Been curious about Tor but worried it’s too complicated to use? Good news!
It is tangible human beings, not abstract “data”, that power the online economy.
Many children enjoy playing with toys and devices that have the ability to interact with them, either directly or through an online ‘app’. The popularity of these toys and devices, which can provide a fun and educational experience, along with advances in technology, means that there are more and more of these products on the market to choose from. With this in mind, the Data Protection Commission (DPC) has put together this advice to assist you if/when you decide to purchase one.
Technology is getting more adept at tracking our moves and anticipating our choices, and being watched all the time can make us feel anxious.
Border agents have broad powers to search people crossing borders, including their phones and laptops.But there are ways to protect your data when crossing international borders if you understand the technology and the law.
Help stop companies and governments snooping on you with these 6 easy steps to protect your privacy online.
The internet is a complicated place. It’s where kids can find adorable dog pictures and the latest news on their favorite band or movie star, but it’s also the host of adult content that isn’t safe for kids. And just like you are at risk of exposure to data breaches and identity theft, so are your kids!
How setting up 2FA can help protect your online accounts, even if your password is stolen.
Most popular web browsers support two types of windows: ordinary windows and “private browsing” mode. I research how people understand the web for a living. Trust me when I say, if you’re not sure what private browsing does, you’re in good company. Researchers have found widespread misconceptions about what information is visible through private browsing. So let’s talk about what it does and doesn’t do.
Over the years, we at DuckDuckGo have often heard a flawed counter-argument to online privacy: “Why should I care? I have nothing to hide.”
As Internet privacy has become more mainstream, this argument is rightfully fading away. However, it’s still floating around and so we wanted to take a moment to explain three key reasons why it’s flawed.
Passwords are the brittle wall that keep unwanted visitors out of your accounts. When it comes to account protection, two-factor authentication is one of the most effective defenses available.
With appeals to “national security,” governments around the world are pushing for encryption backdoors that would allow them to break into the secure data of suspected criminals. Simply put, this is a terrible idea.
Learn what the General Data Protection Regulation is all about and in what way it affects users, developers and businesses.
A step-by-step guide to protecting your data online, in the wake of the Cambridge Analytica and Facebook scandal.
Facebook Inc. scans the links and images that people send each other on Facebook Messenger, and reads chats when they’re flagged to moderators, making sure the content abides by the company’s rules. If it doesn’t, it gets blocked or taken down.
But what if my password manager gets hacked?! A few thoughts on how to talk about security worries with non-experts / Jessy Irwin
Security is not binary, it exists on a scale from 1 to 99 that will never, ever be 100%.
What sort of password ensures optimal security? There are a few ways to change and reset your password to make it stronger.
Security vulnerabilities can be boring to learn. But you still need to learn them, unless you want some hacker to delete all your production databases. To make it a bit more entertaining, I tried to explain 3 major vulnerabilities in terms of every day life.
I’ve been giving a bunch of thought to passwords lately. Here we have this absolute cornerstone of security – a paradigm that every single person with an online account understands – yet we see fundamentally different approaches to how services handle them. Some have strict complexity rules. Some have low max lengths. Some won’t let you paste a password. Some force you to regularly rotate it. It’s all over the place.
In the crowded world of encrypted messaging apps, few tools stand out.
Learn how HTTPS works by reading about Alice, Bob and a lot of carrier pigeons.
Today’s post looks at the price of stolen credentials for just about any e-commerce, bank site or popular online service, and provides a glimpse into the fortunes that an enterprising credential thief can earn selling these accounts on consignment.
There are a lot of in-depth guides to staying safe online. Citizen Lab and a group of security gurus built an interactive tool to keep things simpler.
We’re on a march towards HTTPS everywhere. Almost 70% of web traffic today is encrypted and organisations not getting with the program are being increasingly penalised for lagging behind.
Troy Hunt has collected a trove of 4.8 billion stolen identity records pulled from the darkest corners of the internet — but he isn’t a hacker.
Last week I wrote about my upcoming congressional testimony and wow – you guys are awesome! Seriously, the feedback there was absolutely sensational and it’s helped shape what I’ll be saying to the US Congress, including lifting specific wording and phrases provided by some of you. Thank you!
As I explained in that first blog post, I’m required to submit a written testimony 48 hours in advance of the event. That testimony is now publicly accessible and reproduced [at the link].
Do your friends and family rope you into providing tech support when you’re home for the holidays? Use this opportunity to be a digital security hero and rescue your family from tracking cookies, unencrypted disks, insecure chats, and recycled passwords.
Many of us are visiting parents/relatives this Thanksgiving/Christmas, and will have an opportunity to help our them with cybersecurity issues. I thought I’d write up a quick guide of the most important things.
Yes, it can be a pain, but teaching them to avoid phishing emails now will save headaches later. Here’s help.
Two-factor authentication adoption rates are low. Is it because cybersecurity experts are making the perfect the enemy of the good?
The famous “DNC hacks” weren’t hacks – they were phished. Don’t let it happen to you!
The One Valuable Thing All Websites Have: Reputation (and Why It’s Attractive to Phishers) / Troy Hunt
Here’s something I hear quite a bit when talking about security things: “Our site isn’t a target, it doesn’t have anything valuable on it.”
This is usually the retort that comes back in defence of some pretty shady practices and in the mind of the defendant, it’s a perfectly reasonable position. They don’t collect any credentials, they don’t have any payment info and in many cases, the site is simply a static representation of content that rarely changes. So what upside is there for an attacker?
When you send a postcard through the mail, the content is not protected and anyone who handles it could read it. The same is true of SMS text messages–any carrier of the message can potentially read the contents.
When a message is encrypted, it is scrambled so that only the sender and receiver can read it. Think of it like using a sealed envelope to send a letter in the mail instead of a post card.
Two-factor authentication (or 2FA) is one of the biggest-bang-for-your-buck ways to improve the security of your online accounts. Luckily, it’s becoming much more common across the web. With often just a few clicks in a given account’s settings, 2FA adds an extra layer of security to your online accounts on top of your password.
You may have heard of two-factor — or multi-factor — authentication (2FA or MFA) as a way to add a layer of security on top of your accounts. In addition to your username and password, enabling two-factor lets you use a second form of authentication, which may block thieves from accessing your information. A second factor to show that you are you — not an intruder — could be a hardware key, a dedicated phone application, an SMS text message, or your fingerprint. With so many options, it can be hard to decide which second factor to use. That’s why we created this guide to help you make an informed choice.
I’ve spent about the last decade of my life developing tools for note taking and file management, the most important of which is an encrypted note-taking app. And when I talk to others about how their lives changed once they knew their thoughts and words were private, the response is always the same: “I feel free,” is what I hear. They talk about the subtle, but powerful, difference privacy brings you. You become accustomed to the luxury of knowing what you say will never be repeated.
In a perfect world we’d use unique passwords for every online service. But the world isn’t perfect…
Up until the last couple of decades, we had a small number of accounts and very limited connectivity which made for a pretty simple threat landscape. Your “adversaries” were those in the immediate vicinity, that is people who could gain direct physical access to the system. Over time that extended to remote users who could dial in – I mean literally dial in via phone – and that threat landscape grew. You pretty much know the story from here: more connectivity, more accounts, more threat actors and particularly in recent years, more data breaches. Suddenly, the simple premise of matching strings no longer seems like such a good idea.
In a crime case, investigators don’t have access to “the truth” — the data, if you will. All they have are clues which can be put together to make as perfect a guess as possible as to what the nature of the truth is. Metadata.
When data is encrypted, it turns into a seemingly random collection of characters, unless of course you have the decryption key! The ability to encrypt all the data on a device is now usually built-in to its operating system, meaning there is no good excuse not to protect your privacy in this manner.
This simple advice will help to protect you against hackers and government surveillance.
VPNs are absolutely a solution to policy issues, and we would be wrong to treat them differently.
Changing the nature of governance through encryption.
Why the fight for privacy matters.
With over a billion users, there’s a good chance you have friends on WhatsApp, an easy-to-use mobile messenger. With some tweaks, you can make it much more secure for routine conversations.
Well, my post [Disable Your Antivirus Software (Except Microsoft’s) – listed below] certainly got a lot of attention…
Protecting digital privacy is a job no one can do alone. While there are many steps you can take to protect your own privacy, the real protection comes when we recognize that privacy is a team sport. So as we celebrate Data Privacy Day on January 28, don’t just change your tools and behavior to protect your own privacy—encourage your friends, family, and colleagues to take action, too.
I was just reading some Tweets and an associated Hackernews thread and it reminded me that, now that I’ve left Mozilla for a while, it’s safe for me to say: antivirus software vendors are terrible; don’t buy antivirus software, and uninstall it if you already have it (except, on Windows, for Microsoft’s).
Passwords are often the only thing standing between a hacker and your online accounts. This guide helps you choose a password manager to help you create strong, unique passwords. It’s an easy way to make browsing the web easier, faster, and more secure.
It’s universally acknowledged that it’s a bad idea to store plain-text passwords. If a database containing plain-text passwords is compromised, user accounts are in immediate danger.
I want to talk about practical, everyday things that people who aren’t deeply technical can do to better protect themselves. They’re simple, mostly free and easily obtainable by everyone.
Page last updated: 9 January 2019
Download page as PDF