HACKER Q&A
📣 heresie-dabord

What tech advice are you giving to those around you for 2023?


You have probably given advice to the vulnerable young and older people (as well as to self-declared "technotwits") about technology in the coming year.

What are your top 5 tips for the coming year? I'm advising:

* Do upgrade any device that doesn't receive OS updates (mobile devices are a particular concern)

* On mobile, do use an encrypted chat app (e.g. Messages with RCS, Signal, &c)

* Don't use identifying information as a password and don't re-use passwords

* Don't answer phone calls from unknown sources

* End any communication where someone asks you to do something insecure (e.g. "give me your password so I can check your account")

  👤 birdymcbird Accepted Answer ✓
If you consume online content that makes you angry at one group or another group, the reality of it likely isn’t so black and white. You’re likely being fed a narrative to shape your opinion.
👤 roey2009
If you question whether your electronic device is compromised, it probably is.

If you question if your electronic device has exploitable vurnabilities, the answer is absolutely yes.

Don't store private info on your electronics, if you can't handle them leaking. (Nude photos, bank credentials)

Commercial VPNs are not as useful and secure as you think.

I personally cover the front facing cameras on my laptop and mobile, on the assumption that if someone were to gain access to my phone, that's the first thing they would look at.

Don't connect to random public WiFi. If you do, don't login to any online account on it, or send confidential information.

👤 eternityforest
* The algorithm likes it when you're angry or sad or anything that makes you engage more. Your idea of what "everyone" is into these days is probably what the algorithm tells you.

* 2 Factor authentication. Always. Ignore anyone who says it's useless. It's just as important than strong passwords if your goal is to keep out random script kiddies.

* Don't buy anything linked to a cloud account that doesn't work without it. Unless it's like, really cheap, I can't blame you for that even though it's a minor environmental concern.

* Use Bitwarden to manage your passwords. Let it generate them for you. Use 2FA on your vault.

* Stay away from wannabe Apple companies selling some expensive luxury thing made of delicate real glass that needs their subscription to work and is missing 90% of the features everyone else has.

You probably don't need whatever Juicero-alike they invent next or some expensive headphones with no bluetooth or noise canceling.

* Look for standards and ecosystems everyone else uses. Matter, USB-C, MicroSD cards, etc. Avoid things that do everything different for no reason.

* Back. Everything. Up. Do NOT use anything that makes that hard. Use. Backups.

* If you have to ask, it's probably spying. You decide whether you care or not for yourself.

* If it's not spying, you're probably using it to talk to other people who do use spy devices, like me.

* FOSS is often good now. You probably don't need to pay for software.

👤 solardev
Stop using so much tech and get outside more. Let go of the FOMO and you'll be much happier. Delete all your social media.

(I should listen to this advice too).

👤 toastal
• Ditch proprietary platforms for communication (Facebook, Twitter, Instagram, TikTok WhatsApp, LINE, Discord, Telegram). Consider XMPP with OMEMO, Matrix, IRC, Mastodon, Discourse, etc.

• Ditch proprietary code forges (GitHub) and offer at a minimum an email to send patches for folks not interested in creating accounts on your platform.

• Enable 2FA, and email support and bitch when SMS and TOTP is only supported through a proprietary app. Buy a hardware token if you can afford it and it's not a massive inconvenience (and message support to add that too).

• When meeting new contacts, share a VCF file so we don't end up in a situation where the only way to contact you is a closed platform that now imploded (Twitter) where email is the lowest common denominator

• Add or reenable your Atom/RSS feed for your content. Consider following others to break out of algorithms.

Bonus:

• Give Linux an honest go this year (or BSD, OpenIndiana, or other 'weird' FOSS option)

👤 heliophobicdude
If you grant an application access to your contacts, you are sharing the private data, perhaps PII, of others.
👤 plaguepilled
Use FOSS whenever you can.

Use proprietary blobs if you're "just trying to get it to work", and give yourself the grace to do things piecemeal while you learn.

If you can stomach it, delete your tiktok, twitter, and Facebook.

Learn about your country's data laws.

Get outside more, preferably with exercise (this is a big one).

👤 nathanaldensr
The advice I'm giving people is to avoid tech as much as possible--to simplify one's life. Tech has long ago left the realm of useful tool and is instead being used to spy on people, foment and continue addiction, manipulate our brains' chemistry, and, in general, to do evil. I'm not saying all tech is evil, but a sufficient amount of it is for me to try and eliminate it from my life as much as possible.

You should see my kids' behavior when grounding them and banning video games; they are addicts going through withdrawal.

Source: 28 years in software development and adjacent roles.

👤 wildrhythms
Use the unsubscribe links or 'mark as spam' feature in your emails. It takes an extra few seconds, but you'll be happy when your inbox only contains things that matter to you.
👤 karp773
Do not use Telegram. It is an FSB (ex-KGB) operation.
👤 whydat_whodat
A couple bits of advice I've recently given are focused on IT-skills knowledge sources.

- Explore KodeKloud.com as a Udemy alternative, especially to learn more about general internet infrastructure (especially if you lack a CS or CIS degree, as I do), cloud providers, etc. (From what I've read it's more recently updated than ACloudGuru)

- Explore Roadmap.sh for a roadmap of knowledge necessary to become a web app, infrastructure, or phone app engineer.

👤 CharlesW
My single, multi-step recommendation is to commit to improving password hygiene.

1. Use a good¹ password manager for everything.

2. Upgrade at least critical logins to use 2FA, which becomes much easier when using a password manager.

3. Use password manager features that allow you to detect weak and compromised passwords, and fix those.

¹ I'm recommending 1Password to less-technical friends/relatives, and 1Password or Bitwarden to tech-savvier folks.

👤 1270018080
- Switch off of Chrome to Firefox if you can and install ublock origin.

- Don't do anything crypto/blockchain related (this is more of an annual reminder).

- Stop getting news from Facebook, it's melting your brain.

- Set up 2fa on everything you can.

👤 jesuscript
Print back up codes for iCloud/gmail. Get a small bank lockbox and put it there.

And stop giving data to these companies. It may not matter in the broader society since the average person won’t stop, but we devs can stop giving data to things like copilot. Switch off GitHub. Use Brave or Firefox.

👤 shsteimer_1
Ignore crypto. 98% of it is bullshit and fraud, and you (and I) aren’t smart enough to pick out the 2% that isn’t.
👤 insomniacity
De-Google your life. Perhaps Search is fine - but absolutely remove all dependency on Gmail or Google Accounts.
👤 culi
We should make a browser extension that encapsulates all this advice. Or at least the ones relevant to the way you use the web. Much easier to get your non-tech savvy family install an extension that will continuously help them (and that we can continuously update) rather than just giving them a wall of advice they'll forget
👤 lloydatkinson
Disable browser push notifications or do it for them https://www.lloydatkinson.net/posts/2022/consider-disabling-...
👤 seydor
download their files and delete them from cloud systems. Not only have all passwords been leaked by now, but there is a vicious downturn coming in which crime will increase in magnitude and sophistication. This is time to decentralize

Don't download apps - use web versions

👤 throwaway378037
Stop using LastPass
👤 fsflover
* Use Linux (and I install it for them)

* Use Firefox (same)

* Use PrivacyBadger Firefox plugin (same)

Works like a charm (fortunately they do not require any Windows-specific apps)

👤 devinegan
If you are in the Apple ecosystem of products update all your devices and turn “Advanced Data Protection” on.
👤 mimiminimi
If you value your privacy, don't own/use a mobile phone.
👤 thiht
- Block ads: uBlock Origin on desktop or Firefox Android, AdGuard on iOS, SmartTubeNext on Android TV

- Use a password manager, just maybe not LastPass

- Avoid Google products

👤 nonoesp
Learn how to encrypt and decrypt sensitive data
👤 leftcenterright
- Use 2fa everywhere

- Showed them how to use ublock origin, they love it

- If you have to enter your PII and the site/service doesn't really need it, try to not give them correct information (fictitious date-of-births for example work on a lot of sites which honestly don't really need it but do ask for it to harvest data or do age verification etc.)

- Take a phishing quiz to be aware of what's out there: https://phishingquiz.withgoogle.com/

- Request data deletion under GDPR (if applicable) for sites which you no longer use but still have accounts on

👤 gardenhedge
* use mfa

* don't use tiktok

👤 markus_zhang
Just curious, regarding privacy in general, are the new iPhones still better than the Android phones?
👤 Fire-Dragon-DoL
Drop Lastpass