For such a simple app, it required almost unlimited and unfettered access to your phone. Remember: if an app is free, you're paying for it in some other way -- and usually it's with your data. Chances are you're already using a six-digit passcode, if you're using a modern version of iOS. But you can make the code as long as you like. We have a simple and handy guide here. Choosing the "custom numeric code" will still give you the number keypad on the lock screen, making the passcode entry easier to type in. Keeping your devices and apps up to date will significantly reduce attacks.
Every app or service you install will increase your vulnerability risks because no software is perfect. If you have preinstalled apps or "bloatware," you should remove those -- and that includes web plugins like Adobe's Flash , Oracle's Java , and Apple's QuickTime.
- Saving Samantha. A True Story.
- How to Open Encrypted Email.
- Health Rights Are Civil Rights: Peace and Justice Activism in Los Angeles, 1963–1978.
- Medical Virology, Fourth Edition;
Using ad-blockers can prevent ads from installing tracking cookies and even malware which happens surprisingly often. Cyberwar: A guide to the frightening future of online conflict. You should also consider encrypting your computer, which is easy if you use either Windows or a Mac. Just make sure you don't upload your encryption keys to the cloud, otherwise Microsoft or Apple could be forced to turn them over. Yes, Windows 10 is more secure than Windows 7, but it's understandable that many think it's a privacy nightmare. We have a separate Windows 10 privacy guide that shows you the right options for you.
There are dozens of websites called data brokers that crawl the web for your personal information, and then post it online for the world to see. If you Google your name along with the city you live in, these data broker sites are always the top search results. Websites like MyLife, Whitepages and Spokeo make millions by selling access to this information. You can use this helpful guide from DeleteMe to remove yourself from each of these data broker websites, but this process can be tedious and time consuming.
DeleteMe does all the hard work for you by going directly to the source and removing your personal information like names, addresses, age, phone numbers, email addresses, and even photos of your home. Removing personal information from data broker websites reduces your online footprint and keeps you, and your family safe. Now that your device is secure, you should think about your data in-transit -- that is, as it traverses the waves of the wireless spectrum and the pipes of the internet.
SMS messages and phone calls can be intercepted and wiretapped at any time -- it's the law. Police can also use cell-site simulators known as "stingrays" to force-downgrade your cell connection from LTE to non-encrypted channels to make it easier to snoop on your phone. It's not just the messages you send that you need to worry about; you also have to think about the data that's generated as a result -- so-called metadata, such as who you're talking to, when, and sometimes where.
That information alone can tell a lot about your life , which is why it's so important to intelligence services. Metadata is a core pillar of government surveillance. Countering metadata collection isn't easy, but its collection can be limited. The trick? Use the right app.
File Extensions and File Formats
Let's get one myth out of the way: There is no secure email solution -- at least not yet. While there are systems like PGP encryption, which remains the favorite for scrambling the contents of email messages, it's not as strong as it used to be and better instant communications exist. Signal is by far the simplest and the most secure app when it's used properly.
Available for iOS and Android, the end-to-end encrypted messenger was almost universally accepted as the gold standard among security experts and professionals after its debut audit. The messaging app and its desktop counterpart are also open-source, meaning anyone can look at and inspect the code to ensure there are no backdoors. And, Signal almost entirely removes itself from the surveillance loop by collecting almost no metadata. Even if a user chooses to upload their contacts list to Signal, each record is scrambled and can't be used by the intelligence services.
Using a secure messaging app alone won't keep you secure. Ensuring that you properly verify the keys of those you're talking to will ensure that you're not talking to someone else. Image: ZDNet.
The Intercept has a simple guide on how to verify your contacts in the unlikely event that your communications are being intercepted. You usually only do this only once unless you or someone you're talking to changes device. You can download Signal here. If you heard recently that WhatsApp has a "backdoor," that's wrong. So wrong, in fact, that some of the world's foremost security experts and cryptographers have called for the story to be retracted. The Guardian, which published the story, later said "flawed reporting" led the newspaper to "overstate the potential impact on the security of users' messaging.
The end-to-end encrypted messenger, owned by Facebook , works on a range of devices, including desktop. At its core, it uses the same protocols as Signal -- so it's secure and neither Facebook, WhatsApp, or anyone else can read your messages. WhatsApp is fine as long as it's being used properly by verifying your keys with the other party.
Make sure that you enable security notifications so you can monitor for any key changes. You should also turn off online backups -- both on the app and iCloud and Android's settings -- as backups can be cherry-picked out of the cloud by law enforcement with a search warrant.
The app does collect and store more metadata than Signal. That means the government, if it demands data from Facebook, could see who you're talking to and when. A recent report by Forbes confirms that the company could be forced to turn over data it collects, such as IP addresses, phone identifiers, and even location data in some cases. Apple's iMessage is also encrypted end-to-end , but you can't verify your keys with the people you're messaging. That's a problem, because you can't ever be sure that your messages aren't being intercepted.
What is Email Encryption? Definition, Best Practices & More | Digital Guardian
Recent developments have shown that the system is vulnerable to man-in-the-middle attacks , so don't rely on the system for critical communications. And again, don't back up your messages to iCloud, because Apple can be forced to turn that data over to law enforcement.
End-to-end encryption refers to your message securely traversing the internet and not when it's in storage. That said, you should regularly carry out an encrypted local backup your iPhone or iPad on occasion. It's very simple to do, and can restore your data if you break your device. Again, encrypted email is a fallacy, so you should get the idea out of your head. Consider services that don't require you to handle private keys, such as ProtonMail , which now comes with support for the Tor browser more on that shortly. Everything you need to know to protect yourself from scam emails and more.
Or, there's still PGP, which remains clunky and difficult to use for even many advanced users.
Online security 101: Tips for protecting your privacy from hackers and spies
Even the creator of PGP admits he doesn't use it anymore. Or, if you can get an invite to Keybase. This has raised some eyebrows, but it's entirely optional, as it makes scrambling and unscrambling PGP messages and files significantly easier. Browsing is usually at the heart of what most people do. But just as you're looking out at the world, you also have a lot trying to look in. Ad networks will track you from site to site, your internet provider will log which pages you visit, and hackers will try to target you.
When it comes to the gold standard of privacy, consider using Tor. It's like a regular browser with privacy benefits, and it's often used by the privacy conscious, such as reporters and activists.