I know can get onto my local network (and that they won't do any damage). And it's managed/protected by the great Unifi products. Perhaps I'm naive, but I've always been on the less stringent side of local network security.

I'm about "this close" to killing my FB account. I've pretty much switched to Apple News to find the news I want to read, so FB is now really just a way to keep in touch with friends. But I'm more and more convinced that it's not worth the privacy risks and the untrustworthy culture that FB seems to foster.

I've not yet switched any usernames. I'm hoping that strong unique passwords everywhere will secure me enough. Guess time will tell. I suppose I can still be tracked based on that, but I suspect that my email(s) is a much better way of tracking me and I'm definitely not going to change that any time soon.

Thanks for your thoughts, Jay. I am using 1password now for passwords- i suppose it’s a more vulnerable target than keychain or bitwarden, but it appears to play nicely on multiple platforms.

I agree with you that Ubiquiti and 2FA seems pretty darn safe.

I am an avid 1Password user. I have a strong password memorized to access 1Password. Every website or other service that I need to log into has a different random strong password. I also set up an email alias for every website or service to use as my email and username. I have a couple hundred email aliases now. If I receive spam to an alias I know The company has either been hacked or sold my email address. It has only happened a few times. One was DJI (the leading drone company). I contacted them. I never got a straight answer as to why I was now receiving emails from hot girls in Russia that just desperately wanted to talk to me LOL.


Sent from my iPhone using Tapatalk

Nice pro-tip, Dual. I also recently began using ‘+’ when providing my email. E.g. john.doe+netflix@protonmail.com

That way I sort received emails by RECIPIENT (me) plus a tag.

[jay (support)]

From a corporate perspective, using unique emails like that is a major PITA. Customers complain because they get locked out of their accounts (can't remember which email they used before), or they can't find their payment information because they used multiple different emails, etc. (the list is long).

So while I understand your desire to avoid spam (frankly, the Mail app does a remarkably good job of filtering that crap for me), I don't really sympathize when those kinds of issues crop up...

Jay I use one email address and therefore one password. And 200 aliases that arrive at my one email address. For all my devices with email it is just one account. My host calls them “forwarders.”

Cheers

John


Sent from my iPhone using Tapatalk

I also use 1Password - wouldn't be without it.

I also use a separate email address for everyone I deal with e.g. name12345@mydomainname where name is the name or abbreviation of the name of the company I am dealing with and the 5 digit number is random but specific to the company. It is now very easy to see where spam comes from. It is amazing (in the UK) what a positive response you get when you contact a company and suggest that they might have a data protection issue if you get spam from their address. This has happened a number of times where company websites have been hacked. It is then very easy to regenerate a different email address and send the original into a black-hole. The hosting service I use for my websites and email uses Spam Assassin which works very well.

I also use 2FA where available.

From a corporate perspective, using unique emails like that is a major PITA.

(Note to self, allow 2-3 weeks to pass before telling Jay I might have forgotten my Reflector creds...)