I’ve been following some data security hygiene since 2012 and some might have thought it was paranoid, but suddenly everyone thinks it’s really smart... so sharing it for your information:

1. If you don’t want your internet search known, incognito mode isn’t enough...

Good VPN + incognito of a separate browser is an okay practice.

DuckDuckGo + TOR is the best!

2. Online backups aren’t really secure unfortunately. iCloud, Google Drive have all been compromised in the past. Encrypted local storage (external HD/SSD) still wins in my book.

3. Keep 2 Factor Authentication on for everything! External token is ideal. Authenticator apps are good. SMS OTP is good enough.

4. Nostalgia is great, but don’t keep content. I stopped hoarding chat backups and documents long ago. If you stop using a device, wipe it.

5. Signal’s great. WhatsApp is good too. Issue is chat backups or local device. Securely wipe your phone and it truly is gone!

6. Nothing’s deleted till the sectors are written over. If you delete a file, do it with something that writes on top of it. Better yet...

7. To keep stuff truly secure, keep it all in Veracrypt (formerly TrueCrypt). You delete it in there, it isn’t coming back.

8. The person you talk to / chat with is likely doing none of this, so when their device is compromised your cyber hygiene is essentially meaningless.

9. It’s luck too. Your habits protect your data, but in the end it comes down to who’s after you and how each of your luck is operating.

There will always be points of weakness, but very likely if you do this much your adversary won’t be able to find that weak spot.

10. You can go all crazy with bootable USB sticks with Linux distros but then you might have bigger problems than simple data security. This thread likely isn’t what you need.

Realise that it isn’t about hiding illegal things. What started as a murder conspiracy is now about drugs. If that had failed it’d be about relationship gossip.

How your cyber trail will be used to discredit and destroy you isn’t yet known...

It depends on the story that sounds good at the time. Why you’d have someone who wants to do this?

Most likely you won’t. But then someone might be after your uncle’s best friend’s cousin in law, and they might reach you regardless.

You can be 100% legally in the clear but is living through a national TV embarrassment and an image destruction campaign worth it?

Take 5 mins, secure yourself. And especially secure yourself if we’ve ever talked! :p

Also do check out the Blacklight Project! You’d be surprised what websites track you, and to what extent.