While Christmas is still months away, there is never a bad time to pick up new tools to help you stay safe online. Former FBI agent and cyber security expert Michael Bazzell has a few items he recommends to keep your online activity private.
Password Managers: A password manager is a third-party program and website that stores your passwords. This makes it easy to have the kind of passwords that are hard to crack. (Be sure to visit our article on password strength!) While MacOS, Chrome and some other programs have built-in password managers, Michael can recommend two aftermarket products.
The first program he recommends is BitWarden. BitWarden is available on Windows, Mac, and Linux computers as well as Android and iOS. It also integrates with all the major browsers including Edge, Opera, Firefox, Chrome, Safari, and even Tor.
Better yet, it is free for single users. A premium account is $10 a year which gives you 1 GB of file storage, integration with YubiKey, and reports on your password strength.
The second program is KeePassXC. KeePass is open source just like BitWarden, which means it is free and its code is public. This program is available for Windows, Linux, and Mac. KeePass is more sophisticated than BitWarden, so casual users might want to stick with the first option.
VPN Service: A VPN (virtual private network) is a service that extends a private network over a public network. In non-technical language, a VPN gives you the safety of being on a private network as you surf the wider internet. VPNs create a secure tunnel in which your data travels. Your internet service provider, hackers, and government snoops cannot easily intercept or interfere with your traffic while it is in that tunnel. While that would not stop malware on your computer, it does make things markedly safer which is why Michael recommends them.
As for which VPN to use, Michael offers two picks. For casual users, he suggests the lower costs VPN from Private Internet Access (PIA). PIA is available for under $40 a year for ten devices. Like most VPNs, PIA does not log your activity. Michael points to a 2016 incident where the FBI issued search warrants to PIA for logs of the activity of certain criminals. PIA complied with the request but simply had no records to offer. As a former FBI agent, he does not appreciate that criminals evaded justice. Even so, he feels this shows that PIA stands by its promise. PIA VPN is available here.
For advanced users, he suggests ProtonVPN. Michael likes ProtonVPN for a couple of reasons. First, since it is based in Switzerland, it is outside the five eyes environment in the US, where PIA is based. The term five eyes refers to an alliance of countries (the US, UK, Canada, Australia, and New Zealand) that share intelligence. That means that info gathered by the CIA, NSA, FBI, and others in the US is shared domestically and with their international counterparts.
Michael also appreciates that it comes from the same company that provides ProtonMail. ProtonMail is a mail service similar to Gmail. While not free, ProtonMail provides privacy that Gmail does not. This reputation leads Bazzell to recommend ProtonVPN over PIA for power users. ProtonVPN is a little more expensive at about $96 a year depending on your plan. ProtonVPN is available here.
YubiKey: YubiKey is a physical security key that allows you to log in to online services without needing to remember dozens of complicated passwords. YubiKey uses either Near Field Communications (NFC), the same technology used for tap-to-pay services at cash registers, or traditional USB-A ports. This system works with online services including Outlook, Skype, Facebook, and Gmail. Once you set it up, logging into those services is as easy as plugging the key into your computer and tapping the single button on top. This device puts advanced security in the palm of your hand. This device, like the next one we will talk about, is immune to malware programs such as keyloggers. This makes it much harder for hackers to gain access to your sensitive passwords.
OnlyKey: OnlyKey is a device similar to YubiKey but with added security. In addition to the USB functionality, OnlyKey has a six-key touchpad that allows you to key in a PIN that enables its use. This extra layer of security makes OnlyKey effective. Like YubiKey, this product is also compatible with Windows, Mac OS, Firefox, Chrome, Safari, and Edge. It is also compatible with online services such as Facebook, Google, Twitter, and GitHub.
Mic-Lock Microphone Blocker: This small device plugs into the 3.5 mm headphone jack on your mobile phone or laptop computer. It suppresses your device’s microphone input using proprietary technology. It prevents hackers or others from eavesdropping or recording your conversations without your knowledge. These devices are very inexpensive, too. A pack of five is $20 on Amazon.com.
Faraday Bags: Since most electronic devices are equipped with Wi-Fi, NFC, Bluetooth, and even radio and cellular antennae, they are susceptible to penetration and cloning by hackers. Faraday bags prevent that. These bags, which come in a wide array of sizes, are sleeves for your car key fob, passport, credit cards, cell phone, tablet, or even laptop.
Faraday bags are named after scientist Michael Faraday, who invented the “Faraday Cage.” These cages bend electromagnetic fields and pulses around themselves, protecting whatever is inside. This, more or less, is what keeps you safe inside an airplane during a lightning strike. Faraday bags work similarly. They are made of a mesh material that bends the electromagnetic pulses (EMP) and waves around the bag. These bags are smaller and easier to store than the big metal cages and can protect your equipment from hackers looking to penetrate your device or clone its signal.
These bags are also very inexpensive. You can pick one up at the website above for as little as $18 for a key fob-sized bag all the way up to briefcases and duffel bags.
