Heads up: This post was migrated from my old site to my new one, a few things changed in the process.
Nowadays it’s nearly impossible to like there’s no hope to avoid all of the prying eyes in the world. While, sure, you could ditch your phone, buy a third-generation Honda Civic, and never touch the internet again, but where’s the fun in that? This guide is intended to be a quick, not-so-deep, guide on having a little more security and privacy online. Finally, this guide is going to be biased, it’ll talk about the services I use, and maybe even have a referral link or two.
Web Browsers
What better place to start than where all of your online interactions begin: the web browser. For this category I recommend Firefox, just as a heads up try to get the “enterprise” option (it’s free) if you don’t need (or want) all the features (I got the non-ESR version, spent all the time configuring it, and now wish I hadn’t), once you have it installed spend some time to configure everything, here’s a step-by-step process that I typically follow:
- Close all of the random tabs that open.
- On the new tab page click on the cog (settings icon) and disable:
- Shortcuts
- Activity
- Right click on all of the preset bookmarks and remove them.
- Now click on the hamburger (three lines/more) icon and open settings.
- Configure the general settings to your liking, for the most part they will not impact too much.
- Now go to the “Home” settings, make sure all are off other than “Web Search”.
- Go to “Search.”
- Make sure that the “Search Bar” is set to the first option, this looks a bit cleaner and is easier to use, if you want a more “classic” look use the second.
- Select a search engine (I’ll talk more about these in a bit).
- Remove all of the bogus extra search engines in the “Search Shortcuts” sections.
- Go to “Privacy & Security.”
- Set “Enhanced Tracking Protection” to “Strict.”
- Enable the “Do Not Track” (DNT) header/signal.
- Disable “Ask to save logins and passwords for websites,” you shouldn’t be using your browser’s built-in password manager, if you want to risk it (remember: here be dragons) at the very least enable “Use a Primary Password.”
- Disable autofill (again, if you wish to risk it, here be dragons).
- Next, scroll to “Address Bar” and disable “Open tabs” (with this on, Firefox likes to show your currently open tab in the suggestions and you can accidentally switch tabs). Also disable “Suggestions from sponsors” and “Improve the Firefox Suggest experience,” I also recommend turning “Suggestions from the web” off.
- Now turn everything off in “Firefox Data Collection and Use.”
Add-Ons
This is where stuff gets fun, up next is blocking those paywalls which we’ll use two add-ons for:
- Bypass Paywalls: For a large number of sites, click on “Download and install the latest version” on the GitHub page.
- Medium Unlimited: Specifically for Medium.
Alrighty, time for the random add-ons:
- Dark Reader: Dark mode for all the sites.
- FediRedirect: Redirect from one fediverse instance to another.
- LibRedirect: I would recommend this one, but the additional configuration required may be a bit much for some beginners. It will redirect sites that track or require an account to alternative frontends which don’t do such things.
- NoScript: Another one that I would recommend for more advanced users, it automatically blocks JavaScript for websites and allows you to trust sites you, well, trust.
Finally, you’ll want to start with an ad-blocker of which I recommend two: uBlock Origin and AdNauseam. They do the same thing (in fact AdNauseam is based off of uBlock Origin) but with different approaches. uBlock Origin is a more traditional ad-blocker as it simply stops the from loading, so you don’t see them and no-one gets money, whereas AdNauseam clicks (silent in the background) on every single ad spending advertiser’s money, messes up Google’s algorithms, and generates “noise” (essentially confusing trackers). Depending on which option you choose you’ll need to take some additional steps:
Additional Steps After Installing AdNauseam
Go back into settings and reset “Privacy & Security” > “Enhanced Tracking Protection” to “Standard”. Next, click on the AdNauseam icon and click on the cog icon and follow the “installing either” steps bellow.
Additional Steps After Installing uBlock Origin
Install Privacy Badger, which “learns” to block trackers as you browse the web. Next, click on the uBlock Origin and then the three cogs and follow the “installing either” steps bellow.
Additional Steps After Installing Either
Go to the “Filter Lists” tab and open the “Annoyances” section. Enable the “Fanboy Annoyances List” and “Fanboy’s Social,” the first will block pop-ups (including cookie-related ones) and the second will block those annoying “share” buttons on random sites.
Search Engines
The search engine I recommend is SearXNG, it’s hosted by it’s community, if you don’t know where to start you can pick an instance off of searx.space, or you can go with one of the more popular options: searx.be.
Alternatively, many recommend Startpage, I’ve never tried it, but you may like it better than SearXNG.
To add it to your list of search engines click on the address bar and click on the site’s icon with the green plus. To set it as your default navigate to the Firefox settings go to “Search” and set the “Default Search Engine.”
Password Managers
Remember when I said that using your browser’s built-in password manager isn’t good? Let’s look at the alternatives, of which I’ve used two: Bitwarden and Dashlane. Although both have free plans, if you want extra feature like 2FA you may need to pay a subscription. Alternatively, and this is the option I opt for, is self-hosting Vaultwarden (a fully free and open-source, FOSS, alternative server for Bitwarden). Both have browser add-ons for auto-fill and mobile apps.
Communication
Nowadays we spend a lot of time communicating online, so I figured it was important to include in this quickstart guide (even though I wanted to keep it short).
Instant Messaging
Likely one of the more popular forms of communication online is instant messaging. There’s a good number of privacy-centric instant messaging services out there, although I personally have used two: Matrix and Signal. I enjoy both, but gave up on Signal as it just didn’t really suite my fancy. Signal seems to be very popular, it’s the closest to WhatsApp or texting, although if you’re particularly looking for something private and secure (which this guide is likely not for you) it does require a phone number for registration, on the plus site it does support E2ee (end-to-end encryption) and the protocol is open-source. Alternatively, Matrix is the one I enjoy the most, it is closer to Discord or IRC, you’ll need a client and homeserver to be able to setup with it, both are easy to find, you can find clients here, and here’s a list of homeservers I’ve found:
- matrix.org: The default for Element, many don’t love it as it as they have concerns about one party controlling the protocol too much (so maybe look into the alternatives first).
- matrix.catgirl.cloud: You need to fill out a registration form in order to sign up. Hosted in Germany.
Social Media
Alright, I’m gonna try to keep this section pretty short. Basically, all of these social medias use ActivePub (A.K.A. the “Fediverse,” where all are interconnected):
- If you’re on YouTube: PeerTube (instances).
- If you’re on Twitter: Mastodon (instances).
- If you’re on Tumblr: Firefish (instances).
- If you’re on Reddit: Lemmy (instances).
Remember, because this is ActivePub you should be able to see PeerTube content on Mastodon, and Firefish users should be able to see your Mastodon content, so just go with the interface you’re familiar with. The only one that doesn’t play too nicely with it yet is Lemmy (I’m sure this will change as all of ActivePub is pretty new – hype-wise, it’s actually been around since 2018).
For those who don’t know email is a federated messaging system, but you likely already knew that (because it will not freaking die for some reason, and we just keep sending a heck ton of embedded junk using it). That being said odds are you’re likely using Gmail or Hotmail/Outlook and that’s not great, considering if you’re reading this you likely don’t want Google and Microsoft in your life anymore. There are two email services that I recommend, those being Skiff[1] and Proton. Out of the two I use Skiff, it allows you to have free email on a domain name, has a much cleaner interface, and I (personally) just like it better, that being said it doesn’t support IMAP (yet) and seems pretty early in development. Proton on the other hand has a lot more features (like a VPN and password manager) along with IMAP support for paying customers. Honestly, give both a try and feel out which one fits your needs the best.
Heads up: Although both are E2ee that doesn’t mean they’re secure, email is not a secure protocol, if you’re doing something important that requires messages to be secure use Signal or Matrix.
Most email providers support “automatic email forwarding,” so you don’t event need to switch account or anything.
Update 2023-8-14: Alright, same day as this post, Skiff has sent out a newsletter which mentions auto-forwarding for Outlook and Gmail. Now if you use either one you can setup forwarding right within Skiff settings.
Finally, thank you for reading this post, I hope you found it helpful (in some capacity). If you have comments or questions reach out to me.
Skiff got bought by Notion and no longer exists. ↩