Vickipinz

circular avatar of my fursona, a grey fox girl with pink eyes and dark grey hair, over a red background

Privacy/security notes

See also: Digital notes, Useful software.

Be reasonable

A lot of internet privacy advice is completely ridiculous. Sometimes I wonder if it's a psyop to isolate paranoid people. Rather than scrambling to go off-the-grid, you'd be better off learning what threat modeling is. What are you protecting, and from who?

Otherwise, you might find yourself much like the paranoid American suburbanite who adorns their home in security cameras, despite living in a crime-free neighborhood, populated only by other paranoid suburbanites who have too much money to understand why crime exists.

Delete addresses from message history

Your friend is mailing you something so you send them your home address over Discord. Later, their Discord gets hacked and now your address is in the hands of the attacker. Fuck. Next time, you should consider deleting messages containing sensitive info once it's no longer needed.

DuckDuckGo is just Bing

It's true, you can read about it. Considering DDG doesn't have all the AI overviews like Bing and Google, I wouldn't consider it a dealbreaker. Rather it's better to understand that search engines aren't foolproof (as no online services are).

Signal isn't completely foolproof

Signal is good if you want some encryption because you're embarrased or exchanging sensitive info. But you shouldn't use it if your threat model is the US federal government, as it is entirely centralized within the US. You and your recipient are identified by phone number, regardless of encryption. You probably didn't compile the operating system you're using, either.

This isn't to say you shouldn't use Signal entirely, but rather to not consider it foolproof if you're up to something that warrants federal investigation. Again, threat modeling is the first step you should always take.

Never allow apps to access your contacts or phone number

Imagine if you were getting a haircut and gave the barber a list of all your loved one's phone numbers, faces, and home addresses. That would be fucking insane. Sadly, in the digital age, this is completely normalized.

Any company you give data to may suffer a data breach. Even if you aren't cynical about capitalism or paranoid about privacy, this is an undeniable fact of the digital age. And with executives who care little for quality engineering (let alone ethics), we have reached a stage where no company can be trusted to keep their customers' data secure.

Because of this, many use password managers to store generated passwords, so that when one password is leaked, it doesn't compromise the rest of one's accounts. But when you allow an app to access to your contacts, you are sacrificing the personal information of everyone you know.

You also shouldn't give companies your phone number unless absolutely necessary. Not only is it a complete dox but it is directly linked with other customers' synced contacts. That's why newly installed apps recommend you follow your most horrible family members, no? I'd go as far as to not give your phone number to anyone for this reason, besides civic or healthcare entities.