ghost.moe
A minimalist guide to digital privacy, security, and anti-censorship.
Welcome to ghost.moe. This guide is meant to help you take control of your digital privacy and security. With more privacy and security, comes less convenience. This is an unfortunate reality. We've broken things down by topic, and each topic has three levels: More Convenient, Balanced, and More Secure/Private. Start where you're comfortable.
🕵️♂️ Threat Modeling
The most important thing to consider when you are worried about privacy and security, is your threat model. Who are you trying to hide your data from? If you only need to hide your data from your family, you may just need to delete your browser history. If you are trying to hide your data from governments, you will have to do quite a bit more work than just deleting your browser history. Come up with your threat model, and think about the tools that this adversary has at their disposal. Keep that in mind when going through this guide.
🧭 Web Browsing
Your web browser is one of the most used programs on your system. Taking steps to lock down your web browser will greatly increase your privacy.
More Convenient
- Switch to Firefox Firefox has a long history of respecting your privacy.
- Install an adblocker like uBlock Origin . Ads can be used to track you across websites or give you malware.
- Use DuckDuckGo instead of google. DuckDuckGo does not track your searches or browsing history.
- Disable third-party cookies in settings. Cookies can also be used to track you across websites.
- Tell websites not to sell or share your data in settings. Note: Websites do not have to adhere to this request.
Balanced
- Set Firefox to "Strict" Enhanced Tracking Protection. Note: This could cause some websites to break.
- Set Firefox to delete cookies and site data when Firefox is closed. This will make it harder to track you between sessions.
- Set Firefox to "Always use private browsing mode". This will log you out of everything and forget your history. This is very useful on shared computers or laptops that could easily be stolen.
More Secure
- Use Tor Browser for all sensitive browsing. Tor is the gold standard browser for privacy and anti-censorship. It will be very slow.
- Block javascript with NoScript or Ghostery Javascript is code that a website chooses to run on your computer. Blocking javascript can stop websites from learning more about your computer.
📱 Phones
Most people carry their phone everywhere they go. This can be used to track you.
More Convenient
-
Disable personalized ads in iOS or Android settings.
Android: Settings > Google > Ads > Turn off "Ad Personalization"
iOS: Settings > Privacy & Security > Apple Advertising > Turn off Personalized Ads -
Manage app permissions.
Set location permissions to “While using the app” or “Ask every time”.
Disable microphone and camera access for non-essential apps. Disable system-wide location when not needed. - Remove unused apps. Apps can run in the background even if you are not using them.
- Use a pin or password to unlock your phone. In some jurisdictions you can be required to unlock your phone with your fingerprint or face, but not with a pin or password.
Balanced
- Use open-source apps from F-Droid .
- Limit app permissions manually.
More Secure
- Install a custom ROM like GrapheneOS or LineageOS .
- Avoid all Google services.
🔐 Accounts
More Convenient
- Use strong and unique passwords for every account.
- Enable password managers like Bitwarden or 1Password.
Balanced
- Enable two-factor authentication (2FA) where available.
- Avoid using social logins (Google, Facebook).
More Secure
- Use pseudonyms and email aliases.
- Segment identities for different activities.
🛡️ Two-Factor Authentication
More Convenient
- Enable 2FA using SMS or email.
Balanced
- Use TOTP apps like Aegis or Authy.
More Secure
- Use hardware tokens like YubiKey or Nitrokey.
🛰️ VPN
More Convenient
- Use any reputable no-log VPN service.
Balanced
- Use VPNs based in privacy-friendly jurisdictions.
More Secure
- Self-host your own VPN using WireGuard.