In this episode of the Privacy Bootcamp podcast, we dive into securing your social media accounts, focusing on Facebook and X.com (formerly Twitter). Tim Jensen, host of "Intentionally Inconvenient," walks us through essential settings and strategies to enhance your privacy and protect personal information. From managing your Facebook profile visibility to understanding session tokens on X.com, this episode is packed with actionable insights to keep your digital presence secure.

Standout Quotes:

• "Your public profile is the tip of the iceberg. Hide the rest to stay secure." – Tim

• "Aliases for emails and phone numbers are a little privacy measure that goes a long way." – Tim

• "Session tokens can bypass logins; logging out regularly stops this vulnerability." – Tim

• "Limit what you share. Every detail is a piece of the puzzle for data collectors." – Tim

Key Takeaways:

1. Facebook Privacy Settings:

◦ Use Privacy Checkup tools to manage who can see your posts, stories, and personal details.

◦ Limit the visibility of your friends list to prevent impersonation scams.

◦ Lock down past posts by adjusting the audience to "Friends Only."

◦ Use aliases for phone numbers and emails to keep your contact details private.

2. X.com Security Practices:

◦ Regularly log out of all sessions to invalidate session tokens and secure your account.

◦ Turn off discoverability by phone number and email to reduce unsolicited contacts.

◦ Use hardware keys like YubiKey for 2FA instead of SMS-based authentication.

◦ Disable location tracking and minimize personalized ads to reduce data collection.

3. General Privacy Strategies:

◦ Avoid using social media accounts to log into third-party apps.

◦ Consider using services like DeleteMe to remove personal data from broker sites.

◦ Regularly review and update privacy settings to ensure they align with your preferences.

Episode Timeline:

• [00:00] Introduction to Facebook Privacy

• [02:15] Using Privacy Checkup Tools

• [05:30] Managing Public Profile Visibility and Locking Down Posts

• [10:00] Introduction to X.com Privacy Practices

• [15:20] Managing Session Tokens and Turning Off Discoverability

• [20:10] Using Hardware Keys for Enhanced Security

• [25:00] Final Thoughts on Privacy

Resources Mentioned

● goclik.me/deleteme - A service recommended by Tim Jensen to remove personal information from the internet. They offer a 25% discount.

Contact and Additional Information

Host: Tim Jensen
Email: tim@intentionallyinconvenient.com
Website: Intentionally Inconvenient Podcast

In this episode, Tim Jensen explores the importance of two-factor authentication (2FA) and multi-factor authentication (MFA) using hardware keys to enhance online security. He explains the concepts behind these authentication methods, their role in establishing identity trust, and how they form part of a robust privacy framework. Tim also highlights the advantages of using hardware keys like YubiKey and OnlyKey over other forms of authentication.

Standout Quotes

● "Two-factor authentication establishes trust with someone who does not know who you are by using something from a trusted authority as proof of your identity." – Tim Jensen

● "Convenience is the enemy of privacy." – Tim Jensen

● "Hardware keys need to be physically with you, so that's the best kind because they can't be stolen through hacking." – Tim Jensen

● "Always buy two hardware keys. Never buy just one." – Tim Jensen

Key Takeaways

1. What is Two-Factor Authentication?

○ A method requiring two distinct forms of identification to access an account.

○ Common types include: something you know (password), something you have (hardware key), and something you are (biometric data).

2. Why Use Hardware Keys for Authentication?

○ They provide an extra layer of physical security.

○ Cannot be duplicated or stolen digitally.

○ Best for protecting critical accounts like financial or medical records.

3. Tim's Hardware Key Recommendations:

○ YubiKey: Supports USB-C, NFC, and stores authentication codes.

○ OnlyKey: Combines password management with authentication, supporting up to 24 passwords.

4. Best Practices for Hardware Keys:

○ Register your keys during account setup.

○ Keep backup keys in a secure, separate location (e.g., a safe or safety deposit box).

○ Separate storage for passwords and two-factor authentication codes.

5. Layering Your Security:

○ Combine hardware keys with other methods like VPNs and unique email aliases.

○ Use hardware keys alongside password managers for the most secure setup.

Episode Timeline

● [00:00] Introduction: Recap of email aliasing and the importance of layered security.

● [03:00] Explanation of two-factor and multi-factor authentication.

● [10:15] Why hardware keys are the most secure method.

● [18:45] Demonstration of YubiKey and OnlyKey features.

● [24:00] Practical steps to secure your accounts with hardware keys.

● [29:45] Closing thoughts: "Stay safe and stay private."

Resources Mentioned

• http://goclik.me/deleteme - A service recommended by Tim Jensen to remove personal information from the internet. They offer a 25% discount.

• yubikey.com - Website for purchasing YubiKey hardware security keys

• onlykey.io - Website for purchasing Onlykey password manager devices

Contact and Additional Information

Host: Tim Jensen
Email: tim@intentionallyinconvenient.com
Website: Intentionally Inconvenient Podcast

In this episode, Tim Jensen dives into the importance of email aliasing as a foundational step in maintaining privacy and protecting your digital identity. He shares practical strategies to safeguard your accounts, minimize exposure to hackers, and build a layered security system. Tim emphasizes creating habits of privacy and introduces tools like Proton Pass, SimpleLogin, and YubiKey to simplify the process.

Standout Quotes

● "Using the same email address and the same password for everything is a horrible strategy." – Tim Jensen

● "Using an email alias adds another layer of security." – Tim Jensen

● "This little bit of inconvenience is a lot better than having your accounts stolen or your entire identity stolen." – Tim Jensen

● "Create habits of privacy." – Tim Jensen

Key Takeaways

1. What is an Email Alias?

○ Email aliasing is essentially email forwarding that hides your real email address from senders.

○ You assign unique email aliases for each account or purpose, which forwards messages to your actual email address.

1. Why Use Email Aliases?

○ Protects your primary email from data breaches and spammers.

○ Allows you to track where your email address might have been compromised.

○ Helps compartmentalize your digital identity.

1. Tim's Recommendations for Privacy Layers:

○ Use unique email aliases stored in a password manager.

○ Create 20+ character unique passwords for each account.

○ Utilize hardware keys like YubiKey for significant accounts.

○ Employ two-factor authentication through apps or hardware keys.

1. Managing Your Privacy Habit:

○ Start small, mastering one privacy step at a time.

○ Layer your security for critical accounts like financial or medical accounts.

○ Gradually incorporate habits like using VPNs, encrypted communication tools, and credit freezes.

1. Tools Highlighted:

○ Proton Pass: Combines password management with email aliasing.

○ YubiKey: Hardware key for two-factor authentication.

○ SimpleLogin: Service integrated with Proton Pass for alias management.

Episode Timeline

● [00:00] Introduction: The importance of email aliases.

● [03:15] What is email aliasing, and why it's essential for privacy.

● [07:50] Layering your security: Tim's recommended strategy.

● [13:00] Stories of compromised accounts and how email aliasing prevents them.

● [18:30] Practical steps to start with Proton Pass and SimpleLogin.

● [24:45] Tim's privacy bootcamp habit-building strategy.

● [29:10] Closing thoughts: "Don't be the low-hanging fruit for hackers."

Resources Mentioned

● goclick.me/protonpass: A password manager with built-in email aliasing.

● SimpleLogin: A service for creating and managing email aliases.

● YubiKey: A hardware key for two-factor authentication.

Contact and Additional Information

Host: Tim Jensen
Email: ii@timjensen.email
Website: Intentionally Inconvenient Podcast

Tim dives into the privacy implications of search engines, discussing alternatives like Startpage, DuckDuckGo, and Freespoke. He explains how search data can be used to build detailed profiles and why it's essential to choose search engines that prioritize user privacy.

Standout Quotes:

● "Your search engine knows more about you than your closest friends."

● "If you like Google's results but want privacy, Startpage is your best bet."

● "Support search engines that build from scratch—don't rely on Google's API."

Key Takeaways:

1. Understand the Risks: Mainstream search engines track searches, clicks, and even mouse movements.
2. Switch to Alternatives: Use Startpage for Google-like results without the tracking or Freespoke for a transparent experience.
3. Pay for Privacy: Services like Kagi offer ad-free, unbiased results for a subscription fee.
4. Be Mindful of API Use: Many search engines rely on Google or Bing's back-end, which may compromise privacy.

Episode Timeline:

● [00:01] Introduction to search engines

● [03:30] How search engines track and profile users

● [06:25] Privacy-focused options: Startpage, DuckDuckGo, and Freespoke

● [12:03] Supporting ad-free engines like Kagi

● [13:28] Final thoughts

Sponsor - Proton Pass https://www.goclik.me/protonpass

Contact and Additional Information Host: Tim Jensen Email: ii@timjensen.email Website: Intentionally Inconvenient Podcast

In this episode, Tim Jensen discusses web browsers and how they impact your privacy. He explains how browsers like Brave, Firefox, and Tor can protect against tracking and surveillance. Tim also highlights the dangers of using mainstream browsers like Google Chrome and Microsoft Edge, emphasizing the need for privacy-focused alternatives.

Standout Quotes:

● "Brave gives you privacy right out of the box—no need to harden it like Firefox."

● "Every keystroke, every click, every mouse movement is tracked by mainstream browsers."

● "Switching browsers is a simple yet effective step toward better privacy."

Key Takeaways:

1. Switch to Privacy-First Browsers: Options like Brave and Tor minimize tracking and protect your identity.
2. Harden Firefox for Better Privacy: If you prefer Firefox, follow hardening guides like those from Michael Basil.
3. Avoid Data-Hungry Browsers: Stay away from Google Chrome and Microsoft Edge to reduce surveillance.
4. Use a Password Manager: Tools like ProtonPass integrate seamlessly with privacy-focused browsers.

Episode Timeline:

● [00:01] Introduction to browser privacy

● [03:20] Recommended browsers: Brave, Tor, and hardened Firefox

● [05:44] Why avoid Chrome and Edge

● [08:23] How password managers complement privacy browsers

● [10:18] Wrap-up

Sponsor - Proton Pass
https://www.goclik.me/protonpass

Welcome to the Intentionally Inconvenient Podcast! In this episode, host Tim Jensen explores the world of messengers, dissecting the pros and cons of popular platforms like WhatsApp, Facebook Messenger, iMessage, and others. Tim delves into the importance of end-to-end encryption, decentralization, and other privacy features while explaining why he prefers Signal Messenger over alternatives. He also highlights the critical concept of disappearing messages and why they are a game-changer for protecting privacy.

Standout Quotes:

● "End-to-end encryption means that even in transit, no one can read your messages—only the recipient."

● "Disappearing messages are like Mission Impossible: they self-destruct, leaving no digital footprint."

● "A messenger shouldn't be a museum of your conversations; your privacy matters more."

Key Takeaways:

1. Choose Privacy-Centric Platforms: Platforms like Signal and Briar offer robust privacy features like encryption and decentralization.
2. Disappearing Messages: Enable disappearing messages to reduce the risk of long-term exposure of your private conversations.
3. Avoid Third-Party Surveillance: Use platforms that don't collect or sell your data, such as Signal.
4. Cross-Platform Flexibility: Use messengers like Signal that work across operating systems, from iOS to Android to Linux.

Episode Timeline:

● [00:01] Introduction to messengers and privacy

● [02:33] Evolution of messaging platforms

● [12:10] The benefits of Signal Messenger

● [16:20] Why disappearing messages are essential

● [17:47] Closing thoughts

Welcome to the Intentionally Inconvenient Podcast! In this episode, host Tim Jensen explores the crucial role of virtual private networks (VPNs) in safeguarding online privacy. He clarifies how VPNs work to hide your IP address, showing their necessity in defending personal data from ISPs, cybercriminals, and unauthorized access. Tim provides tips on choosing an effective VPN, dispels misconceptions about digital anonymity, and features the significance of managing one's online identity. He invites the audience to embrace VPNs as an essential part of their approach to maintaining internet privacy.

Standout Quotes:

• "It's nobody's business who you are and what you're doing on the internet. It's not the ISP's business, the website you visit's business, or the business of hackers and identity thieves."
• "Anonymity in this society is a myth. No matter what VPN companies may advertise, it will not make you anonymous."
• "Remember, if the product is free, you are the product. You don't want to be using a free VPN any more than you want to use free email."
• "A VPN is not a fad. They're going to be here for a long time because they serve a valuable purpose of keeping people away from being identified."
  
  

Key Takeaways:

• Evaluate Your VPN Needs: Reflect on your online activities and decide if a VPN is necessary for your situation. Consider how it might improve your online privacy.
• Research and Choose Wisely: Investigate different VPN providers and choose one that aligns with your privacy goals, keeping in mind factors like logging policies and customer reviews.
• Understand the Limitations: Clearly recognize what a VPN can and cannot do. Acknowledge that while it enhances privacy, it doesn't guarantee complete anonymity.
• Check Local Laws: If you travel, be aware of the legality of VPN usage in various countries to avoid any legal complications.
• Regularly Review Your Privacy Tools: Beyond a VPN, ensure your entire suite of privacy tools is up to date and serving its purpose effectively.

Episode Timeline:

[00:01] Introduction

[00:26] What are VPNs?

[03:30] The importance of keeping your IP address private using a VPN

[05:38] VPN misconceptions

[07:41] Proton VPN

[10:10] VPN differences

[12:40] Recap and final thoughts

[13:47] Outro