When you think about online security, you think digital solutions. Install a reputable antivirus program; use end-to-end encryption. But protection can be physical as well. To up your security game, think outside the code with these IRL reinforcements.
Tape Over Your Webcam
If covering your webcam with tape sounds like overkill please take a moment to consider the work of these Russian trolls, who not only hacked into people’s devices and commandeered their cameras, but live-streamed them on YouTube. Pleasant! It’s a very real threat, with very real repercussions; aside from the creep factor, someone with access to your device’s camera can glean personal information from your surroundings. They could also know where you are—and who you’re with—whenever you’re within range. In one particularly unpleasant scheme, hackers caught a man in an onanistic moment and demanded $10,000 not to release the footage.
You get the point. Rather than become an unwitting victim—or an all-too-public horror story—just take a wee bit of painter’s tape. If you want to get fancy, Slate recommends something called Washi tape. And if you want to get even fancier, you can pick up a cheap webcam cover pretty much any ol’ place.
Slap on a Privacy Shield
Privacy guards are thin, physical covers that you can put on computer, laptop, or smartphone screens to constrain their viewing angles. Think of them like iPhone scratch protectors, with an anti-snooping bonus. When one is installed, someone looking straight-on sees everything normally, or at worst notices some minor shading. But anyone who tries to sneak a glance from the next seat over on an airplane, or from another table at a coffee shop, can’t see what’s on the screen. (That also speaks to a slight downside: These screens also make it difficult to, say, watch a movie with your kids on a tablet.)
Privacy filters are common on work devices, particularly those that process sensitive, valuable, or confidential information like at medical offices. But less sensitive devices are equally vulnerable to “shoulder surfing,” the simple act of catching a look at someone else’s screen. Think of all the times you’ve done just that, with or without ill intent, whether in line at the grocery store or in an auditorium at a conference.
Use a Physical Authentication Key
Two-factor authentication has become the standard for any decently protected online service. Turn it on, and a website or app will only log you in after you’ve proven your identity with something you know—a password—as well as something you have.
Until recently, two-factor relied almost entirely on your smartphone. You proved possession of it by entering a one-time code, sent by text message from the service you tried to log into, or better yet, by a code generated on the phone using a service like Google Authenticator. But phone accounts can be hijacked to redirect texts. Even authentication codes can be stolen, and used by someone who tricks you into entering them on a convincing phishing website.
A more robust form of two-factor authentication comes in the form of an actual USB or Bluetooth key that you carry on your keychain. Set up a Yubikey or other token that uses the so-called Universal Second Factor, or U2F, standard, and you’ll be asked to connect that dongle to any new computer before logging in. No one—not even you—will be able to access your account without that physical key in hand. And that’s the whole idea.
Tips for Regular Users (the Hackers are Still Circling):
Master passwords, lock down your smartphone, keep yourself secure from phishers, know how to deal with getting doxed, and, if you have kids, keep them safe online.