TPL- Toronto Public Library prides itself on staying current on the latest computing trends. And they certainnly delivered this past week with their presentaion on Security and Data Privacy best practices. The lecture was delivered at TPL’s Lillian H. Smith branch on Thursday May 31st: Lock Down Your Digital Privacy in 10 Easy Steps. And boy the library certainly delivered the goods.
Digital Privacy
Digital privacy is a growing concern as more info spills out on what Facebook, Google, Marketing agents and various levels of government are doing with the data they harvest routinely without our knowledge or approval. For example, Facebook is caught yet again surreptitiously sharing user data with phone companies and manufacturers while Google stealthily expands its deep reach into users’ life data and NSA plus 5 Eyes pals are spanning the world for “every increment” of intelligence.
So it appears that Europe’s GDPR – General Data Privacy Regulations inaugurated May 25, 2018 is a welcome counter to the ongoing corporate and governmental invasions of public privacy. The lecture slide states the case:
So this is the premise of the presentation – users cannot afford to give away private information so handily. And TPL has a ten step guide on how to increase your protection. It is interesting that most of the measures start with simple data security methods. TPL calls it data hygiene and the tools recommended improve data security as well as privacy.
TPL’s Digital Privacy in 10 Easy Steps
Not surprisingly, Digital Privacy starts with software updates and better passwords:
- Software updates must be done as they become available
- many current fixes are for zero-day faults, don’t skip them and remain vulnerable;
- if you are not going to update, why keep using the software?
- On the Web, antivirus software and web browser are must updates.
- Antivirus software is now critical firewall defense against Web hack attacks and other exploits – have a Web firewal like Avast or AVG [both free]
- Use long & strong passphrase for most important passwords
- passphrase => masculinemummywasAridlywaytooPapered;
- passphrase is memorable because it contains 6-10 real words but no blanks or suggestive punctuation;
- size of words should vary in length making deciphering more difficult;
- use a meaningful sentence if it helps remembering the passphrase;
- a good 5-6 word pass phrase will take 550 years to deciper even at 1000 guesses per second;
- Use Diceware Wordgen if you need help making up a passphrase.
- Reuse passwords carefully
- Consider using a password vault like LastPass
- Secure online browsing practices
- use several browsers- choose from the best Chrome, Firefox, Opera;- keeep them updated
- consider the tradeoff of free services like Facebook, Gmail, Twitter – the price of free is wholescale harvesting of your data, habits, email conents, location, etc. Supposedly, you have control but only after navigating a labyrinth of “management screens”;
- use private browser mode whenever possible
- Social Media Usage “what you post online in social media is akin to yelling it on a street corner. So be mindful of the fact that many strangers[including 3rd parties with other motives] may have or gain acess to whatever you post“;
- Install privacy enhancing extensions
- Privacy Badger is a browser extension that provides user control over 3rd party cookies
- HTTPS://EVERYWHERE enforces encrypted communication between your browser and the websites you are visiting;
- Ublock Origin is a browser extension that blocks ads and pop-ups.
- Email Encryption – consider using Mozilla Thunderbird which interfaces to Gmail, Hotmail, Yahoo, etc
- Use your best judgement. Decide venues and services pose the greatest risk and then modify/protect your usage of those online sites and services.
The good thing about these Data Privacy tips is that the choice of methods and software is top notch. But most important is that simple data hygiene will make for not only greater privacy but also computing security. Well done TPL – and if you are in the GTA, check out the library for future presentations.