"Deep in the sea are riches beyond compare.
But if you seek safety, it is on the shore."

How to Protect Yourself

1. Don’t EVER put your personal information (full name, phone number, address, credit card number, etc.) onto "Profile assistant" programs, browsers, WindowsXX systems, etc. That information is the easiest way to figure out your identity and built up a profile from you. If have putted such information on, chance that information and turn off Profile Assistant program. And Don’t ever put your personal information (especially credit card numbers!) on to any web-based question form, competition, personality tests, etc. Fill in a phoney data if needed. :)

2. Try anonymity servers that mask your ip-address (like free https://www.safeweb.com). Even the ip-address doesn’t tell the owner (of the www-pages you visit) who is on the other end of the wire, it does tell him/her who is your internet service provider. But if you have fixed ip-address (ask from your service provider), they can track you down... Every time you go to that page, the owner knows that "this" fellow is back here. Not to mention that when someone gets your IP-address, they can try to attack you computer via net.

3. Remember, that EVERYTHING you do in the net is recorded by your internet service providers log-file. This file tells anyone who can get it in their hands, everything you have done in the net...all pages you visited, what did you do there, etc. So, If you are about to do something really private, use public computers (in libraries, universities) but don’t reserve it on your real name and don’t use your "original" email address. Remember, that you should be very careful while using public computers (see next paragraph).

4. Don’t EVER use public computers to read you "original" email or to any other thing that demand you to type any logins or passwords. Public computers are many times fitted with Trojan horse programs that can be used to capture your keyboard pressings (=logins + passwords). These history files can be collected by the hacker later or sent via email.....and off he gets his hands into your email, etc. (as a side comment… this is the easiest way to get your passwords)

5. Pick good pass phrases & chance all your passwords (or to be more exact passphrases :) every now and then. And make sure you don’t type your pass phrase so that someone might be watching... Secure passphrase is something over 13 marks long, contains both letters and numbers and is hard to guess. For instance, a good passphrase might something like “H9bestsoccerplayerisTIM23!”

6. Encrypt and sign all your email and encrypt confidential files and your HD. Email service providers can read all email going trough their servers. Sure, they'll say they don’t do that, but imagine, if you could read other peoples email (perhaps your neighbours or boss ?) would you do it ? Also, basically every email send is filtered by Echelon system, searching for keywords. Not to mention hackers, your co-workers, boss, neighbour, kids, sisters, wife/husband who might be very interested about your private files and emails. Downloading and using of PGP, for instance, is easy, free, and effective. Then all you have to do is to exchange your public keys (homepages or simply floppy disks do the job safely) and off you go... Sending your public keys via email isn’t recommended, because of the possibility of "man-in-the-middle" attacks (someone picks up your key and replaces it to his/hers made key and sends this key to the recipient). If you are too lazy to get PGP, then try internet-based, encrypted email accounts, like Hushmail or ZipLip, its free and gives you plenty of space as well !

7. Wipe history files (cookies, history, internet temporary files, temp-folder, etc.), logs, free space, files slacks, erasable files and (carefully!) windows swap file on your hard drives by using specific wiping programs. PGP has wiping utility, but I recommend using a specific program, such as Eraser which is a freeware... Also, to wipe Windows history files and other logs created by other programs, I suggest buying “Window Washer” (http://www.webroot.com), with plugins, you can wipe all history in your computer easily and securely. When you normally delete a file, that file isn’t really erased. Computer simply marks those clusters as "unused", and its very easy to recover data from these clusters (remember Undelete in WIN3.0 ?). Also, Windows uses swap file as an extension of your RAM and every now and then wrights something to HD. Windows swap files are known of contain passwords, copies of files, etc. The only way to be sure that Windows doesn’t write anything important to the swap file, is buy enough RAM (they are very cheap today!) and turn swap file off! You need about 128MB of RAM, but I recommend 256MB to run without swap file. Remember, that after you have wiped a file or two, there’s NO WAY they can be recovered (if you have chosen enough overwriting passes :) so be sure you don’t need those files anymore...

8. Remember that the security is only as strong as its weakest link! Don’t bother setting up secure settings, firewalls, etc. if other people who use your computer switch them off or alter your settings. Like your children and sisters ;) Teach them either about the security and how important it is, or just simply say to them: Don’t touch ANY settings. If they don’t believe you, either teach them more, or just ban them from using your computer or install a program or operating system that prevents them from altering settings. There’s no point on you building up everything and the next person coming to your computer discarding everything you just did.

- Markus Jansson