An Extensive guide to keeping your data safe with free, open source software, for everyday use
Written By: Adam Peach January 27.2017 12:27PM EST
It’s hard to maintain privacy online these days. Services and devices we pay hard-earned money for, are mediums of gathering information for the companies providing them. That information is then compiled and sold in bulk quantities to call centres, marketing agencies, and entities that provide analysis for various industries, or fields of study.
We pay hundreds for smart phones and computers. Software is then required, for these devices to meet our individual needs. Things like anti-virus software, or word processing software, are required to complete work tasks – or keep your computer safe. We pay for this software, while giving our personal information to the developers; rarely paying attention to their privacy policies. Therefore, when you select the box labelled “I agree to the terms and policies”, you’re passively consenting to the distribution of your information, in whichever way that particular company sees fit.
Computers and cell phones hold extremely personal information, and while passwords and 2-step authentication methods can seem inconvenient, it’s actually our perception of inconvenience. It’s convenient for our Facebook account to log in upon opening our web browser, but is that really the safest way to go?
We lock our doors when we leave our homes with a key. It can take 5-10 seconds, or more, to take them out and unlock the front door. Most don’t think of this as an inconvenience, however. It’s just the way we protect our personal belongings. So, why don’t we treat our electronic devices with the same vigilance? After all, they do hold many personal belongings, like our home.
This is a guide to demonstrate some quick and easy methods for maintaining your privacy while still being productive at work, or at home. There are many FREE programs out there which do not require your personal information. These are ad-free, open source programs which can be downloaded free-of-charge – to manage everyday tasks, such as browsing the internet, or managing personal files. These developers make money by receiving donations from users of their software. That money usually just barely covers operational costs. That being said, developers of these programs are very proud of their work, and strive to provide the public with practical computer solutions, without compromising privacy.
The guide will demonstrate some methods you can use to maintain privacy, and save a bit of money. They can be easily applied for someone brand new to encryption and open source software, as they are all very easy to use.
Nothing is really “sure-fire” in terms of being completely hidden online, however, this guide will help quite a bit – first, with a step-by-step into making your password management a little easier.
Create a Password For Your Computer Login
Probably a no-brainer, but most tend to ignore this step if using their own private computer. It just adds another key to crack, for anyone trying to access the computer. It doesn’t have to be long, but something unique – using letters AND numbers, with a combination of lower-case and CAPS. This will be one of the only two passwords you will have to manually enter when starting your computer.
KeePass is a password manager in which you store ALL of your logins, whether it be social media, email, and so on. It has a password generator built-in, allowing you to create very strong and unique passwords for any of your other accounts. Once in the password generator window, just click “Generate”. You can then copy and paste the created password to any other account you wish.
Once your login info is stored, just copy and paste it every time you log in to that account – saving you from typing, or attempting to memorize extremely long alpha-numeric passwords. You can then save all of your information as a file on your computer(the file automatically encrypts itself when saved). Every time you log on to the computer, open KeePass, then click “open” near the top of the screen, and open the saved file.
Upon installation, after launching KeePass, you will be prompted to enter a password to protect your file. Remember, this file will have ALL of your login information, for every account you are associated with . Therefore, after creating your initial password, I recommend using the password generator to create a strong key, and then copy and paste it as your new password for your file. WRITE THIS PASSWORD DOWN! This will be number two, of the only two passwords you’ll need to enter manually, in this guide.
When you turn on your computer, enter your login password. Then open your KeePass file, and enter your key. You have now unlocked your “front door”, so to speak.
Keep KeePass open and minimize the window while you use your computer. This way, when loggin into an online account, you won’t have to enter the long KeePass key again. Just maximize the window, and copy and paste desired login info as needed.
You can now remove all of your login information from your browser memory, as now you can just copy and paste it from KeePass. This is important because in the case of the computer being hacked, the hacker will not gain immediate access to online accounts, such as social media, by simply opening the browser.
KeePass can also be downloaded to your mobile phone, allowing you to copy your file to your phone VIA email or DropBox and use in the same way as described above. Remember, this is an encrypted file, therefore it is safe(safer) to share on dropbox. Otherwise, cloud storage is really not the way to go, if you care about privacy and security. USB flashdrives can hold much more data than free, or paid cloud storage, and can be attached to a key chain, for easy travel.
Available for iPhone & Android
AxCrypt is a very easy-to-use encryption software. This program, however, does require you “sign up” with your email and a password – only downfall, I guess. AxCrypt is also available as an app for mobile devices which makes it easy to log in to your account and decrypt your files from your phone. Use the password generator in KeePass to make a strong key for your AxCrypt account. When decrypting files or media, copy and paste the password from your KeePass. Use this to encrypt EVERYTHING before transferring to cloud services like DropBox, iCloud or Google Drive.
Comparing the privacy policies of Google Drive VS. DropBox, Google Drive states that your information will be shared with affiliated third parties, whereas, DropBox states it does not share information in this manner. Still, encrypting EVERYTHING before uploading to DropBox or similar services is recommended, if you care about privacy.
Take a few minutes to encrypt ALL of your documents, photos, and videos, after installing AxCrypt. When a particular file is needed, simply decrypt it for use, then encrypt it again for storage. This way, even if your device is compromised, your personal files and photos will still be protected from intruders trying to gain access or view them. AxCrypt makes this very quick and easy by allowing you to right-click on the file you wish to encrypt, and click “encrypt” – done.
Anti-virus software can get expensive. Not to mention, the cost of giving up personal information to developers. “Big-name” anti-virus software requires yearly paid subscriptions, whereas, free, open source programs exist which do the same job at similar, or better quality. Expensive anti-virus software also has a bad tendency to slow down your computer, due to using a lot of RAM in the backround. Most open source software does not slow down your computer like this. ClamWin is exactly that, and does not require giving up any personal information. Just download, and start using it. It’s also very popular and considered one of the best open source anti-virus programs, in various forums on the web.
FireFox is an open source browser by Mozilla. Settings can be configured to increase privacy on the web, such as deleting cookies, or login information. Various add-ons are also available to prevent web trackers from harvesting data such as which news article you’re reading, or which Youtube video you’re watching. To improve security while browsing just download FireFox, then go to “settings” and then “add-ons”. There, you can download AdBlock Plus and Ghostery. Ghostery is great because it shows you which trackers are active on the page you are currently browsing, while blocking them. It also provides detailed info about each tracker, and their affiliations.
Tor browser is a great open source option for privacy. The Tor network was created by the US Navy for anonymous web browsing. It’s now being run by a non-profit organization, made up of internet privacy advocates. Tor works similar to a VPN, bouncing your internet traffic around the world before reaching it’s destination – effectively making it harder for a spectator to determine where your traffic is coming from. Tor browser is more secure than FireFox, albeit a little slower in performance. However, the slower performance is only due to the process Tor follows to make users “less-visible” on the web. The Tor browser was actually built from FireFox. It should be noted that downloading and uploading “torrents” is not welcome on the Tor browser, as it can slow down the whole network for other users. Use this for browsing, not downloading torrents. Using Tor in combination with a VPN will get you about as close to “hidden” as you can get, while browsing.
iOS: Onion Browser
Also by Mozilla, ThunderBird works just like Outlook Express. You can manage multiple email accounts in one platform, and also has a built in calendar and task list. Add-ons are available for ThunderBird as well, such as EnigMail – a built-in PGP tool for encrypting email. It is important to use a master password, when using an email client like ThunderBird. Without a master key, an intruder could gain access to all of your email accounts, simply by opening ThunderBird. This can be done in the “options” menu. Generate a new password in KeePass, save it, then copy and paste as your master password for ThunderBird.
PGP (pretty good privacy) is a method of exchanging encrypted messages. It was used by Edward Snowden, when he reached out to journalist Glenn Greenwald, with his leaked NSA documents.
Malware detectors and anti-virus add-ons are also available.
An alternative, is to use a secure email provider such as ProtonMail. ProtonMail offers a fully-encrypted email service, for free, of course. However, it can not be used with an email client such as ThunderBird. You must use a browser to access it.
iOS: Not available, but there’s a similar app called TutaNota. The big difference is that you must create a new email address to use this app’s end-to-end encrypted email service.
Android: Not available, perfect equivalent is BlueMail. Works exactly like ThunderBird.
This is a stand-alone PGP tool for sending encrypted messages, similar to EnigMail. The main difference being that it is not just an add-on, but a dedicated PGP/Encryption software. It’s very basic looking and easy to use for a “newbie”.
iOS Equivalent: NONE (but you can download a free SSL certificate from Comodo, giving you encryption used with your stock email client)
Android Equivalent: OpenKeyChain
DOCUMENTS, SPREADSHEETS, PDFs, & POWERPOINT PRESENTATIONS
Office-based programs such as Microsoft Office can get quite expensive. Once again, the price also comes with giving up personal information to even more developers.
LibreOffice is almost exactly the same as Microsoft Office in that, it comes with a replacement for MS Word, Excell, Powerpoint, Paint, and a couple of other neat tools. Word files are saved by default as OpenDocument Text (.odt), which can be opened on all other popular office programs. Libre Writer (MS Word replacement), provides almost all of the same features found in MS Word or Google Docs. LibreOffice also uses much less hard drive space than MS Office – saving you valuable storage room on your computer. Oh yeah, did I mention it’s free? Although, you can also make a donation to support the developers on their website, if you like.
iOS: LibreOffice Vanilla
Android: LibreOffice Viewer
Duck Duck Go is a search engine, much like Google. However, unlike Google, it does not store search history. In FireFox, go to “settings” and change your default search engine to Duck Duck Go.
Unfortunately, there are no free VPN services recommended for maximum privacy. Pretty much all of them come with either tons of ads, or slow your bandwidth down significantly. Also, many are known to share personal information with third-parties, therefore, compromising the very privacy you were attempting to protect in the first place. This type of service is worth the small amount required to subscribe. Here are a couple of popular VPN services. Again, these are not free. However, some – like TunnelBear – offer a demo, to try their product before purchasing.
VPN Unlimited: $4.99/month
USB Flash Drives
To be blunt, if you care about privacy, stop using cloud-based storage. Go back to using USB flash drives. You can get USB sticks that have plenty of space now, for relatively cheap. Keep it in a safe place. If you’re going somewhere that you won’t need it, but may lose it – leave it somewhere safe, like at home. If you require more space than you can get on a USB stick, upgrade to a larger, external hard drive.
If using cloud-based storage to share large media files, you can compress those files or folders and send VIA email to colleagues or clients. This can be done with another open source program called 7-Zip File Manager. It does the same as WinZip, in regards to compressing and decompressing files and folders. 7-Zip also supports encryption.
Some may say there is a fine line between convenience and privacy, on the internet these days – but there’s really not. There has always been a very thick line, and by passively consenting to give away our personal information, we are helping to destroy that privacy, while companies are profiting from it. People learn about ways their privacy is being taken away, and accept it, under the idea: “well, what are we supposed to do about it, though?”. How about if we stop supporting companies that DON’T respect privacy, and start supporting companies that DO respect privacy – if we really care about our constitutional right, that is. Companies have learned over the years that in order to keep key customers, they must use encryption. Unfortunately, the largest companies are constantly offering “convenient” products and services which in actuality, undermine the privacy and security of their customers. By supporting these products, you are catering to that trend, replacing your privacy for convenience.