using privacy declaring search engine is not ensuring that you are not logged
- they could be lying (see numerous VPN providers claiming no logging and then leaking detailed logs)
- something else can be logging (keylogger, IPS, hacker attacking search engine, shoulder browsing)
using secure email provider and sending unencrypted email will not help at all
personal info that is not confidential at all is not problematic, so "confidential or personal" is not necessary
It is very easy (on desktop at least), has powerful effects, doable by anyone.
Also promotes using browser better than Chrome with upcoming defanging adblockers there, has anti-tracking included (in addition to blocking ads with tracking scripts)
It is one more tradeoff, personally I consider it as a feature (though for many it would be missing feature! and for many risks caused by storing passwords on someones else computer are outweighed by ease of use)
Especially if service has true 2FA, with no reset option vulnerable to social engineering
It will be used rarely or never but given potential for massive damage and "Enable 2-Factor Authentication" at recommended it should be also strongly recommended
Text itself limits itself to critical password, and recommending to rotate all passwords is not viable (as a datapoint: my password manager has over 300 passwords for online accounts)
- fix typos
- change "optimal security" to "increased security", in many cases it would not be optimal given how many things will break on Tor
- link issues discussing tradeoffs
In general I would make it more clear that it is not always worth doing. Maybe "Advanced" should be "Advanced, has serious tradeoffs" with word tradeoffs linking separate page documenting issues mentioned in #19?
- Adds 'Am I FLoCed' by the EFF
- Netcraft anti-phishing extension
- Mail Hero forwarder
- Adds VOIP section, with Mumble and Linphone
- Adds Mattermost and Dialog to team chats
