“Danger! Danger, Will Robinson!”
In the 1960s TV serial “Lost in Space”, there was always at least one moment per episode where the rotund robot, mechanical arms flailing, uttered these immortal words. I mention them now, early in these posts, because as you move forward to improve your privacy and security, you may explore free and open-source software not discussed here.
CAUTION: Please be sensitive to the risk of using lesser-known open source products. Some of them contain malware. This includes backup, password management and anti-malware tools. Yes, you heard it here. Some open-source anti-malware tools contain malware. Do your homework. Research open source tools thoroughly.
It’s a jungle out there, so go armed (with information).
Other than avoiding products and services provided by Dr. Evil, what additional criteria might you consider?
Prefer products and services from companies based in a good privacy jurisdiction: countries with strong privacy laws and regulations. The European Union (EU) and Switzerland are good choices. Your data is better protected from government intrusion and commercial exploitation in these countries. I regret to say that the U.S. is not a good privacy jurisdiction. All major operating systems are U.S. based and there are few practical alternatives. The same is true of many strong antivirus products. It is, however, a consideration when choosing VPN, secure email and secure web browsing services.
Prefer products and services whose features and claims have been verified by a reputable third party audit. This increases your assurance that the claims are legitimate.
Prefer services that maintain little or no logs of customer access or usage. This reduces the possibility that personal information might be exposed through a security breach or legal action. This is particularly important for VPN services.
Prefer services with strong encryption that encrypt all your private information with a key that you control. This is a must for secure email, secure messaging and password managers. The term of art is “end-to-end zero knowledge encryption.” Encryption and decryption are only performed on your device (end-to-end), and the service provider has no access to the keys and therefore, no access to your data (zero knowledge).
And as stated in the prior post, “Show Me the Money,” prefer services with a business model that encourages good behavior: up-front or annual payments, contextual advertising, affiliate programs and donations. Otherwise, you are the product.
Information provided in this post is subject to the disclaimer in the first post of this series.