Our lives are increasingly dependent on the internet and the data we associate with our identities. Many of us still approach this situation naively, without a clear understanding of what their online identity represents, the data connected to it, or the risks involved.

Use the information found here at your own risk: my advice and suggestions should never replace your understanding of the issues and a strategy tailored to your particular situation. I believe them to be relevant, but applying them without understanding could lead to more insecurity than anything else.

This page aims to provide a simplified overview of the main issues, tools to establish a healthy baseline of ASP ¹⁾, and directions to explore further, based on a few fundamental principles.

Even without anything to hide, everyone is affected by issues of online security, anonymity, and privacy.

Whether they realize it or not, people face several serious challenges in this area. Here are some of the most important:

• Protection of personal information: The information you share online, intentionally or not, is exploited for profit and may be used abusively. This includes data collected about you unknowingly during internet browsing, such as your IP address, browsing habits, people you communicate with…

• Cybercrime risks: Phishing, malware, ransomware, and other forms of cybercrime are serious threats. Poor online security can lead to personal data theft, including financial information,

• Surveillance and tracking: Governments, corporations, and even cybercriminals can monitor your online activity for various reasons, but probably none that you would approve of,

• Data-based discrimination: Companies sometimes use the data collected online to make decisions that may affect you, like insurance rates, loans, etc. These decisions can sometimes be discriminatory,

• Intrusive targeted advertising and profiling: Based on your online behavior, companies can target specific ads at you. This can be perceived as intrusive and may also lead to impulsive consumption decisions.

Being aware of these challenges helps you better protect yourself. Beyond these generalities, some individuals, particularly activists, are more likely to be directly targeted by surveillance, profiling, or online attacks from hostile entities, primarily governments.

Of course, not all situations involve the same risks and countermeasures. The following sections of this guide provide general advice for improving security and anonymity, but we will also see some strategies available for those who need a higher level of security and anonymity, and ways to go further.

As soon as you’re connected to the internet, you interact with third parties and risk exposing private data against your will.

zone 1

SSL³⁾ is an encryption protocol used to secure communications between a client and a server. If you want to know more, the Wikipedia page is a good starting point.

In practice, you mainly use it with the https protocol, which encrypts the connection between the user’s browser and the website they have requested, meaning that all information transmitted between the user and the site is encrypted and can only be read by them.

This is the basic level of security on the internet, and you should ensure you only browse secure https sites, and especially, never submit personal information or passwords on a site that does not use it.

Modern browsers have configuration options or extensions that allow you to automate secure https connections.

zone 2

VPNs⁴⁾ are marketed at every corner. This tool, potentially very useful for security, is often misunderstood.

It creates a private tunnel between your computer and the VPN server. All or part of your internet traffic is routed through this tunnel, meaning that no one on your local network or ISP can see what you’re doing online, and the websites you visit see the VPN server’s IP address instead of yours. The traffic in this tunnel is encrypted. The VPN server operator can see everything that passes through this tunnel.

This technology has various uses. In a context where you are connecting to a remote private network (e.g., your employer’s network), and sharing private data between you and this network, your organization controls the VPN server, and this is undoubtedly the most secure solution.

However, in the context of your personal online security and anonymity, we’re generally not talking about this usage, but rather the service provided by companies selling it as a turnkey and complete solution for security and anonymity. These promises are mostly marketing, and while such VPNs have legitimate uses, it’s important to understand the relevant cases and their limitations.

• Your internet provider, or the operator of the public or private Wi-Fi you’re connecting to will not be able to know what you’re viewing online or read your passwords and other private data. But this is also true with simple https encryption, and a VPN offers only marginal security from this perspective,
• Your IP will be hidden from the websites you visit, and you will appear to be browsing from the IP of the VPN server you’re connected to,
• As such, a VPN can help bypass geographical restrictions on some services⁵⁾,
• However, you must have a great deal of trust in your VPN provider. They potentially have access to all your transactions and data, and can hand them over to authorities or sell them. Most VPNs, of course, swear they don’t do this or even claim not to keep logs, but several have been caught lying about it,
• You’ll also need to deal with minor inconveniences: your geolocation will be incorrect, and your connection will be slower⁶⁾.

I personally use ProtonVPN for the rare cases where a VPN seems like the right tool. It’s a paid service linked to Proton Mail, but audited, doesn’t require personal information to subscribe, is composed of free software, and seems to take security seriously. Don’t take this as a guarantee. It’s simply the provider of my emails, and the VPN is included (Mullvad would be my first choice if this service were important to me, and IVPN also ranks well).

In general, avoid free services like the plague, which will probably be financed by selling your data. However, for occasional use, and if you can accept a reduced speed (it’s slow!), Riseup is a militant project, offering several secure and privacy-respecting services, including a free VPN, without collecting any information about you.

zone 3

TOR, also known as the onion network, routes your internet traffic through several servers (or “nodes”) before it reaches its final destination. This makes it much more difficult, if not practically impossible, for anyone to identify the source of the traffic. You may have heard of it in the context of the dark web, for which TOR is one of the main protocols. The term is clearly intended to demonize anonymous and secure internet usage, but the phenomenon it describes—parts of the internet inaccessible to both private and state surveillance—does indeed exist.

This solution is by far the most secure and anonymous for connecting to the internet. However, it comes with significant constraints:

• You can expect a substantial slowdown in your connection,
• Some sites and services blacklist TOR exit nodes, either to prevent anonymity or avoid abuse,
• Although TOR is highly secure by default, it’s easy to make a mistake that will ruin all your efforts for anonymity, for instance, if you log into a service that holds information about you (your bank, your email, Google, Facebook…),
• Besides human errors, there are attacks that TOR does not protect against, such as traffic correlation attacks. These attacks are, however, rare, particularly difficult to carry out, and require uncommon resources.

In short, TOR is the most technically effective solution for security and anonymity but requires a good understanding of the underlying issues to use it safely. I may create a dedicated page on TOR in the future, but for now, it’s enough to know that it exists, and it’s not suited for everyday situations.

The browser is the window through which you access the internet. Google Chrome, Safari, Firefox… obviously, it is a crucial piece in our approach.

Most people use either the default browser on their system, such as Edge or Safari, or Chrome, Google’s browser.

These three browsers are proprietary software, difficult to audit, and they collect private data about you without any way to stop it. Anyone concerned with ASP should avoid them entirely⁷⁾.

zone 1

Brave is an open-source browser based on Chromium, the open-source foundation of Google Chrome, and provides an excellent default level of ASP.

If you’re looking for an easy replacement for Chrome, Edge, or Safari without worrying about configuration, it’s probably the best solution.

However, there are reasons you might not want to choose Brave, starting with its integration of a cryptocurrency system⁸⁾. Some users prefer to avoid Chromium-based solutions, so as not to contribute to the near-monopoly of WebKit⁹⁾ on the web, much like the days of Internet Explorer.

zone 2

Firefox is the quintessential open-source browser. Less secure and collecting more data by default than Brave, it can easily be configured to achieve as good or even better levels of protection.

Firefox also has the advantage of promoting web diversity and interoperability, as it is based on a different engine than Chromium/WebKit.

Its default configuration is insufficient (from an ASP perspective). Here are some configuration tips to optimize your situation, along with a few useful extensions for this purpose.

I place Firefox in zone 2 because it requires a bit more configuration than Brave, and switching to a different rendering engine will likely have some visual impacts on your usual websites. Still, it’s a very accessible option.

zone 3

Several other options exist: specialized browsers whose main goal is to provide a particularly secure and anonymous experience.

• TOR Browser: This is a ¹⁰⁾ browser preconfigured for maximum security and anonymity, with all traffic routed through the TOR network. Extremely secure and extremely restrictive at the same time, it makes it easier to access the TOR network for situations that require it.
• Mullvad Browser: Developed jointly by the TOR project and Mullvad, a VPN provider¹¹⁾, it’s essentially TOR Browser without TOR.
• Hardened Firefox, Arkenfox, Librewolf… Several projects aim to provide more secure and anonymous versions of Firefox. They all have different priorities and methods, but they are projects worth exploring if Brave or Firefox doesn’t suit you.

Many other lesser-known browsers exist, both open-source and proprietary. Some are, of course, legitimate tools, so don’t hesitate to read about them. However, beware of two proprietary browsers:

• Opera should be avoided like the plague. It’s proprietary, poorly configurable, and full of telemetry.
• Vivaldi is a security-oriented browser and quite respectable. However, since its source code is private, you must trust it blindly, which is contrary to our basic principles.

One of the main security challenges we face online is protecting our identity. If it hasn’t happened to you personally, you’ve likely witnessed Facebook accounts being hacked, with the owner losing control, or passwords being stolen from a compromised site and used elsewhere to access other accounts.

The problem is complex, but good security practices can dramatically reduce the risk of falling victim.

zone 1

Protecting your identity, on paper, is fairly simple: it “just” requires:

• Strong passwords (not MyDog’sName, nor MyD0g’sN4m3!, but rather 3&m7wz$Eqq88&26hZ6DH!#&4)
• Unique passwords for each site (or rather, each account). Otherwise, one security breach on a site can compromise all accounts using the same password.

In practice, this means it’s impossible to remember all your passwords, and you need to use a password manager to do it for you. These are tools that store passwords securely, encrypted, and allow you to access them when needed.

Once again, avoid proprietary software: trust relies on open code. Also avoid your browser’s internal password management, as its security is suboptimal.

For most people, Bitwarden is ideal: Free, open-source, easy to use, full of practical features, and integrated into browsers and mobile devices. If you’re looking for an alternative, Keepass and Pass are projects worth exploring.

You’ll need to protect access to this password manager with a… password, called a master password, which is also strong and unique. Fortunately, this is the only password you’ll need to remember from now on. Ideally, this password should include numbers, lowercase and uppercase letters, special characters, not resemble dictionary words, and have no logical connection to you.

Get Cyber Safe gives the following excellent advice for choosing a secure and memorable password:

Once you’ve chosen a password, I suggest testing it on How secure is my password?

zone 2

Two-factor authentication¹²⁾ is a technique used to enhance the security of an account. To authenticate, it’s no longer enough to know the account’s password, which could be compromised, but you must also prove possession of a secret.

You’ve likely encountered this before, for instance, when websites send you a code via SMS when logging in. This is an extremely effective technique if implemented properly, and you should enable it whenever possible.

There are several implementations of 2FA, and while all are more secure than single-factor authentication, they are not equally effective:

• SMS: Often imposed, especially by banks, this is the weakest form of 2FA. The security and privacy of SMS are a joke, and it’s easy for an attacker to gain access. This method could also cause problems when trying to log in from an area with no cell network or if you lose your phone. It’s favored¹³⁾ by institutions because it’s an easily accessible and familiar technology for most people.
• Email: Working on the same principle as SMS-based 2FA, it’s much less popular but significantly more secure.
• TOTP: You might be familiar with Authenticator, the app developed by Google¹⁴⁾, which gives you 6-digit codes for each registered service that change at regular intervals. This implementation, known as TOTP¹⁵⁾, is much more secure than SMS or email, while still being fairly widespread. Moreover, you’re not required to use Google’s app. Though open-source, it’s not very ergonomic. I recommend 2FAS, which is open-source, more user-friendly, and gives you greater control over your secrets.
• Physical keys: You can also use physical keys with the U2F¹⁶⁾ or FIDO¹⁷⁾ protocols, such as those sold by Yubico. This is undoubtedly the simplest and most secure method to use, but it’s not supported everywhere. Be sure to have a backup key, just like with your house keys!

Email is one of the oldest internet protocols. As such, it was designed in a completely different context than the one we know today—a world where data theft, identity theft, and spam hardly existed—and is absolutely not built to address these challenges.

However, email is at the heart of our digital identity: we use it to authenticate with banks or governments, receive confidential data, reset passwords… For most people, a security breach on their primary email is a potential disaster, putting all important accounts at risk.

Beyond the security issue, privacy is also crucial with email. Without going as far as this grim story of Yahoo Mail technicians accessing intimate photos, all the content of your emails is scanned to gather data about you, sell it, target you, and profit from it.

There are several ways to protect yourself from this intrusion, such as self-hosting your email or encrypting them systematically (zone 3+), but these are usually cumbersome and difficult to implement.

zone 1

A simpler solution is to switch to a secure email provider that respects your privacy. These are few in number and often paid, but they make a significant difference to your ASP.

• Proton Mail is a service that automatically encrypts your emails, enabling end-to-end encryption between users of the platform¹⁸⁾, based in Switzerland¹⁹⁾, and does not require personal information to sign up²⁰⁾. They offer a free plan, likely sufficient for most people, as well as several paid plans, with more storage, the ability to use your own domain name, and other features. It’s an excellent service, easy to migrate to from another provider, especially Gmail, and very simple to use.
• Tutanota is a similar service, also offering a limited free plan. It’s slightly more innovative²¹⁾ but also a bit harder to access, making fewer concessions to user-friendliness.
• Riseup is an activist collective, with anarchist leanings, that provides free, secure communication services for activists (on the left!). It’s probably the only free provider robust enough to be recommended here.

zone 3

Using the providers above places you in an infinitely better situation, from an ASP standpoint, than any mainstream provider, but this does not guarantee complete anonymity. For instance, Proton was recently in the news for logging the IP address of a French environmental activist at the request of authorities.

This doesn’t give authorities access to the content of their emails, but it can still endanger a person or their activities. If you’re concerned about this type of anonymity and want something more absolute than what the above providers offer by default, here are a few tips:

• With the TOR browser, connect to Proton Mail's onion service and create a free email account. Choose an identifier with no connection to you²²⁾ and a strong password, which will immediately be stored in a password manager,
• Do not reveal this email’s existence to anyone, let alone its connection to you,
• Never use this email outside of TOR, and always use the onion service to access it,
• Never use this email for any activity related to you, even remotely.

Such an email account won’t be useful for everyday life, but if you need a truly secure and anonymous means of communication, this is probably one of the easiest and most effective methods.

The other major axis of online communication is instant messaging: Messenger, WhatsApp, Telegram, Signal, to name the most well-known.

The situation has greatly improved over the past few years in this area, with end-to-end encryption being integrated into all major services. However, not all these services are equal: some collect metadata about you, others retain the encryption keys to your data, or rely on proprietary software for encryption.

To keep it simple, as much as possible, use Signal, the only one of these services that collects no metadata, and relies entirely on open-source software on both the server and client side. The only real issue with Signal is that it requires a phone number to create an account, which excludes true anonymity.

If you can’t use Signal (for example, if your contacts don’t use it), make sure to enable end-to-end encryption in the settings of your messaging app.