A Defensive Computing Checklist    by Michael Horowitz

NOTE: I gave a presentation on Defensive Computing at the HOPE conference in July 2022

HOME | Full Site Index | Domain Names | VPNs | iOS | Android | About | Rules of the Road | DC Presentation |

TWITTER

November 2022: Now that there are two types of blue checks, this is how you can tell which users have a real blue check vs. those who simply paid for it. Start at the twitter profile page. For example, for USA Today, go to twitter.com/usatoday. Then click on the blue check as shown here on the right. This will pop up a window explaining the type of blue check.

• LEAVING TWITTER FOR MASTODON
  
  To join Mastodon, you need to create an account on a Mastodon server. There are hundreds of different servers and picking one is an annoyance for a new user. Start with this list of Mastodon servers. The lingo is also annoying, as a server is called an "instance". fedi.tips is an informal, unofficial guide for non-technical people who want to use Mastodon.
• DOWNLOAD YOUR TWITTER DATA
  Twitter will send you a ZIP file with an archive of your account information, history, apps and devices, activity, interests, and Ads data.
  
  
  1. From twitter.com (while logged in): Click More in the main navigation menu -> Settings and privacy -> Your Account -> Download an archive of your data -> enter your password -> get a verification code and enter it -> click the blue Request Archive button
  2. Wait. They say it can take 24 hours or longer. If you use the app, you will be notified in the app when the data is ready. If you use the website, they email you when its ready.
  3. I was emailed a link, then had to enter my Twitter password and enter a temporary code they emailed. Then, I had to click a blue Download Archive button, then a second blue Download Archive button. This downloaded a file with a name like
     twitter-yyyy-mm-dd-randomnoise.zip, that was 47MB and contained two folders and an HTML file.
  4. More: How to access your Twitter data from Twitter (undated as of Feb. 2022)
• Don't give Twitter your phone number. If you did, either change it or turn off the setting for "phone number discoverability". From How Twitter's Default Settings Can Leak Your Phone Number by Gennie Gebhart of the EFF (Feb 2020).
• To improve the security and privacy of Twiiter, logon to twitter.com in a browser, then do: More -> Settings and Privacy -> Privacy and Safety and
  Turn off Location information
  Turn off Photo tagging
  Turn off Personalization and data
  Review options to "Receive messages from anyone" and "Discoverability and contacts"
• Make it harder to reset the Twitter password. At twitter.com -> Settings -> Security and account access -> Security. Turn on the "Password reset protect" checkbox. This requires providing either the phone number or email address associated with your account in order to reset your password. Along with this, it would be best to have a dedicated email address that is only used with Twitter. See the section here on Email for a number of ways to create multiple email addresses.
• FROM TWITTER
  1. About account security
  2. How to protect and unprotect your Tweets
  3. Assorted articles on Privacy
• Stop Twitter from sharing your location here twitter.com/settings/location. According to this Feb 2020 Reddit posting this may not be sufficient. You may need to use a VPN to really hide your location.
• You can configure an account to accept Direct Messages (DMs) from just people following you or from anyone in the world.
• Don't share: your birthday, your current location or that you will be away from home for a while.
• 7 steps to staying safe and secure on Twitter by Amer Owaida of Eset (March 2021). Covers hiding your location, protecting tweets from new followers, disabling photo tagging, limiting discoverability and more.
• How to Filter Out Twitter Trolls by Using Block Party by Yael Grauer for Consumer Reports (March 2021). The Block Party app can filter tweets according to a number of criteria and have the bad ones saved in a separate folder. It is a free service for those willing to apply and wait for an account. Or, for $8, you can get an account immediately.
• Twitter has a Safety and Security page with a section on dealing with abuse, including how to report it. From the article above.
• Two Factor Authentication: As of Nov. 22, 2019, Twitter lets you get started with 2FA using an Authenticator app. In the old days you had to start with SMS first which meant giving them your phone number. From twitter.com do: Settings & Privacy -> Account -> Security -> Two-Factor Authentication.
• Twitter privacy settings to change now by Heather Kelly for the Washington Post. Last updated October 2022.
• TweetDelete is a service that can mass delete Twitter posts based on their age or specific text they contain.
• Twitter URLs Can Be Manipulated to Spread Fake News and Scams by Ionut Ilascu (June 2019). Not sure what the defense here is, other than just being aware of this.
• If you care about privacy, you are probably better off using Twitter in a web browser, rather than the Twitter app.
• How to control your data on Twitter June 2016 by Tactical Tech

Copyright 2019 - 2023