2 days ago
6
Follow ZDNET: Add us as a preferred source on Google.
ZDNET's key takeaways
- If you need enhanced privacy, you have options.
- Instead of thinking about a single machine, think LAN.
- All of these options are free to use.
We live in a time where privacy is something we actually have to work to enjoy.
Achieving a level of privacy we once had takes work, and you need to start thinking beyond a single desktop, laptop, tablet, or phone -- all the way to your LAN.
Also: Why the most private way to browse the web isn't incognito mode (but this instead)
Before I scare you all off, understand that this starts on the desktop and extends to the LAN. By beefing up both your devices and your network, you'll achieve a level of privacy that you wouldn't otherwise have.
It will take a bit of work, but it'll be worth every second you spend on the task.
Let's start with the obvious and work our way out.
1. Harden your browser
Your privacy begins on your browser, because that's the app you use the most (and is also most vulnerable to privacy threats). The first thing you should do is consider using a browser that better protects your privacy, such as Brave, DuckDuckGo, or Tor.
If you continue using a web browser that doesn't offer better privacy, no matter what you do on your network, you'll still be vulnerable. Once you're using a privacy-focused browser, make sure the privacy settings are enabled. For example, with Zen Browser (which is based on Firefox), you can improve privacy by switching from the default Standard tracking protection to Strict or Custom.
Keep in mind that doing so might cause some sites to not work properly. To resolve that issue, you might have to set an exception for a particular site.
You should also consider adding an extension such as uBlock Origin, as well as NoScript.
2. Use secure apps
Any chance you have to use a more secure app, do so. For example, you might want to use a messaging app that uses strong encryption, such as Signal, Telegram, or Session. At the same time, you might want to adopt GPG encryption for your email client.
By making use of encrypted emails, you can be sure that only the recipient will be able to read the email. Email clients such as Thunderbird and Outlook offer the ability to set up encryption with tools like GnuPG. If you use a web-based email service, consider switching to the likes of Proton Mail. You can also password-protect your documents in apps like LibreOffice.
Also: 7 apps I use to lock down, encrypt, and store my private files - and most are free
It is also imperative that you start using a password manager. If you're not using a password manager, you're behind the curve and are probably using weak passwords. Adopt a password manager like Bitwarden to improve your security (and thus your privacy). You can even deploy a LAN-based password manager, so your vaults aren't saved on a third-party cloud host.
3. Use private DNS
This is where were start venturing out beyond the desktop.
You've probably heard of using privacy DNS (such as DNS over HTTPS). You can do this on your desktop, laptop, phone, or tablet to ensure your DNS queries are encrypted.
Also: How to turn on Private DNS Mode on Android - and why it's a must for security
However, some ISPs allow you to set it so that every device on your network automatically uses private DNS. Not every ISP allows this, but if yours does, you'll need to log into your router and set the DNS options to one of the many private options, such as Cloudflare (1.1.1.1 and 1.0.0.1) or Google (8.8.8.8, 8.8.4.4).
This is certainly not as simple as enabling private DNS in your browser or on your device, but if you want to ensure private DNS is used across your network, this is the way to go.
4. Blocking ads and trackers on a network level
I've already mentioned blocking ads and trackers on a per-browser level, but you can also do this on a network level. This means anything your browser might miss will be caught, and even your smart TVs will be better protected.
Thanks to apps like Pi-hole and AdGuard, you can block ads and trackers across your LAN. The caveat to using such apps is that you have to install them on a spare machine on your LAN (or even a Raspberry Pi).
Also: 5 great Chrome browser alternatives that put your privacy first
Of course, with every instance of ad-blocking, you will run into sites that don't function properly, and will have to add exceptions for those sites.
5. Use a more secure search tool
If you're simply hopping onto Google for your searches, you are willingly giving Google the keys to your privacy kingdom. Instead, opt for a privacy-centric search engine, such as DuckDuckGo.
Even better, you can deploy an in-house search tool, such as YaCy, that can be installed on Linux, MacOS, or Windows and uses a decentralized network for search results.
6. Use a firewall
I'm not talking about your desktop firewall. There are firewalls available that can be installed on spare machines (or even include their own hardware), you can deploy to your LAN that do a great job of protecting you from all sorts of threats.
Also: Why the most private way to browse the web isn't incognito mode (but this instead)
There are even Linux distributions that can be installed on a spare machine (or as a virtual machine) and used as a firewall for your entire LAN. Such distributions include OPNsense, IPFire, pfSense, and VyOS.
Deploying a dedicated firewall might not be as simple as enabling or installing a firewall on your desktop, but you can be sure that it'll offer you much more privacy and protection.
English (US) ·