Use physical or USB safety keys and virtual private networks (VPN), as well as give incorrect answers to security questions are determining tools to maintain good hygiene in the digital field and protect both the ‘hardware’ and the ‘software’ of cyber -cyberrames.
The Digital hygiene It includes a series of resources and recommendations aimed at protecting the digital identity of people from current and future threats. It includes practices such as password protection, regular ‘software’ update and education in the responsible use of technology.
The data scientist and co -founder of Openai Andrej Karpathy has reviewed the most prominent digital habits to protect that users must take into account to protect their data. In a shared entrance to his blog, he has insisted on the need to take precautions when using digital services and sharing data with other users, as well as applications and the Internet.
First, he has recognized that the power of large technology companies generates “uncertainty.” This happens because they have the ability to create complete user profiles, monetize them directly for advertising purposes or sell them to other companies “data intermediation professionals”.
These “enrich them, discourage them, cross data and resell them”, which sometimes results in data leaks that end on the dark website and feed on “A clandestine industry of spammers and scammers “which includes ‘hackeos’, ‘phishing’, ‘ransomware’, credit card fraud, etc.
The co -founder of OpenAI has now created a guide that collects basic and specific advice on digital hygiene, starting with passwords, to which it has referred as the “first factor” of online safety, so it considers that it is necessary to create new, unique and safe credentials for each website or service in which users are registered.
In addition to this, he has recommended using a password manager, such as 1Password, which prevents passwords from being easy to decipher and filtering only once, and “doors open to many other services.”
On the other hand, it is convenient to use a USB key as “a second factor” to complicate the intentions of the attackers when accessing the data of their victims, which can be an effective tool against the use of the telephone number to confirm an action.
“The idea is that you receive a text message with a PIN code to log in, in addition to the password. This is much better than not having a second factor, but the use of a telephone number is known for being extremely insecuri due to the SIM exchange attack,” Karpathy valued.
A USB physical key like Yubikey generate and store a private key In the ‘hardware’ itself, which means that a user who wants to access certain data should know the password and also have this physical element. In this sense, it is advisable to buy and configure two or three USB keys and save them in different physical locations to avoid blocking if one of them is lost.
Finally, he pointed out biometry as the third common authentication factor, which he says also should Use it to access the password managers themselves. For example, dipositive users with iOS operating system can use Faceid to access 1 Password.
Security questions
Another section to take into account when improving digital hygiene is that of security questions, since on many occasions users can access them with a simple internet search. For example, they can know the name of the pet or the maternal last name through social networks.
When functioning as passwords, they should be treated as such and, therefore, you must opt for answers that are not real to mislead cybercriminals. Once these random responses have been generated, 1Password must be stored together with the passwords.
It is also recommended that the device has The disc encryption function, which uses information encryption to control the locking and unlocking of data from the unit; Something that happens for example in Mac computers, which have the ‘file vault’ tool.
Apps that do not store metadata
Karpathy has not been very much in favor of the so -called intelligent devices, of which he has said that they are “incredibly insecure computers connected to the Internet, which collect tons of data, They are constantly hacked and people voluntarily installs them in their homes. “
You also have to assess which are the most indicated applications to protect personal data, being Signal The outstanding in the messaging section. In front of similar services, such as Issssage and WhatsApp, this other ‘app’ does not store metadata.
On the other hand, it has advised to use Brave as a default browser, since it is based on Chromium and prioritizes privacy. It has support for all Chrome extensions, so it is like using this service, “but without Google having access to the digital life of users.”
In Karpathy’s opinion, the Brave search engine It also helps to protect user information and differs from Duckckgo in that this is only “an attractive appearance for Bing that is forced to establish strange alliances with Microsoft, which compromise user privacy.”
Multiple cards and VPN
Another recommendation is to create new and unique credit cards for each website, since when using only one, it is possible to link purchases with different services and the bank card number can be filtered. It is also advisable to establish spending limits to avoid unexpected disbursements.
With tools like Earth Class Mail y Virtual Post Mail A virtual postal address is obtained, which can be shared with any service and physical mail reaches that address, correspondence is digitized and managed through an application. Through it, these communications can be forwarded or destroyed.
The email service is another of the sections in which Karpathy puts the focus on this publication, where he recognizes gmail “for comfort” and being testing the service of Proton Mail. As for the content of the messages, it insists that it is not advisable to click on any link within an email or have the default image load activated in the application configuration.
“This is important because many services use embedded images to track you: they hide information within the URL of the image you receive, so that when your mail loads it, you can see that you opened it,” he clarified in this blog post.
Other of the indispensable tools to have good digital hygiene are the VPN, which allow hiding the IP and the location to other services, and the domain name or DNS blocker, which limit the ads and rakes.
Also, network monitors, thanks to which it is possible to verify what applications are communicated, How many data they exchange And when they do. In this way, it is possible to know what applications are connected to the network and what is your traffic.
Finally, Openai’s co -founder has stressed that working and personal life must be separated, So it is convenient not to log in or access personal services in work computers. This is because most have spy software to protect intellectual property, so that user information can reach the organization’s security department.