top of page

Cyber Safety

The topic of digital security came up recently in a group chat and a surprising amount of people didn’t know about some basic protections. I’m going to write about some stuff we should all be doing just to combat the ever-increasing encroachment on our data and privacy by big businesses (and big brother). These may sound overwhelming, may sound complicated, and may sound like a waste of time but believe me – the amount of companies, third parties, and government agencies that can, will, and do access YOUR data is mind-blowing. This isn’t meant to scare you off the internet or out of your exploration of kinks because ANYONE regardless of your interests, should be taking these basic steps to protect their online privacy.

Something to know before we get started: deleting isn’t deleted. When someone mentioned that they just delete stuff it made me realize that people put way too much faith in the concept of deleting because the word “delete” is a misnomer. When you “delete” something digitally you’re not removing it from your system/device/hard drive. You’re merely telling the operating system that the space that file was taking up is now available to be written over. Until that space is written over anything there previously is still technically able to be recovered. Even a basic idiot with free or cheap hard drive recovery software can reclaim “deleted” files. When you delete you have NOT gotten rid of the actual data until it’s been written over with new files. And since we cannot tell new files where on the hard drive to install/write itself there’s no way to ever know if that space has been fully written over or still exists in some capacity. The moral of the story – don’t think deleting does anything. It “opens hard drive space” because it’s telling the system there’s room to write onto the disk but the traces of what was there are still technically there.

​

  1. Everyone, regardless of what you do, should have a VPN. But not all VPNs are the same! An alarming amount of them are based and operate out of “14 Eyes Countries.” What the fuck is that? Odds are most people have never heard this term before and it’s worth it to you to read up on it but the short version is these are 14 of the world’s biggest governments that actively have digital surveillance over their citizens (whether you know it or not) and, more alarmingly, they SHARE that data between them if needed. If a VPN company is based or their servers are based in any of those countries then that company could be compelled to hand over your customer records. Most VPNs don’t keep records regardless but even an email address could be enough to fuck you over. NordVPN is a good one outside of the 14 Eyes jurisdiction but I use SurfShark which is not only also out of 14 Eyes jurisdiction but has some awesome pricing that can’t be beat. (NOTE: The link to SurfShark is through my referral code which could mean I am given a sign-on/referral bonus if you purchase it through that link. I do NOT obtain any of your information or even know who used to my code, only that someone used it). 

  2. It is NOT complicated to set up and you do NOT need to be a tech-wiz to do it. Go to the VPN you finally decide on, pay for it, and download it to your computer AND phones!!!!! Login, connect. That’s it. The apps/programs do all the work for you. You may have to allow access the first time on a device so let it access what it has to access so it can dig into the device and protect it. But all you have to do is just pay, login, run. (If you want to be super anonymous you can usually pay with cryptocurrency). Also, having a VPN helps bypass country blocks so if you’re unable to access Netflix or other websites because your country has a restriction using a VPN will often bypass that block. Do note – many government websites will NOT allow you access or will trigger an issue if you attempt to use their sites with a VPN (so if you’re on disability, unemployment, or even just want to look up a county park or town website it will often prevent you from accessing these site so you will need to turn off the VPN or check with your VPN’s FAQ how to allow access/whitelist)

  3. What’s the point of a VPN? It just masks your business to keep it YOUR business. So, while your ISP can see you’re USING data they can no longer see WHAT data you’re accessing/transmitting. Say you downloaded a 1 gig movie from a torrent site – this is piracy and ISPs are all over this type of shit because of how common it is. If you do it without a VPN they can see what file you are downloading, where it’s being downloaded from, your computer, your location (because of the IP address of your computer), and so forth. WAYYYYYYY too much information for them to access, right? Well, a VPN masks that so the ONLY thing your ISP can see is that you downloaded 1 gig of data. They can’t tell what it was, where it was from, or even what kind of file or data it was – only that you downloaded something that used 1 gig of data to transfer to you. But even if you’re not a pirate you should have this on and running at all times because your ISP doesn’t need to know your business. They don’t need to know you logged into your personal banking information, or spend 25 hours scrolling through Facebook/social media or that you watched 100 hours of YouTube videos or streamed from Netflix. It’s YOUR privacy.

  4. A little feature that most VPNs have that most people don’t realize but is essential is called a “Kill Switch.” This is a simple button/switch that you turn on when you install so if anything ever causes the connection with the VPN to stop it will kill all connections to the internet so you’re not online unprotected. All you have to do is just stop and restart your VPN and you’re reconnected and protected.

  5. Just because you have a VPN doesn’t mean you’re entirely protected, especially if you’re using computer browsers. There’s something called DNS leak where sometimes enough data about you and your system can slip through even the best of the VPNs. Most, if not all, internet browsers can allow you to install a WebRTC leak extension to give you that extra protection. It runs with almost no system resources in the background and gives you one more step of protection. Set it once and forget it, essentially.

  6. If you have any files that you want to keep but are afraid to keep on your phone/computer there are thumb/flash drives for iPhones and androids and of course the standard ones for your computer (of course amazon has plenty of them). This could be ANY files because, remember, many countries have crazy laws where ever being gay could be a death sentence so having even the mildest gay porn could be enough to have you thrown from a roof or stoned to death so it’s not just for the crazy extreme taboo stuff. So – ANYTHING – you want to save that you may not want to be traced back to you should go on a thumb/flash drive and, of course, it should be saved to those drives DIRECTLY because – remember what I said about deleting? If you save it to the phone/computer first there are still traces of that file on those devices until/if it's ever written over. Saving directly to the thumb/flash drives means that’s the only place that data has made its mark. Because, here’s the scary part – even though you can make a hard drive or flash drive inoperable that doesn’t mean the data itself is inaccessible. Simply taking out the platters/core of the drive will give police all the access they need. Magnets? Nope. Water? Nope. Drills? Kind – it will damage the discs but the data is still technically there so a tech can access portions of the data (and how many people have a drill press readily available?) You’d think with as many hard drives as I managed to cause irreparable damage to you wouldn’t believe how sturdy they are but when you’re talking about law enforcement agencies with access to high-tech top-of-the-line gear and educational backgrounds data is relatively easy to access even if damaged. Having your files on a small device like a thumb/flash drive is your best bet because it will be a lot easier to physically destroy it. Some shredders handle such things but worst case they’re a lot easier to break open and cut, scratch, break up the insides where the data is stored (and scatter the pieces).

  7. FACTORY RESET DOES NOT DESTROY YOUR DATA – whether you’re formatting the hard drive of a computer or factory resetting your phone/tablet it does NOT mean your data is being erased. Once again, we have a fine example of why it’s soooooooo important to protect the fuck out of yourself digitally because of how hard it is to get rid of shit entirely and “without a trace.”

  8. Beware of automatic backups and the clouds. So many of our devices are pre-set to be synced across multiple platforms to allow for ease of use. While you’re enjoying that ease of use you’re also granting access to your privacy across the board at the same time. Most phones are pre-set to backup automatically to their respective cloud services. If you’re storing pictures, videos, or even text in your notes app all of that is being sent through the internet (which is available to be seen unless you have a VPN active) and stored on a server that is owned and operated by the worlds biggest companies who are a million times more dangerous than Orwell’s Big Brother when it comes to watching, listening, and monitoring everything we do. They frequently scan for illegal or suspicious content and if you’re caught with anything they deem unsavory (again, remember that varies depending on the country) you could be in for a world of hassle at the very least. Given how interconnected things like Google accounts are (amazon, YouTube, Google Home, Gmail, Google Pay, and more). If you’re thoroughly connected and Google decides you have something on their cloud drive they don’t like you’re now disconnected from almost everything in your life that has ever used that account. Same thing with iPhones or any other cloud storage option. Also, remember back in 2014 when Apple decided to go into everyone’s iCloud account and upload U2’s album that caused a major panic over how these companies can access your accounts and what is in them at any time. Yeah, just don’t put your shit on an unsecured cloud service and that means making sure your stuff is not set to backup automatically to those cloud services.

  9. Location Services & Bluetooth – almost every phone is set to have these on by default and almost every app is set to at least ask for permission to access your location, camera, mic, contacts, and so forth. DENY EVERYTHING unless it absolutely needs it for functionality (such as driving GPS app needs location service access). If you must allow an app to access ANYTHING on your phone make sure you select the “only when using” option whenever possible. Go change all your app settings RIGHT NOW and then get in the habit of denying access to all new apps and manually setting up what it can and can’t access. Also, get into the habit of turning your location and Bluetooth services off and only turning them on when you need them and then turning them off as soon as you’re done. Not only will this give you much more battery life it will also give you better protection. Even with a VPN if you have location services activated on your phone it WILL show your exact location which means you’re traceable at any time. With location services off you can set your VPN to place you anywhere in any country that they offer as a connection point (so you could live in New York but make it look like you’re IP/computer is actually in Sweden). Location, mic, camera, and similar access options are NOT restricted to just your phone – your computer’s browser will want to access this data from you, and many times you don’t even know it’s doing that. Google your browser and how to “block location access” and you’ll find a million tutorials to walk you through your specific browser and how to lockout location, mic, camera access. (For zoom users since this is now an important part of our world – you CAN “whitelist” zoom so only zoom can access your mic/camera/location if needed and everything else is still blocked).

WHAT YOU CAN/SHOULD DO:

In addition to all the things I mention above that you should be doing (or avoiding) things to consider for additional safety and security include:

  1. Use Wickr or Sessions for private and encrypted chatting. There is concern over the security of Wickr now that it was purchased by Amazon but, to date, no reports have come out about Amazon breaking the encryption coding to sneak their dirty hands into user data. If you’re unhappy with Amazon owning Wickr then try Sessions.

  2. Use Mega (app or website – mega.nz) for cloud storage options. While it’s not 100% it is secure, encrypted and they generally don’t stick their noses into people’s accounts. This doesn’t mean they won’t take action if someone reports your account but, even if that’s the case and you’re kicked from the account you’re not losing access to your whole synced life like you would if you’re booted from Google or others.

  3. If you need an email address to sign up for an account but won’t need to regularly access that account you can use 10minutemail.com so you can get an email address that will be destroyed after 10 minutes. Otherwise, if you want a secure and encrypted email address with a company that is NOT part of the 14 eyes group and you want to be able to maintain access to your mail for regular use then use Protonmail which is free (but also has paid service not that the average person needs it). Use such services whenever signing up for certain websites, services, and so forth (including when signing up for your VPN since an email address is often needed).

  4. Get in the habit of clearing cookies and website-stored data from your computer AND phone. This can sometimes be a pain in the ass as you’ll have to log back into all your sites but it’s worth it for a little peace of mind. If you don’t want to be bothered with having to log back into sites and don’t want to have to worry about clearing your cookies and browser data then use incognito/privacy/stealth browsing. Every browser, even on your phone, has this option. This isn’t an end-all-be-all safety measure but it will prevent cookies and certain data from being stored on the phone and will only remain active while you’re on the page. Once you close the privacy browsing it clears the cookies/data automatically so none of your search history and such will be stored and thus won’t “autoload” so no one can know what you’ve been searching or viewing. Any time a website pops up with cookies “accept” messages ALWAYS click “options” or whatever is similar and reject all or reject all but necessary. You really should google how to stop cookie tracing on FB and other platforms to help clear your data history and prevent them from accessing new data/history. This includes your apps too – preventing your phones from actively collecting background data about you and your usage to be shared with your apps is imperative to keeping your privacy to yourself. A nice feature right now on the apple store (not sure about google) is that every app must detail what it will access about you and your data and if they don’t have it listed they’re required to list it when providing the next app update. An alarming number of apps want to access an obscene amount of your private information for no other reason other than to sell that data elsewhere or target marketing.

  5. If you want to go the extra step use Tor Browser or, at the very least, use the Duck Duck Go browser. It’s far more private – although sometimes has more limited results.

 

This is long enough as it is and about all I can think of for the moment but if I think of anything else I’ll add updates as needed.

bottom of page