Cybersecurity

I’m gonna be straight with you.

Cybersecurity isn’t just about doing all the things secure and private. It’s also about judging/predicting likelihood of your risks so as not to over do it.

You are already above and beyond what you need to secure the average person (Firefox switch is eh, Firefox can still be locked down or “hardened” via config changes.)

I can’t offer any further advice without knowing your “enemy.”

Is this just for general purpose use or are you especially risky in a specific area

Add chameleon add-on so your browser fingerprint changes every 60 seconds.

You can think about your physical network. Do you own the device that connects to your ISP? Do you have a gateway device between you and it? Do you have an open WiFi or is it quiet and password protected? Do you have a switch that can vlan all the iot devices or guest wifi network?

• MFA all accounts that support it
• important accounts use hardware key like Yubikey
• Ditch SMS mfa use Authenticator or hardware key
• custom email aliases (proton have SimpleLogin) use separate email for every account just like password
• change your browsing habits from YouTube instagram twitter to privacy alternatives (there is Firefox plugin Privacy Redirect)
• use separate vm for higher risk browsing or separate computer (tails)
• get VoIP phone number redirect your current phone to VoIP.
• use pre paid phone only for internet and never use it for phone or sms. For more paranoid activate away from home using fake name (Mint mobile for instance doesn’t check if it’s real)
• use phone that was never registered to your name (don’t reuse old phones)
• setup always on VPN on your home on router with killswitch so you never reveal your IP accidentally
• use privacy oriented DNS service

If you into privacy I recommend Extreme Privacy book that goes over many things. The lengths that you go to protect your privacy will depend on your threat model. Privacy is expensive unfortunately.

Set up 2FA/MFA for all of your accounts wherever supported. It's probably one of the few easier things you can do that is missing from your list, and you will vastly improve your security posture for it.

I just use Google authenticator but there are plenty of other apps out there if you'd prefer something else.

Not an expert, but you need to define your "threat model" first. Whom against want you to harden your security?

I'm confused about Proton and Thunderbird. Is it possible to use Thunderbird with proton encrypted email?

Use the noscript addon. It protects your data by blocking all javascripts. Sadly it makes a hassle of going on a site but you will suprised how many javascripts are only there for tracking.

Also, I use ecosia as a search engine which is non profit. all profits go to the enviroment. Using !g before the prompt and it uses google and since i use privacy badger, ublock and noscript i dont think they track too much.

Take away admin permission from your default accounts. It's not enough any more to be careful. There are web browsers/operating systems that have code execution vulnerabilities. Chrome just released a patch two days ago for this reason.

Update your browser, OS and other software promptly. Same for whatever network devices you use.

Don't use an admin/root account as your daily driver. Use an unprivileged account and elevate as needed.

Keep a backup of your important data in offline / immutable storage.

https://prism-break.org/en/ here is a bunch of free and private Software suggestions for all plattforms this really hooked me up

what OS are you on?

Buy two security keys (like yubikeys) and use them.

If you want to get really serious go to stigviewer.com and go dig through the security controls for the software you use.

In this day and age.. write your pass words down in a notebook instead of saving them on your pc/the internet

You can pepper them for extra safety