Help and request for it. Article about information security for ordinary users

I offer you some steps to improve security and privacy on the Internet network (and not only) for ordinary users. The rationale for why this is necessary is at the beginning of the article. For those who know everything and wonders why this text is here - please read the item "For those who already know everything." Three months ago I wrote this text, but due to my ignorance and the endless stream of news about new security threats, I was tired of redoing it, so let it remain as it was in this text).

Introduction and justification
General recommendations
Passwords and accounts
Voice assistants
SIM cards
- Additional SIM card
Check all antivirus devices
Save all data to external media / backup
Check for device updates
Remove all unnecessary from all social. networks and sites
- For Google
- For Yandex
- For Bing and MAIL.RU
- For Vkontakte
- For classmates
Remove all instant messengers from global companies
Do not use payment systems such as vk.pay, Yandex.Money and Master Card
Remove everything from the clouds
Delete all browsers except Firefox
Basic programs on Windows
Internet connection and real life and why the ad blocker is not enough
Incognito or private browsing
Buy VPN or do it yourself
Mobile phone setup
Switch to alternatives
- Search Engines
- Email, contacts, calendar
- Browsers
----- For computers
----- For Android
----- For iOS (iPhone + iPad)
- Video services
- Introduction and justification
Switch to Linux
Biometrics
Devices
- General recommendations
- Wi-Fi router
- Mobile devices
- Computers
Additional protection
What else can you do
Trends in the world
Reflections on the balance of the use of tools
Action plan
For those who already know all this
Links

Introduction and justification

As you know, 80 million Russians use the Internet. And that's not counting those who are under 16 years old. The Internet is rapidly capturing our lives. But so far, only 36% of people over 55 use the Internet. [ 1 ] [ 3 ]. The state has realized the advantage of digitalization and will act in this direction in all directions. [ 5 ] Banks (and the largest and most common banks in Russia belong to the state) are closing branches en masse [ 7 ] [ 9 ] when switching to online banks. Public services are launched in large quantities in electronic form and the EPS EPS is created - state e-mail (the so-called e-mail). [ 11 ] [ 13 page 23]. All stores are required to send sales data directly to the tax [ 15 ]. Now even electronic correspondence between organizations is equal in status to official correspondence and can be used in court. [ 17 ] [ 19 ] Now not a single service, not a single service can be obtained if you have not specified a mobile phone number and an electronic postal address. All wages are transferred to bank cards [ 21 ]. It has not yet been established by law, but state employees are gradually and inexorably transferred to MIR cards, pensioners (in terms of pensions) should also be transferred to cards by 2020. This is beneficial to organizations (of course, those that work in white) and they use all their forces to transfer everyone to cards. Pressed the button - the money is listed. No collection, no safes, no signatures, you can reduce the accountant-cashier. I repeat - this is not yet fully enshrined in law. There was an attempt to pass a law in which any purchase above 600 thousand rubles can only be made on the card, with a gradual decrease to 300 thousand rubles. This law has so far been postponed. [ 23 ].

But the Internet is not only state services (or obligations). A huge number of commercial sites, programs and mobile applications are used by citizens. In a large city, very few people will catch a taxi from their hands (well, if only this is not a familiar taxi driver who runs from the subway to the house). If earlier payment by cards was a novelty for cashiers, but after that, bank cards entered the masses - cashiers quickly got used to it, and if you were paying with coins - they looked at you as an enemy of the people, because they had to recount all this. When contactless payments appeared (PayPass from Mastercard and PayWave from VISA), everyone was afraid and called it terrible Wi-Fi, which irradiates and because of which someone can withdraw all the money from you, “by accident or on purpose” leaning against the crowd on the street. But after a time when everyone is used to it, if you don’t attach a card, cashiers look with displeasure, now they have to take the card in your hands and insert it into your receiver, wait for the response from the terminal and see if the card works .
')
To go somewhere you must first go to the Internet and see the time of the institution and reviews. If you are a motorist - navigator on the phone. Announcer - hung a note, took a picture on a mobile phone and sent it to the customer. Homeless - it does not mean that technology is not available to you [ 25 ]. All photos from a mobile machine fall into the cloud, music - a subscription to iTunes, Google music or Yandex Music. Sync everything and everyone. Buy a ticket, find information for a report at the school, check the balance on the organization’s account, find out the address of the nearest shaping club, find stocks for a beer in a bar, see the weather forecast, find out the score of the Rubin-CSKA match, find out whether a child can have a rash from new washing powder, take photos of your plumber to your friend so that you have to go under the sink and where it flows, find where the rubble is cheaper to improve the entrance to the house, order a walk-around tractor in the online store to play FIFA (soccer) game on the game bet with friends - all on the Internet. There was a situation when the young and middle generation use the Internet to the fullest, the older generation is slowly pulling up. But digitalization goes much faster than we manage to learn new things and learn. After raising the retirement age, most older people will have to work. If you don’t bother with your computer literacy now, it will be hard to go on. This fact is already understood by some and they are trying to improve computer literacy. But there are many who do not understand at all that in the near future ignorance of the technology of using the Internet will come up sideways. Half of my familiar people can easily press the buttons on the iPhone, but they do not understand anything more in computers. They can not install the program on the computer, type on the keyboard with the speed of the cochlea. The state practically in no way contributes to the computer literacy of the population (and the Internet, as a separate sub-sector). Schools teach only how to convert a number from binary to decimal in a notebook. And at best, if they give the task to write a small program that will multiply your two numbers and give the result. There are no advanced training courses in this field.

In my opinion, a situation has arisen when a large number of people begin to understand the need to use computer technology; someone from their friends tells them something with fragmentary knowledge. So it turns out that people who are not particularly literate in information technologies teach those who do not understand this at all.

In this article I would like to pay attention primarily to information security and privacy. There are many convenient, so to say interesting programs and services - but they are not safe, and people basically start (and end) familiarity with computer technologies for the sake of these programs, and these programs are usually poorly protected or use the credulity of people themselves. Accordingly, in my opinion it is necessary to begin with the basics of security.

To understand the principles of security, you must first understand who, why, and for what reason makes it possible to use their programs, services and sites.

How much money do sites and programs live on? To make the site you need developers, servers, and all this costs money. The question is where do sites take this money? Answer:

1. Someone makes the site for their money for the sake of interest (hobby). There are very few such sites and the sites themselves are small for some narrow purposes. For example, the site is a club for hunting carp.
2. The site sells something. Products, services, intellectual property
   (for example, pay to watch a movie, download a book, read an economic report about an industry)
3. Advertising. For example ALL free major sites and programs that you use, live by advertising. They collect ALL the information about you in ALL possible ways and then offer sites that sell something (from point 2) to post an advertisement for you. For example, you searched Google or Yandex for information on “where to buy a washing machine.” Search engines know that you are for example in Kaliningrad. What kind of seller of washing machines from Kaliningrad pays search engines, for example, 20 rubles, so that an advertisement may appear to someone who needs a washing machine in his city. And when you are looking for a washing machine, the first lines in a search engine - this will be the advertisement of such sellers of washing machines. Not only that, search engines enter into contracts with various sites (for example, forums, websites with news and others) and when you go to other sites, you will be shown advertising washing machines. If you click on the link with this advertisement, 20 rubles will be debited from the seller’s account, search engines will take 17 rubles and 3 rubles will go to the owner of the site that placed the advertisement (for example, news). If you click on the advertising link in the search engine itself, the search engine will take all the 20 rubles.
4. Fraud. There are a lot of options. For example, pay money to see naked Alla Pugacheva and Galkina. You will pay, and firstly no one will show you anything, and secondly they will also withdraw all the money that you had on the card. If you are offered to install a program to watch a movie on the Internet - 100% is a virus that will either steal all your data from a computer, or encrypt all your photos and require you to pay money to decrypt photos, or hide and wait for the next time you try that or pay online and steal your bank card details. And they will withdraw money somewhere in Bermuda and no one will return the money to you. There are viruses that do all of the above and take the money and blackmail them to delete your data and so on. Very fond of fraudsters who have fallen into a difficult situation. For example, you are very sick and some sites offer you a miracle remedy for only 5 thousand rubles. If scammers find out that you have, for example, heart problems, then on such sites they will write to you that they have a remedy for your illness and will lure you money. Maybe even send you by mail aspirin in a beautiful package with a beautiful name. But when you understand, it will be very late. This is a very short list of examples, there are a lot of options. And the most important thing is that the more fraudsters know about you, the easier it is for them to deceive you.

Almost all such sites are trying to collect as much information about you as possible. Well, except for those sites that people make only for themselves and their friends for their money. Everyone else wants to make money from you. Even the seller of washing machines, wants to know about you as much as possible. If he finds out that you earn a lot (and search engines can tell him about it, because before searching for where to buy a washing machine, you could look for tours to Italy), then this seller will try to sell the washing machine more expensive, with all sorts of beautiful blinking buttons that you really do not need and will still swear that the rest of the washers are bad, but this one is good. And this may not be true, but he needs to sell at a higher price. Search engines also need as much information about you as possible in order to later sell the information to the seller of the erasers. About scammers already mentioned.

The most important thing - everyone is trying to find out about you as much information as possible in any way . They want to know where you live, how much you earn, what your phone number is, how old you are, what hobby you have, where you work, what you want to buy, what you like. And they have the most obscene ways. Sites remember EVERYTHING you write, ask, publish. Social networks already know who your friends are, where you live, where you work. But beyond that, they read your correspondence (scan). Smartphones constantly eavesdrop on you and scan what you say. And this is not only when you are talking on the phone - it can be permanent. Programs on your phone (not just Google) constantly track where you are, which store you’ve logged in to, and so on. Even if you turned off geolocation on your phone. They have a million ways to figure out where you were.

There are techniques on which sites can determine who you specifically and what your phone number. Do not believe? There are companies that can put such a tracker on the site for money. For example, here is one company on the site tracker-online dot ru. Just do not go to this site from your computer. You can try to access this site only through the Tor browser (it will be written about it later).

At first glance - well, what's wrong with that? Well, let them know.

First of all , they collect ALL information about you. This is no longer allowed. It is not known how in the future they will use this data. But now they dispose of this data is often not intended.

If you use Google Chrome browser, then this browser remembers ALL sites you visited, from which computers, from which area, up to the apartment number. If you are looking for information in the Google search engine, then Google remembers everything you write in the search box (so that you can give out advertising). In fact, if you use the Google Chrome browser, and are looking for something in the Yandex search engine, then Google, in addition to Yandex, still knows what you are looking for. And the very same thing is the other way around - if you use a browser from Yandex, then Yandex will know EVERYTHING that you did in this browser, even if you were looking for an unknown little search engine at all. In the middle of 2018, it turned out that Yandex knows the links to half-hidden documents in Google Docs (Drive), and he could only find them out if Yandex reads ALL of what you are doing in the Yandex Browser. The same with all other browsers owned by commercial companies [ 27 ] And most importantly, these companies do not hide it. Google remembers where you go with your smartphone, even if you turned off geolocation on an Android smartphone [ 29 ]. Only does it not on GPS satellites, but on cell towers. Google remembers your contacts in the phone, to whom and which SMS you wrote, which photos you took (with accurate recognition of all faces, all car numbers, where and when the photo was taken, even in which direction the phone was directed when you took the photo ). Google reads and analyzes all your mail correspondence. On this occasion, there was even a scandal, Google then said that it would stop doing it, then they said that they would not do this for 3 years, and then they would again. Now it turned out that your correspondence can be read not only by their computers automatically, but also by people !!!, and which do not work in Google, but work in another company, which Google paid for. around the world. Google remembers and analyzes all your voice requests like “Okay, Google”. There is evidence that Google listens to you very often when there is a phone nearby, even when it is just lying on the table. [ 33 ] [ 35 ] Do you think why in newer phones (and in some computers) they insert chips for artificial intelligence? Do you think your phone will become smarter and help you? In fact, these chips recognize voice very well and do not greatly reduce the battery charge. Now companies can not listen to the phone around the clock, because the battery sits down very quickly and users get nervous. But with such chips they will be able to do it (listen around the clock) without attracting attention to themselves. Of course, chips for artificial intelligence can be used for other purposes, for example, quickly make your teeth white in a photo. Or recognize people in videos and photos quickly and without much energy, and by the way, I am sure that this will also be used to spy on you. ALL companies try to do this. Google made its DNS server (a server that helps you understand where exactly the servers of those sites are on the Internet where you want to go) and if you set their DNS type 8.8.8.8 to your router, then they will know which sites you visit, even if you don't use anything else from Google at all. Yandex collects data in the same way as Google, plus Yandex also has Yandex Money and Yandex tries to find out where and how you pay for what. Similar to Yahoo, Mail.ru, Rambler and so on. Microsoft collects your data through Windows 10 and via Skype, through Excel and Word (Office 365) and through its search engine Bing. From July 1, 2017 in Russia, banks, payment systems and online cash desk operators exchange information not only where and how much you spent, but also what you bought ! [ 37 ] Facebook is trying to access the list of banking operations of their users in America [ 39 ] The stores are already installing video cameras in order to identify you. [ 41 ] Even if you buy something not with a card, but with cash, they will still match your photo and the stores will know who you are and what you bought they already know . They will sell this data to other companies. For example, you bought contraceptives all the time, and then you stopped because you got pregnant - and then the store / pharmacy will analyze it and sell your data to some private clinic, which you will call for you to save for them. WhatsApp will now also begin to analyze everything that it can. WhatsApp was once an independent company, but then bought it on Facebook. And in 2017, Facebook began to test the advertising system in WhatsApp, the same as in Facebook and Instagram. To do this, Facebook lowered WhatsApp protection and began to merge data between Facebook, Instagram and WhatsApp. Jan Kum, a man who came up with WhatsApp with partners because of this, had a row with Facebook and Zuckerberg and left the company a little earlier than his contract ended. He lost $ 400 million because of his integrity. [ 43 ] His partner is $ 900 million. And all because they understand that WhatsApp will now analyze everything they can, from location, correspondence, to recording conversations, and they don’t like it.
What about the Apple company that sells iPhones, iPads and computers (Macbooks, and so on)? They claim that they collect almost nothing. But they cannot prove it. Their operating systems are closed and no one can tell whether they are not collecting data.At first they claimed that they did not collect anything, and if they were asked to send all the data that they had collected about you, they would send a small sign with the most basic data that you already indicated. [ 45] But this is at least not entirely fair. You know that there is a service like iCloud (pronounced aiklaud). So if you buy a new iPhone, then almost all the data you can transfer from their server to your new iPhone, even if the old iPhone is broken at all. That is, it means that they all lie on the servers. But Apple claims that this data is encrypted there, and they do not have access to it. But they cannot prove it. Apple also had its own advertising business, but they closed it in 2016, then reworked their system and launched it again. Now they earn “just that” $ 1 billion a year from advertising. [ 47 ] [ 49] Compared to other giants, this is very small. But they felt the taste of blood. They hurt that Google earns a lot of money mainly on advertising, although they themselves don’t even produce phones, tablets and computers, but only make an operating system. Apple is going to completely replace advertising programs on its devices and embed its advertising. And in order to show suitable advertising - they need to know about you as much as possible. There were rumors that Apple creates its search engine back in 2008 [ 51 ], then in 2015. [ 53] Then they did not succeed. But now they are selected from the other side. They make their own maps of the world, they make their voice assistant Siri on all devices, they have made their smart column, they extend the capabilities of iCloud so that you can watch your photos online. So far, Google has paid Apple 3 billion for Siri to have a search engine from Google. [ 55] It turns out that when you use Siri voice assistant and ask some questions, this data will go to Google !!! That is, Apple is already selling your data, as you are interested in for 3 billion dollars. When Apple make their search engine - then they will sell advertising and your data. The iPhone seems to be watching how strongly the access to which data the applications have. But it turned out that Apple had a secret tracking function that could only be enabled in Apple itself, the so-called god mode. And that's what it is - Apple allowed Uber to “record” your screen and your actions on the phone, even when you already closed the Uber program, hiding it from users (that is, from us). [ 57 ] [ 59] Then Apple realized it and allegedly began to curse with Uber. Think about it - for 2 years it gave the opportunity to another company to follow you (for this, even a special separate function was invented), and then it was allegedly furious. So much for Apple. So there are sins behind this company.

If you write a list of who is trying and how (and it turns out for them) to get your personal personal data, then there will be more volumes than the Great Soviet Encyclopedia.

Secondly , companies not only use the data themselves, they also trade in your data. And not only to the seller of washing machines (see the item “How much money do the websites and programs live on?” - Advertising ”). For example, Facebook sells data to other companies, electronics retailers, etc. [ 61 ], and has always done so. News from 2010 [63 ]. It was also possible to determine a person’s political views using their advertising program. [ 65] If you go to the page of some opposition channel “Rain” on Facebook, and even if you think that everything is lying there - what if you are labeled as “traitor to the motherland”, then they define you through the advertising network Facebook and they can fire you or not never give a boost. Or, for example, you have half of your friends on Facebook are in some kind of opposition political bloc, although maybe you disagree politically with them. And even if you have the setting “do not show my friend list to anyone”, then through advertising outsiders will be able to understand that either you or your friends are in opposition. Using the techniques of advertising networks, you can learn a lot about a person (and sometimes privet the extra, unfortunately).

Thirdly- companies are bad about the security of their own sites. Their sites are hacked, then they find all sorts of "holes" through which you can download your information that you left on these sites. Names, phone numbers, addresses, bank card numbers, your correspondence, your photos and so on. Even the largest companies that invest billions of dollars in their sites are constantly being pierced. The so-called leaks were from ALL large companies. Facebook in 2018 [ 67 ], in 2013 [ 69 ], in 2011 [ 71 ]. “Vkontakte” in 2018 - 400 thousand people sent correspondence [ 73 ]; in 2016, the data of 100 million users of Vkontakte that were stolen during the period 2011-2013 [ 75], in 2011 it was possible to find other people's documents [ 77 ]. Google - in their column and TV set-top box vulnerability in 2018 [ 79 ], in Google Docs in 2018 (here a joint error of Yandex and Google) [ 81 ], in Google Docs in 2009 [ 83 ], passwords in 2014 [ 85 ]. Google, compared to other companies, is serious about being hacked. But the fact that they are hard to crack does not mean that it is impossible and that Google does not sell your data on the sly. Amazon - in 2017 (but this is not only Amazon’s fault, they just provided a server and did not take care of checking for hacking) [ 87 ], their “smart” column sent a conversation of people to their friend [ 89]. And this is only about very large companies, other companies (whose users may have no less), but who don’t value their name at all, hacking happens all the time. Not only that - many people learn about hacking companies only after a few years, because such data is illegally sold to fraudsters without being advertised to the whole world (otherwise everyone would change their passwords or delete them from sites). The news now and then speak - hacking / leakage / confidential data / backdoor and so on. On the radio markets, you can buy CDs with the bases of the traffic police, passport office, mobile operators and so on. Some companies believe that leaks / hacks grow like a snowball. Someone claims that in 2017 data flowed 100 times more than in 2016. [ 91] Someone thinks that the majority (21.6%) of leaks in 2016 in Russia were from government agencies. [ 93 ] In fact, there are many more leaks, because if the site is hacked, the site itself will hide it , otherwise the reputation may fall very much, in addition to reputation - multi-million fines. Scammers who use your data will not talk about it at every corner either. Even if it turns out that the scammers have your data, they are never recognized from where they come from. The exceptions are “white” hackers who hack sites for fame, write about this to site owners and sometimes even get money from sites (the so-called bug bounty rewards).

In the fourth- Sites exchange data between each other. They have been doing this for a long time, but unofficially [ 95 ]. In 2016, large companies in Russia gave money ($ 1 million) for the development (that is, invested for a share) of a young organization that would be an intermediary in the exchange of user data between companies. [ 97 ] [ 99 ] [ 101 ]] In words, they will only check whether you have left true data about yourself when registering on any site or not. For example, your name is Ivan, on the site you will write that your name is Benjamin, but the site will at least be able to verify whether this is true. And at most - the site will give your phone number, address, TIN, passport number, and so on. And everything is legal. The largest sites make a project by which you can transfer all your data between sites [ 103 ], ostensibly to make it easier for you to leave from one site to another. In fact, all large sites do not delete your data, they only pretend that they are deleted. And if you transfer your data from Google to Facebook (photos, documents, personal data, etc.), then this data will remain forever with Google and now will also appear with Facebook, also forever.

Fifth- There are individual companies that you have never heard of and that collect data about you for sale to everyone who is willing to pay, not only to those who want to show you advertising or infect a virus. For example, there are companies that collect all data from all sites, compare them with each other, and collect a complete file on you. There are a lot of them all over the world. Here are Russian - Double Data [ 105 ], the National Bureau of Credit Histories (NBCH) [ 107 ], SocialDataHub [ 109 ], DataLytica [ 111 ], Aykumen [ 113 ] and many others. They collect data from all possible sources using all sorts of tricks, for example, in SocialDataHub in the item “About us” they openly write:

“Our service covers all social networks, forums, blogs, radio, television, media and the entire open Internet. Not a single newsletter, not a single article in a newspaper, not a single comment on Facebook, not a single post on Instagram passes by.

We also scan all open databases, hacker forums, mobile apps and more. We all know about “bots”, scoring models, data visualization and real-time analytics. ”

Let's see what they mean:

1. “Covers all social networks, forums, blogs, radio, television, media and the entire open Internet” . . , . – . ( ), , . – . , (-, , , ). – , , .
2. “ , , Facebook, Instagram.” . , Facebook, . Facebook, , . , .
3. “ , , ” . “ ” . . , , .
4. “ ” . , . “” .
5. “ «»” . , . , , (, ). – . , , – . . . , .
6. “ ” — , , .
7. “ ” — , . 5 , , 5 .

These companies do not hide all that is described in these paragraphs. Look for information, presentation, video files on the Internet by company names, if you are Thomas a non-believer. They often do not say this “head on”, but they hint at it very strongly. Because they need to sell their service as a potential buyer and they have to talk about total surveillance of people.

Where do these companies have so much money to scan the entire Internet? They are paid by their clients.
And this:

1) Banks, to understand how stable you are and whether you can give you a loan.

2) Collection agencies - if you take out a loan and don’t give it away, change the phone number, social network pages and so on - you will still be found.

2.1) If you are an acquaintance of a person who does not give a loan, they will find your phone and will call you, even if your friend did not leave your phone number and put pressure on your conscience so that you give him credit and loan penalties.

3) To all producers of goods in order to understand what is being said about their goods. They also sell data to these manufacturers so that they can make ads that interest you.

4) Tax and security services. But they do not transfer data to them, but simply set up the same systems for them as money for themselves.

5) Public people who follow their reputation.

6) Detective agencies. It is very expensive, but it is possible.

7) And many others willing to pay for this data. For example, to dampen the reputation of a competitor by finding information that his niece receives grades in school for cash, simply by searching on some site where classmates of this niece discuss it. Employers, online shopping, all-all-all with money.

If you have read all this, then you may have the question: “What’s wrong with that? I have nothing to hide, I do not do anything illegal. ”And you are very much mistaken in that you have nothing to hide . The state already knows all things about you that it wants to know. The state already knows about you more than anyone else. But now I will give examples of how not the state, but other organizations and people can use your data and why you don’t need it:

1. . - , .
2. . , , – , .
3. /-. , . . . .
4. ( ). , – . , , . – . , .[ 115 ] , . , . , , . . . , , , . . , , . ( Apple) , .
5. . – . – – . – , . , , 2 , Google , . , “ ”, . , , .
6. Scammers As already written above, there are a lot of options. Get your passport data, rewrite houses and apartments, steal money from bank cards, calculate from photos that you have expensive paintings / sets / equipment in your home - and rob you or rob you. Make out companies of one-day companies on you and launder money. They calculate what car you have and then put the same car numbers on your car of the same color, break the rules, drive at high speed, and fines come to you. Take on your loans. Find out your phone number and call all day asking to buy cosmetics, put money at a super percentage, invest in another financial pyramid such as MMM or invest hoper. Find out your social security policy number and transfer money to a dummy pension fund. And so penny pension will turn into zero from the donut. Even if you complain to the police, you most likely will not be returned the money (especially reputation if you were framed). And if they return the money, then in 10 years after 50 trips to the court and provided that they find a fraudster and he does not pay off. You can also substitute so that you yourself "go to the kolyma."
7. Employers. They wrote somewhere that you want to quit or were looking for a new job - the employer will know about it and will not give you a bonus or even try to make your life more difficult. Wrote somewhere a bad review about the employer - again the problem.

There is no need to write any specific examples from the Internet. Each of you, unfortunately, has such an example from your own life or the life of your relatives / friends / acquaintances, if you recall. There are an infinite number of examples. And most importantly, there are more and more such examples.

Remember about these cases? Seen on tv? Read on the Internet? Are you convinced?

How to protect yourself so as not to abandon technology?
Do not go back to the stone age! Agree. But technologies can, when properly applied, provide great benefits without losing safety. I will try to describe to you those methods that should not greatly reduce the usability of technologies, but will help greatly increase your security, confidentiality and privacy.

All decisions and methods are important, it is easy to get your data through some mechanisms, it is harder through others, but still these steps, which I propose, are extremely necessary . If something is not very critical - then I will write about it separately. I will try to describe so that these things can be done in stages. That is, you can increase security gradually. I may be mistaken about security in some things, but usually downward. If I say that something is unsafe, then it is unsafe and this is confirmed. But if I say something is safe, then I could be wrong. In fact, it is possible to “hack” anyone, only it is very difficult to “hack” someone. No one will pay millions for your data, just to steal your last 10 thousand rubles from you.

If I make a mistake somewhere - please write about it, just in more detail and understandable language with examples, what is a mistake, how to do it better, how to fix it. So that the reader can use it. If someone wants to add - write, only in clear language with examples. If someone writes that “all this is fiction” without evidence, then for such there are references to confirmations, and this means that this person simply works for some company that collects data. Or just not very farsighted. I ask you to bring these items to your elderly relatives, friends and acquaintances. And help them in customization. I know you will be hard, but it is necessary. Otherwise, the day will come when your relatives will come to you with a problem that has already happened and then everything will be much worse. I myself once was ashamed to turn to young people, but thank God I’m not very old yet and I managed to figure out many things, although I had considered myself advanced to the case of being hacked. Many things you can set up for relatives, and they will not need to explain everything in detail. I will try to show such techniques, such programs, which, although safe, are popular, so that if something happens, someone other than you can help your elderly relatives figure it out.

Everything that will be further proposed is absolutely legal , and very many experts, even including state ones, advise 99% of what is described below.

General recommendations

Whatever programs you install for protection, whatever devices you buy, you shouldn’t think that it will protect you 100% simply because you use these programs. Always think about what and to whom you provide. To whom do you give your phone number, full name, passport number, residential address, bank card number, list of interests and queries in a search engine. And this applies not only to the Internet, but also to ordinary life. Consider what rights the program you are installing will have, besides the possibilities. Think about why a website offers you some functions for free, pretend at whose expense a “banquet” (in 99% of cases, a banquet at the expense of selling data about you or fraud). If something is not free, then it is not a fact that it is safe.

Remember that 99.99% of sites are selling data about you in one form or another. Remember that now computers are so powerful that a lot of information about you can be collected automatically piece by piece from different sites (voice recognition, photo analysis, data mapping from different sites by name, nickname, mail, ip address and so on). Remember that now the laws very poorly protect people from the possibility of catching viruses and selling personal data, or from the consequences (money and reputation will not be returned). Sometimes the state and state-owned companies leaks themselves, and in some cases even treat them condescendingly.

There are a number of general principles that apply to any person, regardless of country of residence, model and cost of a computer / phone, earnings, and other factors:

1. Use official programs and operating systems. Do not use hacked programs. If you need Windows, then it is better to buy a license. If you download any programs from sites - then make sure you download from the official site.
2. It does not have to be paid programs. There are people who make free programs out of altruistic motives. I will write a list of such free and reliable programs later.
3. Update your operating system and programs, if possible. If the program has a vulnerability, then it should be eliminated.
4. Try to use common programs and devices. Programs and devices that many people use are usually verified by independent security experts to one degree or another.
5. Leave the data about yourself somewhere only if it is really necessary and can not do without it and only proven serious organizations . This applies not only to the Internet, but also to ordinary life. Fraudsters can collect information about you from all sources and then use it both on the Internet and outside. Especially closely follow your documents and their photos / scans .
6. Do not let anyone use your devices. If it is very necessary - try to pre-configure the device so that no one sees your data on the device.
7. Try not to use other people's devices. There may be viruses on these devices. Do not go to important sites from other places. Do not go to the site of the bank and to your main mail not from your computer / phone.
8. Set passwords and other means of protection (fingerprint, disposable SMS, confirmation on another device, special flash drive and others).
9. Do not believe the letters that you dropped a million in some kind of lottery there. If someone of your friends asks you for money through messages - call your friend personally and ask by phone, because most likely your friend has been hacked and a fraudster is writing to you on his behalf.
10. Do not put all your eggs in one basket. For example, if there is an opportunity - make several bank cards from different banks and pay on the Internet with a card on which there is not a lot of money.
11. If you have Windows - use an antivirus, at least built-in.
12. Try to visit sites that support HTTP S technology. Be sure to read how to determine in Firefox whether the site uses the HTTP S [ 117 ] (by the way, other browsers have a similar definition, so be sure to read it). In no case do not enter any of your data if the site does not work via HTTP S. You can read such sites (which are not protected), in principle, you can also watch videos on such sites. But in no case do not register on such sites, do not enter your username / password, do not enter bank card numbers, and so on. Such sites are read only. From such sites you cannot even download files. If the site is without HTTP S , then this may mean that this is not the site you wanted to access. Such a site can be “replaced” with a similar site. All serious sites work through HTTP S.
13. Do not download incomprehensible files from unknown sites and in the mail from unknown senders and do not run them on your computer. Especially this concerns “exe” and “msi” files. Also “pdf” and others are not safe. [ 119 ]
14. Think about who you are sending money on the Internet. Normal large sites offer a protection system and if you buy something on these sites and you will not send your product or send goods of poor quality - you will be able to return the money. Accordingly, do not buy products on unknown sites.
15. Different devices have different security settings. Try to learn these things in advance.
16. On different devices and programs have built-in privacy settings and the ability to track. It can be called differently - telemetry transmission, error transmission, advertising identifier transmission. Turn off all these transfers. Often, these are not real settings that give a false sense of calm, especially so that you think that everything is now set up. Google is especially bad. He constantly lies and collects everything about you, even if you are clearly told not to track you. But some programs / sites are still more honest and sometimes follow their promises, so my advice is to turn off the telemetry transmission.
17. Do not pass polls on the Internet. None Even if they promise any discounts or send money to the phone. Firstly, you will not receive this money, secondly, if you receive no more than 50 rubles, but they will know a lot about you, because they will ask you for personal information (phone or e-mail). It is better not to take surveys on the street, if they are asking for at least some personal information.
18. Do not use cashback services. There are so many conditions that you can get a maximum of 300 rubles per month, provided that you spend at least 30,000 a month through the card and only in certain stores that sell goods that are not cheaper (and often more expensive) than in other stores. Moreover, in no case do not put extensions in browsers, do not download any programs from cashback services to your phone or computer. These programs monitor you and sell your data. They earn on it. And also in the search they substitute the goods of their partner shops, which are usually more expensive than other stores.
19. If you are not a public person - do not pick up the phone from unknown numbers, especially from mobile. If you really need someone to get through to you on an important matter - he will write an SMS about who he is.

Now we will go through more specific points step by step and in more detail.

Passwords and accounts

Passwords must be fairly complex, or even difficult to say difficult-original. For all important things passwords should be at a minimum length !!! 10 (ten) characters . Normal password - from 12 characters. Good password - from 14 characters. The password must consist of small and large letters, numbers and have any signs like!, ”@, №, #,; $,%, ^,:, &,?, *, (,), _, -, = , + and so on. The password must also be original. There are no “12345678910” there, no “Servoy-Soviet-Soviet Union”, no “10 Undead”. Many recommend taking something absurd and changing it a bit. For example, when you invent a password, look around. Here we saw some thing. For example, knitting needles. Look the other way, saw wet pants in a basin. Add some numbers and signs. Or make a special mistake in the word. So you will have the password “wet4SpitsavTasike”. In no case any personal data. No “MoySinPasha1994”. No names. No dates. It's all very easy to find out about you and pick a password. Now a regular computer can pick up 100 million passwords easily per second! Therefore, a password of 9 characters long and different characters, numbers, signs, large and small, has been cracked on a modern computer for 900 with something years. It would seem a lot. But if you pay for the server, you can hack in a month. Expensive, but possible. And if you have a password of 9 characters, but there are no special characters in the password like!, ”@, №, #,; $,%, ^,:, &,?, *, (,), _, -, =, + then your password on one modern computer can be cracked in two months, and for a small money on the server in minutes. Even if he will be like this “Tv6RNi9Mt”. So make quite a long and original password of at least 10 characters, and better - from 14 characters.

Passwords on all sites must be different . If you come up with some very complicated and original password, but it will be the same for all sites, then this is very bad. Fraudsters hack only one site (or someone from the staff of this site will sell passwords) and then fraudsters will know your passwords to all sites where you registered. Many users already know that the password must be complex and original, and therefore hackers have chosen a different path. They are not breaking into your passwords, but they are breaking into some rather poor websites, which do not have much money for security, and steal your password. So this is soooo important rule - for different sites make different passwords.

Where possible, use two-factor authentication. This means that you need to enter something else besides the password. For example, the code from SMS. So now they do normal banks and rightly so. Even if someone finds out the password - without your phone he will not go to the bank site. For advanced users who do not trust SMS, there are other opportunities to make additional protection, for example, by special. a flash drive, a code from an additional device, etc.

In general, the number of passwords head swells. If you make your unique unique password for each site, then it’s impossible to remember them all. Several passwords can still be remembered. But how to remember all the others? Let's talk about it.

First, make a difficult unique original password to your main email and remember it very well. Do not use this password anywhere else . Even in a similar way. It is advisable to write on a piece of paper a hint to the password, but not the password itself. For example, if you came up with a password that is something like “wet 4”, then you can write a hint with something like this “dry” BolshayachIcholKrugu ”. And of course it is better to keep this note somewhere in the closet so as not to lose and so that no one gets a hint to your password.

Secondly, for other sites where you leave a lot of information about yourself, you also need to use a long, complex password, but you can change it a bit. Suppose you have the password “Evil77LambadaVPechi”. For different sites, you can make all sorts of increases. For example, for some VKontakte to make the password “Zl to Aya77LambadaVPechi”. For classmates “Evil I Aya77LambadaVPechi”.

But on some sites where you register to log in once and see something and where you do not leave any of your data - you can write one password that does not look like passwords for important sites.

As a result, you will have one password to the main mail, which you will not use anywhere else. You will have a second password for other sites, which you will change a little for each site. And the third password for sites to look at once (but only if you do not leave your data on these sites).

If you are an advanced user, you need to think about the password manager. This is a program that itself comes up with passwords and there are long passwords and a complete abracadabra that cannot be cracked. For each site a separate password. This program also stores these passwords. But it is necessary to deal with such programs. I hope my hands will reach and I will write a separate article on this topic. In fact, the whole world is slowly switching to two-factor authentication (password + sms code or password + fingerprint, etc., or password + confirmation on another device via the Internet) and password managers. With such programs should also be careful. You must first read what is reliable and safe. Because sometimes such programs are done by the crooks themselves. Carefully necessary. Unfortunately, that program for passwords (password manager), which I use, judging by the reviews was not very safe. I couldn’t find normal articles about normal password managers with their comparison and expert opinion. Many sites recommend KeePassXC and the Android version KeePassDroid, but I don’t know how comfortable they are.

More rules about passwords. No one speak your passwords. Do not go anywhere in your main mail, except your computer. On other people's computers there may be a bunch of viruses that steal your password. The virus may even be embedded in someone else's keyboard! If someone calls and asks for your password or writes a letter and asks for your password - this is 100% cheater. Even if he writes that he is from some serious company, even if he calls and speaks in the voice of the president, even if he introduces himself as a policeman and showed his ID, do not tell ANYONE your password. Even if someone asks for your password to check how difficult it is - DO NOT SPEAK .

Change passwords periodically. If you have a complex and unique password, if you have never entered your password on other people's computers, and you often check your computer for viruses, you can change the passwords infrequently, that is, once a year, every two years. But if you allow yourself to access websites from other computers, change passwords more often. Of course, it's easier nowhere to enter your password, except for your computer. Especially not on other people's computers with Windows. Especially somewhere in public places. No post offices, no computer clubs and other public places.

There is also such a topic for discussion as a password from a bank card. That is a pin code. Do not tell anyone. And the main thing that it was not some kind of date like 1945 or someone's birth year. Do not tell any of the outsiders your card number (which is a long one). The 3-digit code behind the card (which is the CVV) is memorized and sealed with an opaque tape, if you forget, unplug it, look it and tape it back. If you pay in stores with a card, try to pay for contactless and don’t hand your card to a cashier if they have contactless payment (99% of terminals that can accept cards can receive contactless in Russia) and your card can also pay for contactless. Often, scammers bribe cashiers and they put cameras under the cash register, and these cameras photograph the data from your card. There are still a lot of sites whereYou can buy something on the map, even without an SMS code, and scammers use these site properties.

Put passwords wherever possible. Router, computer, telephone, Wi-Fi (WI-FI). Let's take it in order.

There are two passwords on the router (this is where the Internet comes and then the Internet goes by wire or Wi-Fi file) - one to “enter settings” (administrative panel, admin panel) and WI-FI. First, change the password to enter the settings, if there is an old regular password. That is, if there is a password of something like “admin” - “admin” or “admin” - “password” or “admin” - “00000” - change it urgently. Now, many router manufacturers make a complex password right away and stick it on the bottom of the router. It is still better to change it for a password that you invent yourself. If you are at home and no one from outsiders comes to you - you can stick your password in the same way next to the old one (but do not delete the old one). Password complexity should be the same as I described above. Now about the password on WI FI. It must also be made difficultbut again, if strangers do not come to you, you can stick it on the bottom of the router, so as not to forget. Type the password, put WPA2 (until WPA3 is released) - Personal, if there is an additional field AES or TKIP - select AES.

You must also set a password on the computer. But here it is both easier and more difficult. If this is a computer in your home or a laptop, but you don’t give it to anyone and practically don’t take it anywhere (that is, they cannot steal it from you), then you can think up a password that is not very complicated. But there is one thing. If the computer is used by several people, then you need to make several accounts. Especially if one of the users is a child. In Linux, Windows, MacOS and Android, this is done differently. The one who uses Linux I think and so knows how to do it.

Let's see what needs to be done for Windows. In different versions of Windows, this is done a little differently, but the essence is the same. First make a user with administrator rights and a password. Only those who know this password will be able to install programs. Then create yourself an account with “local account” rights and put a password on it. Then make a “local account” for other family members. And now make a “local account” and name it for example “Dlya_gostya”, as you understand it from the name - for outsiders. So that they could not look at which sites you visited and could not pick up viruses. And now everyone will be able to customize folders and shortcuts on the desktop for themselves. If you want to install any program, you will have to enter the password for the administrator account.But it greatly increases the safety of viruses. How often do you install programs? Semiannually? Do not worry, you have to suffer and every six months to enter the password from the administrator account. But 95% of viruses will not be able to just set themselves up. By the way, the creation of several users may additionally take 3-5 GB on your hard disk. Consider this.

Here's how to create an entry in Windows 7 [ 123 ]
Here's how to create an entry in Windows 10 [ 125 ] [ 127 ]. No need to create a Microsoft account and enter any mail. Enough of them and so surveillance.

Similar can be done in MacOS [ 129 ] [ 131 ] [ 133 ]. Here the account types are a little different, but the main thing is to set them up so that no one else can see your data and cannot install viruses.

On Android [ 135 ] [ 137 ] [ 139 ]. It's a bit more complicated here.

First, all new phones or tablets should support this feature, but this is not always the case. Depending on the manufacturer may not be such a function. And it can be switched on differently and called differently. So look on the Internet for how it is done for your phone. If there is no such function on the Android device, do not give this device to anyone.

Secondly, on Android, such a function also “eats” the memory on the phone or tablet, and there is always not enough memory on the phone. So try when choosing a new phone just to pay, but buying a phone used formore internal memory. Even if it is possible to connect an SD memory card, it is better to buy a phone with a large internal memory. Cards are slow, break and if you pull out the card you can steal data from there.

On iOS, it is now impossible to make multiple accounts or guest mode. So do not give anyone your iPhone and iPad. If you still give the iPhone and iPad to someone, then put a separate password on important applications (iMessage and so on). Different versions of iOS do it a little differently.

Voice assistants

Disconnect or sell abroad all “smart” columns like Amazon Echo from Amazon, HomePod from Apple, Google Home from Google, Yandex.Station from Yandex and others. All these columns work only through the Internet and send all conversations to the servers of companies. In general, turn off all voice assistants on all devices. No Alice, Okay Google, Siri, Kortan and so on. Remove / disable / disable any speech recognition on your phones, computers, navigators, and so on.

If you do not agree with me about the cardinality of the measure, then I advise you not to read any further . If you do not believe that all this is unsafe and short-sighted, it means that you will take the rest of the steps into bayonets. If you ever change your mind - always happy.

If you are friends with programming, then maybe you can find the use of your “smart” column. Connect the air conditioner, TV and other equipment and will control from the phone. Just make sure that voice recording is rooted off and nothing is sent to the Internet. If you are a programmer, then maybe you can do it.

Why so dramatically? Throw / disable?

Let's explain. Speech recognition technology is 50 years old. 30 years ago, in 1987, there was already a speech recognition Julie Talking Doll. Yes, the recognition was very weak and there were few words. But it was a doll for sale. Yes, dear doll. But still the doll that recognized the voice. So that you understand now iPhone 7 is 400 times more powerful than the most powerful supercomputer of 1987, Cray-2. And that supercomputer cost 17.6 million dollars and was the size of half a room [ 141]. That is, you understand that now is not the newest smartphone more powerful than the most powerful computer of the time. And at that time, the doll could already recognize some words. Twenty years ago, it was possible to recognize words very well on a computer after a workout program. It was possible to recognize the main (2 thousand) commands on the phone a long time ago. But companies are not in a hurry, they want you to get used to the fact that supposedly voice recognition without data transfer to them on the server does not work. They are advised as psychologists - "if you are raped, relax and have fun." But Apple thought and still did some teams without the Internet [ 143 ].

Suddenly it turned out that you can recognize the voice (at least the basic commands) and without the Internet. There is only one conclusion - it is so convenient and profitable for companies to do so that they can discern the basic commands on the device. As mentioned above, Siri uses Google for any search on the Internet. So Google paid Apple $ 3 billion for Apple to use Google. That is, Google also pays for using its search engine. Why does Google pay 3 billion? Because Google will earn even more, because it will know what taste of toothpaste you like and sell this data. And even with these “smart” columns, there are always some kind of leaks to foreign sites, which was also described above in the article.

It will be possible to use voice assistants only when voice recognition will work without the Internet at all, and so that you yourself can choose which search engine questions will go to or that everything will go only through your personal server. This is not expected in the near future, so I highly recommend getting rid of voice assistants.

SIM cards

Check all your SIM cards. Find out which ones are decorated for you, which ones are decorated for others. Find out if you have any SIM cards that you have already forgotten about. Remember, maybe you once issued a SIM card for a friend / acquaintance / relative. There used to be many cases of issuing SIM cards for unsuspecting people. Now this is less, but still occurs.

The procedure for obtaining a list of SIM cards that are issued to you is not the easiest. If you have an MTS, Tele2 and SIM card for you, then you can see what other SIM cards are sent to you via the official websites. [ 145 ] [ 147] But it is better to visit some large office of the operator with a passport (if you changed your passport, then do not forget a copy of the old passport) and check with them on the spot with a request to the database. It is better, of course, to go through all the operators in large central offices where there are competent people. There used to be a problem that the bases of different regions were not synchronized and in conventional 2 by 2 meter trays it was impossible to see the data on how many and which SIM cards are issued to you from other regions. Therefore, I advise you to visit for such purposes only large central offices, as in the usual corners the guys have no experience to find out. When you make a request - insist that you be given information about SIM cards that are issued to you throughout Russia, in all regions.

After you have figured out which SIM cards are issued on you, which SIM cards are issued on others, are there any “left” SIM cards on you, then:

1. “” – . . - – . 10 , , , , . , . , . , , .
2. //. , . , , ( ), - . . – , /.
   , .
3. , , . , ( ) . , . -, (), . ( ), , ( ), - . - , , , . , . , / .

If your SIM card is framed for relatives or vice versa, and you trust each other, it is still better to re-register everything for someone who uses a SIM card. It is more comfortable. If you go on a business trip and suddenly your phone is stolen or your SIM card breaks (before the SIM card was “burning” constantly, now less often), then you can recover the SIM card quickly, because it will be issued to you. But this is up to you.

Also now, the operators were forced to block the "left" SIM cards. They can go too far and start blocking SIM cards if there is any suspicion that the card is not framed on you. If your card is not issued to you, but this card is blocked, then it will be a surprise for you. Do everything in advance.

If someone, someone else's SIM card, believes that in this way you can hide from the police - this is a profound error. Calculate you very easily. All calls, SMS, phone locations, phone IMEI - everything is recorded. And it’s better not to do anything illegal at all. A sim card registered to a stranger can only be done for pizza delivery sites, so that if fraudsters hack into the base of a cellular operator, they cannot match the real owner of a sim card.

Additional SIM card

As you can see, many people have long been concerned about the problem of telephone numbers. Now the country has about 250 million SIM cards. Although the phones in the country use a maximum of 100 million people. This is because many people have several SIM cards and they act according to the logic that one SIM card is basic and important for native and important sites such as online banks. The second SIM card for everything else. You can do that too, if finances allow to hold two SIM cards.

Generally, after you begin to follow the maximum recommendations from this article - it is better to change your main SIM card that you have today. Just do not forget to untie all sites and services from the current SIM card. Now it is possible to freeze the SIM card (the service is mainly called temporary blocking). Use this service, in case you forgot to transfer a website to a new phone number. If anything, you can restore the SIM card and rebind the site from the old number to the new one.

Check all antivirus devices

If you have a computer on Windows - check it for viruses using the built-in antivirus Windows Defender (or Windows Defender) in the full scan mode. If he finds viruses - delete files with viruses in the same antivirus, he should ask himself what to do with these files. If you do not have another antivirus on your computer, then install a good free antivirus, here's an article where there is a list of antiviruses and there are including free ones [ 149 ]. I recommend checking via Kaspersky Virus Removal Tool [ 151.1 ], DrWeb CureIt [ 151.2 ] and Malwarebytes AdwCleaner [ 151.3 ]. If you are used to Kaspersky, you can install Kaspersky Free from the site [ 151.4]. By the way, if you already have some kind of antivirus on your computer, but it is not included in the list from the site [ 149 ], then this is either not an antivirus, or a bad antivirus, or a virus that disguises as an antivirus. Ask the one who installed it for you, what is this program. If you do not know where this program comes from, it is better to invite a normal specialist to check your computer for viruses. Warning: do not call for ads in newspapers or stickers in the hallways. There are mostly incompetent people, and sometimes there are scammers. Search through friends strongly verified person. Only really tested, and not just "The neighbor said that he is so good." Consider that if a specialist is expensive, it is not a fact that he is honest and responsible.
If you do not have any "left" programs, and you are confident enough user, you can try to deal with unknown programs yourself. Normal antivirus once again do a full scan. Then insert all your USB flash drives and external hard drives into the computer one by one and check everything with an antivirus. Free antiviruses may not include automatic check flash drives. Therefore, when you insert a USB flash drive, do not open it, but wait until the antivirus checks it. If the antivirus does not begin to check it itself, then open the antivirus and select the item for checking the flash drive (it may be called as “checking removable devices” or “checking external devices”). By the way, if you have ever connected your Android phone to other computers, then it is better to connect your Android phone to a computer in flash drive mode and check it too,as if he is a flash drive.

In addition to viruses, there are all sorts of other "bad things" that are not viruses directly, but these programs then install the viruses themselves. These "bad things" also need to be cleaned. In most cases, Malwarebytes AdwCleaner is enough. It can be downloaded from the official developer site [ 153 ]. Choose there exactly “Malwarebytes AdwCleaner”. If you want to check everything even deeper - read the article [ 155 ].

If you have a phone on Android - check it for antivirus, too, with the help of some antivirus [ 157]. Again, there is Kaspersky Mobile Antivirus antivirus (it just has Russian and its items are named as understood by Russian speakers. And yes, I know that Kaspersky easily sends everything to the police, but I would be more afraid not of the police, but of fraudsters). After checking, remove all viruses and unwanted programs from your phone. If you no longer install incomprehensible applications on your phone, you can remove the antivirus. By the way, if you have some kind of Chinese phone, antivirus will be able to detect some viruses, but it will not be able to delete it! Because these viruses were originally sewn into the phone. Chinese phones this sin greatly. If you have found a virus on your phone, but it is not deleted and you do not know what to do, then contact a specialist. Proven specialist.But he will have to spend on eliminating a lot of time (at least a whole working day). Moreover, it may even be necessary to reset all data from the phone and install another firmware. So save in advance photos and other important data from phone to computer.

Check all devices at home with all relatives.

If you have Linux, then 99% percent you have nothing to worry about, as if you have Linux, then most likely you are aware of security.

If you have MacOS and you install everything only from official sites or from the app store, then you should not worry about viruses either. If you are still worried, then read what antiviruses are (paid) [ 159 ].

If you have a device on iOS and you have not cracked the firmware (and only the one who took the phone in his hands and only the old version of the firmware could hack), then there are no viruses.

All that is described above in this paragraph - this applies to viruses. But there are still very nasty programs that are not viruses, but trade your data. We will talk about them separately and the ways to solve this issue on each device can be very different. This is especially true of smartphones.

Save all data to external media / backup

This is the longest item in the list. Be patient.It is in your interest.

At this stage, you need to take all your necessary data and save it somewhere separately on an external hard drive (there is a huge flash drive in common people).

To do this, download all the photos that are only in the social. networks, sites, services or any programs on the phone, but which you do not have on your computer or on flash drives.

Take all your photos / video files from phones, cameras, computers, and those that you downloaded from social. networks, put them in folders and drop everything on an external hard drive. In principle, if you have a lot of space on your computer, you can also leave it on your computer. Similarly, make photos / scans of your documents, and other important files. Put the external hard drive somewhere in a dry place and where there is no other equipment (especially containing magnets). If your external hard drive is made using SSD technology - once a month, connect it to your computer for a while.

If you want to further advance in the preservation and backup of data - you should pay attention to such a thing as a NAS. Here is an article about the possibilities and advantages of NAS [ 161]. Apple product owners could hear about Apple time capsule, which simultaneously worked as a router and as external backup storage (very similar to NAS). Unfortunately, Apple has ceased to develop this area, as they hope that you will keep everything on their servers.

Check for device updates

At this stage, you are invited to update the firmware / programs on your devices (computers, phones, routers, etc.). There are many reasons to do this. Safety first. No matter how arrogant Google, Microsoft, Apple and others are, they don’t want to have other people's viruses in their programs / operating systems besides their trackers. Otherwise, people will not buy their products. Also, the fact is that they do not want to share knowledge about you with others, as they themselves want to trade this data and therefore, over and over again, they add tools to monitor the programs. Accordingly, they will still try to close the vulnerabilities in their devices and programs. There are also disadvantages in upgrading operating systems and programs. Sometimes when updating a company, they “cram” in some extras. functions that are supposedly needed for usersbut these are regular tracking systems. And sometimes something breaks at all. When updating Windows, extra programs and shortcuts are added to all sorts of voice assistants and on their curve the unsafe Internet Explorer browser.

When upgrading to a new version of Android, the same thing can happen. And in the new firmware may appear applications that are not removed. Even when updating programs in Android (and not Android itself), you can see that some programs are beginning to request additional permissions. For example, do you have any simple game on the phone. You receive a notification that you need to update it, you click update - and then you are told that this game still wants to have access to the list of calls, recording from the microphone, and so on. Why is this game? Most likely someone embedded a virus in the game or the game will collect your data for sale.
In the end, it is better to still update the devices and programs, but try to make sure that there is no extra. On Windows and Android installed additional programs and shortcuts that you do not need - remove them. When updating software, you are asked to access some functions that are not needed by these applications — do not update this program or, after updating, immediately block their access to these functions. How to do this for Android smartphones will be described below.

Update the firmware of the router. In 99% of cases, after updating the router will hang less and the probability of hacking the router will be reduced.

If you have Windows 7, do not upgrade to Windows 10 until February 2020. Windows 10 collect information about you more than anyone else.

Remove all unnecessary from all social. networks and sites

This paragraph is not fully applicable to those who are engaged in some kind of commercial activity in the social. networks or is a public face. For example, if you bake cakes to order and accept applications through the social. network, you can only leave photos of your cakes and happy faces of customers (if customers allow). Or if you are an artist / singer and post your works online.

We turn to the most fun. It is necessary to remove to the maximum all your data on all sites where you registered. In addition to deleting everything - change your data such as name, address, and so on. This does not mean that the sites actually delete all the information about you, but in this action there are two advantages:

• If your account on the site is hacked, they will be able to understand practically nothing about you.
• . , — - .

Google

There are many instructions on the Internet on how to remove all information about yourself from Google. Such a tool Google introduced after public pressure. [ 163 ] After you have deleted all the data - do not use Google services. Try to avoid them. If you really need to use Google search or Google maps - then through the Tor browser (about it later).
The most difficult thing is to refuse Google services on Android smartphones, because they are “sewn” in the system there. To do this, you must either change the phone to a button or iPhone (which is not much better), or do special manipulations with the smartphone on Android. This will be written below.

For Yandex

On the Yandex main page in the upper right corner, click “Settings” - “Portal settings”. Further, in the item “Search” - “Clear query history”.

Try not to use Yandex anymore. If you strongly need to use Yandex search or Yandex maps, then through the Tor browser (about it later).

For Bing and MAIL.RU

Instructions for Bing, MAIL.RU including Google, Yandex) [ 165 ]

For Vkontakte

Consider that for Vkontakte everything must be done manually. In no case can not download programs that supposedly should help remove / download your data from VKontakte. Only by hand. Well, or if you have special knowledge how to do it on your own, through so-called scripts. Otherwise, manually.

1. . , , , , . , , ( ), . , , — . . . , , , , , , .
2. “”, . , icq. , , , , .
3. , . 99 (, /) , . , ?
4. “”- “” , . . . . 10 , . 2015 [ 167 ][ 169 ].
5. “”- “” . , . . , .
6. “” — , , .
   ) –
   ) , –
   ) , –
   ) –
   ) –
   ) –
   ) –
   ) –
   ) – , , 30 . “ ” , , .
   ) –
   ) –
   ) –
   ) –
   ) –
   ) –
   ) –
   ) — .
   ) –
   ) +7*********** — . .
   ) –
   ) –
   ) – . .
7. , , ( ), .
8. “” — . . , 99%- .
9. In “Privacy” - “Other” - “Companies can send me messages by phone number” - None
10. In the “Privacy” - “Other” - “Profile Type” - Closed
11. Remove all your posts, which at least somehow indicate who you are in real life or which may incur someone's anger.
12. Delete all messages / correspondence, all likes, videos, documents, links, everything you can reach.
13. Change your name on VKontakte to something like “Funny,” “Working” and so on.
14. Remove from all "doubtful" groups, and it is better in general from all groups.

It must be deleted! all sensitive data. Just hiding from others or simply deleting a page in a contact might not work .

For classmates

Everything is similar to Vkontakte, only there, in order to close the profile from all but your friends, you also have to pay.

For all other soc. networks do the same. Facebook, Odnoklassniki, My Circle, Google+ and others. Photos in all social networks and sites should be different and should be made so that it is not clear that this is you. Surnames should also be different everywhere and it is better that these were not surnames at all, but made-up nicknames.

Admit it honestly - but do you really need all these social functions? networks? In reality, something will change if you do not post photos for everyone to see. You really expect that suddenly someone will ever write to you in the social. networks and make your life a fairy tale? To soc. network really helped just like that?

At best, they can offer you a job interview. And most likely for a not the best job, if the company could not find an employee in the usual way and began to search through the social. network.

Themselves soc. In principle, you can not delete networks, you can continue to use them to watch some videos or listen to audio recordings, and for those cases, if suddenly a friend of yours changed the phone and you need to contact him.

If you decide to write something in the social. networks - remember that everything is recorded, everything is analyzed. Be prepared to defend your position, both before whom you wrote, and in court. Remember the consequences.

Remove all instant messengers from global companies

Remove from all devices from social messengers. networks, and companies selling advertising. Delete Skype, ICQ, Facebook Messenger, VKontakte, Odnoklassniki, Samsung ChatOn, Viber, Snapchat, Google Hangouts and other messengers. They are either easy to hack, or these instant messengers read your correspondence (yes, Facebook Messenger, VKontakte, Odnoklassniki, Google Hangouts and now there will be WhatsApp) for displaying ads. Either these messengers "share" your correspondence. At the moment there is a popular messenger that is not very easy to hack (but possible) and which for nowdoes not sell your personal data - this is Telegram. This is not the best option, but less acceptable for those who so far are not ready to spend much time on ensuring maximum security and privacy. And the minus and plus of the Telegram is that it is attached to the telephone number and you can run Telegrams on several computers and smartphones. If someone does not pay the net manager in the cabin of the cellular network, they can reissue the SIM card and, via SMS, get access to the Telegram and read everything you have written before. Or just some friend will ask the phone to call for 3 minutes, quietly enter your phone number into telegrams, receive SMS with a secret number and then read your correspondence. But this can be avoided by using Telegram!

First of allset two factor authorization in the settings. In addition to the code from the SMS, it was also necessary to enter the invented password. Even if the attacker receives an SMS, he will not know the password. Secondly, get used to it and teach other interlocutors to use so-called secret chats, if you correspond with someone on sensitive topics. I advise you to set a timer to delete messages in secret chats. Third, delete and re-create regular chat rooms and groups periodically. If there is no specific information there, it is still a good idea to do it. In the fourth - do not put your photo in the Telegram. Fifth - do not specify in the settings of your e-mail. In the sixth - do not specify any "nickname." In the seventh, do not specify your real name.

Telegram blocked in Russia, but to no avail. Periodically, because of this, Telegram is not very good. If you have a VPN, then it will work fine.

But keep in mind that Telegram is not absolutely secure. Starting with the fact that they can not hack Telegram itself, and a smartphone or computer on Windows where Telegrams is installed and record what is happening on the screen. And ending with the fact that most likely the special services have access to the Telegram. But for me the main thing is that Telegram does not sell correspondence to companies that sell data.

In any case, Telegram is safer than other popular ones.messengers. As for the messenger, Telegram has other projects as well (its own electronic currency, document repository). I do not advise you to use them until a long time has passed and the experts do not confirm the security of their e-currency and document storage.

Transfer all relatives to this messenger (if they sit on other types of Skype, ICQ, Facebook Messenger, VKontakte, Odnoklassniki, Samsung ChatOn, Viber, Snapchat, Google Hangouts and others).

In any case, you need to be careful. And if you ever hear from specialists (and not from sofa experts) that Telegram sold to someone else - delete all the chats, and then the account and the program itself.

In addition to the Telegram, there are other secure messengers. Just in case, try them beforehand. For example, Signal, Tox, Matrix Riot, Jitsi, Conversation Legacy. Some are very easy to learn for young people, some require adjustment. If you are afraid that these messengers will ever sell your correspondence, you can make your own XMPP (Jabber) server with encryption. But this is not so easy to do, all the more so that this server could not be hacked by fraudsters. If you strongly need - it is better to contact the experts.

Do not use payment systems such as vk.pay, Yandex.Money and Master Card

Do not use any payment systems or bank cards that belong to companies that sell personal data. This mainly concerns vk.pay and Yandex.Money. In addition to the state, your shopping list will be familiar to another half of Russia. As it has already been indicated, in Russia it is quite officially trading in the data of someone-where-when-bought. [ 171] That is, think about it - in Russia they officially buy information about what you bought where and when. This became clear because Tinkov began to give a partial refund for the purchase of certain goods (cashback for certain goods). So it makes no sense to open it. But since other banks do not have such a wide bet on cashback, so you might think that other banks and payment systems do not trade data about purchases. You are mistaken. They link a bunch of data about you and sell to other companies. Here is an investigation, which also describes about banks [ 173 ].
It also became known that Master Card is selling data to Google — data about purchases! [ 175] Now they are justified, they say that they did not transmit data on specific buyers, but only the total amount of sales of a particular product. Then the question is why the deal is secret. Google has repeatedly lied to the world. If possible, make yourself another card in which only the MIR system will be. The fact is that in Russia all data passes through the MIR system anyway, even if you have a Master Card or Visa. So if you want Google not to know all your purchases, make one of the cards where only the MIR system will be.

Facebook is also trying to obtain data on purchases, but the deal failed because it turned out that they had recently recently leaked data [ 177 ].

To be honest, there is almost no information on all cases of sales of data on people's purchases. Your purchase data is selling and trying to hide it. I could not find detailed sources of information about this. Therefore, to give any really reliable recommendations on how to ensure that your purchase data does not sell - I can not. Follow the news, ask the banks whether they sell data, share the results of investigations.

The only thing I can definitely advise is: do not buy “controversial” goods with a bank card, but buy for paper cash. No card purchases in sex shops, no expensive purchases through a bank card (robbers or villains scammers can figure out that you bought something new).

And in principle, it will be right to buy less card in stores, as the stores then sell the data who bought what, as well as find out users' habits and raise prices for things that people cannot do on the basis of all this data.

Soon, in all major stores at the box office, video cameras will be installed at every step and they will recognize your face and all your actions. [ 179] At the same time they say that they will not store your data. Why then recognize the face? And they will recognize by checking with what? So they will have somewhere a list of people with names and they will compare them. If you see that the cameras are aimed at the person in the store, and not just take off the sales area - do not go to such a store and demand that the already captured video be removed from you. And even if for the time being they recognize a person just to find out their age, then these companies will not be worth anything to “stick” to recognizing who exactly bought the products with the full file per person.

If you pay on the Internet, it’s better to use virtual cards. This is when the principal amount is stored on the main card, and the virtual card stores exactly as much as you want. By the way, when paying with a card on the Internet, you can not write your full name in the fields in the fields of the first and last name. You can only affix the first letter of the name and the first letter of the last name.

Remove everything from the clouds

Remove everything from the "clouds" in the same way social. networks. There are other sites that are not social. networks, but store your data. For example, Yandex.Disk, Google Drive, Microsoft OneDrive, Dropbox and others. It is better to remove everything from the clouds. Or store there only encrypted files. You can download files from there, archive them with a password (complicated) and put them in the “cloud” back in the archive. This is inconvenient, because in order to see something every time, you need to download, unzip, find the file you need and then use it. For the advanced there is a more convenient thing - it’s a combination of Veracript and Dropbox at the same time. Either other paid solutions or make the server yourself (Owncloud, Nextcloud and other tools).
Or you can buy your NAS and buy home fast internet, and all files from your smartphone / computer can be automatically dropped there.

Setting up such things (Veracript, Nextcloud or NAS) for a non-programmer will be relatively difficult and will have to ask someone of your friends.

This is especially true of photo documents. IN NO EVENT, do not store photos / scans of your documents in the clear somewhere in the cloud . Do not use any applications that are supposedly created for storing documents (this applies including Telegram Passport, Vkarmane and others).

In any case, it will be better if you do not save on the internal memory when buying a computer, laptop or smartphone. And not only external media (USB external hard drive or SD card for Android), but the internal memory, so that there are fewer reasons to use the “cloud”. The problem with the clouds is that those companies that provide the cloud know everything about you, and also that if the attackers break into your cloud, they will have full access to all your data.

Delete all browsers except Firefox

If you have a computer on Windows, Linix or MacOS, you need to make sure that you use only Mozilla Firefox browser . All other browsers are either unsafe themselves, or they sell data to large companies about which sites you visit, which bookmarks you have, which add-ons you have installed, what you write. In fact, even Firefox gave Google data about installed add-ons. [ 181 ] This is of course very small compared to other browsers, but still a precedent. So far, Firefox is the most honest of popular browsers.

Install Firefox, but only from the official website www.mozilla.org/ru/firefox [ 183]. No builds from Yandex, MAIL.RU and others. Even if you want to use Yandex (which I do not advise), then download Firefox early only from the official site www.mozilla.org/ru/firefox [ 183 ]. When you install Firefox, be careful and uncheck the installation of any add-ons / searches / programs / extensions. Mozilla, the company that releases Firefox, is a non-profit and lives mainly with donations. But this money is not enough and they take a denyuzhku so that when installing any other programs or search engines are offered. The main thing is not to miss this moment and remove the "left" ticks.

If you already have Firefox, you need to check whether you have the official version of Firefox. Click the menu button, then “Help”, then “About Firefox”. First, there should be the latest version, the number of which you can see on the site ru.wikipedia.org/wiki/Mozilla_Firefoxon the right in the “latest version” line, or the program should offer to upgrade to this latest version. If the version is not the latest and you are not offered to upgrade (despite the fact that the Internet works for you), then close and re-open Firefox. If after this manipulation you are still not offered to upgrade, then you do not have the official version of Firefox (most likely with viruses). If it says something like this is a build from Yandex, then this is obviously not the official Firefox. We'll have to remove this program and download from the official site. When deleting, if you are asked to “delete including user data”, select “yes”. If, after reinstalling Firefox, there is still an inscription that it is a build from Yandex (or from another company), then ask an IT professional friend to figure it out.

Unofficial Firefox is very bad. At a minimum, the data about who you are and what sites you go are transmitted somewhere. As a maximum - complete surveillance of the theft of passwords and bank card numbers.

So, after you have installed the official Mozilla Firefox.

The first step is to install extensions, they are add-ons, they are add-ons, they are extensions, they are add-ons. Need HTTPS Everywhere , uBlock Origin and NoScript (either uMatrix or PrivacyBadger). Install them only through the official app store (just called “store”, all for free) through the menu, “Add-ons”, “Extensions” and somewhere on the top right you can find these apps in the search. Please note that the search may seem in addition to these extensions some other. Do not install others! Normal extensions have a rating of at least 4 stars, they have many installations and they are called exactly as written by me. Other similar do not install.

1. HTTPS Everywhere does not require configuration. This application allows you to automatically switch from insecure “http” to more secure “https” if the site supports “https”. Choose an extension with more than 4 million installations from the organization EFF Technologists
2. uBlock Origin – . , “ Origin ”. uBlock Origin . uBlock Origin . . “”, “uBlock – Experimental”, “ ” , “RUS:”. – , “”, “ ”, “”.
   
   . , 90%- ( ), “”. – , . . . “ ” “!!!, ... ” — , . , – , , . .
   
   () , . . , “” .
   
   , . . ( , , , ), , . – 250 . , . .
   
   “” , , . , ( ) , . 100% – . , , , “” . - uBlock Origin – , .
   
   , 4 . Raymond Hill.
3. NoScript (or called NoScript Security Suite ) is a very interesting extension. It allows you to block site routines (yes, sites can have programs — scripts are called). Now the overwhelming majority of sites operate using such subroutines (scripts). And some of these routines are harmless, and sometimes even necessary. For example, on the site some buttons, search, pictures may not work if scripts are disabled. But most of these scripts (routines) are advertising, tracking, viruses, miners (getters), cryptocurrencies, etc. Therefore, this application must have and be able to customize . You can go two ways. It is better to block all scripts on sites via the “Forbid Scripts Globally (advised)” button. And then if something is not working on the site, then gradually turn on the scripts on each site in turn and see what happens. According to the description you may find it boring. But I would not say that. Visit some popular news site like vesti. And look at what scripts with what names are trying to run - you have eyes on your forehead. 90% ov is tracking. Do not be lazy, try this extension . You see, if the site has 5 trackers, it means that you are tracked by 5 separate companies. Just experiment. Any names like ad, score, adfox, target, counter, top, analytics, pixel, counter are all tracking. There can be 5,10,20 and even 30 tracker trackers on one site. And this concerns not only explicit trackers. Why on the news sites embedded scripts from facebook, google, yandex? I assure you, if everything that was written before this did not convince you, then having looked with your own eyes exactly how and how many companies are tracking you - you will believe me .
   
   Unfortunately, for the most recent version of NoScript (and the most descriptive, but a little lacking in functionality from previous versions), there are no normal instructions and detailed [explanations with the optimal tuning methodology and program logic. There are brief instructions [ 187 ] and some foreign sites, but I cannot check the adequacy of these instructions [ 189 ].
   
   For everyday use of the Internet - this extension is one of the main tools against tracking.
   
   Choose the extension, which also has more than 800 thousand installations from Giorgio Maone.
4. For experienced experienced users, some advise instead of (or additionally) NoScript to use uMatrix (from Raymond Hill ). The setting logic is very similar to NoScript, but more flexible.
5. To NoScript or uMatrix seemed incomprehensible - at first try Privacy Badger from EFF Technologists
6. Also, when you get comfortable, it is advisable to try using the Google search link fix, Decentraleyes, Cookie AutoDelete, CanvasBlocker, Mailvelope, Facebook Container and other extensions designed for security and privacy.
   
   But they are more difficult to set up and try them after you get used to the main ones. Want to move - try.

By the way, if you have a slow Internet, then uBlock Origin and NoScript (or uMatrix) reduce the amount of megabytes spent.

There are other extensions that are similar in name. But I wouldn't trust the majority. They all track you. It should be very carefully used. Let's take a look at some popular ones for example.

Adblock, Incognito Adblocker, YouTube Adblock, uBlock Adblock Plus - these are all supposedly normal ad blockers. They are either paid by some companies so that they miss some advertising (and their trackers are trackers), or they collect data about you and sell it. You can only use “uBlock Origin” from ad blockers .

Any other extensions from Yandex, Google, MAIL.RU, Microsoft and other large companies - all track you, do not install them, and if you already have them - remove.

Any extensions such as a proxy or VPN to bypass closed sites in Russia - tracking or viruses. Maybe of course some of them are honest - but we don’t know which ones are honest and which are not, and we can’t check. Everything passes through their servers and as practice has shown, they all use it.

All extensions to listen to or download music - tracking or viruses. Vkontakte media downloaders - also collect data about you.

There are of course normal extensions from other companies. But they are very few. Everyone should be carefully read about their security on different sites. It may be inconvenient to drop some useful extensions, such as a weather forecast. But it is better to bookmark the site on the bookmarks bar and one click on the bookmark to open the desired sites.

In addition to extensions, there are some more rules.

After installing the extensions in the settings:

“Main” - “Play DRM controlled content” - “no”
“Privacy and Security” - “Cookies and site data” - “Accept cookies and site data from third-party websites” - ”From visited”
“Privacy and Protection” - “Protection from Tracking” - “Always”
“Privacy and Protection” - “To transmit a“ Do not track ”signal to sites, meaning that you do not want to be tracked” - “Always”
“Privacy and Protection” - “Permissions” - see which sites have permission to use Location, Camera, Microphone, Notifications. It is advisable to remove all permissions only if you specifically did not give any site the ability to access anything, and if you understand very well why the site needs this and why it should shoot you on the camera and record from the microphone.
“Privacy and Protection” - “Block Pop-ups” - “Yes”
“Privacy and Security” - “Warn when websites try to install add-ons” - “Yes”
“Privacy and Security” - “Forbid accessibility services to access your browser” - “Yes”
“Privacy and Security” - “Firefox data collection and use” - should be prohibited everywhere.
“Privacy and Protection” - “Protection” - “Block dangerous and deceptive content” - block everything and warn everything about it.
“Search” - choose the default search engine DuckDuckGo. Yes, it is less convenient than Google or Yandex, but this search engine collects data at a minimum.

In addition, periodically, delete cookies through “Settings” - “Privacy and protection” - “Cookies and site data” - “Delete data ...” - “Delete”. It is better to do this once a week at least.

Google Chrome browser is better to delete forever. Recently, this browser besides sending everything to Google on the Internet, it also scans your files on your computer . [ 191 ] The most annoying thing is that Google started doing this without warning anyone . He just wanted to. Maybe somewhere in some news on their website in the most secluded invisible corner, they wrote that they would do it, but you should ask about such features in advance and in advance in large letters to ask permission to scan files. They do it ostensibly to protect against viruses. But why did they not immediately declare it at once? From whom such secrecy? The villains who write viruses are not stupid. Virus makers and so everyone will know in advance about all the news about antivirus software on their illegal forums. It turns out that Google hid first of all from users that it added scanning in different folders. The trust of this company is practically no one who is interested in the topic of privacy.

If (which I highly recommend), you still need Chrome - then it also has extensions like HTTPS Everywhere, uBlock Origin and ScriptSafe (analog NoScript). But I strongly advise you not to use Chrome. .

Similarly, all this applies to other browsers from Yandex, MAIL.RU and so on. Many pseudo-safe browsers are being released. 100% of them are just as bad as Google Chrome. For example, the Iron browser is supposedly safe, but the developers of this browser are in no hurry to show the inside of the browser.

There is such a browser as Chromium (the basis for Chrome) and it positions itself as a browser free of Google spying - again lies from Google [ 193 ].

Tor Browser. Using Firefox with extensions and compliance with the rules will help in everyday use to get rid of the surveillance of most companies. But the site itself and the company that provides the Internet (provider) can see which pages you go to. If at the beginning of the site is “HTTP” (without “ S ”), then this company (provider) can also see what you are doing on this site and even replace / change the page (this is especially true for PPSOs - mobile operators)! To avoid being watched by the provider, you can use the VPN toolkit, or you can use the Tor browser. Tor Browser is the same Firefox with the above extensions, only configured as much as possible to security, privacy and anonymity. First, the data (traffic) goes through several servers that only pass data, but the data between the servers is encrypted . How would it get specially a little tangled chain, and in this chain, no one can decipher the data. No one in the middle can decrypt the data. And the data is finally decrypted only when they come to your browser. It turns out like a multi-layer protection. Therefore, Tor is like an onion browser, because there are several layers of encryption between servers. And only you know which site you visit. Secondly, the browser settings are specifically set so that you practically could not be traced even to the site you visited (and not just the provider or intermediate servers). The site knows that someone has visited the site, but does not know who (unless of course you log in on the site itself and did not indicate your name). Third, every time you exit the Tor browser, it erases almost everything from itself (except for bookmarks). Also, this browser is convenient for Windows because it is installed in only one folder. Wanted - deleted the folder and everything, no one even sees the bookmarks that were in this browser. It is portable.

Due to the fact that this browser is configured for strong security, privacy and anonymity, some functions of sites (for example, video conferencing) are disabled there. But you can get information from most sites.

You can download the browser from the site [ 195 ] www.torproject.org/download/download-easy.html.en . For computers, download ONLY THIS SITE . In addition to this official, many fake sites are now divorced where it is proposed to download the Tor browser. On these (that is, unofficial) Tor sites - with viruses.

Here is an example guide on how to start using Tor [ 197 ].

Through Tor, it’s better not to download large files or watch movies. The speed of opening sites through Tor may be lower than through other browsers. Recently, the speed through Tor has significantly increased and for ordinary sites where mostly text and pictures, the speed is the same as when using a regular browser. If you need to watch some kind of video through Tor, then this is possible, just the speed may not be enough for viewing in high quality (or maybe enough).

As for Linux, it’s all the same. Remove all browsers except Firefox and Tor. If you are an advanced user, you can leave IceCat. This is the same Firefox with additional settings.

What about Android. Again all the same. The latest version of Firefox for Android is almost identical to the version for computers. Even the same extensions work. All the same principles work, except that the appearance and settings of extensions sometimes look a little different and sometimes do not adjust to the screen size. But the functionality remains the same. In the F-Droid app store, the Firefox browser is called a little differently: Fennec. Better download from F-Droid.

Also on Android smartphones have applications Tor Browser. It includes the onion Tor system.

In case some very necessary site (online bank) does not work normally via Firefox with extensions or via Tor, then it’s better to install Focus (or Klar) browser. And use Focus only to visit these sites, that is, very rarely. In general, in Firefox and Tor you can disable uBlock Origin and NoScript for certain specific sites and then these sites will work in Firefox as you need. But be careful with such sites. If the site does not work at all with the included uBlock Origin - then this is strange. Make sure the site you visited, which you wanted. If this is a bank site, check the website address, whether you entered it correctly.

Of course, besides what is described above, there is a certain set of recommendations that must be followed when using the Internet. No one can give you a specific list of what can and cannot be done, because this list would have 1 million items. Every time you need to think about what actions you take on the Internet. But there are basic rules .

• Passwords passwords passwords. Already described.
• HTTP S HTTP S and again HTTP S !!! .. In no case do not register on HTTP sites (without " S "), do not enter your username / password, do not enter bank card numbers and so on. Such sites are read only. From such sites you cannot even download files. All serious sites work through HTTPS.
• Do not share your personal data on the Internet. It means that if you write information about yourself somewhere, upload photos, leave phone numbers, addresses, then don’t be surprised then someone calls you that someone sends SMS from obscure numbers that your card is allegedly blocked, that someone then hacked your mail and so on. Give as little information as possible when registering. Do not make an email address that easily identifies your first or last name. That is, do not do mail type “vasya_pupkin1979@mail.ru”. Try on different sites to make different nicknames (the so-called nicknames). Everywhere in the settings of all sites on which you are registered, set the highest level of anonymity, that is, hide postal addresses, phone numbers, real names, and so on. On normal forums there are internal chats, and if a person wants to write to you, he will write through this chat without knowing your primary email address.
• On other people's computers and smartphones do not go to your mail, social. networks and so on. That is, do not enter any data. With other people's devices, you can only read articles. If there was a very big need to go to any site on another device, then go to the site in incognito mode and do not forget to click the “Exit” button to exit your account and close the browser. It is also better to come home to change the passwords from those sites that you logged in from someone else's computer.
• Try not to connect to Wi-Fi in public places if you do not need a VPN. This means real VPN, and not crafts in the form of extensions to the browser and so on.
• Be careful of links and files sent to you by mail, especially from an unfamiliar email address.
• Do not believe any information on websites and in e-mail that you suddenly won some money. Think - why is it all of a sudden you just won something. This is all a scam.
• Do not let strangers use your device. Especially insert any USB flash drives and install some programs.
• Try on those sites where possible, use two-factor authentication. Basically it is a password + SMS. This rule is a little contrary to the rule as little as possible to leave somewhere or your phone number, even during registration. Therefore, two-factor authentication is necessary to connect on those sites and services that are important and on which you already leave your data (for example, online bank). That is, you need to keep a balance between these rules.
• Install programs only from reliable sources. In the part of Windows - only from the official sites of the developer of the program, and only if the site works through HTTPS. Downloading anything from the site - do not be lazy to read reviews about this site.

Basic programs on Windows

In addition to browsers, there are other programs that should be changed. You should choose popular free software. Not just free (free), but free (open source). Free software (open source) is much harder to embed viruses. They will always remain free. And it is desirable to choose those programs that are both under Windows and under Linux. For example:

Archiver - 7Zip
Audio Player - Clementine
Video Players - VLC, SMPlayer
Torrent - qBittorrent
Graphics - Pinta, Krita
These programs are not just interesting, but so popular and convenient that many are already used on Windows and it will be very easy for you to switch to them.

There are other programs that are different from the usual to you, but in most cases they are not inferior in functionality to the paid ones.

Instead of Excel and Word, install LibreOffice Calc and LibreOffice Writer. Instead of Photoshop, you can use Gimp. Having become accustomed to these programs, in the future you will be able to switch to Linux, which is free and for which it is 100 times harder to get viruses, painlessly. Soon all government agencies of the Russian Federation will switch to Linux, and if you advance your hand in advance, then you will have advantages in the device to work.

Internet connection and real life and why the ad blocker is not enough

As already described - your personal data "go" on the Internet. Now the wall between the Internet and ordinary life is erased. Data from ordinary life get on the Internet. And from the Internet you can extract a lot of data about people. Therefore, we must look very carefully, not only what you leave on the Internet, but also in everyday life. Companies that previously only worked on the Internet are now advancing in all aspects of people's lives.The giants are trying to make everything around you - controlled by these companies. Phones, refrigerators (which are now also connected to the Internet), televisions, cars, watches, washing machines, all sorts of electronic assistants, bank cards, video surveillance systems, and so on. And do not think that if you put an ad blocker and you do not see ads, then you have solved the problem. Your data continues to be collected, only so far that you do not see ads. After a while, companies can come up with something new. For example, non-switchable advertising on sites. Or they will just call you every 5 minutes. Or they will constantly knock on your door. As previously described the problem is not only in advertising on sites. Therefore, if you have an ad blocker, then this is already a step forward, but this is not enough.Keep track of what data and to whom you leave also in everyday life.

Try not to show anyone your documents, account statements. Any old documents (scans, checks, extracts, warranty cards, etc.) that you no longer need before throwing away should be as personalized as possible. That is, for example, tear into small pieces or burn.

Incognito or private browsing

Many people recommend the incognito mode, or as it is also called, private browsing. Some believe that using this mode makes visiting sites absolutely safe and private. This is a very big exaggeration. First of all, sites can understand who you are indirectly as easily as you would if you didn’t go through the incognito mode and the browser manufacturers didn’t hide it. Secondly, Google, in the case of using the browser, Chrome collects everything that you do in incognito mode, although they promised not to do it (yes, again a lie from Google) [ 199 ]. But this mode is not useless . Thirdly, there can be viruses on the device from which you access websites in incognito mode, and incognito mode in this case will not help you much.

Please note that the incognito mode (or private browsing) in different browsers may work in different ways. In Chrome, usually (unless specifically stated otherwise) installed extensions do not work. In Firefox - work. This needs to be taken into account.

If you went to the site in incognito mode (private browsing), after exiting it (ie closing all windows with incognito mode) in the browser itself there is no data in the browser that you went to these sites and you’ll exit all sites you visited in incognito mode. That is, the incognito mode helps because if someone uses the browser after you, he will not be able to see which sites you have visited and will not be able to go to these sites under your name (unless of course you have said the password beforehand).

If you really need to go to some website from someone else’s computer and log in using your account, then it is better to do it in incognito mode.

If you go somewhere on the Internet from someone else's device and there are some unknown extensions in the browser, then it is better not to go on the Internet from this computer at all.

Buy VPN or do it yourself

About VPN. VPN is essentially a tunnel from the device to a server. That is, it turns out that you do not directly download from the site or upload to the site, and bypass through the hook. And this very hook is encrypted. The primary use for an ordinary VPN user is security. Since the workaround (hook) is encrypted, an additional level of protection is added. VPN is always desirable to include when you connect to someone else's Internet (via Wi Fi or via wire). And you can always use VPN at all, if the speed of the Internet permits and the speed of the VPN itself. VPN will add security to you, but will not add significant privacy if you do not use additional techniques (correct browser extensions, periodically deleting cookies, dropping advertising identifiers, and so on). For example,if you log into your account (that is, log in) to at least one popular Russian site without the necessary extensions in the browser via VPN - firstly this site itself will know that you are by definition, so also connected trackers will pass you to other sites, which you will attend. VPN is not a panacea (although it can be very useful) and in this case it will not help in terms of privacy.

Also, VPN can be used for such cases as failure of sites to serve the inhabitants of Russia. For example, online cinema does not work for residents of Russia - you can go through a VPN, the server of which is located in the country where the online cinema does not refuse to be serviced and thus the online cinema will think that you are not in Russia, but in another country. You can watch movies there.

Do not use free VPN. Such VPNs live by the fact that they themselves sell data about which sites you visited. That is what you wanted to avoid - and you will fall for it.

Paid VPNs are also unscrupulous. They take money from you and sell information about you.

It is necessary to select a VPN from a well-known company. For example, Proton VPN [ 201]. It’s not necessary to choose this VPN, but it’s very difficult to track which VPN doesn’t sin by data trading itself. Therefore, if you buy someone's VPN - it is only from very well-known companies and after you read the information about their reliability.

The best (cheap and private) way is to make a VPN yourself. There are many different instructions on the Internet, the main thing is to look at these instructions on reliable popular sites. And read the comments. If the instruction is incorrect, then somebody will write about it in the comments and write why it is incorrect. Read better instructions newer. Instructions from 2016 may be outdated (although the general principles there must be followed and you can read it for self-education). In fact, now you can make yourself a VPN yourself in a day, if you are not enemies with a computer. You can ask for help someone who understands and whom you trust. So it will be faster and less likely to make mistakes.

Mobile phone setup

All Android . Among smartphones with Android things are worst. Google is following you and most of the programs you have installed. And you cannot avoid this by 100%, unless you are a programmer who does not make the firmware for the phone himself. But you can severely limit surveillance. It is impossible in one paragraph to unequivocally tell exactly how to set up a specific Android smartphone to the maximum level of security, because:

• There are a lot of smartphones on Android, each manufacturer installs some kind of non-removable surveillance software, and often viruses [ 203 ].
• Each manufacturer can make its own firmware, in which the possibilities for application restrictions and security settings may differ.
• Even if the smartphone has the functionality of fine-tuning restrictions for individual programs, such settings may not work correctly or the program will malfunction (or not work at all).

But there are a number of recommendations that will help reduce the number of vulnerabilities:

1. , . -, . . – (Yandex , 4pda, XDA, ixbt). : «» ( ) – . , ( ), -.
   
   “” (, ). , .
2. “” , “”. . , , . “”, ( Facebook), . Android , ( ).
3. () (Google Play) F-Droid. . Google Play, F-Droid. . Google Play ( ), F-Droid.
4. , – . , .
5. . Facebook . – , . Android “”.[ 205 ]
6. . , . . , . .
7. Android . , . , . , , , -, , , . .
   
   Google “” Google [ 207 ]. [ 209 ]. [ 211 ]. [ 213]. How it is implemented on other firmware - look on the Internet.

As described above - use VPN, secure messengers. Use the Firefox (Fennec) and Tor browsers, put the password on the phone and so on.
Disable geolocation, Wi-Fi and bluetooth when you are not using them. They track your location. Google has left the opportunity for itself to periodically turn on Wi-Fi, GPS and Bluetooth to track your location. This can also be partially disabled - look for something like “Search for WiFi networks” in the settings
Use internal firewalls (Internet access limiters) and ad blockers like NetGuard, Blokada, AdAway, DNS66. All these programs are in F-Droid. They are all similar in work principles. I would advise you to deal with NetGuard - there are flexible settings for limiting applications as you like (Wi-Fi, cellular, roaming, maximally saving megabytes of Internet), as well as the version of this program downloaded from F- Droid has the ability to download lists to block ads (in bowsers and in other applications, such as games). Orbot can also be used partially in a simplified form for blocking. Orbot is a Tor explorer for browsers and other programs that are not able to launch the Tor network.Most of these programs either use the functionality of the VPN program (although they don’t actually use someone else’s server), or require special root unlocking (root). So if you use NetGuard firewall, then you will not be able to connect to this VPN.
Replace all standard applications with analogues from F-Droid. Replace the keyboard, viewers (PDF, pictures, video), navigator, instead of Youtube - NewPipe and so on.

For advanced users:

All of the above severely limits you from being watched by most companies other than Google and very tricky applications that can bypass the restrictions. If you need a smartphone on Android and you want to limit the surveillance of you through a smartphone on Android to the maximum, then buy a phone for which there is an official firmware LineageOS (formerly CyanogenOS) from the site download.lineageos.org [ 215], reflash on LineageOS and configure so as not to use Google services at all. In this firmware, there is a “Security Mode”, which allows you to issue permissions to applications in a very subtle and detailed way and at any time to see which applications have requested or requested what data. If you have such firmware and access is very limited, then in principle it will be possible to install other applications from giants.

If you have a phone that does not support LineageOS, then try to search at least a pure Android firmware on your smartphone - AOSP. With proper skill, you can bring it to a state of minimal risk of leakage of your data.

Windows Phone. These are smartphones that “abandoned” Microsoft and other developers, but if you have one, you can still take some steps for security and privacy.

1. Password, VPN (note that not all versions of VPN are supported by such phones), protected messenger, do not trust websites without HTTPS.
2. Normal browsers on Windows Phone is not done. You can often reset your browser data (cookies, browsing logs, and so on), but this is not a strong measure of tracking, although it is not useless.

There are no other recommendations, except that such a phone is better to give to someone who will use such a smartphone mainly for calls.

iOS (iPhone and iPad). These devices are initially quite secure. In addition to protection from Apple itself and partly from Google. And you can’t completely ban the collection of information about you by Apple. So far, Apple has an extensive ad network and therefore even the data that it collects, it yet does not sell, or sells, but how to "impersonal". Accordingly, such devices can be used without any special flashing.

But this does not mean that you can do anything on the phone and be sure that nothing will happen. Anyway, you need to configure it and monitor your actions, application permissions, and passwords. The logic is the same as on Android smartphones.

Article how to increase privacy on iOS [ 217 ]. Read it if you have an iPhone or iPad. In addition to these settings, there is a ban on working in the background of applications via “Settings” - “Basic” - “Content Update”. You can turn off applications for attempts to work in the background. With this setting, you need to be careful, because some applications need to work in the background for normal operation, such as instant messengers.
In addition, you need to maximize the security settings - put a complex password, unlock fingerprint, data encryption [ 219 ], do not give the device to anyone in hand.

Also connect a VPN, use a secure messenger, do not use a voice assistant (until you can do it completely without the Internet), use the “DuckDuckGo” search engine, at least use applications from Google, Yandex, MAIL.RU and other giants and limit permissions on the access of these applications. Ideally, buy a phone with a large amount of memory so that you can turn off iPhone sync with the iCloud cloud.

As for browsers. The recommendations are similar, except that Apple does not allow browsers with broad functionality to be installed on their iPhones. First, configure the standard Safari browser [ 221 ]. There is also a Firefox Focus browser, it partially blocks ads, trackers are trackers, but still privacy and anonymity are not fully respected, since your ip address for sites does not change. For sensitive issues, it is better to use the unofficial Tor browser for iOS - Onion Browser [ 223 ]. Of all the browsers on iOS with Tor support, only this browser has a developer that interacts with the official Tor developers. Official developers, of course, cannot give a 100% guarantee of Onion Browser security, but from time to time this program is checked by experts.

Switch to alternatives

As you managed to understand it is better not to use the services of Google, Amazon, Yandex, MAIL.RU, Microsoft and the like. At once I will make a reservation that from the offered part of the services are paid, but not all of them are expensive.

Let's go through the alternatives.

Search engines

Can be used:

• www.startpage.com
• duckduckgo.com
• searx.me
• www.qwant.com
• metager.de
• www.searchencrypt.com
• www.discretesearch.com
• www.oscobo.com

Yes, these search engines sometimes work worse than Google or Yandex. Also, all these search engines, which are listed above, partially work through Google and Yandex, and Google / Yandex receive information about what they are looking for, but will not be able to determine who is looking for. If you search through Tor, then tracking your interests becomes almost impossible. Teach yourself to use only search engines from the list above and preferably via Tor. In principle, through Tor you can search in Yandex and Google - but this is inconvenient and not always private, because if you enter via Tor - these sites will ask you to solve words or pictures (the so-called captcha / captcha).

Just be careful - do not install any extensions from these search engines from the list above. And when using NoScript (or uMatrix), periodically check to see if additional scripts appear on these sites on these sites. If they appear, it means that this search engine has sold out and they should not use it.

Email, Contacts, Calendar

Email, contacts and calendar are considered together, because services usually offer everything together.

• protonmail.com
• mailfence.com
• mailbox.org
• tutanota.com
• www.fastmail.com

Some of these mailers offer free use in small quantities.

Browsers

For computers

Mozilla firefox
Tor

For Android

Mozilla Firefox (Fennec)

Orbot + Tor. Now Tor on Android has been “stitched” by the orbot and most likely the Tor browser without Orbot will work for you. Soon we have to release a separate version of Tor with Orbot embedded and another version without Orbot, so that everyone chooses how to use it conveniently (sometimes a separate Orbot program is useful for passing through the Tor network not only for the Tor browser, but also for other programs).

For iOS (iPhone + iPad)

Safari is a standard browser on iOS, but it’s better to use it only with VPN (TunnelBear + BlockBear can be used).

Onion Browser is an unofficial Tor on iOS. Perhaps the official Tor on iOS will be made soon.

If you don’t trust anyone at all (TunnelBear or the developer of the unofficial Tor), then it’s better to do your VPN, also access the Tor network after the VPN and use the Firefox Focus browser.

Video services

Unfortunately, there is not yet an easy-to-use Youtube replacement (which is owned by Google). There are many sites with different directions and most of them contain English-language materials.

If you need movies, you can download free movies via torrents. Here is a list of films in the public domain [ 225 ]. These movies you can download and transfer to others for free. The torrent technology itself is absolutely legal.and even used by numerous companies. The advantage of this technology is that those who downloaded a file help others download it. That is, if you downloaded the file, then you yourself become one of the servers from which you can download the file. Therefore, the speed of downloading via torrent is usually high, as those who have downloaded it themselves help others to download. But if you downloaded a movie not from the public domain list and if you continue to distribute it (help others) via torrents (that is, continue to be one of the “servers”), then it is illegal. Just do not become a server for the distribution of "controversial" materials, even if you downloaded them. Even if you download the "controversial" materials, then stop the "distribution" as soon as you download the file, or even better, the "controversial" materials do not download at all.

In addition to movies via torrent, you can download and much more legally and for free.

There is a whole list of sites where there are only free files and which can be downloaded via torrent.

• archive.org
• www.jamendo.com/?language=ru
• www.ibiblio.org
• librivox.org
• mediahistoryproject.org
• www.publicdomaintorrents.info
• www.vuze.com/content
• bitlove.org
• vodo.net
• bt.etree.org
• academictorrents.com
• tasvideos.org

Unfortunately, most of these sites are in English only. But this does not mean that there are no files in Russian. Especially silent movies or music does not require knowledge of English.

Just be careful with what you download. If you download music, and the file extension is "exe", then this is a virus. This concerns not only torrent sites, but any sites. And it is better not to use the downloaded “hacked” programs (neither from regular sites, nor through a torrent) - they often contain a virus.

You can download movies yourself in advance and you do not need to go to Youtube for this.
If you still need to find any video on the Internet without downloading it - try to avoid Youtube, Yandex Video and other companies following you. Or watch the video on these sites via Tor.

Cards

On the computer, you can use the company website 2gis. Unfortunately there are only big cities. Or other maps, but only through the Tor browser.

On Android smartphones, I advise you to use the programs OsmAnd, Maps from the F-Droid app store. If you don’t like these cards at all, you can install Yandex Maps and prevent them from accessing SMS, microphone, contacts, reading / writing from memory or a memory card (by the way, this permission means not access to the folder with the application, but to all files) , work in the background, launch other applications, change device settings and so on. Leave only Internet access and geolocation. But note that if you previously used Yandex maps, Yandex will sooner or later compare it with your previous data, but at least it will not be able to get access to new data (for example, it will not be able to record you around the clock on a microphone).

Switch to Linux

To minimize security risks, I advise you to switch to Linux. There are practically no viruses on Linux systems, and in order to catch the virus, you will have to do a lot of incorrect operations yourself. Secondly, Linux systems are free (and free Windows are mostly virus free). Third, it is likely that soon all government agencies and state-owned companies in Russia will switch to Linux, so if you try the Linux operating system in advance, then it will be a plus for you when you apply for a job. Fourth, Linux operating systems do not collect advertising data about you.
There are many operating systems based on Linux, but the most common and popular among ordinary users are Ubuntu (and Mint ), Manjaro Linux and Fedora.

Linux systems are slightly different and a bit more complicated than Windows configuration. But after a one-time setup, everything will work. The above systems have a modern and intuitive interface and there are many instructions on the Internet for them. More precisely, there are many different interfaces, and in some cases you can choose the one that you like.

The main disadvantages of Linux are that there are no familiar special programs like Photoshop or Excel. But there are substitutions. For Photoshop - GIMP, for Excel - LibreOffice Calc. Even in Linux, few games are supported yet. Also, sometimes there are problems with installing drivers for fancy printers and clever mice (which are like a starship with 20 buttons). But these problems with using Linux every year less and less.

If you need a computer mainly for working on the Internet, watching videos and working with office documents (write a report / abstract and so on), then you will have no problems with using Linux at all, since browsers and media players in Linux are as in windows.

If you have never tried a Linux system, you can try it “inside” Windows through the VirtualBox program. Here is an example of how to install Ubuntu [ 227 ] [ 229]. For other linux systems, everything is the same. In order to succeed, it is necessary that your computer has enough RAM and memory on the hard disk. The speed of work in this case may be low, since you will have two systems working simultaneously: Windows and Linux. But at least you can try and evaluate everything except speed (and if fully installed on a computer, the speed will be the same as in Windows or even higher).

You can also try installing Linux on a USB flash drive and run from it [ 231 ] [ 233 ]. This will provide an opportunity to look in advance at whether the drivers on your computer are normally supported. That is, check whether the screen resolution is normal (the picture on the monitor is not distorted), whether the sound card works, and so on.

If you like it, you can install Linux fully on a computer or laptop. It is even possible for Windows and Linux to be installed on the computer at the same time — but to do this you need to read a lot and read carefully, it’s hard to do it yourself, it’s better to ask a programmer.

But even if on Linux there is no program you need, then in a large number of cases programs for Windows through the Wine tool can be run on Linux !!!

Biometrics

In the near future, in no case leave your prints, voice, photos, scan of the eye anywhere. Now banks are persistently offering you to submit your data. No one has yet said why this is really necessary. They say that it is easier to identify you in banks. But in the banks you can ask for a passport. What benefits promise those who have submitted their data? I see the benefit in this venture only for people with disabilities to move. Collectors and trading companies are already trying to connect to the database with your biometric data. Our state so far is not able to properly control the organizations owning our personal data. Do not rush to submit your data. Wait 5 years until it becomes clear how seriously the state is concerned with the preservation of biometric data, because they do not know how to store normal data.According to some experts, most of the leaks of personal data in our country come from government agencies.

Even if they tell you that they will not give you a loan or a bank card, do not agree. The fact that you do not hand over biometrics does not give them the right to refuse. If you have already handed over your prints - write an application for a review of the possibility of using your biometric data.

Detached is DNA decoding. If you need it for some purpose, try to do it anonymously.

Devices

In addition to software, attention must be paid to physical devices. This is in some sense the most "difficult" moment, because if the installation of the proposed programs takes only time, then the replacement of devices (if they do not fit) requires money. Here everyone decides for himself. You can resell and buy something new. You can wait for failure. You can try to offset the risks associated with the fact that the device is not safe by any methods until a new device finances.

General recommendations

• Purchase devices with a sufficient level of internal memory so that there are fewer reasons to use the “clouds”.
• Get quite modern devices that support the latest versions of operating systems, especially for mobile devices.
• «» . «» , .
• .
• , «» ( ). , . , . « ». -, « » . -, . -, (), .
  
  «» , . , . , , . , . — . - .
• If there is a financial opportunity - for different purposes, buy different devices. For example, if a Windows computer is required for work, then it would be nice to have a separate Windows computer for work only, and to have your personal data on a separate Linux computer. Or at least on different hard drives of a single Linux and Windows computer.

Wi-Fi router

Most routers are based on Linux. But many manufacturers after the release of the device cease to monitor their firmware and do not eliminate security holes or eliminate late. Buy a router that has the ability to flash on the Linux version: OpenWrt or DD-WRT . These are open firmware, which are updated in time and have the possibility of expanding the functionality and the presence of a large number of settings.

Some manufacturers of routers are smart, they take OpenWrt or DD-WRT and make their interface easier for ordinary users. This is also a good option, because due to lower costs for supporting the firmware, such manufacturers have the opportunity to release updates frequently. And even if the manufacturers abandon their router, then you will have the opportunity to flash on OpenWrt or DD-WRT with the security gaps fixed.

Just be careful when buying and check the revision.router. The same router may be called the same, but depending on the revision it may have different fillings inside. Firstly, not all revisions are successful in principle and are very “buggy”, and they should be checked at least to make sure that the router will work normally and not be buggy. Secondly, depending on the revision, the router may not support OpenWrt or DD-WRT. It is better to buy a router with flash memory (not operational, namely flash memory) of at least 8 megabytes, and preferably from 16 megabytes. And it is also necessary to read in reviews how successful the router model is, whether the router “pulls” a normal VPN (if you want to install VPN directly on the router). There are also other characteristics to which attention should be paid, but they are more concerned not with security, but with other consumer qualities of the router.
Often, the Internet provider (the company that provides you with the Internet) offers you either to buy your router, or rent it for money or give it to use for free in the event that you choose some kind of their tariff.

If you decide to use a router from an Internet provider, then weigh the pros and cons. Estimate - whether it is really profitable. If you offer a router with a proprietary firmware provider - then it is better to refuse, it is not known how many “holes” are in this router. But if you actually offer such a router for free and you decide to choose this option - try not to connect flash drives to the router (some routers can be used as an external drive-network drive), do not share network folders without a password, so if attackers take control of your a router - they will not be able to get your data from shared network folders.

Mobile devices

The most difficult item to master, since, in principle, inexpensive safe mobile devices (smartphones or tablets) are not sold on the Russian market. And the holes are now the largest in these devices. Besides the fact that the owner of the operating system (iOS or Android) knows everything about you, programs installed on the device collect all possible information about you. Security updates from viruses on Android are very rarely released, since Google, although it is developing Android, has sent the security update to direct smartphone manufacturers who don’t bother with this issue.
If you don’t get along with the equipment at all and you don’t have friends / acquaintances / children who could help with the settings of mobile devices, then it’s better to buy Apple products - iPhone, iPad, which is not the oldest model. In the current situation, this is the least of the evils for those who find it difficult to handle equipment.

For those who are willing to invest time, I would advise to pay attention to the phones with support LineageOS (formerly CyanogenOS). This firmware was originally made to keep up-to-date smartphones that manufacturers abandoned and did not update. Also one of the advantages is that it is more lightweight. Since this firmware gave an update to new versions of Android and there were no applications from Google in this firmware, those who were interested in security and privacy noticed the firmware massively. According to the latest polls, now most of those who use this firmware have chosen it not even because it eats less memory (previously it was one of the main reasons), but for the sake of security and privacy.

Choosing a smartphone with LineageOS support is not a simple matter. It is advisable to purchase a fairly modern device that has the official LineageOS firmware. Unfortunately it is impossible to give a definite answer which device is better, and a description of the factors that can be taken into account will draw on a separate article (which, most likely, I will write).

Perhaps on your current smartphone there is an official LineageOS firmware and you can install it. There are also unofficial LineageOS builds. Check the forum w3bsit3-dns.com.

If there is no LineageOS on your smartphone and you do not have the opportunity to purchase such a device, then try to use the applications only from the F-Droid application store, including the keyboard application, cameras, SMS and so on. All other applications need to be removed to the maximum or “freeze” (disable). Those that did not manage to remove / freeze - try to remove all sorts of permissions, that is, for example, disable such applications access to the Internet, the ability to autorun, the ability to work in the background, and so on.

If our device does not have LineageOS firmware, you have time and you are not “on you” with the equipment, then look for the AOSP firmware - this is the same pure Android. But you still have to clear out some of the bookmarks from Google.

The most important thing is not to buy Chinese devices with Chinese firmware, even if it is in Russian. When ordering a phone in China, firstly you can get to the fact that 4G (LTE) will not work well for you. Secondly, there will be Chinese firmware, which is even more insecure than regular Android. If there is no financial and temporary opportunity to pick up the phone on LineageOS, then try to choose a relatively popular phone with a “clean” Android. Pure Android may be less beautiful in contrast to other firmware - but there are fewer security holes and all kinds of bookmarks (pre-installed viruses).

Computers

Choose Linux computers / laptops. In this case, the problems should be a little, only if you have not some kind of specific equipment. Basically, problems can arise if you are going to make a gaming computer and you may have problems with the drivers on the video card. Usually on the Internet can be found for each component (the inside) compatibility with Linux. At the moment most hardware is supported. Many laptops are generally sold with Linux preinstalled. When choosing a laptop as in the case of WI-FI routers, specify the exact configuration of the device. This is necessary not only to understand whether there will be problems with installing Linux, but also to ensure that you are not deceived with the configuration and quality of the components.

Additional protection

If you have a device that does not support normal privacy settings, such as smart TV or Windows Phone, or you have people in your family who cannot figure out Tor, NoScript extensions, and other relatively difficult things to master, then you can:

1. put a VPN on the router and everything that will be connected to the router will go through VPN.
2. If this is your VPN, then you can still configure at least partial blocking of ads and trackers of trackers in the VPN server itself. [ 235 ]
3. If your router supports OpenWrt or DD-WRT, you can also block some advertising and most of the trackers on the router itself.
4. ( ) Pi-hole. Raspberry Pi, Linux. , , , .

By the way, in Windows and Android this can be done through the hosts file. Note that not all ads will be blocked, and not for all browsers. If you have advertising blocking on the router, and the phone is connected to the VPN (on the server of which your blocker is not configured), then you sort of slip through the router (that's what the VPN is called a tunnel), then the advertisement will not be blocked on the router.

For those who use uBlock Origin and NoScript extensions in the browser, I would still advise you to put ads and trackers trackers on the router or VPN server (if it is yours). Then the computer / smartphone will be less loaded and even if someone connects to your network, it will also be more secure.

Keep in mind that downloading Torrent through VPN is inconvenient and time consuming (VPN can slow Internet speed). And if you have a VPN on the router, then all traffic (including Torrent) will go through the VPN. Therefore, it is better to put a VPN on each individual device or make clever settings so that Torrent does not go through VPN. Well, or shell out for a powerful VPN, fast Internet and a powerful router.

Experienced users can try using QubesOS on a computer, which is geared towards using several virtual bubbles that restrict software access to data from other programs.

What else can you do

There are many other different methods, devices, settings that can help you in improving security and privacy. But they are so far either difficult for the average user, or not fully verified by security experts. For example, in addition to Tor networks, there are also I2P, JAP, ZeroNet and others. There are enough secure operating systems TAILS and Whonix with built-in Tor not only in the browser, but also on all Internet traffic. You can do any kind of trick - buy a tablet without a microphone, GPS and SIM card, and set up a VPN for it, put the Lineage OS and buy WiFi 4G modem for the Internet, and use only a push-button phone for calls. You can set up your mail server and send emails only with GPG encryption.

If the budget allows, you can have 2 phones. One will have valuable information and you will use it very carefully and do not install anything superfluous there, and a second phone for everything else, for all sorts of instagrams, games, YouTube and so on. By the way, with the help of such a scheme it is possible to enhance security gradually. That is, if you already have a phone, you can buy a second one and start adjusting it gradually, exercising and only when you reach a certain level, will you start switching to a new phone.

You can try to switch to more private social networks Mastodon and diaspora.

If you have very valuable information on a computer or phone, then pay attention to disk encryption. This is for the case of fraudsters aiming at you and can steal / take away your device.

Instead of configuring Firefox in detail, you can set yourself a 2nd Thor browser and make it work not through the Thor network, but through a regular network. That is, you will get the same Firefox, only with enhanced security settings and from it you will go to those sites that can not be accessed through the network Thor. The main thing in this scheme is not to confuse two identical browsers.

It is also necessary to follow the news and specialized publications - over time, more convenient means should appear at the same level of security. But maybe the other way around - it turns out that the current solutions are rather weak (although not useless) and will have to switch to others.

If you send advertising messages, get calls, letters, and also if from somewhere else, a third-party company has your personal data that this company should not have and you did not consent to advertising, then you can complain to Roskomnadzor with a complaint of federal violation. of the law of July 27, 2006 No. 152- “On Personal Data” . In fact, this is an effective method , because in the case of the beginning of the proceedings, the company faces a fine, and the company will spend a lot of time explaining where their data is from. In this way, you will be able to partially protect yourself from further disseminating information about you to other “offices”, and also strike a blow at the entire scheme of illegal dissemination of personal data.

Trends in the world

Do not think that the above is some kind of nonsense sick. Now a lot of people have paid attention to security and privacy issues. Around the world there is a real struggle for security and privacy, and Internet companies are opposed to this. It’s not just that in Western countries companies lose millions of dollars if they have a data leak. So in many countries, legislation on personal data is becoming tougher (although laws do not always work). Google and Yandex are trying to make such browsers in which only they can monitor users, blocking other people's viruses and ads, and leaving their own. Enthusiasts, in response, develop easily deployable personal Internet clouds instead of Google photos (and other services) that you can set up on your server not a week earlier, but a day (or even an hour,if you understand computers). There are a lot of foreign articles on the Internet as someone is trying to improve security and get rid of surveillance. Unknown patrons spend millions of dollars to create programs that increase security and privacy. There are hundreds of sites and tens of thousands of articles on the topic of "de-gluization" Apple and Google under the pressure of the public with each new update provide more and more opportunities to restrict applications to your data and control in smartphones, though so far only from other applications, and not from themselves. If you are embarrassed to tell friends and acquaintances that you are interested in improving security and privacy, because you are afraid of being obscene - show them excerpts from this article.There are links not to some unknown forums there - but to sufficiently authoritative and proven sources (even if this is news on a mossy website with yellowness - I still picked up popular sites that they wouldn’t allow themselves to lie, but could only embellish). Abroad, the fight against global surveillance is gaining momentum.

Companies, in turn, fear that information will soon leak, how much surveillance there is, and try to come up with something that will “hook” you on their services as a drug. Companies are already starting to invent something new in order to earn money, and in order to tie people to their services even more strongly, controlling all aspects of a person’s life. Raise prices for using their services for other companies in order to force out competitors and become the sole lord of your data and money (thus Yandex forced Uber to merge with Yandex in the CIS [ 237 ] [ 239 ]).
They are trying to make their own online cinema, food delivery, their warehouses for online stores, their own Internet, their cars (of course, with built-in cameras and microphones), and so on. But all these services do not replace advertising revenue, but complement. Now, in addition to money for services, they still know where you go, what you buy, what you listen, what you watch, what you eat, what you use, what you support and will try to control your every step. Unfortunately, the private life of mega-companies is getting stronger.

There are more comprehensive systems. In China, there is already a system of total surveillance and evaluation of EVERY human action, with subsequent restrictions [ 241]. If a resident of China lives in a disadvantaged area and all his friends from simple laborers, he will not have a loan or a normal job. Too often bought beer this month - they will not sell a ticket either on a plane or on a high-speed train.
But all is not so hopeless. There are serious organizations that bring up this problem. But they cannot single-handedly reverse the situation. They can not do everything for you, unfortunately. They provide security-enhancing tools — use these tools and help others figure them out.

The more we protect ourselves from surveillance by companies, the more a) we will secure ourselves now b) we will cut off the possibility of developing volumes of surveillance in the future.

Reflections on the balance of the use of tools

Unfortunately, at the moment, if you are not a programmer, it is impossible to set everything up so as to maintain a very high level of security and privacy and at the same time so that everything remains as relaxed and convenient to use as we would like.

There are things that you need to do once, and then just keep up the level. Some things require constant attention. But you can adjust everything gradually. Do not necessarily try to do everything in one day. Start with what you can do quickly and right now. For example, put complex passwords on the most important sites / devices, remove everything from social. networks, forbid Google and Yandex to save your search queries and listen to you (although they will do it all the same, but if fraudsters hack you, they will not see this data on these sites), remove the extra programs, check everything with antivirus, restrict access to programs on smartphones / tablets, change the browser to Firefox, put at least the uBlock Origin and HTTPS Everywhere extension.

If there is not a lot of time to understand difficult things - at least start trying things like the DuckDuckGo search engine, NoScript extension (or uMatrix) for Firefox, Tor browser, Signal, Tox, Matrix Riot, Jitsi, Conversation Legacy, Linux operating systems (you can try via USB flash drive without installation on the computer).

Now all these tools are greatly improved in terms of ease of use, because it is in demand around the world and programmers are not sitting idly. So try it.

If you still can not refuse completely from some services - then at least minimize the risks. Remove all unnecessary things that could harm you in the future, adjust to maximum privacy and do not install social network applications, but rather use the mobile version. If you still need social. network for your group of friends - then try to transfer all to a decentralized social network. Diaspora network. You can not completely abandon the search engines Yandex and Google in favor of Duckduckgo - at least look for most of the information through Tor. You can not abandon the “cloud” for storing files - then at least the most important documents (passport photos and so on) throw off the archive with a password. If several people use the same computer, be sure to make an account for each user without administrator rights.

There are services and sites that are hard to give up and they are really very useful. For example, sites with reviews on maps (from Google, Yandex, 2GIS). And there to leave feedback on the organization will have to go under your account. I can not discourage you from this, as it is a good thing for society. Also in the site settings where you leave a review, find the item to hide your name in the review. Note that if you leave a review, for example, at a water park in Yandex, then Yandex will know that you were there.

In general, if you put your hand in and know all the nuances, then it will not be necessary to follow all the techniques all the time and 100%. If you comply with all security conditions, do not download anything superfluous, do not use other people's devices, and others do not use your devices, then it is not necessary to change all passwords frequently. If you do not write anything on sites (just read) and periodically delete cookies or use the incognito mode, use the uBlock Origin and NoScript extensions, then it is not necessary to always use Tor. If there is any website on HTTP (without the “ S ” at the end), then in principle you can read it, just do not write anything on this site or download it from it.

Action plan

There are already some instructions on the topic of security and privacy on the Internet, but these instructions are either complex or do not take into account the fact that it is difficult for an unprepared person to understand everything, and that the most important thing is to choose where to start. I offer to your attention a procedure that has been forced by experience, which should take less time for you if you could understand it yourself. Follow the points in order of priority, and if something is not clear, look for explanations in other paragraphs of this article.

1. Check your computer with antivirus Kaspersky Virus Removal Tool, DrWeb CureIt and Malwarebytes AdwCleaner.
2. Firefox. uBlock Origin HTTPS Everywhere. — Privacy Badger, NoScript uMatrix ( ). , , — .
3. .
4. . .
5. . , ( ) — .
6. Google . - .
7. . , Windows Linux. , 7Zip, Clementine, VLC, SMPlayer, qBittorrent. Excel Word LibreOffice Calc LibreOffice Writer. , , , .
8. , , . ( NAS). . . , , .
9. . , . . , . .
10. . . , . , . Android — () F-Droid .
11. , . , e-mail. (, ) . ( ).
12. Wi-Fi, , , .
13. (, ) 2- ( +).
14. DuckDuckGo, Startpage, Searx.
15. 1) — 14) , , , , . , . , . .
    
    , . , -, . . , .
16. uMatrix — .
17. (, ) , , . ( SSD, HDD) , , . NAS — . — . «» — , .
18. — .
19. . , .
20. . , . , . — , .
21. Tor . uBlock Origin ( iPhone). . , . , . Tor (Captcha). , Google , .
22. , Tutanota ProtonMail. . .
23. . , . , . — . — - F-Droid «» . , , . — . NetGuard.
24. . . . , Telegram — . XMPP OTR. Android Conversation Legacy. (- ) , ( , OTR ). Jitsi. . , Tox, Matrix, Signal.
25. . , . , .
26. Linux . , USB VirtualBox. Linux. Ubuntu. , ( Ubuntu) Windows.
27. 16)-26) . 1)-15), , . , , . . — , .
28. , . .
    
    - , , ( ). . — , « », . . — . - , .
    
    - Firefox. Firefox ( ) .
    
    - . . , . , , .
    
    - . , Viber. (, ) . Mail.ru, Google. . , . , . , , Telegram. . . , . Viber, Whatsapp, Faebook , ( AOSP, LineageOS) . , AOSP LineageOS, , .
    
    - «» (Google Drive, Google , ) . . , ( SD ), Syncthing, . — ( ) NextCloud, , // .
    
    - , «». , — , , . , . , Whatsapp , . — , .
    
    - . - , , . . ( ), , . , , . , — )).
    
    - , , . , , (Google , ). , «» , .
29. . 27.07.2006 N 152- « ». , . . , . , , .
30. Linux ( Ubuntu) /. Linux . Windows Linux.
31. , . , .
32. LineageOS .
33. Completely discard all "foreign" sites. Fully switch to your NextCloud type clouds. Social networks - only Mastodon or diaspora.

For those who already know all this

If you have wondered - what does this article do here ? Why should I read these banal things, I will answer:

1. Conscience. I want your conscience to wake up, and if you know all of the above, why have you not yet told everyone in an understandable manner? Why is there no such kind of 200 articles on popular sites? This article does not pretend to be called the most accurate or detailed, but there is not a single article on the Russian-language Internet in which at least they tried to comprehensively describe where to start.
2. . , . . , . — .
3. . , . , ( — ), . -, . . ( ) .
4. — , .
5. . ? , ( ). , . . , .

If you notice an error somewhere, or if something is suggested that is not very safe, write in the comments. Please do this reasonably and with the indication of sources. Note that this article is not for superprogrammers, but for those who are just starting to take steps in this direction or want to strengthen their knowledge. Try to explain in plain language what and where is wrong and write how it will be correct.

I understand that many may disagree with some approaches, someone thinks that only iOS and Windows are better for an ordinary user (Android and Linux are too complicated), someone thinks some things are too cardinal, someone else thinks that this is not enough. But I am sure that you will agree that most things are useful.

There are those who will write that all this will not save from the specials. services. This article is not about the game of hide-and-seek from special services, it is about how to protect yourself from scammers and greedy companies who do not disdain to trade data about you right and left.

There are those who believe that they have nothing to fear. First is their business. Let them write an article why they have nothing to beware of and why others can also leave their data to the right and left. I do not force anyone to follow the above instructions - everything described above is confirmed by references. Let everyone decide for himself. And secondly, it seems to me that the majority of those who write that they have nothing to fear are people who are paid to write like that. I cannot provide legal evidence for this statement, but judging by the fact that all such messages are written as carbon copies and the absence of any argument, I conclude that the comments are purchased.

There are those who say that the above instructions may be somewhat insufficient. I have already indicated this. But one has to start somewhere. I tried to offer those programs that would be useful, even if a person goes further into security issues and he can push further from my recommendations. If you think that some methods are initially harmful - write about it with arguments, I myself am very interested if I made a mistake somewhere.

If you have already grasped all these basics - then help others. Especially those who do not understand the technology. Teach, argue, help, write understandable articles.
Translate friends, relatives, acquaintances into protected methods, programs and devices. I understand that it is difficult to convince someone to do something on top of those duties (work, everyday issues) that users have. People already have enough worries. I also tried to convey the basics of young advanced relatives, but I did not listen to them, until the card was not removed from the amount of almost two of my salaries. It was then that I realized how wrong I was and thought about security. Do not bring to this. But do not put pressure on people, try to argue with arguments and gradually. It is very important.If your environment is more aware, then by joint efforts we will be able to achieve progress in this area, turn the tide. Now they may laugh at you, they will say that “you see enemies everywhere,” but you yourself understand that the more opportunities in the field of high technologies, the more threats, and you shouldn’t be embarrassed about argumentation to relatives and friends. In fact, there are a lot of people who think about security and privacy in our country, just not everyone is talking about it and not everyone understands which way to go. Some simply do not have time to figure it all out, and therefore they are “brushing aside” the advice. Do not wait for gratitude, just do it and help.

Please write / do / explain in simple words.Try to limit yourself in phrases of the type - "Yes, here that all you need to raise servachek on hosting over the hill, roll linux, and install a couple of packages and everything." I understand that this is a resource for IT people, but you have to be responsible for those who tamed. We created and developed the Internet for us, and now you wonder why we are so stupid. Well, such. Please understand us.

Instead of beer or wine on saturday- make a list of all your relatives and discard this article, or your article, which you will definitely write. In addition - run the chain further, arrange a competition with familiar IT specialists not by the number of points in the counter strike, but by the number of users you have taken patronage over. If you knock out someone you know on such a competition, you should give yourself some points and brag about the result (just like in a financial pyramid you will be a diamond shareholder :)). Make it so that users do not even could and did not want to set themselves some kind of crap. If you can, ask in advance what they need and install normal programs. Navigate to the browser bookmarks links to normal sites, so they rarely had to go to the search engine until they have mastered all the basics of security.

From you, I am waiting for help on this article:

1. . , . , . , . , .
2. , . – Tor ? – . , , , . , , , , , . ( ) “ Tor”, . . , , . , . 240 , . Tor, .
3. ( ) , . . . , , , – .
4. If you yourself use any special techniques and programs - please write detailed instructions. There seem to be a lot of instructions on the Internet, but either they are outdated, or they are only for advanced specialists, or written incompletely, without explanations and arguments, or I just could not find a normal article. If I just did not find it - write in the comments a link to an adequate article with an indication of the topic.

Specificity:

• No, there was a fresh detailed article about password managers. If there is an old sensible article, and during this time, much has not changed - update the article and post it, please. Similarly, about two-factor authentication. Everywhere they just write - place, apart from the password, the code from the SMS. And what about the specials. flash drive? How to configure an uncertain user with another device by the 2nd factor?
• Linux Linux USB . Linux , 1 . 7.
• , , . ( ) “”. , , . , . , , , HTTP ( ), - ( – “ ”, “ ” ), , ! Tor, , . ( ), “ ” . – , , . , , . , .
• - – . . . , , , – ? - ? ? ? ? , .
• , , . , RefControl, Cookie AutoDelete. ?
• iOS. iOS , .
• , ? « Tor». 10 — 8 ? . uBlock Origin ( )? , . - ? . , « Tor», « Tor», « Firefox» ( ) , , , . , , (). , .
• Mozilla Firefox, Google. Mozilla. . Firefox browser.safebrowsing.enabled . , . . , , .
• , . . Be patient.If possible, flip their phones to normal firmware, install Linux for them and configure the main programs. Protect native from all there boys installing Windows with ZverCD, which together with the programs install a bunch of viruses. Install normal browsers, normal video players, normal archivers (although now they are already built into the operating systems), make a distinction between user rights, check everything for viruses, and so on and so forth.

Peace to all.

Thank you for reading to the end. I hope someone will be useful.

Links