Black Friday is quickly bearing down upon us. For those not in the know, Black Friday is the day after Thanksgiving in the US, and traditionally marks the official start of Christmas shopping season, and as such, many vendors, retailers, and manufacturers offer steep discounts on their products and services.
This year, I’d like to start what I hope to make an annual tradition. In this blog post, I’d like to make a list of all known privacy- and security-related Black Friday deals. If you’re reading this closer to a future Black Friday after 2024, check out thenewoil.org/black-friday to be taken to the latest version of this blog. If you spot a deal that isn’t listed here, please send it to me so I can add it. I will try to update as often as I can.
It’s the gift-giving season, and the last time I wrote a blog post like this was four years go. My, how time flies. Anyways, I thought it might be nice to revisit this topic. As I said last time I did this, your mileage may vary. Not everyone will appreciate these or have the tech savvy to use them. It’s up to you to know what gifts are right for what person and what would actually make a good gift. But below are some items that I personally have dealt with or have my eye on that might also make good gifts for yourself, your home, or a tech-loving loved one around you. These gifts are not listed in any specific order.
For many, this month is when gift-giving season officially begins in the United States (and several other places, I presume) thanks to Black Friday, which is quickly consuming most of November in many cases. As a result, even though online shopping is something most of us engage in year-round, now it’s particularly important to discuss how to safely shop online. Below is my now-annual updated online shopping tips, reflecting techniques and strategies I've picked up in the last year. (Note: some of the services I suggest offer affiliate programs, which The New Oil has signed up for. You can see a list of our affiliates here and see our affiliate link policy here.)
Disclosure: we have an affiliate link with Proton VPN that gives us a small financial payout if you sign up for a paid plan using it. You can see our policy regarding affiliate links here.
What is a VPN?
If you found this page via a web search, there’s a possibility you’re not entirely sure what a VPN is or does. You may know that they help you bypass georestricted content – like sports or Netflix – or that they can protect you from cybercriminals (more on that in a moment), but you may not know how. The short, non-technical answer is that a VPN creates a secure, encrypted connection between your device (computer, phone, TV, router, etc) and the VPN Provider’s server. This has the effect of making it look like your device is wherever the server is located (usually another state/country, hence bypassing georestrictions) and as well as protecting your traffic from any local snoops (such as malicious public routers or nosy Internet Service Providers – or ISPs).
Do You Need a VPN?
If you’re here because you think a VPN will make you hacker-proof or anonymous, the answer is no. A VPN – contrary to much of the false marketing out there – will not do either of those things. VPNs can help mitigate these risks slightly. For example, the VPN providers I recommend do block some trackers, and changing your IP address will remove one way you can be identified and tracked online. However, modern internet tracking is far more complex than just blocking cookies and changing your IP address, so while a VPN can help, it’s not 100% effective. There’s a lot more that goes into online anonymity.
I am a firm believer that there are many privacy techniques you should focus on before encrypted messaging because they will offer you much more “bang for your buck,” things like good passwords, two-factor authentication, and even encrypted email. That said, I still believe that encrypted messaging is a critical part of a well-rounded privacy and security strategy. While the vast majority of our day-to-day conversations may be benign, it can still offer a lot of insight into who we are as people – our routines, likes, and personal thoughts. This information – mundane or not – is worth protecting.
Fortunately encrypted messaging has become nearly ubiquitous today due to the rise of services likes WhatsApp or – here in America – due to the large marketshare of iPhones and the resulting use of iMessage. However, I still think that we should always strive to do better when there’s room for improvement and in this case there is a lot of room to improve easily with very little cost. The only challenges facing users in this case would be the time to switch and the effort of convincing others. For those interested in taking on the challenge, here are the best options we currently have for encrypted messaging in 2024.
There are many ways to describe Voice-over-IP, or VoIP. I've seen it called an anonymous, internet, alias, or throwaway phone number (and more). Regardless of the name, I personally consider VoIP to be a healthy part of a good privacy and security strategy. The advantages are endless. For one, VoIP is harder to SIM Swap compared to a normal SIM phone number. VoIP can also help provide you privacy since most SIM numbers can easily be Googled or looked up on any number of the hundreds of people search sites and return information about the carrier and who the number is registered to. On the day-to-day, VoIP – combined with other strategies I recommend on The New Oil – can help reduce spam calls/texts, prevent would-be stalkers, create healthy work/life balances, control what information people (like prospective employers) can find about you, and help compartmentalize or reduce tracking by big corporations. Sadly, VoIP is a tool that's not widely available in many countries, but for those with access to it, VoIP can provide numerous benefits and should at very least be considered. So this week let's explore some of the best VoIP options currently available for consumers.
As some of you may have noticed, TNO hasn't really been updated in a hot minute. I was working on a major overhaul, one that deserves a blog post. Let's talk about it.
In recent weeks, I’ve noticed a rise in censorship regarding SMS communication that’s not being discussed. At all. I’m concerned that it may become a slippery slope that eventually effects us all. I don’t have any dramatic, prose-ridden introduction this week. Just some news, facts, and observations I wanted to share. So this week, follow me down the rabbit hole as I explore an existing but rising threat to our free speech and what we can do about it.
Email aliasing is one of the most underrated privacy techniques that has yet to go mainstream. For the privacy-conscious user, it offers a degree of separation between all your accounts, making it harder for data brokers to correlate your various accounts across different services by not using the same email address to sign up. For security, the same technique can also help defeat credential stuffing while obscuring your true email address, which is the central hub where all your identities can be managed (and the email address itself is literally half of the login information a would-be attacker would need to attempt to login). Your inbox is a critical thing to protect since a breach can offer information about additional accounts you have (via the emails already sitting in your inbox like updates, notifications, sign-in verifications, etc) as well as allowing an attacker to simply hit “reset password” on websites where you already have an account and thus take them over. As for mainstream users, the biggest advantage is probably the ability to manage spam more effectively – particularly from companies who refuse to respect opt-out links – from a single inbox, rather than having one inbox for professional use, then logging out and back into another for online shopping, then another for personal or newsletters, and so forth or simply having to give up and hope the spam filters don’t falsely flag anything important (or let junk though). Email aliasing makes effectively managing and controlling your inbox incredibly easy. With that in mind, this week, let’s examine some popular email aliasing services that the privacy community has to offer.
When I announced I would be closing my communities earlier this year, a curious thing happened: a surprising number of regulars replied with some variation of “I think this is my exit.” While some were specifically talking about Matrix, claiming that mine was the only room they were really active in and therefore they saw no point to having a Matrix account anymore, at least one specifically announced they would be quitting privacy entirely, save for a few basic techniques like using a password manager and being mindful of what to post online. While I didn’t expect the number of people responding that way, I was expecting that response from one or two people. If you check any given privacy forum – especially the ones with a heavy overlap of mainstream users such as Reddit – you’ll find no shortage of people asking “is all this work worth it?” and/or announcing that they’re giving up privacy because it’s too much work. So what gives? Is privacy worth the work?