Staying safe on the Web - what can I do to make my browsing more secure and leach less data?

Friends and family often ask me about technologies they can use to make their lives just that little bit safer on the Web. So to save me having to answer the same questions repeatedly - I thought I would write a blog post to just highlight the tools,apps and extensions I use to make it better than just connecting to the web and hoping for the best.

• Use a VPN whenever and wherever you are. There are so many good and inexpensive examples to use these days - there is really no excuse not too. I hear good things about these ones Mozilla VPN or ExpressVPN. Make sure when choosing a VPN that the provider guarantees to not keep logs - very important. I use my own - but those should be a good ones. This will work with you PC, iPad, mobile phone. So you will be covered whenever you decide to get some free internet in a cafe  you have never been to before :-)
• Use Mozilla Firefox, Safari or Opera Browser as your main browser. I know Google Chrome offers many features, but can you honestly trust Google to not be constantly looking to take your data and use it? I certainly don't trust Chrome anymore.
• Install a good set of extensions to stop trackers and unwanted information leaching.
• Adblock Plus
• Ghostery
• uBlock Origin
• DuckDuckGo privacy essentials
• Privacy Badger
• HTTPS Everywhere

• Don't use Google as your default search engine - switch to using DuckDuckGo - it is an option on all modern browsers - just change the default. You will be amazed at how all the targeted ads suddenly stop appearing everywhere - because you will have stopped Google building a complete profile of you on the web.
• Never use Facebook or Twitter to log into another site - always select to create a new account with your email and a strong password.
• Use a password manager to ensure strong passwords on all sites you use. Three good examples are Bitwarden, Lastpass or 1Password. 
• Where sites allow it use 2FA - 2 Factor Authentication - on all sites. Not all sites do - but check and where you can implement it. There are many apps you can use , FreeOTP, YubiKey Authenticator, Protectimus Smart OTP, Lastpass Authenticator, Google Authenticator.
• Turn on Firefox browsers "DNS over HTTPS" to keep your ISP from snooping on your site visits - it's to be found in Preferences/General/Network Settings
• If you must use Facebook - I recommend you don't - then install an extension that puts it in a sandbox container - Firefox FB Container. This will reduce the amount of data you will leach from that app. 
• Talking about Firefox containers - then you can isolate all sort of other apps as well , using this add-on
  Firefox containers - Howto
  
• Also for facebook - look at this article and turn it off - How to delete Facebooks off page tracking of you web surfing.
• Always look to use an anti-virus products on your phones, tablets and computers - there are many to choose from - I use AVG.
•  Make regular backups - so if you machine does get hijacked you have always got access to you valuable files. This can be to a secure cloud storage area as well as local USB type storage disk.
  
• Glasswire is a great tool for keeping an eye on your Windows and Android machines activity and is worth installing https://www.glasswire.com/
  
• Useful YouTube video on securing Google Chrome if you must use it https://youtu.be/9lIMSzrjUrU
• Switch on DuckDuckGo anti-tracking feature on your Android phone. duckduckgo-app-tracking-tool-beta-android-users
  
• Use the DuckDuckGo Extension to Block FLoC, Google’s New Tracking Method in Chrome Stop FLOC
  
   
   
  
   

There are other add-ons to stop javascript - which can stop a lot of nasty attacks - however - it can make a huge difference to the way the web looks and feels and a lot of sites depend on it. So unless you know what you are doing , I would stay clear of that to start.

I have also just started using pi-hole, a network-wide tool to stop unwanted advertising in its tracks. I will be writing an article shortly on how to set this up on your local laptop or network server.

Here is the article on using a docker container to run pi-hole - but you can use a virtual machine or a dedicated little machine like a Raspbery-pi to achieve the same thing. It is incredible useful and effective to stop all sorts of rubbish coming into your machine and network.

Setting up Pi-hole locally using Docker

Updated: 15/7/2019 
Updated: 13/11/2019
Updated: 9/02/2020
Updated: 1/3/2020
Updated: 16/6/2020
Updated: 11/09/2020
Updated: 15/03/2021
Updated: 14/05/2021
Updated: 8/8/2022
Updated:4/12/2022

Useful reading on the Topic :

• Electronic Frontier Foundation
• Security Crash course