The short version...
- Zoho Vault: Online password manager (free for personal use)
- Have i been pwned?: Seriously check, then register for alerts.
- Keybase.io: Crypto made easy, for everyone (free).
- ProtonMail: Encrypted email (free account available).
- ProtonVPN: Virtual Private Network (free account available).
- Tor: Surf the Internet anonymously (free).
- StartPage and DuckDuckGo: Private search engines (free).
- 18.104.22.168: Secure, private DNS for a faster, better Internet (free).
- Signal: Secure messaging app. It's free, fast, simple and secure.
- VeraCrypt: Free open source disk encryption software.
- Qubes OS: A reasonably secure operating system (free).
If you would like 1-to-1 online training, you can hire me.
I'm going to start the list off with an absolute must have app. Zoho Vault is an online password manager that is perfect for individual or corporate use. It's FREE for personal use and only $1 per user for the corporate plan (sharing passwords and secrets within your teams is a key feature of the corporate plan). Unlike most other password managers on the market, you can use the FREE version across multiple devices at no cost, no strings attached.
Another must have, is the Have i been pwned? Website. Go there right now and check your existing email addresses against the extensive list of breached accounts. Then sign up for notifications of any future breaches where your email or username appears (when, not if) in the list.
The next app in our tool kit is Keybase.io. With Keybase, anyone can encrypt or decrypt messages and files using strong cryptography. Absolutely no knowledge of PGP/GPG is required. The app is available for every platform, including Android and MacOS. You can use the software to verify ownership of social media accounts, websites and other online accounts. You can chat with friends, family and colleagues or complete strangers using end-to-end encryption. All without knowing a thing about cryptography. If you only use one app on this list, make sure it's Keybase.io
Next up is ProtonMail. Simply put, it's email with encryption built-in. You can register and use it anonymously, which makes it a great choice for whistle blowers, freelance journalists and hacktivists alike. Your inbox, sent items, drafts folders etc are all encrypted and can only be accessed with your decryption key, meaning that even if someone hacked your account, without the encryption key, they will just see lots of encrypted text. The only drawback to encrypted email in my experience, is that both you and your recipient must be using an encrypted email service for it to be secure.
ProtonVPN is another great app by the makers of ProtonMail. You can download and use the service for free. Giving you a limited but very secure connection when needed. Use it when accessing public networks or checking your ProtonMail etc. A Virtual Private Network lets you connect to external websites and other cloud services via a secure (tunnelled) connection. Anyone trying to intercept the traffic between your computer and the destination server/service, will only see encrypted data.
Continuing with encrypted connections. Tor offers you both the ability to browse the Surface Web and Deep Web anonymously, and even host your own hidden (website) service. The Surface Web is anything that can be indexed by regular search engines like Google. The Deep Web websites are those sites that can only be accessed if you know the server IP or private domain name (search engines are oblivious to their existence), Tor is also used to access .onion websites, the Darknet (slightly deeper and more hyped than the Deep Web). I highly recommend using Tor for all your browsing.
If you prefer to use your regular browser instead of Tor, then consider using StartPage or DuckDuckGo for your online search engine needs. These two search engines let you search anonymously, with no tracking cookies, no geolocation logging, just simple unfiltered search results. Of course, what happens after you navigate away from these search engines, is entirely down to the website you visit. So, consider using StartPage and DuckDuckGo with Tor and ProtonVPN.
Now a quick tip for hiding your DNS footprints. Cloudflare have teamed up with APNIC to offer the Internet community a better, faster more private alternative DNS. So ditch your ISP's default DNS and start using 22.214.171.124 today. More on "Domain Name System" here.
Do you use Whatsapp ? So do I, for family and friends that is. A more secure alternative to Whatsapp, is either Keybase.io, as mentioned earlier. This pretty much does it all, from encrypted messages to secure file storage and providing a secure verifiable method of showing proofs for social media account ownership etc. But If you're only interested in the messaging side of things and you really like the feel of Whatsapp, then Signal offers the same experience but is open source, which means you or anyone else can review the source code and even compile from source.
An open source alternative to Microsoft BitLocker is VeraCrypt, a free open source disk encryption tool for Windows, Mac OSX and Linux. VeraCrypt is based on TrueCrypt and comes with all the features you'd expect from a disk encryption tool, though my favourite feature of all is the Plausible Deniability with support for hidden partitions and hidden operating systems.
I'm going to end my recommendations with the ultimate in online privacy and anonymity. Qubes OS is a Linux operating distro built with anonymity and privacy in mind. In short, Qubes OS can be configured to run apps in isolated areas of memory, called Qubes. You can even set up your email client to create single-use disposable Qubes for opening attachments. Which means, isolating any potential security risks to that single Qube, firewalling it off from the rest of the system.
If you would like support or 1-to-1 online training, you can hire me.
It's actually key to our privacy | Alex Winter | TEDxMidAtlantic
Directed by Alex Winter.