Don't put really private stuff online. At all.

Naked pictures of yourself or your spouse ? Personal embarrassments ? Dark secrets ? Something illegal ? Something embarrassing about your friends or family ? Just don't put it online, or transmit it over the internet. Maybe don't even put it on your computer or phone or camera.

Either stop using social media, or use it more carefully.

Use multiple throwaway accounts on social media where that's easy to do (mainly reddit) and people don't need to find you by your real name.

Other people are a threat to your privacy

Don't tell other people about stupid or illegal stuff you've done; maybe they'll post or WhatsApp about it, or tell someone else and then they'll post about it.

Have a friend or family member who likes to gossip about you, who betrays your trust ? Now they can do it online, to the whole world. Be careful what you tell them, online or offline. Be careful how you connect to them online, and what you expose on those connections. And you may be exposing other people to them, online.

'Privacy' is not just about your data

'Privacy' is not just about your data, it's about the data of others too.

You have lots of data about your friends and family and employer and co-workers and neighbors. Treat it carefully. Encrypt your devices. Think twice before posting about someone else, or about something you did with someone else.

Give 'them' as little data as possible

Don't fill in all of those "profile" fields. Why tell Facebook where you've worked, where you went to school, who your family members are ? Why tell LinkedIn everyone you've worked with ?

Registering for professional conferences is particularly bad; those directly give your data to all 500 vendors at the conference.

In some situations, you can give generic data instead of specifics. For example, apparently on the US Census, you can write "Adult Male" instead of giving your name.

Give them fake data

Don't give them your real birthday, or real mailing address, or real phone number. Misspell your name slightly.
[But: if Facebook or whoever later challenges you to produce real ID to verify your account, and your info doesn't match, you'll lose the account.]

Set Facebook profile fields for school, work, places lived to real, big places that have no actual connection to you. Let them sell misinformation.

Maybe have multiple people (your whole family, or half a dozen of your friends) share one social-media account (Facebook, Twitter, Pinterest, reddit). But I'm not sure what happens if the service sees one account logged in from several locations simultaneously.

Maybe you could have multiple accounts on one social-media site, and use a different account every day.

For map/GPS applications, set home and work addresses to nearby addresses, not your exact addresses.

But you can't give fake data to police or government or schools or insurance or banks. That may be illegal, or may come back to bite you later in some way.

When installing an OS, or using a brand-new PC for the first time: Give your PC a generic name such as "laptop2". Create a user account with a generic name such as "user3", instead of using your real full name. Or use your initials: "userJD". Those names will appear on networks and other places.

Your computer or browser or ISP may reveal your physical location to web sites.

Ways your location can be determined or set:
  • GPS, in smartphone.
  • Cell towers that your smartphone can see.
  • Adapters (networks) that your Wi-Fi can see.
  • Through SSID of your Wi-Fi network, if scanned by Google's "network mapping".
  • Adapters or devices that your Bluetooth can see.
  • Adapters or devices that your device can see through a mesh network.
  • Location set by the owner of the LAN's router ?
  • Location set by the ISP that connects to the router.
  • Clues set in your OS, such as system time-zone and language and country-code.
  • Location you set in your browser or other application (VoIP?) or OS.
  • Location you set in your online accounts (social media, etc).
  • Location set or known in other devices on your LAN or Bluetooth, such as TV or game consoles or car's GPS ?
  • Location set or calculated in body-devices on Bluetooth, such as watch or fitness-tracker ?
  • Location acquired from connected nearby devices not owned by you, through hookup apps ?

Naomi Brockwell video
Michael Horowitz's "A new aspect of Google's spying"

  • Operating system:

    Windows 10 gives a setting to turn off location and set a "predetermined location" to give to apps. I think you get to it through "Diagnostic Settings".
    It seems Linux does not have a similar facility.

  • Set location in your browser:

    Location Guard
    In Firefox, do about:config and look at "geo." entries. Someone says set something like:
    geo.wifi.uri = data:,{"location":{"lat": 51.50,"lng":-0.12},"accuracy":1000}
    In Chrome, maybe "Manual Geolocation" extension, or:
    "developer console / 3 dots / more tools / sensors / enter geo you want or choose from presets"

  • Smartphone:

    Android has a Settings / Security and Location / Location setting you can turn off.

    Go through app permissions and disable Location wherever possible. But I have a couple of bank or other financial apps that insist on having location turned on, I guess as part of fraud detection.
    mcastillof's "FakeTraveler" (Android only; fake GPS location)
    "Fake GPS location" app by "Lexa Tools" (Android)
    All Things Secured's "How to Fake GPS Location on your iPhone"

Test via:
IP Location
HTML5 Geolocation API
My Location
Also: type "where am i" into Google Search.

Michael Horowitz's "Location Tester"

Maybe Create fake personas (pseudonyms):
Create a fake name who lives at your real address:
  • Pick a simple, neutral name, such as "Alex Smith".

  • Create an email address that fits, such as A.Smith at gmail.

  • Get a pay-as-you-go SIM phone and use it for this person.

  • Get a virtual credit-card in their name.

  • Use one set of fake data (phone number, email address, gender, DOB, SSN, photo [not a stock photo from the internet; maybe from This Person Does Not Exist], CC number, school history, work history) for this persona, and stick with it. Write it all down, print it out for easy use.

  • Create an email address that fits, such as A.Smith at gmail.

  • Use your real postal address.

  • Subscribe to a couple of cheap or free magazine trials (Forbes, Wired) in their name, using your real postal address.

  • Subscribe the email address to a couple of newsletters, so there's activity in the account. Set the account to forward the newsletters to some other junk account, so there's outgoing traffic too.

  • Use this persona when ordering things online.

The goal of this persona is to avoid giving out your real data, and make it look like someone else is living at your address, so maybe you have moved out.

Associate your real name with lots of fake data:
  • Pick one set of fake data (phone number, postal address, email address, DOB not too far from your real DOB, SSN, school history, work history) and stick with it. Write it all down, print it out for easy use.

  • Use your real name, your real gender, your real photo.

  • For the postal address, maybe pick the address of some big hotel in the same county as your real address.

  • Maybe create a fake company ID-card with this data on it ? But there are few cases where you'd need to use it. Could be useful to hand over to a store-clerk when they demand your data, or just to help you remember your fake data.

  • Maybe create a credit card with this data on it ? But there are few cases where you'd be able to use it, since it would not be a physical card, and it would not be connected to your real postal address. The bills would be paid, so using it is not fraud, probably.

  • Create a free Wordpress blog page, giving the data of this persona, about some subject unrelated to you. If it looks like a personal business, you have an excuse to give address, phone number, and email address.

  • Maybe buy a domain-name that matches your real name, giving the data of this persona (although I think you'll need to give real email address). Create a web page giving this persona's data and unrelated subjects. [Probably a lot of work.]

  • Some people-search sites let you submit "corrected" data. Give them this persona's data.

  • Online, request quotes for home alarm-monitoring services.

  • Online, make a PasteBin page containing the info; they get scraped frequently.

  • If you have a burner phone number to use, maybe create a LinkedIn account for the fake persona.

  • Subscribe the email address to a couple of newsletters, so there's activity in the account. Set the account to forward the newsletters to some other junk account, so there's outgoing traffic too.

  • Use this persona anywhere that data is demanded but you don't need/want to receive anything in postal mail or email. In retail stores, for unimportant online accounts, professional conferences, etc.

The goal of this persona is to create fresh misleading data (in your real name) that is newer than your real data.

Maybe have a separate different-colored wallet for each persona, so you can keep everything straight and it doesn't look funny if someone sees multiple names in your wallet.

Remember that you can't give fake data to police or government or schools or insurance or financial companies. That may be illegal, or may come back later to bite you in some way.

For a work history or company ID card, invent some fake anonymous small company, don't use a big well-known corporation with an HR department that can be contacted.

I think Sudo (MySudo) creates and manages email addresses and phone numbers, but not the rest of a persona's information. I think IronVest (formerly Blur) creates and manages email addresses and phone numbers and credit-card numbers (but with fees), but not the rest of a persona's information.

Matty Bv3's "How to Make Sock Puppet Accounts"
Alyssa Rosenzweig's "My Name is Cafe Beverage"
Fake Name Generator

Email address:
What Google harvests from your accounts (mainly GMail), from someone on reddit 12/2018:
... I downloaded what supposedly is all the data Google keeps about me ...

In my Takeout archive, there is a folder called "Purchases and reservations", which contains many files with all the anonymous* data that Google collected from my e-mails. This includes my purchases on all sorts of web sites (Amazon, etc.), shipping updates and my flight/train reservations. ...

My location data file freaked me out a little bit too, with all of its "ON_FOOT", "STILL" and "IN_ROAD_VEHICLE" strings, but I had my location history on, so that was to be expected. That text file alone is 82.7 megabytes - not bad, huh?

If you have a Google account, I suggest you download all of your data from Google Takeout and check what it looks like with your own eyes.

*Anonymous, in this particular case, means that my home address and my full name (albeit only in the reservation files), are written in plain text.

Good idea to have separate email addresses for family, work, financial, social, shopping.

Good idea to have unique email addresses as the usernames on likely-target accounts (Facebook, Twitter, etc). If an attacker knows the login username for an account, they can do a denial-of-service (DOS) attack on you: they can try to log in N times until the service says "too many attempts, account frozen". Then you have to go through a hassle to get it unlocked.

But: sometimes there is a problem with financial accounts if the email address alias you use to register your account doesn't match the originating email address of a message you send. For example, suppose your email service has a "catch all", so mail to any address on your domain gets to your main InBox MYADDR@MYDOMAIN. You open a bank account using email address alias MYADDR_BANKNAME@MYDOMAIN or BANKNAME@MYDOMAIN. Later you send a message to their Support dept from email address MYADDR@MYDOMAIN. They may say "email address doesn't match !".

You can get a disposable email address, which exists just long enough to finish registering somewhere: 10 Minute Mail, Mailinator, others. article

A service which will "screen" your real email address, phone number, credit card number by giving out different info which relays to your info: IronVest (formerly Blur) (Stop giving out your real personal info online with MaskMe, a new privacy tool).

A service which will "screen" your real email address, phone number, credit card number by giving out virtual info (but not relaying to your existing providers, I think): Sudo

"PlusPrivacy feature - email identity management"
SimpleLogin (acquired by Proton)
Firefox Relay
Alfred I.'s "My experience with DuckDuckGo Email Protection Beta"

In your email client, turn off automatic display of HTML, images, and JavaScript. It's dangerous to let some random person send you a piece of software that executes in your client. It's JavaScript

Some security guys say it's safer to use browser-based email instead of a client application (such as Thunderbird). The browser is somewhat of a sandbox, and highly tested, and you need it for other reasons too. A mail client application is an additional complex piece of software that probably is less secure.

On the other hand, if you use an email client application (such as Thunderbird) and POP3 protocol, your email is not stored on the email provider's server for very long, it's stored on your personal machine. Maybe you can find a provider that promises to erase your messages completely from their server after you retrieve them to your machine.

Nitrous's "The Easy Way to Use PGP for Encrypting Emails on Windows, Mac & Linux " (if using Thunderbird)

Changing your email address:
Changing your email address on all accounts (such as from old insecure email service to a new secure email service) can be tricky. If your email address is used as your username on an account, the service may or may not let you change it. But if you can't change username, you still might be able to change email address used within the account. Worst case, you may have to delete the account and create a new one.

You may be able to set your old email account to forward all messages to a new account. But this is bad as a permanent thing: makes everything less clear and reliable, old provider still sees your mail, still have to manage old account as well as new one.
Rick Rouse's "How to forward your Yahoo mail to another email account"

Virtual phone numbers:
There are two ways to do calls and messaging:
  • POTS/Cell/VOIP/SMS (use standard phone numbers and phone dialing apps;
    advantages = calls from normal phones; more routing features and APIs;
    disadvantages = cost; can't do images or video).

  • Custom network (use a custom app such as WhatsApp or Signal;
    advantages = free; encryption; can do images and video;
    disadvantages = can't receive call from normal phone; fewer features).
    See "Messaging" section of My "Secure Communication" page.

It may be a good idea to have separate phone numbers for family, work, financial, social, shopping, to reduce connections between different parts of your life. This makes it harder to track you through phone number, lets you disable a number if you start getting abuse on it, makes it harder for someone to do a SIM-swap attack against your accounts (they won't know which number is being used on each account), lets you use number-called as a form of Caller ID when caller is hiding their originating number.

My understanding of Michael Bazzell's "VOIP-forwarding" strategy:
  • Your phone has a SIM in it, phone number H. You want to hide H from everyone, because it would serve as a single point of ID, and might have your real ID associated with it.

  • Get VOIP service that will sit "above" your phone, forwarding calls to H, and making outbound calls that look like they come from a VOIP number. You could have several VOIP numbers all on one service. You can use a referral code to sign up, but best to add some real money too, sign up using a personal email domain, and respond to any sales inquiry by saying you're using it "for business".

  • You can give out VOIP numbers to family, work, school. You could have multiple numbers: V1, V2, V3.

  • Apparently you can dial from VOIP directly in Android at least. Maybe in "Settings / Calls / Calling Accounts", and you can add a SIP (VOIP) account. How do you choose a VOIP number when making a call ? Do you have to add a calling account for each VOIP number ?

  • Some online services (financial, social, shopping) may not allow registration with VOIP numbers. So get an anonymous pay-as-you-go SIM with number P, pay real money to activate service for a month or so, then port that number P to the VOIP service. Then you can let the service go unused; don't pay more. Give out number P to services that don't allow VOIP numbers. You could do this with multiple SIMs: numbers P1, P2, P3.

  • So the only companies that know H are the base cell-provider, and the VOIP company. If you're careful, maybe they don't know your real name and address etc. And you have separate numbers (V1 - V3, P1 - P3) for separate uses.

  • The cost for the VOIP service could be $1/month/number.

  • Of course you have to keep track of what number to use with whom.

  • Be prepared for some glitches: some services may not accept your calls or your numbers, perhaps a number ported from a SIM will stop working, perhaps your VOIP company may go out of business or change their pricing or TOS.

  • Never make a phone call using real service from your real number H.

  • Your real phone service has to include data service; you have to be able to access the internet, either through Wi-Fi or cell data service. Not sure if service through a VPN will be fast enough; you may have to turn off VPN ?

When you buy a phone or a SIM card, it's best to pay cash, and then let them "age" a bit (months) before using in case you're worried about appearing on store security cameras.

Some/many countries require giving ID to buy a phone or SIM. Maybe try buying secondhand at a used market. Or give fake info if you're allowed to fill out a form and not show an ID card. Or get someone else (a "nominee") to buy for you.

Be willing to throw away phones and SIMs every year or so.

Nomad Gate's "How to Build Your Own Virtual Phone in Minutes"
Ben Stockton's "5 of the Best Virtual Cell Phone Number Apps for Android"
Joe Hindy's "What are burner phone numbers and how to get one"

Richie Koch's "How to protect your privacy with a second phone number app"
All Things Secured's "Best Virtual Phone Number App for Account Verification"
Naomi Brockwell video

Thales' "6 key points to understand what an eSIM is"
Mishaal Rahman's "The ingenious product that brings eSIM to any Android phone"
Future: iSim: SIM as part of the SoC.

Eray Eliacik's "What is a burner phone?"

Sudo (I'm told: don't need a US phone number or be a US citizen.)
Silent Link (requires eSIM-compatible smartphone)
Telnyx (referral code) (article)
Google Voice
Twilio: apparently has gone downhill; don't use.
Firefox Relay (article)
SMS: Hushed (cheapest plan $5/month, but there are many limits by country, maybe have to address-verify, etc)
TextNow (available only in USA, Canada, and some others)

Credit-card info:
Even if you have a credit card with a chip in it, the magnetic stripe on that card still contains all of the info needed to do a transaction, and the stripe is easy to read. So keep a close eye on any merchant you hand your credit card to. And monitor your account for any unauthorized charges.

If you want a fake number to satisfy a "free trial" web site, see Get Credit Card Numbers.

Virtual Credit Cards:
Such a card or card number is connected to a real credit card or a bank account. Any transactions you do get "passed through" to the real account backing the virtual card or card number. Multiple cards or card numbers can be backed by the same real account.

You can get one or more Virtual Credit Card numbers. You may be able to set a purchase limit or time limit on the number. You might be able to get such a number from your existing credit card company.

Such a number is virtual, not physical, so you can use it only online, not in a store. Don't use it for something you buy online but then pick up in person: maybe air travel, hotel, rental car, event tickets. Virtual numbers often don't work for overseas transactions, only within the country of origin. If your real number and all virtual numbers are issued by the same company, that company still can see all of your activity.

I wonder about the legal implications of this. In USA at least, consumers have a lot of rights to dispute credit card charges and be protected against losses. What happens to those rights if charges are going through another service first ?

Also, real credit cards often give accident insurance when renting a car, or trip-cancellation insurance when buying plane tickets.

Online, paying with a service such as PayPal (maybe ?) gives less data to the merchant than paying with a credit card. But not all merchants accept PayPal, and I'm not sure about protections and benefits when paying with PayPal.

Rules and fees vary greatly from company to company. Some allow only citizens or residents of certain countries. Some are accepted only by merchants in a specific country. Some have an annual fee per card, or a fee per transaction.

Neil J. Rubenking's "5 Things You Should Know About Virtual Credit Cards"
Alan Henry's "Privacy Lets You Create 'Virtual' Credit Card Numbers, Deactivate One Instantly If It's Stolen"
Rebecca Lake's "Why Virtual Credit Card Numbers Aren't Worth It"
Simon Zhen's "Virtual Account Numbers: What You Need to Know"
All Things Secured's "Best Alternatives to for Virtual Credit Card"
Zahra's "Best Virtual and Prepaid Cards for International Shoppers"

IronVest (formerly Blur) (article) (US citizens or residents only)
MESH (only accepted by certain merchants)
Token (smartphone app only; Chrome extension being developed)
Sudo (MySudo)
Revolut (Premium plan, €8/month)
Klutch (US residents only)
Lydia (Blue plan, €5/month)
Announced 5/2022: Mike Moore's "New Google Chrome virtual cards"

My experience with since 1/2018:
Available to US or Canadian citizens only. Requires USA mailing address, requires email that can be verified, US phone number that can receive an SMS for verification. Will pay directly out of your bank account, so it requires your bank account username and password.

But 11/2023: they're adding a 3% fee for international (non-USA) transactions.

Gave it credentials to my bank account at ETrade, but connection kept failing, they said there's a bug.

A month later, I asked if they had fixed that bug, and instead they turned on ability to give ABA routing number and account number. I gave those numbers, they did 2 deposits to my account to confirm that it existed.

A few days later, tried to create a number, and it failed. Turned out I hadn't quite finished the process, I was supposed to tell them exactly the amounts of the test-deposits.

You can't create a physical credit card that carries a number created through, it won't work. [But it seems legal to possess a credit card writer; they're for sale on Amazon, eBay, etc. And you can buy blank white credit cards there, too. You might need a special printer to print on them; search for "credit card printer embosser". I'm not sure if any card-printing services will create a real, working credit card for you, unless you're a business, and ordering in largish quantities.] 7/2022 says they MAY offer a physical card in the future [but they've been saying this since at least 2019].

Each card you create can only be used at one merchant, the first where you use it. You can't create one card which you can use for any merchant.

Warning: if you create a card to use with a merchant, and later delete that card, then create another card for that merchant, you could get locked out of ever again using a card for that merchant ! Especially true if you create a single-use card for a merchant: after that use, the card will be deleted. It's not a blanket policy. Support says "In some cases, we limit the number of Privacy Cards users can create for any single merchant to reduce the risk of users violating merchant policies or terms, as this can result in the wholesale ban of Privacy Cards by that merchant." and "To avoid these declines, we generally recommend making the next one you use a Merchant Card and just pausing it between uses.".

Also not specified: what name is on the card. Asked Support, and got:
In terms of name / billing, you can use any name and billing address / zip code with the merchant you would like, and we will return that it's correct when the merchant runs the charge.

Please keep in mind though, merchants have sophisticated fraud checks on their end sometimes, so don't get too creative with the billing info or it might raise a flag in their system. Also if the transaction requires a shipping address, generally using a billing address in the same city is a good idea (for example, if the shipping address in San Francisco and the billing address is in New York it may trigger their fraud checks as well).
So, you just have to give the right card number, CCV, and expiration date, and the card will work.

Other than putting a "nickname" on each card on their web site, the web site gives no help for managing the cards. You can't tag each one with the name and address you're using with the card, for example. (Maybe better to do that in a password manager, anyway.)

In my bank account, transactions show up as "direct debit" and description "something PRIVACYCOM". The "something" comes from the vendor, it's not the nickname of the card. You can change this by going to YourName / Account / Private Payments.

My referral code for anyone who wants to create an account.

Free account works fine. If you want 1% cash-back cards, you have to have $10/month account.
From someone on reddit about 7/2018:
Don't make multiple cards for same merchant, probably best to use same card for eBay and PayPal; there is an unstated daily spending limit as well as the stated monthly limit.

From someone on reddit about Blur 7/2019, in response to "looking for a virtual card provider in UK/EU":
Don't. I have Blur and they're terrible for privacy. In the UK they don't have virtual cards at all, the only option they give you is the ability to have a masked email. They also (as of about a month ago) have removed masked numbers.

On top of that they were involved in a security breach that they still haven't acknowledged or issued a statement surrounding (to the best of my knowledge).
From someone on reddit about Blur virtual credit cards 2/2022:
... I have tied a non-masked (normal) credit card to my Abine account, to back the masked cards. Then when I create a masked card, the charge is billed to my unmasked card. But that transaction is marked only as "ABINE BLUR", with no indication of where I used the masked card. I can then use the masked card at one, or more than one vendor. If you cancel the masked card before it's exhausted, money is refunded to your unmasked card. ...

Prepaid (debit) cards:
Such a card or card number has to have money deposited into it ahead of time; you have to maintain a positive balance in the account. Any transactions you do are paid from that balance. If you have multiple cards or card numbers, maybe each one has a separate balance ? Not sure.

You can get a physical card, so not just for online use. But refunds may get complicated. Any balance you load into the card might not be protected by banking laws, certainly not at the $50 limit of protection on a credit card.

From someone on reddit 2/2018:
Any card sold in the USA that is "reloadable" in some way must have a real SSN with matching name and Date of Birth on file. The only exception is the cards that are only loadable once and after the funds are gone, it is useless. ... You know that little folded-up piece of paper that folds out to about a legal-size sheet of paper with fine print on it? It is all in there. It also lets you know that the card can only be used within the USA and not outside of it. This includes online merchants and many online merchants in general are starting to block those cards regardless.

Pre-paid cards often have a web site you can use to track the purchases and remaining balance. All you need to access that info is the data printed on the card itself. So be wary of buying a card from somewhere sketchy, or using a card you received in the mail: someone could have copied that login information, and will use it to track you. Buy cards only from mainstream, reputable stores.

Rules and fees vary greatly from company to company. Some allow only citizens or residents of certain countries. Some are accepted only by merchants in a specific country. Some have an annual fee per card, or a fee per transaction, or charge a percentage of the money you load into a card. Check to see how unused balances are handled; can you transfer money among cards, or get a refund, or do you just lose the unused money ? There seems to be a lot of turnover in this industry; what happens if your card-company stops offering cards or goes out of business ?

Zahra's "Best Virtual and Prepaid Cards for International Shoppers"
Gunjan's article (with misleading title)
Nick Beeny's article (with slightly misleading title)


Bank debit card:
Carey Parker's "My Debit Card Was Hacked"

Photo ID card:
Official government ID that doesn't give away your address: passport, or US passport card (available for $55 when you renew your passport).

When applying for or renewing passport, you can omit phone number, and give PMB (but not PO box) as address.

Some people carry a fake ID, to show to businesses that demand photo ID. I think it's legal as long as it's not a fake of a government ID, and you're not committing fraud. A fake corporate employee ID card from a fake corporation, maybe. Maybe add this fake person as an authorized user to your real credit card ?

Maybe in the future we'll get "decoy" tools or services: something that posts fake info online to make it harder for others to figure out your true info. Fake pictures of you, fake address, fake postings, etc.

Maybe use login/password info from elsewhere

Maybe use login/password info from elsewhere, instead of using your own.


Use 'blockers'

Blockers usually prevent: tracking scripts/images, ads that clutter your page, malware that might come in via ads/scripts/downloads, ads/images/scripts that would reduce performance.

For example, an ad could present a "Continue" or "Next" or "Login" button that looks like it's from the owner-domain of the page. Click on it, and if you don't notice that you're now in a different domain, you can get phished or scammed.

Some scripts can be very dangerous, even doing key-logging (AKA "session recording") while you use the web page (article1, article2).

Several ways to do blocking:
  • Browser settings / functionality

    This may include pop-up blocking, safe-domain checking, dangerous download blocking, tracker-blocking, Containers, camera/microphone permissions, cookie blocking or deletion. [I don't block cookies, but I have the browser delete all of them when it closes. And I use Containers to keep sites from seeing cookies from other sites.]

    Dave Camp's "Firefox Now Available with Enhanced Tracking Protection ..."
    Douglas Crawford's "How to block third-party cookies on all browsers"

  • Browser extensions / plug-ins / add-ons

    The must-have extension is: uBlock Origin

    Also worth having:
    CanvasBlocker (also does WebGL)
    Disable WebRTC
    Location Guard
    Privacy Badger
    New: JavaScript Restrictor
    New: JShelter
    New: Vytal (Chrome* only)

    About Privacy Badger, from someone on reddit 12/2021:
    > Since Firefox has its own under-the-hood tracker-blocker
    > mechanisms, can I ditch using the Privacy Badger extension?

    Privacy Badger is a funny case.

    Unlike list-based tracker blockers, [if you have PB's automatic learning mode turned on], it works by watching scripts that come up as you naturally browse the web. If it sees a script in at least three different websites, boom, out it goes - blocked forever onwards (unless you explicitly tell it not to block a particular script).

    ... So if you have that automatic learning mode turned on in the extension settings, then there's nothing wrong with leaving it in there, it'll still help.

    About JShelter, from people on reddit 3/2023:
    JShelter is supported and co-developed by FSF. ...

    JShelter fakes data returned by sensitive JavaScript APIs like WebGL, Canvas, Audio, Sensors, etc, to produce different fingerprint for each web site and session. This prevents web sites from linking your identity across sessions and sites.

    JShelter modifies JavaScript APIs at runtime to inject fake data. Any web site invoking JavaScript APIs such as WebGL or Sensors get a random data for that session. This is more powerful and effective than static filters used by Firefox or uBO.

    The only issue I face is, it breaks Google's stupid Captcha on some web sites.


    it's tanking my browser's performance.


    ... CanvasBlocker protects a few API's that JShelter doesn't: History, SVG, TextMetrics, Navigator (Yes, JShelter protects plug-ins, not the same thing), Screen. But JShelter protects a TON of API's that CanvasBlocker doesn't ...


    Its default settings break very few sites. Its maximum settings break quite a few, including some you might not expect to be abusing JS so much as they are.

  • Filtering in DNS or VPN.

    Advantage: affects all browsers and all applications, from one place.
    Cloudflare's "Introducing for Families"

  • Hosts file modifications.

    Advantage: affects all browsers and all applications, from one place.
    StevenBlack / hosts
    MrRawes / firefox-hosts

  • In your network router.

    Advantages: Affects all devices and all browsers and all applications, from one place. New or guest devices get protected automatically. Protects devices which don't allow installation of a blocker on them (smart TV, game console, some phones). No changes needed on your device (such as rooting a smartphone).

    Disadvantages: If you take your phone/laptop to another network, all of the blocking is gone. Many routers may not support blocking. If a web site ceases to function because of the blocking, you have to administer the router to allow ads/scripts on that site, affecting everyone.

    Rob Turner's "Install and Configure pfBlockerNg for DNS Black Listing in pfSense Firewall"

  • In a device between your ISP's modem and your network router.

    Advantages: Affects all devices and all browsers and all applications, from one place. New or guest devices get protected automatically. Protects devices which don't allow installation of a blocker on them (smart TV, game console, some phones). No changes needed on your device (such as rooting a smartphone).

    Disadvantages: If you take your phone/laptop to another network, all of the blocking is gone. Another hardware device to buy and install and maintain. Won't work if your ISP supplies a single integrated modem/router device, unless you buy a second router and bridge to it. If a web site ceases to function because of the blocking, you have to administer the device to allow ads/scripts on that site, affecting everyone.

    "Pi-hole setup guide: Ad-free better internet in 15 minutes"
    LabZilla's "Your Smart TV is probably ignoring your Pi-hole"
    "Pi-hole is effective only when paired with NAT rules on your router to capture all DNS lookups."
    AdGuard Home

  • For Android smartphone:

    Non-rooted: AdGuard, Netguard, Dns66, AdClear, Block This, Cygery AdSkip, TrackerControl.
    Rooted: AdAway, MinMinGuard Xposed.

  • General OS or OS-level controls.

    Spybot Anti-Beacon (prevents Windows sending info to Microsoft)
    Martin Brinkmann's "Block all outbound traffic in Windows Firewall"
    Kamrul Hasan's "10 Best Firewall for Windows 10 PC"
    O&O ShutUp10 (helps you manage Windows 10 privacy-related settings)
    0ut3r Space's "Windows security and privacy"
    Other settings-tweaking software: Ultimate Windows Tweaker, , , DoNotSpy10, DoNotSpy11,
    For Windows 10, some info in Wallace Chu's "Should You Disable Windows 10 Telemetry?"
    In Windows 10, also see "Diagnostic Settings", I think.
    For Mac: Little Snitch (limits outbound traffic)
    For Linux: OpenSnitch (limits outbound traffic)
    For Windows: Windows Firewall Control (limits outbound traffic)

Many sites will stop working properly if you block scripts, some will refuse to work if ads are blocked, and some sites will not work even if you whitelist them in the blockers. You'll have to keep a "clean" copy of a browser (or browser profile) to use on those sites, and keep track of which sites require that special treatment.

Side-effects of using too many privacy controls:
  • Increased chance of bugs.
  • Slower performance.
  • Increased attack surface (mainly in browser).
  • More things to keep updated.
  • More things to turn off if you really need to use some web site (such as your bank's site) that refuses to run without JavaScript or cross-domain access or ads or something.

Michael Franco's "How to Reclaim Your Digital Privacy From Online Tracking"
Mozilla Blog's "Make your Firefox browser a privacy superpower with these extensions"
Martin Brinkmann's "How to block web fonts to improve privacy"
Collin M Barrett's "Blocking Web Fonts for Speed and Privacy"
Kingpin's "How to disable WebRTC ..."
Matt Frisbie's "Let's build a Chrome extension that steals everything"

Set 'do not track'

Set the "do not track" option in your browser to (maybe) stop "ad tracking".

In Firefox, it's: Preferences - Privacy & Security - Content Blocking - Send websites a "Do Not Track" signal ...

But: Jon Brodkin's "Yahoo is the latest company ignoring Web users' requests for privacy"

There's a new "GPC" flag. Test if your browser sends it by going to Global Privacy Control and looking at top of page. (It's set automatically by Privacy Badger. In Firefox about:config search for "globalprivacycontrol".)

One form of tracking is a "super-cookie": your ISP remembers what domains your IP address accesses, and maybe remembers some useful data (a unique ID number identifying you) for each site, and sells that data to sites and advertisers. The only way to stop that is to use a VPN (and also not use the ISP's DNS).

Reduce 'browser fingerprinting'

When you use a browser to fetch a web page, the browser sends a "user agent" string that may say something like "Firefox 54.0 on Windows 10". Same happens when a game console or media player application etc accesses the web. See What's My User Agent?. Other information is sent: an "accept header" saying what types of media can be returned, your preferred language(s).

Then after the page is retrieved, JavaScript code in the page can access your browser and determine more details about your configuration, such as your time-zone, your screen size, (with some effort, maybe using Canvas) what fonts are installed in your system, your browser's default language, your history in the current tab, what protocols your system supports. On Chrome, I think the code can get the full list of extensions. I'm not saying it's JavaScript, but it's JavaScript

Your ISP may add more information, such as your postal code or approximate lat/long.

All of this information can be used to form a "browser fingerprint" that may be unique to you, or close to unique.
Am I Unique?'s "What is browser fingerprinting?"
Mozilla Wiki's "Fingerprinting"
SoByte's "Introduction to Browser Fingerprinting Technology"
But: Michael Horowitz's "Web browser fingerprinting - testing the testers"

This fingerprint can be used to track you, even across multiple web sites, even if you turn off cookies, change IP address, use a VPN, etc.

Some things a web page, JavaScript, or web server can not read, without special cooperation from a browser extension or some other unusual addition: your Wi-Fi network name (SSID), your MAC address, the list of extensions/plug-ins/add-ons in your browser (although it may be possible to check for specific extensions: article, and maybe Chrome gives away extension info), your phone's IMEI number, your phone SIM's IMSI number, your phone number.

Testing your fingerprint:
EFF's "Cover Your Tracks"
Device Info
Bromite fingerprinting mitigations test
Hidester's "Browser Fingerprint Test"
abrahamjuliot / creepjs (see if you get same value each time)
External Protocol Flooding Vulnerability
z0ccc's "Extension Fingerprints" (Chromium desktop browsers only)
Am I Unique ?'s "Privacy Analyzer"
Detect my Browser
Are you anonymous?
CreepJS (cryptic)
And see my Testing Your Security and Privacy page.

Key ways to avoid fingerprinting:
+/- Septimiu-Vlad Mocan's "Browser Fingerprinting and You"

There are a lot of specialty browsers that advertise themselves as "anti-detect" browsers, but they're sold by proxy vendors and other questionable companies. I wouldn't use them.

Minimize the number of things you use

Do you really need to use:
  • Each add-on you have installed in your browser ?
  • Each app you have installed on your phone ?
  • Each app you have installed on your computer ?
  • Each app you have allowed to access your Facebook account ?
  • Each app you have allowed to access your email account ?
  • Each social media site you use ?
Every one of these is potential point of failure, a thing that could be stealing and selling your data, or accidentally having a security vulnerability.

Reduce 'behavior fingerprinting'

If you always do the same set of operations in the same order each day, someone who can see all that activity can "fingerprint" you, maybe tying your identity to an IP address.

For example, suppose every morning you go to web sites of NPR, NYTimes, BBC, USAToday, LATimes, your local newspaper. Always in that order. You may be the ONLY person who does that every day. Someone who has code on all those sites (Google or Facebook or Amazon, maybe), or sees all that traffic (your ISP or VPN company or ad-blocking service or DNS), could see the pattern and determine your IP address and identity and track you.

Same is true of any automated application you start up each morning. Your email client, or feed-reader, maybe ? Any script you run that accesses a number of web sites ?
Daniel Aleksandersen's "Feed readers can be uniquely fingerprinted"

Payment Privacy

PayPal: when you make a purchase, PayPal gives certain info about you to the vendor: name, shipping address, email ? There are differences among buying a physical product that is shipped to you, buying a virtual/digital product or service, and sending money to an individual.
John Summer article1
John Summer article2

Alternatives to PayPal (in case you get banned):
Payoneer (more for businesses, not individuals ?)
Skrill (not accepted many places ?)
Amazon, Apple, Google all have payment services. there is a setting to not reveal vendor names to your bank in transactions.

Account privacy controls in ISP and sites

The default settings are chosen to benefit the company, not you.

Very important: Log on to the web site for your ISP and find any privacy settings they have for your account.

Phone service: (maybe USA-only) disable "CPNI data sharing" in privacy settings on account. You might be asked once a year if you want to "opt out" of this; you do want to opt out. It shares your call and location records with partners.

Facebook lets you control the access that Apps and external sites get to your data: go to Account - Privacy Settings - Apps and Websites - Edit your settings.
Melanie Pinola's "The 'Nuclear' Option for Total Facebook App Privacy"

Turn off your Google search history: Also Rick Rouse's "How to prevent Google from storing your search history and tracking your online activities"

YouTube: profile - Video Manager - History - Clear All Viewing History, and then History - Pause Viewing History, and then Search History and do the same clear-and-pause.

WhatsApp: you can set messages to "disappear" after a week or after 3 months.

Windows 10 activity history

The Ultimate Reddit Privacy Guide

Handy central places to start:

Instead of Google Search, use a service that promises not to track you:
DuckDuckGo (or DuckDuckGo non-JavaScript)

Michael Franco's "How to Reclaim Your Digital Privacy From Online Tracking"

Apparently, "opting out" via NAI stops targeted ads, but does not stop companies from tracking your activities.

Anything you store on a server may reduce your privacy

Your contact list in email, buddy list on instant messaging, Friends list on Facebook, etc. Any emails in your Inbox, or saved long-term in a "folder" within your email service.

Okay, email or IM or Facebook won't function without those contact lists. But maybe you shouldn't use your email as a data store. And maybe you shouldn't keep anything except name and email/IM address or phone number in each Contact entry. Store postal addresses and anything else in some private contact manager.

Opt-out of some tracking

Delete accumulated data out of accounts

David Nield's "Deleting the Data Amazon Has on You"

Application settings

Go through the security and privacy settings in your applications, especially those in browsers and email client.

In general: turn off JavaScript, and automatic display of images in email messages, and use of external services such as search-suggestions.

Privacy settings in Firefox browser:
Privacy Settings add-on

Delete most cookies every now and then

This does two things: gets rid of tracking cookies, and means that if someone sits down at your computer and opens a site they won't automatically be logged in to that site.


Or delete all cookies every time you close the browser:
Ian Paul's "How to automatically delete your cookies every time you close your browser"
Chris Hoffman's "How to Automatically Clear Private Data When You Close Your Browser"
But if you do this, you'll probably want to be using a password manager, because you'll be logging in to sites a lot.

Or use extension Cookie AutoDelete to delete most cookies but save some of them.

Deleting browser history really does nothing for your privacy

Deleting browser history only helps if someone steals your computer and looks at your history.

Change or hide IP address


Changing IP address periodically:
If you're connecting through a home Wi-Fi and cable router/modem (and no VPN), you probably can't change your external IP address. The router/modem probably is using one external IP address for all devices on your home network. To test this, open browsers on two devices simultaneously and go to on both devices. You'll probably see the same (external) IP address for both devices.

Try power-cycling the fiber router/modem, and see if it comes up with a new external IP address. It may not. Try powering it off for longer, such as overnight.

Try contacting your ISP and asking if they can change your IP address. If they ask for a reason, I guess you could say "to increase my privacy, to make it harder for advertisers to track me" ?

If you're connecting some other way, you may have a chance of changing IP address. On Windows, create a CMD file containing "ipconfig /release && ipconfig /renew" and run it as Administrator. Check before and after, using

WikiHow's "How to Refresh Your IP Address on a Windows Computer"

See my "Connection Security and Privacy" page for information about VPN, Proxy, Firewall, DNS, and more.

If you're doing illegal things, don't expect a VPN or proxy company and their ISP to shield you if they're served with a court order. They may be forced to log your activity and trace you and give the data to law enforcement.

If you're abusing the VPN itself, such as sending out millions of spam emails through the VPN, don't expect a VPN or proxy company and their ISP to shield you. They may report you to law enforcement, or happily cooperate with law enforcement.

Computer hardware ID numbers

Some hardware ID numbers that could be used to track you:
  • Motherboard manufacturer and serial number (read through BIOS).
  • TPM Endorsement Key (can't be read, I think, but can be used).
  • Disk serial number.
  • RAM serial number.
  • Discrete GPU serial number.
  • Apple chip serial numbers (ECIDs). article
  • MAC address (associated with each network interface; on Wi-Fi AKA "BSSID").
  • Display/monitor serial number (EDID).
  • Smartphone IMEI (associated with each radio interface ? permanent).
  • Smartphone IMSI (associated with service through SIM card, can be changed).
  • Smartphone SUPI (5G; associated with service through SIM card).
  • Smartphone ICCID (associated with SIM card).
  • Non-unique: model numbers of motherboard, disk, CPU, etc, and version number of BIOS.
  • Not hardware: Wi-Fi network name (SSID), OS installation ID or license key, Android advertising ID (AAID) maybe in Settings/Ads, Google Account set on Android phone, Google advertising ID (GAID) probably same as AAID, Apple advertising ID (IDFA), Mobile advertising ID (MAID) which probably is just AAID or IDFA (MAID article).
Most of these are readable only by privileged software running on your machine.

Don't always use the same MAC address

The MAC address is associated with your network interface hardware (Ethernet or Wi-Fi chip). Generally it is visible only inside your LAN. But malicious software could send it out to some site. Routers or firewalls who want to block you may do it by deny-listing your MAC address. And if you're often on a public LAN (public Wi-Fi), you may want to change MAC address to avoid tracking.

For Linux:
Ravi Saive's "How to Change Network MAC Address in Linux"
It's FOSS's "How to Change MAC Address in Linux"
Chris Hoffman's "How (and Why) to Change Your MAC Address on Windows, Linux, and Mac"
Ubuntu Community Help Wiki's "Anonymizing Network MAC Addresses"

sudo apt install macchanger
# I see little harm in setting it to run automatically, each time a
# network interface is taken down or up.  But it might be confusing
# to have random devices appear and disappear on your LAN.
# So maybe set it to manual mode, then change only the 2nd half of the address.

sudo macchanger -e enp19s0	# keep 1st half (vendor) real, 2nd half new
sudo macchanger -p enp19s0	# change back to original/real address

sudo macchanger -e wlp18s0

# address will revert to original/real address next time you reboot

Also for Wi-Fi only maybe could edit /etc/NetworkManager/NetworkManager.conf to add:
Thomas Haller's "MAC Address Spoofing in NetworkManager 1.4.0"
PrivSec's "NetworkManager Trackability Reduction"

Stay logged out

Stay logged out of Google and Facebook and Microsoft et al, as you browse other sites.

Or use some kind of "container" or "cookie protection" feature in your browser to isolate one tab from another:

Cookies and Containers

Firefox Containers
I use Firefox, with the Facebook Container extension, Google Container extension, Firefox Multi-Account Containers extension, and Temporary Containers extension. and enable the "Container Tabs" option in Preferences / General / Tabs. People have created specific Container extensions for other sites such as reddit, Amazon.

The Help for FMAC says if you use both FMAC and Facebook Containers, don't use FMAC to manage any Facebook-owned sites. I assume that is true for the other site-specific container extensions too.

Some people point out: Container settings don't sync across multiple devices, and add-ons such as uMatrix know nothing about containers.

Seems to be no way to save/export/import settings for Firefox Multi-Account Containers extension. Old instructions no longer work because of recent storage changes in FF.

In Firefox about:config, set privacy.firstparty.isolate and privacy.firstparty.isolate.restrict_opener_access to false. Otherwise Yahoo Mail login doesn't work.

Have to whitelist the FMAC extension in uMatrix.

Containers sometimes screw up the browser history. You're in a uncontained page, you follow a link to a contained page, then the Back button has lost your history (no way to go Back to uncontained page).

I suspect that making a separate container for PayPal or credit card, or enabling the "open external link in a new container" features of Temporary Containers, will interfere with paying for things online. If you're in an AirBNB container and on the AirBNB site and you want to pay with PayPal, you need the PayPal cookies accessible from the AirBNB container.

I created a Containers import/export extension (Containers settings export import), but it's really limited, all it imports/exports is the container names and icons and colors. IMO the architecture of Containers is badly done. All of the working guts of each container, the mapping to a domain and such, is saved in the local storage of each separate extension such as Multi-Account Containers, Facebook Container, Google Container, etc. So my extension can't really get at those to import/export them.

The Containerise extension is an alternative to the Firefox Multi-Account Containers extension; use one or the other but not both. I couldn't understand Containerise and get it to work for me. Also it has a far smaller user base. And 9/2019 the main dev is mulling a total rewrite of it.

Firefox "Total Cookie Protection"
6/2022: Firefox has enabled "Total Cookie Protection" (and in Settings / Privacy / Enhanced Tracking Protection set to "Strict"). In a tab, click the "shield" icon in the address bar to see the status. But it fails the tests below. [Then owner of GRC site said their test is wrong, cookie protection is working.]

6/2022: In Firefox, went to Settings / Privacy / Enhanced Tracking Protection and set it to "Custom". Enabled all items, and set "Cookies" to "All third-party cookies". Test: see third-party cookies allowed ?

Little in the Firefox UI says "Total Cookie Protection" ? From someone on reddit 6/2022:
"Total Cookie Protection" only appears in the UI with the opt-in prompt. Otherwise it is part of Tracking Protection:
  • Standard mode with opt-in or in private windows.
  • Strict mode by default.
  • Custom mode with cookies set to "Cross site tracking cookies and isolate other cookies".
In about:config it is network.cookie.cookieBehavior set to 5.

Maybe about:compat shows the exceptions to TCP ?

6/2022: In Firefox, went to Settings / Privacy / Enhanced Tracking Protection and set it to "Custom". Enabled all items, and set "Cookies" to "Cross site tracking cookies and isolate other cookies. Test: see third-party cookies isolated ?

Scott DeVaney's "How Firefox's Total Cookie Protection and container extensions work together"
Douglas Crawford's "How to block third-party cookies on all browsers"

Or use separate browsers or separate instances for multiple sites.

Whitson Gordon's "Watch Age Restricted YouTube Videos Without Signing In"

Don't use everything from one company

If you use Google Apps, Google Docs, Google Sites, Siri, Google Translate, Chrome browser, GMail, Google search, Google Maps, YouTube, and Google Drive, and don't block Google Ads and Google Analytics, then of course Google is going to know a lot about you.

Instead, compartmentalize it: some file-sharing service, Proton Mail or other email, some web hosting service, Firefox browser, DuckDuckGo search, use blockers, etc. Use Google only where you have to.

Delete your accounts on various services

Often they make it hard to find out how to do that.

Be careful with these "delete many accounts" services. First, you're trusting them with a lot of your data, maybe including a list of all the places where you have accounts. Second, if you signed up for service X with a burner email and fake name, but then request deletion using real email and real name, you've just revealed ID to service X.

Some people say: instead of just deleting an account, first go in and delete as much of your data as you can, and change as much of the rest as you can to fake data (this is called "data poisoning"). Maybe let it sit in that state for a couple of weeks. Then delete your account.

David Nield's "The Complete Guide to Dumping Google"
tycrek / degoogle

Ask company to delete any data they have about you

Probably best if some law such as GDPR or CCPA applies to your situation, and you can mention that.

Under GDPR at least, a company can retain your data if they have a "continuing business interest" in doing so. For example, if you have purchases that still are under warranty.

Be careful with services that promise to delete your data from many companies. First, you're trusting them with a lot of your data, maybe including a list of all the places where you have accounts. Second, if you signed up for service X with a burner email and fake name, but then request deletion using real email and real name, you've just revealed ID to service X.

Shun the biggest companies

Some say: Shun the biggest companies (Google, Apple, Microsoft, Facebook, Amazon, Cloudflare, Akamai).

I don't agree; I say be aware of the costs and benefits. Sure, maybe it's good to use alternatives when possible.

But there seems to be no good alternative for Microsoft Office (apparently when you go to fancy features, or need exact compatibility with MS Office, LibreOffice doesn't quite cut it). There may be no good alternative for Facebook (80% of my friends and family are on there, and the Groups contain a wealth of knowledge and helpful people).

For Android phone operating system, there are good alternatives (such as LineageOS), but installing them is not for the faint of heart. For e-readers, there are decent alternatives to the Amazon Kindle. For desktop/laptop OS, Linux is a viable alternative to Windows and Mac.

Some people say: before deleting your social-media account (on Facebook, reddit, etc), "poison" it by adding false data, deleting or editing posts and comments, Liking lots of spurious stuff, etc. And let it sit that way for a couple of weeks before deleting the account. I don't agree. Editing your profile is fine. But deleting or editing existing posts and comments will damage the work of other people, those who responded to your post or had a conversation stimulated by your post. Doing lots of spurious posts or comments or Likes will flood your Friends with nonsense. Just edit your profile, let it sit, then delete your account.

Kashmir Hill's "I Tried to Block Amazon From My Life. It Was Impossible."
Kashmir Hill's "I Cut Facebook Out of My Life. Surprisingly, I Missed It"
Kashmir Hill's "I Cut Google Out Of My Life. It Screwed Up Everything"
Kashmir Hill's "I Cut Microsoft Out of My Life - or So I Thought"
Kashmir Hill's "I Cut Apple Out of My Life. It Was Devastating"
Kashmir Hill's "I Cut the 'Big Five' Tech Giants From My Life. It Was Hell"
Daniel Oberhaus's "How I Quit Apple, Microsoft, Google, Facebook, and Amazon"
Mike Felch's "How to Purge Google and Start Over - Part 2"
tycrek / degoogle

Cloud services for backup or storage

For any service, read the TOS and check the account settings.

Note that a "sync" feature is not a backup. If something is deleted or corrupted on one end of it, that thing will be deleted or corrupted on the other end too. Similar if you're directly using a cloud drive: if you delete a file from it, that file is gone, probably you can't recover it, you don't have a separate copy on your hard disk.

Using someone else's device

You have few rights to anything you store on or do with your employer's or school's computers or phones or networks. And you don't know how many administrators have access to the data, what cloud place the data may be copied to, or what other companies the data may be shared with. Don't use them for private things.

You don't know what software or viruses may be installed on a computer you use at a library, in an internet cafe, at work, at school, or at a friend's house. There may be a keylogger, a clipboard-scraper, some browser plug-in that harvests data from webmail, something that logs all your internet traffic, something that copies any USB drive you plug in, ransomware, viruses, etc. Be very reluctant to use your password manager or email or other accounts on such a machine. Two-factor authentication on logins can reduce some of the threat.

If you have to stick a USB drive into such a machine, for example to print a document on their printer, treat the drive as infected from then on. And have as few documents as possible on the drive to begin with; all of them may get infected, or encrypted by ransomware. Have backups of those documents.

Kashmir Hill's "How To Tell If Your Boss Is Spying On You"
David Nield's "How to Find Spyware Your Employer Installed on Your Computer and What to Do About It"

Letting someone else onto your network

Your friend comes over to your place, and asks for the Wi-Fi password to connect their phone to your LAN.

You have no idea what malware is on their device, or who else they may give that password to, or what traffic they may do through your internet connection. Suppose malware on their device starts spamming people on the internet, and your ISP shuts down your service ? Suppose your internet has a monthly data-cap, and their device starts torrenting or something ?

It would be best to have a "guest" network defined in your router, but I think few ISP-supplied routers support that. But that just protects your devices from your guest, it doesn't stop the guest from doing bad traffic to the internet.

More-aggressive things you can do

But you may judge the cost/inconvenience to be too high for the benefit. (And some of them require your friends to use the same applications, or adapt to your behavior.)

  • Encryption everywhere (all external and flash drives, internal drives, etc).
  • Tor browser
  • Multiple user accounts on your computer: one for critical personal stuff, another for general browsing, another for work stuff, etc.
  • Two computers (one secure and other not; EFF's "Keeping Your Data Safe" ). But that other computer will have to be updated sometimes, which means connecting to internet sometimes. I guess have all the critical data encrypted or disconnected when you do that.
  • Pay someone to buy/receive/register things using their info, not yours. Or designate a single family member to do that for everyone in the family. AKA a "nominee".
  • Pay neighbor to let you use their Wi-Fi. Probably violates ISP's TOS.

  • Linux
    Don't have to trust Microsoft or Apple.
    See "Windows User Moving to Linux" section of my Linux page.
    A contrary view, from Artem S. Tashkinov's "Best Linux Distro for the Desktop in 2019":
    If you are a privacy / big brother / surveillance concerned person, you should not use Linux - Linux users are easily identifiable (even when using Tor/VPN) since there are too many things a remote web site can learn about you using your web browser. ... If you want to get lost, firstly, use Windows [10] 64 bit (the most common OS, thus not easily distinguishable) and Firefox or Google Chrome without any addons or extensions installed, secondly, use Tor or VPN.
  • Specialized OS:
    • Windows 10 Ameliorated

    • A security-oriented Linux OS (see "Security-oriented distros" section of my "Linux Distros" page).

    • Use a virtual machine inside your real OS and throw away the VM after each session.

      Virtual Machine:
      You can run a VM inside your real OS. It will look like a real machine to software, but then when you're finished doing stuff, you end the VM, and anything that happened inside it (including any bad stuff) is deleted.

      But some things I don't understand about this: So you can't bookmark any sites, unless you hop out of the VM and update the browser in your real OS ? If you download a picture or something, you can't get it out to the real machine, it's going to disappear when you shut down the VM ? If you want to copy something from web email to the clipboard, then save it in a file, that file will be in the VM, not the real OS ? If you log in to web email or reddit in the VM, and have a virus in the VM, it could do something nasty to your web email or reddit ? Do you never run a browser in the real OS ? Or you do only lightweight, throwaway browsing in the VM and do "serious" web stuff in the real OS ?

      From someone on reddit:
      Virtual box has fixes for a lot of these. The clipboard is shared between OS and VM. It's essentially its own computer, so shutting it down keeps its state and everything. There are plugins for shared folders as well. Putting a document in the folder will make it available to both the VM and main OS.

      If you're using it for virus protection then you still need to be cautious. If you're on the VM and a pop-up comes up asking for your log in for a web site, you should still not do it.

      The expectation sort of is that if you're technically literate enough to set up a VM, you should know how to avoid viruses, but if you do get ransomware on your machine or something, resetting the VM is much easier than on your main OS.
      From someone else on reddit:
      Note that a few of the "fixes" mentioned reduce the security of the VM. Many viruses can notice that they are being run in a VM by checking if those plugins are installed and act like a normal, legitimate program if they are running in a VM.

      Also, sharing resources (like files) between your real ("host") OS and the VM can put them at risk. If a ransomware runs in a VM where your files show up as a shared drive, those files will be affected too, even if you reset the VM.

      Despite all that, yeah, if you want very good security you can run things in a VM. It has many advantages.

      David Murphy's "How to Set Up a Virtual Machine for Free"

  • Multiple throwaway email accounts (not just deltas off your real email address).
  • Prepaid throwaway phones and SIMs.
  • Phone with no SIM, just VOIP.
  • Email, messaging, VoIP services, and social networks specifically designed to be more private.
  • I2P.
  • Self-hosting: Run your own email server.
    "Email Services" section of my "Secure Communication" page
  • Self-hosting: Run your own VPN server.
  • Crypto-currency.
  • Secure hardware/system:
    Business/govt-oriented systems are expensive, but cheaper consumer alternatives are being developed).

  • A "don't do anything from home" policy. Turn off phone before you go home, or have a non-home phone you turn off and a home-only phone you turn on. Do internet only from cafes or using someone else's network.
  • Willingness to delete/change/replace everything periodically. Change phone, phone number, cell-provider, credit card, ISP, online accounts (including email and social media), bank, car, job, etc. Wipe and sell computer, buy new one.
  • Willingness to withdraw from current situation. Move to a new address, or better yet a new country. Change patterns of behavior, interests. Drop friends who are not close. No car, no driver's license, don't register to vote.

The Tin Hat's "How Do I Start An Anonymous Blog?"
awesome-selfhosted / awesome-selfhosted

If you do any self-hosting things, what happens to them when you die ? Who else and what else depends on those servers ? What is to be done with them ? See "Electronic Assets" section of my "Legal Stuff" page.

When you get to some high level of OpSec, your behavior is as important as the tools you use. And having the discipline to always follow your rules, never making a mistake, is very hard.
Douglas Goddard's "Technical Anonymity Guide"
The Grugq's "Hacker's Guide to Stay out of Jail"
"The Hitchhiker's Guide to Online Anonymity"
Whonix's "Tips on Remaining Anonymous"

Others are a threat to your privacy

Your friends, relatives, co-workers are a threat to your privacy.

They will put your name, email, phone number in their phone and email Contacts lists, which then exposes that info to all kinds of apps and services.

They may post about you on social networks, put pictures of you online, mention you in emails. They may widely repost something that you posted to a small audience.

Your family may submit their DNA (which is partly your DNA) to testing services. Their family medical history is your family medical history.

Push back, calmly, if they post something you wish they wouldn't.

Don't give them information that you don't want them to put in Contacts lists in email or phone.

Know your legal rights

You can say "no" if police ask to enter your house or search your phone or computer or car. Don't give in to the temptation to be friendly or helpful or try to talk your way out of trouble; politely say "no".

Don't "consent" to a search of your phone. Even if the police or border control imply something limited, such as "we just want to look at your text messages", they will make an image-copy of the whole phone, and they may retain that data and search it later and/or for other purposes.

Remember that if you give police permission to enter/search your home/car/computer/phone, that thing may contain private possessions/data of your family/friends, not just your stuff.

No such thing as total privacy or security

There is no such thing as total privacy, or perfect security.

Just do your best to improve, and don't expect to hit "100%". There is no "100%".

If the government or a spy agency or law enforcement really wants to get your data, they can get it. The software we use is extremely large and complex and has lots of bugs and vulnerabilities. If an agency seizes all your devices and really digs into them, they'll probably get your data. Do your best to protect yourself, but be realistic about the limits.

If you see a claim that a tool or technique will give you "100% security" or "make you disappear online", or something is "unhackable" or "impossible to crack", assume that's false.


Facebook is a special case, because they know so much about you, and they have code on many other web sites, and they sell login services to many sites, and they buy data about you from other services.

Just for info: Facebook actually doesn't "sell your data". I think they provide two main targeting mechanisms to advertisers:
  • Advertiser says "I want to display ad X to people who have Liked FB page X, or joined FB group Y, or used web site Z, and/or Friends of those people."

  • Advertiser says "I want to display ad X to people who are age 25-34, female, religious, in ZIP code 12345, and FB thinks are parents of young children."
Facebook takes that ad from the advertiser, figures out the right FB users to show it to, and shows it to them. Data about individual users is never shown to the advertiser.


Check what activity other sites have reported to Facebook: Facebook's "Off-Facebook Activity"

Vicki Boykis' "What should you think about when using Facebook?"
Paul Bischoff's "How to stop Facebook from tracking you on sites that aren't Facebook"
Emily Price's "Android Apps That Overshare Info to Facebook"
Verge's "Tax filing websites have been sending users' financial information to Facebook"

Remove phone and email from Facebook

Minimizing knowledge and connections

Yegor S's "How to (actually) be anonymous online"

Reporting violations

Suppose some software (app, browser add-on, application, web site) doesn't have a privacy policy, or has a policy that breaks the law, or has no way to request closing your account or deleting your data.

A confession

My wife still uses Windows 10, no password manager, no VPN.

The reason is that changing each of those imposes some cost, either in terms of requiring fiddling by the user, or in terms of things that may not work. Moving to Linux would make PDF files and MS Office files not quite work in some situations. The password manager I use, KeePassXC, uses a bunch of key-combinations you should memorize to use it quickly. Script-blockers and VPN sometimes make some sites fail.

So I feel unable to convert my wife's situation to have better security and privacy. She does have 2FA on a number of accounts.


iOS, The Future Of macOS, Freedom, Security And Privacy In An Increasingly Hostile Global Environment

Brian Lovin's "Security Checklist"
Watch Your Hack
Privacy Guides
Paul Bischoff's "75+ free tools to protect your privacy online"
Karegohan-And-Kamehameha's "privacyguide"
Noah Kelley's "A DIY Guide to Feminist Cybersecurity"
CISA's "Tips"
Sarah Jeong's "The Motherboard Guide to Avoiding State Surveillance"
"The Motherboard Guide to Not Getting Hacked"
kstan's "Starting a new digital identity"
For Linux, mainly: "The paranoid #! Security Guide"
Do Son's "Destroy-Windows-10-Spying: Destroy Windows Spying tool"
Do Son's "Hardentools: disables a number of risky Windows features" (build privacy/security scripts for MacOS and Windows)
xkcd's "Security"

"Privacy" from incoming abuse

If people are saying nasty things to and about you online:
  • Be the adult in the room: if you keep on topic, don't respond to insults, don't get mad, often a troll will give up. Even if they don't, others reading along will see who is sane and who is not.

  • You don't have to respond to everything. If some comment is idiotic, maybe ignore it. If someone throws 20 claims at you, maybe address only the top 1 or 2.

  • Take a break, don't obsess. Log off for a day, or go exercise, or do some involved project to drag your mind away from the abuse.

  • Focus on the positive; don't read or respond to only the negative.

  • Use report/block features of the site.

  • If you may end up reporting to police, don't delete the abuse, and print it out.

  • If someone has posted something illegally about you (nudes, or fake nudes), and the site won't take it down, try complaining to Cloudflare about it. These sites don't want to lose the protection they get from Cloudflare.

Rebecca Fishbein's "What to Do If You're a Victim of Revenge Porn"

See "Security and Privacy" section of my "Smartphone" page