Quote from: shevek on Today at 08:02:47 am
I use separate email addresses for separate purposes or sites
That's something I gotta get around to doing, especially since I already use about 6 emails
this doesn't have to be a huge hassle! a lot of domain providers also offer customers the option to set up full-blown mailboxes as well as forwarding email address. some will let you edit the DNS records for your domain, too.
this means that you don't have to setup an individual inbox for each service or site you use; you can create one central inbox, then have a bunch of addresses for different sites that forward to your one inbox.
for instance: i use email@example.com for emails from melonland, but that forwards to some other vague inbox that i'm not going to list here, meaning that i only have to login to one inbox for everything!
aside from that, here's some of the security / privacy steps i take:
- do everything on paper.
this is true for everything from writing fiction to writing code.
i write stuff on paper, then if i want to translate things to digital format, i can.
it gives me the space to think about whether making something digital is /really/ a good idea,
because digital media is often recoverable, even if you're offline.
a lot - if not all - CPUs are proprietary, so i can never know if some commands are running in the
background to discreetly connect to the internet and work some spyware.
similarly, erasing data from anything digital is notoriously difficult.
you can delete stuff, sure, but data can remain on a hard drive after erasure.
it would take writing block zeros to a disk to fully wipe a disk (afaik), which can take days depending
on the size of the device.
similarly, RAM can be processed (so data you have in your applications, like the text in my browser
as i'm writing this) in a similar way, via a cold boot attack.
where i can, i hand-deliver letters instead of emails, talk to people away from devices and
entertain myself without computerized technology.
- i don't use a vpn.
loads of arguments for and against vpns that i won't peddle.
my threat model doesn't need one; there's no guarantee (even if you're relying on auditing which is
just fancy word-of-mouth!) that the data you send to a VPN server isn't being logged somewhere and
the /only/ guarantee of a working VPN in my opinion is one you self-host, which is pretty useless
unless you have a lot of friends that connect to it, otherwise you're just shifting your requests
from one device to another.
even if you adopted this approach: how can your friends trust you?!
- my operating system boots entirely into ram!
everything is kept on a usb which i boot off of.
then, all the package files and dependencies are kept on a separate usb stick so i can install them
on-demand in my terminal.
this makes booting my computer /insanely/ fast; prevents disks from dying quickly and keeps me safe
(there's no hard-drive i need to write zeros to!)
as for digital files... i write them on paper / print them when i can!
- i avoid encryption.
i would /love/ a world where asymmetric encryption was the default for the messages we send.
unfortunately, i believe that encryption is counter-intuitive to my threat model.
some third party spying on me is going to be less suspicious of me if i blend in as an average internet
user (which is why i try to stay away from the net!) than if i were to encrypt things.
anyway, that's very much in alignment with /my/ threat model. if security is your biggest concern: go off of the devices you use!